function processPreview($request) { // Ticket Check if (!$GLOBALS['xoopsGTicket']->check(true, 'pico')) { redirect_header(XOOPS_URL . '/', 3, $GLOBALS['xoopsGTicket']->getErrors()); } // initialize $cat_data = $this->currentCategoryObj->getData(); $myts =& PicoTextSanitizer::getInstance(); // assigning other than preview/request // parent::execute( $request ) ; // permission check (can_edit) done // request $request = pico_get_requests4content($this->mydirname, $errors = array(), $cat_data['post_auto_approved'], $cat_data['isadminormod'], $this->assign['content']['id']); $request['body_raw'] = $request['body']; $request['subject_raw'] = $request['subject']; $request4assign = array_map('htmlspecialchars_ent', $request); $this->assign['request'] = $request4assign; // override content data for edit $this->assign['content'] = $request4assign + $this->assign['content']; $this->assign['content']['filter_infos'] = pico_main_get_filter_infos($request['filters'], $cat_data['isadminormod']); $this->assign['content']['body_raw'] = $request['body']; $this->assign['content']['extra_fields'] = $request['extra_fields']; $this->assign['content']['ef'] = pico_common_unserialize($request['extra_fields']); // temporary $contentObj $tmpContentObj = new PicoContent($this->mydirname, 0, $this->currentCategoryObj, true); // preview $this->assign['preview'] = array('errors' => $errors, 'htmlheader' => $request['htmlheader'], 'subject' => $myts->makeTboxData4Show($request['subject'], 1, 1), 'body' => $tmpContentObj->filterBody($this->assign['content'])); }
function pico_updatecontent($mydirname, $content_id, $prev_auto_approval = true, $prev_isadminormod = false) { global $xoopsUser; $db =& Database::getInstance(); $auto_approval = $prev_auto_approval; $isadminormod = $prev_isadminormod; $requests = pico_get_requests4content($mydirname, $errors = array(), $auto_approval, $isadminormod, $content_id); $targetCategoryObj = $requests['categoryObj']; $ef_obj = $requests['ef_obj']; unset($requests['categoryObj'], $requests['ef_obj']); unset($requests['specify_created_time'], $requests['specify_modified_time'], $requests['specify_expiring_time'], $requests['created_time_formatted'], $requests['modified_time_formatted'], $requests['expiring_time_formatted']); $ignore_requests = $auto_approval ? array() : array('subject', 'htmlheader', 'body', 'visible', 'filters', 'show_in_navi', 'show_in_menu', 'allow_comment', 'use_cache', 'weight', 'tags', 'cat_id'); if (!$isadminormod) { // only adminormod can set htmlheader $requests['htmlheader_waiting'] = $requests['htmlheader']; $ignore_requests[] = 'htmlheader'; } $set = ''; foreach ($requests as $key => $val) { if (in_array($key, $ignore_requests)) { continue; } if ($key == 'vpath' && empty($val)) { $set .= "`{$key}`=null,"; } else { $set .= "`{$key}`='" . mysql_real_escape_string($val) . "',"; } } // some patches about times $time4sql = ''; if (empty($requests['modified_time'])) { $time4sql .= "modified_time=UNIX_TIMESTAMP(),"; } // backup the content, first pico_transact_backupcontent($mydirname, $content_id); // do update $uid = is_object($xoopsUser) ? $xoopsUser->getVar('uid') : 0; $sql = "UPDATE " . $db->prefix($mydirname . "_contents") . " SET modifier_uid='{$uid}', {$set} {$time4sql} modifier_ip='" . mysql_real_escape_string(@$_SERVER['REMOTE_ADDR']) . "',body_cached='',for_search='' WHERE content_id={$content_id}"; if (!$db->queryF($sql)) { die(_MD_PICO_ERR_DUPLICATEDVPATH . ' or ' . _MD_PICO_ERR_SQL . __LINE__ . __FUNCTION__); } pico_transact_reset_body_cached($mydirname, $content_id); // rebuild category tree pico_sync_cattree($mydirname); // update tags pico_sync_tags($mydirname); // update content_ef_sortables $ef_obj->syncContentEfSortables($content_id); return $content_id; }