foreach ($record->getFacts(null, false, WT_PRIV_HIDE) as $fact) { if (!in_array($fact->getFactId(), $fact_ids)) { $gedcom .= "\n" . $fact->getGedcom(); } } // Append the new facts foreach ($facts as $fact) { $gedcom .= "\n" . $fact; } // Cleanup the client’s bad editing? $gedcom = preg_replace('/[\\r\\n]+/', "\n", $gedcom); // Empty lines $gedcom = trim($gedcom); // Leading/trailing spaces $record->updateRecord($gedcom, false); $controller->addInlineJavascript('closePopupAndReloadParent();'); break; //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// case 'editrawfact': $xref = WT_Filter::get('xref', WT_REGEX_XREF); $fact_id = WT_Filter::get('fact_id'); $record = WT_GedcomRecord::getInstance($xref); check_record_access($record); // Find the fact to edit $edit_fact = null; foreach ($record->getFacts() as $fact) { if ($fact->getFactId() == $fact_id && $fact->canEdit()) { $edit_fact = $fact; break; }
$body = WT_Filter::post('body'); $from_name = WT_Filter::post('from_name'); $from_email = WT_Filter::post('from_email'); $action = WT_Filter::post('action', 'compose|send', 'compose'); $to = WT_Filter::post('to', null, WT_Filter::get('to')); $method = WT_Filter::post('method', 'messaging|messaging2|messaging3|mailto|none', WT_Filter::get('method', 'messaging|messaging2|messaging3|mailto|none', 'messaging2')); $url = WT_Filter::postUrl('url', WT_Filter::getUrl('url')); $controller = new WT_Controller_Simple(); $controller->setPageTitle(WT_I18N::translate('webtrees message')); $to_user = User::findByIdentifier($to); // Only admins can send broadcast messages if ((!$to_user || $to == 'all' || $to == 'last_6mo' || $to == 'never_logged') && !Auth::isAdmin()) { // TODO, what if we have a user called "all" or "last_6mo" or "never_logged" ??? WT_FlashMessages::addMessage(WT_I18N::translate('Message was not sent')); $controller->pageHeader(); $controller->addInlineJavascript('window.opener.location.reload(); window.close();'); exit; } $errors = ''; // Is this message from a member or a visitor? if (WT_USER_ID) { $from = WT_USER_NAME; } else { // Visitors must provide a valid email address if ($from_email && (!preg_match("/(.+)@(.+)/", $from_email, $match) || function_exists('checkdnsrr') && checkdnsrr($match[2]) === false)) { $errors .= '<p class="ui-state-error">' . WT_I18N::translate('Please enter a valid email address.') . '</p>'; $action = 'compose'; } // Do not allow anonymous visitors to include links to external sites if (preg_match('/(?!' . preg_quote(WT_SERVER_NAME, '/') . ')(((?:ftp|http|https):\\/\\/)[a-zA-Z0-9.-]+)/', $subject . $body, $match)) { $errors .= '<p class="ui-state-error">' . WT_I18N::translate('You are not allowed to send messages that contain external links.') . '</p>' . '<p class="ui-state-highlight">' . WT_I18N::translate('You should delete the “%1$s” from “%2$s” and try again.', $match[2], $match[1]) . '</p>' . Log::addAuthenticationLog('Possible spam message from "' . $from_name . '"/"' . $from_email . '", subject="' . $subject . '", body="' . $body . '"');
if ($linkto == "repository") { echo WT_I18N::translate('Repository'), "</td>"; echo '<td class="optionbox wrap">'; if ($linktoid == "") { echo '<input class="pedigree_form" type="text" name="linktoid" id="linktorid" size="3" value="', $linktoid, '">'; } else { $record = WT_Repository::getInstance($linktoid); echo $record->format_list('span', false, $record->getFullName()); } } if ($linkto == "note") { echo WT_I18N::translate('Shared note'), "</td>"; echo '<td class="optionbox wrap">'; if ($linktoid == "") { echo '<input class="pedigree_form" type="text" name="linktoid" id="linktonid" size="3" value="', $linktoid, '">'; } else { $record = WT_Note::getInstance($linktoid); echo $record->format_list('span', false, $record->getFullName()); } } echo '</td></tr>'; echo '<tr><td class="topbottombar" colspan="2"><input type="submit" value="', WT_I18N::translate('Set link'), '"></td></tr>'; echo '</table>'; echo '</form>'; } elseif ($action == "update" && $paramok) { $record = WT_GedcomRecord::getInstance($linktoid); $record->createFact('1 OBJE @' . $mediaid . '@', true); $controller->addInlineJavascript('closePopupAndReloadParent();'); } echo '<button onclick="closePopupAndReloadParent();">', WT_I18N::translate('close'), '</button>'; }
// Build the gedcom record $newged = "0 @new@ OBJE"; if ($tag[0] == 'FILE') { // The admin has an edit field to change the file name $text[0] = $folderName . $fileName; } else { // Users keep the original filename $newged .= "\n1 FILE " . $folderName . $fileName; } $newged = handle_updates($newged); $media = WT_GedcomRecord::createRecord($newged, WT_GED_ID); if ($linktoid) { $record = WT_GedcomRecord::getInstance($linktoid); $record->createFact('1 OBJE @' . $media->getXref() . '@', true); Log::addEditLog('Media ID ' . $media->getXref() . " successfully added to {$linktoid}."); $controller->addInlineJavascript('closePopupAndReloadParent();'); } else { Log::addEditLog('Media ID ' . $media->getXref() . ' successfully added.'); $controller->addInlineJavascript('openerpasteid("' . $media->getXref() . '");'); } echo '<button onclick="closePopupAndReloadParent();">', WT_I18N::translate('close'), '</button>'; exit; case 'update': // Save the information from the “editmedia” action $controller->setPageTitle(WT_I18N::translate('Edit media object')); // Validate the media folder $folderName = str_replace('\\', '/', $folder); $folderName = trim($folderName, '/'); if ($folderName == '.') { $folderName = ''; }