/** * show thread * * @param integer $intThreadId * @return bool */ function showThread($intThreadId) { global $objDatabase, $_ARRAYLANG; $objFWUser = \FWUser::getFWUserObject(); $this->_communityLogin(); $intThreadId = intval($intThreadId); if (!empty($_REQUEST['notification_update']) && $_REQUEST['notification_update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION']) { $this->_updateNotification($intThreadId); } $intCatId = !empty($_REQUEST['category_id']) ? intval($_REQUEST['category_id']) : '0'; if ($intCatId == 0) { $intCatId = $this->_getCategoryIdFromThread($intThreadId); } if (empty($intCatId)) { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum'); die; } if ($objFWUser->objUser->login()) { $this->_objTpl->touchBlock('notificationRow'); } else { $this->_objTpl->hideBlock('notificationRow'); } $intPostId = !empty($_REQUEST['postid']) ? intval($_REQUEST['postid']) : 0; $intPostId = $intPostId == 0 && !empty($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : $intPostId; $this->_objTpl->setVariable('FORUM_EDIT_POST_ID', $intPostId); $_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : ''; if ($_REQUEST['act'] == 'delete') { if ($this->_checkAuth($intCatId, 'delete')) { if ($this->_deletePost($intCatId, $intThreadId, $_REQUEST['postid'])) { $this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']); } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']); } } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); } } $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0; $this->_objTpl->setVariable(array('FORUM_PAGING_POS' => $pos)); if (!empty($_REQUEST['preview_new'])) { $pos = $this->_getLastPos($intPostId, $intThreadId); } if (!empty($_REQUEST['postid'])) { if ($_REQUEST['act'] == 'quote') { $pos = $this->_getLastPos($intPostId, $intThreadId); } if ($_REQUEST['act'] == 'edit') { $pos = $this->_getEditPos($intPostId, $intThreadId); } } if (!empty($_REQUEST['l']) && $_REQUEST['l'] == 1) { $pos = $this->_getEditPos($intPostId, $intThreadId); } $arrPosts = $this->createPostArray($intThreadId, $pos); if (!empty($_REQUEST['preview_edit']) && $_REQUEST['post_id'] != 0 && $_REQUEST['act'] != 'quote') { $intPostId = intval($intPostId); $pos = $this->_getEditPos($intPostId, $intThreadId); $arrPosts = $this->createPostArray($intThreadId, $pos); $arrPosts[$intPostId]['subject'] = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT']; $arrPosts[$intPostId]['content'] = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput(contrexx_input2raw($_REQUEST['message'])); } $userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0; $icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1; if ($_REQUEST['act'] == 'edit') { //submit is an edit $arrEditedPost = $this->_getPostingData($intPostId); $subject = addcslashes(htmlentities($arrEditedPost['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $content = $arrEditedPost['content']; $keywords = addcslashes(htmlentities($arrEditedPost['keywords'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $attachment = $arrEditedPost['attachment']; $this->_objTpl->setVariable('FORUM_POST_EDIT_USERID', $arrPosts[$intPostId]['user_id']); if (!empty($attachment)) { $this->_objTpl->setVariable('TXT_FORUM_DELETE_ATTACHMENT', sprintf($_ARRAYLANG['TXT_FORUM_DELETE_ATTACHMENT'], $attachment)); } $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); $this->_objTpl->hideBlock('previewNewPost'); $this->_objTpl->touchBlock('previewEditPost'); } else { //new post if ($this->_objTpl->blockExists('delAttachment')) { $this->_objTpl->hideBlock('delAttachment'); } $subject = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : ''; $content = !empty($_REQUEST['message']) ? contrexx_input2raw(strip_tags($_REQUEST['message'])) : ''; $keywords = !empty($_REQUEST['keywords']) ? contrexx_strip_tags($_REQUEST['keywords']) : ''; $attachment = !empty($_REQUEST['attachment']) ? contrexx_strip_tags($_REQUEST['attachment']) : ''; $this->_objTpl->touchBlock('createPost'); $this->_objTpl->hideBlock('updatePost'); $this->_objTpl->touchBlock('previewNewPost'); $this->_objTpl->hideBlock('previewEditPost'); } if ($_REQUEST['act'] == 'quote') { $quoteContent = $this->_getPostingData($intPostId); $subject = 'RE: ' . addcslashes(htmlentities($quoteContent['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $content = '[quote=' . $arrPosts[$intPostId]['user_name'] . ']' . strip_tags($quoteContent['content']) . '[/quote]'; } $firstPost = current($arrPosts); if ($this->_arrSettings['wysiwyg_editor'] == 1) { //IF WYSIWIG enabled.. $strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('message', $content, 'bbcode'); } else { //plain textarea $strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="message">' . contrexx_raw2xhtml($content) . '</textarea>'; } $this->_objTpl->setGlobalVariable(array('FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deletePost'), 'FORUM_JAVASCRIPT_SCROLLTO' => $this->getJavascript('scrollto'), 'FORUM_SCROLLPOS' => !empty($_REQUEST['scrollpos']) ? intval($_REQUEST['scrollpos']) : '0', 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText', array($intCatId, $intThreadId, $firstPost)), 'FORUM_NAME' => $this->_shortenString($firstPost['subject'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId) . '<a title="' . $this->_arrTranslations[$intCatId][$this->_intLangId]['name'] . '" href="index.php?section=Forum&cmd=board&id=' . $intCatId . '">' . $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength) . '</a> > ', 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_RATING' => $_ARRAYLANG['TXT_FORUM_RATING'], 'TXT_FORUM_ADD_POST' => $_ARRAYLANG['TXT_FORUM_ADD_POST'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_POST' => $_ARRAYLANG['TXT_FORUM_CREATE_POST'], 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_QUOTE' => $_ARRAYLANG['TXT_FORUM_QUOTE'], 'TXT_FORUM_EDIT' => $_ARRAYLANG['TXT_FORUM_EDIT'], 'TXT_FORUM_DELETE' => $_ARRAYLANG['TXT_FORUM_DELETE'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_UPDATE_POST' => $_ARRAYLANG['TXT_FORUM_UPDATE_POST'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'TXT_FORUM_THREAD_ACTION_DESC' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DESC'], 'TXT_FORUM_THREAD_ACTION_MOVE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE'], 'TXT_FORUM_THREAD_ACTION_CLOSE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_CLOSE_' . $firstPost['is_locked']], 'TXT_FORUM_THREAD_ACTION_STICKY' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_STICKY_' . $firstPost['is_sticky']], 'TXT_FORUM_THREAD_ACTION_DELETE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DELETE'], 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'FORUM_SUBJECT' => stripslashes($subject), 'FORUM_KEYWORDS' => stripslashes($keywords), 'FORUM_ATTACHMENT_OLDNAME' => $attachment, 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_THREAD_ID' => $intThreadId, 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_POSTS_PAGING' => getPaging($this->_postCount, $pos, '§ion=Forum&cmd=thread&id=' . $intThreadId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], true, $this->_arrSettings['posting_paging']))); if ($objFWUser->objUser->login()) { $this->_objTpl->hideBlock('captcha'); } else { $this->_objTpl->touchBlock('captcha'); } $this->_setIcons($this->_getIcons()); if (!$this->_checkAuth($intCatId, 'read')) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); return false; } $intCounter = 0; foreach ($arrPosts as $postId => $arrValues) { $strRating = '<span id="forum_current_rating_' . $postId . '" class="rating_%s">%s</span>'; if ($arrValues['rating'] == 0) { $class = 'none'; } elseif ($arrValues['rating'] > 0) { $class = 'pos'; } else { $class = 'neg'; } $strRating = sprintf($strRating, $class, $arrValues['rating']); $strUserProfileLink = $arrValues['user_id'] > 0 ? '<a title="' . $arrValues['user_name'] . '" href="index.php?section=Access&cmd=user&id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName; $arrAttachment = $this->_getAttachment($arrValues['attachment']); $this->_objTpl->setGlobalVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1)); $quoteLink = "id=" . $intThreadId . "&act=quote&postid=" . $postId; $quoteLinkLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Forum") . "&cmd=thread&" . htmlentities($quoteLink) . "';"; $quoteLinkNotLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Login") . "&redirect=" . base64_encode("index.php?section=Forum&cmd=thread&" . $quoteLink) . "';"; $this->_objTpl->setVariable(array('FORUM_POST_DATE' => $arrValues['time_created'], 'FORUM_POST_LAST_EDITED' => $arrValues['time_edited'] != date(ASCMS_DATE_FORMAT, 0) ? $_ARRAYLANG['TXT_FORUM_LAST_EDITED'] . $arrValues['time_edited'] : '', 'FORUM_USER_ID' => $arrValues['user_id'], 'FORUM_USER_NAME' => $strUserProfileLink, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . $arrValues['post_number'], 'FORUM_POST_ICON' => $arrValues['post_icon'], 'FORUM_POST_SUBJECT' => $arrValues['subject'], 'FORUM_POST_MESSAGE' => $arrValues['content'], 'FORUM_POST_RATING' => $strRating, 'FORUM_POST_ATTACHMENT_LINK' => $arrAttachment['webpath'], 'FORUM_POST_ATTACHMENT_FILENAME' => $arrAttachment['name'], 'FORUM_POST_ATTACHMENT_ICON' => $arrAttachment['icon'], 'FORUM_POST_ATTACHMENT_FILESIZE' => $arrAttachment['size'], 'FORUM_QUOTE_ONCLICK' => $this->_checkAuth($intCatId, 'write') ? $quoteLinkLoggedIn : $quoteLinkNotLoggedIn)); if (!$objFWUser->objUser->login() && !$this->_checkAuth($intCatId, 'write')) { $button = '<input type="button" value="' . $_ARRAYLANG['TXT_FORUM_CREATE_POST'] . '" onclick="location.href=\'' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?section=Login') . '&redirect=' . base64_encode($_SERVER['REQUEST_URI']) . '\';" />'; $this->_objTpl->setVariable(array('FORUM_POST_REPLY_REDIRECT' => $button)); } $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId, 'FORUM_RATING_POST_ID' => $postId)); if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'edit') || $objFWUser->objUser->login() && $arrValues['user_id'] == $objFWUser->objUser->getId())) { $this->_objTpl->touchBlock('postEdit'); } else { $this->_objTpl->hideBlock('postEdit'); } if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'write') || !$firstPost['is_locked'])) { $this->_objTpl->touchBlock('postQuote'); } else { $this->_objTpl->hideBlock('postQuote'); } if ($this->_checkAuth($intCatId, 'delete') && $arrValues['post_number'] != 1) { $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId)); $this->_objTpl->touchBlock('postDelete'); } else { $this->_objTpl->hideBlock('postDelete'); } if ($this->_objTpl->blockExists('rating')) { if ($objFWUser->objUser->login() && !$this->_hasRated($postId)) { $this->_objTpl->parse('rating'); } else { $this->_objTpl->hideBlock('rating'); } } if ($this->_objTpl->blockExists('attachment')) { if (!empty($arrValues['attachment'])) { $this->_objTpl->parse('attachment'); } else { $this->_objTpl->hideBlock('attachment'); } } $this->_objTpl->parse('forumPosts'); } if (!$this->_checkAuth($intCatId, 'write') || $firstPost['is_locked'] == 1) { $this->_objTpl->hideBlock('addPost'); $this->_objTpl->hideBlock('addPostAnchor'); } else { $this->_objTpl->touchBlock('addPostAnchor'); } // initialize the uploader $this->initForumUploader(); //addpost code if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_POST']) { if (!$this->_checkAuth($intCatId, 'write') && $firstPost['is_locked'] != 1) { //auth check $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('addPost'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { //captcha check return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } $lastPostIdQuery = ' SELECT max( id ) as last_post_id FROM ' . DBPREFIX . 'module_forum_postings WHERE category_id = ' . $intCatId . ' AND thread_id = ' . $intThreadId; if (($objRSmaxId = $objDatabase->SelectLimit($lastPostIdQuery, 1)) !== false) { $intPrevPostId = $objRSmaxId->fields['last_post_id']; } else { die('Database error: ' . $objDatabase->ErrorMsg()); } $insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings ( id, category_id, thread_id, prev_post_id, user_id, time_created, time_edited, is_locked, is_sticky, rating, views, icon, keywords, subject, content, attachment ) VALUES ( NULL, ' . $intCatId . ', ' . $intThreadId . ', ' . $intPrevPostId . ', ' . $userId . ', ' . time() . ', 0, 0, 0, 0, 0, ' . $icon . ",\n '{$keywords}' ,'" . $subject . "', '" . contrexx_raw2db($content) . "', '" . $fileInfo['name'] . "'\n )"; if ($objDatabase->Execute($insertQuery) !== false) { $lastInsertId = $objDatabase->Insert_ID(); $this->updateViewsNewItem($intCatId, $lastInsertId, true); $this->_updateNotification($intThreadId); $this->_sendNotifications($intThreadId, $subject, $content); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId)); die; } if (!empty($_REQUEST['preview_new'])) { $content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($content); if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } $this->_objTpl->setVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_POST_DATE' => date(ASCMS_DATE_FORMAT, time()), 'FORUM_USER_ID' => $userId, 'FORUM_USER_NAME' => $objFWUser->objUser->login() ? '<a href="index.php?section=Access&cmd=user&id=' . $userId . '" title="' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : $this->_anonymousName, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . ($this->_postCount + 1), 'FORUM_POST_ICON' => $this->getThreadIcon($icon), 'FORUM_POST_SUBJECT' => stripslashes($subject), 'FORUM_POST_MESSAGE' => $content, 'FORUM_POST_RATING' => '0')); $this->_objTpl->touchBlock('createPost'); $this->_objTpl->hideBlock('updatePost'); if ($this->_objTpl->blockExists('attachment')) { $this->_objTpl->hideBlock('attachment'); } $this->_objTpl->hideBlock('postEdit'); $this->_objTpl->hideBlock('postQuote'); $this->_objTpl->touchBlock('previewNewPost'); $this->_objTpl->hideBlock('previewEditPost'); $this->_objTpl->parse('forumPosts'); } if (!empty($_REQUEST['update']) && $_REQUEST['update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_POST']) { if (strlen(trim($content)) < $this->_minPostlength) { //content size check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (!$this->_checkAuth($intCatId, 'edit') && (!$objFWUser->objUser->login() || $arrValues['user_id'] != $objFWUser->objUser->getId())) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('postEdit'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } if (empty($_POST['forum_delete_attachment']) && empty($fileInfo['name']) && !empty($_REQUEST['forum_attachment_oldname'])) { $fileInfo['name'] = contrexx_addslashes($_REQUEST['forum_attachment_oldname']); } elseif (!empty($_POST['forum_delete_attachment']) && $_POST['forum_delete_attachment'] == 1 || !empty($_REQUEST['forum_attachment_oldname']) && $fileInfo['name'] != $_REQUEST['forum_attachment_oldname']) { unlink(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteMediaForumUploadPath() . '/' . str_replace(array('./', '.\\'), '', $_REQUEST['forum_attachment_oldname'])); } $updateQuery = 'UPDATE ' . DBPREFIX . 'module_forum_postings SET time_edited = ' . mktime() . ', icon = ' . $icon . ', subject = \'' . $subject . '\', keywords = \'' . $keywords . '\', content = \'' . contrexx_raw2db($content) . '\', attachment = \'' . $fileInfo['name'] . '\' WHERE id = ' . $intPostId; if ($objDatabase->Execute($updateQuery) !== false) { $this->updateViews($intThreadId, $intPostId); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId)); die; } if (!empty($_REQUEST['preview_edit'])) { $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); $this->_objTpl->hideBlock('previewNewPost'); $this->_objTpl->touchBlock('previewEditPost'); } $hasAccess = false; foreach (array('STICKY', 'MOVE', 'CLOSE', 'DELETE') as $action) { if (!$this->_checkAuth($intCatId, strtolower($action))) { $this->_objTpl->setVariable('FORUM_THREAD_ACTIONS_DISABLED_' . $action, 'disabled="disabled"'); } else { $hasAccess = true; } } if ($this->_objTpl->blockExists('threadActionsSelect')) { if ($userId < 1 || !$hasAccess) { $this->_objTpl->hideBlock('threadActionsSelect'); } else { $this->_objTpl->touchBlock('threadActionsSelect'); } } if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'move' && !empty($_REQUEST['id'])) { $thread = intval($_REQUEST['id']); $newCat = intval($_REQUEST['moveToThread']); $oldCat = $this->_getCategoryIdFromThread($thread); $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `category_id` = {$newCat} WHERE `thread_id` = " . $thread; if ($objDatabase->Execute($query)) { $intMovedPosts = $objDatabase->Affected_Rows(); $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `thread_id` = {$thread}"; $objRS = $objDatabase->SelectLimit($query, 1); $intMovedPostLastId = $objRS->fields['lastid']; $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$oldCat}"; $objRS = $objDatabase->SelectLimit($query, 1); $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` - 1, `post_count` = `post_count` - {$intMovedPosts}, `last_post_id` = " . (intval($objRS->fields['lastid']) > 0 ? intval($objRS->fields['lastid']) : 0) . " WHERE `category_id` = {$oldCat}"; $objDatabase->Execute($query); $query = "SELECT `id` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$newCat} GROUP BY `time_created` DESC"; $objRS = $objDatabase->Execute($query); $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` + 1, `post_count` = `post_count` + {$intMovedPosts}, `last_post_id` = " . $objRS->fields['id'] . " WHERE `category_id` = {$newCat}"; $objDatabase->Execute($query); $this->_objTpl->hideBlock('moveForm'); $this->_objTpl->setVariable(array('TXT_THREAD_ACTION_' . ($success ? 'SUCCESS' : 'ERROR') => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE' . (!$success ? 'UN' : '') . 'SUCCESSFUL'], 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_THREAD_ID' => $intThreadId)); \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $thread); } } if (!empty($_GET['a'])) { $this->_objTpl->setVariable(array('TXT_FORUM_' . ($_GET['r'] == 1 ? 'SUCCESS' : 'ERROR') => '<br />' . $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_' . strtoupper($_GET['a']) . '_' . (!$_GET['r'] ? 'UN' : '') . 'SUCCESSFUL' . $_GET['s']])); } $success = false; if (!empty($_REQUEST['thread_actions'])) { $action = contrexx_addslashes($_REQUEST['thread_actions']); if ($this->_checkAuth($intCatId, $action)) { switch ($action) { case 'move': $arrForums = $this->createForumArray($this->_intLangId); foreach ($arrForums as $intCatID => $arrThread) { $strOptions .= '<option value="' . $intCatID . '" ' . ($arrThread['level'] == 0 ? 'disabled="disabled"' : '') . '>' . str_repeat(' ', $arrThread['level'] * 2) . $arrThread['name'] . '</option>'; } $this->_objTpl->setVariable(array('FORUM_THREADS' => $strOptions)); $success = true; $suffix = ''; \Env::get('cx')->getPage()->setTitle($_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE']); break; case 'close': $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_locked` = IF(`is_locked` = '0' OR `is_locked` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']); if ($objDatabase->Execute($query) !== false) { $success = true; } $suffix = '_' . $firstPost['is_locked']; break; case 'sticky': $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_sticky` = IF(`is_sticky` = '0' OR `is_sticky` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']); if ($objDatabase->Execute($query) !== false) { $success = true; } $suffix = '_' . $firstPost['is_sticky']; break; default: break; } if ($action != 'move') { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&a=' . $action . '&r=' . $success . '&s=' . $suffix); } } else { $this->_objTpl->setVariable('TXT_THREAD_ACTION_ERROR', $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); } $this->_objTpl->parse('threadActions'); $this->_objTpl->touchBlock('threadActions'); $this->_objTpl->hideBlock('threadDisplay'); } else { $this->updateViews($intThreadId, $intPostId); $this->_objTpl->hideBlock('threadActions'); } return true; }
function _modifyMedium() { global $_ARRAYLANG, $_CONFIG; if (!isset($_REQUEST['section'])) { $_REQUEST['section'] = ''; } $mediumId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; $mediumTitle = ''; $mediumYoutubeID = ''; $mediumAuthor = ''; $mediumDescription = ''; $mediumSource = ''; $mediumThumbnail = ''; $mediumTemplate = ''; $mediumWidth = 0; $mediumHeight = 0; $mediumPlaylength = 0; $mediumSize = 0; $mediumStatus = 1; $mediumCategories = array(); $saveStatus = true; if ($_REQUEST['section'] != 'Podcast') { //load backend template $this->_objTpl->loadTemplatefile('module_podcast_modify_medium.html'); } else { //load frontend content as template $pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page'); $pages = $pageRepo->findBy(array('module' => 'Podcast', 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'cmd' => 'modifyMedium')); if (count($pages)) { //overwrite template, since _modifyMedium is called in the same request as the _selectMediumSource $this->_objTpl->setTemplate(current($pages)->getContent()); } } $this->_pageTitle = $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM']; $this->_objTpl->setVariable(array('TXT_PODCAST_TITLE' => $_ARRAYLANG['TXT_PODCAST_TITLE'], 'TXT_PODCAST_DESCRIPTION' => $_ARRAYLANG['TXT_PODCAST_DESCRIPTION'], 'TXT_PODCAST_SOURCE' => $_ARRAYLANG['TXT_PODCAST_SOURCE'], 'TXT_PODCAST_TEMPLATE' => $_ARRAYLANG['TXT_PODCAST_TEMPLATE'], 'TXT_PODCAST_DIMENSIONS' => $_ARRAYLANG['TXT_PODCAST_DIMENSIONS'], 'TXT_PODCAST_PIXEL_WIDTH' => $_ARRAYLANG['TXT_PODCAST_PIXEL_WIDTH'], 'TXT_PODCAST_PIXEL_HEIGHT' => $_ARRAYLANG['TXT_PODCAST_PIXEL_HEIGHT'], 'TXT_PODCAST_CATEGORIES' => $_ARRAYLANG['TXT_PODCAST_CATEGORIES'], 'TXT_PODCAST_STATUS' => $_ARRAYLANG['TXT_PODCAST_STATUS'], 'TXT_PODCAST_ACTIVE' => $_ARRAYLANG['TXT_PODCAST_ACTIVE'], 'TXT_PODCAST_SAVE' => $_ARRAYLANG['TXT_PODCAST_SAVE'], 'TXT_PODCAST_PLAYLENGHT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT'], 'TXT_PODCAST_PLAYLENGTH' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH'], 'TXT_PODCAST_PLAYLENGHT_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT_FORMAT'], 'TXT_PODCAST_PLAYLENGTH_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH_FORMAT'], 'TXT_PODCAST_FILESIZE' => $_ARRAYLANG['TXT_PODCAST_FILESIZE'], 'TXT_PODCAST_BYTES' => $_ARRAYLANG['TXT_PODCAST_BYTES'], 'TXT_PODCAST_AUTHOR' => $_ARRAYLANG['TXT_PODCAST_AUTHOR'], 'TXT_PODCAST_EDIT_OR_ADD_IMAGE' => $_ARRAYLANG['TXT_PODCAST_EDIT_OR_ADD_IMAGE'], 'TXT_PODCAST_THUMBNAIL' => $_ARRAYLANG['TXT_PODCAST_THUMBNAIL'], 'TXT_PODCAST_SHOW_FILE' => $_ARRAYLANG['TXT_PODCAST_SHOW_FILE'])); if (isset($_POST['podcast_medium_save'])) { if (isset($_POST['podcast_medium_title'])) { $mediumTitle = trim($_POST['podcast_medium_title']); } if (isset($_POST['podcast_medium_author'])) { $mediumAuthor = trim($_POST['podcast_medium_author']); } if (isset($_POST['podcast_medium_description'])) { $mediumDescription = trim($_POST['podcast_medium_description']); } if (isset($_POST['podcast_medium_template'])) { $mediumTemplate = intval($_POST['podcast_medium_template']); } $mediumWidth = isset($_POST['podcast_medium_width']) ? intval($_POST['podcast_medium_width']) : 0; $mediumHeight = isset($_POST['podcast_medium_height']) ? intval($_POST['podcast_medium_height']) : 0; $mediumSize = isset($_POST['podcast_medium_filesize']) ? intval($_POST['podcast_medium_filesize']) : 0; if (!empty($_POST['podcast_medium_playlength'])) { $arrPlaylength = array(); if (preg_match('/^(([0-9]*):)?(([0-9]*):)?([0-9]*)$/', $_POST['podcast_medium_playlength'], $arrPlaylength)) { $minutes = empty($arrPlaylength[3]) ? $arrPlaylength[2] : $arrPlaylength[4]; $hours = empty($arrPlaylength[3]) ? $arrPlaylength[4] : $arrPlaylength[2]; $mediumPlaylength = $hours * 3600 + $minutes * 60 + $arrPlaylength[5]; } } if (isset($_POST['podcast_medium_source'])) { $mediumSource = trim($_POST['podcast_medium_source']); } if (isset($_POST['podcast_medium_thumbnail'])) { $mediumThumbnail = trim($_POST['podcast_medium_thumbnail']); } if (!empty($_POST['podcast_youtubeID'])) { $mediumYoutubeID = trim($_POST['podcast_youtubeID']); $mediumSize = 0; $mediumTemplate = $this->_getYoutubeTemplate(); } $mediumStatus = $_REQUEST['section'] != 'podcast' ? isset($_POST['podcast_medium_status']) ? intval($_POST['podcast_medium_status']) : 0 : ($this->_arrSettings['auto_validate'] ? 1 : 0); if (isset($_POST['podcast_medium_associated_category'])) { foreach ($_POST['podcast_medium_associated_category'] as $categoryId => $status) { if (intval($status) == 1) { array_push($mediumCategories, intval($categoryId)); } } } if (empty($mediumTitle)) { $saveStatus = false; $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TITLE_MSG'] . "<br />\n"; } /*elseif (!$this->_isUniqueMediumTitle($mediumTitle, $mediumId)) { $saveStatus = false; $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_DUPLICATE_MEDIUM_TITLE_MSG']."<br />\n"; }*/ if (empty($mediumTemplate)) { $saveStatus = false; $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TEMPLATE_MSG'] . "<br />\n"; } if ($saveStatus) { if ($mediumId > 0 && $_REQUEST['section'] != 'podcast') { if ($this->_updateMedium($mediumId, $mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) { $this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_SUCCESSFULL']; // Class in /core_modules/index.class.php is named Cache // Class in /core_modules/admin.class.php is named CacheManager $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); $this->_createRSS(); return $this->_media(); } else { $this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_FAILED']; } } else { if ($this->_addMedium($mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumSource, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) { // Class in /core_modules/index.class.php is named Cache // Class in /core_modules/admin.class.php is named CacheManager $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); $this->_createRSS(); if ($_REQUEST['section'] != 'Podcast') { $this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_SUCCESSFULL']; return $this->_media(); } else { if ($this->_objTpl->blockExists('podcastThanks')) { $this->_objTpl->touchBlock('podcastThanks'); } if ($this->_objTpl->blockExists('podcastForm')) { $this->_objTpl->hideBlock('podcastForm'); } return true; } } else { $this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_FAILED']; } } } } elseif ($mediumId > 0 && ($arrMedium =& $this->_getMedium($mediumId)) !== false && $_REQUEST['section'] != 'Podcast') { $mediumTitle = $arrMedium['title']; $mediumAuthor = $arrMedium['author']; $mediumDescription = $arrMedium['description']; $mediumYoutubeID = $arrMedium['youtube_id']; $mediumSource = $arrMedium['source']; $mediumThumbnail = $arrMedium['thumbnail']; $mediumTemplate = $arrMedium['template_id']; $mediumWidth = $arrMedium['width']; $mediumHeight = $arrMedium['height']; $mediumStatus = $arrMedium['status']; $mediumCategories = $arrMedium['category']; $mediumPlaylength = $arrMedium['playlength']; $mediumSize = $arrMedium['size']; } elseif ($mediumId == 0) { $mediumSource = ''; if (isset($_POST['podcast_medium_source_type']) && in_array($_POST['podcast_medium_source_type'], array('local', 'remote', 'youtube'))) { if ($_POST['podcast_medium_source_type'] == 'local') { if (isset($_POST['podcast_medium_local_source'])) { if (strpos($_POST['podcast_medium_local_source'], ASCMS_PATH_OFFSET) === 0) { $mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . substr($_POST['podcast_medium_local_source'], strlen(ASCMS_PATH_OFFSET)); } else { $mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . $_POST['podcast_medium_local_source']; } } } elseif ($_POST['podcast_medium_source_type'] == 'youtube') { $mediumYoutubeID = contrexx_addslashes(trim($_POST['youtubeID'])); $mediumSource = 'http://youtube.com/v/' . $mediumYoutubeID; } elseif (isset($_POST['podcast_medium_remote_source'])) { $mediumSource = $_POST['podcast_medium_remote_source']; } } if (empty($mediumSource)) { return $this->_selectMediumSource(); } if (!empty($mediumYoutubeID)) { $mediumTitle = $this->_getYoutubeTitle($mediumYoutubeID); $mediumThumbnail = ASCMS_PATH_OFFSET . $this->_saveYoutubeThumbnail($mediumYoutubeID); $mediumTemplate =& $this->_getYoutubeTemplate(); $mediumDescription =& $this->_getYoutubeDescription($mediumYoutubeID); $mediumWidth = $this->_youTubeDefaultWidth; $mediumSize = 0; $mediumHeight = $this->_youTubeDefaultHeight; } else { $mediumTitle = ($lastSlash = strrpos($mediumSource, '/')) !== false ? substr($mediumSource, $lastSlash + 1) : $mediumSource; $mediumTemplate =& $this->_getSuitableTemplate($mediumSource); $dimensions = isset($_POST['podcast_medium_local_source']) && \Cx\Core_Modules\Media\Controller\MediaLibrary::_isImage(ASCMS_PATH . $_POST['podcast_medium_local_source']) ? @getimagesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : false; if ($dimensions) { $mediumWidth = $dimensions[0]; $mediumHeight = $dimensions[1]; } else { $mediumWidth = $this->_arrSettings['default_width']; $mediumHeight = $this->_arrSettings['default_height']; } $mediumSize = isset($_POST['podcast_medium_local_source']) ? filesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : 0; $mediumSource = htmlentities(str_replace(array('%domain%', '%offset%'), array($_CONFIG['domainUrl'], ASCMS_PATH_OFFSET), $mediumSource), ENT_QUOTES, CONTREXX_CHARSET); } } $this->_objTpl->setVariable(array('PODCAST_MODIFY_TITLE' => $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM'] . ' (' . $_ARRAYLANG['TXT_PODCAST_STEP'] . ' 2: ' . $_ARRAYLANG['TXT_PODCAST_CONFIG_MEDIUM'] . ')', 'PODCAST_MEDIUM_ID' => $mediumId, 'PODCAST_MEDIUM_TITLE' => htmlentities($mediumTitle, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_AUTHOR' => htmlentities($mediumAuthor, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_DESCRIPTION' => htmlentities($mediumDescription, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_SOURCE' => $mediumSource, 'PODCAST_MEDIUM_SOURCE_URL' => htmlentities($mediumSource, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_TEMPLATE_MENU' => $this->_getTemplateMenu($mediumTemplate, 'name="podcast_medium_template" style="width:450px;"'), 'PODCAST_MEDIUM_WIDTH' => $mediumWidth, 'PODCAST_MEDIUM_HEIGHT' => $mediumHeight, 'PODCAST_MEDIUM_PLAYLENGHT' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_PLAYLENGTH' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_FILESIZE' => $mediumSize, 'PODCAST_MEDIUM_THUMBNAIL_SRC' => !empty($mediumThumbnail) ? $mediumThumbnail : $this->_noThumbnail, 'PODCAST_MEDIUM_STATUS' => $mediumStatus == 1 ? 'checked="checked"' : '', 'PODCAST_MEDIUM_YOUTUBE_DISABLED' => !empty($mediumYoutubeID) ? 'disabled="disabled"' : '', 'PODCAST_MEDIUM_YOUTUBE_ID' => !empty($mediumYoutubeID) ? $mediumYoutubeID : '', 'PODCAST_THUMB_BROWSE' => self::getMediaBrowserButton('', array('data-cx-mb-views' => 'filebrowser', 'type' => 'button', 'style' => 'display:none', 'id' => 'podcast_thumbnail_browser'), 'mediaBrowserCallback'))); $arrCategories =& $this->_getCategories(); $categoryNr = 0; $arrLanguages = \FWLanguage::getLanguageArray(); foreach ($arrCategories as $categoryId => $arrCategory) { if ($_REQUEST['section'] == 'Podcast') { if (!in_array($categoryId, $this->_communityCategories) && !empty($this->_communityCategories)) { continue; } } $column = $categoryNr % 3; $arrCatLangIds =& $this->_getLangIdsOfCategory($categoryId); array_walk($arrCatLangIds, create_function('&$cat, $k, $arrLanguages', '$cat = $arrLanguages[$cat]["lang"];'), $arrLanguages); $arrCategory['title'] .= ' (' . implode(', ', $arrCatLangIds) . ')'; $this->_objTpl->setVariable(array('PODCAST_CATEGORY_ID' => $categoryId, 'PODCAST_CATEGORY_ASSOCIATED' => in_array($categoryId, $mediumCategories) ? 'checked="checked"' : '', 'PODCAST_SHOW_MEDIA_OF_CATEGORY_TXT' => sprintf($_ARRAYLANG['TXT_PODCAST_SHOW_MEDIA_OF_CATEGORY'], $arrCategory['title']), 'PODCAST_CATEGORY_NAME' => $arrCategory['title'])); $this->_objTpl->parse('podcast_medium_associated_category_' . $column); $categoryNr++; } }
function _deleteTemplateProcess() { global $_ARRAYLANG; $templateId = isset($_GET['id']) ? intval($_GET['id']) : 0; if (($arrTemplate =& $this->_getTemplate($templateId)) !== false) { if (!$this->_isTemplateInUse($templateId)) { if ($this->_deleteTemplate($templateId)) { $this->_strOkMessage = sprintf($_ARRAYLANG['TXT_PODCAST_TEMPLATE_DELETED_SUCCESSFULL'], $arrTemplate['description']); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); $this->_createRSS(); } else { $this->_strErrMessage = sprintf($_ARRAYLANG['TXT_PODCAST_TEMPLATE_DELETED_FAILURE'], $arrTemplate['description']); } } else { $this->_strErrMessage = sprintf($_ARRAYLANG['TXT_PODCAST_TEMPLATE_STILL_IN_USE_MSG'], $arrTemplate['description']); } } $this->_templates(); }
/** * Add a new voting to database * @global ADONewConnection * @global Cache * @param integer $intPicId: The picture with this id will be rated * @param integer $intMark: This mark will be set for the picture */ function countVoting($intPicId, $intMark) { global $objDatabase; $intPicId = intval($intPicId); $categoryId = $this->getCategoryId($intPicId); $boolVoting = $this->categoryAllowsVoting($categoryId); if (checkForSpider() || $this->arrSettings['show_voting'] == 'off' || !$boolVoting) { return; } $intMark = intval($intMark); $strMd5 = md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']); $intCookieTime = time() + 7 * 24 * 60 * 60; $intVotingCheckTime = time() - 12 * 60 * 60; $objResult = $objDatabase->Execute("SELECT id FROM " . DBPREFIX . "module_gallery_votes " . "WHERE ip='" . $_SERVER['REMOTE_ADDR'] . "' AND md5='" . $strMd5 . "' AND date > {$intVotingCheckTime} AND picid={$intPicId} LIMIT 1"); if ($objResult->RecordCount() == 1) { $boolIpCheck = false; setcookie('Gallery_Voting_' . $intPicId, $intMark, $intCookieTime, ASCMS_PATH_OFFSET . '/'); } else { $boolIpCheck = true; } if ($intPicId != 0 && $intMark >= 1 && $intMark <= 10 && $boolIpCheck && !isset($_COOKIE['Gallery_Voting_' . $intPicId])) { $objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_gallery_votes " . "SET picid={$intPicId}, date=" . time() . ", ip='" . $_SERVER['REMOTE_ADDR'] . "', " . "md5='" . $strMd5 . "', mark={$intMark}"); setcookie('Gallery_Voting_' . $intPicId, $intMark, $intCookieTime, ASCMS_PATH_OFFSET . '/'); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } }
/** * Handles request from the client * @todo Clean up usage of $param and $_GET * @global Array $_CORELANG Core language data * @param Array $params Client parameters * @return type */ public function set($params) { global $_CORELANG; // Global access check if (!\Permission::checkAccess(6, 'static', true) || !\Permission::checkAccess(35, 'static', true)) { throw new \Exception($_CORELANG['TXT_CORE_CM_USAGE_DENIED']); } $newPage = false; $reload = false; $pg = \Env::get('pageguard'); $dataPost = !empty($params['post']) ? $params['post'] : array(); $pageArray = !empty($dataPost['page']) ? $dataPost['page'] : array(); // Only set in the editing mode. $pageId = !empty($pageArray['id']) ? intval($pageArray['id']) : (!empty($dataPost['pageId']) ? intval($dataPost['pageId']) : 0); $nodeId = !empty($pageArray['node']) ? intval($pageArray['node']) : (!empty($dataPost['nodeId']) ? intval($dataPost['nodeId']) : 0); $lang = !empty($pageArray['lang']) ? contrexx_input2raw($pageArray['lang']) : (!empty($dataPost['lang']) ? contrexx_input2raw($dataPost['lang']) : \FWLanguage::getLanguageCodeById(\FWLanguage::getDefaultLangId())); $action = !empty($dataPost['action']) ? contrexx_input2raw($dataPost['action']) : ''; $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); if (!empty($pageArray)) { if (!empty($pageArray['target']) && !empty($pageArray['target_protocol'])) { $pageArray['target'] = $pageArray['target_protocol'] . $pageArray['target']; } elseif (empty($pageArray['target']) && !empty($pageArray['target_protocol'])) { $pageArray['target'] = ''; } $validatedPageArray = $this->validatePageArray($pageArray); } // UPDATE if (!empty($pageId)) { // If we got a page id, the page already exists and can be updated. $page = $this->pageRepo->find($pageId, 0, null, false); $node = $page->getNode(); // TRANSLATE } else { if (!empty($nodeId) && !empty($lang)) { // We are translating the page. $node = $this->nodeRepo->find($nodeId); $page = $node->translatePage(true, \FWLanguage::getLanguageIdByCode($lang)); $page->setNodeIdShadowed($node->getId()); $page->setEditingStatus(''); $newPage = true; $reload = true; // CREATE } else { if (empty($pageId) && !empty($lang)) { if (!\Permission::checkAccess(5, 'static', true)) { throw new \Exception($_CORELANG['TXT_CORE_CM_CREATION_DENIED']); } // Create a new node/page combination. $node = new \Cx\Core\ContentManager\Model\Entity\Node(); // CREATE WITHIN if (isset($dataPost['parent_node'])) { $parentNode = $this->nodeRepo->find($dataPost['parent_node']); if (!$parentNode) { $parentNode = $this->nodeRepo->getRoot(); } $node->setParent($parentNode); $parentNode->addChildren($node); // add parent node to ID, so the node containing the new page is opened if (!isset($_COOKIE['jstree_open'])) { $_COOKIE['jstree_open'] = ''; } $openNodes = explode(',', $_COOKIE['jstree_open']); if ($openNodes == array(0 => '')) { $openNodes = array(); } if (!in_array('#node_' . $parentNode->getId(), $openNodes)) { $openNodes[] = '#node_' . $parentNode->getId(); } setcookie('jstree_open', implode(',', $openNodes)); $this->em->persist($node); $this->em->flush(); // CREATE } else { $node->setParent($this->nodeRepo->getRoot()); $this->nodeRepo->getRoot()->addChildren($node); $this->em->persist($node); $this->em->flush(); } $page = new \Cx\Core\ContentManager\Model\Entity\Page(); $page->setNode($node); $node->addPage($page); $page->setNodeIdShadowed($node->getId()); $page->setLang(\FWLanguage::getLanguageIdByCode($lang)); $page->setUpdatedBy(\FWUser::getFWUserObject()->objUser->getUsername()); $newPage = true; $reload = true; } else { throw new \Exception('Page cannot be created. There are too little information.'); } } } // Page access check if ($page->isBackendProtected() && !\Permission::checkAccess($page->getBackendAccessId(), 'dynamic', true)) { throw new \Cx\Core\ContentManager\Model\Entity\PageException('Not allowed to read page'); } if (!empty($pageArray)) { $page->updateFromArray($validatedPageArray); if ($newPage) { // Make sure page has an ID $this->em->persist($page); $this->em->flush(); } } if (!empty($action)) { switch ($action) { case 'activate': case 'publish': $page->setActive(true); break; case 'deactivate': $page->setActive(false); break; case 'show': $page->setDisplay(true); break; case 'hide': $page->setDisplay(false); break; case 'protect': $page->setFrontendProtection(true); break; case 'unprotect': $page->setFrontendProtection(false); break; case 'lock': $page->setBackendProtection(true); break; case 'unlock': $page->setBackendProtection(false); break; } if ($action != 'publish' && !$page->isDraft()) { $action = 'publish'; } } $page->setUpdatedAtToNow(); $page->validate(); // Permissions are only updated in the editing mode. if (!empty($pageArray)) { if ($action == 'publish') { if (\Permission::checkAccess(36, 'static', true)) { if ($page->isFrontendProtected()) { // remove all \Permission::removeAccess($page->getFrontendAccessId(), 'dynamic'); if (isset($dataPost['frontendGroups'])) { // set new $pg->setAssignedGroupIds($page, $dataPost['frontendGroups'], true); } } if ($page->isBackendProtected()) { // remove all $groupIds = $pg->getAssignedGroupIds($page, false); \Permission::removeAccess($page->getBackendAccessId(), 'dynamic'); if (isset($dataPost['backendGroups'])) { // set new $pg->setAssignedGroupIds($page, $dataPost['backendGroups'], false); } if ($page->isBackendProtected() && !\Permission::checkAccess($page->getBackendAccessId(), 'dynamic', true)) { if (!count($groupIds)) { $page->setBackendProtection(false); } else { $pg->setAssignedGroupIds($page, $groupIds, false); } } } } } } // Block associations are only updated in the editing mode. if (!empty($pageArray) && empty($dataPost['ignoreBlocks'])) { if (!isset($dataPost['pageBlocks'])) { $dataPost['pageBlocks'] = array(); } $page->setRelatedBlocks($dataPost['pageBlocks']); } $draftUpdateLog = null; $liveUpdateLog = null; $updatingDraft = false; if ($action == 'publish' && \Permission::checkAccess(78, 'static', true)) { // User w/permission clicked save&publish. we should either publish the page or submit the draft for approval. if ($page->getEditingStatus() == 'hasDraftWaiting') { $reload = true; } if ($page->getEditingStatus() != '') { $logEntries = $this->logRepo->getLogEntries($page, false); $this->em->remove($logEntries[0]); } $page->setEditingStatus(''); $this->messages[] = $_CORELANG['TXT_CORE_SAVED']; } else { // User clicked save [as draft], so let's do that. $updatingDraft = $page->getEditingStatus() != '' ? true : false; if ($action == 'publish') { // User w/o publish permission clicked save&publish. submit it as a draft. $page->setEditingStatus('hasDraftWaiting'); $this->messages[] = $_CORELANG['TXT_CORE_DRAFT_SUBMITTED']; } else { if ($page->getEditingStatus() == 'hasDraftWaiting' && \Permission::checkAccess(78, 'static', true)) { $reload = true; } $page->setEditingStatus('hasDraft'); $this->messages[] = $_CORELANG['TXT_CORE_SAVED_AS_DRAFT']; } // Gedmo-loggable generates a LogEntry (i.e. revision) on persist, so we'll have to // store the draft first, then revert the current version to what it previously was. // In the end, we'll have the current [published] version properly stored as a page // and the draft version stored as a gedmo LogEntry. $this->em->persist($page); // Gedmo hooks in on persist/flush, so we unfortunately need to flush our em in // order to get a clean set of logEntries. $this->em->flush(); $logEntries = $this->logRepo->getLogEntries($page, false); // Revert to the published version. $cachedEditingStatus = $page->getEditingStatus(); $this->logRepo->revert($page, $logEntries[1]->getVersion()); $page->setEditingStatus($cachedEditingStatus); switch ($action) { case 'activate': case 'publish': $page->setActive(true); break; case 'deactivate': $page->setActive(false); break; case 'show': $page->setDisplay(true); break; case 'hide': $page->setDisplay(false); break; case 'protect': $page->setFrontendProtection(true); break; case 'unprotect': $page->setFrontendProtection(false); break; case 'lock': $page->setBackendProtection(true); break; case 'unlock': $page->setBackendProtection(false); break; } $this->em->persist($page); // Gedmo auto-logs slightly too much data. clean up unnecessary revisions: if ($updatingDraft) { $this->em->flush(); $logEntries = $this->logRepo->getLogEntries($page); $currentLog = $logEntries[1]; $currentLogData = $currentLog->getData(); $currentLogData['editingStatus'] = $page->getEditingStatus(); $currentLog->setData($currentLogData); $this->em->persist($currentLog); $liveUpdateLog = $logEntries[2]; $this->em->remove($logEntries[2]); } } $this->em->persist($page); if (isset($dataPost['inheritFrontendAccess']) && $dataPost['inheritFrontendAccess'] == 'on' || isset($dataPost['inheritBackendAccess']) && $dataPost['inheritBackendAccess'] == 'on' || isset($dataPost['inheritSkin']) && $dataPost['inheritSkin'] == 'on' || isset($dataPost['inheritCustomContent']) && $dataPost['inheritCustomContent'] == 'on' || isset($dataPost['inheritCssName']) && $dataPost['inheritCssName'] == 'on' || isset($dataPost['inheritCssNavName']) && $dataPost['inheritCssNavName'] == 'on' || isset($dataPost['inheritCaching']) && $dataPost['inheritCaching'] == 'on') { $pageStack = $page->getChildren(); while (count($pageStack)) { $currentPage = array_pop($pageStack); foreach ($currentPage->getChildren() as $child) { array_push($pageStack, $child); } if (isset($dataPost['inheritFrontendAccess']) && $dataPost['inheritFrontendAccess'] == 'on') { $reload = true; $page->copyProtection($currentPage, true); } if (isset($dataPost['inheritBackendAccess']) && $dataPost['inheritBackendAccess'] == 'on') { $reload = true; $page->copyProtection($currentPage, false); } if (isset($dataPost['inheritSkin']) && $dataPost['inheritSkin'] == 'on') { $currentPage->setSkin($page->getSkin()); } if (isset($dataPost['inheritCustomContent']) && $dataPost['inheritCustomContent'] == 'on') { $currentPage->setCustomContent($page->getCustomContent()); } if (isset($dataPost['inheritCssName']) && $dataPost['inheritCssName'] == 'on') { $currentPage->setCssName($page->getCssName()); } if (isset($dataPost['inheritCssNavName']) && $dataPost['inheritCssNavName'] == 'on') { $currentPage->setCssNavName($page->getCssNavName()); } if (isset($dataPost['inheritCaching']) && $dataPost['inheritCaching'] == 'on') { $currentPage->setCaching($page->getCaching()); } $this->em->persist($currentPage); } } $this->em->flush(); // bug fix #2279 // could not save alias after running $this->em->clear() // Aliases are only updated in the editing mode. if (!empty($pageArray)) { // Only users with publish rights can create aliases. if (\Permission::checkAccess(115, 'static', true) && \Permission::checkAccess(78, 'static', true)) { // Aliases are updated after persist. $data = array(); $data['alias'] = $pageArray['alias']; $aliases = $page->getAliases(); $page->updateFromArray($data); if ($aliases != $page->getAliases()) { $reload = true; } } else { // Users without permission shouldn't see the aliasses anyway //$this->messages[] = $_CORELANG['TXT_CORE_ALIAS_CREATION_DENIED']; } } // this fixes log version number skipping $this->em->clear(); $logs = $this->logRepo->getLogEntries($page); $this->em->persist($logs[0]); if ($updatingDraft) { $data = $logs[1]->getData(); if (!empty($action) && $draftUpdateLog) { $data = $draftUpdateLog->getData(); } $data['editingStatus'] = 'hasDraft'; if ($action == 'publish' && !\Permission::checkAccess(78, 'static', true)) { $data['editingStatus'] = 'hasDraftWaiting'; } switch ($action) { case 'activate': $data['active'] = true; break; case 'deactivate': $data['active'] = false; break; case 'show': $data['display'] = true; break; case 'hide': $data['display'] = false; break; case 'protect': $data['protection'] = $data['protection'] | FRONTEND_PROTECTION; break; case 'unprotect': $data['protection'] = $data['protection'] & ~FRONTEND_PROTECTION; break; case 'lock': $data['protection'] = $data['protection'] | BACKEND_PROTECTION; break; case 'unlock': $data['protection'] = $data['protection'] & ~BACKEND_PROTECTION; break; } $logs[1]->setData($data); if (!empty($action) && $action != 'publish') { $data = $logs[0]->getData(); if ($liveUpdateLog) { $data = $liveUpdateLog->getData(); } switch ($action) { case 'activate': $data['active'] = true; break; case 'deactivate': $data['active'] = false; break; case 'show': $data['display'] = true; break; case 'hide': $data['display'] = false; break; case 'protect': $data['protection'] = $data['protection'] | FRONTEND_PROTECTION; break; case 'unprotect': $data['protection'] = $data['protection'] & ~FRONTEND_PROTECTION; break; case 'lock': $data['protection'] = $data['protection'] | BACKEND_PROTECTION; break; case 'unlock': $data['protection'] = $data['protection'] & ~BACKEND_PROTECTION; break; } $logs[0]->setData($data); } $this->em->persist($logs[0]); $this->em->persist($logs[1]); $this->em->flush(); } // get version // if it is a draft, don't take the last one $version = $page->getVersion()->getVersion(); if ($page->isDraft()) { $version--; } return array('reload' => $reload, 'id' => $page->getId(), 'version' => $version, 'node' => $page->getNode()->getId(), 'lang' => \FWLanguage::getLanguageCodeById($page->getLang())); }