function mw_post_form($edit = 0) { global $xoopsConfig, $xoopsUser, $xoopsSecurity; if (!$xoopsUser) { redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords')); die; } // Check if user is a editor $author = new MWEditor(); if (!$author->from_user($xoopsUser->uid()) && !$xoopsUser->isAdmin()) { redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords')); die; } RMTemplate::get()->add_script(RMCURL . '/include/js/jquery.min.js'); RMTemplate::get()->add_script(RMCURL . '/include/js/jquery-ui.min.js'); if ($edit) { $id = rmc_server_var($_GET, 'id', 0); if ($id <= 0) { redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1); die; } $post = new MWPost($id); if ($post->isNew()) { redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1); die; } // Check if user is the admin or a editor of this this post if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) { redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords')); die; } } // Read privileges $perms = @$author->getVar('privileges'); $perms = is_array($perms) ? $perms : array(); $allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false; $xoopsOption['module_subpage'] = 'submit'; include 'header.php'; $form = new RMForm('', '', ''); $editor = new RMFormEditor('', 'content', '99%', '300px', $edit ? $post->getVar('content') : ''); $meta_names = MWFunctions::get()->get_metas(); RMTemplate::get()->add_xoops_style('submit.css', 'mywords'); RMTemplate::get()->add_script(XOOPS_URL . '/modules/mywords/include/js/scripts.php?file=posts.js&front=1'); include RMTemplate::get()->get_template('mywords_submit_form.php', 'module', 'mywords'); include 'footer.php'; }
break; case 'author': include_once XOOPS_ROOT_PATH . '/modules/mywords/class/mweditor.class.php'; $id = RMHttpRequest::get('author', 'integer', 0); if ($id <= 0) { redirect_header('backend.php', 1, __('Sorry, specified author was not foud!', 'mywords')); die; } $ed = new MWEditor($id); if ($ed->isNew()) { redirect_header('backend.php', 1, __('Sorry, specified author was not foud!', 'mywords')); die; } $rss_channel['title'] = sprintf(__('Posts by %s in %s', 'mywords'), $ed->name != '' ? $ed->name : $ed->shortname, $xoopsConfig['sitename']); $rss_channel['link'] = $ed->permalink(); $rss_channel['description'] = sprintf(__('Posts published by %s.', 'mywords'), $ed->getVar('name')) . ' ' . htmlspecialchars(strip_tags($ed->getVar('bio')), ENT_QUOTES); $rss_channel['lastbuild'] = formatTimestamp(time(), 'rss'); $rss_channel['webmaster'] = checkEmail($xoopsConfig['adminmail'], true); $rss_channel['editor'] = checkEmail($xoopsConfig['adminmail'], true); $rss_channel['category'] = "Blog"; $rss_channel['generator'] = 'Common Utilities'; $rss_channel['language'] = RMCLANG; $posts = MWFunctions::get_filtered_posts("author=" . $ed->uid, 0, 10); $rss_items = array(); foreach ($posts as $post) { $item = array(); $item['title'] = $post->getVar('title'); $item['link'] = $post->permalink(); $img = new RMImage(); $img->load_from_params($post->getVar('image', 'e')); if (!$img->isNew()) {
$xoopsLogger->renderingEnabled = false; error_reporting(0); $xoopsLogger->activated = false; $id = rmc_server_var($_REQUEST, 'trackback', 0); if ($id <= 0) { die; } $post = new MWPost($id); if ($post->isNew()) { die; } $editor = new MWEditor($post->getVar('author')); if ($editor->isNew()) { $user = new XoopsUser($post->getVar('author')); } $track = new MWTrackback($xoopsConfig['sitename'], $editor->getVar('name')); $id = $track->post_id; // The id of the item being trackbacked $url = $track->url; // The URL from which we got the trackback $title = $track->title; // Subject/title send by trackback $excerpt = $track->excerpt; // Short text send by trackback $blog_name = rmc_server_var($_POST, 'blog_name', ''); if ($url == '' || $title == '' || $excerpt == '') { echo $track->recieve(false, __('Sorry, your trackback seems to be invalid!', 'mywords')); die; } $params = array('blogurl' => MWFunctions::get_url(), 'name' => 'Trackback', 'email' => '', 'url' => $url, 'text' => $excerpt, 'permalink' => $post->permalink()); $ret = RMEvents::get()->run_event('rmcommon.check.post.spam', $params);
$pn = new MWPost(); // Anterior if ($db->getRowsNum($result) > 0) { $pn->assignVars($db->fetchArray($result)); $xoopsTpl->assign('prev_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title'))); } // Siguiente $sql = "SELECT * FROM " . $db->prefix("mw_posts") . " WHERE id_post>" . $post->id() . " AND status='publish' ORDER BY id_post ASC LIMIT 0, 1"; $result = $db->query($sql); if ($db->getRowsNum($result) > 0) { $pn->assignVars($db->fetchArray($result)); $xoopsTpl->assign('next_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title'))); } } $xoopsTpl->assign('shownav', $xoopsModuleConfig['shownav']); if ($xoopsUser && ($xoopsUser->isAdmin() || $editor->getVar('uid') == $xoopsUser->uid())) { $edit = '<a href="' . XOOPS_URL . '/modules/mywords/admin/posts.php?op=edit&id=' . $post->id() . '">' . __('Edit Post', 'mywords') . '</a>'; $xoopsTpl->assign('edit_link', $edit); unset($edit); } $xoopsTpl->assign('lang_reads', sprintf(__('%u views', 'mywords'), $post->getVar('reads'))); // Tags $tags = $post->tags(true); $tags_list = ''; foreach ($tags as $i => $tag) { $tags_list .= ($tags_list == '' ? '' : ', ') . '<a href="' . $tag->permalink() . '">' . $tag->getVar('tag') . '</a>'; } // Post pages $total_pages = $post->total_pages(); $nav = new RMPageNav($total_pages, 1, $page, 5); $nav->target_url($post->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}'));
} $post = new MWPost($id); if ($post->isNew()) { redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1); die; } // Check if user is the admin or a editor of this this post if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) { redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords')); die; } } else { $post = new MWPost(); } // Read privileges $perms = @$author->getVar('privileges'); $perms = is_array($perms) ? $perms : array(); $allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false; $xoopsOption['module_subpage'] = 'submit'; include 'header.php'; $form = new RMForm('', '', ''); $editor = new RMFormEditor('', 'content', '100%', '300px', $edit ? $post->getVar('content', $rmc_config['editor_type'] == 'tiny' ? 's' : 'e') : ''); $editor->setExtra('required'); $meta_names = MWFunctions::get()->get_metas(); RMTemplate::get()->add_style('submit.css', 'mywords'); RMTemplate::get()->add_script('scripts.php?file=posts.js', 'mywords', array('directory' => 'include')); RMTemplate::get()->add_script('jquery.validate.min.js', 'rmcommon', array('footer' => 1)); include RMTemplate::get()->get_template('mywords-submit-form.php', 'module', 'mywords');
} $pendings = array(); $result = $db->query("SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE status='waiting' ORDER BY id_post DESC LIMIT 0,8"); while ($row = $db->fetchArray($result)) { $post = new MWPost(); $post->assignVars($row); $pendings[] = $post; } // Editors $sql = "SELECT *, (SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_posts") . " WHERE author=id_editor) as counter FROM " . $db->prefix("mod_mywords_editors") . " ORDER BY counter DESC LIMIT 0, 5"; $result = $db->query($sql); $editors = array(); while ($row = $db->fetchArray($result)) { $editor = new MWEditor(); $editor->assignVars($row); $editors[] = array('id' => $editor->id(), 'name' => $editor->getVar('name'), 'link' => $editor->permalink(), 'total' => $row['counter']); } unset($editor, $result, $sql); // URL rewriting $rule = "RewriteRule ^" . trim($xoopsModuleConfig['basepath'], '/') . "/?(.*)\$ modules/mywords/index.php [L]"; if ($xoopsModuleConfig['permalinks'] > 1) { $ht = new RMHtaccess('mywords'); $htResult = $ht->write($rule); if ($htResult !== true) { showMessage(__('An error ocurred while trying to write .htaccess file!', 'mywords'), RMMSG_ERROR); } } else { $ht = new RMHtaccess('mywords'); $ht->removeRule(); $ht->write(); }
/** * Determines if current or given user can read this post * @param int $id User ID * @return bool */ public function user_allowed($uid = null) { global $xoopsUser; if (!$xoopsUser) { $owner = false; } else { $user = $uid != null ? $uid : $xoopsUser->uid(); $editor = new MWEditor($this->getVar('author')); $owner = $user == $editor->getVar('uid'); } if ($owner) { return true; } if ($this->getVar('status') != 'publish') { return false; } if ($this->getVar('visibility') == 'public') { return true; } if ($this->getVar('visibility') == 'password') { $pass = rmc_server_var($_POST, 'password', ''); $pass = $pass == '' && isset($_SESSION['password-' . $this->id()]) ? $_SESSION['password-' . $this->id()] : $pass; if ($pass == '') { return false; } if ($pass != $this->getVar('password')) { return false; } $_SESSION['password-' . $this->id()] = $pass; return true; } return false; }
$post = new MWPost($id); if ($post->isNew()) { die; } $editor = new MWEditor($post->getVar('author')); if ($editor->isNew()) { $user = new XoopsUser($post->getVar('author')); } $tracks = $post->getVar('toping'); if (empty($tracks)) { die; } $pinged = $post->getVar('pinged'); $toping = $post->getVar('toping'); $tp = array(); $tback = new MWTrackback($xoopsModuleConfig['blogname'], $editor->isNew() ? $user->getVar('uname') : $editor->getVar('name')); foreach ($tracks as $t) { if (!empty($pinged) && in_array($t, $pinged)) { continue; } $ret = $tback->ping($t, $post->permalink(), $post->getVar('title'), TextCleaner::getInstance()->truncate($post->content(true), 240)); if ($ret) { $pinged[] = $t; } else { $tp[] = $t; } } $post->setVar('toping', empty($tp) ? '' : $tp); $post->setVar('pinged', $pinged); $post->update(); die;
} $request = substr($request, 0, strpos($request, 'page') > 0 ? strpos($request, 'page') - 1 : strlen($request)); /** * Paginamos los resultados */ $limit = $mc['posts_limit']; $sql = "SELECT COUNT(*) FROM " . $db->prefix("mw_posts") . " WHERE author='{$editor}' AND status='publish' AND \n\t\t((visibility='public' OR visibility='password') OR (visibility='private' AND\n\t\tauthor=" . ($xoopsUser ? $xoopsUser->uid() : -1) . "))"; list($num) = $db->fetchRow($db->query($sql)); if ($page > 0) { $page -= 1; } $start = $page * $mc['posts_limit']; $tpages = (int) ($num / $mc['posts_limit']); if ($num % $mc['posts_limit'] > 0) { $tpages++; } $pactual = $page + 1; if ($pactual > $tpages) { $rest = $pactual - $tpages; $pactual = $pactual - $rest + 1; $start = ($pactual - 1) * $limit; } $nav = new RMPageNav($num, $limit, $pactual, 6); $nav->target_url($ed->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}')); $xoopsTpl->assign("nav_pages", $nav->render(false, 0)); $xoopsTpl->assign('pactual', $pactual); $xoopsTpl->assign('lang_fromauthor', sprintf(__('Posts by "%s"', 'mywords'), $ed->getVar('name'))); $sql = "SELECT * FROM " . $db->prefix("mw_posts") . " WHERE author='{$editor}' AND status='publish' AND \n\t\t((visibility='public' OR visibility='password') OR (visibility='private' AND\n\t\tauthor=" . ($xoopsUser ? $xoopsUser->uid() : -1) . ")) ORDER BY pubdate DESC LIMIT {$start},{$limit}"; $result = $db->query($sql); require 'post_data.php'; include 'footer.php';
$pn = new MWPost(); // Anterior if ($db->getRowsNum($result) > 0) { $pn->assignVars($db->fetchArray($result)); $xoopsTpl->assign('prev_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title'))); } // Siguiente $sql = "SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE id_post>" . $post->id() . " AND status='publish' ORDER BY id_post ASC LIMIT 0, 1"; $result = $db->query($sql); if ($db->getRowsNum($result) > 0) { $pn->assignVars($db->fetchArray($result)); $xoopsTpl->assign('next_post', array('link' => $pn->permalink(), 'title' => $pn->getVar('title'))); } } $xoopsTpl->assign('shownav', $xoopsModuleConfig['shownav']); if ($xoopsUser && ($xoopsUser->isAdmin() || $editor->getVar('uid') == $xoopsUser->uid())) { $editLink = XOOPS_URL . '/modules/mywords/admin/posts.php?op=edit&id=' . $post->id(); $xoopsTpl->assign('can_edit', true); $xoopsTpl->assign('edit_link', $editLink); unset($editLink); } $xoopsTpl->assign('lang_reads', sprintf(__('%u views', 'mywords'), $post->getVar('reads'))); // Post pages $total_pages = $post->total_pages(); $nav = new RMPageNav($total_pages, 1, $page, 5); $nav->target_url($post->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}')); $xoopsTpl->assign('post_navbar', $nav->render(true)); // Post data $post_arr = array('id' => $post->id(), 'title' => $post->getVar('title'), 'published' => sprintf(__('%s by %s', 'mywords'), MWFunctions::format_time($post->getVar('pubdate')) . ' ' . date('H:i', $post->getVar('pubdate')), '<a href="' . $editor->permalink() . '">' . (isset($editor) ? $editor->getVar('name') : __('Anonymous', 'mywords')) . "</a>"), 'text' => $post->content(false, $page), 'cats' => $post->get_categos('data'), 'tags' => $post->tags(false), 'trackback' => $post->getVar('pingstatus') ? MWFunctions::get_url(true) . $post->id() : '', 'meta' => $post->get_meta('', false), 'time' => $post->getVar('pubdate'), 'image' => $post->image(), 'video' => $post->video, 'player' => $post->video != '' ? $post->video_player() : '', 'author' => array('name' => $editor->getVar('name') != '' ? $editor->name : $editor->shortname, 'id' => $editor->id(), 'link' => $editor->permalink(), 'bio' => $editor->getVar('bio'), 'email' => $editor->data('email'), 'uid' => $editor->uid, 'url' => $editor->data('url')), 'alink' => $editor->permalink(), 'format' => $post->format, 'comments' => $post->comments, 'comments_enabled' => $post->comstatus); $xoopsTpl->assign('full_post', 1); $xoopsTpl->assign('lang_editpost', __('Edit Post', 'mywords'));