function list_multi_edit()
{
global $txp_user;
$selected = ps('selected');
if (!$selected or !is_array($selected)) {
return list_list();
}
$selected = array_map('assert_int', $selected);
$method = ps('edit_method');
$changed = false;
$ids = array();
if ($method == 'delete') {
if (!has_privs('article.delete')) {
$allowed = array();
if (has_privs('article.delete.own')) {
foreach ($selected as $id) {
$author = safe_field('AuthorID', 'textpattern', "ID = {$id}");
if ($author == $txp_user) {
$allowed[] = $id;
}
}
}
$selected = $allowed;
}
foreach ($selected as $id) {
if (safe_delete('textpattern', "ID = {$id}")) {
$ids[] = $id;
}
}
$changed = join(', ', $ids);
if ($changed) {
safe_update('txp_discuss', "visible = " . MODERATE, "parentid in({$changed})");
}
} else {
$selected = array_map('assert_int', $selected);
$selected = safe_rows('ID, AuthorID, Status', 'textpattern', 'ID in (' . implode(',', $selected) . ')');
$allowed = array();
foreach ($selected as $item) {
if ($item['Status'] >= 4 and has_privs('article.edit.published') or $item['Status'] >= 4 and $item['AuthorID'] == $txp_user and has_privs('article.edit.own.published') or $item['Status'] < 4 and has_privs('article.edit') or $item['Status'] < 4 and $item['AuthorID'] == $txp_user and has_privs('article.edit.own')) {
$allowed[] = $item['ID'];
}
}
$selected = $allowed;
unset($allowed);
switch ($method) {
// change author
case 'changeauthor':
$key = 'AuthorID';
$val = has_privs('article.edit') ? ps('AuthorID') : '';
// do not allow to be set to an empty value
if (!$val) {
$selected = array();
}
break;
// change category1
// change category1
case 'changecategory1':
$key = 'Category1';
$val = ps('Category1');
break;
// change category2
// change category2
case 'changecategory2':
$key = 'Category2';
$val = ps('Category2');
break;
// change comments
// change comments
case 'changecomments':
$key = 'Annotate';
$val = (int) ps('Annotate');
break;
// change section
// change section
case 'changesection':
$key = 'Section';
$val = ps('Section');
// do not allow to be set to an empty value
if (!$val) {
$selected = array();
}
break;
// change status
// change status
case 'changestatus':
$key = 'Status';
$val = ps('Status');
if (!has_privs('article.publish') && $val >= 4) {
$val = 3;
}
// do not allow to be set to an empty value
if (!$val) {
$selected = array();
}
break;
default:
$key = '';
$val = '';
break;
}
if ($selected and $key) {
foreach ($selected as $id) {
if (safe_update('textpattern', "{$key} = '" . doSlash($val) . "'", "ID = {$id}")) {
$ids[] = $id;
}
}
$changed = join(', ', $ids);
}
}
if ($changed) {
update_lastmod();
return list_list(messenger('article', $changed, $method == 'delete' ? 'deleted' : 'modified'));
}
return list_list();
}
/**
* Processes multi-edit actions.
*/
function list_multi_edit()
{
global $txp_user, $statuses, $all_cats, $all_authors, $all_sections;
extract(psa(array('selected', 'edit_method')));
if (!$selected || !is_array($selected)) {
return list_list();
}
$selected = array_map('assert_int', $selected);
// Empty entry to permit clearing the categories.
$categories = array('');
foreach ($all_cats as $row) {
$categories[] = $row['name'];
}
$allowed = array();
$field = $value = '';
switch ($edit_method) {
// Delete.
case 'delete':
if (!has_privs('article.delete')) {
if (has_privs('article.delete.own')) {
$allowed = safe_column_num("ID", 'textpattern', "ID IN (" . join(',', $selected) . ") AND AuthorID = '" . doSlash($txp_user) . "'");
}
$selected = $allowed;
}
if ($selected && safe_delete('textpattern', "ID IN (" . join(',', $selected) . ")")) {
safe_update('txp_discuss', "visible = " . MODERATE, "parentid IN (" . join(',', $selected) . ")");
callback_event('articles_deleted', '', 0, $selected);
callback_event('multi_edited.articles', 'delete', 0, compact('selected', 'field', 'value'));
update_lastmod('articles_deleted', $selected);
now('posted', true);
now('expires', true);
return list_list(messenger('article', join(', ', $selected), 'deleted'));
}
return list_list();
break;
// Change author.
// Change author.
case 'changeauthor':
$value = ps('AuthorID');
if (has_privs('article.edit') && in_array($value, $all_authors, true)) {
$field = 'AuthorID';
}
break;
// Change category1.
// Change category1.
case 'changecategory1':
$value = ps('Category1');
if (in_array($value, $categories, true)) {
$field = 'Category1';
}
break;
// Change category2.
// Change category2.
case 'changecategory2':
$value = ps('Category2');
if (in_array($value, $categories, true)) {
$field = 'Category2';
}
break;
// Change comment status.
// Change comment status.
case 'changecomments':
$field = 'Annotate';
$value = (int) ps('Annotate');
break;
// Change section.
// Change section.
case 'changesection':
$value = ps('Section');
if (in_array($value, $all_sections, true)) {
$field = 'Section';
}
break;
// Change status.
// Change status.
case 'changestatus':
$value = (int) ps('Status');
if (array_key_exists($value, $statuses)) {
$field = 'Status';
}
if (!has_privs('article.publish') && $value >= STATUS_LIVE) {
$value = STATUS_PENDING;
}
break;
}
$selected = safe_rows("ID, AuthorID, Status", 'textpattern', "ID IN (" . join(',', $selected) . ")");
foreach ($selected as $item) {
if ($item['Status'] >= STATUS_LIVE && has_privs('article.edit.published') || $item['Status'] >= STATUS_LIVE && $item['AuthorID'] === $txp_user && has_privs('article.edit.own.published') || $item['Status'] < STATUS_LIVE && has_privs('article.edit') || $item['Status'] < STATUS_LIVE && $item['AuthorID'] === $txp_user && has_privs('article.edit.own')) {
$allowed[] = $item['ID'];
}
}
$selected = $allowed;
if ($selected) {
$message = messenger('article', join(', ', $selected), 'modified');
if ($edit_method === 'duplicate') {
$rs = safe_rows_start("*", 'textpattern', "ID IN (" . join(',', $selected) . ")");
if ($rs) {
while ($a = nextRow($rs)) {
unset($a['ID'], $a['LastMod'], $a['LastModID'], $a['Expires']);
$a['uid'] = md5(uniqid(rand(), true));
$a['AuthorID'] = $txp_user;
foreach ($a as $name => &$value) {
$value = "`{$name}` = '" . doSlash($value) . "'";
}
if ($id = (int) safe_insert('textpattern', join(',', $a))) {
safe_update('textpattern', "Title = CONCAT(Title, ' (', {$id}, ')'),\n url_title = CONCAT(url_title, '-', {$id}),\n Posted = NOW(),\n feed_time = NOW()", "ID = {$id}");
}
}
}
$message = gTxt('duplicated_articles', array('{id}' => join(', ', $selected)));
} elseif (!$field || safe_update('textpattern', "{$field} = '" . doSlash($value) . "'", "ID IN (" . join(',', $selected) . ")") === false) {
return list_list();
}
update_lastmod('articles_updated', compact('selected', 'field', 'value'));
now('posted', true);
now('expires', true);
callback_event('multi_edited.articles', $edit_method, 0, compact('selected', 'field', 'value'));
return list_list($message);
}
return list_list();
}
function list_multi_edit()
{
global $txp_user, $statuses, $all_cats, $all_authors, $all_sections;
// Empty entry to permit clearing the categories
$categories = array('');
foreach ($all_cats as $row) {
$categories[] = $row['name'];
}
$selected = ps('selected');
if (!$selected or !is_array($selected)) {
return list_list();
}
$selected = array_map('assert_int', $selected);
$method = ps('edit_method');
$changed = false;
$ids = array();
$key = '';
if ($method == 'delete') {
if (!has_privs('article.delete')) {
$allowed = array();
if (has_privs('article.delete.own')) {
$allowed = safe_column_num('ID', 'textpattern', 'ID in(' . join(',', $selected) . ') and AuthorID=\'' . doSlash($txp_user) . '\'');
}
$selected = $allowed;
}
foreach ($selected as $id) {
if (safe_delete('textpattern', "ID = {$id}")) {
$ids[] = $id;
}
}
$changed = join(', ', $ids);
if ($changed) {
safe_update('txp_discuss', "visible = " . MODERATE, "parentid in({$changed})");
callback_event('articles_deleted', '', 0, $ids);
}
} else {
$selected = safe_rows('ID, AuthorID, Status', 'textpattern', 'ID in (' . implode(',', $selected) . ')');
$allowed = array();
foreach ($selected as $item) {
if ($item['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $item['Status'] >= STATUS_LIVE and $item['AuthorID'] == $txp_user and has_privs('article.edit.own.published') or $item['Status'] < STATUS_LIVE and has_privs('article.edit') or $item['Status'] < STATUS_LIVE and $item['AuthorID'] == $txp_user and has_privs('article.edit.own')) {
$allowed[] = $item['ID'];
}
}
$selected = $allowed;
unset($allowed);
switch ($method) {
// change author
case 'changeauthor':
$val = has_privs('article.edit') ? ps('AuthorID') : '';
if (in_array($val, $all_authors)) {
$key = 'AuthorID';
}
break;
// change category1
// change category1
case 'changecategory1':
$val = ps('Category1');
if (in_array($val, $categories)) {
$key = 'Category1';
}
break;
// change category2
// change category2
case 'changecategory2':
$val = ps('Category2');
if (in_array($val, $categories)) {
$key = 'Category2';
}
break;
// change comments
// change comments
case 'changecomments':
$key = 'Annotate';
$val = (int) ps('Annotate');
break;
// change section
// change section
case 'changesection':
$val = ps('Section');
if (in_array($val, $all_sections)) {
$key = 'Section';
}
break;
// change status
// change status
case 'changestatus':
$val = (int) ps('Status');
if (array_key_exists($val, $statuses)) {
$key = 'Status';
}
if (!has_privs('article.publish') && $val >= STATUS_LIVE) {
$val = STATUS_PENDING;
}
break;
default:
$key = '';
$val = '';
break;
}
if ($selected and $key) {
foreach ($selected as $id) {
if (safe_update('textpattern', "{$key} = '" . doSlash($val) . "'", "ID = {$id}")) {
$ids[] = $id;
}
}
$changed = join(', ', $ids);
}
}
if ($changed) {
update_lastmod();
return list_list(messenger('article', $changed, $method == 'delete' ? 'deleted' : 'modified'));
}
return list_list();
}
function list_multi_edit()
{
global $txp_user;
if (ps('selected') and !has_privs('article.delete')) {
$ids = array();
if (has_privs('article.delete.own')) {
foreach (ps('selected') as $id) {
$author = safe_field('AuthorID', 'textpattern', "ID='" . doSlash($id) . "'");
if ($author == $txp_user) {
$ids[] = $id;
}
}
}
$_POST['selected'] = $ids;
}
$deleted = event_multi_edit('textpattern', 'ID');
if (!empty($deleted)) {
$method = ps('method');
return list_list(messenger('article', $deleted, $method == 'delete' ? 'deleted' : 'modified'));
}
return list_list();
}
function list_multi_edit()
{
$method = ps('method');
$things = ps('selected');
if ($things) {
foreach ($things as $ID) {
if ($method == 'delete') {
if (safe_delete('textpattern', "ID='{$ID}'")) {
$ids[] = $ID;
}
}
}
list_list(messenger('article', join(', ', $ids), 'deleted'));
} else {
list_list();
}
}
