Exemplo n.º 1
0
 function _commithttpdata()
 {
     global $sid, $error, $_full_uri;
     global $mailposts, $cfg;
     //require_once("htmleditor/editor.inc.php");
     if ($_REQUEST['commit'] && ($cfg['disable_discussion'] != TRUE || $_SESSION['ltype'] == 'admin')) {
         // indeed, we are supposed to commit
         $site = $_REQUEST['site'];
         $action = $_REQUEST['action'];
         $a = $_REQUEST['discuss'];
         if (!$_REQUEST['subject']) {
             error("You must enter a subject.\n");
         }
         if (!$_REQUEST['content']) {
             error("You must enter some text to post.\n");
         }
         if (isset($_REQUEST['rating']) && !is_numeric($_REQUEST['rating']) && $_REQUEST['rating'] != "") {
             $error = "Post rating must be numeric.\n";
         }
         if ($error) {
             unset($_REQUEST['commit']);
             return false;
         }
         /******************************************************************************
          * if public discussion and no log in then add user to user table
          * uname = email address, type = visitor
          ******************************************************************************/
         if (!$_SESSION[auser]) {
             if (user::userEmailExists($_REQUEST['visitor_email'])) {
                 error("A user with that email address already exists.  Please log in before posting.");
             }
             /******************************************************************************
              * Visitor account validation:
              * check that a name has been entered
              * check that the email enter doesn't already exist in Segue and 
              * is not part of the $cfg[visitor_email_excludes] specified in the config
              ******************************************************************************/
             if (!$_REQUEST['visitor_name']) {
                 error("You must enter a username.");
             }
             if (!$_REQUEST['visitor_email'] || !ereg("@", $_REQUEST['visitor_email'])) {
                 error("You must enter a valid email address.");
             } else {
                 if ($_REQUEST['visitor_email']) {
                     foreach ($cfg[visitor_email_excludes] as $visitor_email_exclude) {
                         if ($exclude = ereg($visitor_email_exclude, $_REQUEST['visitor_email'])) {
                             error("Please log in above with your {$cfg['inst_name']} account.");
                         }
                     }
                 }
             }
             // all good
             if (!$error) {
                 $obj =& new user();
                 $obj->uname = $_REQUEST['visitor_email'];
                 $obj->fname = $_REQUEST['visitor_name'];
                 $obj->email = $_REQUEST['visitor_email'];
                 $obj->type = "visitor";
                 $obj->authtype = 'db';
                 $obj->randpass(5, 3);
                 $obj->insertDB();
                 $obj->sendemail();
                 $visitor_id = lastid();
             }
         }
         if ($error) {
             unset($_REQUEST['commit']);
             return false;
         }
         if ($a == 'edit') {
             $d =& new discussion($_REQUEST['story']);
             $d->fetchID($_REQUEST['id']);
             if ($_SESSION['auser'] != $d->authoruname) {
                 return false;
             }
             $d->subject = $_REQUEST['subject'];
             $d->content = cleanEditorText($_REQUEST['content']);
             $d->content = convertInteralLinksToTags($site, $d->content);
             $d->update();
             //log_entry("discussion","$_SESSION[auser] edited story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
             unset($_REQUEST['discuss'], $_REQUEST['commit']);
             //unset($d);
         }
         if ($a == 'rate') {
             $d =& new discussion($_REQUEST['story']);
             $d->fetchID($_REQUEST['id']);
             $d->rating = $_REQUEST['rating'];
             $d->update();
             //log_entry("discussion","$_SESSION[auser] edited story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
             unset($_REQUEST['discuss'], $_REQUEST['commit']);
             // unset($d);
         }
         if ($a == 'reply' || $a == 'newpost') {
             $d =& new discussion($_REQUEST['story']);
             $d->subject = $_REQUEST['subject'];
             // Lets pass the cleaning of editor text off to the editor.
             $d->content = cleanEditorText($_REQUEST['content']);
             $d->content = convertInteralLinksToTags($site, $d->content);
             if ($a == 'reply') {
                 $d->parentid = $_REQUEST['replyto'];
                 //log_entry("discussion","$_SESSION[auser] replied to story ".$_REQUEST['story']." discussion post id ".$_REQUEST['replyto']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
             } else {
                 //log_entry("discussion","$_SESSION[auser] posted to story ".$_REQUEST['story']." discussion in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
             }
             $d->authorid = $_SESSION['aid'] ? $_SESSION['aid'] : $visitor_id;
             $d->authorfname = $_SESSION['afname'] ? $_SESSION['afname'] : $_REQUEST['visitor_name'];
             $d->libraryfileid = $_REQUEST['libraryfileid'];
             $newid = $d->insert();
         }
         /******************************************************************************
          * gather data for sendmail function
          ******************************************************************************/
         if ($mailposts == 1) {
             //printpre("email sending...");
             $this->sendemail($newid);
         }
         unset($_REQUEST['discuss'], $_REQUEST['commit']);
     }
 }
Exemplo n.º 2
0
/******************************************************************************
 * Save
 ******************************************************************************/
if ($_REQUEST[save] && ($cfg['disable_edit_content'] != TRUE || $_SESSION['ltype'] == 'admin')) {
    if (!$error) {
        // save it to the database
        print "<br /><br />" . $_SESSION[settings][sitename] . "<br /><br />";
        /******************************************************************************
         * replace media library urls with $mediapath/$sitename/filename
         * replace specific url with general url
         ******************************************************************************/
        $mod_header = convertInteralLinksToTags($_SESSION[settings][sitename], $_SESSION[siteObj]->getField("header"));
        $mod_footer = convertInteralLinksToTags($_SESSION[settings][sitename], $_SESSION[siteObj]->getField("footer"));
        // Lets pass the cleaning of editor text off to the editor.
        $mod_header = cleanEditorText($mod_header);
        $mod_footer = cleanEditorText($mod_footer);
        $_SESSION[siteObj]->setField("header", $mod_header);
        $_SESSION[siteObj]->setField("footer", $mod_footer);
        if ($_SESSION[settings][add]) {
            $_SESSION[siteObj]->insertDB();
            log_entry("add_site", "{$_SESSION['auser']} added " . $_SESSION[siteObj]->name, $_SESSION[siteObj]->name, $_SESSION[siteObj]->id, "site");
        }
        if ($_SESSION[settings][edit]) {
            $_SESSION[siteObj]->updateDB(1);
            log_entry("edit_site", "{$_SESSION['auser']} edited " . $_SESSION[siteObj]->name, $_SESSION[siteObj]->name, $_SESSION[siteObj]->id, "site");
        }
        /* ----------------------------------------------------- */
        /*   will have to update this to use object-related site copy functions */
        // --- Copy the Template on add ---
        if ($_SESSION[settings][add] && $_SESSION[settings][template] != "") {
            /* 			copySite($_SESSION[settings][template],$_SESSION[siteObj]->getField("name")); */
Exemplo n.º 3
0
 /******************************************************************************
  * replace media library urls with $mediapath/$sitename/filename
  * replace specific url with general url ($linkpath)
  ******************************************************************************/
 if ($_SESSION[storyObj]->getField("type") == "link") {
     $url = $_SESSION[storyObj]->getField("url");
     $url = convertInteralLinksToTags($_SESSION[settings][site], $url);
     // save general mediapath and internal_linkpath to object
     $_SESSION[storyObj]->setField("url", $url);
 }
 // Lets pass the cleaning of editor text off to the editor.
 $texttype = $_SESSION[storyObj]->getField("texttype");
 $text = $_SESSION[storyObj]->getField("longertext");
 //		$text = convertWikiMarkupToLinks($_SESSION[settings][site],$_SESSION[settings][section],$_SESSION[settings][page], $page_title, $text);
 $text = convertInteralLinksToTags($_SESSION[settings][site], $text);
 $text = cleanEditorText($text, $texttype);
 $_SESSION[storyObj]->setField("longertext", $text);
 // check make sure the owner is the current user if they are changing permissions
 /* 		if ($site_owner != $_SESSION[auser]) { */
 /* 			if ($_SESSION[settings][edit]) $_SESSION[storyObj]->buildPermissionsArray(); */
 /* 			else $_SESSION[storyObj]->setPermissions($thisPage->getPermissions()); */
 /* 		} */
 /******************************************************************************
  * Save: calls insertDB and updateDB functions
  ******************************************************************************/
 if ($_SESSION[settings][add]) {
     $_SESSION[storyObj]->insertDB();
     log_entry("add_story", "{$_SESSION['auser']} added content id " . $_SESSION[storyObj]->id . " in site " . $_SESSION[storyObj]->owning_site . ", section " . $_SESSION[storyObj]->owning_section . ", page " . $_SESSION[storyObj]->owning_page, $_SESSION[storyObj]->owning_site, $_SESSION[storyObj]->id, "story");
 }
 if ($_SESSION[settings][edit]) {
     $_SESSION[storyObj]->updateDB();