* */ define('INTERNAL', 1); define('JSON', 1); define('PUBLIC', 1); require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php'; safe_require('artefact', 'blog'); json_headers(); $id = param_integer('id'); $limit = param_integer('limit', ArtefactTypeBlog::pagination); $offset = param_integer('offset', 0); $options = json_decode(param_variable('options')); $viewid = isset($options->viewid) ? $options->viewid : null; if ($viewid) { if (!can_view_view($viewid)) { throw new AccessDeniedException(); } } else { if (!$USER->is_logged_in()) { throw new AccessDeniedException(); } if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) { throw new AccessDeniedException(); } } list($count, $data) = ArtefactTypeBlogPost::render_posts(FORMAT_ARTEFACT_RENDERFULL, $options, $id, $limit, $offset); if (!$count) { $count = 1; $data = array(array('content' => get_string('noresults', 'artefact.blog'))); } echo json_encode(array('count' => $count, 'limit' => $limit, 'offset' => $offset, 'data' => $data));
function delete_submit(Pieform $form, $values) { $blogpost = new ArtefactTypeBlogPost((int) $values['delete']); $blogpost->check_permission(); if ($blogpost->get('locked')) { $form->reply(PIEFORM_ERR, get_string('submittedforassessment', 'view')); } $blogpost->delete(); $form->reply(PIEFORM_OK, array('message' => get_string('blogpostdeleted', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blogpost->get('parent'), 'id' => $values['delete'])); }
function editpost_submit(Pieform $form, $values) { global $USER, $SESSION, $blogpost, $blog; require_once 'embeddedimage.php'; db_begin(); $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $values['title']); $postobj->set('description', $values['description']); $postobj->set('tags', $values['tags']); if (get_config('licensemetadata')) { $postobj->set('license', $values['license']); $postobj->set('licensor', $values['licensor']); $postobj->set('licensorurl', $values['licensorurl']); } $postobj->set('published', !$values['draft']); $postobj->set('allowcomments', (int) $values['allowcomments']); if (!$blogpost) { $postobj->set('parent', $blog); $blogobj = new ArtefactTypeBlog($blog); if ($blogobj->get('institution')) { $postobj->set('institution', $blogobj->get('institution')); } else { if ($blogobj->get('group')) { $postobj->set('group', $blogobj->get('group')); } else { $postobj->set('owner', $USER->id); } } } $postobj->commit(); $blogpost = $postobj->get('id'); // Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id $postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id'))); // Attachments $old = $postobj->attachment_id_list(); // $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); // only allow the attaching of files that exist and are editable by user foreach ($new as $key => $fileid) { $file = artefact_instance_from_id($fileid); if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) { unset($new[$key]); } } if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { try { $postobj->detach($o); } catch (ArtefactNotFoundException $e) { } } } foreach ($new as $n) { if (!in_array($n, $old)) { try { $postobj->attach($n); } catch (ArtefactNotFoundException $e) { } } } } db_commit(); $result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog); if ($form->submitted_by_js()) { // Redirect back to the blog page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
* * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * @package mahara * @subpackage artefact-blog * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php'; safe_require('artefact', 'blog'); json_headers(); $id = param_integer('id'); $blogpost = new ArtefactTypeBlogPost($id); $blogpost->check_permission(); $blogpost->delete(); json_reply(false, get_string('blogpostdeleted', 'artefact.blog'));
* This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * @package mahara * @subpackage artefact-blog * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php'; safe_require('artefact', 'blog'); json_headers(); $id = param_integer('id'); $limit = param_integer('limit', ArtefactTypeBlog::pagination); $offset = param_integer('offset', 0); list($count, $data) = ArtefactTypeBlogPost::get_posts($USER, $id, $limit, $offset); $result = array('error' => false, 'count' => $count, 'limit' => $limit, 'offset' => $offset, 'data' => $data); echo json_encode($result);
// adding a post to a blog that is not theirs mobile_api_json_reply(array('fail' => get_string('youarenottheownerofthisblog', 'artefact.blog'))); } $postobj = new ArtefactTypeBlogPost(null, null); $postobj->set('title', $title); $postobj->set('description', $description); $postobj->set('tags', $tags); $postobj->set('published', !$draft); $postobj->set('allowcomments', (int) $allowcomments); $postobj->set('parent', $blog); $postobj->set('owner', $USER->id); $postobj->commit(); $blogpost = $postobj->get('id'); } else { if ($blogpost) { $postobj = new ArtefactTypeBlogPost($blogpost); $postobj->check_permission(); if ($postobj->get('locked')) { mobile_api_json_reply(array('fail' => get_string('submittedforassessment', 'view'))); } } } if ($blogpost) { $json['id'] = $blogpost; } // Check to see if we're creating a journal entry // -- Finally attach the file to the blog post once uploaded and -- if ($artefact_id && $postobj) { // If we created or matched a blog post and created an artefact // attach the artefact to the blog. $postobj->attach($artefact_id);
// Blog security is also checked closer to when blogs are added, this // check ensures that malicious users do not even see the screen for // adding a post to a blog that is not theirs throw new AccessDeniedException(get_string('youarenottheownerofthisblog', 'artefact.blog')); } // Should we create a new post or attach the new file to an existing post $postids = get_records_sql_array("\n SELECT a.id\n FROM {artefact} a\n WHERE a.title = ? AND a.description = ?\n\tAND a.owner = ? ", array($title, $description, $USER->get('id'))); if ($postids) { $blogpost = $postids[0]->id; $postobj = new ArtefactTypeBlogPost($blogpost); $postobj->check_permission(); if ($postobj->get('locked')) { throw new AccessDeniedException(get_string('submittedforassessment', 'view')); } } else { $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $title); $postobj->set('description', $description); $postobj->set('tags', $tags); $postobj->set('published', !$draft); $postobj->set('allowcomments', (int) $allowcomments); $postobj->set('parent', $blog); $postobj->set('owner', $USER->id); $postobj->commit(); } } // Check to see if we're creating a journal entry // -- Finally attach the file to the blog post once uploaded and -- if ($artefact_id && $postobj) { // If we created or matched a blog post and created an artefact // attach the artefact to the blog.
/** * This function updates an existing blog post. * * @param User * @param array */ public static function edit_post(User $user, array $values) { $artefact = new ArtefactTypeBlogPost($values['id']); if ($user->get('id') != $artefact->get('owner')) { return false; } $artefact->set('title', $values['title']); $artefact->set('description', $values['description']); $artefact->set('published', $values['published']); $artefact->set('tags', $values['tags']); if (get_config('licensemetadata')) { $artefact->set('license', $values['license']); $artefact->set('licensor', $values['licensor']); $artefact->set('licensorurl', $values['licensorurl']); } $artefact->commit(); return true; }
require dirname(dirname(dirname(__FILE__))) . '/init.php'; safe_require('artefact', 'blog'); $id = param_integer('id'); $limit = param_integer('limit', ArtefactTypeBlog::pagination); $offset = param_integer('offset', 0); $options = json_decode(param_variable('options')); $viewid = isset($options->viewid) ? $options->viewid : null; if ($viewid) { if (!can_view_view($viewid)) { throw new AccessDeniedException(); } } else { if (!$USER->is_logged_in()) { throw new AccessDeniedException(); } if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) { throw new AccessDeniedException(); } } ($postids = get_records_sql_array("\n SELECT a.id\n FROM {artefact} a\n LEFT OUTER JOIN {artefact_blog_blogpost} bp\n ON a.id = bp.blogpost\n WHERE a.parent = ?\n AND bp.published = 1\n ORDER BY a.ctime DESC\n LIMIT ? OFFSET ?;", array($id, $limit, $offset))) || ($postids = array()); $data = array(); foreach ($postids as $postid) { $blogpost = new ArtefactTypeBlogPost($postid->id); $data[] = array('id' => $postid->id, 'content' => $blogpost->render_self((array) $options)); } $count = (int) get_field_sql("\n SELECT COUNT(*)\n FROM {artefact} a\n LEFT OUTER JOIN {artefact_blog_blogpost} bp\n ON a.id = bp.blogpost\n WHERE a.parent = ?\n AND bp.published = 1", array($id)); if (!$count) { $count = 1; $data = array(array('content' => get_string('noresults', 'artefact.blog'))); } json_reply(false, array('count' => $count, 'limit' => $limit, 'offset' => $offset, 'data' => $data));
/** * Checks to see if a blogpost had out-of-line content, and if it did, * attaches the generated file to it * * @param SimpleXMLElement $entry The entry to check * @param PluginImportLeap $importer The importer */ private static function setup_outoflinecontent_relationship(SimpleXMLElement $entry, PluginImportLeap $importer) { $artefactids = $importer->get_artefactids_imported_by_entryid((string) $entry->id); if (count($artefactids) == 2) { // In this case, a file was created as a result of // importing a blog entry with out-of-line content. We // attach the file to this post. $blogpost = new ArtefactTypeBlogPost($artefactids[0]); $blogpost->attach_file($artefactids[1]); $blogpost->commit(); } }
* the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * @package mahara * @subpackage artefact-blog * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php'; safe_require('artefact', 'blog'); require_once get_config('libroot') . 'pieforms/pieform.php'; $id = param_integer('id'); $limit = param_integer('limit', 5); $offset = param_integer('offset', 0); $posts = ArtefactTypeBlogPost::get_posts($id, $limit, $offset); $template = 'artefact:blog:posts.tpl'; $pagination = array('baseurl' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $id, 'id' => 'blogpost_pagination', 'jsonscript' => 'artefact/blog/view/index.json.php', 'datatable' => 'postlist'); ArtefactTypeBlogPost::render_posts($posts, $template, array(), $pagination); json_reply(false, array('data' => $posts));
function editpost_submit(Pieform $form, $values) { global $USER, $SESSION, $blogpost, $blog; db_begin(); $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $values['title']); $postobj->set('description', $values['description']); $postobj->set('tags', $values['tags']); $postobj->set('published', !$values['draft']); if (!$blogpost) { $postobj->set('parent', $blog); $postobj->set('owner', $USER->id); } $postobj->commit(); $blogpost = $postobj->get('id'); // Attachments $old = $postobj->attachment_id_list(); // $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { $postobj->detach($o); } } foreach ($new as $n) { if (!in_array($n, $old)) { $postobj->attach($n); } } } db_commit(); $result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog); if ($form->submitted_by_js()) { // Redirect back to the blog page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
function xmldb_artefact_blog_upgrade($oldversion = 0) { // There was no database prior to this version. if ($oldversion < 2006120501) { install_from_xmldb_file(get_config('docroot') . 'artefact/blog/db/install.xml'); } if ($oldversion < 2006121501) { $table = new XMLDBTable('artefact_blog_blogpost_file_pending'); $table->addFieldInfo('file', XMLDB_TYPE_INTEGER, '10', null, XMLDB_NOTNULL); $table->addFieldInfo('when', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL); $table->addKeyInfo('blogpost_file_pending_pk', XMLDB_KEY_PRIMARY, array('file')); $table->addKeyInfo('filefk', XMLDB_KEY_FOREIGN, array('file'), 'artefact', array('id')); if (!create_table($table)) { throw new SQLException($table . " could not be created, check log for errors."); } } if ($oldversion < 2008012200) { // From 0.9, some files were not having their temporary download paths // translated to proper artefact/file/download.php paths. This upgrade // attempts to fix them. It should work in the vast majority of cases, // the largest assumption made is that artefacts were inserted in // ascending ID order when the post was created, which is a pretty safe // bet. if ($blogfiles = get_records_array('artefact_blog_blogpost_file', '', '', 'blogpost ASC, file ASC')) { $blogpostids = join(', ', array_map(create_function('$a', 'return $a->blogpost;'), $blogfiles)); // Find all blogposts that have attached files if ($blogposts = get_records_select_array('artefact', 'id IN(' . $blogpostids . ')', null, 'id ASC')) { foreach ($blogposts as $post) { log_debug("Checking post {$post->id}"); // Only doublecheck posts that are likely to have a broken URL in them if (false !== strpos($post->description, 'createid')) { log_debug(" * Looks like post " . $post->id . " has a createid in it"); $i = 0; $body = $post->description; foreach ($blogfiles as $file) { if ($file->blogpost == $post->id) { // This file is connected to this post, so likely it is to be displayed $i++; log_debug('* Replace uploadnumber = ' . $i . ' with artefact id ' . $file->file); $regexps = array('/<img([^>]+)src="([^>]+)downloadtemp.php\\?uploadnumber=' . $i . '&createid=\\d+/', '/alt="uploaded:' . $i . '"/'); $subs = array('<img$1src="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->file, 'alt="artefact:' . $file->file . '"'); $body = preg_replace($regexps, $subs, $body); } } // Update the post if necessary if ($body != $post->description) { $postobj = new ArtefactTypeBlogPost($post->id, null); $postobj->set('description', $body); $postobj->commit(); } } } } } } if ($oldversion < 2008020700) { $table = new XMLDBTable('artefact_blog_blog'); drop_table($table); if (is_mysql()) { execute_sql('DROP INDEX {arteblogblog_blo2_ix} ON {artefact_blog_blogpost}'); execute_sql('CREATE INDEX {arteblogblog_blo_ix} ON {artefact_blog_blogpost} (blogpost)'); execute_sql('ALTER TABLE {artefact_blog_blogpost} DROP FOREIGN KEY {arteblogblog_blo2_fk}'); // I can't quite get mysql to name this key correctly, so there // will be a difference in the database if you upgrade from 0.9 // compared with installing from 1.0 execute_sql('ALTER TABLE {artefact_blog_blogpost} ADD FOREIGN KEY (blogpost) REFERENCES {artefact} (id)'); } else { // Rename indexes to keep things the same regardless of whether the // user installed or upgraded to this release execute_sql('DROP INDEX {arteblogblog_blo2_ix}'); execute_sql('CREATE INDEX {arteblogblog_blo_ix} ON {artefact_blog_blogpost} USING btree (blogpost)'); execute_sql('ALTER TABLE {artefact_blog_blogpost} DROP CONSTRAINT {arteblogblog_blo2_fk}'); execute_sql('ALTER TABLE {artefact_blog_blogpost} ADD CONSTRAINT {arteblogblog_blo_fk} FOREIGN KEY (blogpost) REFERENCES {artefact}(id)'); } } if ($oldversion < 2008101602) { $table = new XMLDBTable('artefact_blog_blogpost_file_pending'); $table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null); $table->addFieldInfo('oldextension', XMLDB_TYPE_TEXT, null); $table->addFieldInfo('filetype', XMLDB_TYPE_TEXT, null); $table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id')); create_table($table); } if ($oldversion < 2009033100) { $bloguploadbase = get_config('dataroot') . 'artefact/blog/uploads/'; if (is_dir($bloguploadbase)) { if ($basedir = opendir($bloguploadbase)) { while (false !== ($sessionupload = readdir($basedir))) { if ($sessionupload != "." && $sessionupload != "..") { $sessionupload = $bloguploadbase . $sessionupload; $subdir = opendir($sessionupload); while (false !== ($uploadfile = readdir($subdir))) { if ($uploadfile != "." && $uploadfile != "..") { $uploadfile = $sessionupload . '/' . $uploadfile; unlink($uploadfile); } } closedir($subdir); rmdir($sessionupload); } } } @rmdir($bloguploadbase); } } if ($oldversion < 2009081800) { $subscription = (object) array('plugin' => 'blog', 'event' => 'createuser', 'callfunction' => 'create_default_blog'); ensure_record_exists('artefact_event_subscription', $subscription, $subscription); } return true; }
* This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * @package mahara * @subpackage artefact-blog * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('JSON', 1); require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php'; safe_require('artefact', 'blog'); $id = param_integer('id'); $blogpost = new ArtefactTypeBlogPost($id); $blogpost->check_permission(); if (!$blogpost->publish()) { json_reply('local', get_string('publishfailed', 'artefact.blog')); } json_reply(false, get_string('blogpostpublished', 'artefact.blog'));