<?php //initialize data from controller $data = Post_Controller::_list(); if ($data['warning'] != '') { echo $data['warning']; } ?> <div id="posts-list"> <div id = "new-post" class="add"><img class="icon" src='/public/images/blog.png'/><div class="button-text"> Add new blog post</div></div> <h2>Blog Posts</h2> <?php /** * Form to submit new post. On page load, this form is hidden * Clicking on the Add new blog post button will make it appear * Sends data to itself (index.php) via method post * Sends hidden value 'create_post' so that the controller knows * which form was sent */ ?> <div id= "add-new"> <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?> " method="post"> <input type="text" placeholder="Blog Title" name ="title"/> <textarea placeholder="Enter blog post content" name = "text"></textarea> <input type = "hidden" value ="true" name="create_post"/> <button type = "submit" value="Submit" class="add"><img class="icon" src='/public/images/add.png'/><div class="button-text"> Submit</div></button> </form> </div>
/** * This function processes posting/editing/deleting a calendar event. * * - calls action_post() function if event is linked to a post. * - calls insertEvent() to insert the event if not linked to post. * * It requires the calendar_post permission to use. * It uses the event_post sub template in the Calendar template. * It is accessed with ?action=calendar;sa=post. */ public function action_post() { global $context, $txt, $user_info, $scripturl, $modSettings, $topic; // You need to view what you're doing :P isAllowedTo('calendar_view'); // Well - can they post? isAllowedTo('calendar_post'); // We need this for all kinds of useful functions. require_once SUBSDIR . '/Calendar.subs.php'; // Cast this for safety... $event_id = isset($_REQUEST['eventid']) ? (int) $_REQUEST['eventid'] : null; // Submitting? if (isset($_POST[$context['session_var']], $event_id)) { checkSession(); // Validate the post... if (!isset($_POST['link_to_board'])) { validateEventPost(); } // If you're not allowed to edit any events, you have to be the poster. if ($event_id > 0 && !allowedTo('calendar_edit_any')) { isAllowedTo('calendar_edit_' . (!empty($user_info['id']) && getEventPoster($event_id) == $user_info['id'] ? 'own' : 'any')); } // New - and directing? if ($event_id == -1 && isset($_POST['link_to_board'])) { $_REQUEST['calendar'] = 1; require_once CONTROLLERDIR . '/Post.controller.php'; $controller = new Post_Controller(); return $controller->action_post(); } elseif ($event_id == -1) { $eventOptions = array('id_board' => 0, 'id_topic' => 0, 'title' => Util::substr($_REQUEST['evtitle'], 0, 100), 'member' => $user_info['id'], 'start_date' => sprintf('%04d-%02d-%02d', $_POST['year'], $_POST['month'], $_POST['day']), 'span' => isset($_POST['span']) && $_POST['span'] > 0 ? min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1) : 0); insertEvent($eventOptions); } elseif (isset($_REQUEST['deleteevent'])) { removeEvent($event_id); } else { // There could be already a topic you are not allowed to modify if (!allowedTo('post_new') && empty($modSettings['disableNoPostingCalendarEdits'])) { $eventProperties = getEventProperties($event_id, true); } $eventOptions = array('title' => Util::substr($_REQUEST['evtitle'], 0, 100), 'span' => empty($modSettings['cal_allowspan']) || empty($_POST['span']) || $_POST['span'] == 1 || empty($modSettings['cal_maxspan']) || $_POST['span'] > $modSettings['cal_maxspan'] ? 0 : min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1), 'start_date' => strftime('%Y-%m-%d', mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year'])), 'id_board' => isset($eventProperties['id_board']) ? (int) $eventProperties['id_board'] : 0, 'id_topic' => isset($eventProperties['id_topic']) ? (int) $eventProperties['id_topic'] : 0); modifyEvent($event_id, $eventOptions); } // No point hanging around here now... redirectexit($scripturl . '?action=calendar;month=' . $_POST['month'] . ';year=' . $_POST['year']); } // If we are not enabled... we are not enabled. if (empty($modSettings['cal_allow_unlinked']) && empty($event_id)) { $_REQUEST['calendar'] = 1; require_once CONTROLLERDIR . '/Post.controller.php'; $controller = new Post_Controller(); return $controller->action_post(); } // New? if (!isset($event_id)) { $today = getdate(); $context['event'] = array('boards' => array(), 'board' => 0, 'new' => 1, 'eventid' => -1, 'year' => isset($_REQUEST['year']) ? $_REQUEST['year'] : $today['year'], 'month' => isset($_REQUEST['month']) ? $_REQUEST['month'] : $today['mon'], 'day' => isset($_REQUEST['day']) ? $_REQUEST['day'] : $today['mday'], 'title' => '', 'span' => 1); $context['event']['last_day'] = (int) strftime('%d', mktime(0, 0, 0, $context['event']['month'] == 12 ? 1 : $context['event']['month'] + 1, 0, $context['event']['month'] == 12 ? $context['event']['year'] + 1 : $context['event']['year'])); // Get list of boards that can be posted in. $boards = boardsAllowedTo('post_new'); if (empty($boards)) { fatal_lang_error('cannot_post_new', 'permission'); } // Load the list of boards and categories in the context. require_once SUBSDIR . '/Boards.subs.php'; $boardListOptions = array('included_boards' => in_array(0, $boards) ? null : $boards, 'not_redirection' => true, 'selected_board' => $modSettings['cal_defaultboard']); $context += getBoardList($boardListOptions); } else { // Reload the event after making changes $context['event'] = getEventProperties($event_id); if ($context['event'] === false) { fatal_lang_error('no_access', false); } // If it has a board, then they should be editing it within the topic. if (!empty($context['event']['topic']['id']) && !empty($context['event']['topic']['first_msg'])) { // We load the board up, for a check on the board access rights... $topic = $context['event']['topic']['id']; loadBoard(); } // Make sure the user is allowed to edit this event. if ($context['event']['member'] != $user_info['id']) { isAllowedTo('calendar_edit_any'); } elseif (!allowedTo('calendar_edit_any')) { isAllowedTo('calendar_edit_own'); } } // Template, sub template, etc. loadTemplate('Calendar'); $context['sub_template'] = 'unlinked_event_post'; $context['page_title'] = isset($event_id) ? $txt['calendar_edit'] : $txt['calendar_post_event']; $context['linktree'][] = array('name' => $context['page_title']); }