function submit_item($news, $smessages = false) { $tp = e107::getParser(); $sql = e107::getDb(); $admin_log = e107::getAdminLog(); $pref = e107::getPref(); $e_event = e107::getEvent(); $e107cache = e107::getCache(); $emessage = e107::getMessage(); $error = false; if (empty($news['news_title'])) { $error = true; $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages); if (!empty($news['news_sef'])) { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } else { // first format sef... if (empty($news['news_sef'])) { $news['news_sef'] = eHelper::title2sef($news['news_title']); } else { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } // ...then check it if (empty($news['news_sef'])) { $error = true; $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages); } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) { $error = true; $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages); } if (empty($news['news_category'])) { $error = true; $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages); } $data = array(); //DB Array $data['data']['news_title'] = $news['news_title']; $data['_FIELD_TYPES']['news_title'] = 'todb'; $data['data']['news_sef'] = $news['news_sef']; $data['_FIELD_TYPES']['news_sef'] = 'todb'; $data['data']['news_body'] = $news['news_body']; $data['_FIELD_TYPES']['news_body'] = 'todb'; $data['data']['news_extended'] = $news['news_extended']; $data['_FIELD_TYPES']['news_extended'] = 'todb'; $data['data']['news_datestamp'] = $news['news_datestamp']; $data['_FIELD_TYPES']['news_datestamp'] = 'int'; $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID; $data['_FIELD_TYPES']['news_author'] = 'int'; $data['data']['news_category'] = $news['news_category']; $data['_FIELD_TYPES']['news_category'] = 'int'; $data['data']['news_allow_comments'] = $news['news_allow_comments']; $data['_FIELD_TYPES']['news_allow_comments'] = 'int'; $data['data']['news_start'] = $news['news_start']; $data['_FIELD_TYPES']['news_start'] = 'int'; $data['data']['news_end'] = $news['news_end']; $data['_FIELD_TYPES']['news_end'] = 'int'; $data['data']['news_class'] = $news['news_class']; $data['_FIELD_TYPES']['news_class'] = 'todb'; $data['data']['news_render_type'] = $news['news_render_type']; $data['_FIELD_TYPES']['news_render_type'] = 'todb'; //news_comment_total $data['data']['news_summary'] = $news['news_summary']; $data['_FIELD_TYPES']['news_summary'] = 'todb'; $data['data']['news_thumbnail'] = $news['news_thumbnail']; $data['_FIELD_TYPES']['news_thumbnail'] = 'todb'; $data['data']['news_sticky'] = $news['news_sticky']; $data['_FIELD_TYPES']['news_sticky'] = 'int'; $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']); $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb'; $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']); //handle bbcodes $data['_FIELD_TYPES']['news_meta_description'] = 'todb'; if ($error) { $data['error'] = true; return $data; } // Calculate short strings for admin logging - no need to clog up the log with potentially long items $logData = $data['data']; if (isset($logData['news_body'])) { $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...'); } if (isset($logData['news_extended'])) { $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...'); } //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me! if ($news['news_id']) { // Updating existing item $data['WHERE'] = 'news_id=' . intval($news['news_id']); //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' "; if ($sql->db_Update('news', $data)) { e107::getAdminLog()->logArrayAll('NEWS_09', $logData); $data['data']['news_id'] = $news['news_id']; e107::getEvent()->trigger('newsupd', $data['data']); e107::getEvent()->trigger('admin_news_updated', $data['data']); $message = LAN_UPDATED; $emessage->add(LAN_UPDATED, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { if ($sql->getLastErrorNumber()) { $error = true; $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages); $message = "<strong>" . LAN_NEWS_5 . "</strong>"; } else { $data['data']['news_id'] = $news['news_id']; $emessage->add(LAN_NO_CHANGE, E_MESSAGE_INFO, $smessages); $message = "<strong>" . LAN_NO_CHANGE . "</strong>"; //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } } } else { // Adding item $data['data']['news_id'] = $sql->db_Insert('news', $data); $news['news_id'] = $data['data']['news_id']; //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ") if ($data['data']['news_id']) { $data['news_id'] = $news['news_id']; $message = LAN_NEWS_6; $emessage->add(LAN_CREATED, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //moved down - prevent wrong mysql_insert_id e107::getAdminLog()->logArrayAll('NEWS_08', $logData); e107::getEvent()->trigger('newspost', $data['data']); e107::getEvent()->trigger('admin_news_created', $data['data']); //XXX - triggerHook after trigger? $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { $error = true; $message = "<strong>" . LAN_NEWS_7 . "</strong>"; $emessage->add(LAN_UPDATED, E_MESSAGE_ERROR, $smessages); } } //return $message; $data['message'] = $message; $data['error'] = $error; return $data; }
function processViewPage() { if ($this->checkCache()) { return; } $sql = e107::getDb(); $query = "SELECT p.*, u.user_id, u.user_name, user_login FROM #page AS p\n\t\tLEFT JOIN #user AS u ON p.page_author = u.user_id\n\t\tWHERE p.page_id=" . intval($this->pageID); // REMOVED AND p.page_class IN (".USERCLASS_LIST.") - permission check is done later if (!$sql->gen($query)) { header("HTTP/1.0 404 Not Found"); // exit; /* $ret['title'] = LAN_PAGE_12; // ***** CHANGED $ret['sub_title'] = ''; $ret['text'] = LAN_PAGE_3; $ret['comments'] = ''; $ret['rating'] = ''; $ret['np'] = ''; $ret['err'] = TRUE; $ret['cachecontrol'] = false; */ // ---------- New (to replace values above) ---- $this->page['page_title'] = LAN_PAGE_12; // ***** CHANGED $this->page['sub_title'] = ''; $this->page['page_text'] = LAN_PAGE_3; $this->page['comments'] = ''; $this->page['rating'] = ''; $this->page['np'] = ''; $this->page['err'] = TRUE; $this->page['cachecontrol'] = false; // ------------------------------------- $this->authorized = 'nf'; $this->template = e107::getCoreTemplate('page', 'default'); // $this->batch = e107::getScBatch('page',null,'cpage')->setVars(new e_vars($ret))->setScVar('page', array()); ///Upgraded to setVars() array. (not using '$this->page') $this->batch = e107::getScBatch('page', null, 'cpage')->setVars($this->page); define("e_PAGETITLE", $this->page['page_title']); return; } $this->page = $sql->fetch(); // setting override to true breaks default. $this->template = e107::getCoreTemplate('page', vartrue($this->page['page_template'], 'default'), true, true); if (!$this->template) { // switch to default $this->template = e107::getCoreTemplate('page', 'default', false, false); } if (empty($this->template)) { $this->template = e107::getCoreTemplate('page', 'default'); } $this->batch = e107::getScBatch('page', null, 'cpage'); $this->pageText = $this->page['page_text']; $this->pageCheckPerms($this->page['page_class'], $this->page['page_password'], $this->page['page_title']); if ($this->debug) { echo "<b>pageText</b> " . $this->pageText . " <br />"; } $this->parsePage(); $pagenav = $rating = $comments = ''; if ($this->authorized === true) { $pagenav = $this->pageIndex(); $rating = $this->pageRating($this->page['page_rating_flag']); $comments = $this->pageComment($this->page['page_comment_flag']); } /* $ret['title'] = $this->page['page_title']; $ret['sub_title'] = $this->title; $ret['text'] = $this->pageToRender; $ret['np'] = $pagenav; $ret['rating'] = $rating; $ret['comments'] = $comments; $ret['err'] = FALSE; $ret['cachecontrol'] = (isset($this->page['page_password']) && !$this->page['page_password'] && $this->authorized === true); // Don't cache password protected pages */ // $this->batch->setVars(new e_vars($ret))->setScVar('page', $this->page); // Removed in favour of $this->var (cross-compatible with menus and other parts of e107 that use the same shortcodes) // ---- New --- - $this->page['page_text'] = $this->pageToRender; $this->page['np'] = $pagenav; $this->page['rating'] = $rating; $this->page['comments'] = $comments; $this->page['err'] = FALSE; $this->page['cachecontrol'] = isset($this->page['page_password']) && !$this->page['page_password'] && $this->authorized === true; // ----------------- $this->batch->setVars($this->page); define('e_PAGETITLE', eHelper::formatMetaTitle($this->page['page_title'])); if ($this->page['page_metadscr']) { define('META_DESCRIPTION', eHelper::formatMetaDescription($this->page['page_metadscr'])); } if ($this->page['page_metakeys']) { define('META_KEYWORDS', eHelper::formatMetaKeys($this->page['page_metakeys'])); } $tp = e107::getParser(); if ($tp->isImage($this->page['menu_image'])) { $mimg = $tp->thumbUrl($this->page['menu_image'], 'w=800', false, true); e107::meta('og:image', $mimg); } //return $ret; }
function submitPage($mode = FALSE, $type = FALSE) { global $e107cache, $admin_log, $e_event; $frm = e107::getForm(); $sql = e107::getDb(); $tp = e107::getParser(); $ns = e107::getRender(); $mes = e107::getMessage(); $page_title = $tp->toDB($_POST['page_title']); // print_a($_POST); // if(is_array($_POST['data']) && is_array($_POST['subtitle'])) $newData = array(); foreach ($_POST as $k => $v) { if (substr($k, 0, 4) == 'data' && trim($v) != '') { list($tm, $key) = explode("_", $k); if ($mode == FALSE) { $newData[] = "[newpage=" . $_POST['page_subtitle'][$key] . "]\n"; } $newData[] = $v; } // return; } // return; $newData = implode("\n\n", $newData); // echo nl2br($newData); $page_text = $tp->toDB($newData); $pauthor = $_POST['page_display_authordate_flag'] ? USERID : 0; // Ideally, this check should be done in the front-end. $update = 0; // Make sure some updates happen $page_sef = ''; $page_metad = ''; $page_metak = ''; if (!$type) { if (!empty($_POST['page_sef'])) { $page_sef = eHelper::secureSef($_POST['page_sef']); } if (empty($page_sef)) { $page_sef = eHelper::title2sef($_POST['page_title']); } if (!empty($_POST['page_metadscr'])) { $page_metad = $tp->toDB(eHelper::formatMetaDescription($_POST['page_metadscr'])); } if (!empty($_POST['page_metakeys'])) { $page_metak = eHelper::formatMetaKeys($_POST['page_metakeys']); } } if (!$type && (!$page_title || !$page_sef)) { e107::getMessage()->addError(CUSLAN_34, 'default', true); e107::getRedirect()->redirect(e_ADMIN_ABS . 'cpage.php'); } // FIXME Causes false positives on Update.. - what is trying to be achieved with this check? /* if(!$type && $sql->db_Count('page', '(page_id)', ($mode ? "page_id != {$mode} AND " : '')."page_sef != '{$page_sef}'")) { e107::getMessage()->addError(CUSLAN_34, 'default', true); e107::getMessage()->addDebug("type=".$type, 'default', true); e107::getMessage()->addDebug("page_title=".$page_title, 'default', true); e107::getMessage()->addDebug("page_sef=".$page_sef, 'default', true); e107::getMessage()->addDebug("Mode=".$mode, 'default', true); e107::getRedirect()->redirect(e_ADMIN_ABS.'cpage.php'); } */ if ($type && empty($_POST['menu_name'])) { e107::getMessage()->addError(CUSLAN_36, 'default', true); e107::getRedirect()->redirect(e_ADMIN_ABS . 'cpage.php'); } if ($mode) { // Saving existing page/menu after edit // Don't think $_POST['page_ip_restrict'] is ever set. $menuname = $type && vartrue($_POST['menu_name']) ? ", page_theme = '" . $tp->toDB($_POST['menu_name']) . "'" : ""; $status = $sql->db_Update("page", "page_title='{$page_title}', page_sef='{$page_sef}', page_chapter='" . intval($_POST['page_chapter']) . "', page_metakeys='{$page_metak}', page_metadscr='{$page_metad}', page_text='{$page_text}', page_datestamp='" . time() . "', page_author='{$pauthor}', page_rating_flag='" . intval($_POST['page_rating_flag']) . "', page_comment_flag='" . intval($_POST['page_comment_flag']) . "', page_password='******'page_password'] . "', page_class='" . $_POST['page_class'] . "', page_ip_restrict='" . varset($_POST['page_ip_restrict'], '') . "', page_template='" . $_POST['page_template'] . "' {$menuname} WHERE page_id='{$mode}'") ? E_MESSAGE_SUCCESS : E_MESSAGE_ERROR; if ($status == E_MESSAGE_SUCCESS) { $update++; } $mes->add($message, $status); $admin_log->log_event('CPAGE_02', $mode . '[!br!]' . $page_title . '[!br!]' . $pauthor, E_LOG_INFORMATIVE, ''); $e107cache->clear("page_{$mode}"); $e107cache->clear("page-t_{$mode}"); $data = array('method' => 'update', 'table' => 'page', 'id' => $mode, 'plugin' => 'page', 'function' => 'submitPage'); $this->message = $e_event->triggerHook($data); if ($type) { $menu_name = $tp->toDB($_POST['menu_name']); // not to be confused with menu-caption. // Need to check whether menu already in table, else we can't distinguish between a failed update and no update needed if ($sql->db_Select('menus', 'menu_name', "`menu_path` = '{$mode}'")) { // Updating existing entry if ($sql->db_Update('menus', "menu_name='{$menu_name}' WHERE menu_path='{$mode}' ") !== FALSE) { $update++; } } } //$url = e107::getUrl()->sc('page/view', array('name' => $tp->post_toForm($_POST['page_title']), 'id' => $mode)); /* // Prevent links being updated in another language unless the table is present. if((($pref['sitelanguage'] != $sql->mySQLlanguage) && ($sql->mySQLlanguage!='')) && ($sql->db_IsLang("links")=='links')) { //echo "DISABLED LINK CREATION"; //echo ' Sitelan='.$pref['sitelanguage']; //echo " Dblang=".$sql->mySQLlanguage; //echo " Links=".$sql->db_IsLang("links"); return; } if ($_POST['page_link']) { // FIXME extremely ugly, just join on created link ID by new field page_link if ($sql->db_Select("links", "link_id", "link_url='".$url."' && link_name!='".$tp->toDB($_POST['page_link'])."'")) { $sql->db_Update("links", "link_name='".$tp->toDB($_POST['page_link'])."' WHERE link_url='".$url."'"); $update++; $e107cache->clear("sitelinks"); } else if (!$sql->db_Select("links", "link_id", "link_url='".$url."'")) { $sql->db_Insert("links", "0, '".$tp->toDB($_POST['page_link'])."', '".$url."', '', '', 1, 0, 0, 0, ".$_POST['page_class']); $update++; $e107cache->clear("sitelinks"); } } else { if ($sql->db_Select("links", "link_id", "link_url='".$url."'")) { $sql->db_Delete("links", "link_url='".$url."'"); $update++; $e107cache->clear("sitelinks"); } }*/ $mes = e107::getMessage(); $mes->autoMessage($update, 'update', LAN_UPDATED, false, false); // Display result of update } else { // New page/menu $menuname = $type ? $tp->toDB($_POST['menu_name']) : ""; $addMsg = $type ? CUSLAN_51 : CUSLAN_27; $info = array('page_title' => $page_title, 'page_sef' => $page_sef, 'page_chapter' => varset($_POST['page_chapter'], 0), 'page_metakeys' => $page_metak, 'page_metadscr' => $page_metad, 'page_text' => $page_text, 'page_author' => $pauthor, 'page_datestamp' => time(), 'page_rating_flag' => varset($_POST['page_rating_flag'], 0), 'page_comment_flag' => varset($_POST['page_comment_flag'], ''), 'page_password' => varset($_POST['page_password'], ''), 'page_class' => varset($_POST['page_class'], e_UC_PUBLIC), 'page_ip_restrict' => '', 'page_theme' => $menuname, 'page_template' => varset($_POST['page_template'], '')); $pid = e107::getMessage()->autoMessage($sql->db_Insert('page', $info), 'insert', $addMsg, LAN_CREATED_FAILED, false); $admin_log->log_event('CPAGE_01', $menuname . '[!br!]' . $page_title . '[!br!]' . $pauthor, E_LOG_INFORMATIVE, ''); if ($type) { $info = array('menu_name' => $menuname, 'menu_location' => 0, 'menu_order' => 0, 'menu_class' => '0', 'menu_pages' => '', 'menu_path' => $pid); e107::getMessage()->autoMessage($sql->db_Insert('menus', $info), 'insert', CUSLAN_52, LAN_CREATED_FAILED, false); } /*if(vartrue($_POST['page_link'])) { //$link = 'page.php?'.$pid; $url = e107::getUrl()->sc('page/view', array('name' => $tp->post_toForm($_POST['page_title']), 'id' => $pid)); if (!$sql->db_Select("links", "link_id", "link_name='".$tp->toDB($_POST['page_link'])."'")) { $linkname = $tp->toDB($_POST['page_link']); $sql->db_Insert("links", "0, '{$linkname}', '{$url}', '', '', 1, 0, 0, 0, ".$_POST['page_class']); $e107cache->clear("sitelinks"); } }*/ $data = array('method' => 'create', 'table' => 'page', 'id' => $pid, 'plugin' => 'page', 'function' => 'submitPage'); $this->message = $e_event->triggerHook($data); } }
function preCreate() { if ($_GET['action'] == "edit" && !$_POST['preview']) { if (!isset($_POST['submit_news'])) { if (e107::getDb()->select('news', '*', 'news_id=' . intval($_GET['id']))) { $row = e107::getDb()->fetch(); // $this->noPermissions(); $_POST['news_title'] = $row['news_title']; $_POST['news_sef'] = $row['news_sef']; $_POST['news_body'] = $row['news_body']; $_POST['news_author'] = $row['news_author']; $_POST['news_extended'] = $row['news_extended']; $_POST['news_allow_comments'] = $row['news_allow_comments']; $_POST['news_class'] = $row['news_class']; $_POST['news_summary'] = $row['news_summary']; $_POST['news_sticky'] = $row['news_sticky']; $_POST['news_datestamp'] = $_POST['news_datestamp'] ? $_POST['news_datestamp'] : $row['news_datestamp']; $_POST['cat_id'] = $row['news_category']; $_POST['news_start'] = $row['news_start']; $_POST['news_end'] = $row['news_end']; $_POST['comment_total'] = e107::getDb()->db_Count("comments", "(*)", " WHERE comment_item_id={$row['news_id']} AND comment_type='0'"); $_POST['news_render_type'] = $row['news_render_type']; $_POST['news_thumbnail'] = $row['news_thumbnail']; $_POST['news_meta_keywords'] = $row['news_meta_keywords']; $_POST['news_meta_description'] = $row['news_meta_description']; } } else { if (!empty($_POST['news_meta_keywords'])) { $_POST['news_meta_keywords'] = eHelper::formatMetaKeys($_POST['news_meta_keywords']); } } } }
function submit_item($news, $smessages = false) { $tp = e107::getParser(); $sql = e107::getDb(); $admin_log = e107::getAdminLog(); $pref = e107::getPref(); $e_event = e107::getEvent(); $e107cache = e107::getCache(); $emessage = e107::getMessage(); $error = false; if (empty($news['news_title'])) { $error = true; $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages); if (!empty($news['news_sef'])) { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } else { // first format sef... if (empty($news['news_sef'])) { $news['news_sef'] = eHelper::title2sef($news['news_title']); } else { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } // ...then check it if (empty($news['news_sef'])) { $error = true; $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages); } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) { $error = true; $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages); } if (empty($news['news_category'])) { $error = true; $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages); } $data = array(); //DB Array $data['data']['news_title'] = $news['news_title']; $data['_FIELD_TYPES']['news_title'] = 'todb'; $data['data']['news_sef'] = $news['news_sef']; $data['_FIELD_TYPES']['news_sef'] = 'todb'; $data['data']['news_body'] = $news['news_body']; $data['_FIELD_TYPES']['news_body'] = 'todb'; $data['data']['news_extended'] = $news['news_extended']; $data['_FIELD_TYPES']['news_extended'] = 'todb'; $data['data']['news_datestamp'] = $news['news_datestamp']; $data['_FIELD_TYPES']['news_datestamp'] = 'int'; $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID; $data['_FIELD_TYPES']['news_author'] = 'int'; $data['data']['news_category'] = $news['news_category']; $data['_FIELD_TYPES']['news_category'] = 'int'; $data['data']['news_allow_comments'] = $news['news_allow_comments']; $data['_FIELD_TYPES']['news_allow_comments'] = 'int'; $data['data']['news_start'] = $news['news_start']; $data['_FIELD_TYPES']['news_start'] = 'int'; $data['data']['news_end'] = $news['news_end']; $data['_FIELD_TYPES']['news_end'] = 'int'; $data['data']['news_class'] = $news['news_class']; $data['_FIELD_TYPES']['news_class'] = 'todb'; $data['data']['news_render_type'] = $news['news_render_type']; $data['_FIELD_TYPES']['news_render_type'] = 'todb'; //news_comment_total $data['data']['news_summary'] = $news['news_summary']; $data['_FIELD_TYPES']['news_summary'] = 'todb'; $data['data']['news_thumbnail'] = $news['news_thumbnail']; $data['_FIELD_TYPES']['news_thumbnail'] = 'todb'; $data['data']['news_sticky'] = $news['news_sticky']; $data['_FIELD_TYPES']['news_sticky'] = 'int'; $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']); $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb'; $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']); //handle bbcodes $data['_FIELD_TYPES']['news_meta_description'] = 'todb'; if ($error) { $data['error'] = true; return $data; } // Calculate short strings for admin logging - no need to clog up the log with potentially long items $logData = $data['data']; if (isset($logData['news_body'])) { $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...'); } if (isset($logData['news_extended'])) { $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...'); } //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me! if ($news['news_id']) { // Updating existing item $data['WHERE'] = 'news_id=' . intval($news['news_id']); //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' "; if ($sql->db_Update('news', $data)) { e107::getAdminLog()->logArrayAll('NEWS_09', $logData); $data['data']['news_id'] = $news['news_id']; e107::getEvent()->trigger('newsupd', $data['data']); $message = LAN_NEWS_21; $emessage->add(LAN_NEWS_21, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { if ($sql->getLastErrorNumber()) { $error = true; $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages); $message = "<strong>" . LAN_NEWS_5 . "</strong>"; } else { $data['data']['news_id'] = $news['news_id']; $emessage->add(LAN_NEWS_46, E_MESSAGE_INFO, $smessages); $message = "<strong>" . LAN_NEWS_46 . "</strong>"; //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } } } else { // Adding item $data['data']['news_id'] = $sql->db_Insert('news', $data); $news['news_id'] = $data['data']['news_id']; //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ") if ($data['data']['news_id']) { $data['news_id'] = $news['news_id']; $message = LAN_NEWS_6; $emessage->add(LAN_NEWS_6, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //moved down - prevent wrong mysql_insert_id e107::getAdminLog()->logArrayAll('NEWS_08', $logData); e107::getEvent()->trigger('newspost', $data['data']); //XXX - triggerHook after trigger? $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { $error = true; $message = "<strong>" . LAN_NEWS_7 . "</strong>"; $emessage->add(LAN_NEWS_7, E_MESSAGE_ERROR, $smessages); } } /* FIXME - trackback should be hooked! */ if ($news['news_id'] && $pref['trackbackEnabled']) { $excerpt = e107::getParser()->text_truncate(strip_tags(e107::getParser()->post_toHTML($news['news_body'])), 100, '...'); // $id=mysql_insert_id(); $permLink = $e107->base_path . "comment.php?comment.news." . intval($news['news_id']); require_once e_PLUGIN . "trackback/trackbackClass.php"; $trackback = new trackbackClass(); if ($_POST['trackback_urls']) { $urlArray = explode("\n", $_POST['trackback_urls']); foreach ($urlArray as $pingurl) { if (!($terror = $trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt))) { $message .= "<br />successfully pinged {$pingurl}."; $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages); } else { $message .= "<br />was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]"; $emessage->add("was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]", E_MESSAGE_ERROR, $smessages); } } } if (isset($_POST['pingback_urls'])) { if ($urlArray = $trackback->getPingUrls($news['news_body'])) { foreach ($urlArray as $pingurl) { if ($trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt)) { $message .= "<br />successfully pinged {$pingurl}."; $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages); } else { $message .= "Pingback to {$pingurl} failed ..."; $emessage->add("Pingback to {$pingurl} failed ...", E_MESSAGE_ERROR, $smessages); } } } else { $message .= "<br />No pingback addresses were discovered"; $emessage->add("No pingback addresses were discovered", E_MESSAGE_INFO, $smessages); } } } /* end trackback */ //return $message; $data['message'] = $message; $data['error'] = $error; return $data; }
function _observe_create_category() { if (!getperms('0|7')) { $this->noPermissions(); } //FIXME - lan, e_model based news administration model $this->error = false; if (empty($_POST['category_name'])) { $this->show_message('Validation Error: Missing Category name', E_MESSAGE_ERROR); $this->error = true; if (!empty($_POST['category_sef'])) { $_POST['category_sef'] = eHelper::secureSef($_POST['category_sef']); } } else { // first format sef... if (empty($_POST['category_sef'])) { $_POST['category_sef'] = eHelper::title2sef($_POST['category_name']); } else { $_POST['category_sef'] = eHelper::secureSef($_POST['category_sef']); } } // ...then check it if (empty($_POST['category_sef'])) { $this->error = true; $this->show_message('Validation error: News Category SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR); } elseif (e107::getDb()->db_Count('news_category', '(category_id)', "category_sef='" . e107::getParser()->toDB($_POST['category_sef']) . "'")) { $this->error = true; $this->show_message('Validation error: News Category SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR); } if (!$this->error) { $inserta = array(); $inserta['data']['category_icon'] = $_POST['category_icon']; $inserta['_FIELD_TYPES']['category_icon'] = 'todb'; $inserta['data']['category_name'] = $_POST['category_name']; $inserta['_FIELD_TYPES']['category_name'] = 'todb'; $inserta['data']['category_sef'] = $_POST['category_sef']; $inserta['_FIELD_TYPES']['category_sef'] = 'todb'; $inserta['data']['category_meta_description'] = eHelper::formatMetaDescription($_POST['category_meta_description']); $inserta['_FIELD_TYPES']['category_meta_description'] = 'todb'; $inserta['data']['category_meta_keywords'] = eHelper::formatMetaKeys($_POST['category_meta_keywords']); $inserta['_FIELD_TYPES']['category_meta_keywords'] = 'todb'; $inserta['data']['category_manager'] = $_POST['category_manager']; $inserta['_FIELD_TYPES']['category_manager'] = 'int'; $inserta['data']['category_order'] = $_POST['category_order']; $inserta['_FIELD_TYPES']['category_order'] = 'int'; $id = e107::getDb()->db_Insert('news_category', $inserta); if ($id) { $inserta['data']['category_id'] = $id; //admin log now supports DB array and method chaining e107::getAdminLog()->log_event('NEWS_04', $inserta, E_LOG_INFORMATIVE, ''); $this->show_message(NWSLAN_35, E_MESSAGE_SUCCESS); $this->clear_cache(); //TODO - add to WIKI docs e107::getEvent()->trigger("newscatpost", array_merge($inserta['data'], $rwinserta['data'])); } else { //debug + error message if (e107::getDb()->getLastErrorNumber()) { $this->error = true; $this->show_message('mySQL Error detected!', E_MESSAGE_ERROR); eMessage::getInstance()->addS('mySQL error #' . e107::getDb()->getLastErrorNumber() . ': ' . e107::getDb()->getLastErrorText(), E_MESSAGE_DEBUG); } } } }