function tags_insert_string($link, $lang, $string, $date = 0)
{
global $db;
if (!is_numeric($link)) {
die;
}
$string = tags_normalize_string($string);
if ($date == 0) {
$date = time();
}
$words = preg_split('/[,;]+/', $string);
if ($words) {
$db->query("delete from " . table_tags . " where tag_link_id = {$link}");
foreach ($words as $word) {
$word = trim($word);
if (!$inserted[$word] && !empty($word)) {
$db->query("insert IGNORE into " . table_tags . " (tag_link_id, tag_lang, tag_words, tag_date) values ({$link}, '{$lang}', '{$word}', from_unixtime({$date}))");
$inserted[$word] = true;
}
}
$db->query("TRUNCATE TABLE " . table_tag_cache);
$db->query($sql = "INSERT INTO " . table_tag_cache . " select tag_words, count(DISTINCT link_id) as count FROM " . table_tags . ", " . table_links . " WHERE tag_lang='en' and link_id = tag_link_id and (link_status='published' OR link_status='new') GROUP BY tag_words order by count desc");
return true;
}
return false;
}
function tags_insert_string($link, $lang, $string, $date = 0)
{
global $db;
if (!is_numeric($link)) {
die;
}
$string = tags_normalize_string($string);
if ($date == 0) {
$date = time();
}
$words = preg_split('/[,;]+/', $string);
if ($words) {
$db->query("delete from " . table_tags . " where tag_link_id = {$link}");
foreach ($words as $word) {
$word = trim($word);
if (!$inserted[$word] && !empty($word)) {
$db->query("insert into " . table_tags . " (tag_link_id, tag_lang, tag_words, tag_date) values ({$link}, '{$lang}', '{$word}', from_unixtime({$date}))");
$inserted[$word] = true;
}
}
$db->query("DELETE FROM " . table_tag_cache);
return true;
}
return false;
}
function tags_insert_string($link, $lang, $string, $date = 0) {
global $db;
$string = tags_normalize_string($string);
if ($date == 0) $date=time();
$words = preg_split('/[,;]+/', $string);
if ($words) {
$db->query("delete from tags where tag_link_id = $link");
foreach ($words as $word) {
$word=trim($word);
if (!$inserted[$word] && !empty($word)) {
$db->query("insert into tags (tag_link_id, tag_lang, tag_words, tag_date) values ($link, '$lang', '$word', from_unixtime($date))");
$inserted[$word] = true;
}
}
return true;
}
return false;
}
function tags_insert_string($link, $lang, $string, $date = 0)
{
global $db;
$string = tags_normalize_string($string);
if ($date == 0) {
$date = time();
}
$words = preg_split('/[,]+/', $string);
if ($words) {
$db->query("delete from tags where tag_link_id = {$link}");
foreach ($words as $word) {
$word = $db->escape(trim($word));
if (mb_strlen($word) >= 2 && !$inserted[$word] && !empty($word)) {
$db->query("insert into tags (tag_link_id, tag_lang, tag_words, tag_date) values ({$link}, '{$lang}', '{$word}', from_unixtime({$date}))");
$inserted[$word] = true;
}
}
return true;
}
return false;
}
function do_save() {
global $linkres, $dblang;
$linkres->category=$_POST['category'];
if (!empty($_POST['url'])) {
$linkres->url = trim($_POST['url']);
}
$linkres->title = stripslashes(clean_text($_POST['title']));
$linkres->content = stripslashes(clean_text($_POST['bodytext']));
$linkres->tags = tags_normalize_string(stripslashes(clean_text($_POST['tags'])));
// change the status
if ($linkres->status != 'published' && ($_POST['status'] == 'queued' || $_POST['status'] == 'discard')) {
$linkres->status = $_POST['status'];
}
if (!link_edit_errors($linkres)) {
$linkres->store();
tags_insert_string($linkres->id, $dblang, $linkres->tags, $linkres->date);
echo '<div class="form-error-submit"> '._("noticia actualizada").'</div>'."\n";
} else {
$linkres->read();
}
echo '<div class="formnotice">'."\n";
$linkres->print_summary('preview');
echo '</div>'."\n";
echo '<form id="genericform" method="GET" action="story.php" >';
echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n";
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="'._('« modificar').'"> '."\n";;
echo '<input class="genericsubmit" type="submit" value="'._('ir a la noticia').'" />'."\n";
echo '</form>'. "\n";
}
function do_save()
{
global $linkres, $dblang, $current_user;
$linkres->read_content_type_buttons($_POST['type']);
$linkres->category = intval($_POST['category']);
if (!empty($_POST['url']) && ($current_user->user_level == 'admin' || $current_user->user_level == 'god')) {
$linkres->url = clean_input_url($_POST['url']);
}
$linkres->title = clean_text($_POST['title'], 40);
$linkres->content = clean_text($_POST['bodytext']);
$linkres->tags = tags_normalize_string($_POST['tags']);
// change the status
if (($current_user->user_level == 'god' || $linkres->status != 'published') && ($_POST['status'] == 'queued' || $_POST['status'] == 'discard' || $_POST['status'] == 'abuse' || $_POST['status'] == 'autodiscard')) {
if (!$linkres->is_discarded() && ($_POST['status'] == 'discard' || $_POST['status'] == 'abuse' || $_POST['status'] == 'autodiscard')) {
// Insert a log entry if the link has been manually discarded
$insert_discard_log = true;
}
$linkres->status = $_POST['status'];
}
if (!link_edit_errors($linkres)) {
if (empty($linkres->uri)) {
$linkres->get_uri();
}
$linkres->store();
tags_insert_string($linkres->id, $dblang, $linkres->tags, $linkres->date);
// Insert edit log/event
require_once mnminclude . 'log.php';
if ($insert_discard_log) {
// Insert always a link and discard event if the status has been changed to discard
log_insert('link_discard', $linkres->id, $current_user->user_id);
log_insert('link_edit', $linkres->id, $current_user->user_id);
} else {
log_conditional_insert('link_edit', $linkres->id, $current_user->user_id, 60);
}
echo '<div class="form-error-submit"> ' . _("noticia actualizada") . '</div>' . "\n";
}
$linkres->read();
echo '<div class="formnotice">' . "\n";
$linkres->print_summary('preview');
echo '</div>' . "\n";
echo '<form id="genericform" method="GET" action="story.php" >';
echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n";
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« modificar') . '"> ' . "\n";
echo '<input class="genericsubmit" type="submit" value="' . _('ir a la noticia') . '" />' . "\n";
echo '</form>' . "\n";
}
function do_submit2()
{
global $db, $dblang;
$linkres = new Link();
$linkres->id = $link_id = intval($_POST['id']);
$linkres->read();
$linkres->category = intval($_POST['category']);
$linkres->title = clean_text($_POST['title'], 40);
$linkres->tags = tags_normalize_string(clean_text($_POST['tags']));
$linkres->content = clean_text($_POST['bodytext']);
if (link_errors($linkres)) {
echo '<form id="genericform">' . "\n";
echo '<p><input class="genericsubmit" type=button onclick="window.history.go(-1)" value="' . _('« retroceder') . '"></p>' . "\n";
echo '</form>' . "\n";
echo '</div>' . "\n";
// opened in print_form_submit_error
return;
}
$linkres->store();
tags_insert_string($linkres->id, $dblang, $linkres->tags);
$linkres->read();
$edit = true;
$link_title = $linkres->title;
$link_content = $linkres->content;
do_navbar(_('enviar noticia ') . '»' . _(' paso 3: control final'));
echo '<div id="genericform-contents">' . "\n";
echo '<h2>' . _('envío de una nueva noticia: paso 3 de 3') . '</h2>' . "\n";
echo '<form action="submit.php" method="post" id="genericform">' . "\n";
echo '<fieldset><legend><span class="sign">' . _('detalles de la noticia') . '</span></legend>' . "\n";
echo '<div class="genericformtxt"><label>' . _('ATENCIÓN: esto es sólo una muestra!') . '</label> <br/>' . _('Ahora puedes 1) ') . '<label>' . _('retroceder') . '</label>' . _(' o 2) ') . '<label>' . _('enviar a la cola y finalizar') . '</label>' . _('. Cualquier otro clic convertirá tu noticia en comida para <del>gatos</del> elefantes (o no).') . '</div>';
echo '<div class="formnotice">' . "\n";
$linkres->print_summary('preview');
echo '</div>' . "\n";
echo '<input type="hidden" name="phase" value="3" />' . "\n";
echo '<input type="hidden" name="randkey" value="' . intval($_POST['randkey']) . '" />' . "\n";
echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n";
echo '<input type="hidden" name="trackback" value="' . htmlspecialchars(trim($_POST['trackback'])) . '" />' . "\n";
echo '<br style="clear: both;" /><br style="clear: both;" />' . "\n";
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« retroceder') . '"> ' . "\n";
echo '<input class="genericsubmit" type="submit" value="' . _('enviar a la cola y finalizar »') . '" />' . "\n";
echo '</form>' . "\n";
echo '</fieldset>' . "\n";
echo '</div>' . "\n";
}
function do_save() {
global $linkres, $dblang, $current_user;
$linkres->read_content_type_buttons($_POST['type']);
$linkres->category=intval($_POST['category']);
if ($current_user->admin) {
if (!empty($_POST['url'])) {
$linkres->url = clean_input_url($_POST['url']);
}
if ($_POST['thumb_delete']) {
$linkres->delete_thumb();
}
if ($_POST['thumb_get']) {
$linkres->get_thumb();
}
}
$linkres->title = clean_text($_POST['title'], 40);
$linkres->content = clean_text_with_tags($_POST['bodytext']);
$linkres->tags = tags_normalize_string($_POST['tags']);
// change the status
if ($_POST['status'] != $linkres->status
&& ($_POST['status'] == 'autodiscard' || $current_user->admin)
&& preg_match('/^[a-z]{4,}$/', $_POST['status'])
&& ( ! $linkres->is_discarded() || $current_user->admin)) {
if (preg_match('/discard|abuse|duplicated|autodiscard/', $_POST['status'])) {
// Insert a log entry if the link has been manually discarded
$insert_discard_log = true;
}
$linkres->status = $_POST['status'];
}
// EVENTS
$d = $_POST["datepicker1"];
$linkres->start_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4);
$d = $_POST["datepicker2"];
$linkres->end_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4);
if (!link_edit_errors($linkres)) {
if (empty($linkres->uri)) $linkres->get_uri();
$linkres->store();
tags_insert_string($linkres->id, $dblang, $linkres->tags, $linkres->date);
// Insert edit log/event if the link it's newer than 15 days
if ($globals['now'] - $linkres->date < 86400*15) {
require_once(mnminclude.'log.php');
if ($insert_discard_log) {
// Insert always a link and discard event if the status has been changed to discard
log_insert('link_discard', $linkres->id, $current_user->user_id);
if ($linkres->author == $current_user->user_id) { // Don't save edit log if it's discarded by an admin
log_insert('link_edit', $linkres->id, $current_user->user_id);
}
} elseif ($linkres->votes > 0) {
log_conditional_insert('link_edit', $linkres->id, $current_user->user_id, 60);
}
}
echo '<div class="form-error-submit"> '._("noticia actualizada").'</div>'."\n";
}
$linkres->read();
echo '<div class="formnotice">'."\n";
$linkres->print_summary('preview');
echo '</div>'."\n";
echo '<form class="note" method="GET" action="story.php" >';
echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n";
echo '<input class="button" type="button" onclick="window.history.go(-1)" value="« '._('modificar').'"> '."\n";;
echo '<input class="button" type="submit" value="'._('ir a la noticia').'" />'."\n";
echo '</form>'. "\n";
}
function do_save($link)
{
global $dblang, $globals, $current_user, $db;
$link->status = $link->sub_status;
$site_properties = SitesMgr::get_extended_properties();
// Store previous value for the log
$link_old = new stdClass();
$link_old->url = $link->url;
$link_old->title = $link->title;
$link_old->content = $link->content;
$link_old->tags = $link->tags;
$link_old->status = $link->status;
$link_old->sub_id = $link->sub_id;
$link->read_content_type_buttons($_POST['type']);
$link->sub_id = intval($_POST['sub_id']);
if ($link->sub_id != $link_old->sub_id) {
$link->sub_changed = true;
// To force to delete old statuses with another origin
}
if ($current_user->admin || $current_user->user_level == 'blogger' || SitesMgr::is_owner()) {
if (!empty($_POST['url'])) {
$link->url = clean_input_url($_POST['url']);
}
if ($_POST['thumb_delete']) {
$link->delete_thumb();
}
if ($_POST['uri_update']) {
$link->get_uri();
}
if ($_POST['thumb_get']) {
$link->get_thumb();
} elseif (!empty($_POST['thumb_url'])) {
$url = clean_input_url($_POST['thumb_url']);
$link->get_thumb(false, $url);
}
}
$link->title = $_POST['title'];
$link->content = $_POST['bodytext'];
$link->tags = tags_normalize_string($_POST['tags']);
$errors = link_edit_errors($link);
// change the status
if ($_POST['status'] != $link->status && ($_POST['status'] == 'autodiscard' || $current_user->admin || SitesMgr::is_owner()) && preg_match('/^[a-z]{4,}$/', $_POST['status']) && (!$link->is_discarded() || $current_user->admin || SitesMgr::is_owner())) {
if (preg_match('/discard|abuse|duplicated|autodiscard/', $_POST['status'])) {
// Insert a log entry if the link has been manually discarded
$insert_discard_log = true;
}
$link->status = $_POST['status'];
}
if (!$errors) {
if (empty($link->uri)) {
$link->get_uri();
}
// Check the blog_id
$blog_id = Blog::find_blog($link->url, $link->id);
if ($blog_id > 0 && $blog_id != $link->blog) {
$link->blog = $blog_id;
}
$db->transaction();
$link->store();
// Disabled table tags
// tags_insert_string($link->id, $dblang, $link->tags, $link->date);
// Insert edit log/event if the link it's newer than 15 days
if ($globals['now'] - $link->date < 86400 * 15) {
if ($insert_discard_log) {
// Insert always a link and discard event if the status has been changed to discard
Log::insert('link_discard', $link->id, $current_user->user_id);
if ($link->author == $current_user->user_id) {
// Don't save edit log if it's discarded by an admin
Log::insert('link_edit', $link->id, $current_user->user_id);
}
} elseif ($link->votes > 0) {
Log::conditional_insert('link_edit', $link->id, $current_user->user_id, 60, serialize($link_old));
}
}
// Check this one is a draft, allows the user to save and send it to the queue
if ($link->votes == 0 && $link->status != 'queued' && $link->author == $current_user->user_id) {
$link->enqueue();
}
$db->commit();
}
$link->read();
$link->permalink = $link->get_permalink();
Haanga::Load('link/edit_result.html', compact('link', 'errors'));
}
function do_submit2() {
global $db, $dblang, $globals;
$linkres=new Link;
$linkres->id=$link_id = intval($_POST['id']);
$linkres->read();
if(report_dupe($linkres->url)) return;
$linkres->read_content_type_buttons($_POST['type']);
// Check if the title contains [IMG], [IMGs], (IMG)... and mark it as image
if (preg_match('/[\(\[](IMG|PICT*)s*[\)\]]/i', $_POST['title'])) {
$_POST['title'] = preg_replace('/[\(\[](IMG|PICT*)s*[\)\]]/i', ' ', $_POST['title']);
$linkres->content_type = 'image';
} elseif (preg_match('/[\(\[](VID|VIDEO|Vídeo*)s*[\)\]]/i', $_POST['title'])) {
$_POST['title'] = preg_replace('/[\(\[](VID|VIDEO|Vídeo*)s*[\)\]]/i', ' ', $_POST['title']);
$linkres->content_type = 'video';
}
$linkres->category=intval($_POST['category']);
$linkres->title = clean_text(preg_replace('/(\w) *[;.,] *$/', "$1", $_POST['title']), 40); // It also deletes punctuaction signs at the end
$linkres->tags = tags_normalize_string($_POST['tags']);
$linkres->content = clean_text_with_tags($_POST['bodytext']);
// EVENTS
$d = $_POST["datepicker1"];
$linkres->start_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4);
$d = $_POST["datepicker2"];
$linkres->end_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4);
if (link_errors($linkres)) {
echo '<form class="genericform">'."\n";
echo '<p><input class="button" type=button onclick="window.history.go(-1)" value="« '._('retroceder').'"/></p>'."\n";
echo '</form>'."\n";
echo '</div>'."\n"; // opened in print_form_submit_error
return;
}
$linkres->store();
tags_insert_string($linkres->id, $dblang, $linkres->tags);
$linkres->read();
$edit = true;
$link_title = $linkres->title;
$link_content = $linkres->content;
preload_indicators();
echo '<div class="genericform">'."\n";
echo '<h2>'._('envío de una nueva noticia: paso 3 de 3').'</h2>'."\n";
echo '<form action="submit.php" method="post" class="genericform" onSubmit="$(\'#working\').html(\''._('enviando trackbacks').'... <img src=\\\'\'+img_src1+\'\\\'/>\'); return true;">'."\n";
echo '<fieldset><legend><span class="sign">'._('detalles de la noticia').'</span></legend>'."\n";
echo '<div class="genericformtxt"><label>'._('ATENCIÓN: esto es sólo una muestra!').'</label> <br/>'._('Ahora puedes 1) ').'<label>'._('retroceder').'</label>'._(' o 2) ').'<label>'._('enviar a la cola y finalizar').'</label>. '._('Cualquier otro clic convertirá tu noticia en comida para <del>gatos</del> elefantes (o no).').'</div>';
echo '<div class="formnotice">'."\n";
$linkres->print_summary('preview');
echo '</div>'."\n";
echo '<input type="hidden" name="phase" value="3" />'."\n";
echo '<input type="hidden" name="randkey" value="'.intval($_POST['randkey']).'" />'."\n";
echo '<input type="hidden" name="key" value="'.$_POST['key'].'" />'."\n";
echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n";
echo '<input type="hidden" name="trackback" value="'.htmlspecialchars(trim($_POST['trackback'])).'" />'."\n";
echo '<br style="clear: both;" /><br style="clear: both;" />'."\n";
echo '<input class="button" type="button" onclick="window.history.go(-1)" value="« '._('retroceder').'"/> '."\n";
echo '<input class="button" type="submit" value="'._('enviar a la cola y finalizar').' »" ';
echo '/> <span id="working"> </span>';
echo '</fieldset>'."\n";
echo '</form>'."\n";
echo '</div>'."\n";
}
function do_submit2()
{
global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user, $Story_Content_Tags_To_Allow;
$main_smarty->assign('auto_vote', auto_vote);
$main_smarty->assign('Submit_Show_URL_Input', Submit_Show_URL_Input);
$main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL);
$main_smarty->assign('link_id', sanitize($_POST['id'], 3));
define('pagename', 'submit');
$main_smarty->assign('pagename', pagename);
if ($current_user->authenticated != TRUE) {
$vars = array('username' => $current_user->user_login);
check_actions('register_check_errors', $vars);
}
check_actions('submit2_check_errors', $vars);
if ($vars['error'] == true) {
// No action
}
$linkres = new Link();
$linkres->id = sanitize($_POST['id'], 3);
if ($_SESSION['step'] != 1) {
die('Wrong step');
}
if (!is_numeric($linkres->id)) {
die;
}
if (!$linkres->verify_ownership($current_user->user_id)) {
die($main_smarty->get_config_vars('PLIGG_Visual_Submit2Errors_NoAccess'));
}
$linkres->read(FALSE);
if ($linkres->votes($current_user->user_id) == 0 && auto_vote == true) {
$linkres->insert_vote($current_user->user_id, '10');
$linkres->store_basic();
$linkres->read(FALSE);
}
if (is_array($_POST['category'])) {
$linkres->category = sanitize($_POST['category'][0], 3);
$linkres->additional_cats = array_slice($_POST['category'], 1);
} else {
$linkres->category = sanitize($_POST['category'], 3);
}
$thecat = get_cached_category_data('category_id', $linkres->category);
$main_smarty->assign('request_category_name', $thecat->category_name);
$linkres->title = stripslashes(sanitize($_POST['title'], 3));
$linkres->title_url = makeUrlFriendly($linkres->title, $linkres->id);
$linkres->tags = tags_normalize_string(stripslashes(sanitize($_POST['tags'], 3)));
$linkres->content = close_tags(stripslashes(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow)));
//$linkres->content = str_replace("\n", "<br />", $linkres->content);
if (isset($_POST['link_field1'])) {
$linkres->link_field1 = sanitize($_POST['link_field1'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field2'])) {
$linkres->link_field2 = sanitize($_POST['link_field2'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field3'])) {
$linkres->link_field3 = sanitize($_POST['link_field3'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field4'])) {
$linkres->link_field4 = sanitize($_POST['link_field4'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field5'])) {
$linkres->link_field5 = sanitize($_POST['link_field5'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field6'])) {
$linkres->link_field6 = sanitize($_POST['link_field6'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field7'])) {
$linkres->link_field7 = sanitize($_POST['link_field7'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field8'])) {
$linkres->link_field8 = sanitize($_POST['link_field8'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field9'])) {
$linkres->link_field9 = sanitize($_POST['link_field9'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field10'])) {
$linkres->link_field10 = sanitize($_POST['link_field10'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field11'])) {
$linkres->link_field11 = sanitize($_POST['link_field11'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field12'])) {
$linkres->link_field12 = sanitize($_POST['link_field12'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field13'])) {
$linkres->link_field13 = sanitize($_POST['link_field13'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field14'])) {
$linkres->link_field14 = sanitize($_POST['link_field14'], 4, $Story_Content_Tags_To_Allow);
}
if (isset($_POST['link_field15'])) {
$linkres->link_field15 = sanitize($_POST['link_field15'], 4, $Story_Content_Tags_To_Allow);
}
if (!isset($_POST['summarytext'])) {
$linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1);
//$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary));
} else {
$linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow);
//$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary));
if (utf8_strlen($linkres->link_summary) > StorySummary_ContentTruncate) {
loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true);
$linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1);
//$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary));
}
}
//get link_group_id
if (isset($_REQUEST['link_group_id']) && $_REQUEST['link_group_id'] != '') {
$linkres->link_group_id = intval($_REQUEST['link_group_id']);
} else {
$linkres->link_group_id = 0;
}
$linkres->store();
if (link_errors($linkres)) {
return;
}
//comment subscription
if (isset($_POST['comment_subscription'])) {
$vars = array('link_id' => $linkres->id);
check_actions('comment_subscription_insert_function', $vars);
}
//comment subscription
if (isset($_POST['timestamp_date_day'])) {
//open date
$timestamp_date_day = $_POST['timestamp_date_day'];
$timestamp_date_month = $_POST['timestamp_date_month'];
$timestamp_date_year = $_POST['timestamp_date_year'];
if (!is_numeric($timestamp_date_day) || !is_numeric($timestamp_date_month) || !is_numeric($timestamp_date_year)) {
$timestamp_date = date("m-d-Y");
} else {
$timestamp_date = $timestamp_date_month . "-" . $timestamp_date_day . "-" . $timestamp_date_year;
}
$vars = array('link_id' => $linkres->id);
$vars = array('timestamp_date' => $timestamp_date, 'link_id' => $linkres->id);
check_actions('comment_subscription_insert_function', $vars);
}
$vars = '';
check_actions('submit_step_3_after_first_store', $vars);
if ($vars['error'] == true && link_catcha_errors('captcha_error')) {
return;
}
$linkres->read(FALSE);
$edit = true;
$link_title = $linkres->title;
$link_content = $linkres->content;
$link_title = stripslashes(sanitize($_POST['title'], 3));
$main_smarty->assign('the_story', $linkres->print_summary('full', true));
$main_smarty->assign('tags', $linkres->tags);
if (!empty($linkres->tags)) {
$tags_words = str_replace(",", ", ", $linkres->tags);
$tags_url = urlencode($linkres->tags);
$main_smarty->assign('tags_words', $tags_words);
$main_smarty->assign('tags_url', $tags_url);
}
if (isset($url)) {
$main_smarty->assign('submit_url', $url);
} else {
$main_smarty->assign('submit_url', '');
}
$data = parse_url($linkres->url);
$main_smarty->assign('url_short', $data['host']);
$main_smarty->assign('submit_url_title', $linkres->url_title);
$main_smarty->assign('submit_id', $linkres->id);
$main_smarty->assign('submit_type', $linkres->type());
$main_smarty->assign('submit_title', str_replace('"', """, $link_title));
$main_smarty->assign('submit_content', $link_content);
if (isset($trackback)) {
$main_smarty->assign('submit_trackback', $trackback);
} else {
$main_smarty->assign('submit_trackback', '');
}
$main_smarty->assign('tpl_extra_fields', $the_template . '/submit_extra_fields');
$main_smarty->assign('tpl_center', $the_template . '/submit_step_3_center');
$vars = '';
check_actions('do_submit2', $vars);
$_SESSION['step'] = 2;
if (Submit_Complete_Step2) {
do_submit3();
} else {
$main_smarty->display($the_template . '/pligg.tpl');
}
}
echo '<br /><p class="l-top"><span class="error">' . _(PLIGG_PassEmail_SendFail) . '</span></p>';
die;
}
}
}
if ($canIhaveAccess == 1) {
$url = htmlspecialchars(strip_tags(trim($_POST['url'])));
$linkres->url = $url;
}
$linkres->category = $_POST['category'];
if ($linkres->title != strip_tags(trim($_POST['title']))) {
$linkres->title = strip_tags(trim($_POST['title']));
$linkres->title_url = makeUrlFriendly($linkres->title);
}
$linkres->content = strip_tags(trim($_POST['bodytext']), Story_Content_Tags_To_Allow);
$linkres->tags = tags_normalize_string(strip_tags(trim($_POST['tags'])));
if ($_POST['summarytext'] == "") {
$linkres->link_summary = utf8_substr(strip_tags(trim($_POST['bodytext']), Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1);
$linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary);
} else {
$linkres->link_summary = $db->escape($_POST['summarytext']);
$linkres->link_summary = strip_tags(trim($linkres->link_summary), Story_Content_Tags_To_Allow);
$linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary);
if (strlen($linkres->link_summary) > StorySummary_ContentTruncate) {
loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . $_POST["email"], true);
$linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1);
$linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary);
}
}
$linkres->link_field1 = trim($_POST['link_field1']);
$linkres->link_field2 = trim($_POST['link_field2']);
function do_submit2()
{
global $db, $dblang, $globals, $errors;
$link = new Link();
$link->id = $link_id = intval($_POST['id']);
$link->read();
if (report_duplicated($link->url)) {
return true;
}
$link->read_content_type_buttons($_POST['type']);
// Check if the title contains [IMG], [IMGs], (IMG)... and mark it as image
if (preg_match('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', $_POST['title'])) {
$_POST['title'] = preg_replace('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', ' ', $_POST['title']);
$link->content_type = 'image';
} elseif (preg_match('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', $_POST['title'])) {
$_POST['title'] = preg_replace('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', ' ', $_POST['title']);
$link->content_type = 'video';
}
$link->category = intval($_POST['category']);
$link->title = clean_text(preg_replace('/(\\w) *[;.,] *$/', "\$1", $_POST['title']), 40);
// It also deletes punctuaction signs at the end
$link->tags = tags_normalize_string($_POST['tags']);
$link->key = $_POST['key'];
$link->content = clean_text_with_tags($_POST['bodytext']);
if (link_errors($link)) {
// Show the edit form again
$link->is_new = true;
// Disable several options in the editing form
Haanga::Load('link/submit1.html', compact('link', 'errors'));
return true;
}
$link->store();
// Disabled table tags
// tags_insert_string($link->id, $dblang, $link->tags);
$link->read();
$link->randkey = $_POST['randkey'];
$related = $link->get_related(6);
Haanga::Load('link/submit2.html', compact('link', 'errors', 'related'));
return true;
}
function do_submit2()
{
global $db, $dblang, $globals, $errors, $site_properties;
$link = new Link();
$link->id = $link_id = intval($_POST['id']);
$link->read();
if (!empty($link->url) || empty($site_properties['no_link'])) {
if (report_duplicated($link->url)) {
return true;
}
$link->read_content_type_buttons($_POST['type']);
// Check if the title contains [IMG], [IMGs], (IMG)... and mark it as image
if (preg_match('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', $_POST['title'])) {
$_POST['title'] = preg_replace('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', ' ', $_POST['title']);
$link->content_type = 'image';
} elseif (preg_match('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', $_POST['title'])) {
$_POST['title'] = preg_replace('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', ' ', $_POST['title']);
$link->content_type = 'video';
}
}
$link->sub_id = intval($_POST['sub_id']);
$link->title = $_POST['title'];
// It also deletes punctuaction signs at the end
$link->tags = tags_normalize_string($_POST['tags']);
$link->key = $_POST['key'];
$link->site_properties = $site_properties;
$link->content = $_POST['bodytext'];
// Warn, has to call $link->check_field_errors later
if (link_errors($link)) {
// Show the edit form again
$link->is_new = true;
// Disable several options in the editing form
$link->chars_left = $site_properties['intro_max_len'] - mb_strlen(html_entity_decode($link->content, ENT_COMPAT, 'UTF-8'), 'UTF-8');
Haanga::Load('link/submit1.html', compact('link', 'errors'));
return true;
}
$link->store();
// Check image upload or delete
if ($_POST['image_delete']) {
$link->delete_image();
} else {
$link->store_image_from_form('image');
}
$link->read();
$link->randkey = $_POST['randkey'];
$related = $link->get_related(6);
Haanga::Load('link/submit2.html', compact('link', 'errors', 'related'));
return true;
}
}
}
if ($canIhaveAccess == 1) {
$url = htmlspecialchars(sanitize($_POST['url'], 3));
$url = str_replace('&', '&', $url);
$linkres->url = $url;
}
$vars = '';
check_actions('edit_link_hook', $vars);
$linkres->category = sanitize($_POST['category'], 3);
if ($linkres->title != sanitize($_POST['title'], 3)) {
$linkres->title = sanitize($_POST['title'], 3);
$linkres->title_url = makeUrlFriendly($linkres->title);
}
$linkres->content = sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow);
$linkres->tags = tags_normalize_string(sanitize($_POST['tags'], 3));
if (sanitize($_POST['summarytext'], 3) == "") {
$linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1);
$linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary);
} else {
$linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow);
$linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary);
if (strlen($linkres->link_summary) > StorySummary_ContentTruncate) {
loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true);
$linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1);
$linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary);
}
}
// Steef 2k7-07 security fix start ----------------------------------------------------------
$linkres->link_field1 = sanitize($_POST['link_field1'], 4, $Story_Content_Tags_To_Allow);
$linkres->link_field2 = sanitize($_POST['link_field2'], 4, $Story_Content_Tags_To_Allow);
