if (user_ismember($GLOBALS['sys_news_group'], 'A')) {
/*
News uber-user admin pages
Show all waiting news items except those already rejected.
Admin members of project #$sys_news_group (news project)
can edit/change/approve news items
*/
if ($request->get('post_changes') && $request->get('approve')) {
$validStatus = new Valid_WhiteList('status', array(0, 1, 2));
if ($request->valid($validStatus)) {
$status = $request->get('status');
} else {
$status = 0;
}
$validSummary = new Valid_String('summary');
$validSummary->setErrorMessage('Summary is required');
$validSummary->required();
$validDetails = new Valid_Text('details');
if ($request->valid($validSummary) && $request->valid($validDetails)) {
if ($status == 1) {
/*
Update the db so the item shows on the home page
*/
$sql = "UPDATE news_bytes SET is_approved='1', date='" . time() . "', " . "summary='" . db_es(htmlspecialchars($request->get('summary'))) . "', details='" . db_es(htmlspecialchars($request->get('details'))) . "' WHERE id=" . db_ei($id);
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('news_admin_index', 'update_err'));
} else {
$GLOBALS['Response']->addFeedback('info', $Language->getText('news_admin_index', 'newsbyte_updated'));
}
} else {
require_once 'bookmarks.php';
require_once 'my_utils.php';
$request = HTTPRequest::instance();
$vId = new Valid_UInt('bookmark_id');
$vId->setErrorMessage('bookmark_id is required');
$vId->required();
if (!$request->valid($vId)) {
$GLOBALS['Response']->redirect('/my');
} else {
$bookmark_id = (int) $request->get('bookmark_id');
}
$vUrl = new Valid_String('bookmark_url');
$vUrl->setErrorMessage('Url is required');
$vUrl->required();
$vTitle = new Valid_String('bookmark_title');
$vTitle->setErrorMessage('Title is required');
$vTitle->required();
$bookmark_url_id = '/my/bookmark_edit.php?bookmark_id=' . $bookmark_id;
$csrf_token = new CSRFSynchronizerToken($bookmark_url_id);
if ($request->isPost() && $request->valid($vUrl) && $request->valid($vTitle)) {
$csrf_token->check();
$bookmark_url = $request->get('bookmark_url');
$bookmark_title = $request->get('bookmark_title');
my_check_bookmark_URL($bookmark_url, $bookmark_url_id);
bookmark_edit($bookmark_id, $bookmark_url, $bookmark_title);
$GLOBALS['Response']->redirect('/my');
}
$purifier = Codendi_HTMLPurifier::instance();
$HTML->header(array("title" => $Language->getText('bookmark_edit', 'title')));
print "<H3>" . $Language->getText('bookmark_edit', 'title') . "</H3>\n";
$result = db_query("SELECT * from user_bookmarks where " . "bookmark_id=" . db_ei($bookmark_id) . " and user_id=" . db_ei(user_getid()));
$vPostChanges = new Valid_WhiteList('post_changes', array('y'));
$vPostChanges->required();
if ($request->isPost() && $request->valid($vPostChanges)) {
/*
Update the DB to reflect the changes
*/
//
// Prepare validators
//
// Forum Name
$vForumName = new Valid_String('forum_name');
$vForumName->setErrorMessage($Language->getText('forum_admin_index', 'params_missing'));
$vForumName->required();
// Description
$vDescription = new Valid_String('description');
$vDescription->setErrorMessage($Language->getText('forum_admin_index', 'params_missing'));
$vDescription->required();
// Is public
$vIsPublic = new Valid_WhiteList('is_public', array(0, 1, 9));
$vIsPublic->required();
if ($request->existAndNonEmpty('delete')) {
$vMsg = new Valid_Uint('msg_id');
$vMsg->required();
if ($request->valid($vMsg)) {
/*
Deleting messages or threads
*/
// First, check if the message exists
$sql = "SELECT forum_group_list.group_id, forum.group_forum_id FROM forum,forum_group_list " . "WHERE forum.group_forum_id=forum_group_list.group_forum_id AND forum.msg_id=" . db_ei($msg_id);
$result = db_query($sql);
if (db_numrows($result) > 0) {
function create($request)
{
$content_id = false;
$vUrl = new Valid_String('url');
$vUrl->setErrorMessage("Can't add empty rss url");
$vUrl->required();
if ($request->validInArray('rss', $vUrl)) {
$rss = $request->get('rss');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('rss', $vTitle)) {
require_once 'common/rss/libs/SimplePie/simplepie.inc';
if (!is_dir($GLOBALS['codendi_cache_dir'] . '/rss')) {
mkdir($GLOBALS['codendi_cache_dir'] . '/rss');
}
$rss_reader = new SimplePie($rss['url'], $GLOBALS['codendi_cache_dir'] . '/rss', null, $GLOBALS['sys_proxy']);
$rss['title'] = $rss_reader->get_title();
}
$sql = 'INSERT INTO widget_rss (owner_id, owner_type, title, url) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($rss['title']) . "', '" . db_escape_string($rss['url']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
/**
* Create a new content for this widget
* @param Codendi_Request $request
* @return int the id of the new content
*/
public function create($request)
{
$content_id = false;
$vItem_id = new Valid_String('item_id');
$vItem_id->setErrorMessage("Unable to add the widget. Please give an item id.");
$vItem_id->required();
if ($request->validInArray('plugin_docman_widget_embedded', $vItem_id)) {
$plugin_docman_widget_embedded = $request->get('plugin_docman_widget_embedded');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('plugin_docman_widget_embedded', $vTitle)) {
if ($item = $this->getItem($plugin_docman_widget_embedded['item_id'])) {
$plugin_docman_widget_embedded['title'] = $item->getTitle();
}
}
$sql = 'INSERT INTO plugin_docman_widget_embedded (owner_id, owner_type, title, item_id) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($plugin_docman_widget_embedded['title']) . "', '" . db_escape_string($plugin_docman_widget_embedded['item_id']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
function create(&$request)
{
$content_id = false;
$vUrl = new Valid_String('url');
$vUrl->setErrorMessage("Can't add empty image url");
$vUrl->required();
if ($request->validInArray('image', $vUrl)) {
$image = $request->get('image');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('image', $vTitle)) {
$image['title'] = 'Image';
}
$sql = 'INSERT INTO widget_image (owner_id, owner_type, title, url) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($image['title']) . "', '" . db_escape_string($image['url']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
$vThreadId->required();
if ($request->valid($vMonitor) && $request->valid($vThreadId)) {
if (user_isloggedin()) {
if (!user_monitor_forum($forum_id, user_getid())) {
if (!forum_thread_add_monitor($forum_id, $request->get('thread_id'), user_getid())) {
$feedback .= $Language->getText('forum_forum_utils', 'insert_err');
}
}
}
}
// Note: there is a 'msg_id' send but not used here.
$vFollowUp = new Valid_UInt('is_followup_to');
$vFollowUp->required();
$vSubject = new Valid_String('subject');
$vSubject->required();
$vSubject->setErrorMessage($GLOBALS['Language']->getText('forum_forum_utils', 'include_body_and_subject'));
$vBody = new Valid_Text('body');
$vBody->required();
$vBody->setErrorMessage($GLOBALS['Language']->getText('forum_forum_utils', 'include_body_and_subject'));
if ($request->valid($vThreadId) && $request->valid($vFollowUp) && $request->valid($vSubject) && $request->valid($vBody)) {
post_message($request->get('thread_id'), $request->get('is_followup_to'), $request->get('subject'), $request->get('body'), $forum_id);
}
}
/*
set up some defaults if they aren't provided
*/
// Offset
if ($request->valid(new Valid_UInt('offset'))) {
$offset = $request->get('offset');
} else {
$offset = 0;
function create($request)
{
$content_id = false;
$vGroup_id = new Valid_String('group_id');
$vGroup_id->setErrorMessage("Can't add empty WikiPage group_id");
$vGroup_id->required();
if ($request->validInArray('WikiPage', $vGroup_id)) {
$WikiPage = $request->get('WikiPage');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('WikiPage', $vTitle)) {
require_once 'common/rss/libs/SimplePie/simplepie.inc';
if (!is_dir($GLOBALS['codendi_cache_dir'] . '/WikiPage')) {
mkdir($GLOBALS['codendi_cache_dir'] . '/WikiPage');
}
$WikiPage_reader = new SimplePie($this->getFeedUrl($WikiPage['group_id']), $GLOBALS['codendi_cache_dir'] . '/WikiPage', null, $GLOBALS['sys_proxy']);
$WikiPage['title'] = $WikiPage_reader->get_title();
}
$sql = 'INSERT INTO widget_wikipage (owner_id, owner_type, title, group_id, wiki_page)
VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($WikiPage['title']) . "', '" . db_escape_string($WikiPage['group_id']) . "', '" . db_escape_string($WikiPage['wiki_page']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
