function mw_post_form($edit = 0)
{
global $xoopsConfig, $xoopsUser, $xoopsSecurity;
if (!$xoopsUser) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
// Check if user is a editor
$author = new MWEditor();
if (!$author->from_user($xoopsUser->uid()) && !$xoopsUser->isAdmin()) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
RMTemplate::get()->add_script(RMCURL . '/include/js/jquery.min.js');
RMTemplate::get()->add_script(RMCURL . '/include/js/jquery-ui.min.js');
if ($edit) {
$id = rmc_server_var($_GET, 'id', 0);
if ($id <= 0) {
redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1);
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1);
die;
}
// Check if user is the admin or a editor of this this post
if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) {
redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
}
// Read privileges
$perms = @$author->getVar('privileges');
$perms = is_array($perms) ? $perms : array();
$allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false;
$xoopsOption['module_subpage'] = 'submit';
include 'header.php';
$form = new RMForm('', '', '');
$editor = new RMFormEditor('', 'content', '99%', '300px', $edit ? $post->getVar('content') : '');
$meta_names = MWFunctions::get()->get_metas();
RMTemplate::get()->add_xoops_style('submit.css', 'mywords');
RMTemplate::get()->add_script(XOOPS_URL . '/modules/mywords/include/js/scripts.php?file=posts.js&front=1');
include RMTemplate::get()->get_template('mywords_submit_form.php', 'module', 'mywords');
include 'footer.php';
}
break;
case 'author':
include_once XOOPS_ROOT_PATH . '/modules/mywords/class/mweditor.class.php';
$id = RMHttpRequest::get('author', 'integer', 0);
if ($id <= 0) {
redirect_header('backend.php', 1, __('Sorry, specified author was not foud!', 'mywords'));
die;
}
$ed = new MWEditor($id);
if ($ed->isNew()) {
redirect_header('backend.php', 1, __('Sorry, specified author was not foud!', 'mywords'));
die;
}
$rss_channel['title'] = sprintf(__('Posts by %s in %s', 'mywords'), $ed->name != '' ? $ed->name : $ed->shortname, $xoopsConfig['sitename']);
$rss_channel['link'] = $ed->permalink();
$rss_channel['description'] = sprintf(__('Posts published by %s.', 'mywords'), $ed->getVar('name')) . ' ' . htmlspecialchars(strip_tags($ed->getVar('bio')), ENT_QUOTES);
$rss_channel['lastbuild'] = formatTimestamp(time(), 'rss');
$rss_channel['webmaster'] = checkEmail($xoopsConfig['adminmail'], true);
$rss_channel['editor'] = checkEmail($xoopsConfig['adminmail'], true);
$rss_channel['category'] = "Blog";
$rss_channel['generator'] = 'Common Utilities';
$rss_channel['language'] = RMCLANG;
$posts = MWFunctions::get_filtered_posts("author=" . $ed->uid, 0, 10);
$rss_items = array();
foreach ($posts as $post) {
$item = array();
$item['title'] = $post->getVar('title');
$item['link'] = $post->permalink();
$img = new RMImage();
$img->load_from_params($post->getVar('image', 'e'));
if (!$img->isNew()) {
$xoopsLogger->renderingEnabled = false;
error_reporting(0);
$xoopsLogger->activated = false;
$id = rmc_server_var($_REQUEST, 'trackback', 0);
if ($id <= 0) {
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
die;
}
$editor = new MWEditor($post->getVar('author'));
if ($editor->isNew()) {
$user = new XoopsUser($post->getVar('author'));
}
$track = new MWTrackback($xoopsConfig['sitename'], $editor->getVar('name'));
$id = $track->post_id;
// The id of the item being trackbacked
$url = $track->url;
// The URL from which we got the trackback
$title = $track->title;
// Subject/title send by trackback
$excerpt = $track->excerpt;
// Short text send by trackback
$blog_name = rmc_server_var($_POST, 'blog_name', '');
if ($url == '' || $title == '' || $excerpt == '') {
echo $track->recieve(false, __('Sorry, your trackback seems to be invalid!', 'mywords'));
die;
}
$params = array('blogurl' => MWFunctions::get_url(), 'name' => 'Trackback', 'email' => '', 'url' => $url, 'text' => $excerpt, 'permalink' => $post->permalink());
$ret = RMEvents::get()->run_event('rmcommon.check.post.spam', $params);
$pn = new MWPost();
// Anterior
if ($db->getRowsNum($result) > 0) {
$pn->assignVars($db->fetchArray($result));
$xoopsTpl->assign('prev_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title')));
}
// Siguiente
$sql = "SELECT * FROM " . $db->prefix("mw_posts") . " WHERE id_post>" . $post->id() . " AND status='publish' ORDER BY id_post ASC LIMIT 0, 1";
$result = $db->query($sql);
if ($db->getRowsNum($result) > 0) {
$pn->assignVars($db->fetchArray($result));
$xoopsTpl->assign('next_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title')));
}
}
$xoopsTpl->assign('shownav', $xoopsModuleConfig['shownav']);
if ($xoopsUser && ($xoopsUser->isAdmin() || $editor->getVar('uid') == $xoopsUser->uid())) {
$edit = '<a href="' . XOOPS_URL . '/modules/mywords/admin/posts.php?op=edit&id=' . $post->id() . '">' . __('Edit Post', 'mywords') . '</a>';
$xoopsTpl->assign('edit_link', $edit);
unset($edit);
}
$xoopsTpl->assign('lang_reads', sprintf(__('%u views', 'mywords'), $post->getVar('reads')));
// Tags
$tags = $post->tags(true);
$tags_list = '';
foreach ($tags as $i => $tag) {
$tags_list .= ($tags_list == '' ? '' : ', ') . '<a href="' . $tag->permalink() . '">' . $tag->getVar('tag') . '</a>';
}
// Post pages
$total_pages = $post->total_pages();
$nav = new RMPageNav($total_pages, 1, $page, 5);
$nav->target_url($post->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}'));
}
$post = new MWPost($id);
if ($post->isNew()) {
redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1);
die;
}
// Check if user is the admin or a editor of this this post
if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) {
redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
} else {
$post = new MWPost();
}
// Read privileges
$perms = @$author->getVar('privileges');
$perms = is_array($perms) ? $perms : array();
$allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false;
$xoopsOption['module_subpage'] = 'submit';
include 'header.php';
$form = new RMForm('', '', '');
$editor = new RMFormEditor('', 'content', '100%', '300px', $edit ? $post->getVar('content', $rmc_config['editor_type'] == 'tiny' ? 's' : 'e') : '');
$editor->setExtra('required');
$meta_names = MWFunctions::get()->get_metas();
RMTemplate::get()->add_style('submit.css', 'mywords');
RMTemplate::get()->add_script('scripts.php?file=posts.js', 'mywords', array('directory' => 'include'));
RMTemplate::get()->add_script('jquery.validate.min.js', 'rmcommon', array('footer' => 1));
include RMTemplate::get()->get_template('mywords-submit-form.php', 'module', 'mywords');
}
$pendings = array();
$result = $db->query("SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE status='waiting' ORDER BY id_post DESC LIMIT 0,8");
while ($row = $db->fetchArray($result)) {
$post = new MWPost();
$post->assignVars($row);
$pendings[] = $post;
}
// Editors
$sql = "SELECT *, (SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_posts") . " WHERE author=id_editor) as counter FROM " . $db->prefix("mod_mywords_editors") . " ORDER BY counter DESC LIMIT 0, 5";
$result = $db->query($sql);
$editors = array();
while ($row = $db->fetchArray($result)) {
$editor = new MWEditor();
$editor->assignVars($row);
$editors[] = array('id' => $editor->id(), 'name' => $editor->getVar('name'), 'link' => $editor->permalink(), 'total' => $row['counter']);
}
unset($editor, $result, $sql);
// URL rewriting
$rule = "RewriteRule ^" . trim($xoopsModuleConfig['basepath'], '/') . "/?(.*)\$ modules/mywords/index.php [L]";
if ($xoopsModuleConfig['permalinks'] > 1) {
$ht = new RMHtaccess('mywords');
$htResult = $ht->write($rule);
if ($htResult !== true) {
showMessage(__('An error ocurred while trying to write .htaccess file!', 'mywords'), RMMSG_ERROR);
}
} else {
$ht = new RMHtaccess('mywords');
$ht->removeRule();
$ht->write();
}
/**
* Determines if current or given user can read this post
* @param int $id User ID
* @return bool
*/
public function user_allowed($uid = null)
{
global $xoopsUser;
if (!$xoopsUser) {
$owner = false;
} else {
$user = $uid != null ? $uid : $xoopsUser->uid();
$editor = new MWEditor($this->getVar('author'));
$owner = $user == $editor->getVar('uid');
}
if ($owner) {
return true;
}
if ($this->getVar('status') != 'publish') {
return false;
}
if ($this->getVar('visibility') == 'public') {
return true;
}
if ($this->getVar('visibility') == 'password') {
$pass = rmc_server_var($_POST, 'password', '');
$pass = $pass == '' && isset($_SESSION['password-' . $this->id()]) ? $_SESSION['password-' . $this->id()] : $pass;
if ($pass == '') {
return false;
}
if ($pass != $this->getVar('password')) {
return false;
}
$_SESSION['password-' . $this->id()] = $pass;
return true;
}
return false;
}
$post = new MWPost($id);
if ($post->isNew()) {
die;
}
$editor = new MWEditor($post->getVar('author'));
if ($editor->isNew()) {
$user = new XoopsUser($post->getVar('author'));
}
$tracks = $post->getVar('toping');
if (empty($tracks)) {
die;
}
$pinged = $post->getVar('pinged');
$toping = $post->getVar('toping');
$tp = array();
$tback = new MWTrackback($xoopsModuleConfig['blogname'], $editor->isNew() ? $user->getVar('uname') : $editor->getVar('name'));
foreach ($tracks as $t) {
if (!empty($pinged) && in_array($t, $pinged)) {
continue;
}
$ret = $tback->ping($t, $post->permalink(), $post->getVar('title'), TextCleaner::getInstance()->truncate($post->content(true), 240));
if ($ret) {
$pinged[] = $t;
} else {
$tp[] = $t;
}
}
$post->setVar('toping', empty($tp) ? '' : $tp);
$post->setVar('pinged', $pinged);
$post->update();
die;
}
$request = substr($request, 0, strpos($request, 'page') > 0 ? strpos($request, 'page') - 1 : strlen($request));
/**
* Paginamos los resultados
*/
$limit = $mc['posts_limit'];
$sql = "SELECT COUNT(*) FROM " . $db->prefix("mw_posts") . " WHERE author='{$editor}' AND status='publish' AND \n\t\t((visibility='public' OR visibility='password') OR (visibility='private' AND\n\t\tauthor=" . ($xoopsUser ? $xoopsUser->uid() : -1) . "))";
list($num) = $db->fetchRow($db->query($sql));
if ($page > 0) {
$page -= 1;
}
$start = $page * $mc['posts_limit'];
$tpages = (int) ($num / $mc['posts_limit']);
if ($num % $mc['posts_limit'] > 0) {
$tpages++;
}
$pactual = $page + 1;
if ($pactual > $tpages) {
$rest = $pactual - $tpages;
$pactual = $pactual - $rest + 1;
$start = ($pactual - 1) * $limit;
}
$nav = new RMPageNav($num, $limit, $pactual, 6);
$nav->target_url($ed->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}'));
$xoopsTpl->assign("nav_pages", $nav->render(false, 0));
$xoopsTpl->assign('pactual', $pactual);
$xoopsTpl->assign('lang_fromauthor', sprintf(__('Posts by "%s"', 'mywords'), $ed->getVar('name')));
$sql = "SELECT * FROM " . $db->prefix("mw_posts") . " WHERE author='{$editor}' AND status='publish' AND \n\t\t((visibility='public' OR visibility='password') OR (visibility='private' AND\n\t\tauthor=" . ($xoopsUser ? $xoopsUser->uid() : -1) . ")) ORDER BY pubdate DESC LIMIT {$start},{$limit}";
$result = $db->query($sql);
require 'post_data.php';
include 'footer.php';
$pn = new MWPost();
// Anterior
if ($db->getRowsNum($result) > 0) {
$pn->assignVars($db->fetchArray($result));
$xoopsTpl->assign('prev_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title')));
}
// Siguiente
$sql = "SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE id_post>" . $post->id() . " AND status='publish' ORDER BY id_post ASC LIMIT 0, 1";
$result = $db->query($sql);
if ($db->getRowsNum($result) > 0) {
$pn->assignVars($db->fetchArray($result));
$xoopsTpl->assign('next_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title')));
}
}
$xoopsTpl->assign('shownav', $xoopsModuleConfig['shownav']);
if ($xoopsUser && ($xoopsUser->isAdmin() || $editor->getVar('uid') == $xoopsUser->uid())) {
$editLink = XOOPS_URL . '/modules/mywords/admin/posts.php?op=edit&id=' . $post->id();
$xoopsTpl->assign('can_edit', true);
$xoopsTpl->assign('edit_link', $editLink);
unset($editLink);
}
$xoopsTpl->assign('lang_reads', sprintf(__('%u views', 'mywords'), $post->getVar('reads')));
// Post pages
$total_pages = $post->total_pages();
$nav = new RMPageNav($total_pages, 1, $page, 5);
$nav->target_url($post->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}'));
$xoopsTpl->assign('post_navbar', $nav->render(true));
// Post data
$post_arr = array('id' => $post->id(), 'title' => $post->getVar('title'), 'published' => sprintf(__('%s by %s', 'mywords'), MWFunctions::format_time($post->getVar('pubdate')) . ' ' . date('H:i', $post->getVar('pubdate')), '<a href="' . $editor->permalink() . '">' . (isset($editor) ? $editor->getVar('name') : __('Anonymous', 'mywords')) . "</a>"), 'text' => $post->content(false, $page), 'cats' => $post->get_categos('data'), 'tags' => $post->tags(false), 'trackback' => $post->getVar('pingstatus') ? MWFunctions::get_url(true) . $post->id() : '', 'meta' => $post->get_meta('', false), 'time' => $post->getVar('pubdate'), 'image' => $post->image(), 'video' => $post->video, 'player' => $post->video != '' ? $post->video_player() : '', 'author' => array('name' => $editor->getVar('name') != '' ? $editor->name : $editor->shortname, 'id' => $editor->id(), 'link' => $editor->permalink(), 'bio' => $editor->getVar('bio'), 'email' => $editor->data('email'), 'uid' => $editor->uid, 'url' => $editor->data('url')), 'alink' => $editor->permalink(), 'format' => $post->format, 'comments' => $post->comments, 'comments_enabled' => $post->comstatus);
$xoopsTpl->assign('full_post', 1);
$xoopsTpl->assign('lang_editpost', __('Edit Post', 'mywords'));
