Esempio n. 1
0
 function submit_item($news, $smessages = false)
 {
     $tp = e107::getParser();
     $sql = e107::getDb();
     $admin_log = e107::getAdminLog();
     $pref = e107::getPref();
     $e_event = e107::getEvent();
     $e107cache = e107::getCache();
     $emessage = e107::getMessage();
     $error = false;
     if (empty($news['news_title'])) {
         $error = true;
         $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages);
         if (!empty($news['news_sef'])) {
             $news['news_sef'] = eHelper::secureSef($news['news_sef']);
         }
     } else {
         // first format sef...
         if (empty($news['news_sef'])) {
             $news['news_sef'] = eHelper::title2sef($news['news_title']);
         } else {
             $news['news_sef'] = eHelper::secureSef($news['news_sef']);
         }
     }
     // ...then check it
     if (empty($news['news_sef'])) {
         $error = true;
         $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages);
     } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) {
         $error = true;
         $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages);
     }
     if (empty($news['news_category'])) {
         $error = true;
         $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages);
     }
     $data = array();
     //DB Array
     $data['data']['news_title'] = $news['news_title'];
     $data['_FIELD_TYPES']['news_title'] = 'todb';
     $data['data']['news_sef'] = $news['news_sef'];
     $data['_FIELD_TYPES']['news_sef'] = 'todb';
     $data['data']['news_body'] = $news['news_body'];
     $data['_FIELD_TYPES']['news_body'] = 'todb';
     $data['data']['news_extended'] = $news['news_extended'];
     $data['_FIELD_TYPES']['news_extended'] = 'todb';
     $data['data']['news_datestamp'] = $news['news_datestamp'];
     $data['_FIELD_TYPES']['news_datestamp'] = 'int';
     $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID;
     $data['_FIELD_TYPES']['news_author'] = 'int';
     $data['data']['news_category'] = $news['news_category'];
     $data['_FIELD_TYPES']['news_category'] = 'int';
     $data['data']['news_allow_comments'] = $news['news_allow_comments'];
     $data['_FIELD_TYPES']['news_allow_comments'] = 'int';
     $data['data']['news_start'] = $news['news_start'];
     $data['_FIELD_TYPES']['news_start'] = 'int';
     $data['data']['news_end'] = $news['news_end'];
     $data['_FIELD_TYPES']['news_end'] = 'int';
     $data['data']['news_class'] = $news['news_class'];
     $data['_FIELD_TYPES']['news_class'] = 'todb';
     $data['data']['news_render_type'] = $news['news_render_type'];
     $data['_FIELD_TYPES']['news_render_type'] = 'todb';
     //news_comment_total
     $data['data']['news_summary'] = $news['news_summary'];
     $data['_FIELD_TYPES']['news_summary'] = 'todb';
     $data['data']['news_thumbnail'] = $news['news_thumbnail'];
     $data['_FIELD_TYPES']['news_thumbnail'] = 'todb';
     $data['data']['news_sticky'] = $news['news_sticky'];
     $data['_FIELD_TYPES']['news_sticky'] = 'int';
     $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']);
     $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb';
     $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']);
     //handle bbcodes
     $data['_FIELD_TYPES']['news_meta_description'] = 'todb';
     if ($error) {
         $data['error'] = true;
         return $data;
     }
     // Calculate short strings for admin logging - no need to clog up the log with potentially long items
     $logData = $data['data'];
     if (isset($logData['news_body'])) {
         $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...');
     }
     if (isset($logData['news_extended'])) {
         $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...');
     }
     //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me!
     if ($news['news_id']) {
         // Updating existing item
         $data['WHERE'] = 'news_id=' . intval($news['news_id']);
         //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' ";
         if ($sql->db_Update('news', $data)) {
             e107::getAdminLog()->logArrayAll('NEWS_09', $logData);
             $data['data']['news_id'] = $news['news_id'];
             e107::getEvent()->trigger('newsupd', $data['data']);
             e107::getEvent()->trigger('admin_news_updated', $data['data']);
             $message = LAN_UPDATED;
             $emessage->add(LAN_UPDATED, E_MESSAGE_SUCCESS, $smessages);
             e107::getCache()->clear('news.php');
             //FIXME - triggerHook should return array(message, message_type)
             $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item');
             $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages);
         } else {
             if ($sql->getLastErrorNumber()) {
                 $error = true;
                 $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages);
                 $message = "<strong>" . LAN_NEWS_5 . "</strong>";
             } else {
                 $data['data']['news_id'] = $news['news_id'];
                 $emessage->add(LAN_NO_CHANGE, E_MESSAGE_INFO, $smessages);
                 $message = "<strong>" . LAN_NO_CHANGE . "</strong>";
                 //FIXME - triggerHook should return array(message, message_type)
                 $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item');
                 $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages);
             }
         }
     } else {
         // Adding item
         $data['data']['news_id'] = $sql->db_Insert('news', $data);
         $news['news_id'] = $data['data']['news_id'];
         //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ")
         if ($data['data']['news_id']) {
             $data['news_id'] = $news['news_id'];
             $message = LAN_NEWS_6;
             $emessage->add(LAN_CREATED, E_MESSAGE_SUCCESS, $smessages);
             e107::getCache()->clear('news.php');
             //moved down - prevent wrong mysql_insert_id
             e107::getAdminLog()->logArrayAll('NEWS_08', $logData);
             e107::getEvent()->trigger('newspost', $data['data']);
             e107::getEvent()->trigger('admin_news_created', $data['data']);
             //XXX - triggerHook after trigger?
             $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item');
             $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages);
         } else {
             $error = true;
             $message = "<strong>" . LAN_NEWS_7 . "</strong>";
             $emessage->add(LAN_UPDATED, E_MESSAGE_ERROR, $smessages);
         }
     }
     //return $message;
     $data['message'] = $message;
     $data['error'] = $error;
     return $data;
 }
Esempio n. 2
0
File: page.php Progetto: armpit/e107
 function processViewPage()
 {
     if ($this->checkCache()) {
         return;
     }
     $sql = e107::getDb();
     $query = "SELECT p.*, u.user_id, u.user_name, user_login FROM #page AS p\n\t\tLEFT JOIN #user AS u ON p.page_author = u.user_id\n\t\tWHERE p.page_id=" . intval($this->pageID);
     // REMOVED AND p.page_class IN (".USERCLASS_LIST.") - permission check is done later
     if (!$sql->gen($query)) {
         header("HTTP/1.0 404 Not Found");
         //	exit;
         /*
         
         $ret['title'] = LAN_PAGE_12;			// ***** CHANGED
         $ret['sub_title'] = '';
         $ret['text'] = LAN_PAGE_3;
         $ret['comments'] = '';
         $ret['rating'] = '';
         $ret['np'] = '';
         $ret['err'] = TRUE;
         $ret['cachecontrol'] = false;
         */
         // ---------- New (to replace values above) ----
         $this->page['page_title'] = LAN_PAGE_12;
         // ***** CHANGED
         $this->page['sub_title'] = '';
         $this->page['page_text'] = LAN_PAGE_3;
         $this->page['comments'] = '';
         $this->page['rating'] = '';
         $this->page['np'] = '';
         $this->page['err'] = TRUE;
         $this->page['cachecontrol'] = false;
         // -------------------------------------
         $this->authorized = 'nf';
         $this->template = e107::getCoreTemplate('page', 'default');
         //	$this->batch = e107::getScBatch('page',null,'cpage')->setVars(new e_vars($ret))->setScVar('page', array()); ///Upgraded to setVars() array. (not using '$this->page')
         $this->batch = e107::getScBatch('page', null, 'cpage')->setVars($this->page);
         define("e_PAGETITLE", $this->page['page_title']);
         return;
     }
     $this->page = $sql->fetch();
     // setting override to true breaks default.
     $this->template = e107::getCoreTemplate('page', vartrue($this->page['page_template'], 'default'), true, true);
     if (!$this->template) {
         // switch to default
         $this->template = e107::getCoreTemplate('page', 'default', false, false);
     }
     if (empty($this->template)) {
         $this->template = e107::getCoreTemplate('page', 'default');
     }
     $this->batch = e107::getScBatch('page', null, 'cpage');
     $this->pageText = $this->page['page_text'];
     $this->pageCheckPerms($this->page['page_class'], $this->page['page_password'], $this->page['page_title']);
     if ($this->debug) {
         echo "<b>pageText</b> " . $this->pageText . " <br />";
     }
     $this->parsePage();
     $pagenav = $rating = $comments = '';
     if ($this->authorized === true) {
         $pagenav = $this->pageIndex();
         $rating = $this->pageRating($this->page['page_rating_flag']);
         $comments = $this->pageComment($this->page['page_comment_flag']);
     }
     /*
     $ret['title'] = $this->page['page_title'];
     $ret['sub_title'] = $this->title;
             $ret['text'] = $this->pageToRender;
     $ret['np'] = $pagenav;
     $ret['rating'] = $rating;
     $ret['comments'] = $comments;
     $ret['err'] = FALSE;
     $ret['cachecontrol'] = (isset($this->page['page_password']) && !$this->page['page_password'] && $this->authorized === true);		// Don't cache password protected pages
     */
     //	$this->batch->setVars(new e_vars($ret))->setScVar('page', $this->page); // Removed in favour of $this->var (cross-compatible with menus and other parts of e107 that use the same shortcodes)
     // ---- New --- -
     $this->page['page_text'] = $this->pageToRender;
     $this->page['np'] = $pagenav;
     $this->page['rating'] = $rating;
     $this->page['comments'] = $comments;
     $this->page['err'] = FALSE;
     $this->page['cachecontrol'] = isset($this->page['page_password']) && !$this->page['page_password'] && $this->authorized === true;
     // -----------------
     $this->batch->setVars($this->page);
     define('e_PAGETITLE', eHelper::formatMetaTitle($this->page['page_title']));
     if ($this->page['page_metadscr']) {
         define('META_DESCRIPTION', eHelper::formatMetaDescription($this->page['page_metadscr']));
     }
     if ($this->page['page_metakeys']) {
         define('META_KEYWORDS', eHelper::formatMetaKeys($this->page['page_metakeys']));
     }
     $tp = e107::getParser();
     if ($tp->isImage($this->page['menu_image'])) {
         $mimg = $tp->thumbUrl($this->page['menu_image'], 'w=800', false, true);
         e107::meta('og:image', $mimg);
     }
     //return $ret;
 }
Esempio n. 3
0
 function submitPage($mode = FALSE, $type = FALSE)
 {
     global $e107cache, $admin_log, $e_event;
     $frm = e107::getForm();
     $sql = e107::getDb();
     $tp = e107::getParser();
     $ns = e107::getRender();
     $mes = e107::getMessage();
     $page_title = $tp->toDB($_POST['page_title']);
     //		print_a($_POST);
     //		if(is_array($_POST['data']) && is_array($_POST['subtitle']))
     $newData = array();
     foreach ($_POST as $k => $v) {
         if (substr($k, 0, 4) == 'data' && trim($v) != '') {
             list($tm, $key) = explode("_", $k);
             if ($mode == FALSE) {
                 $newData[] = "[newpage=" . $_POST['page_subtitle'][$key] . "]\n";
             }
             $newData[] = $v;
         }
         // return;
     }
     //	return;
     $newData = implode("\n\n", $newData);
     // echo nl2br($newData);
     $page_text = $tp->toDB($newData);
     $pauthor = $_POST['page_display_authordate_flag'] ? USERID : 0;
     // Ideally, this check should be done in the front-end.
     $update = 0;
     // Make sure some updates happen
     $page_sef = '';
     $page_metad = '';
     $page_metak = '';
     if (!$type) {
         if (!empty($_POST['page_sef'])) {
             $page_sef = eHelper::secureSef($_POST['page_sef']);
         }
         if (empty($page_sef)) {
             $page_sef = eHelper::title2sef($_POST['page_title']);
         }
         if (!empty($_POST['page_metadscr'])) {
             $page_metad = $tp->toDB(eHelper::formatMetaDescription($_POST['page_metadscr']));
         }
         if (!empty($_POST['page_metakeys'])) {
             $page_metak = eHelper::formatMetaKeys($_POST['page_metakeys']);
         }
     }
     if (!$type && (!$page_title || !$page_sef)) {
         e107::getMessage()->addError(CUSLAN_34, 'default', true);
         e107::getRedirect()->redirect(e_ADMIN_ABS . 'cpage.php');
     }
     // FIXME Causes false positives on Update.. - what is trying to be achieved with this check?
     /*
     if(!$type && $sql->db_Count('page', '(page_id)', ($mode ? "page_id != {$mode} AND " : '')."page_sef != '{$page_sef}'"))
     {
     	e107::getMessage()->addError(CUSLAN_34, 'default', true);
     	
     	e107::getMessage()->addDebug("type=".$type, 'default', true);
     	e107::getMessage()->addDebug("page_title=".$page_title, 'default', true);
     	e107::getMessage()->addDebug("page_sef=".$page_sef, 'default', true);
     	e107::getMessage()->addDebug("Mode=".$mode, 'default', true);					
     	
     	e107::getRedirect()->redirect(e_ADMIN_ABS.'cpage.php');
     }
     */
     if ($type && empty($_POST['menu_name'])) {
         e107::getMessage()->addError(CUSLAN_36, 'default', true);
         e107::getRedirect()->redirect(e_ADMIN_ABS . 'cpage.php');
     }
     if ($mode) {
         // Saving existing page/menu after edit
         // Don't think $_POST['page_ip_restrict'] is ever set.
         $menuname = $type && vartrue($_POST['menu_name']) ? ", page_theme = '" . $tp->toDB($_POST['menu_name']) . "'" : "";
         $status = $sql->db_Update("page", "page_title='{$page_title}', page_sef='{$page_sef}', page_chapter='" . intval($_POST['page_chapter']) . "', page_metakeys='{$page_metak}', page_metadscr='{$page_metad}', page_text='{$page_text}', page_datestamp='" . time() . "', page_author='{$pauthor}', page_rating_flag='" . intval($_POST['page_rating_flag']) . "', page_comment_flag='" . intval($_POST['page_comment_flag']) . "', page_password='******'page_password'] . "', page_class='" . $_POST['page_class'] . "', page_ip_restrict='" . varset($_POST['page_ip_restrict'], '') . "', page_template='" . $_POST['page_template'] . "' {$menuname} WHERE page_id='{$mode}'") ? E_MESSAGE_SUCCESS : E_MESSAGE_ERROR;
         if ($status == E_MESSAGE_SUCCESS) {
             $update++;
         }
         $mes->add($message, $status);
         $admin_log->log_event('CPAGE_02', $mode . '[!br!]' . $page_title . '[!br!]' . $pauthor, E_LOG_INFORMATIVE, '');
         $e107cache->clear("page_{$mode}");
         $e107cache->clear("page-t_{$mode}");
         $data = array('method' => 'update', 'table' => 'page', 'id' => $mode, 'plugin' => 'page', 'function' => 'submitPage');
         $this->message = $e_event->triggerHook($data);
         if ($type) {
             $menu_name = $tp->toDB($_POST['menu_name']);
             // not to be confused with menu-caption.
             // Need to check whether menu already in table, else we can't distinguish between a failed update and no update needed
             if ($sql->db_Select('menus', 'menu_name', "`menu_path` = '{$mode}'")) {
                 // Updating existing entry
                 if ($sql->db_Update('menus', "menu_name='{$menu_name}' WHERE menu_path='{$mode}' ") !== FALSE) {
                     $update++;
                 }
             }
         }
         //$url = e107::getUrl()->sc('page/view', array('name' => $tp->post_toForm($_POST['page_title']), 'id' => $mode));
         /*
         				 
         				// Prevent links being updated in another language unless the table is present. 
         			if((($pref['sitelanguage'] != $sql->mySQLlanguage) && ($sql->mySQLlanguage!='')) && ($sql->db_IsLang("links")=='links'))
         			{
         				//echo "DISABLED LINK CREATION";
         				//echo ' Sitelan='.$pref['sitelanguage'];
         				//echo " Dblang=".$sql->mySQLlanguage;
         				//echo " Links=".$sql->db_IsLang("links");
         			
         				return;	
         			}
         				 
         				 
         				 
         				if ($_POST['page_link'])
         				{
         					// FIXME extremely ugly, just join on created link ID by new field page_link 
         					if ($sql->db_Select("links", "link_id", "link_url='".$url."' && link_name!='".$tp->toDB($_POST['page_link'])."'"))
         					{
         						$sql->db_Update("links", "link_name='".$tp->toDB($_POST['page_link'])."' WHERE link_url='".$url."'");
         						$update++;
         						$e107cache->clear("sitelinks");
         					}
         					else if (!$sql->db_Select("links", "link_id", "link_url='".$url."'"))
         					{
         						$sql->db_Insert("links", "0, '".$tp->toDB($_POST['page_link'])."', '".$url."', '', '', 1, 0, 0, 0, ".$_POST['page_class']);
         						$update++;
         						$e107cache->clear("sitelinks");
         					}
         				} else {
         					if ($sql->db_Select("links", "link_id", "link_url='".$url."'"))
         					{
         						$sql->db_Delete("links", "link_url='".$url."'");
         						$update++;
         						$e107cache->clear("sitelinks");
         					}
         				}*/
         $mes = e107::getMessage();
         $mes->autoMessage($update, 'update', LAN_UPDATED, false, false);
         // Display result of update
     } else {
         // New page/menu
         $menuname = $type ? $tp->toDB($_POST['menu_name']) : "";
         $addMsg = $type ? CUSLAN_51 : CUSLAN_27;
         $info = array('page_title' => $page_title, 'page_sef' => $page_sef, 'page_chapter' => varset($_POST['page_chapter'], 0), 'page_metakeys' => $page_metak, 'page_metadscr' => $page_metad, 'page_text' => $page_text, 'page_author' => $pauthor, 'page_datestamp' => time(), 'page_rating_flag' => varset($_POST['page_rating_flag'], 0), 'page_comment_flag' => varset($_POST['page_comment_flag'], ''), 'page_password' => varset($_POST['page_password'], ''), 'page_class' => varset($_POST['page_class'], e_UC_PUBLIC), 'page_ip_restrict' => '', 'page_theme' => $menuname, 'page_template' => varset($_POST['page_template'], ''));
         $pid = e107::getMessage()->autoMessage($sql->db_Insert('page', $info), 'insert', $addMsg, LAN_CREATED_FAILED, false);
         $admin_log->log_event('CPAGE_01', $menuname . '[!br!]' . $page_title . '[!br!]' . $pauthor, E_LOG_INFORMATIVE, '');
         if ($type) {
             $info = array('menu_name' => $menuname, 'menu_location' => 0, 'menu_order' => 0, 'menu_class' => '0', 'menu_pages' => '', 'menu_path' => $pid);
             e107::getMessage()->autoMessage($sql->db_Insert('menus', $info), 'insert', CUSLAN_52, LAN_CREATED_FAILED, false);
         }
         /*if(vartrue($_POST['page_link']))
         		{
         			//$link = 'page.php?'.$pid;
         			$url = e107::getUrl()->sc('page/view', array('name' => $tp->post_toForm($_POST['page_title']), 'id' => $pid));
         			if (!$sql->db_Select("links", "link_id", "link_name='".$tp->toDB($_POST['page_link'])."'"))
         			{
         				$linkname = $tp->toDB($_POST['page_link']);
         				$sql->db_Insert("links", "0, '{$linkname}', '{$url}', '', '', 1, 0, 0, 0, ".$_POST['page_class']);
         				$e107cache->clear("sitelinks");
         			}
         		}*/
         $data = array('method' => 'create', 'table' => 'page', 'id' => $pid, 'plugin' => 'page', 'function' => 'submitPage');
         $this->message = $e_event->triggerHook($data);
     }
 }
Esempio n. 4
0
 function preCreate()
 {
     if ($_GET['action'] == "edit" && !$_POST['preview']) {
         if (!isset($_POST['submit_news'])) {
             if (e107::getDb()->select('news', '*', 'news_id=' . intval($_GET['id']))) {
                 $row = e107::getDb()->fetch();
                 //		$this->noPermissions();
                 $_POST['news_title'] = $row['news_title'];
                 $_POST['news_sef'] = $row['news_sef'];
                 $_POST['news_body'] = $row['news_body'];
                 $_POST['news_author'] = $row['news_author'];
                 $_POST['news_extended'] = $row['news_extended'];
                 $_POST['news_allow_comments'] = $row['news_allow_comments'];
                 $_POST['news_class'] = $row['news_class'];
                 $_POST['news_summary'] = $row['news_summary'];
                 $_POST['news_sticky'] = $row['news_sticky'];
                 $_POST['news_datestamp'] = $_POST['news_datestamp'] ? $_POST['news_datestamp'] : $row['news_datestamp'];
                 $_POST['cat_id'] = $row['news_category'];
                 $_POST['news_start'] = $row['news_start'];
                 $_POST['news_end'] = $row['news_end'];
                 $_POST['comment_total'] = e107::getDb()->db_Count("comments", "(*)", " WHERE comment_item_id={$row['news_id']} AND comment_type='0'");
                 $_POST['news_render_type'] = $row['news_render_type'];
                 $_POST['news_thumbnail'] = $row['news_thumbnail'];
                 $_POST['news_meta_keywords'] = $row['news_meta_keywords'];
                 $_POST['news_meta_description'] = $row['news_meta_description'];
             }
         } else {
             if (!empty($_POST['news_meta_keywords'])) {
                 $_POST['news_meta_keywords'] = eHelper::formatMetaKeys($_POST['news_meta_keywords']);
             }
         }
     }
 }
Esempio n. 5
0
 function submit_item($news, $smessages = false)
 {
     $tp = e107::getParser();
     $sql = e107::getDb();
     $admin_log = e107::getAdminLog();
     $pref = e107::getPref();
     $e_event = e107::getEvent();
     $e107cache = e107::getCache();
     $emessage = e107::getMessage();
     $error = false;
     if (empty($news['news_title'])) {
         $error = true;
         $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages);
         if (!empty($news['news_sef'])) {
             $news['news_sef'] = eHelper::secureSef($news['news_sef']);
         }
     } else {
         // first format sef...
         if (empty($news['news_sef'])) {
             $news['news_sef'] = eHelper::title2sef($news['news_title']);
         } else {
             $news['news_sef'] = eHelper::secureSef($news['news_sef']);
         }
     }
     // ...then check it
     if (empty($news['news_sef'])) {
         $error = true;
         $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages);
     } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) {
         $error = true;
         $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages);
     }
     if (empty($news['news_category'])) {
         $error = true;
         $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages);
     }
     $data = array();
     //DB Array
     $data['data']['news_title'] = $news['news_title'];
     $data['_FIELD_TYPES']['news_title'] = 'todb';
     $data['data']['news_sef'] = $news['news_sef'];
     $data['_FIELD_TYPES']['news_sef'] = 'todb';
     $data['data']['news_body'] = $news['news_body'];
     $data['_FIELD_TYPES']['news_body'] = 'todb';
     $data['data']['news_extended'] = $news['news_extended'];
     $data['_FIELD_TYPES']['news_extended'] = 'todb';
     $data['data']['news_datestamp'] = $news['news_datestamp'];
     $data['_FIELD_TYPES']['news_datestamp'] = 'int';
     $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID;
     $data['_FIELD_TYPES']['news_author'] = 'int';
     $data['data']['news_category'] = $news['news_category'];
     $data['_FIELD_TYPES']['news_category'] = 'int';
     $data['data']['news_allow_comments'] = $news['news_allow_comments'];
     $data['_FIELD_TYPES']['news_allow_comments'] = 'int';
     $data['data']['news_start'] = $news['news_start'];
     $data['_FIELD_TYPES']['news_start'] = 'int';
     $data['data']['news_end'] = $news['news_end'];
     $data['_FIELD_TYPES']['news_end'] = 'int';
     $data['data']['news_class'] = $news['news_class'];
     $data['_FIELD_TYPES']['news_class'] = 'todb';
     $data['data']['news_render_type'] = $news['news_render_type'];
     $data['_FIELD_TYPES']['news_render_type'] = 'todb';
     //news_comment_total
     $data['data']['news_summary'] = $news['news_summary'];
     $data['_FIELD_TYPES']['news_summary'] = 'todb';
     $data['data']['news_thumbnail'] = $news['news_thumbnail'];
     $data['_FIELD_TYPES']['news_thumbnail'] = 'todb';
     $data['data']['news_sticky'] = $news['news_sticky'];
     $data['_FIELD_TYPES']['news_sticky'] = 'int';
     $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']);
     $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb';
     $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']);
     //handle bbcodes
     $data['_FIELD_TYPES']['news_meta_description'] = 'todb';
     if ($error) {
         $data['error'] = true;
         return $data;
     }
     // Calculate short strings for admin logging - no need to clog up the log with potentially long items
     $logData = $data['data'];
     if (isset($logData['news_body'])) {
         $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...');
     }
     if (isset($logData['news_extended'])) {
         $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...');
     }
     //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me!
     if ($news['news_id']) {
         // Updating existing item
         $data['WHERE'] = 'news_id=' . intval($news['news_id']);
         //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' ";
         if ($sql->db_Update('news', $data)) {
             e107::getAdminLog()->logArrayAll('NEWS_09', $logData);
             $data['data']['news_id'] = $news['news_id'];
             e107::getEvent()->trigger('newsupd', $data['data']);
             $message = LAN_NEWS_21;
             $emessage->add(LAN_NEWS_21, E_MESSAGE_SUCCESS, $smessages);
             e107::getCache()->clear('news.php');
             //FIXME - triggerHook should return array(message, message_type)
             $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item');
             $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages);
         } else {
             if ($sql->getLastErrorNumber()) {
                 $error = true;
                 $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages);
                 $message = "<strong>" . LAN_NEWS_5 . "</strong>";
             } else {
                 $data['data']['news_id'] = $news['news_id'];
                 $emessage->add(LAN_NEWS_46, E_MESSAGE_INFO, $smessages);
                 $message = "<strong>" . LAN_NEWS_46 . "</strong>";
                 //FIXME - triggerHook should return array(message, message_type)
                 $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item');
                 $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages);
             }
         }
     } else {
         // Adding item
         $data['data']['news_id'] = $sql->db_Insert('news', $data);
         $news['news_id'] = $data['data']['news_id'];
         //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ")
         if ($data['data']['news_id']) {
             $data['news_id'] = $news['news_id'];
             $message = LAN_NEWS_6;
             $emessage->add(LAN_NEWS_6, E_MESSAGE_SUCCESS, $smessages);
             e107::getCache()->clear('news.php');
             //moved down - prevent wrong mysql_insert_id
             e107::getAdminLog()->logArrayAll('NEWS_08', $logData);
             e107::getEvent()->trigger('newspost', $data['data']);
             //XXX - triggerHook after trigger?
             $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item');
             $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages);
         } else {
             $error = true;
             $message = "<strong>" . LAN_NEWS_7 . "</strong>";
             $emessage->add(LAN_NEWS_7, E_MESSAGE_ERROR, $smessages);
         }
     }
     /* FIXME - trackback should be hooked!	*/
     if ($news['news_id'] && $pref['trackbackEnabled']) {
         $excerpt = e107::getParser()->text_truncate(strip_tags(e107::getParser()->post_toHTML($news['news_body'])), 100, '...');
         //			$id=mysql_insert_id();
         $permLink = $e107->base_path . "comment.php?comment.news." . intval($news['news_id']);
         require_once e_PLUGIN . "trackback/trackbackClass.php";
         $trackback = new trackbackClass();
         if ($_POST['trackback_urls']) {
             $urlArray = explode("\n", $_POST['trackback_urls']);
             foreach ($urlArray as $pingurl) {
                 if (!($terror = $trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt))) {
                     $message .= "<br />successfully pinged {$pingurl}.";
                     $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages);
                 } else {
                     $message .= "<br />was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]";
                     $emessage->add("was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]", E_MESSAGE_ERROR, $smessages);
                 }
             }
         }
         if (isset($_POST['pingback_urls'])) {
             if ($urlArray = $trackback->getPingUrls($news['news_body'])) {
                 foreach ($urlArray as $pingurl) {
                     if ($trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt)) {
                         $message .= "<br />successfully pinged {$pingurl}.";
                         $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages);
                     } else {
                         $message .= "Pingback to {$pingurl} failed ...";
                         $emessage->add("Pingback to {$pingurl} failed ...", E_MESSAGE_ERROR, $smessages);
                     }
                 }
             } else {
                 $message .= "<br />No pingback addresses were discovered";
                 $emessage->add("No pingback addresses were discovered", E_MESSAGE_INFO, $smessages);
             }
         }
     }
     /* end trackback */
     //return $message;
     $data['message'] = $message;
     $data['error'] = $error;
     return $data;
 }
Esempio n. 6
0
 function _observe_create_category()
 {
     if (!getperms('0|7')) {
         $this->noPermissions();
     }
     //FIXME - lan, e_model based news administration model
     $this->error = false;
     if (empty($_POST['category_name'])) {
         $this->show_message('Validation Error: Missing Category name', E_MESSAGE_ERROR);
         $this->error = true;
         if (!empty($_POST['category_sef'])) {
             $_POST['category_sef'] = eHelper::secureSef($_POST['category_sef']);
         }
     } else {
         // first format sef...
         if (empty($_POST['category_sef'])) {
             $_POST['category_sef'] = eHelper::title2sef($_POST['category_name']);
         } else {
             $_POST['category_sef'] = eHelper::secureSef($_POST['category_sef']);
         }
     }
     // ...then check it
     if (empty($_POST['category_sef'])) {
         $this->error = true;
         $this->show_message('Validation error: News Category SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR);
     } elseif (e107::getDb()->db_Count('news_category', '(category_id)', "category_sef='" . e107::getParser()->toDB($_POST['category_sef']) . "'")) {
         $this->error = true;
         $this->show_message('Validation error: News Category SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR);
     }
     if (!$this->error) {
         $inserta = array();
         $inserta['data']['category_icon'] = $_POST['category_icon'];
         $inserta['_FIELD_TYPES']['category_icon'] = 'todb';
         $inserta['data']['category_name'] = $_POST['category_name'];
         $inserta['_FIELD_TYPES']['category_name'] = 'todb';
         $inserta['data']['category_sef'] = $_POST['category_sef'];
         $inserta['_FIELD_TYPES']['category_sef'] = 'todb';
         $inserta['data']['category_meta_description'] = eHelper::formatMetaDescription($_POST['category_meta_description']);
         $inserta['_FIELD_TYPES']['category_meta_description'] = 'todb';
         $inserta['data']['category_meta_keywords'] = eHelper::formatMetaKeys($_POST['category_meta_keywords']);
         $inserta['_FIELD_TYPES']['category_meta_keywords'] = 'todb';
         $inserta['data']['category_manager'] = $_POST['category_manager'];
         $inserta['_FIELD_TYPES']['category_manager'] = 'int';
         $inserta['data']['category_order'] = $_POST['category_order'];
         $inserta['_FIELD_TYPES']['category_order'] = 'int';
         $id = e107::getDb()->db_Insert('news_category', $inserta);
         if ($id) {
             $inserta['data']['category_id'] = $id;
             //admin log now supports DB array and method chaining
             e107::getAdminLog()->log_event('NEWS_04', $inserta, E_LOG_INFORMATIVE, '');
             $this->show_message(NWSLAN_35, E_MESSAGE_SUCCESS);
             $this->clear_cache();
             //TODO - add to WIKI docs
             e107::getEvent()->trigger("newscatpost", array_merge($inserta['data'], $rwinserta['data']));
         } else {
             //debug + error message
             if (e107::getDb()->getLastErrorNumber()) {
                 $this->error = true;
                 $this->show_message('mySQL Error detected!', E_MESSAGE_ERROR);
                 eMessage::getInstance()->addS('mySQL error #' . e107::getDb()->getLastErrorNumber() . ': ' . e107::getDb()->getLastErrorText(), E_MESSAGE_DEBUG);
             }
         }
     }
 }