/** * Changes the frontpage state of one or more articles * */ function toggleFrontPage() { global $mainframe; // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // Initialize variables $db =& JFactory::getDBO(); $cid = JRequest::getVar('cid', array(), 'post', 'array'); $option = JRequest::getCmd('option'); $msg = null; JArrayHelper::toInteger($cid); if (count($cid) < 1) { $msg = JText::_('Select an item to toggle'); $mainframe->redirect('index.php?option=' . $option, $msg, 'error'); } /* * We need to update frontpage status for the articles. * * First we include the frontpage table and instantiate an instance of * it. */ require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_frontpage' . DS . 'tables' . DS . 'frontpage.php'; $fp = new TableFrontPage($db); foreach ($cid as $id) { // toggles go to first place if ($fp->load($id)) { if (!$fp->delete($id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } else { // new entry $query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $id . ', 0 )'; $db->setQuery($query); if (!$db->query()) { JError::raiseError(500, $db->stderr()); return false; } $fp->ordering = 0; } $fp->reorder(); } $cache =& JFactory::getCache('com_content'); $cache->clean(); $mainframe->redirect('index.php?option=' . $option, $msg); }
function saveArticle() { // Initialize variables $db =& FabrikWorker::getDbo(); $user =& JFactory::getUser(); $dispatcher =& JDispatcher::getInstance(); JPluginHelper::importPlugin('content'); $this->_postFabrikDataAsArticleData(); $details = JRequest::getVar('details', array(), 'post', 'array'); $option = JRequest::getCmd('option'); $sectionid = JRequest::getVar('sectionid', 0, '', 'int'); $nullDate = $db->getNullDate(); $row =& FabTable::getInstance('content'); if (!$row->bind(JRequest::get('post'))) { JError::raiseError(500, $db->stderr()); return false; } $row->bind($details); // sanitise id field $row->id = (int) $row->id; $this->_isNew = true; // Are we saving from an item edit? if ($row->id) { $this->_isNew = false; $datenow = JFactory::getDate(); $row->modified = $datenow->toMySQL(); $row->modified_by = $user->get('id'); } $row->created_by = $row->created_by ? $row->created_by : $user->get('id'); if ($row->created && strlen(trim($row->created)) <= 10) { $row->created .= ' 00:00:00'; } $config =& JFactory::getConfig(); $tzoffset = $config->getValue('config.offset'); $date =& JFactory::getDate($row->created, $tzoffset); $row->created = $date->toMySQL(); // Append time if not added to publish date if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $date =& JFactory::getDate($row->publish_up, $tzoffset); $row->publish_up = $date->toMySQL(); // Handle never unpublish date if (trim($row->publish_down) == JText::_('Never') || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $date =& JFactory::getDate($row->publish_down, $tzoffset); $row->publish_down = $date->toMySQL(); } // Get a state and parameter variables from the request // should probably punt this logic into the controller, but for now ... $articlePublishElementName = $this->_elementBaseName($this->_articlePublishElement); $row->state = $this->_formModel->_formData[$articlePublishElementName]; // probably an array, i.e. coming from a yes/no radio or dropdown if (is_array($row->state)) { $row->state = $row->state[0]; } $params = JRequest::getVar('params', null, 'post', 'array'); $row->params = json_encode($params); // Get metadata string $metadata = JRequest::getVar('meta', null, 'post', 'array'); if (is_array($metadata)) { $txt = array(); foreach ($metadata as $k => $v) { if ($k == 'description') { $row->metadesc = $v; } elseif ($k == 'keywords') { $row->metakey = $v; } else { $txt[] = "{$k}={$v}"; } } $row->metadata = implode("\n", $txt); } // Prepare the content for saving to the database ContentHelper::saveContentPrep($row); // Make sure the data is valid if (!$row->check()) { JError::raiseError(500, $db->stderr()); return false; } // Increment the content version number $row->version++; $result = $dispatcher->trigger('onBeforeContentSave', array(&$row, $this->_isNew)); if (in_array(false, $result, true)) { JError::raiseError(500, $row->getError()); return false; } // Store the content to the database if (!$row->store()) { JError::raiseError(500, $db->stderr()); return false; } $this->_articleId = $row->id; // Check the article and update item order $row->checkin(); $row->reorder('catid = ' . (int) $row->catid . ' AND state >= 0'); // * // * We need to update frontpage status for the article. // * // * First we include the frontpage table and instantiate an instance of it. // * require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_frontpage' . DS . 'tables' . DS . 'frontpage.php'; $fp = new TableFrontPage($db); // Is the article viewable on the frontpage? if (JRequest::getVar('frontpage', 0, '', 'int')) { // Is the item already viewable on the frontpage? if (!$fp->load($row->id)) { // Insert the new entry $query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $row->id . ', 1 )'; $db->setQuery($query); if (!$db->query()) { JError::raiseError(500, $db->stderr()); return false; } $fp->ordering = 1; } } else { // Delete the item from frontpage if it exists if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->reorder(); $cache =& JFactory::getCache('com_content'); $cache->clean(); $dispatcher->trigger('onAfterContentSave', array(&$row, $this->_isNew)); }
/** * Saves the content item an edit form submit * * @todo */ function save() { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // Initialize variables $db =& JFactory::getDBO(); $user =& JFactory::getUser(); $task = JRequest::getVar('task', null, 'default', 'cmd'); // Make sure you are logged in and have the necessary access rights if ($user->get('gid') < 19) { JError::raiseError(403, JText::_('ALERTNOTAUTH')); return; } // Create a user access object for the user $access = new stdClass(); $access->canEdit = $user->authorize('com_content', 'edit', 'content', 'all'); $access->canEditOwn = $user->authorize('com_content', 'edit', 'content', 'own'); $access->canPublish = $user->authorize('com_content', 'publish', 'content', 'all'); if (!($access->canEdit || $access->canEditOwn)) { JError::raiseError(403, JText::_("ALERTNOTAUTH")); } //get data from the request $model = $this->getModel('article'); //get data from request $post = JRequest::get('post'); $post['text'] = JRequest::getVar('text', '', 'post', 'string', JREQUEST_ALLOWRAW); //preform access checks $isNew = (int) $post['id'] < 1; if ($model->store($post)) { $msg = JText::_('Article Saved'); if ($isNew) { $post['id'] = (int) $model->get('id'); } } else { $msg = JText::_('Error Saving Article'); JError::raiseError(500, $model->getError()); } // manage frontpage items //TODO : Move this into a frontpage model require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_frontpage' . DS . 'tables' . DS . 'frontpage.php'; $fp = new TableFrontPage($db); if (JRequest::getVar('frontpage', false, '', 'boolean')) { // toggles go to first place if (!$fp->load($post['id'])) { // new entry $query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $post['id'] . ', 1 )'; $db->setQuery($query); if (!$db->query()) { JError::raiseError(500, $db->stderr()); } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($post['id'])) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->reorder(); $model->checkin(); // gets section name of item $query = 'SELECT s.title' . ' FROM #__sections AS s' . ' WHERE s.scope = "content"' . ' AND s.id = ' . (int) $post['sectionid']; $db->setQuery($query); // gets category name of item $section = $db->loadResult(); $query = 'SELECT c.title' . ' FROM #__categories AS c' . ' WHERE c.id = ' . (int) $post['catid']; $db->setQuery($query); $category = $db->loadResult(); if ($isNew) { // messaging for new items require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_messages' . DS . 'tables' . DS . 'message.php'; // load language for messaging $lang =& JFactory::getLanguage(); $lang->load('com_messages'); $query = 'SELECT id' . ' FROM #__users' . ' WHERE sendEmail = 1'; $db->setQuery($query); $users = $db->loadResultArray(); foreach ($users as $user_id) { $msg = new TableMessage($db); $msg->send($user->get('id'), $user_id, JText::_('New Item'), JText::sprintf('ON_NEW_CONTENT', $user->get('username'), $post['title'], $section, $category)); } } else { // If the article isn't new, then we need to clean the cache so that our changes appear realtime :) $cache =& JFactory::getCache('com_content'); $cache->clean(); } // if ($access->canPublish) // { // Publishers, admins, etc just get the stock msg $msg = JText::_('Item successfully saved.'); // } // else // { // $msg = $isNew ? JText::_('THANK_SUB') : JText::_('Item successfully saved.'); // } $referer = JRequest::getString('ret', base64_encode(JURI::base()), 'get'); $referer = base64_decode($referer); if (!JURI::isInternal($referer)) { $referer = ''; } $this->setRedirect($referer, $msg); }
function newPost($blogid, $username, $password, $content, $publish) { global $mainframe, $xmlrpcerruser, $xmlrpcI4, $xmlrpcInt, $xmlrpcBoolean, $xmlrpcDouble, $xmlrpcString, $xmlrpcDateTime, $xmlrpcBase64, $xmlrpcArray, $xmlrpcStruct, $xmlrpcValue; // load plugin params info $plugin =& JPluginHelper::getPlugin('xmlrpc', 'metaweblog'); $params = new JParameter($plugin->params); if (!plgXMLRPCmetaWeblogHelper::authenticateUser($username, $password)) { return new xmlrpcresp(0, $xmlrpcerruser + 1, "Login Failed"); } $user =& JUser::getInstance($username); if ($user->get('gid') < 19) { return new xmlrpcresp(0, $xmlrpcerruser + 1, JText::_('You don\'t have enough rights to submit articles')); } // Create a user access object for the user $access = new stdClass(); $access->canEdit = $user->authorize('com_content', 'edit', 'content', 'all'); $access->canEditOwn = $user->authorize('com_content', 'edit', 'content', 'own'); $access->canPublish = $user->authorize('com_content', 'publish', 'content', 'all'); /*if (!$access->canEditOwn) { return new xmlrpcresp(0, $xmlrpcerruser+1, JText::_('Not enough rights to edit articles')); }*/ $catFrontPage = false; if (($catFrontPage_position = array_search('Frontpage', $content['categories'])) !== FALSE) { $catFrontPage = true; if ($catFrontPage_position == 0) { $content['categories'][0] = $content['categories'][1]; } } $db =& JFactory::getDBO(); $db->setQuery("SET NAMES 'utf8'"); $category = substr($content['categories'][0], 0, strpos($content['categories'][0], ' (')); $query = 'SELECT id,section FROM #__categories WHERE title=' . $db->Quote($category); if (!$category) { $category = $params->get('catid'); $query = 'SELECT id,section FROM #__categories WHERE id=' . $db->Quote($category); } $db->setQuery($query); $cat = $db->loadObjectList(); // create a new content item $item =& JTable::getInstance('content'); //using <hr> as a read more separator $startReadMoreLine = strpos($content['description'], '<hr'); $finishReadMoreLine = strpos($content['description'], '>', $startReadMoreLine); if ($startReadMoreLine !== false && $finishReadMoreLine !== false && $params->get('hrReadMore')) { $introtext = substr($content['description'], 0, $startReadMoreLine); $fulltext = substr($content['description'], $finishReadMoreLine + 1); } elseif ($content['more_text']) { $introtext = $content['description']; $fulltext = $content['more_text']; } elseif ($content['mt_text_more']) { $introtext = $content['description']; $fulltext = $content['mt_text_more']; } elseif (strpos($content['description'], '<!--more-->') !== false) { $startReadMoreLine = strpos($content['description'], '<!--more-->'); $finishReadMoreLine = $startReadMoreLine + 11; //after <!--more--> $introtext = substr($content['description'], 0, $startReadMoreLine); $fulltext = substr($content['description'], $finishReadMoreLine); } else { $introtext = $content['description']; $fulltext = ''; } jimport('joomla.filter.filteroutput'); $db->setQuery("SET NAMES 'utf8'"); $item->title = html_entity_decode($content['title'], ENT_QUOTES, 'UTF-8'); $item->introtext = $introtext; $item->fulltext = $fulltext; $item->alias = JFilterOutput::stringURLSafe($item->title); $item->catid = $cat[0]->id; $item->sectionid = $cat[0]->section; $item->created = date('Y-m-d H:i:s'); $item->created_by = $user->get('id'); $item->publish_up = $publish ? date('Y-m-d') : $db->getNullDate(); $item->publish_down = $db->getNullDate(); $item->state = $publish && $access->canPublish; $item->version++; if (!$item->store()) { return new dom_xmlrpc_fault('500', 'Post store failed'); } if ($params->get('frontpage') == 1 or $params->get('frontpage') == 2 && $catFrontPage) { //this code is from administrator/components/com_content/controller.php $fp = new TableFrontPage($db); // Is the item already viewable on the frontpage? if (!$fp->load($row->id)) { // Insert the new entry $query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $item->id . ', 1 )'; $db->setQuery($query); if (!$db->query()) { return new dom_xmlrpc_fault('500', 'Post to the frontpage failed'); } $fp->ordering = 1; } $fp->reorder(); $cache =& JFactory::getCache('com_content'); $cache->clean(); } return new xmlrpcresp(new xmlrpcval($item->id, $xmlrpcString)); }
function storeArticle() { global $mainframe; $db =& JFactory::getDBO(); $user =& JFactory::getUser(); $row =& JTable::getInstance('content'); if (!$row->bind(JRequest::get('post'))) { return false; } $row->created_by = $row->created_by ? $row->created_by : $user->get('id'); if ($row->created && strlen(trim($row->created)) <= 10) { $row->created .= ' 00:00:00'; } $config =& JFactory::getConfig(); $tzoffset = $config->getValue('config.offset'); $date =& JFactory::getDate($row->created, $tzoffset); $row->created = $date->toMySQL(); // Append time if not added to publish date if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $date =& JFactory::getDate($row->publish_up, $tzoffset); $row->publish_up = $date->toMySQL(); // Handle never unpublish date if (trim($row->publish_down) == JText::_('Never') || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $date =& JFactory::getDate($row->publish_down, $tzoffset); $row->publish_down = $date->toMySQL(); } // Get a state and parameter variables from the request $row->state = JRequest::getVar('state', 0, '', 'int'); // Get submitted text from the request variables $text = JRequest::getVar('text', '', 'post', 'string', JREQUEST_ALLOWRAW); // Clean text for xhtml transitional compliance $text = str_replace('<br>', '<br />', $text); // Search for the {readmore} tag and split the text up accordingly. $pattern = '#<hr\\s+id=("|\')system-readmore("|\')\\s*\\/*>#i'; $tagPos = preg_match($pattern, $text); if ($tagPos == 0) { $row->introtext = $text; } else { list($row->introtext, $row->fulltext) = preg_split($pattern, $text, 2); } // Filter settings jimport('joomla.application.component.helper'); $config = JComponentHelper::getParams('com_content'); $user =& JFactory::getUser(); $gid = $user->get('gid'); $filterGroups = $config->get('filter_groups'); // convert to array if one group selected if (!is_array($filterGroups) && (int) $filterGroups > 0) { $filterGroups = array($filterGroups); } if (is_array($filterGroups) && in_array($gid, $filterGroups)) { $filterType = $config->get('filter_type'); $filterTags = preg_split('#[,\\s]+#', trim($config->get('filter_tags'))); $filterAttrs = preg_split('#[,\\s]+#', trim($config->get('filter_attritbutes'))); switch ($filterType) { case 'NH': $filter = new JFilterInput(); break; case 'WL': $filter = new JFilterInput($filterTags, $filterAttrs, 0, 0, 0); // turn off xss auto clean break; case 'BL': default: $filter = new JFilterInput($filterTags, $filterAttrs, 1, 1); break; } $row->introtext = $filter->clean($row->introtext); $row->fulltext = $filter->clean($row->fulltext); } elseif (empty($filterGroups) && $gid != '25') { // no default filtering for super admin (gid=25) $filter = new JFilterInput(array(), array(), 1, 1); $row->introtext = $filter->clean($row->introtext); $row->fulltext = $filter->clean($row->fulltext); } // Make sure the data is valid if (!$row->check()) { return false; } // Increment the content version number $row->version++; // Store the content to the database if (!$row->store()) { return false; } // Check the article and update item order $row->checkin(); $row->reorder('catid = ' . (int) $row->catid . ' AND state >= 0'); require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_frontpage' . DS . 'tables' . DS . 'frontpage.php'; $fp = new TableFrontPage($db); // Is the article viewable on the frontpage? if (JRequest::getVar('frontpage', 0, '', 'int')) { // Is the item already viewable on the frontpage? if (!$fp->load($row->id)) { // Insert the new entry $query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $row->id . ', 1 )'; $db->setQuery($query); if (!$db->query()) { JError::raiseError(500, $db->stderr()); return false; } $fp->ordering = 1; } } $fp->reorder(); $cache =& JFactory::getCache('com_content'); $cache->clean(); //create menu item when link to menu option if (JRequest::getInt('linkmenu') == 1 && JRequest::getVar('mt') != "") { $lastId = $row->id; $postmenu = array(); $postmenu['parent'] = JRequest::getVar('mi'); if ($postmenu['parent'] > 0) { $query = 'SELECT sublevel FROM #__menu WHERE id = ' . (int) $postmenu['parent']; $this->_db->setQuery($query); $sublevel = $this->_db->loadResult() + 1; } $postmenu['sublevel'] = $sublevel; $postmenu['menutype'] = JRequest::getVar('mt'); //set section name if no menu name $postmenu['name'] = JRequest::getVar('menuname') == "" ? $post = JRequest::getVar('title') : JRequest::getVar('menuname'); if ($this->paramenu == 1) { $postmenu['published'] = JRequest::getVar('state'); $postmenu['access'] = JRequest::getVar('access'); } else { $postmenu['published'] = 0; $postmenu['access'] = 0; } $postmenu['link'] = 'index.php?option=com_content&view=article&id=' . $lastId; //get id from component content $query = "SELECT id FROM #__components WHERE `option` = 'com_content' LIMIT 1 "; $this->_db->setQuery($query); $contid = $this->_db->loadObject(); $postmenu['componentid'] = $contid->id; $postmenu['type'] = 'component'; $rowm =& JTable::getInstance('menu'); if (!$rowm->bind($postmenu)) { return false; } if (!$rowm->check()) { return false; } // if new item order last in appropriate group if (!$rowm->id) { $where = "menutype = " . $this->_db->Quote($postmenu['menutype']) . " AND published >= 0 AND parent = " . (int) $postmenu['parent']; $rowm->ordering = $rowm->getNextOrder($where); } if (!$rowm->store()) { return false; } } return true; }
function saveMassContent($option = null) { global $mainframe; jimport('joomla.utilities.date'); $config =& JFactory::getConfig(); $tzoffset = $config->getValue('config.offset'); $database =& JFactory::getDBO(); $nullDate = $database->getNullDate(); $params = JComponentHelper::getParams('com_masscontent'); $menu = strval(JRequest::getVar('menuselect', '', 'POST')); $addMenu = strval(JRequest::getVar('addMenu', '', 'POST')); $archived = strval(JRequest::getVar('state2', '', 'POST')); $frontpage = strval(JRequest::getVar('frontpage', '', 'POST')); $parent = strval(JRequest::getVar('menuselect3', '', 'POST')); $created_by_alias = strval(JRequest::getVar('created_by_alias', '', 'POST')); $msg = ""; $row =& $this->getTable(); if (!$row->bind(JRequest::get('post'))) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->metadata = ""; if ($row->robots != "") { $row->metadata = "robots=" . $row->robots . "\n"; } if ($row->author != "") { $row->metadata .= "author=" . $row->author; } if ($row->metadata == "") { $row->metadata = "robots=\nauthor="; } if ($row->created && strlen(trim($row->created)) <= 10) { $row->created .= ' 00:00:00'; } $date = new JDate($row->created, $tzoffset); $row->created = $date->toMySQL(); if ($row->publish_up && strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $date = new JDate($row->publish_up, $tzoffset); $row->publish_up = $date->toMySQL(); // Handle never unpublish date if (trim($row->publish_down) == JText::_('Never') || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $date = new JDate($row->publish_down, $tzoffset); $row->publish_down = $date->toMySQL(); } //handle archived if ($archived) { $row->state = -1; } else { $row->state = 1; } //browse each title and insert it if it is not empty for ($i = 0; $i < $params->get('nbMassContent'); $i++) { if ($row->title[$i] != '') { $row2 =& $this->getTable(); if (!$row2->bind(JRequest::get('post'))) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; return false; } $row2->created = $row->created; $row2->publish_up = $row->publish_up; $row2->publish_down = $row->publish_down; $row2->title = $row->title[$i]; // $row2->alias=str_replace(' ','-',$row->alias[$i]); $row2->alias = JFilterOutput::stringURLSafe($row->alias[$i]); $row2->introtext = JRequest::getVar("introtext_" . ($i + 1), '', 'post', 'string', JREQUEST_ALLOWRAW); $row2->fulltext = JRequest::getVar("fulltext_" . ($i + 1), '', 'post', 'string', JREQUEST_ALLOWRAW); $row2->metadesc = $row->metadesc[$i]; $row2->metakey = $row->metakey[$i]; $row2->metadata = $row->metadata; $row2->state = $row->state; $row2->attribs = $attribs = "show_title=\nlink_titles=\nshow_intro=\nshow_section=\nlink_section=\nshow_category=\nlink_category=\nshow_vote=\nshow_author=\nshow_create_date=\nshow_modify_date=\nshow_pdf_icon=\nshow_print_icon=\nshow_email_icon=\nlanguage=\nkeyref=\nreadmore="; $db =& JFactory::getDBO(); $fp = new TableFrontPage($db); if (!$row2->store()) { echo "<script> alert('" . $row2->getError() . "'); </script>"; return false; } $row2->checkin(); $row2->reorder('catid = ' . (int) $row2->catid . ' AND state >= 0'); if ($addMenu) { if ($row2->sectionid <= 0) { //static content $type = "content_typed"; } else { $type = "content_item_link"; } $this->menuLink($row2->id, $row2->title, $menu, $type, $parent); } // Is the article viewable on the frontpage? if ($frontpage) { // Is the item already viewable on the frontpage? // Insert the new entry $query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $row2->id . ', 1 )'; $db->setQuery($query); if (!$db->query()) { JError::raiseError(500, $db->stderr()); return false; } $fp->ordering = 1; $fp->reorder(); } } } return true; }