function discuss_list($message = '')
{
pagetop(gTxt('list_discussions'), $message);
extract(doSlash(gpsa(array('page', 'crit'))));
extract(get_prefs());
$total = safe_count('txp_discuss', "1=1");
$limit = max(@$comment_list_pageby, 25);
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$nav[] = $page > 1 ? PrevNextLink("discuss", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("discuss", $page + 1, gTxt('next'), 'next') : '';
$criteria = $crit ? "message like '%{$crit}%'" : '1=1';
$rs = safe_rows_start("*, unix_timestamp(posted) as uPosted", "txp_discuss", "{$criteria} order by posted desc limit {$offset}, {$limit}");
echo pageby_form('discuss', $comment_list_pageby);
if ($rs) {
echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), assHead('date', 'name', 'message', 'parent', '');
while ($a = nextRow($rs)) {
extract($a);
$dmessage = $visible == SPAM ? short_preview($message) : $message;
$date = "" . date("M d, g:ia", $uPosted + tz_offset()) . "";
$editlink = eLink('discuss', 'discuss_edit', 'discussid', $discussid, $date);
$cbox = fInput('checkbox', 'selected[]', $discussid);
$tq = fetch('Title', 'textpattern', 'ID', $parentid);
$parent = !$tq ? gTxt('article_deleted') : $tq;
echo assRow(array($editlink => 100, $name => 100, $dmessage => 250, $parent => 100, $cbox => 20), ' class="' . ($visible == VISIBLE ? 'visible' : ($visible == SPAM ? 'spam' : 'moderate')) . '"');
}
echo tr(tda(select_buttons() . discuss_multiedit_form(), ' colspan="5" style="text-align:right;border:0px"'));
echo endTable() . '</form>';
echo startTable('edit'), tr(td(form(fInput('text', 'crit', '', 'edit') . fInput('submit', 'search', gTxt('search'), 'smallbox') . eInput("discuss") . sInput("list"))) . td(graf(join('', $nav)))) . tr(tda(graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>'), ' colspan="2" align="center" valign="middle"')), endTable();
} else {
echo graf(gTxt('no_comments_recorded'), ' align="center"');
}
}
function list_list($message = "", $post = '')
{
extract(get_prefs());
$lvars = array("page", "sort", "dir", "crit", 'method');
extract(gpsa($lvars));
global $statuses, $step;
$sesutats = array_flip($statuses);
pagetop(gTxt('tab_list'), $message);
$total = getCount('textpattern', "1");
$limit = max(@$article_list_pageby, 25);
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
if (!$sort) {
$sort = "Posted";
}
if (!$dir) {
$dir = "desc";
}
if ($dir == "desc") {
$linkdir = "asc";
} else {
$linkdir = "desc";
}
if ($crit) {
$critsql = array('title_body' => "Title rlike '{$crit}' or Body rlike '{$crit}'", 'author' => "AuthorID rlike '{$crit}'", 'categories' => "Category1 rlike '{$crit}' or Category2 rlike '{$crit}'", 'section' => "Section rlike '{$crit}'", 'status' => "Status = '" . @$sesutats[$crit] . "'");
$criteria = $critsql[$method];
$limit = 500;
} else {
$criteria = 1;
}
$rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted", "textpattern", "{$criteria} order by {$sort} {$dir} limit {$offset}, {$limit}");
echo !$crit ? list_nav_form($page, $numPages, $sort, $dir) : '', list_searching_form($crit, $method);
if ($rs) {
echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), '<tr>', column_head('posted', 'posted', 'list', 1, $linkdir), column_head('title', 'title', 'list', 1, $linkdir), column_head('section', 'section', 'list', 1, $linkdir), column_head('category1', 'category1', 'list', 1, $linkdir) . column_head('category2', 'category2', 'list', 1, $linkdir), hCell(gTxt('author')), column_head(gTxt('status'), 'Status', 'list', 1, $linkdir), td(), '</tr>';
while ($a = nextRow($rs)) {
extract($a);
$stat = !empty($Status) ? $statuses[$Status] : '';
$adate = date("d M y", $uPosted + tz_offset());
$alink = eLink('article', 'edit', 'ID', $ID, $adate);
$tlink = eLink('article', 'edit', 'ID', $ID, $Title);
$modbox = fInput('checkbox', 'selected[]', $ID, '', '', '', '', '', $ID);
echo "<tr>" . n, td($alink), td($tlink, 200), td($Section, 75), td($Category1, 75) . td($Category2, 75), td($AuthorID), td($stat, 45), td($modbox), '</tr>' . n;
}
echo tr(tda(select_buttons() . list_multiedit_form(), ' colspan="8" style="text-align:right;border:0px"'));
echo "</table></form>";
echo pageby_form('list', $article_list_pageby);
unset($sort);
}
}
function log_list()
{
pagetop(gTxt('visitor_logs'));
extract(get_prefs());
safe_delete("txp_log", "`time` < date_sub(now(),interval " . $expire_logs_after . " day)");
safe_optimize("txp_log");
safe_repair("txp_log");
$page = gps('page');
$total = getCount('txp_log', "1");
$limit = 50;
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$nav[] = $page > 1 ? PrevNextLink("log", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("log", $page + 1, gTxt('next'), 'next') : '';
$rs = safe_rows_start("*, unix_timestamp(time) as stamp", "txp_log", "1 order by time desc limit {$offset},{$limit}");
if ($rs) {
echo startTable('list'), assHead('time', 'host', 'page', 'referrer');
$stamp = '';
while ($a = nextRow($rs)) {
extract($a);
if ($refer) {
$referprint = preg_replace("/^www\\./", "", chunk(htmlspecialchars($refer), 50));
$referprint = '<a href="http://' . htmlspecialchars($refer) . '">' . $referprint . '</a>';
} else {
$referprint = ' ';
}
$pageprint = preg_replace('/\\/$/', '', htmlspecialchars(substr($page, 1)));
$pageprint = $pageprint == '' ? '' : '<a href="' . htmlspecialchars($page) . '" target="_blank">' . chunk($pageprint, 50) . '</a>';
if ($method == 'POST') {
$pageprint = '<b>' . $pageprint . '</b>';
}
$fstamp = date("n/j g:i a", $stamp + tz_offset());
$hostprint = chunk($host, 40);
echo tr(td($fstamp) . td($hostprint) . td($pageprint) . td($referprint));
unset($refer, $referprint, $page, $pageprint);
}
echo '<tr><td colspan="4" align="right" style="padding:10px">', join('', $nav), "</td></tr>", endTable();
} else {
echo graf(gTxt('no_refers_recorded'), ' align="center"');
}
}
function safe_strftime($format, $time = '')
{
global $locale;
if (!$time) {
$time = time();
}
$str = strftime($format, $time + tz_offset());
@(list($lang, $charset) = explode('.', $locale));
if (empty($charset)) {
$charset = 'ISO-8859-1';
}
if ($charset != 'UTF-8') {
$new = '';
if (is_callable('iconv')) {
$new = @iconv($charset, 'UTF-8', $str);
}
if ($new) {
$str = $new;
} elseif (is_callable('utf8_encode')) {
$str = utf8_encode($str);
}
}
return $str;
}
/**
* Displays the row of day names.
* @return string
* @private
*/
function dspDayNames()
{
// This is done to make sure Sunday is always the first day of our array
// Unix time gets a little funky at the beginning depending upon your timezone.
$serveroffset = gmmktime(0, 0, 0) - mktime(0, 0, 0);
$start = $serveroffset < 0 ? 4 : 3;
$end = $start + 7;
for ($i = $start; $i < $end; $i++) {
// Remove the tz_offset because safe_strftime adds it, but we get locale support
$names[] = ucfirst(safe_strftime($this->dayNameFmt, 86400 * $i - tz_offset()));
}
$c[] = '<tr>';
$i = $this->firstDayOfWeek;
$j = 0;
// count number of days outputted
$end = false;
for ($j = 0; $j <= 6; $j++, $i++) {
if ($i == 7) {
$i = 0;
}
$c[] = '<th>' . $names[$i] . "</th>";
}
$c[] = '</tr>';
return join('', $c);
}
function comment_time($atts)
{
global $thiscomment, $comments_dateformat;
if ($comments_dateformat == "since") {
$comment_time = since($thiscomment['time'] + tz_offset());
} else {
$comment_time = safe_strftime($comments_dateformat, $thiscomment['time']);
}
return $comment_time;
}
function store_vars($prefix)
{
global $data;
/**
* The Username and password were already stored in create_tables.php
*
*/
$admin_email = addslashes($data['admin_email1']);
$site_url = addslashes($data['pp_path']);
$admin_lang = addslashes($data['admin_language']);
$site_title = addslashes($data['pp_title']);
$sub_title = addslashes($data['pp_sub_title']);
if ($data['pp_timezone_dst'] == "1") {
$time_zone = addslashes(tz_offset($data['pp_timezone'], '1'));
} else {
$time_zone = addslashes($data['pp_timezone']);
}
$feed_copyright = "Copyright " . date('Y') . " {$site_url}, All Rights Reserved";
$query = mysql_query("UPDATE {$prefix}config SET\n\t`email` = '{$admin_email}',\n\t`siteurl` = '{$site_url}',\n\t`admin_langfile` = '{$admin_lang}',\n\t`sitetitle`= '{$site_title}',\n\t`subtitle` = '{$sub_title}',\n\t`feed_title`= '{$site_title}',\n\t`feed_description` = '{$sub_title}',\n\t`feed_copyright` = '{$feed_copyright}',\n\t`timezone` = '{$time_zone}'\n\t") or die("Error: " . mysql_error());
}
function article_save()
{
global $txp_user, $vars, $txpcfg, $prefs;
extract($prefs);
$incoming = psa($vars);
$oldArticle = safe_row('Status, url_title, Title, unix_timestamp(LastMod) as sLastMod, LastModID', 'textpattern', 'ID = ' . (int) $incoming['ID']);
if (!($oldArticle['Status'] >= 4 and has_privs('article.edit.published') or $oldArticle['Status'] >= 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < 4 and has_privs('article.edit') or $oldArticle['Status'] < 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own'))) {
// Not allowed, you silly rabbit, you shouldn't even be here.
// Show default editing screen.
article_edit();
return;
}
if ($oldArticle['sLastMod'] != $incoming['sLastMod']) {
article_edit(gTxt('concurrent_edit_by', array('{author}' => htmlspecialchars($oldArticle['LastModID']))), TRUE);
return;
}
$incoming = textile_main_fields($incoming, $use_textile);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('ID', 'Status', 'textile_body', 'textile_excerpt'))));
$Annotate = (int) $Annotate;
if (!has_privs('article.publish') && $Status >= 4) {
$Status = 3;
}
if ($reset_time) {
$whenposted = "Posted=now()";
$when_ts = time();
} else {
$when = $when_ts = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second) - tz_offset();
$whenposted = "Posted=from_unixtime({$when})";
}
if (empty($exp_year)) {
$expires = 0;
$whenexpires = "Expires=" . NULLDATETIME;
} else {
if (empty($exp_month)) {
$exp_month = 1;
}
if (empty($exp_day)) {
$exp_day = 1;
}
if (empty($exp_hour)) {
$exp_hour = 0;
}
if (empty($exp_minute)) {
$exp_minute = 0;
}
if (empty($exp_second)) {
$exp_second = 0;
}
$expires = strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second) - tz_offset();
$whenexpires = "Expires=from_unixtime({$expires})";
}
if ($expires) {
if ($expires <= $when_ts) {
article_edit(gTxt('article_expires_before_postdate'));
return;
}
}
//Auto-Update custom-titles according to Title, as long as unpublished and NOT customized
if (empty($url_title) || $oldArticle['Status'] < 4 && $oldArticle['url_title'] == $url_title && $oldArticle['url_title'] == stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] != $Title) {
$url_title = stripSpace($Title_plain, 1);
}
$Keywords = doSlash(trim(preg_replace('/( ?[\\r\\n\\t,])+ ?/s', ',', preg_replace('/ +/', ' ', ps('Keywords'))), ', '));
safe_update("textpattern", "Title = '{$Title}',\n\t\t\tBody = '{$Body}',\n\t\t\tBody_html = '{$Body_html}',\n\t\t\tExcerpt = '{$Excerpt}',\n\t\t\tExcerpt_html = '{$Excerpt_html}',\n\t\t\tKeywords = '{$Keywords}',\n\t\t\tImage = '{$Image}',\n\t\t\tStatus = {$Status},\n\t\t\tLastMod = now(),\n\t\t\tLastModID = '{$txp_user}',\n\t\t\tSection = '{$Section}',\n\t\t\tCategory1 = '{$Category1}',\n\t\t\tCategory2 = '{$Category2}',\n\t\t\tAnnotate = {$Annotate},\n\t\t\ttextile_body = {$textile_body},\n\t\t\ttextile_excerpt = {$textile_excerpt},\n\t\t\toverride_form = '{$override_form}',\n\t\t\turl_title = '{$url_title}',\n\t\t\tAnnotateInvite = '{$AnnotateInvite}',\n\t\t\tcustom_1 = '{$custom_1}',\n\t\t\tcustom_2 = '{$custom_2}',\n\t\t\tcustom_3 = '{$custom_3}',\n\t\t\tcustom_4 = '{$custom_4}',\n\t\t\tcustom_5 = '{$custom_5}',\n\t\t\tcustom_6 = '{$custom_6}',\n\t\t\tcustom_7 = '{$custom_7}',\n\t\t\tcustom_8 = '{$custom_8}',\n\t\t\tcustom_9 = '{$custom_9}',\n\t\t\tcustom_10 = '{$custom_10}',\n\t\t\t{$whenposted},\n\t\t\t{$whenexpires}", "ID = {$ID}");
if ($Status >= 4) {
if ($oldArticle['Status'] < 4) {
do_pings();
}
update_lastmod();
}
article_edit(get_status_message($Status) . check_url_title($url_title));
}
function tsi($name, $datevar, $time, $tab = '')
{
$size = $name == 'year' ? 4 : 2;
return '<input type="text" name="' . $name . '" value="' . date($datevar, $time + tz_offset()) . '" size="' . $size . '" maxlength="' . $size . '" class="edit" tabindex="' . $tab . '" />' . "\n";
}
function product_save()
{
global $txp_user, $vars, $txpcfg, $prefs;
extract($prefs);
$incoming = psa($vars);
define("IMPATH", $path_to_site . '/' . $img_dir . '/');
$oldArticle = safe_row('Status, url_title, Title, Image, custom_6, custom_7, custom_8', 'textpattern', 'ID = ' . (int) $incoming['ID']);
if (!($oldArticle['Status'] >= 4 and has_privs('article.edit.published') or $oldArticle['Status'] >= 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < 4 and has_privs('article.edit') or $oldArticle['Status'] < 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own'))) {
// Not allowed, you silly rabbit, you shouldn't even be here.
// Show default editing screen.
product_edit();
return;
}
$wrapper = new TXP_Wrapper();
$incoming = $wrapper->textile_main_fields($incoming, $use_textile);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('ID', 'Status', 'textile_body', 'textile_excerpt'))));
$Annotate = ps('Annotate') ? assert_int(ps('Annotate')) : 0;
if (!has_privs('article.publish') && $Status >= 4) {
$Status = 3;
}
if ($reset_time) {
$whenposted = "Posted=now()";
} else {
$when = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second) - tz_offset();
$when = "from_unixtime({$when})";
$whenposted = "Posted={$when}";
}
if (isset($new_vendor_name) && !empty($new_vendor_name)) {
$custom_5 = $new_vendor_name;
cat_vendor_category_create($custom_5);
} else {
if (isset($vendor)) {
$custom_5 = $vendor;
}
}
//Auto-Update custom-titles according to Title, as long as unpublished and NOT customized
if (empty($url_title) || $oldArticle['Status'] < 4 && $oldArticle['url_title'] == $url_title && $oldArticle['url_title'] == stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] != $Title) {
$url_title = stripSpace($Title_plain, 1);
}
if (!$Annotate) {
$Annotate = 0;
}
//IMAGE DELETE/UPDATE FUNCTIONALITY
//=======================================
if (strtolower($Image) == "delete") {
$delPath = str_replace("http://" . $siteurl . "/images/", IMPATH, $oldArticle['Image']);
unlink($delPath);
unlink(product_image_display($delPath, "small"));
unlink(product_image_display(str_replace("gif", "jpg", $delPath), "large"));
$Image = "";
}
if (strtolower($custom_6) == "delete") {
$delPath = str_replace("http://" . $siteurl . "/images/", IMPATH, $oldArticle['custom_6']);
unlink($delPath);
unlink(product_image_display($delPath, "small"));
unlink(product_image_display(str_replace("gif", "jpg", $delPath), "large"));
$custom_6 = "";
}
if (strtolower($custom_7) == "delete") {
$delPath = str_replace("http://" . $siteurl . "/images/", IMPATH, $oldArticle['custom_7']);
unlink($delPath);
unlink(product_image_display($delPath, "small"));
unlink(product_image_display(str_replace("gif", "jpg", $delPath), "large"));
$custom_7 = "";
}
if (strtolower($custom_8) == "delete") {
$delPath = str_replace("http://" . $siteurl . "/images/", IMPATH, $oldArticle['custom_8']);
unlink($delPath) or die("can't delete file: " . $delPath);
unlink(product_image_display($delPath, "small"));
unlink(product_image_display(str_replace("gif", "jpg", $delPath), "large"));
$custom_8 = "";
}
//UPDATE ARTICLE
//=======================================
safe_update("textpattern", "Title = '{$Title}',\n\t\t\tBody = '{$Body}',\n\t\t\tBody_html = '{$Body_html}',\n\t\t\tExcerpt = '{$Excerpt}',\n\t\t\tExcerpt_html = '{$Excerpt_html}',\n\t\t\tKeywords = '{$Keywords}',\n\t\t\tImage = '{$Image}',\n\t\t\tStatus = {$Status},\n\t\t\tLastMod = now(),\n\t\t\tLastModID = '{$txp_user}',\n\t\t\tSection = '{$Section}',\n\t\t\tCategory1 = '{$Category1}',\n\t\t\tCategory2 = '{$Category2}',\n\t\t\tAnnotate = {$Annotate},\n\t\t\ttextile_body = {$textile_body},\n\t\t\ttextile_excerpt = {$textile_excerpt},\n\t\t\toverride_form = '{$override_form}',\n\t\t\turl_title = '{$url_title}',\n\t\t\tAnnotateInvite = '{$AnnotateInvite}',\n\t\t\tcustom_1 = '{$custom_1}',\n\t\t\tcustom_2 = '{$custom_2}',\n\t\t\tcustom_3 = '{$custom_3}',\n\t\t\tcustom_4 = '{$custom_4}',\n\t\t\tcustom_5 = '{$custom_5}',\n\t\t\tcustom_6 = '{$custom_6}',\n\t\t\tcustom_7 = '{$custom_7}',\n\t\t\tcustom_8 = '{$custom_8}',\n\t\t\tcustom_9 = '{$custom_9}',\n\t\t\tcustom_10 = '{$custom_10}',\n\t\t\t{$whenposted}", "ID = {$ID}");
save_custom_fields($_REQUEST['custom_fields'], $ID);
//IMAGE UPLOAD
//=======================
if ($_FILES['uploadFile']['error'] == "0") {
$file = $_FILES['uploadFile'];
} else {
if ($_FILES['uploadFile1']['error'] == "0") {
$file = $_FILES['uploadFile1'];
} else {
if ($_FILES['uploadFile2']['error'] == "0") {
$file = $_FILES['uploadFile2'];
} else {
if ($_FILES['uploadFile3']['error'] == "0") {
$file = $_FILES['uploadFile3'];
} else {
if ($_FILES['uploadFile4']['error'] == "0") {
$file = $_FILES['uploadFile4'];
}
}
}
}
}
if ($file["type"] == "image/gif" || $file["type"] == "image/jpeg" || $file["type"] == "image/png") {
// prepare the image for insertion
//we need to check what images have been uploaded already
$article_updated = safe_row("Image, custom_6, custom_7, custom_8", "textpattern", "ID = {$ID}");
extract($article_updated);
if (empty($Image)) {
$image_num = "";
} else {
if (empty($custom_6)) {
$image_num = "2";
} else {
if (empty($custom_7)) {
$image_num = "3";
} else {
if (empty($custom_8)) {
$image_num = "4";
}
}
}
}
echo "Uploading image: " . $file['name'];
$img = $file['tmp_name'];
upload_image($img, $image_num, $ID);
//echo "here"; die();
}
//END IMAGE UPLOAD
//=======================
if ($Status >= 4) {
if ($oldArticle['Status'] < 4) {
if (!function_exists("do_pings")) {
require_once txpath . '/include/txp_article.php';
do_pings();
}
}
update_lastmod();
}
product_edit("", "", "Product Saved");
}
function end_local()
{
return $this->end + tz_offset();
}
function build_head()
{
global $site_url, $date_format;
if (isset($_COOKIE['pixie_login'])) {
list($username, $cookie_hash) = explode(',', $_COOKIE['pixie_login']);
$nonce = safe_field('nonce', 'pixie_users', "user_name='{$username}'");
if (md5($username . $nonce) == $cookie_hash) {
$privs = safe_field('privs', 'pixie_users', "user_name='{$username}'");
$realname = safe_field('realname', 'pixie_users', "user_name='{$username}'");
$GLOBALS['pixie_user'] = $username;
$user_count = mysql_num_rows(safe_query('select * from ' . PFX . 'pixie_log_users_online'));
$user_count = $user_count - 1;
echo "<div id=\"admin_header\">\n\t\t<h1>Hello ";
if (isset($realname)) {
echo firstword($realname);
}
echo "</h1>\n\t\t<div id=\"admin_header_text\"><p>" . safe_strftime($date_format, time() + tz_offset()) . ". Currently your site has {$user_count} visitor(s) online.</p></div>\n\t\t<div id=\"admin_header_controls\"><p><a href=\"" . $site_url . "admin/\" title=\"Goto Pixie\">Pixie</a><a href=\"" . $site_url . "admin/?s=logout&tool=home\" title=\"Logout of pixie\">Logout</a></p></div>\n\t</div>\n";
/* Needs language */
}
}
}
function comment_time($atts)
{
global $thiscomment, $comments_dateformat;
extract(lAtts(array('format' => $comments_dateformat), $atts));
if ($format == 'since') {
$comment_time = since($thiscomment['time'] + tz_offset());
} else {
$comment_time = safe_strftime($format, $thiscomment['time']);
}
return $comment_time;
}
echo "</div>\r\n\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t\t<div class=\"form_row\">\r\n\t\t\t\t\t\t\t\t<div class=\"form_label\"><label for=\"dateformat\">" . $lang['form_pixie_date'] . " <span class=\"form_required\">" . $lang['form_required'] . "</span></label><span class=\"form_help\">" . $lang['form_help_pixie_date'] . "</span></div>\r\n\t\t\t\t\t\t\t\t<div class=\"form_item_drop\">\r\n\t\t\t\t\t\t\t\t<select class=\"form_select\" name=\"dateformat\" id=\"dateformat\">\n";
$dayname = '%A';
$dayshort = '%a';
$daynum = is_numeric(strftime('%e')) ? '%e' : '%d';
$daynumlead = '%d';
$daynumord = is_numeric(substr(trim(strftime('%Oe')), 0, 1)) ? '%Oe' : $daynum;
$monthname = '%B';
$monthshort = '%b';
$monthnum = '%m';
$year = '%Y';
$yearshort = '%y';
$time24 = '%H:%M';
$time12 = strftime('%p') ? '%I:%M %p' : $time24;
$date = strftime('%x') ? '%x' : '%Y-%m-%d';
$formats = array("{$monthshort} {$daynumord}, {$time12}", "{$daynum}.{$monthnum}.{$yearshort}", "{$daynumord} {$monthname}, {$time12}", "{$yearshort}.{$monthnum}.{$daynumlead}, {$time12}", "{$dayshort} {$monthshort} {$daynumord}, {$time12}", "{$dayname} {$monthname} {$daynumord}, {$year}", "{$dayname} {$monthname} {$daynumord}, {$year} @ {$time24}", "{$monthshort} {$daynumord}", "{$daynumord} {$monthname} {$yearshort}", "{$daynumord} {$monthnum} {$year} - {$time24}", "{$daynumord} {$monthname} {$year}", "{$daynumord} {$monthname} {$year}, {$time24}", "{$daynumord}. {$monthname} {$year}", "{$daynumord}. {$monthname} {$year}, {$time24}", "{$year}-{$monthnum}-{$daynumlead}", "{$year}-{$daynumlead}-{$monthnum}", "{$date} {$time12}", "{$date}", "{$time24}", "{$time12}", "{$year}-{$monthnum}-{$daynumlead} {$time24}");
$ts = time() + tz_offset();
$vals = array();
foreach ($formats as $f) {
if ($d = safe_strftime($f, $ts)) {
$vals[$f] = $d;
if ($f == $date_format) {
print "\t\t\t\t\t\t\t\t\t<option selected=\"selected\" value=\"{$f}\">{$d}</option>\n";
} else {
print "\t\t\t\t\t\t\t\t\t<option value=\"{$f}\">{$d}</option>\n";
}
}
}
echo "\t\t\t\t\t\t\t\t</select>\r\n\t\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t\t<div class=\"form_row\">\r\n\t\t\t\t\t\t\t\t<div class=\"form_label\"><label for=\"rte\">" . $lang['form_pixie_rte'] . " <span class=\"form_required\">" . $lang['form_required'] . "</span></label><span class=\"form_help\">" . $lang['form_help_pixie_rte'] . "</span></div>\r\n\t\t\t\t\t\t\t\t<div class=\"form_item_radio\">";
echo "On<input type=\"radio\"" . ($rich_text_editor == 1 ? " checked=\"checked\"" : "") . " name=\"rte\" class=\"form_radio\" value=\"1\" />";
echo "Off<input type=\"radio\"" . ($rich_text_editor == 0 ? " checked=\"checked\"" : "") . " name=\"rte\" class=\"form_radio\" value=\"0\" />";
echo "\t</div>\r\n\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t\t<div class=\"form_row\">\r\n\t\t\t\t\t\t\t\t<div class=\"form_label\"><label for=\"logs\">" . $lang['form_pixie_logs'] . " <span class=\"form_required\">" . $lang['form_required'] . "</span></label><span class=\"form_help\">" . $lang['form_help_pixie_logs'] . "</span></div>\r\n\t\t\t\t\t\t\t\t<div class=\"form_item_drop\"><select class=\"form_select\" name=\"logs\" id=\"logs\">";
/**
* Executes the real action for @see udpateArticleId and @see newArticle
* @param array $incoming containing the desired article fields
* @param mixed(string|integer) $article_id the ID of the article to update
* @return mixed integer article id on success, false otherwise
* @access private
*/
function _setArticle($incoming, $article_id = null)
{
global $txpcfg;
$prefs = get_prefs();
extract($prefs);
if (!empty($incoming['Section']) && !$this->getSection($incoming['Section'])) {
return false;
}
if (!empty($incoming['Category1']) && !$this->getCategory($incoming['Category1'])) {
return false;
}
if (!empty($incoming['Category2']) && !$this->getCategory($incoming['Category2'])) {
return false;
}
if ($article_id !== null) {
$article_id = assert_int($article_id);
}
//All validation rules assumed to be passed before this point.
//Do content processing here
$incoming_with_markup = $this->textile_main_fields($incoming, $use_textile);
$incoming['Title'] = $incoming_with_markup['Title'];
if (empty($incoming['Body_html']) && !empty($incoming['Body'])) {
$incoming['Body_html'] = $incoming_with_markup['Body_html'];
}
if (empty($incoming['Excerpt_html']) && !empty($incoming['Excerpt'])) {
$incoming['Excerpt_html'] = $incoming_with_markup['Excerpt_html'];
}
unset($incoming_with_markup);
if (empty($incoming['Posted'])) {
if ($article_id === null) {
$when = !$article_id ? 'now()' : '';
$incoming['Posted'] = $when;
} else {
# do not override post time for existing articles unless Posted is present
unset($incoming['Posted']);
}
} else {
$when = strtotime($incoming['Posted']) - tz_offset();
$when = "from_unixtime({$when})";
}
if ($incoming['Title'] || $incoming['Body'] || $incoming['Excerpt']) {
//Build SQL then and run query
//Prevent data erase if not defined on the update action
//but it was on the DB from a previous creation/edition time
if ($article_id) {
$old = safe_row('*', 'textpattern', "ID = {$article_id}");
//Status should be defined previously. Be sure of that.
if (!has_privs('article.publish', $this->txp_user) && $incoming['Status'] == 4 && $old['Status'] != 4) {
$incoming['Status'] = 3;
}
foreach ($old as $key => $val) {
if (!isset($incoming[$key])) {
$incoming[$key] = $val;
}
}
} else {
//Status should be defined previously. Be sure of that.
if (!has_privs('article.publish', $this->txp_user) && $incoming['Status'] == 4) {
$incoming['Status'] = 3;
}
}
if (empty($incoming['Section']) && $article_id) {
$incoming['Section'] = safe_field('Section', 'textpattern', "ID = {$article_id}");
}
$incoming = $this->_check_keys($incoming, array('AuthorID' => $this->txp_user, 'Annotate' => $comments_on_default, 'AnnotateInvite' => $comments_default_invite, 'textile_body' => $use_textile, 'textile_excerpt' => $use_textile, 'url_title' => stripSpace($incoming['Title'])));
//Build the SQL query
$sql = array();
foreach ($incoming as $key => $val) {
if ($key == 'Posted' && $val == 'now()') {
$sql[] = "{$key} = {$val}";
} elseif ($key != 'ID' && $key != 'uid' && $key != 'feed_time' && $key != 'LastMod' && $key != 'LastModID') {
$sql[] = "{$key} = '" . doSlash($val) . "'";
}
}
$sql[] = 'LastMod = now()';
$sql[] = "LastModID = '" . doSlash($this->txp_user) . "'";
if (!$article_id) {
$sql[] = "uid = '" . doSlash(md5(uniqid(rand(), true))) . "'";
}
if (!$article_id) {
if (empty($incoming['Posted'])) {
$sql[] = "feed_time = curdate()";
} else {
$when = strtotime($incoming['Posted']) - tz_offset();
$when = strftime("%Y-%m-%d", $when);
$sql[] = "feed_time ='" . doSlash($when) . "'";
}
}
$sql = join(', ', $sql);
$rs = $article_id ? safe_update('textpattern', $sql, "ID = {$article_id}") : safe_insert('textpattern', $sql);
$oldstatus = $article_id ? $old['Status'] : '';
if (!$article_id && $rs) {
$article_id = $rs;
}
if ($incoming['Status'] >= 4 && !$article_id || $oldstatus != 4 && $article_id) {
safe_update("txp_prefs", "val = now()", "name = 'lastmod'");
//@$this->_sendPings();
}
return $article_id;
}
return false;
}
function safe_strtotime($time_str)
{
return strtotime($time_str, time() + tz_offset()) - tz_offset();
}
function _buildMetaWeblogStruct($rs, $txp)
{
global $permlink_mode, $is_dst, $gmtoffset;
switch ($permlink_mode) {
case 'section_id_title':
$url = hu . join('/', array($rs['Section'], $rs['ID'], $rs['url_title']));
break;
case 'year_month_day_title':
$url = hu . join('/', array(date("Y", $rs['uPosted']), date("m", $rs['uPosted']), date("d", $rs['uPosted']), $rs['url_title']));
break;
case 'title_only':
$url = hu . $rs['url_title'];
break;
case 'section_title':
$url = hu . join('/', array($rs['Section'], $rs['url_title']));
break;
case 'id_title':
$url = hu . join('/', array($rs['ID'], $rs['url_title']));
break;
default:
//assume messy mode?
$url = hu . '?id=' . $rs['ID'];
break;
}
$cat = $txp->getCategory($rs['Category1']);
$cat1 = $cat['title'];
$cat = $txp->getCategory($rs['Category2']);
$cat2 = $cat['title'];
$out = array('categories' => array($cat1, $cat2), 'description' => $rs['Body'], 'userid' => $txp->txp_user, 'postid' => $rs['ID'], 'dateCreated' => new IXR_Date($rs['uPosted'] + tz_offset() - $gmtoffset - ($is_dst ? 3600 : 0)), 'link' => $url, 'permaLink' => $url, 'title' => $rs['Title']);
$out['dateCreated']->tz = 'Z';
// GMT
// MovableType Implementation Add ons
if (isset($rs['Annotate']) && !empty($rs['Annotate'])) {
$out['mt_allow_comments'] = intval($rs['Annotate']);
}
if (isset($rs['textile_body']) && !empty($rs['textile_body'])) {
$out['mt_convert_breaks'] = strval($rs['textile_body']);
}
if (isset($rs['Excerpt']) && !empty($rs['Excerpt'])) {
$out['mt_excerpt'] = $rs['Excerpt'];
}
if (isset($rs['Keywords']) && !empty($rs['Keywords'])) {
$out['mt_keywords'] = $rs['Keywords'];
}
if (isset($rs['url_title']) && !empty($rs['url_title'])) {
$out['mt_basename'] = $out['wp_slug'] = $rs['url_title'];
}
return $out;
}
function _buildMetaWeblogStruct($rs, $user)
{
global $prefs;
# do not extract, since we only need this one
$permlink_mode =& $prefs['permlink_mode'];
switch ($permlink_mode) {
case 'section_id_title':
$url = hu . join('/', array($rs['Section'], $rs['ID'], $rs['url_title']));
break;
case 'year_month_day_title':
$url = hu . join('/', array(date("Y", $rs['uPosted']), date("m", $rs['uPosted']), date("d", $rs['uPosted']), $rs['url_title']));
break;
case 'title_only':
$url = hu . $rs['url_title'];
break;
case 'section_title':
$url = hu . join('/', array($rs['Section'], $rs['url_title']));
break;
case 'id_title':
$url = hu . join('/', array($rs['ID'], $rs['url_title']));
break;
default:
//assume messy mode?
$url = hu . '?id=' . $rs['ID'];
break;
}
$out = array('categories' => array($rs['Category1'], $rs['Category2']), 'description' => $rs['Body'], 'userid' => $user, 'postid' => $rs['ID'], 'dateCreated' => new IXR_Date($rs['uPosted'] + tz_offset()), 'link' => $url, 'permaLink' => $url, 'title' => $rs['Title']);
# MovableType Implementation Add ons
if (isset($rs['Annotate']) && !empty($rs['Annotate'])) {
$out['mt_allow_comments'] = intval($rs['Annotate']);
}
if (isset($rs['textile_body']) && !empty($rs['textile_body'])) {
$out['mt_convert_breaks'] = strval($rs['textile_body']);
}
if (isset($rs['Excerpt']) && !empty($rs['Excerpt'])) {
$out['mt_excerpt'] = $rs['Excerpt'];
}
if (isset($rs['Keywords']) && !empty($rs['Keywords'])) {
$out['mt_keywords'] = $rs['Keywords'];
}
return $out;
}
/**
* Processes sent forms and updates existing articles.
*/
function article_save()
{
global $txp_user, $vars, $prefs;
extract($prefs);
$incoming = array_map('assert_string', psa($vars));
$oldArticle = safe_row("Status, url_title, Title, textile_body, textile_excerpt,\n UNIX_TIMESTAMP(LastMod) AS sLastMod, LastModID,\n UNIX_TIMESTAMP(Posted) AS sPosted,\n UNIX_TIMESTAMP(Expires) AS sExpires", 'textpattern', "ID = " . (int) $incoming['ID']);
if (!($oldArticle['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $oldArticle['Status'] >= STATUS_LIVE and $incoming['AuthorID'] === $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < STATUS_LIVE and has_privs('article.edit') or $oldArticle['Status'] < STATUS_LIVE and $incoming['AuthorID'] === $txp_user and has_privs('article.edit.own'))) {
// Not allowed, you silly rabbit, you shouldn't even be here.
// Show default editing screen.
article_edit();
return;
}
if ($oldArticle['sLastMod'] != $incoming['sLastMod']) {
article_edit(array(gTxt('concurrent_edit_by', array('{author}' => txpspecialchars($oldArticle['LastModID']))), E_ERROR), true, true);
return;
}
if (!has_privs('article.set_markup')) {
$incoming['textile_body'] = $oldArticle['textile_body'];
$incoming['textile_excerpt'] = $oldArticle['textile_excerpt'];
}
$incoming = textile_main_fields($incoming);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('ID', 'Status'))));
// Comments may be on, off, or disabled.
$Annotate = (int) $Annotate;
if (!has_privs('article.publish') && $Status >= STATUS_LIVE) {
$Status = STATUS_PENDING;
}
// Set and validate article timestamp.
if ($reset_time) {
$whenposted = "Posted = NOW()";
$when_ts = time();
} else {
if (!is_numeric($year) || !is_numeric($month) || !is_numeric($day) || !is_numeric($hour) || !is_numeric($minute) || !is_numeric($second)) {
$ts = false;
} else {
$ts = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second);
}
if ($ts === false || $ts < 0) {
$when = $when_ts = $oldArticle['sPosted'];
$msg = array(gTxt('invalid_postdate'), E_ERROR);
} else {
$when = $when_ts = $ts - tz_offset($ts);
}
$whenposted = "Posted = FROM_UNIXTIME({$when})";
}
// Set and validate expiry timestamp.
if (empty($exp_year)) {
$expires = 0;
} else {
if (empty($exp_month)) {
$exp_month = 1;
}
if (empty($exp_day)) {
$exp_day = 1;
}
if (empty($exp_hour)) {
$exp_hour = 0;
}
if (empty($exp_minute)) {
$exp_minute = 0;
}
if (empty($exp_second)) {
$exp_second = 0;
}
$ts = strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second);
if ($ts === false || $ts < 0) {
$expires = $oldArticle['sExpires'];
$msg = array(gTxt('invalid_expirydate'), E_ERROR);
} else {
$expires = $ts - tz_offset($ts);
}
}
if ($expires && $expires <= $when_ts) {
$expires = $oldArticle['sExpires'];
$msg = array(gTxt('article_expires_before_postdate'), E_ERROR);
}
if ($expires) {
$whenexpires = "Expires = FROM_UNIXTIME({$expires})";
} else {
$whenexpires = "Expires = " . NULLDATETIME;
}
// Auto-update custom-titles according to Title, as long as unpublished and
// NOT customised.
if (empty($url_title) || $oldArticle['Status'] < STATUS_LIVE && $oldArticle['url_title'] === $url_title && $oldArticle['url_title'] === stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] !== $Title) {
$url_title = stripSpace($Title_plain, 1);
}
$Keywords = doSlash(trim(preg_replace('/( ?[\\r\\n\\t,])+ ?/s', ',', preg_replace('/ +/', ' ', ps('Keywords'))), ', '));
$user = doSlash($txp_user);
$description = doSlash($description);
$cfq = array();
$cfs = getCustomFields();
foreach ($cfs as $i => $cf_name) {
$custom_x = "custom_{$i}";
$cfq[] = "custom_{$i} = '" . ${$custom_x} . "'";
}
$cfq = join(', ', $cfq);
$rs = compact($vars);
if (article_validate($rs, $msg)) {
if (safe_update('textpattern', "Title = '{$Title}',\n Body = '{$Body}',\n Body_html = '{$Body_html}',\n Excerpt = '{$Excerpt}',\n Excerpt_html = '{$Excerpt_html}',\n Keywords = '{$Keywords}',\n description = '{$description}',\n Image = '{$Image}',\n Status = {$Status},\n LastMod = NOW(),\n LastModID = '{$user}',\n Section = '{$Section}',\n Category1 = '{$Category1}',\n Category2 = '{$Category2}',\n Annotate = {$Annotate},\n textile_body = '{$textile_body}',\n textile_excerpt = '{$textile_excerpt}',\n override_form = '{$override_form}',\n url_title = '{$url_title}',\n AnnotateInvite = '{$AnnotateInvite}'," . ($cfs ? $cfq . ',' : '') . "{$whenposted},\n {$whenexpires}", "ID = {$ID}")) {
if ($Status >= STATUS_LIVE && $oldArticle['Status'] < STATUS_LIVE) {
do_pings();
}
if ($Status >= STATUS_LIVE || $oldArticle['Status'] >= STATUS_LIVE) {
update_lastmod('article_saved', $rs);
}
now('posted', true);
now('expires', true);
callback_event('article_saved', '', false, $rs);
if (empty($msg)) {
$s = check_url_title($url_title);
$msg = array(get_status_message($Status) . ' ' . $s, $s ? E_WARNING : 0);
}
} else {
$msg = array(gTxt('article_save_failed'), E_ERROR);
}
}
article_edit($msg, false, true);
}
function safe_strtotime($time_str)
{
$ts = strtotime($time_str);
return strtotime($time_str, time() + tz_offset($ts)) - tz_offset($ts);
}
function date_dropdown($date)
{
$months = array('', 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec');
/* Could go in language file? - needs language */
if (!isset($date) && !$date) {
$unixtime = time() + tz_offset();
$this_day = date('d', $unixtime);
$this_month = date('n', $unixtime);
$this_year = date('Y', $unixtime);
$time = date('H' . ':' . 'i', $unixtime);
} else {
$unixtime = returnUnixtimestamp($date);
$this_day = date('d', $unixtime);
$this_month = date('n', $unixtime);
$this_year = date('Y', $unixtime);
$time = date('H' . ':' . 'i', $unixtime);
}
$max_day = 31;
$min_day = 1;
echo "\t\t\t\t\t\t\t\t<select class=\"form_select\" id=\"date\" name=\"day\">\n";
while ($min_day <= $max_day) {
if ($min_day == $this_day) {
echo "\t\t\t\t\t\t\t\t\t<option selected=\"selected\" value=\"{$min_day}\">{$min_day}</option>\n";
} else {
echo "\t\t\t\t\t\t\t\t\t<option value=\"{$min_day}\">{$min_day}</option>\n";
}
$min_day++;
}
echo "\t\t\t\t\t\t\t\t</select>\n";
$max_month = 12;
$min_month = 1;
echo "\t\t\t\t\t\t\t\t<select class=\"form_select\" name=\"month\">\n";
while ($min_month <= $max_month) {
if ($min_month == $this_month) {
echo "\t\t\t\t\t\t\t\t\t<option selected=\"selected\" value=\"{$min_month}\">{$months[$min_month]}</option>\n";
} else {
echo "\t\t\t\t\t\t\t\t\t<option value=\"{$min_month}\">{$months[$min_month]}</option>\n";
}
$min_month++;
}
echo "\t\t\t\t\t\t\t\t</select>\n";
$max_year = $this_year + 5;
$min_year = $this_year - 5;
echo "\t\t\t\t\t\t\t\t<select class=\"form_select\" name=\"year\">\n";
while ($min_year <= $max_year) {
if ($min_year == $this_year) {
echo "\t\t\t\t\t\t\t\t\t<option selected=\"selected\" value=\"{$min_year}\">{$min_year}</option>\n";
} else {
echo "\t\t\t\t\t\t\t\t\t<option value=\"{$min_year}\">{$min_year}</option>\n";
}
$min_year++;
}
echo "\t\t\t\t\t\t\t\t</select>\n";
echo "\n\t\t\t\t\t\t\t\t@ <input type=\"text\" class=\"form_text\" name=\"time\" value=\"{$time}\" size=\"5\" maxlength=\"5\" />";
}