if ($itemObj->pagescount() > 0) {
if ($itemPageId == -1) {
$itemPageId = 0;
}
include_once $GLOBALS['xoops']->path('class/pagenav.php');
$pagenav = new XoopsPageNav($itemObj->pagescount(), 1, $itemPageId, 'page', 'itemid=' . $itemObj->itemId());
$xoopsTpl->assign('pagenav', $pagenav->renderNav());
}
// Creating the files object associated with this item
$file = array();
$files = array();
$embededFiles = array();
$filesObj = $itemObj->getFiles();
// check if user has permission to modify files
$hasFilePermissions = true;
if (!(publisherUserIsAdmin() || publisherUserIsModerator($itemObj))) {
$hasFilePermissions = false;
}
if (null !== $filesObj) {
foreach ($filesObj as $fileObj) {
$file = array();
$file['mod'] = false;
if ($hasFilePermissions || is_object($GLOBALS['xoopsUser']) && $fileObj->getVar('uid') == $GLOBALS['xoopsUser']->getVar('uid')) {
$file['mod'] = true;
}
if ($fileObj->mimetype() === 'application/x-shockwave-flash') {
$file['content'] = $fileObj->displayFlash();
if (strpos($item['maintext'], '[flash-' . $fileObj->getVar('fileid') . ']')) {
$item['maintext'] = str_replace('[flash-' . $fileObj->getVar('fileid') . ']', $file['content'], $item['maintext']);
} else {
$embededFiles[] = $file;
// exit();
}
if (!publisherUserIsAdmin() || !publisherUserIsModerator($itemObj)) {
if ('del' === XoopsRequest::getString('op', '', 'GET') && !$publisher->getConfig('perm_delete')) {
redirect_header('index.php', 1, _NOPERM);
// exit();
} elseif (!$publisher->getConfig('perm_edit')) {
redirect_header('index.php', 1, _NOPERM);
// exit();
}
}
$categoryObj = $itemObj->getCategory();
} else {
// we are submitting a new article
// if the user is not admin AND we don't allow user submission, exit
if (!(publisherUserIsAdmin() || $publisher->getConfig('perm_submit') == 1 && (is_object($GLOBALS['xoopsUser']) || $publisher->getConfig('perm_anon_submit') == 1))) {
redirect_header('index.php', 1, _NOPERM);
// exit();
}
$itemObj =& $publisher->getHandler('item')->create();
$categoryObj =& $publisher->getHandler('category')->create();
}
if ('clone' === XoopsRequest::getString('op', '', 'GET')) {
$formtitle = _MD_PUBLISHER_SUB_CLONE;
$itemObj->setNew();
$itemObj->setVar('itemid', 0);
} else {
$formtitle = _MD_PUBLISHER_SUB_SMNAME;
}
$op = '';
if (XoopsRequest::getString('additem', '', 'POST')) {
define('PUBLISHER_ROOT_PATH', $GLOBALS['xoops']->path('modules/' . PUBLISHER_DIRNAME));
define('PUBLISHER_AUTHOR_LOGOIMG', PUBLISHER_URL . '/assets/images/logo.png');
define('PUBLISHER_UPLOAD_URL', XOOPS_UPLOAD_URL . '/' . PUBLISHER_DIRNAME);
// WITHOUT Trailing slash
define('PUBLISHER_UPLOAD_PATH', XOOPS_UPLOAD_PATH . '/' . PUBLISHER_DIRNAME);
// WITHOUT Trailing slash
include_once PUBLISHER_ROOT_PATH . '/include/functions.php';
//include_once PUBLISHER_ROOT_PATH . '/include/constants.php';
include_once PUBLISHER_ROOT_PATH . '/include/seo_functions.php';
include_once PUBLISHER_ROOT_PATH . '/class/metagen.php';
include_once PUBLISHER_ROOT_PATH . '/class/session.php';
include_once PUBLISHER_ROOT_PATH . '/class/publisher.php';
//include_once PUBLISHER_ROOT_PATH . '/class/request.php';
// module information
$mod_copyright = "<a href='http://xoops.org' title='XOOPS Project' target='_blank'>\n <img src='" . PUBLISHER_AUTHOR_LOGOIMG . "' alt='XOOPS Project' /></a>";
xoops_loadLanguage('common', PUBLISHER_DIRNAME);
xoops_load('constants', PUBLISHER_DIRNAME);
xoops_load('utilities', PUBLISHER_DIRNAME);
xoops_load('XoopsRequest');
xoops_load('XoopsFilterInput');
$debug = false;
$publisher =& PublisherPublisher::getInstance($debug);
//This is needed or it will not work in blocks.
global $publisherIsAdmin;
// Load only if module is installed
if (is_object($publisher->getModule())) {
// Find if the user is admin of the module
$publisherIsAdmin = publisherUserIsAdmin();
// get current page
$publisherCurrentPage = publisherGetCurrentPage();
}
/**
* Checks if a user has access to a selected item. if no item permissions are
* set, access permission is denied. The user needs to have necessary category
* permission as well.
* Also, the item needs to be Published
*
* @return boolean : TRUE if the no errors occured
*/
public function accessGranted()
{
if (publisherUserIsAdmin()) {
return true;
}
if ($this->status() != PublisherConstants::PUBLISHER_STATUS_PUBLISHED) {
return false;
}
// Do we have access to the parent category
if ($this->publisher->getHandler('permission')->isGranted('category_read', $this->categoryid())) {
return true;
}
return false;
}
xoops_loadLanguage('admin', PUBLISHER_DIRNAME);
$op = XoopsRequest::getString('op', XoopsRequest::getString('op', '', 'GET'), 'POST');
$fileid = XoopsRequest::getInt('fileid', XoopsRequest::getInt('fileid', 0, 'GET'), 'POST');
if ($fileid == 0) {
redirect_header('index.php', 2, _MD_PUBLISHER_NOITEMSELECTED);
// exit();
}
$fileObj =& $publisher->getHandler('file')->get($fileid);
// if the selected item was not found, exit
if (!$fileObj) {
redirect_header('index.php', 1, _NOPERM);
// exit();
}
$itemObj =& $publisher->getHandler('item')->get($fileObj->getVar('itemid'));
// if the user does not have permission to modify this file, exit
if (!(publisherUserIsAdmin() || publisherUserIsModerator($itemObj) || is_object($GLOBALS['xoopsUser']) && $fileObj->getVar('uid') == $GLOBALS['xoopsUser']->getVar('uid'))) {
redirect_header('index.php', 1, _NOPERM);
// exit();
}
/* -- Available operations -- */
switch ($op) {
case 'default':
case 'mod':
include_once $GLOBALS['xoops']->path('header.php');
include_once $GLOBALS['xoops']->path('class/xoopsformloader.php');
// FILES UPLOAD FORM
$uploadForm = $fileObj->getForm();
$uploadForm->display();
break;
case 'modify':
$fileid = XoopsRequest::getInt('fileid', 0, 'POST');
