function exponent_core_incrementLocationReference($loc, $section) { global $db; $newLocRef = $db->selectObject("locationref", "module='" . $loc->mod . "' AND source='" . $loc->src . "' AND internal='" . $loc->int . "'"); $is_new = false; // For the is_original sectionref attribute if ($newLocRef != null) { // Pulled an existing source. Update refcount $newLocRef->refcount += 1; $db->updateObject($newLocRef, "locationref", "module='" . $loc->mod . "' AND source='" . $loc->src . "' AND internal='" . $loc->int . "'"); } else { $is_new = true; // New source. Populate reference $newLocRef->module = $loc->mod; $newLocRef->source = $loc->src; $newLocRef->internal = $loc->int; $newLocRef->refcount = 1; $db->insertObject($newLocRef, "locationref"); // Go ahead and assign permissions on contained module. $perms = call_user_func(array($loc->mod, "permissions")); global $user; foreach (array_keys($perms) as $perm) { exponent_permissions_grant($user, $perm, $loc); } exponent_permissions_triggerSingleRefresh($user); } $newSecRef = $db->selectObject("sectionref", "module='" . $loc->mod . "' AND source='" . $loc->src . "' AND internal='" . $loc->int . "' AND section={$section}"); if ($newSecRef != null) { // Pulled an existing source for this section. Update refcount $newSecRef->refcount += 1; $db->updateObject($newSecRef, "sectionref", "module='" . $loc->mod . "' AND source='" . $loc->src . "' AND internal='" . $loc->int . "' AND section={$section}"); } else { // New source for this section. Populate reference $newSecRef->module = $loc->mod; $newSecRef->source = $loc->src; $newSecRef->internal = $loc->int; $newSecRef->section = $section; $newSecRef->refcount = 1; $newSecRef->is_original = $is_new ? 1 : 0; $db->insertObject($newSecRef, "sectionref"); } }
$resource->location_data = serialize($loc); if (!isset($resource->id)) { $resource->rank = intval($_POST['rank']); $db->increment('resourceitem', 'rank', 1, "location_data='" . serialize($loc) . "' AND rank >= " . $resource->rank); } if (!isset($resource->file_id)) { $directory = 'files/resourcesmodule/' . $loc->src; $file = file::update('file', $directory, null, time() . '_' . $_FILES['file']['name']); if (is_object($file)) { $resource->file_id = $db->insertObject($file, 'file'); $id = $db->insertObject($resource, 'resourceitem'); // Assign new perms on loc $iloc = exponent_core_makeLocation($loc->mod, $loc->src, $id); exponent_permissions_grant($user, 'edit', $iloc); exponent_permissions_grant($user, 'delete', $iloc); exponent_permissions_grant($user, 'administrate', $iloc); exponent_permissions_triggerSingleRefresh($user); if (!defined('SYS_WORKFLOW')) { include_once BASE . 'subsystems/workflow.php'; } $resource->id = $id; $resource->poster = $user->id; $resource->posted = time(); exponent_workflow_post($resource, 'resourceitem', $loc); unset($_SESSION['resource_cache']); } else { // If file::update() returns a non-object, it should be a string. That string is the error message. $post = $_POST; $post['_formError'] = $file; exponent_sessions_set('last_POST', $post); unset($_SESSION['resource_cache']);
$post->editor = $user->id; $post->edited = time(); } $db->updateObject($post, 'weblog_post'); } else { if ($newpost < 1) { if ($db->countObjects('weblog_post', "internal_name='" . $post->internal_name . "'")) { $_POST['_formError'] = 'That Internal Name is already in use. Please choose another.'; unset($_POST['internal_name']); exponent_sessions_set('last_POST', $_POST); header('Location: ' . $_SERVER['HTTP_REFERER']); exit(''); } } $post->poster = $user->id; $post->posted = time(); $post->id = $db->insertObject($post, 'weblog_post'); $iloc = exponent_core_makeLocation($loc->mod, $loc->src, $post->id); // New, so asign full perms. exponent_permissions_grant($user, 'edit', $iloc); exponent_permissions_grant($user, 'delete', $iloc); exponent_permissions_grant($user, 'comment', $iloc); exponent_permissions_grant($user, 'edit_comments', $iloc); exponent_permissions_grant($user, 'delete_comments', $iloc); exponent_permissions_grant($user, 'view_private', $iloc); exponent_permissions_triggerSingleRefresh($user); } exponent_flow_redirect(); } else { echo SITE_403_HTML; }
# General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } if (exponent_permissions_check('administrate', $loc)) { $users = explode(';', $_POST['permdata']); if (!defined('SYS_USERS')) { include_once BASE . 'subsystems/users.php'; } foreach ($users as $user_str) { $perms = explode(':', $user_str); $u = exponent_users_getUserById($perms[0]); exponent_permissions_revokeAll($u, $loc); for ($i = 1; $i < count($perms); $i++) { exponent_permissions_grant($u, $perms[$i], $loc); } if ($perms[0] == $user->id) { exponent_permissions_load($user); } } exponent_permissions_triggerRefresh(); exponent_flow_redirect(); } else { echo SITE_403_HTML; }