/** * post a new date or an updated date * * This function populates the error context, where applicable. * * @param array an array of fields * @return integer the id of the new or updated record, else 0 on error * * @see dates/edit.php **/ public static function post(&$fields) { global $context; // no date if (!$fields['date_stamp']) { Logger::error(i18n::s('Please provide a date.')); return 0; } // no anchor reference if (!$fields['anchor']) { Logger::error(i18n::s('No anchor has been found.')); return 0; } // set default values for this editor Surfer::check_default_editor($fields); // update the existing record if (isset($fields['id'])) { // id cannot be empty if (!isset($fields['id']) || !is_numeric($fields['id'])) { Logger::error(i18n::s('No item has the provided id.')); return FALSE; } // update the existing record $query = "UPDATE " . SQL::table_name('dates') . " SET " . "date_stamp='" . SQL::escape($fields['date_stamp']) . "'"; // maybe a silent update if (!isset($fields['silent']) || $fields['silent'] != 'Y') { $query .= ", " . "edit_name='" . SQL::escape($fields['edit_name']) . "', " . "edit_id=" . SQL::escape($fields['edit_id']) . ", " . "edit_address='" . SQL::escape($fields['edit_address']) . "', " . "edit_date='" . SQL::escape($fields['edit_date']) . "'"; } $query .= " WHERE id = " . SQL::escape($fields['id']); if (SQL::query($query) === FALSE) { return 0; } // insert a new record } else { // always remember the date $query = "INSERT INTO " . SQL::table_name('dates') . " SET " . "anchor='" . SQL::escape($fields['anchor']) . "', " . "anchor_id=SUBSTRING_INDEX('" . SQL::escape($fields['anchor']) . "', ':', -1)," . "anchor_type=SUBSTRING_INDEX('" . SQL::escape($fields['anchor']) . "', ':', 1)," . "date_stamp='" . SQL::escape($fields['date_stamp']) . "', " . "edit_name='" . SQL::escape($fields['edit_name']) . "', " . "edit_id=" . SQL::escape($fields['edit_id']) . ", " . "edit_address='" . SQL::escape($fields['edit_address']) . "', " . "edit_date='" . SQL::escape($fields['edit_date']) . "'"; if (SQL::query($query) === FALSE) { return 0; } // id of the new record $fields['id'] = SQL::get_last_id($context['connection']); } // clear the cache for dates Dates::clear($fields); // end of job return $fields['id']; }
$context['text'] .= Mailer::build_recipients($anchor->get_reference()); // follow-up commands $follow_up = i18n::s('What do you want to do now?'); $menu = array(); $menu = array_merge($menu, array($anchor->get_url() => i18n::s('View the page'))); $menu = array_merge($menu, array($anchor->get_url('edit') => i18n::s('Edit the page'))); $follow_up .= Skin::build_list($menu, 'menu_bar'); $context['text'] .= Skin::build_block($follow_up, 'bottom'); // update of an existing date } else { // increment the post counter of the surfer Users::increment_posts(Surfer::get_id()); // touch the related anchor $anchor->touch('date:update', $_REQUEST['id'], isset($_REQUEST['silent']) && $_REQUEST['silent'] == 'Y'); // clear cache Dates::clear($_REQUEST); // forward to the view page Safe::redirect($context['url_to_home'] . $context['url_to_root'] . Dates::get_url($_REQUEST['id'])); } // display the form on GET } else { $with_form = TRUE; } // display the form if ($with_form) { // reference the anchor page if (is_object($anchor) && $anchor->is_viewable()) { $context['text'] .= '<p>' . Skin::build_link($anchor->get_url(), $anchor->get_title()) . "</p>\n"; } // the form to edit an date $context['text'] .= '<form method="post" action="' . $context['script_url'] . '" onsubmit="return validateDocumentPost(this)" id="main_form"><div>';
// not found if (!isset($item['id'])) { include '../error.php'; // permission denied } elseif (!$permitted) { Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // deletion is confirmed } elseif (isset($_REQUEST['confirm']) && $_REQUEST['confirm'] == 'yes') { // touch the related anchor before actual deletion, since the date has to be accessible at that time if (is_object($anchor)) { $anchor->touch('date:delete', $item['id']); } // if no error, back to the anchor or to the index page if (Dates::delete($item['id'])) { Dates::clear($item); if (is_object($anchor)) { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . $anchor->get_url()); } else { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'dates/'); } } // deletion has to be confirmed } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') { Logger::error(i18n::s('The action has not been confirmed.')); } else { // commands $menu = array(); $menu[] = Skin::build_submit_button(i18n::s('Yes, I want to delete this date'), NULL, NULL, 'confirmed'); if (is_object($anchor)) { $menu[] = Skin::build_link($anchor->get_url(), i18n::s('Cancel'), 'span');