function save_post($post_id)
{
global $link, $db, $post, $current_user, $globals, $site_key;
$post = new Post();
$_POST['post'] = clean_text_with_tags($_POST['post'], 0, false, $globals['posts_len']);
if (!empty($_FILES['image']['tmp_name'])) {
$limit_exceded = Upload::current_user_limit_exceded($_FILES['image']['size']);
if ($limit_exceded) {
echo 'ERROR: ' . $limit_exceded;
die;
}
}
if (mb_strlen($_POST['post']) < 5) {
echo 'ERROR: ' . _('texto muy corto');
die;
}
if ($post_id > 0) {
$post->id = $post_id;
if (!$post->read()) {
die;
}
if ((intval($_POST['user_id']) == $current_user->user_id && $current_user->user_id == $post->author && time() - $post->date < 3600 || $current_user->user_level == 'god' && time() - $post->date < $globals['posts_edit_time_admin'] * 1.5) && $_POST['key'] == $post->randkey) {
$post->content = $_POST['post'];
if (strlen($post->content) > 0) {
$post->store();
store_image($post);
}
} else {
echo 'ERROR: ' . _('no tiene permisos para grabar');
die;
}
} else {
if ($current_user->user_id != intval($_POST['user_id'])) {
die;
}
if ($current_user->user_karma < $globals['min_karma_for_posts']) {
echo 'ERROR: ' . _('el karma es muy bajo');
die;
}
// Check the post wasn't already stored
$post->randkey = intval($_POST['key']);
$post->author = $current_user->user_id;
$post->content = $_POST['post'];
// Verify that there are a period of 1 minute between posts.
if (intval($db->get_var("select count(*) from posts where post_user_id = {$current_user->user_id} and post_date > date_sub(now(), interval " . $globals['posts_period'] . " second)")) > 0) {
echo 'ERROR: ' . _('debe esperar entre notas');
die;
}
$same_text = $post->same_text_count();
$same_links = $post->same_links_count(10);
$db->transaction();
$r = $db->get_var("select count(*) from posts where post_user_id = {$current_user->user_id} and post_date > date_sub(now(), interval 5 minute) and post_randkey = {$post->randkey} FOR UPDATE");
$dupe = intval($r);
if (!is_null($r) && !$dupe && !$same_text) {
if ($same_links > 2) {
$reduction = $same_links * 0.2;
$user = new User($current_user->user_id);
$user->add_karma(-$reduction, _('demasiados enlaces al mismo dominio en las notas'));
syslog(LOG_NOTICE, "Meneame: post_edit decreasing {$reduction} of karma to {$user->username} (now {$user->karma})");
}
$post->store();
$db->commit();
store_image($post);
} else {
$db->commit();
echo 'ERROR: ' . _('comentario grabado previamente');
die;
}
}
$post->print_summary();
}
function save_sub($id, &$errors)
{
global $current_user, $db;
// Double check
$owner = intval($_POST['owner']);
if (!SitesMgr::can_edit($id)) {
array_push($errors, _('usuario no autorizado a editar'));
return false;
}
$site = SitesMgr::get_info();
$extended = SitesMgr::get_extended_properties($id);
if ($_POST['created_from'] != $site->id) {
array_push($errors, _('sitio erróneo'));
}
if ($owner != $current_user->user_id && !$current_user->admin) {
array_push($errors, _('propietario erróneo'));
}
$name = mb_substr(clean_input_string($_POST['name']), 0, 12);
if (mb_strlen($name) < 3 || !preg_match('/^\\p{L}[\\p{L}\\d_]+$/u', $name)) {
array_push($errors, _('nombre erróneo') . ' ' . $_POST['name']);
}
$name_long = mb_substr(clean_text($_POST['name_long']), 0, 40);
if (mb_strlen($name_long) < 6) {
array_push($errors, _('título erróneo'));
}
$name = $db->escape($name);
$name_long = $db->escape($name_long);
if ($db->get_var("select count(*) from subs where name = '{$name}' and id != {$id}") > 0) {
array_push($errors, _('nombre duplicado'));
}
$page_mode = $db->escape($_POST['page_mode']);
if ($current_user->admin) {
$enabled = intval($_POST['enabled']);
$allow_main_link = intval($_POST['allow_main_link']);
} else {
// Keep the values
$enabled = $site->enabled;
$allow_main_link = $site->allow_main_link;
$_POST['post_html'] = $extended['post_html'];
}
$nsfw = intval($_POST['nsfw']);
$private = intval($_POST['private']);
// Check the extended info
foreach (array('no_link', 'no_anti_spam', 'allow_local_links', 'intro_max_len', 'intro_min_len') as $k) {
if (isset($_POST[$k]) && $_POST[$k] !== '') {
$_POST[$k] = intval($_POST[$k]);
}
}
if ($_POST['intro_max_len'] > 5000) {
$_POST['intro_max_len'] = 5000;
}
if (empty($errors)) {
$db->transaction();
if ($id > 0) {
$r = $db->query("update subs set owner = {$owner}, enabled = {$enabled}, allow_main_link = {$allow_main_link}, nsfw = {$nsfw}, name = '{$name}', name_long = '{$name_long}', private = {$private}, page_mode = '{$page_mode}' where id = {$id}");
} else {
$r = $db->query("insert into subs (created_from, owner, nsfw, name, name_long, sub, private) values ({$site->id}, {$owner}, {$nsfw}, '{$name}', '{$name_long}', 1, {$private})");
$id = $db->insert_id;
}
if ($r && $id > 0) {
// Copy values from first site
$r = $db->query("update subs as a join subs as b on a.id = {$id} and b.id={$site->id} set a.server_name = b.server_name, a.base_url = b.base_url");
// Update copy_from
if ($current_user->admin) {
sub_copy_from($id, $_POST['copy_from']);
}
// Update colors
$color_regex = '/^#[a-f0-9]{6}/i';
if (preg_match($color_regex, $_POST['color1'])) {
$color1 = $db->escape($_POST['color1']);
} else {
$color1 = '';
}
if (preg_match($color_regex, $_POST['color2'])) {
$color2 = $db->escape($_POST['color2']);
} else {
$color2 = '';
}
$db->query("update subs set color1 = '{$color1}', color2 = '{$color2}' where id = {$id}");
}
if ($r && $id > 0) {
SitesMgr::store_extended_properties($id, $_POST);
$db->commit();
store_image($id);
return $id;
} else {
array_push($errors, _('error actualizando la base de datos'));
$db->rollback();
}
}
return false;
}
function updateData()
{
$error_flag = 0;
$error_flag1 = 0;
if (!empty($_FILES)) {
$image = array();
$image1 = array();
$file_path = ABSPATH . "wp-content/uploads/";
$file_path1 = ABSPATH . "wp-content/uploads/resize/";
foreach ($_FILES as $key => $file) {
if (empty($file['name'])) {
$image[$key]["name"] = $_POST[$key];
} else {
$path_parts = pathinfo($file["name"]);
$file["name"] = $image[$key]['name'] = $path_parts['filename'] . '_' . $key . '_' . time() . '.' . $path_parts['extension'];
array_push($image1, $_POST[$key]);
switch ($key) {
case "image1":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 309, 205);
break;
case "image2":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 309, 293);
break;
case "image3":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 309, 120);
break;
case "image4":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 280, 419);
break;
case "image5":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 280, 208);
break;
case "image6":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 309, 208);
break;
case "image7":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 309, 202);
break;
case "image8":
$error_flag = store_image($file["tmp_name"], $file_path1, $file["name"], 309, 208);
break;
}
$error_flag1 = store_image($file["tmp_name"], $file_path, $file["name"]);
if ($error_flag || $error_flag1) {
$error_flag = 1;
break;
}
}
}
if (!$error_flag) {
global $wpdb;
$table_name = $wpdb->prefix . "media_sliders";
$wpdb->update($table_name, array('name' => $_POST['name'], 'image1' => $image['image1']['name'], 'image2' => $image['image2']['name'], 'image3' => $image['image3']['name'], 'image4' => $image['image4']['name'], 'image5' => $image['image5']['name'], 'image6' => $image['image6']['name'], 'image7' => $image['image7']['name'], 'image8' => $image['image8']['name'], 'caption1' => $_POST['caption1'], 'caption2' => $_POST['caption2'], 'caption3' => $_POST['caption3'], 'caption4' => $_POST['caption4'], 'caption5' => $_POST['caption5'], 'caption6' => $_POST['caption6'], 'caption7' => $_POST['caption7'], 'caption8' => $_POST['caption8'], 'type' => $_POST['type']), array('ID' => $_POST['id']));
for ($i = 0; $i < count($image1); $i++) {
$file_name = $file_path . $image1[$i];
$file_name1 = $file_path1 . $image1[$i];
unlink($file_name);
unlink($file_name1);
}
}
}
return $error_flag;
}
