private static function prepareFieldValues($fields, $files) { ## Combine FILES and POST arrays, indexed by their custom field handles if (isset($files)) { $filedata = General::processFilePostData($files); foreach ($filedata as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = $data; } elseif (isset($data['error']) && $data['error'] == 4) { $fields['handle'] = NULL; } else { foreach ($data as $ii => $d) { if (isset($d['error']) && $d['error'] == 4) { $fields[$handle][$ii] = NULL; } elseif (is_array($d) && !empty($d)) { foreach ($d as $key => $val) { $fields[$handle][$ii][$key] = $val; } } } } } } return $fields; }
private function __actionUpload() { $FileManager =& $this->_Parent->ExtensionManager->create('filemanager'); $file = General::processFilePostData($_FILES['fields']); $file = $file['upload']['file']; $context = $this->_context; array_shift($context); $dest_path = DOCROOT . $FileManager->getStartLocation() . (is_array($context) && !empty($context) ? '/' . implode('/', $context) . '/' : NULL); /* Array ( [0] => KnuckleboneWitch.jpg [1] => image/jpeg [2] => /Applications/MAMP/tmp/php/phpYCREds [3] => 0 [4] => 25854 ) */ $permission = $_POST['fields']['upload']['permissions']; return General::uploadFile($dest_path, $file[0], $file[2], $permission); }
public function __actionNew() { if (array_key_exists('save', $_POST['action']) || array_key_exists("done", $_POST['action'])) { $section_id = SectionManager::fetchIDFromHandle($this->_context['section_handle']); if (!($section = SectionManager::fetch($section_id))) { Administration::instance()->customError(__('Unknown Section'), __('The Section you are looking for, %s, could not be found.', array('<code>' . $this->_context['section_handle'] . '</code>'))); } $entry =& EntryManager::create(); $entry->set('section_id', $section_id); $entry->set('author_id', Administration::instance()->Author->get('id')); $entry->set('creation_date', DateTimeObj::get('Y-m-d H:i:s')); $entry->set('creation_date_gmt', DateTimeObj::getGMT('Y-m-d H:i:s')); $fields = $_POST['fields']; // Combine FILES and POST arrays, indexed by their custom field handles if (isset($_FILES['fields'])) { $filedata = General::processFilePostData($_FILES['fields']); foreach ($filedata as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = $data; } elseif (isset($data['error']) && $data['error'] == 4) { $fields['handle'] = NULL; } else { foreach ($data as $ii => $d) { if (isset($d['error']) && $d['error'] == 4) { $fields[$handle][$ii] = NULL; } elseif (is_array($d) && !empty($d)) { foreach ($d as $key => $val) { $fields[$handle][$ii][$key] = $val; } } } } } } // Initial checks to see if the Entry is ok if (__ENTRY_FIELD_ERROR__ == $entry->checkPostData($fields, $this->_errors)) { $this->pageAlert(__('Some errors were encountered while attempting to save.'), Alert::ERROR); } else { if (__ENTRY_OK__ != $entry->setDataFromPost($fields, $errors)) { foreach ($errors as $field_id => $message) { $this->pageAlert($message, Alert::ERROR); } } else { /** * Just prior to creation of an Entry * * @delegate EntryPreCreate * @param string $context * '/publish/new/' * @param Section $section * @param Entry $entry * @param array $fields */ Symphony::ExtensionManager()->notifyMembers('EntryPreCreate', '/publish/new/', array('section' => $section, 'entry' => &$entry, 'fields' => &$fields)); // Check to see if the dancing was premature if (!$entry->commit()) { define_safe('__SYM_DB_INSERT_FAILED__', true); $this->pageAlert(NULL, Alert::ERROR); } else { /** * Creation of an Entry. New Entry object is provided. * * @delegate EntryPostCreate * @param string $context * '/publish/new/' * @param Section $section * @param Entry $entry * @param array $fields */ Symphony::ExtensionManager()->notifyMembers('EntryPostCreate', '/publish/new/', array('section' => $section, 'entry' => $entry, 'fields' => $fields)); $prepopulate_querystring = ''; if (isset($_POST['prepopulate'])) { foreach ($_POST['prepopulate'] as $field_id => $value) { $prepopulate_querystring .= sprintf("prepopulate[%s]=%s&", $field_id, rawurldecode($value)); } $prepopulate_querystring = trim($prepopulate_querystring, '&'); } redirect(sprintf('%s/publish/%s/edit/%d/created/%s', SYMPHONY_URL, $this->_context['section_handle'], $entry->get('id'), !empty($prepopulate_querystring) ? "?" . $prepopulate_querystring : NULL)); } } } } }
public function __actionNew() { if (array_key_exists('save', $_POST['action']) || array_key_exists("done", $_POST['action'])) { $sectionManager = new SectionManager($this->_Parent); $section_id = $sectionManager->fetchIDFromHandle($this->_context['section_handle']); if (!($section = $sectionManager->fetch($section_id))) { Administration::instance()->customError(__('Unknown Section'), __('The Section you are looking, <code>%s</code> for could not be found.', $this->_context['section_handle'])); } $entryManager = new EntryManager($this->_Parent); $entry =& $entryManager->create(); $entry->set('section_id', $section_id); $entry->set('author_id', Administration::instance()->Author->get('id')); $entry->set('creation_date', DateTimeObj::get('Y-m-d H:i:s')); $entry->set('creation_date_gmt', DateTimeObj::getGMT('Y-m-d H:i:s')); $fields = $_POST['fields']; ## Combine FILES and POST arrays, indexed by their custom field handles if (isset($_FILES['fields'])) { $filedata = General::processFilePostData($_FILES['fields']); foreach ($filedata as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = $data; } elseif (isset($data['error']) && $data['error'] == 4) { $fields['handle'] = NULL; } else { foreach ($data as $ii => $d) { if (isset($d['error']) && $d['error'] == 4) { $fields[$handle][$ii] = NULL; } elseif (is_array($d) && !empty($d)) { foreach ($d as $key => $val) { $fields[$handle][$ii][$key] = $val; } } } } } } if (__ENTRY_FIELD_ERROR__ == $entry->checkPostData($fields, $this->_errors)) { $this->pageAlert(__('Some errors were encountered while attempting to save.'), Alert::ERROR); } elseif (__ENTRY_OK__ != $entry->setDataFromPost($fields, $error)) { $this->pageAlert($error['message'], Alert::ERROR); } else { /** * Just prior to creation of an Entry * * @delegate EntryPreCreate * @param string $context * '/publish/new/' * @param Section $section * @param Entry $entry * @param array $fields */ Symphony::ExtensionManager()->notifyMembers('EntryPreCreate', '/publish/new/', array('section' => $section, 'entry' => &$entry, 'fields' => &$fields)); if (!$entry->commit()) { define_safe('__SYM_DB_INSERT_FAILED__', true); $this->pageAlert(NULL, Alert::ERROR); } else { /** * Creation of an Entry. New Entry object is provided. * * @delegate EntryPostCreate * @param string $context * '/publish/new/' * @param Section $section * @param Entry $entry * @param array $fields */ Symphony::ExtensionManager()->notifyMembers('EntryPostCreate', '/publish/new/', array('section' => $section, 'entry' => $entry, 'fields' => $fields)); $prepopulate_field_id = $prepopulate_value = NULL; if (isset($_POST['prepopulate'])) { $prepopulate_field_id = array_shift(array_keys($_POST['prepopulate'])); $prepopulate_value = stripslashes(rawurldecode(array_shift($_POST['prepopulate']))); } redirect(sprintf('%s/publish/%s/edit/%d/created%s/', SYMPHONY_URL, $this->_context['section_handle'], $entry->get('id'), !is_null($prepopulate_field_id) ? ":{$prepopulate_field_id}:{$prepopulate_value}" : NULL)); } } } }
public function __actionNew() { if (array_key_exists('save', $_POST['action']) || array_key_exists("done", $_POST['action'])) { $section_id = SectionManager::fetchIDFromHandle($this->_context['section_handle']); if (!($section = SectionManager::fetch($section_id))) { Administration::instance()->throwCustomError(__('The Section, %s, could not be found.', array('<code>' . $this->_context['section_handle'] . '</code>')), __('Unknown Section'), Page::HTTP_STATUS_NOT_FOUND); } $entry = EntryManager::create(); $entry->set('author_id', Symphony::Author()->get('id')); $entry->set('section_id', $section_id); $entry->set('creation_date', DateTimeObj::get('c')); $entry->set('modification_date', DateTimeObj::get('c')); $fields = $_POST['fields']; // Combine FILES and POST arrays, indexed by their custom field handles if (isset($_FILES['fields'])) { $filedata = General::processFilePostData($_FILES['fields']); foreach ($filedata as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = $data; } elseif (isset($data['error']) && $data['error'] == UPLOAD_ERR_NO_FILE) { $fields[$handle] = null; } else { foreach ($data as $ii => $d) { if (isset($d['error']) && $d['error'] == UPLOAD_ERR_NO_FILE) { $fields[$handle][$ii] = null; } elseif (is_array($d) && !empty($d)) { foreach ($d as $key => $val) { $fields[$handle][$ii][$key] = $val; } } } } } } // Initial checks to see if the Entry is ok if (Entry::__ENTRY_FIELD_ERROR__ == $entry->checkPostData($fields, $this->_errors)) { $this->pageAlert(__('Some errors were encountered while attempting to save.'), Alert::ERROR); // Secondary checks, this will actually process the data and attempt to save } elseif (Entry::__ENTRY_OK__ != $entry->setDataFromPost($fields, $errors)) { foreach ($errors as $field_id => $message) { $this->pageAlert($message, Alert::ERROR); } // Everything is awesome. Dance. } else { /** * Just prior to creation of an Entry * * @delegate EntryPreCreate * @param string $context * '/publish/new/' * @param Section $section * @param Entry $entry * @param array $fields */ Symphony::ExtensionManager()->notifyMembers('EntryPreCreate', '/publish/new/', array('section' => $section, 'entry' => &$entry, 'fields' => &$fields)); // Check to see if the dancing was premature if (!$entry->commit()) { define_safe('__SYM_DB_INSERT_FAILED__', true); $this->pageAlert(null, Alert::ERROR); } else { /** * Creation of an Entry. New Entry object is provided. * * @delegate EntryPostCreate * @param string $context * '/publish/new/' * @param Section $section * @param Entry $entry * @param array $fields */ Symphony::ExtensionManager()->notifyMembers('EntryPostCreate', '/publish/new/', array('section' => $section, 'entry' => $entry, 'fields' => $fields)); $prepopulate_querystring = $this->getPrepopulateString(); redirect(sprintf('%s/publish/%s/edit/%d/created/%s', SYMPHONY_URL, $this->_context['section_handle'], $entry->get('id'), !empty($prepopulate_querystring) ? $prepopulate_querystring : null)); } } } }
function __actionEdit() { $entry_id = intval($this->_context['entry_id']); if (@array_key_exists('save', $_POST['action']) || @array_key_exists("done", $_POST['action'])) { $entryManager = new EntryManager($this->_Parent); if (!($ret = $entryManager->fetch($entry_id))) { $this->_Parent->customError(E_USER_ERROR, __('Unknown Entry'), __('The entry you are looking for could not be found.'), false, true); } $entry = $ret[0]; $sectionManager = new SectionManager($this->_Parent); $section = $sectionManager->fetch($entry->get('section_id')); $fields = $_POST['fields']; ## Combine FILES and POST arrays, indexed by their custom field handles if (isset($_FILES['fields'])) { $filedata = General::processFilePostData($_FILES['fields']); foreach ($filedata as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = $data; } elseif (isset($data['error']) && $data['error'] == 4) { $fields['handle'] = NULL; } else { foreach ($data as $ii => $d) { if (isset($d['error']) && $d['error'] == 4) { $fields[$handle][$ii] = NULL; } elseif (is_array($d) && !empty($d)) { foreach ($d as $key => $val) { $fields[$handle][$ii][$key] = $val; } } } } } } if (__ENTRY_FIELD_ERROR__ == $entry->checkPostData($fields, $this->_errors)) { $this->pageAlert(__('Some errors were encountered while attempting to save.'), Alert::ERROR); } elseif (__ENTRY_OK__ != $entry->setDataFromPost($fields, $error)) { $this->pageAlert($error['message'], Alert::ERROR); } else { ### # Delegate: EntryPreEdit # Description: Just prior to editing of an Entry. $this->_Parent->ExtensionManager->notifyMembers('EntryPreEdit', '/publish/edit/', array('section' => $section, 'entry' => &$entry, 'fields' => $fields)); if (!$entry->commit()) { define_safe('__SYM_DB_INSERT_FAILED__', true); $this->pageAlert(NULL, Alert::ERROR); } else { ### # Delegate: EntryPostEdit # Description: Editing an entry. Entry object is provided. $this->_Parent->ExtensionManager->notifyMembers('EntryPostEdit', '/publish/edit/', array('section' => $section, 'entry' => $entry, 'fields' => $fields)); redirect(URL . '/symphony/publish/' . $this->_context['section_handle'] . '/edit/' . $entry_id . '/saved/'); } } } elseif (@array_key_exists('delete', $_POST['action']) && is_numeric($entry_id)) { ## TODO: Fix Me ### # Delegate: Delete # Description: Prior to deleting an entry. Entry ID is provided. ##$ExtensionManager->notifyMembers('Delete', getCurrentPage(), array('entry_id' => $entry_id)); $entryManager = new EntryManager($this->_Parent); $entryManager->delete($entry_id); redirect(URL . '/symphony/publish/' . $this->_context['section_handle'] . '/'); } }
## End Function } } $result = new XMLElement(self::ROOTELEMENT); if (@in_array('admin-only', $this->eParamFILTERS) && !$this->_Parent->isLoggedIn()) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Entry encountered errors when saving.'))); $result->appendChild(buildFilterElement('admin-only', 'failed')); return $result; } $entry_id = $position = $fields = NULL; if (@in_array('expect-multiple', $this->eParamFILTERS)) { if (is_array($_POST['fields']) && isset($_POST['fields'][0])) { $filedata = NULL; if (isset($_FILES['fields'])) { $filedata = General::processFilePostData($_FILES['fields']); unset($_FILES['fields']); } foreach ($_POST['fields'] as $position => $fields) { if (isset($_POST['id'][$position]) && is_numeric($_POST['id'][$position])) { $entry_id = $_POST['id'][$position]; } $entry = new XMLElement('entry', NULL, array('position' => $position)); if (!is_null($filedata[$position])) { foreach ($filedata[$position] as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = NULL; } if ($data[3] == 0) { $fields[$handle] = array_combine(array('name', 'type', 'tmp_name', 'error', 'size'), $data); }
function __doit($source, $fields, &$result, &$obj, &$event, $filters, $position = NULL, $entry_id = NULL) { ## Create the post data cookie element if (is_array($fields) && !empty($fields)) { $post_values = new XMLElement('post-values'); foreach ($fields as $element_name => $value) { if (strlen($value) == 0) { continue; } $post_values->appendChild(new XMLElement($element_name, General::sanitize($value))); } } ## Combine FILES and POST arrays, indexed by their custom field handles if (isset($_FILES['fields'])) { $filedata = General::processFilePostData($_FILES['fields']); foreach ($filedata as $handle => $data) { if (!isset($fields[$handle])) { $fields[$handle] = $data; } elseif (isset($data['error']) && $data['error'] == 4) { $fields['handle'] = NULL; } else { foreach ($data as $ii => $d) { if (isset($d['error']) && $d['error'] == 4) { $fields[$handle][$ii] = NULL; } elseif (is_array($d) && !empty($d)) { foreach ($d as $key => $val) { $fields[$handle][$ii][$key] = $val; } } } } } } $filter_results = array(); ### # Delegate: EventPreSaveFilter # Description: Prior to saving entry from the front-end. This delegate will force the Event to terminate if it populates the error # array reference. Provided with references to this object, the POST data and also the error array $obj->ExtensionManager->notifyMembers('EventPreSaveFilter', '/frontend/', array('fields' => $fields, 'event' => &$event, 'messages' => &$filter_results)); if (is_array($filter_results) && !empty($filter_results)) { foreach ($filter_results as $fr) { list($type, $status, $message) = $fr; $result->appendChild(buildFilterElement($type, $status ? 'passed' : 'failed', $message)); if (!$status) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Entry encountered errors when saving.'))); return false; } } } include_once TOOLKIT . '/class.sectionmanager.php'; include_once TOOLKIT . '/class.entrymanager.php'; $sectionManager = new SectionManager($obj); if (!($section = $sectionManager->fetch($source))) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Section is invalid'))); return false; } $entryManager = new EntryManager($obj); if (isset($entry_id) && $entry_id != NULL) { $entry =& $entryManager->fetch($entry_id); $entry = $entry[0]; if (!is_object($entry)) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Invalid Entry ID specified. Could not create Entry object.'))); return false; } } else { $entry =& $entryManager->create(); $entry->set('section_id', $source); } $filter_errors = array(); if (__ENTRY_FIELD_ERROR__ == $entry->checkPostData($fields, $errors, $entry->get('id') ? true : false)) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Entry encountered errors when saving.'))); foreach ($errors as $field_id => $message) { $field = $entryManager->fieldManager->fetch($field_id); $result->appendChild(new XMLElement($field->get('element_name'), NULL, array('type' => $fields[$field->get('element_name')] == '' ? 'missing' : 'invalid'))); } if (isset($post_values) && is_object($post_values)) { $result->appendChild($post_values); } return false; } elseif (__ENTRY_OK__ != $entry->setDataFromPost($fields, $errors, false, $entry->get('id') ? true : false)) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Entry encountered errors when saving.'))); foreach ($errors as $err) { $field = $entryManager->fieldManager->fetch($err['field_id']); $result->appendChild(new XMLElement($field->get('element_name'), NULL, array('type' => 'invalid'))); } if (isset($post_values) && is_object($post_values)) { $result->appendChild($post_values); } return false; } else { if (!$entry->commit()) { $result->setAttribute('result', 'error'); $result->appendChild(new XMLElement('message', __('Unknown errors where encountered when saving.'))); if (isset($post_values) && is_object($post_values)) { $result->appendChild($post_values); } return false; } $result->setAttribute('id', $entry->get('id')); } ## PASSIVE FILTERS ONLY AT THIS STAGE. ENTRY HAS ALREADY BEEN CREATED. if (in_array('send-email', $filters) && !in_array('expect-multiple', $filters)) { if (!function_exists('__sendEmailFindFormValue')) { function __sendEmailFindFormValue($needle, $haystack, $discard_field_name = true, $default = NULL, $collapse = true) { if (preg_match('/^(fields\\[[^\\]]+\\],?)+$/i', $needle)) { $parts = preg_split('/\\,/i', $needle, -1, PREG_SPLIT_NO_EMPTY); $parts = array_map('trim', $parts); $stack = array(); foreach ($parts as $p) { $field = str_replace(array('fields[', ']'), '', $p); $discard_field_name ? $stack[] = $haystack[$field] : ($stack[$field] = $haystack[$field]); } if (is_array($stack) && !empty($stack)) { return $collapse ? implode(' ', $stack) : $stack; } else { $needle = NULL; } } $needle = trim($needle); if (empty($needle)) { return $default; } return $needle; } } $fields = $_POST['send-email']; $fields['recipient'] = __sendEmailFindFormValue($fields['recipient'], $_POST['fields'], true); $fields['recipient'] = preg_split('/\\,/i', $fields['recipient'], -1, PREG_SPLIT_NO_EMPTY); $fields['recipient'] = array_map('trim', $fields['recipient']); $fields['recipient'] = $obj->Database->fetch("SELECT `email`, `first_name` FROM `tbl_authors` WHERE `username` IN ('" . @implode("', '", $fields['recipient']) . "') "); $fields['subject'] = __sendEmailFindFormValue($fields['subject'], $_POST['fields'], true, __('[Symphony] A new entry was created on %s', array($obj->Configuration->get('sitename', 'general')))); $fields['body'] = __sendEmailFindFormValue($fields['body'], $_POST['fields'], false, NULL, false); $fields['sender-email'] = __sendEmailFindFormValue($fields['sender-email'], $_POST['fields'], true, 'noreply@' . parse_url(URL, PHP_URL_HOST)); $fields['sender-name'] = __sendEmailFindFormValue($fields['sender-name'], $_POST['fields'], true, 'Symphony'); $edit_link = URL . '/symphony/publish/' . $section->get('handle') . '/edit/' . $entry->get('id') . '/'; $body = __('Dear <!-- RECIPIENT NAME -->,') . General::CRLF . __('This is a courtesy email to notify you that an entry was created on the %1$s section. You can edit the entry by going to: %2$s', array($section->get('name'), $edit_link)) . General::CRLF . General::CRLF; if (is_array($fields['body'])) { foreach ($fields['body'] as $field_handle => $value) { $body .= "// {$field_handle}" . General::CRLF . $value . General::CRLF . General::CRLF; } } else { $body .= $fields['body']; } $errors = array(); if (!is_array($fields['recipient']) || empty($fields['recipient'])) { $result->appendChild(buildFilterElement('send-email', 'failed', __('No valid recipients found. Check send-email[recipient] field.'))); } else { foreach ($fields['recipient'] as $r) { list($email, $name) = array_values($r); if (!General::sendEmail($email, $fields['sender-email'], $fields['sender-name'], $fields['subject'], str_replace('<!-- RECIPIENT NAME -->', $name, $body))) { $errors[] = $email; } } if (!empty($errors)) { $xml = buildFilterElement('send-email', 'failed'); foreach ($errors as $address) { $xml->appendChild(new XMLElement('recipient', $address)); } $result->appendChild($xml); } else { $result->appendChild(buildFilterElement('send-email', 'passed')); } } } $filter_results = array(); ### # Delegate: EventPostSaveFilter # Description: After saving entry from the front-end. This delegate will not force the Events to terminate if it populates the error # array reference. Provided with references to this object, the POST data and also the error array $obj->ExtensionManager->notifyMembers('EventPostSaveFilter', '/frontend/', array('entry_id' => $entry_id, 'fields' => $fields, 'entry' => $entry, 'event' => &$event, 'messages' => &$filter_results)); if (is_array($filter_results) && !empty($filter_results)) { foreach ($filter_results as $fr) { list($type, $status, $message) = $fr; $result->appendChild(buildFilterElement($type, $status ? 'passed' : 'failed', $message)); } } ### # Delegate: EventFinalSaveFilter $obj->ExtensionManager->notifyMembers('EventFinalSaveFilter', '/frontend/', array('fields' => $fields, 'event' => &$event, 'errors' => &$filter_errors, 'entry' => $entry)); $result->setAttributeArray(array('result' => 'success', 'type' => isset($entry_id) ? 'edited' : 'created')); $result->appendChild(new XMLElement('message', isset($entry_id) ? __('Entry edited successfully.') : __('Entry created successfully.'))); return true; ## End FUnction }