// check ensures that malicious users do not even see the screen for // adding a post to a blog that is not theirs throw new AccessDeniedException(get_string('youarenottheownerofthisblog', 'artefact.blog')); } // Should we create a new post or attach the new file to an existing post $postids = get_records_sql_array("\n SELECT a.id\n FROM {artefact} a\n WHERE a.title = ? AND a.description = ?\n\tAND a.owner = ? ", array($title, $description, $USER->get('id'))); if ($postids) { $blogpost = $postids[0]->id; $postobj = new ArtefactTypeBlogPost($blogpost); $postobj->check_permission(); if ($postobj->get('locked')) { throw new AccessDeniedException(get_string('submittedforassessment', 'view')); } } else { $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $title); $postobj->set('description', $description); $postobj->set('tags', $tags); $postobj->set('published', !$draft); $postobj->set('allowcomments', (int) $allowcomments); $postobj->set('parent', $blog); $postobj->set('owner', $USER->id); $postobj->commit(); } } // Check to see if we're creating a journal entry // -- Finally attach the file to the blog post once uploaded and -- if ($artefact_id && $postobj) { // If we created or matched a blog post and created an artefact // attach the artefact to the blog. $postobj->attach($artefact_id);
function editpost_submit(Pieform $form, $values) { global $USER, $SESSION, $blogpost, $blog; require_once 'embeddedimage.php'; db_begin(); $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $values['title']); $postobj->set('description', $values['description']); $postobj->set('tags', $values['tags']); if (get_config('licensemetadata')) { $postobj->set('license', $values['license']); $postobj->set('licensor', $values['licensor']); $postobj->set('licensorurl', $values['licensorurl']); } $postobj->set('published', !$values['draft']); $postobj->set('allowcomments', (int) $values['allowcomments']); if (!$blogpost) { $postobj->set('parent', $blog); $blogobj = new ArtefactTypeBlog($blog); if ($blogobj->get('institution')) { $postobj->set('institution', $blogobj->get('institution')); } else { if ($blogobj->get('group')) { $postobj->set('group', $blogobj->get('group')); } else { $postobj->set('owner', $USER->id); } } } $postobj->commit(); $blogpost = $postobj->get('id'); // Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id $postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id'))); // Attachments $old = $postobj->attachment_id_list(); // $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); // only allow the attaching of files that exist and are editable by user foreach ($new as $key => $fileid) { $file = artefact_instance_from_id($fileid); if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) { unset($new[$key]); } } if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { try { $postobj->detach($o); } catch (ArtefactNotFoundException $e) { } } } foreach ($new as $n) { if (!in_array($n, $old)) { try { $postobj->attach($n); } catch (ArtefactNotFoundException $e) { } } } } db_commit(); $result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog); if ($form->submitted_by_js()) { // Redirect back to the blog page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
/** * This function updates an existing blog post. * * @param User * @param array */ public static function edit_post(User $user, array $values) { $artefact = new ArtefactTypeBlogPost($values['id']); if ($user->get('id') != $artefact->get('owner')) { return false; } $artefact->set('title', $values['title']); $artefact->set('description', $values['description']); $artefact->set('published', $values['published']); $artefact->set('tags', $values['tags']); if (get_config('licensemetadata')) { $artefact->set('license', $values['license']); $artefact->set('licensor', $values['licensor']); $artefact->set('licensorurl', $values['licensorurl']); } $artefact->commit(); return true; }
/** * Creates a blogpost from the given entry * * @param SimpleXMLElement $entry The entry to create the blogpost from * @param PluginImportLeap $importer The importer * @param int $blogid The blog in which to put the post * @return array A list of artefact IDs created, to be used with the artefact mapping. * There will either be one (the blogpost ID), or two. If there is two, the * second one will be the ID of the file created to hold the out-of-line * content associated with the blogpost */ private static function create_blogpost(SimpleXMLElement $entry, PluginImportLeap $importer, $blogid) { $createdartefacts = array(); $blogpost = new ArtefactTypeBlogPost(); $blogpost->set('title', (string) $entry->title); // If the entry has out of line content, we import that separately as a // file and set the content to refer to it if (isset($entry->content['src']) && isset($entry->content['type'])) { $file = LeapImportFile::create_file($entry, $importer); $createdartefacts[] = $file->get('id'); $content = '<a href="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->get('id') . '"' . ' title="' . hsc($file->get('title')) . '">'; if (is_image_mime_type($file->get('filetype'))) { $content .= '<img src="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->get('id') . '&maxwidth=500&maxheight=500"' . ' alt="' . hsc($file->get('title')) . '">'; } $content .= '</a>'; $blogpost->set('description', $content); } else { $description = PluginImportLeap::get_entry_content($entry, $importer); $type = isset($entry->content['type']) ? (string) $entry->content['type'] : 'text'; if ($type == 'text') { $description = format_whitespace($description); } $blogpost->set('description', $description); } if ($published = strtotime((string) $entry->published)) { $blogpost->set('ctime', $published); } if ($updated = strtotime((string) $entry->updated)) { $blogpost->set('mtime', $updated); } $draftpost = count($entry->xpath('a:category[(' . $importer->curie_xpath('@scheme', PluginImportLeap::NS_CATEGORIES, 'readiness#') . ') and @term="Unready"]')) == 1; $blogpost->set('published', $draftpost ? 0 : 1); $blogpost->set('owner', $importer->get('usr')); $blogpost->set('parent', $blogid); $blogpost->set('tags', PluginImportLeap::get_entry_tags($entry)); $blogpost->commit(); array_unshift($createdartefacts, $blogpost->get('id')); return $createdartefacts; }
function editpost_submit(Pieform $form, $values) { global $USER, $SESSION, $blogpost, $blog; db_begin(); $postobj = new ArtefactTypeBlogPost($blogpost, null); $postobj->set('title', $values['title']); $postobj->set('description', $values['description']); $postobj->set('tags', $values['tags']); $postobj->set('published', !$values['draft']); if (!$blogpost) { $postobj->set('parent', $blog); $postobj->set('owner', $USER->id); } $postobj->commit(); $blogpost = $postobj->get('id'); // Attachments $old = $postobj->attachment_id_list(); // $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array(); $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array(); if (!empty($new) || !empty($old)) { foreach ($old as $o) { if (!in_array($o, $new)) { $postobj->detach($o); } } foreach ($new as $n) { if (!in_array($n, $old)) { $postobj->attach($n); } } } db_commit(); $result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog); if ($form->submitted_by_js()) { // Redirect back to the blog page from within the iframe $SESSION->add_ok_msg($result['message']); $form->json_reply(PIEFORM_OK, $result, false); } $form->reply(PIEFORM_OK, $result); }
/** * Creates a blogpost from the given entry * * @param SimpleXMLElement $entry The entry to create the blogpost from * @param PluginImportLeap $importer The importer * @param int $blogid The blog in which to put the post * @return array A list of artefact IDs created, to be used with the artefact mapping. * There will either be one (the blogpost ID), or two. If there is two, the * second one will be the ID of the file created to hold the out-of-line * content associated with the blogpost */ private static function create_blogpost(SimpleXMLElement $entry, PluginImportLeap $importer, $blogid) { $config = self::get_blogpost_entry_data($entry, $importer, $blogid); $createdartefacts = array(); $blogpost = new ArtefactTypeBlogPost(); $blogpost->set('title', $config['content']['title']); // If the entry has out of line content, we import that separately as a // file and set the content to refer to it if ($config['isfile']) { $file = LeapImportFile::create_file($entry, $importer); $createdartefacts[] = $file->get('id'); $content = '<a href="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->get('id') . '"' . ' title="' . hsc($file->get('title')) . '">'; if (is_image_mime_type($file->get('filetype'))) { $content .= '<img src="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->get('id') . '&maxwidth=500&maxheight=500"' . ' alt="' . hsc($file->get('title')) . '">'; } $content .= '</a>'; $blogpost->set('description', $content); } else { $blogpost->set('description', $config['content']['description']); } if ($config['content']['ctime']) { $blogpost->set('ctime', $config['content']['ctime']); } if ($config['content']['mtime']) { $blogpost->set('mtime', $config['content']['mtime']); } $draftpost = PluginImportLeap::is_correct_category_scheme($entry, $importer, 'readiness', 'Unready'); $blogpost->set('published', $config['content']['published']); $blogpost->set('owner', $config['owner']); $blogpost->set('parent', $blogid); $blogpost->set('tags', $config['content']['tags']); $blogpost->commit(); array_unshift($createdartefacts, $blogpost->get('id')); return $createdartefacts; }
function xmldb_artefact_blog_upgrade($oldversion = 0) { // There was no database prior to this version. if ($oldversion < 2006120501) { install_from_xmldb_file(get_config('docroot') . 'artefact/blog/db/install.xml'); } if ($oldversion < 2006121501) { $table = new XMLDBTable('artefact_blog_blogpost_file_pending'); $table->addFieldInfo('file', XMLDB_TYPE_INTEGER, '10', null, XMLDB_NOTNULL); $table->addFieldInfo('when', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL); $table->addKeyInfo('blogpost_file_pending_pk', XMLDB_KEY_PRIMARY, array('file')); $table->addKeyInfo('filefk', XMLDB_KEY_FOREIGN, array('file'), 'artefact', array('id')); if (!create_table($table)) { throw new SQLException($table . " could not be created, check log for errors."); } } if ($oldversion < 2008012200) { // From 0.9, some files were not having their temporary download paths // translated to proper artefact/file/download.php paths. This upgrade // attempts to fix them. It should work in the vast majority of cases, // the largest assumption made is that artefacts were inserted in // ascending ID order when the post was created, which is a pretty safe // bet. if ($blogfiles = get_records_array('artefact_blog_blogpost_file', '', '', 'blogpost ASC, file ASC')) { $blogpostids = join(', ', array_map(create_function('$a', 'return $a->blogpost;'), $blogfiles)); // Find all blogposts that have attached files if ($blogposts = get_records_select_array('artefact', 'id IN(' . $blogpostids . ')', null, 'id ASC')) { foreach ($blogposts as $post) { log_debug("Checking post {$post->id}"); // Only doublecheck posts that are likely to have a broken URL in them if (false !== strpos($post->description, 'createid')) { log_debug(" * Looks like post " . $post->id . " has a createid in it"); $i = 0; $body = $post->description; foreach ($blogfiles as $file) { if ($file->blogpost == $post->id) { // This file is connected to this post, so likely it is to be displayed $i++; log_debug('* Replace uploadnumber = ' . $i . ' with artefact id ' . $file->file); $regexps = array('/<img([^>]+)src="([^>]+)downloadtemp.php\\?uploadnumber=' . $i . '&createid=\\d+/', '/alt="uploaded:' . $i . '"/'); $subs = array('<img$1src="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->file, 'alt="artefact:' . $file->file . '"'); $body = preg_replace($regexps, $subs, $body); } } // Update the post if necessary if ($body != $post->description) { $postobj = new ArtefactTypeBlogPost($post->id, null); $postobj->set('description', $body); $postobj->commit(); } } } } } } if ($oldversion < 2008020700) { $table = new XMLDBTable('artefact_blog_blog'); drop_table($table); if (is_mysql()) { execute_sql('DROP INDEX {arteblogblog_blo2_ix} ON {artefact_blog_blogpost}'); execute_sql('CREATE INDEX {arteblogblog_blo_ix} ON {artefact_blog_blogpost} (blogpost)'); execute_sql('ALTER TABLE {artefact_blog_blogpost} DROP FOREIGN KEY {arteblogblog_blo2_fk}'); // I can't quite get mysql to name this key correctly, so there // will be a difference in the database if you upgrade from 0.9 // compared with installing from 1.0 execute_sql('ALTER TABLE {artefact_blog_blogpost} ADD FOREIGN KEY (blogpost) REFERENCES {artefact} (id)'); } else { // Rename indexes to keep things the same regardless of whether the // user installed or upgraded to this release execute_sql('DROP INDEX {arteblogblog_blo2_ix}'); execute_sql('CREATE INDEX {arteblogblog_blo_ix} ON {artefact_blog_blogpost} USING btree (blogpost)'); execute_sql('ALTER TABLE {artefact_blog_blogpost} DROP CONSTRAINT {arteblogblog_blo2_fk}'); execute_sql('ALTER TABLE {artefact_blog_blogpost} ADD CONSTRAINT {arteblogblog_blo_fk} FOREIGN KEY (blogpost) REFERENCES {artefact}(id)'); } } if ($oldversion < 2008101602) { $table = new XMLDBTable('artefact_blog_blogpost_file_pending'); $table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null); $table->addFieldInfo('oldextension', XMLDB_TYPE_TEXT, null); $table->addFieldInfo('filetype', XMLDB_TYPE_TEXT, null); $table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id')); create_table($table); } if ($oldversion < 2009033100) { $bloguploadbase = get_config('dataroot') . 'artefact/blog/uploads/'; if (is_dir($bloguploadbase)) { if ($basedir = opendir($bloguploadbase)) { while (false !== ($sessionupload = readdir($basedir))) { if ($sessionupload != "." && $sessionupload != "..") { $sessionupload = $bloguploadbase . $sessionupload; $subdir = opendir($sessionupload); while (false !== ($uploadfile = readdir($subdir))) { if ($uploadfile != "." && $uploadfile != "..") { $uploadfile = $sessionupload . '/' . $uploadfile; unlink($uploadfile); } } closedir($subdir); rmdir($sessionupload); } } } @rmdir($bloguploadbase); } } if ($oldversion < 2009081800) { $subscription = (object) array('plugin' => 'blog', 'event' => 'createuser', 'callfunction' => 'create_default_blog'); ensure_record_exists('artefact_event_subscription', $subscription, $subscription); } return true; }