function tags_insert_string($link, $lang, $string, $date = 0) { global $db; if (!is_numeric($link)) { die; } $string = tags_normalize_string($string); if ($date == 0) { $date = time(); } $words = preg_split('/[,;]+/', $string); if ($words) { $db->query("delete from " . table_tags . " where tag_link_id = {$link}"); foreach ($words as $word) { $word = trim($word); if (!$inserted[$word] && !empty($word)) { $db->query("insert IGNORE into " . table_tags . " (tag_link_id, tag_lang, tag_words, tag_date) values ({$link}, '{$lang}', '{$word}', from_unixtime({$date}))"); $inserted[$word] = true; } } $db->query("TRUNCATE TABLE " . table_tag_cache); $db->query($sql = "INSERT INTO " . table_tag_cache . " select tag_words, count(DISTINCT link_id) as count FROM " . table_tags . ", " . table_links . " WHERE tag_lang='en' and link_id = tag_link_id and (link_status='published' OR link_status='new') GROUP BY tag_words order by count desc"); return true; } return false; }
function tags_insert_string($link, $lang, $string, $date = 0) { global $db; if (!is_numeric($link)) { die; } $string = tags_normalize_string($string); if ($date == 0) { $date = time(); } $words = preg_split('/[,;]+/', $string); if ($words) { $db->query("delete from " . table_tags . " where tag_link_id = {$link}"); foreach ($words as $word) { $word = trim($word); if (!$inserted[$word] && !empty($word)) { $db->query("insert into " . table_tags . " (tag_link_id, tag_lang, tag_words, tag_date) values ({$link}, '{$lang}', '{$word}', from_unixtime({$date}))"); $inserted[$word] = true; } } $db->query("DELETE FROM " . table_tag_cache); return true; } return false; }
function tags_insert_string($link, $lang, $string, $date = 0) { global $db; $string = tags_normalize_string($string); if ($date == 0) $date=time(); $words = preg_split('/[,;]+/', $string); if ($words) { $db->query("delete from tags where tag_link_id = $link"); foreach ($words as $word) { $word=trim($word); if (!$inserted[$word] && !empty($word)) { $db->query("insert into tags (tag_link_id, tag_lang, tag_words, tag_date) values ($link, '$lang', '$word', from_unixtime($date))"); $inserted[$word] = true; } } return true; } return false; }
function tags_insert_string($link, $lang, $string, $date = 0) { global $db; $string = tags_normalize_string($string); if ($date == 0) { $date = time(); } $words = preg_split('/[,]+/', $string); if ($words) { $db->query("delete from tags where tag_link_id = {$link}"); foreach ($words as $word) { $word = $db->escape(trim($word)); if (mb_strlen($word) >= 2 && !$inserted[$word] && !empty($word)) { $db->query("insert into tags (tag_link_id, tag_lang, tag_words, tag_date) values ({$link}, '{$lang}', '{$word}', from_unixtime({$date}))"); $inserted[$word] = true; } } return true; } return false; }
function do_save() { global $linkres, $dblang; $linkres->category=$_POST['category']; if (!empty($_POST['url'])) { $linkres->url = trim($_POST['url']); } $linkres->title = stripslashes(clean_text($_POST['title'])); $linkres->content = stripslashes(clean_text($_POST['bodytext'])); $linkres->tags = tags_normalize_string(stripslashes(clean_text($_POST['tags']))); // change the status if ($linkres->status != 'published' && ($_POST['status'] == 'queued' || $_POST['status'] == 'discard')) { $linkres->status = $_POST['status']; } if (!link_edit_errors($linkres)) { $linkres->store(); tags_insert_string($linkres->id, $dblang, $linkres->tags, $linkres->date); echo '<div class="form-error-submit"> '._("noticia actualizada").'</div>'."\n"; } else { $linkres->read(); } echo '<div class="formnotice">'."\n"; $linkres->print_summary('preview'); echo '</div>'."\n"; echo '<form id="genericform" method="GET" action="story.php" >'; echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n"; echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="'._('« modificar').'"> '."\n";; echo '<input class="genericsubmit" type="submit" value="'._('ir a la noticia').'" />'."\n"; echo '</form>'. "\n"; }
function do_save() { global $linkres, $dblang, $current_user; $linkres->read_content_type_buttons($_POST['type']); $linkres->category = intval($_POST['category']); if (!empty($_POST['url']) && ($current_user->user_level == 'admin' || $current_user->user_level == 'god')) { $linkres->url = clean_input_url($_POST['url']); } $linkres->title = clean_text($_POST['title'], 40); $linkres->content = clean_text($_POST['bodytext']); $linkres->tags = tags_normalize_string($_POST['tags']); // change the status if (($current_user->user_level == 'god' || $linkres->status != 'published') && ($_POST['status'] == 'queued' || $_POST['status'] == 'discard' || $_POST['status'] == 'abuse' || $_POST['status'] == 'autodiscard')) { if (!$linkres->is_discarded() && ($_POST['status'] == 'discard' || $_POST['status'] == 'abuse' || $_POST['status'] == 'autodiscard')) { // Insert a log entry if the link has been manually discarded $insert_discard_log = true; } $linkres->status = $_POST['status']; } if (!link_edit_errors($linkres)) { if (empty($linkres->uri)) { $linkres->get_uri(); } $linkres->store(); tags_insert_string($linkres->id, $dblang, $linkres->tags, $linkres->date); // Insert edit log/event require_once mnminclude . 'log.php'; if ($insert_discard_log) { // Insert always a link and discard event if the status has been changed to discard log_insert('link_discard', $linkres->id, $current_user->user_id); log_insert('link_edit', $linkres->id, $current_user->user_id); } else { log_conditional_insert('link_edit', $linkres->id, $current_user->user_id, 60); } echo '<div class="form-error-submit"> ' . _("noticia actualizada") . '</div>' . "\n"; } $linkres->read(); echo '<div class="formnotice">' . "\n"; $linkres->print_summary('preview'); echo '</div>' . "\n"; echo '<form id="genericform" method="GET" action="story.php" >'; echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n"; echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« modificar') . '"> ' . "\n"; echo '<input class="genericsubmit" type="submit" value="' . _('ir a la noticia') . '" />' . "\n"; echo '</form>' . "\n"; }
function do_submit2() { global $db, $dblang; $linkres = new Link(); $linkres->id = $link_id = intval($_POST['id']); $linkres->read(); $linkres->category = intval($_POST['category']); $linkres->title = clean_text($_POST['title'], 40); $linkres->tags = tags_normalize_string(clean_text($_POST['tags'])); $linkres->content = clean_text($_POST['bodytext']); if (link_errors($linkres)) { echo '<form id="genericform">' . "\n"; echo '<p><input class="genericsubmit" type=button onclick="window.history.go(-1)" value="' . _('« retroceder') . '"></p>' . "\n"; echo '</form>' . "\n"; echo '</div>' . "\n"; // opened in print_form_submit_error return; } $linkres->store(); tags_insert_string($linkres->id, $dblang, $linkres->tags); $linkres->read(); $edit = true; $link_title = $linkres->title; $link_content = $linkres->content; do_navbar(_('enviar noticia ') . '»' . _(' paso 3: control final')); echo '<div id="genericform-contents">' . "\n"; echo '<h2>' . _('envío de una nueva noticia: paso 3 de 3') . '</h2>' . "\n"; echo '<form action="submit.php" method="post" id="genericform">' . "\n"; echo '<fieldset><legend><span class="sign">' . _('detalles de la noticia') . '</span></legend>' . "\n"; echo '<div class="genericformtxt"><label>' . _('ATENCIÓN: esto es sólo una muestra!') . '</label> <br/>' . _('Ahora puedes 1) ') . '<label>' . _('retroceder') . '</label>' . _(' o 2) ') . '<label>' . _('enviar a la cola y finalizar') . '</label>' . _('. Cualquier otro clic convertirá tu noticia en comida para <del>gatos</del> elefantes (o no).') . '</div>'; echo '<div class="formnotice">' . "\n"; $linkres->print_summary('preview'); echo '</div>' . "\n"; echo '<input type="hidden" name="phase" value="3" />' . "\n"; echo '<input type="hidden" name="randkey" value="' . intval($_POST['randkey']) . '" />' . "\n"; echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n"; echo '<input type="hidden" name="trackback" value="' . htmlspecialchars(trim($_POST['trackback'])) . '" />' . "\n"; echo '<br style="clear: both;" /><br style="clear: both;" />' . "\n"; echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« retroceder') . '"> ' . "\n"; echo '<input class="genericsubmit" type="submit" value="' . _('enviar a la cola y finalizar »') . '" />' . "\n"; echo '</form>' . "\n"; echo '</fieldset>' . "\n"; echo '</div>' . "\n"; }
function do_save() { global $linkres, $dblang, $current_user; $linkres->read_content_type_buttons($_POST['type']); $linkres->category=intval($_POST['category']); if ($current_user->admin) { if (!empty($_POST['url'])) { $linkres->url = clean_input_url($_POST['url']); } if ($_POST['thumb_delete']) { $linkres->delete_thumb(); } if ($_POST['thumb_get']) { $linkres->get_thumb(); } } $linkres->title = clean_text($_POST['title'], 40); $linkres->content = clean_text_with_tags($_POST['bodytext']); $linkres->tags = tags_normalize_string($_POST['tags']); // change the status if ($_POST['status'] != $linkres->status && ($_POST['status'] == 'autodiscard' || $current_user->admin) && preg_match('/^[a-z]{4,}$/', $_POST['status']) && ( ! $linkres->is_discarded() || $current_user->admin)) { if (preg_match('/discard|abuse|duplicated|autodiscard/', $_POST['status'])) { // Insert a log entry if the link has been manually discarded $insert_discard_log = true; } $linkres->status = $_POST['status']; } // EVENTS $d = $_POST["datepicker1"]; $linkres->start_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4); $d = $_POST["datepicker2"]; $linkres->end_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4); if (!link_edit_errors($linkres)) { if (empty($linkres->uri)) $linkres->get_uri(); $linkres->store(); tags_insert_string($linkres->id, $dblang, $linkres->tags, $linkres->date); // Insert edit log/event if the link it's newer than 15 days if ($globals['now'] - $linkres->date < 86400*15) { require_once(mnminclude.'log.php'); if ($insert_discard_log) { // Insert always a link and discard event if the status has been changed to discard log_insert('link_discard', $linkres->id, $current_user->user_id); if ($linkres->author == $current_user->user_id) { // Don't save edit log if it's discarded by an admin log_insert('link_edit', $linkres->id, $current_user->user_id); } } elseif ($linkres->votes > 0) { log_conditional_insert('link_edit', $linkres->id, $current_user->user_id, 60); } } echo '<div class="form-error-submit"> '._("noticia actualizada").'</div>'."\n"; } $linkres->read(); echo '<div class="formnotice">'."\n"; $linkres->print_summary('preview'); echo '</div>'."\n"; echo '<form class="note" method="GET" action="story.php" >'; echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n"; echo '<input class="button" type="button" onclick="window.history.go(-1)" value="« '._('modificar').'"> '."\n";; echo '<input class="button" type="submit" value="'._('ir a la noticia').'" />'."\n"; echo '</form>'. "\n"; }
function do_save($link) { global $dblang, $globals, $current_user, $db; $link->status = $link->sub_status; $site_properties = SitesMgr::get_extended_properties(); // Store previous value for the log $link_old = new stdClass(); $link_old->url = $link->url; $link_old->title = $link->title; $link_old->content = $link->content; $link_old->tags = $link->tags; $link_old->status = $link->status; $link_old->sub_id = $link->sub_id; $link->read_content_type_buttons($_POST['type']); $link->sub_id = intval($_POST['sub_id']); if ($link->sub_id != $link_old->sub_id) { $link->sub_changed = true; // To force to delete old statuses with another origin } if ($current_user->admin || $current_user->user_level == 'blogger' || SitesMgr::is_owner()) { if (!empty($_POST['url'])) { $link->url = clean_input_url($_POST['url']); } if ($_POST['thumb_delete']) { $link->delete_thumb(); } if ($_POST['uri_update']) { $link->get_uri(); } if ($_POST['thumb_get']) { $link->get_thumb(); } elseif (!empty($_POST['thumb_url'])) { $url = clean_input_url($_POST['thumb_url']); $link->get_thumb(false, $url); } } $link->title = $_POST['title']; $link->content = $_POST['bodytext']; $link->tags = tags_normalize_string($_POST['tags']); $errors = link_edit_errors($link); // change the status if ($_POST['status'] != $link->status && ($_POST['status'] == 'autodiscard' || $current_user->admin || SitesMgr::is_owner()) && preg_match('/^[a-z]{4,}$/', $_POST['status']) && (!$link->is_discarded() || $current_user->admin || SitesMgr::is_owner())) { if (preg_match('/discard|abuse|duplicated|autodiscard/', $_POST['status'])) { // Insert a log entry if the link has been manually discarded $insert_discard_log = true; } $link->status = $_POST['status']; } if (!$errors) { if (empty($link->uri)) { $link->get_uri(); } // Check the blog_id $blog_id = Blog::find_blog($link->url, $link->id); if ($blog_id > 0 && $blog_id != $link->blog) { $link->blog = $blog_id; } $db->transaction(); $link->store(); // Disabled table tags // tags_insert_string($link->id, $dblang, $link->tags, $link->date); // Insert edit log/event if the link it's newer than 15 days if ($globals['now'] - $link->date < 86400 * 15) { if ($insert_discard_log) { // Insert always a link and discard event if the status has been changed to discard Log::insert('link_discard', $link->id, $current_user->user_id); if ($link->author == $current_user->user_id) { // Don't save edit log if it's discarded by an admin Log::insert('link_edit', $link->id, $current_user->user_id); } } elseif ($link->votes > 0) { Log::conditional_insert('link_edit', $link->id, $current_user->user_id, 60, serialize($link_old)); } } // Check this one is a draft, allows the user to save and send it to the queue if ($link->votes == 0 && $link->status != 'queued' && $link->author == $current_user->user_id) { $link->enqueue(); } $db->commit(); } $link->read(); $link->permalink = $link->get_permalink(); Haanga::Load('link/edit_result.html', compact('link', 'errors')); }
function do_submit2() { global $db, $dblang, $globals; $linkres=new Link; $linkres->id=$link_id = intval($_POST['id']); $linkres->read(); if(report_dupe($linkres->url)) return; $linkres->read_content_type_buttons($_POST['type']); // Check if the title contains [IMG], [IMGs], (IMG)... and mark it as image if (preg_match('/[\(\[](IMG|PICT*)s*[\)\]]/i', $_POST['title'])) { $_POST['title'] = preg_replace('/[\(\[](IMG|PICT*)s*[\)\]]/i', ' ', $_POST['title']); $linkres->content_type = 'image'; } elseif (preg_match('/[\(\[](VID|VIDEO|Vídeo*)s*[\)\]]/i', $_POST['title'])) { $_POST['title'] = preg_replace('/[\(\[](VID|VIDEO|Vídeo*)s*[\)\]]/i', ' ', $_POST['title']); $linkres->content_type = 'video'; } $linkres->category=intval($_POST['category']); $linkres->title = clean_text(preg_replace('/(\w) *[;.,] *$/', "$1", $_POST['title']), 40); // It also deletes punctuaction signs at the end $linkres->tags = tags_normalize_string($_POST['tags']); $linkres->content = clean_text_with_tags($_POST['bodytext']); // EVENTS $d = $_POST["datepicker1"]; $linkres->start_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4); $d = $_POST["datepicker2"]; $linkres->end_date = substr($d,3,2).'-'.substr($d, 0, 2).'-'.substr($d,6,4); if (link_errors($linkres)) { echo '<form class="genericform">'."\n"; echo '<p><input class="button" type=button onclick="window.history.go(-1)" value="« '._('retroceder').'"/></p>'."\n"; echo '</form>'."\n"; echo '</div>'."\n"; // opened in print_form_submit_error return; } $linkres->store(); tags_insert_string($linkres->id, $dblang, $linkres->tags); $linkres->read(); $edit = true; $link_title = $linkres->title; $link_content = $linkres->content; preload_indicators(); echo '<div class="genericform">'."\n"; echo '<h2>'._('envío de una nueva noticia: paso 3 de 3').'</h2>'."\n"; echo '<form action="submit.php" method="post" class="genericform" onSubmit="$(\'#working\').html(\''._('enviando trackbacks').'... <img src=\\\'\'+img_src1+\'\\\'/>\'); return true;">'."\n"; echo '<fieldset><legend><span class="sign">'._('detalles de la noticia').'</span></legend>'."\n"; echo '<div class="genericformtxt"><label>'._('ATENCIÓN: esto es sólo una muestra!').'</label> <br/>'._('Ahora puedes 1) ').'<label>'._('retroceder').'</label>'._(' o 2) ').'<label>'._('enviar a la cola y finalizar').'</label>. '._('Cualquier otro clic convertirá tu noticia en comida para <del>gatos</del> elefantes (o no).').'</div>'; echo '<div class="formnotice">'."\n"; $linkres->print_summary('preview'); echo '</div>'."\n"; echo '<input type="hidden" name="phase" value="3" />'."\n"; echo '<input type="hidden" name="randkey" value="'.intval($_POST['randkey']).'" />'."\n"; echo '<input type="hidden" name="key" value="'.$_POST['key'].'" />'."\n"; echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n"; echo '<input type="hidden" name="trackback" value="'.htmlspecialchars(trim($_POST['trackback'])).'" />'."\n"; echo '<br style="clear: both;" /><br style="clear: both;" />'."\n"; echo '<input class="button" type="button" onclick="window.history.go(-1)" value="« '._('retroceder').'"/> '."\n"; echo '<input class="button" type="submit" value="'._('enviar a la cola y finalizar').' »" '; echo '/> <span id="working"> </span>'; echo '</fieldset>'."\n"; echo '</form>'."\n"; echo '</div>'."\n"; }
function do_submit2() { global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user, $Story_Content_Tags_To_Allow; $main_smarty->assign('auto_vote', auto_vote); $main_smarty->assign('Submit_Show_URL_Input', Submit_Show_URL_Input); $main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL); $main_smarty->assign('link_id', sanitize($_POST['id'], 3)); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); if ($current_user->authenticated != TRUE) { $vars = array('username' => $current_user->user_login); check_actions('register_check_errors', $vars); } check_actions('submit2_check_errors', $vars); if ($vars['error'] == true) { // No action } $linkres = new Link(); $linkres->id = sanitize($_POST['id'], 3); if ($_SESSION['step'] != 1) { die('Wrong step'); } if (!is_numeric($linkres->id)) { die; } if (!$linkres->verify_ownership($current_user->user_id)) { die($main_smarty->get_config_vars('PLIGG_Visual_Submit2Errors_NoAccess')); } $linkres->read(FALSE); if ($linkres->votes($current_user->user_id) == 0 && auto_vote == true) { $linkres->insert_vote($current_user->user_id, '10'); $linkres->store_basic(); $linkres->read(FALSE); } if (is_array($_POST['category'])) { $linkres->category = sanitize($_POST['category'][0], 3); $linkres->additional_cats = array_slice($_POST['category'], 1); } else { $linkres->category = sanitize($_POST['category'], 3); } $thecat = get_cached_category_data('category_id', $linkres->category); $main_smarty->assign('request_category_name', $thecat->category_name); $linkres->title = stripslashes(sanitize($_POST['title'], 3)); $linkres->title_url = makeUrlFriendly($linkres->title, $linkres->id); $linkres->tags = tags_normalize_string(stripslashes(sanitize($_POST['tags'], 3))); $linkres->content = close_tags(stripslashes(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow))); //$linkres->content = str_replace("\n", "<br />", $linkres->content); if (isset($_POST['link_field1'])) { $linkres->link_field1 = sanitize($_POST['link_field1'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field2'])) { $linkres->link_field2 = sanitize($_POST['link_field2'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field3'])) { $linkres->link_field3 = sanitize($_POST['link_field3'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field4'])) { $linkres->link_field4 = sanitize($_POST['link_field4'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field5'])) { $linkres->link_field5 = sanitize($_POST['link_field5'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field6'])) { $linkres->link_field6 = sanitize($_POST['link_field6'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field7'])) { $linkres->link_field7 = sanitize($_POST['link_field7'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field8'])) { $linkres->link_field8 = sanitize($_POST['link_field8'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field9'])) { $linkres->link_field9 = sanitize($_POST['link_field9'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field10'])) { $linkres->link_field10 = sanitize($_POST['link_field10'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field11'])) { $linkres->link_field11 = sanitize($_POST['link_field11'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field12'])) { $linkres->link_field12 = sanitize($_POST['link_field12'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field13'])) { $linkres->link_field13 = sanitize($_POST['link_field13'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field14'])) { $linkres->link_field14 = sanitize($_POST['link_field14'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field15'])) { $linkres->link_field15 = sanitize($_POST['link_field15'], 4, $Story_Content_Tags_To_Allow); } if (!isset($_POST['summarytext'])) { $linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1); //$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); } else { $linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow); //$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); if (utf8_strlen($linkres->link_summary) > StorySummary_ContentTruncate) { loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true); $linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1); //$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); } } //get link_group_id if (isset($_REQUEST['link_group_id']) && $_REQUEST['link_group_id'] != '') { $linkres->link_group_id = intval($_REQUEST['link_group_id']); } else { $linkres->link_group_id = 0; } $linkres->store(); if (link_errors($linkres)) { return; } //comment subscription if (isset($_POST['comment_subscription'])) { $vars = array('link_id' => $linkres->id); check_actions('comment_subscription_insert_function', $vars); } //comment subscription if (isset($_POST['timestamp_date_day'])) { //open date $timestamp_date_day = $_POST['timestamp_date_day']; $timestamp_date_month = $_POST['timestamp_date_month']; $timestamp_date_year = $_POST['timestamp_date_year']; if (!is_numeric($timestamp_date_day) || !is_numeric($timestamp_date_month) || !is_numeric($timestamp_date_year)) { $timestamp_date = date("m-d-Y"); } else { $timestamp_date = $timestamp_date_month . "-" . $timestamp_date_day . "-" . $timestamp_date_year; } $vars = array('link_id' => $linkres->id); $vars = array('timestamp_date' => $timestamp_date, 'link_id' => $linkres->id); check_actions('comment_subscription_insert_function', $vars); } $vars = ''; check_actions('submit_step_3_after_first_store', $vars); if ($vars['error'] == true && link_catcha_errors('captcha_error')) { return; } $linkres->read(FALSE); $edit = true; $link_title = $linkres->title; $link_content = $linkres->content; $link_title = stripslashes(sanitize($_POST['title'], 3)); $main_smarty->assign('the_story', $linkres->print_summary('full', true)); $main_smarty->assign('tags', $linkres->tags); if (!empty($linkres->tags)) { $tags_words = str_replace(",", ", ", $linkres->tags); $tags_url = urlencode($linkres->tags); $main_smarty->assign('tags_words', $tags_words); $main_smarty->assign('tags_url', $tags_url); } if (isset($url)) { $main_smarty->assign('submit_url', $url); } else { $main_smarty->assign('submit_url', ''); } $data = parse_url($linkres->url); $main_smarty->assign('url_short', $data['host']); $main_smarty->assign('submit_url_title', $linkres->url_title); $main_smarty->assign('submit_id', $linkres->id); $main_smarty->assign('submit_type', $linkres->type()); $main_smarty->assign('submit_title', str_replace('"', """, $link_title)); $main_smarty->assign('submit_content', $link_content); if (isset($trackback)) { $main_smarty->assign('submit_trackback', $trackback); } else { $main_smarty->assign('submit_trackback', ''); } $main_smarty->assign('tpl_extra_fields', $the_template . '/submit_extra_fields'); $main_smarty->assign('tpl_center', $the_template . '/submit_step_3_center'); $vars = ''; check_actions('do_submit2', $vars); $_SESSION['step'] = 2; if (Submit_Complete_Step2) { do_submit3(); } else { $main_smarty->display($the_template . '/pligg.tpl'); } }
echo '<br /><p class="l-top"><span class="error">' . _(PLIGG_PassEmail_SendFail) . '</span></p>'; die; } } } if ($canIhaveAccess == 1) { $url = htmlspecialchars(strip_tags(trim($_POST['url']))); $linkres->url = $url; } $linkres->category = $_POST['category']; if ($linkres->title != strip_tags(trim($_POST['title']))) { $linkres->title = strip_tags(trim($_POST['title'])); $linkres->title_url = makeUrlFriendly($linkres->title); } $linkres->content = strip_tags(trim($_POST['bodytext']), Story_Content_Tags_To_Allow); $linkres->tags = tags_normalize_string(strip_tags(trim($_POST['tags']))); if ($_POST['summarytext'] == "") { $linkres->link_summary = utf8_substr(strip_tags(trim($_POST['bodytext']), Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1); $linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary); } else { $linkres->link_summary = $db->escape($_POST['summarytext']); $linkres->link_summary = strip_tags(trim($linkres->link_summary), Story_Content_Tags_To_Allow); $linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary); if (strlen($linkres->link_summary) > StorySummary_ContentTruncate) { loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . $_POST["email"], true); $linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1); $linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary); } } $linkres->link_field1 = trim($_POST['link_field1']); $linkres->link_field2 = trim($_POST['link_field2']);
function do_submit2() { global $db, $dblang, $globals, $errors; $link = new Link(); $link->id = $link_id = intval($_POST['id']); $link->read(); if (report_duplicated($link->url)) { return true; } $link->read_content_type_buttons($_POST['type']); // Check if the title contains [IMG], [IMGs], (IMG)... and mark it as image if (preg_match('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', $_POST['title'])) { $_POST['title'] = preg_replace('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', ' ', $_POST['title']); $link->content_type = 'image'; } elseif (preg_match('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', $_POST['title'])) { $_POST['title'] = preg_replace('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', ' ', $_POST['title']); $link->content_type = 'video'; } $link->category = intval($_POST['category']); $link->title = clean_text(preg_replace('/(\\w) *[;.,] *$/', "\$1", $_POST['title']), 40); // It also deletes punctuaction signs at the end $link->tags = tags_normalize_string($_POST['tags']); $link->key = $_POST['key']; $link->content = clean_text_with_tags($_POST['bodytext']); if (link_errors($link)) { // Show the edit form again $link->is_new = true; // Disable several options in the editing form Haanga::Load('link/submit1.html', compact('link', 'errors')); return true; } $link->store(); // Disabled table tags // tags_insert_string($link->id, $dblang, $link->tags); $link->read(); $link->randkey = $_POST['randkey']; $related = $link->get_related(6); Haanga::Load('link/submit2.html', compact('link', 'errors', 'related')); return true; }
function do_submit2() { global $db, $dblang, $globals, $errors, $site_properties; $link = new Link(); $link->id = $link_id = intval($_POST['id']); $link->read(); if (!empty($link->url) || empty($site_properties['no_link'])) { if (report_duplicated($link->url)) { return true; } $link->read_content_type_buttons($_POST['type']); // Check if the title contains [IMG], [IMGs], (IMG)... and mark it as image if (preg_match('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', $_POST['title'])) { $_POST['title'] = preg_replace('/[\\(\\[](IMG|PICT*)s*[\\)\\]]/i', ' ', $_POST['title']); $link->content_type = 'image'; } elseif (preg_match('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', $_POST['title'])) { $_POST['title'] = preg_replace('/[\\(\\[](VID|VIDEO|Vídeo*)s*[\\)\\]]/i', ' ', $_POST['title']); $link->content_type = 'video'; } } $link->sub_id = intval($_POST['sub_id']); $link->title = $_POST['title']; // It also deletes punctuaction signs at the end $link->tags = tags_normalize_string($_POST['tags']); $link->key = $_POST['key']; $link->site_properties = $site_properties; $link->content = $_POST['bodytext']; // Warn, has to call $link->check_field_errors later if (link_errors($link)) { // Show the edit form again $link->is_new = true; // Disable several options in the editing form $link->chars_left = $site_properties['intro_max_len'] - mb_strlen(html_entity_decode($link->content, ENT_COMPAT, 'UTF-8'), 'UTF-8'); Haanga::Load('link/submit1.html', compact('link', 'errors')); return true; } $link->store(); // Check image upload or delete if ($_POST['image_delete']) { $link->delete_image(); } else { $link->store_image_from_form('image'); } $link->read(); $link->randkey = $_POST['randkey']; $related = $link->get_related(6); Haanga::Load('link/submit2.html', compact('link', 'errors', 'related')); return true; }
} } if ($canIhaveAccess == 1) { $url = htmlspecialchars(sanitize($_POST['url'], 3)); $url = str_replace('&', '&', $url); $linkres->url = $url; } $vars = ''; check_actions('edit_link_hook', $vars); $linkres->category = sanitize($_POST['category'], 3); if ($linkres->title != sanitize($_POST['title'], 3)) { $linkres->title = sanitize($_POST['title'], 3); $linkres->title_url = makeUrlFriendly($linkres->title); } $linkres->content = sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow); $linkres->tags = tags_normalize_string(sanitize($_POST['tags'], 3)); if (sanitize($_POST['summarytext'], 3) == "") { $linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1); $linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary); } else { $linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow); $linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary); if (strlen($linkres->link_summary) > StorySummary_ContentTruncate) { loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true); $linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1); $linkres->link_summary = str_replace("\n", "<br />", $linkres->link_summary); } } // Steef 2k7-07 security fix start ---------------------------------------------------------- $linkres->link_field1 = sanitize($_POST['link_field1'], 4, $Story_Content_Tags_To_Allow); $linkres->link_field2 = sanitize($_POST['link_field2'], 4, $Story_Content_Tags_To_Allow);