/**
* Save blog in database.
* @param $readPost Read values from post.
* @return ErrorLog if there were errors.
*/
function saveBlog($readPost = true)
{
// Create ErrorLog object
$errorLog = new ErrorLog();
if ($this->hasAdministerPermission()) {
global $dbi, $log, $login, $module;
// Check if data is submitted from the form
checkSubmitter();
// Include language
include scriptPath . "/include/language/" . pageLanguage . "/general.php";
include scriptPath . "/" . folderBlog . "/include/language/" . $this->language . "/general.php";
// Save values from post
if ($readPost) {
$this->category = parseHtml(getPostValue("category"), 0);
$this->description = parseHtml(getPostValue("description"), 1);
$this->language = getPostValue("language");
$this->postLimit = getPostValue("postLimit");
$this->showRSSLink = getPostValue("showRSSLink");
$this->showRSSCommentsLink = getPostValue("showRSSCommentsLink");
$this->subscribers = parseHtml(getPostValue("subscribers"), 0);
$this->title = parseHtml(getPostValue("title"), 0);
}
// Validate data
if (empty($this->language)) {
$this->language = pageDefaultLanguage;
}
if (empty($this->title)) {
$errorLog->addError("title", $lBlogEdit["MissingTitle"]);
} else {
if (empty($this->id)) {
$blog = new Blog("", $this->title);
if (!empty($blog->id)) {
$errorLog->addError("title", $lBlogEdit["BlogExists"]);
}
}
}
// If there were no errors update database
if (!$errorLog->hasErrors()) {
if (empty($this->id)) {
// Get max position
$result = $dbi->query("SELECT MAX(position) FROM " . blogTableName);
if ($result->rows()) {
list($position) = $result->fetchrow_array();
$position++;
} else {
$position = 0;
}
// Insert blog into database
$dbi->query("INSERT INTO " . blogTableName . "(title,category,description,subscribers,language,postLimit,showRSSLink,showRSSCommentsLink,position) VALUES(" . $dbi->quote($this->title) . "," . $dbi->quote($this->category) . "," . $dbi->quote($this->description) . "," . $dbi->quote($this->subscribers) . "," . $dbi->quote($this->language) . "," . $dbi->quote($this->postLimit) . "," . $dbi->quote($this->showRSSLink) . "," . $dbi->quote($this->showRSSCommentsLink) . "," . $dbi->quote($position) . ")");
// Get new blog id
$this->id = $dbi->getInsertId();
// Set default permissions
$login->setModuleContentPermissions(blogContentId, $this->id, "Visitors", 0, 0, 1, 0, 0, 0, 0, 1);
$login->setModuleContentPermissions(blogContentId, $this->id, "Users", 0, 0, 1, 0, 0, 0, 0, 1);
} else {
// Update blog in database
$dbi->query("UPDATE " . blogTableName . " SET title=" . $dbi->quote($this->title) . ",category=" . $dbi->quote($this->category) . ",description=" . $dbi->quote($this->description) . ",subscribers=" . $dbi->quote($this->subscribers) . ",language=" . $dbi->quote($this->language) . ",postLimit=" . $dbi->quote($this->postLimit) . ",showRSSLink=" . $dbi->quote($this->showRSSLink) . ",showRSSCommentsLink=" . $dbi->quote($this->showRSSCommentsLink) . " WHERE id=" . $dbi->quote($this->id));
}
// Upload index picture
if (!empty($_FILES["img_0"])) {
uploadFile($_FILES["img_0"], "blog_" . $this->id, array("image/jpeg", "image/pjpeg", "image/gif"), 0, 50, 50);
}
// Log transaction
$log->logTransaction(blogContentId, $this->id);
} else {
if (!empty($_FILES["img_0"]["tmp_name"])) {
$errorLog->addError("upload", $lErrors["ReUploadImages"]);
}
}
}
return $errorLog;
}
function findText($html = null)
{
if ($html == null) {
return false;
}
$tags = array();
$text = array();
if (is_string($html)) {
$tags = parseHtml($html);
} else {
if (is_array($html)) {
$tags = $html;
} else {
$tags = false;
}
}
if ($tags == false) {
return false;
}
foreach ($tags as $t) {
if ($t['TAG'] == false && $t['TYPE'] == 'T' && isset($t['TXT'])) {
$text[] = $t['TXT'];
}
}
return $text;
}
function ParseImages($text)
{
global $import_directory;
global $q_warnings;
global $q_errors;
if (stripos(" " . $text, "<img") > 0) {
$output = '';
while ($text) {
if (stripos(" " . $text, "<img") > 0) {
$pre = substr($text, 0, stripos($text, "<img"));
$imgtag = substr($text, stripos($text, "<img"));
$imgtag = substr($imgtag, 0, stripos($imgtag, ">") + 1);
$rest = substr($text, stripos($text, "<img"));
$rest = substr($rest, stripos($rest, ">") + 1);
$output .= $pre;
// we have a src tag?
if (stripos($imgtag, "src") > 0) {
$data = parseHtml($imgtag);
$src = $data['IMG'][0]['src'];
$basename = basename($src);
$filename = FindFile($import_directory, $basename);
if ($filename) {
$basename = basename($filename);
$uniqueFilename = unique_filename($basename);
copy($import_directory . "/" . $filename, $cfg_web_root . 'media/' . $uniqueFilename);
$data['IMG'][0]['src'] = "/media/" . $basename;
// recreate img tag
$imgtag = "<img ";
foreach ($src = $data['IMG'][0] as $tag => $value) {
$imgtag .= "{$tag}=\"{$value}\" ";
}
$imgtag .= "/>";
} else {
$q_warnings[] = "Missing image {$basename}";
}
}
$output .= $imgtag;
$text = $rest;
} else {
$output .= $text;
$text = "";
}
}
$text = $output;
}
return $text;
}
<?php
// My parser
include_once "lib/tag-finder.php";
// Variables
$yvonne_url = "http://pics.mytrapster.com/yvonne.php";
$html_resp = "";
$html_doc = "";
$html_dsp = "";
// Fetch the html
try {
$html_resp = file_get_contents($yvonne_url);
$html_doc = parseHtml($html_resp);
$html_dsp = sprintf('{"url":"%s","thumb":"%s"}', $html_doc[0]['ATTR'][0]['val'], $html_doc[1]['ATTR'][0]['val']);
} catch (Exception $ex) {
$html_dsp = $ex->getMessage();
}
// Output
header("Content-type: text/plain");
echo $html_dsp;
/**
* Save page to database.
* @param readPost Read values from post (default true).
* @return ErrorLog object if there were errors.
*/
function savePage($readPost = true)
{
// Create ErrorLog object
$errorLog = new ErrorLog();
// Check if user has edit permission
if ($this->hasEditPermission()) {
global $dbi, $log, $login, $revision;
global $lEditPage;
// Save old text for revision
$oldText = "";
// Get values
if ($readPost) {
// Check submitter
checkSubmitter();
// Get values
$this->disableComments = getPostValue("disableComments");
$this->link = getPostValue("link");
$this->navbarTitle = getPostValue("navbarTitle");
$this->parent = new Page(getPostValue("parentId"));
$this->separator = getPostValue("separator");
$this->showComments = getPostValue("showComments");
$this->showInMenu = getPostValue("showInMenu");
$this->showLastModified = getPostValue("showLastModified");
$oldText = $this->text;
$this->text = parseHtml(getPostValue("text"), 4);
$this->text = parseThumbnailImages($this->text);
$this->title = getPostValue("title");
$lastUpdated = getPostValue("lastUpdated");
} else {
$this->parent = new Page(0);
}
// Validate data
if (empty($this->title)) {
$errorLog->addError("title", $lEditPage["TitleMissing"]);
}
if (!empty($lastUpdated)) {
if ($lastUpdated != $this->getLastUpdated()) {
$errorLog->addError("pageModified", $lEditPage["PageModified"]);
}
}
// If no errors save page
if (!$errorLog->hasErrors()) {
$exists = false;
if (!empty($this->id)) {
$result = $dbi->query("SELECT id FROM " . pageTableName . " WHERE id=" . $dbi->quote($this->id));
if ($result->rows()) {
$exists = true;
}
}
if ($exists) {
// Update page in database
$dbi->query("UPDATE " . pageTableName . " SET parentId=" . $dbi->quote($this->parent->id) . ",title=" . $dbi->quote($this->title) . ",text=" . $dbi->quote($this->text) . ",link=" . $dbi->quote($this->link) . ",navbarTitle=" . $dbi->quote($this->navbarTitle) . ",showInMenu=" . $dbi->quote($this->showInMenu) . ",showLastModified=" . $dbi->quote($this->showLastModified) . ",showComments=" . $dbi->quote($this->showComments) . ",disableComments=" . $dbi->quote($this->disableComments) . ",`separator`=" . $dbi->quote($this->separator) . " WHERE id=" . $dbi->quote($this->id));
} else {
// Get position
$result = $dbi->query("SELECT MAX(position) FROM " . pageTableName);
if ($result->rows()) {
list($position) = $result->fetchrow_array();
$position++;
} else {
$position = 0;
}
// Insert page into database
$dbi->query("INSERT INTO " . pageTableName . "(" . (!empty($this->id) ? "id," : "") . "parentId,title,link,text,navbarTitle,showInMenu,showLastModified,showComments,disableComments,position,`separator`) VALUES(" . (!empty($this->id) ? $dbi->quote($this->id) . "," : "") . $dbi->quote($this->parent->id) . "," . $dbi->quote($this->title) . "," . $dbi->quote($this->link) . "," . $dbi->quote($this->text) . "," . $dbi->quote($this->navbarTitle) . "," . $dbi->quote($this->showInMenu) . "," . $dbi->quote($this->showLastModified) . "," . $dbi->quote($this->showComments) . "," . $dbi->quote($this->disableComments) . "," . ($position + 1) . "," . $dbi->quote($this->separator) . ")");
// Get new page id
$this->id = $dbi->getInsertId();
// Set permissions for reading the page
$login->setModuleContentPermissions(pageContentTypeId, $this->id, "Visitors", 0, 0, 1, 0, 0, 0, 0, 1);
$login->setModuleContentPermissions(pageContentTypeId, $this->id, "Users", 0, 0, 1, 0, 0, 0, 0, 1);
// Free result set
$result->finish();
}
// Log transaction
$log->logTransaction(pageContentTypeId, $this->id);
// Save page revision
$revision->saveTextRevision(pageModuleId, pageContentTypeId, $this->id, $oldText, $this->text);
// Delete cache
$this->deleteCache();
}
// Return errors if any
return $errorLog;
}
}
}
if (!checkEmail($friendEmail)) {
$errors->addError("friendEmail", $lSendToFriend["InvalidFriendMail"]);
}
if ($settings->commentsRequireValidation) {
if (!audit()) {
$errors->addError("validation", $lComment["WrongValidation"]);
}
}
// Check if errors were found
if (!$errors->hasErrors()) {
$info = parseHtml($info, 0);
$info = str_replace("&", "&", $info);
// Prepare message
$message = !empty($info) ? $message . "\n\n" . $info . "\n" . $link : ($showInformation ? sprintf($lSendToFriend["MailMessage"], $message, $link) : $message);
$message = parseHtml($message, 0);
$message = str_replace("&", "&", $message);
// Send link
if (mail($friendEmail, !empty($subject) ? $subject : $lSendToFriend["MailSubject"], $message, "From: " . $name . " <" . $email . ">\n")) {
redirect(scriptUrl . "/" . fileSendToFriend . "?success=1" . (!empty($windowTitle) ? "&windowTitle=" . encodeParameter($windowTitle) : "") . (showPopup ? "&popup=1" : ""));
} else {
$errors->addError("misc", $lSendToFriend["DeliveryFailed"]);
}
}
}
}
// Add navigation link
$site->addNavigationLink(scriptUrl . "/" . fileSendToFriend, !empty($windowTitle) ? $windowTitle : $lSendToFriend["Header"]);
// Print common header
$site->printHeader();
if (!empty($_GET["success"])) {
/**
* Save user in database.
* @param $readPost Read values from post.
* @param $validate Validate input values.
* @return ErrorList object if there were errors.
*/
function saveUser($readPost = true, $validate = true)
{
global $dbi, $errors, $group, $log, $login, $module, $settings;
// Include language
include scriptPath . "/include/language/" . pageLanguage . "/admin.php";
include scriptPath . "/include/language/" . pageLanguage . "/general.php";
// Save values into this user object
if ($readPost) {
if (empty($this->id)) {
$this->username = getValue("u_username");
}
if ($login->isWebmaster()) {
$this->activated = getValue("u_activated");
$this->activated = !$this->activated;
}
$this->groupId = getValue("u_groupId");
$this->name = getValue("u_name");
$this->email = getValue("u_email");
$this->phone = getValue("u_phone");
$this->mobile = getValue("u_mobile");
$this->facebook = getValue("u_facebook");
$this->twitter = getValue("u_twitter");
$this->linkurl = getValue("u_linkurl");
$this->linkname = getValue("u_linkname");
$this->location = getValue("u_location");
$this->department = getValue("u_department");
$this->position = getValue("u_position");
$this->profileText = parseHtml(getValue("u_profileText"), 2);
$this->signature = getValue("u_signature");
$this->hideEmail = getValue("u_hideEmail");
$this->hideTelephone = getValue("u_hideTelephone");
$this->hideInUserlist = getValue("u_hideInUserlist");
$this->hideOnlineStatus = getValue("u_hideOnlineStatus");
$this->notifyAboutChanges = getValue("u_notifyAboutChanges");
$this->categoryId = getValue("categoryId");
if (empty($this->id)) {
$this->password = getValue("u_passwd");
$repeatedPassword = getValue("u_repeated_passwd");
}
$groups = getValue("u_groups");
$profile = getValue("profile");
}
if ($validate) {
// Check submitter
checkSubmitter(scriptUrl);
if ($this->hasAdministerPermission() && !$profile) {
$userType = getValue("userType");
$this->administrator = 0;
$this->webmaster = 0;
if (!empty($userType)) {
switch ($userType) {
case 1:
// Webmaster
$this->webmaster = 1;
break;
case 2:
// Administrator
$this->administrator = 1;
break;
}
}
}
// Validate username
$this->validateUsername($this->username);
// Validate full name
if (empty($this->name)) {
$errors->addError("name", $lEditUser["MissingFullName"]);
}
// Validate email
if (!$login->isWebmaster()) {
if (empty($this->email)) {
$errors->addError("email", $lEditUser["MissingEmail"]);
}
}
// Validate email is valid and not already registered
if (!empty($this->email)) {
if (!checkEmail($this->email)) {
$errors->addError("email", $lEditUser["InvalidEmail"]);
} else {
$result = $dbi->query("SELECT id FROM " . userDataTableName . " WHERE " . (!empty($this->id) ? "id!=" . $dbi->quote($this->id) . " AND " : "") . "email=" . $dbi->quote($this->email));
if ($result->rows()) {
$errors->addError("email", $lEditUser["EmailExists"]);
}
}
}
// Validate password
if (empty($this->id)) {
$this->validatePassword($this->password, $repeatedPassword);
}
// Validate code
if (empty($this->id) && !$this->hasAdministerPermission() && $settings->requireValidation) {
if (!audit()) {
$errors->addError("validation", $lEditUser["WrongValidation"]);
}
}
}
// If no errors save user data
if (!$errors->hasErrors()) {
// Check if user category exists
if (!empty($this->categoryId)) {
$result = $dbi->query("SELECT Id FROM " . userCategoryTableName . " WHERE Id=" . $dbi->quote($this->categoryId) . " OR Title=" . $dbi->quote($this->categoryId));
if ($result->rows()) {
list($this->categoryId) = $result->fetchrow_array();
} else {
// Get max position
$position = 0;
$result = $dbi->query("SELECT MAX(Position) FROM " . userCategoryTableName);
if ($result->rows()) {
list($maxPosition) = $result->fetchrow_array();
$position = $maxPosition + 1;
}
// Insert the new category
$dbi->query("INSERT INTO " . userCategoryTableName . "(Title,Position) VALUES(" . $dbi->quote($this->categoryId) . "," . $dbi->quote($position) . ")");
$this->categoryId = $dbi->getInsertId();
}
}
if (!empty($this->id)) {
// Update basic user information
$dbi->query("UPDATE " . userTableName . " SET " . (!empty($this->username) ? "username="******"," : "") . "groupId=" . $dbi->quote($this->groupId) . ",registered=registered,lastLogged=lastLogged,lastUpdated=NOW()" . (!empty($this->password) ? ",password="******"") . ",administrator=" . $dbi->quote($this->administrator) . ",webmaster=" . $dbi->quote($this->webmaster) . ",activated=" . $dbi->quote($this->activated) . " WHERE id=" . $this->id);
// Update information about user
$dbi->query("UPDATE " . userDataTableName . " SET categoryId=" . $dbi->quote($this->categoryId) . ",name=" . $dbi->quote($this->name) . ",email=" . $dbi->quote($this->email) . ",phone=" . $dbi->quote($this->phone) . ",mobile=" . $dbi->quote($this->mobile) . ",linkurl=" . $dbi->quote($this->linkurl) . ",linkname=" . $dbi->quote($this->linkname) . ",facebook=" . $dbi->quote($this->facebook) . ",twitter=" . $dbi->quote($this->twitter) . ",location=" . $dbi->quote($this->location) . ",department=" . $dbi->quote($this->department) . ",position=" . $dbi->quote($this->position) . ",profileText=" . $dbi->quote($this->profileText) . ",signature=" . $dbi->quote($this->signature) . ",hideEmail=" . $dbi->quote($this->hideEmail) . ",hideTelephone=" . $dbi->quote($this->hideTelephone) . ",hideInUserlist=" . $dbi->quote($this->hideInUserlist) . ",hideOnlineStatus=" . $dbi->quote($this->hideOnlineStatus) . ",notifyAboutChanges=" . $dbi->quote($this->notifyAboutChanges) . " WHERE id=" . $this->id);
} else {
// Generate cookie
$cookie = $login->generateCookie();
if (!$login->isLoggedIn()) {
// Generate random string
if ($settings->activateWithEmail) {
$activationKey = generateRandomString(32);
}
// Insert data into database
$dbi->query("INSERT INTO " . userTableName . " (username,password,groupId,cookie,webmaster,administrator,activated,activationKey) VALUES(" . $dbi->quote(trim($this->username)) . "," . $dbi->quote(md5(trim($this->password))) . "," . $dbi->quote($this->groupId) . "," . $dbi->quote($cookie) . ",0,0," . ($settings->activateWithEmail && !$this->activated ? 0 : 1) . "," . ($settings->activateWithEmail ? $dbi->quote($activationKey) : "''") . ")");
} else {
// Insert data into database
$dbi->query("INSERT INTO " . userTableName . " (username,password,groupId,cookie,webmaster,administrator,activated) VALUES(" . $dbi->quote(trim($this->username)) . "," . $dbi->quote(md5(trim($this->password))) . "," . $dbi->quote($this->groupId) . "," . $dbi->quote($cookie) . "," . $dbi->quote($this->webmaster) . "," . $dbi->quote($this->administrator) . ",1)");
}
// Get new id of user
$this->id = $dbi->getInsertId();
// Insert user information
$dbi->query("INSERT INTO " . userDataTableName . "(id,categoryId,name,email,phone,mobile,linkurl,linkname,facebook,twitter,location,department,position,profileText,signature,hideEmail,hideTelephone,hideOnlineStatus,notifyAboutChanges) VALUES(" . $this->id . "," . $dbi->quote($this->categoryId) . "," . $dbi->quote($this->name) . "," . $dbi->quote($this->email) . "," . $dbi->quote($this->phone) . "," . $dbi->quote($this->mobile) . "," . $dbi->quote($this->linkurl) . "," . $dbi->quote($this->linkname) . "," . $dbi->quote($this->facebook) . "," . $dbi->quote($this->twitter) . "," . $dbi->quote($this->location) . "," . $dbi->quote($this->department) . "," . $dbi->quote($this->position) . "," . $dbi->quote($this->profileText) . "," . $dbi->quote($this->signature) . "," . $dbi->quote($this->hideEmail) . "," . $dbi->quote($this->hideTelephone) . "," . $dbi->quote($this->hideOnlineStatus) . "," . $dbi->quote($this->notifyAboutChanges) . ")");
// Send mail to registered user
if (!$login->isLoggedIn() && $settings->activateWithEmail) {
// Send registration email
$mail = new phpmailer();
$mail->CharSet = "UTF-8";
$mail->From = pageAdminMail;
$mail->Sender = pageAdminMail;
$mail->FromName = pageTitle;
$mail->Subject = sprintf($lEditUser["WelcomeEmailSubject"], pageTitle);
$mail->Body = sprintf($lEditUser["WelcomeEmailText"], $this->name, scriptUrl . "/" . fileProfileActivate . "?id=" . $this->id . "&activate=1&activationKey=" . $activationKey);
$mail->IsHTML(false);
$mail->AddAddress($this->email);
$mail->Send();
}
// Notify listeners that user was inserted
if (function_exists("userInserted")) {
userInserted($this->id);
}
}
// Set permissions for user
if ($this->hasAdministerPermission() && !$profile) {
if (!empty($userType)) {
// Remove permissions if any
$dbi->query("DELETE FROM " . permissionTableName . " WHERE moduleContentTypeId='' AND moduleContentId='' AND type='User' AND typeId=" . $dbi->quote($this->id));
// If module administrator set permissions
if ($userType == 3) {
$permissions = getValue("permissions");
$result = $dbi->query("SELECT Id FROM " . moduleTableName);
if ($result->rows()) {
for ($i = 0; list($moduleId) = $result->fetchrow_array(); $i++) {
if (!empty($permissions[$moduleId])) {
// Initialize values
$administrator = 0;
$comment = 0;
$create = 0;
$delete = 0;
$edit = 0;
$grant = 0;
$publish = 0;
$read = 0;
// Get permission type
switch ($permissions[$moduleId]) {
case 1:
$read = 1;
break;
case 2:
$read = 1;
$comment = 1;
break;
case 3:
$read = 1;
$comment = 1;
$create = 1;
$edit = 1;
break;
case 4:
$read = 1;
$comment = 1;
$create = 1;
$edit = 1;
$publish = 1;
break;
case 5:
$read = 1;
$comment = 1;
$create = 1;
$edit = 1;
$publish = 1;
$delete = 1;
break;
case 6:
$read = 1;
$comment = 1;
$create = 1;
$edit = 2;
$publish = 1;
$delete = 2;
break;
case 7:
$administrator = 1;
break;
}
// Check if any permissions have been set
if ($administrator || $comment != 0 || $create != 0 || $delete != 0 || $edit != 0 || $grant != 0 || $publish != 0 || $read != 0) {
// Set permissions for module content
$login->setModulePermissions($moduleId, "User", $this->id, $administrator, $comment, $create, $delete, $edit, $publish, $read);
}
}
}
}
}
}
// Add to groups
$group->deleteGroupRefs($this->id);
if (!empty($groups)) {
for ($i = 0; $i < sizeof($groups); $i++) {
$group->addToGroup($groups[$i], $this->id);
}
}
}
// Upload index picture
if (!empty($_FILES["img_0"]["tmp_name"])) {
$size = getImageDimensions($_FILES["img_0"]["tmp_name"]);
$height = $size[1] * (150 / $size[0]);
resizeToFile($_FILES["img_0"]["tmp_name"], 150, $height, scriptPath . "/" . folderUploadedFiles . "/user_" . $this->id . ".jpg", 100);
}
// Call any custom sections
global $site;
if (!empty($site->editUserSections)) {
for ($i = 0; $i < sizeof($site->editUserSections); $i++) {
if (function_exists($site->editUserSections[$i]["saveFunction"])) {
$site->editUserSections[$i]["saveFunction"]($this->id);
}
}
}
// Log transaction
$log->logTransaction(userContentTypeId, $this->id);
} else {
if (!empty($this->password)) {
$errors->addError("reenterPassword", $lEditUser["ReenterPasswords"]);
}
if (!empty($_FILES["img_0"]["tmp_name"])) {
$errors->addError("upload", $lErrors["ReUploadImages"]);
}
}
// Return list of errors
return $errors;
}
/**
* Save blog post.
* @param $readPost Read values from post.
* @return ErrorLog object if there were errors.
*/
function savePost($readPost = true)
{
global $category, $dbi, $log, $login;
// Check if data is submitted from the form
if ($readPost) {
checkSubmitter();
}
// Create ErrorLog object
$errorLog = new ErrorLog();
// Get blog id and create blog object
$this->blog = new Blog(getValue("blogId"));
// Check if blog exists
if (!empty($this->blog->id)) {
if ($this->hasEditPermission()) {
// Include language
include scriptPath . "/" . folderBlog . "/include/language/" . $this->blog->language . "/general.php";
// Save if post was draft before
$draftBefore = $this->draft;
// Save blog post values
if ($readPost) {
$this->categories = explode(",", getPostValue("categories"));
$this->disableComments = getPostValue("disableComments");
$this->draft = getPostValue("draft");
$this->showComments = getPostValue("showComments");
$this->subject = parseHtml(getPostValue("subject"), 1);
$this->summary = parseThumbnailImages(parseHtml(getPostValue("summary"), 4));
$this->text = parseThumbnailImages(parseHtml(getPostValue("text"), 4));
$userId = getPostValue("userId");
// Get publication time
$day = getPostValue("day");
$month = getPostValue("month");
$year = getPostValue("year");
$hour = getPostValue("hour");
$minute = getPostValue("minute");
// Process input
if (!empty($day) && !empty($month) && !empty($year)) {
$this->posted = mktime($hour, $minute, 0, $month, $day, $year);
}
if (!empty($userId)) {
$this->user = new User($userId);
}
}
// Validate post data
if (empty($this->posted)) {
$this->posted = mktime();
}
if (empty($userId)) {
$this->user = new User($login->id);
}
if (empty($this->subject)) {
$errorLog->addError("subject", $lBlogEditPost["MissingSubject"]);
}
// Check if post has been modified
$lastUpdated = getValue("lastUpdated");
if ($lastUpdated != $this->getLastUpdated()) {
$errorLog->addError("postModified", $lBlogEditPost["PostModified"]);
}
// Prepare values for notification
$subject = "[" . $this->blog->title . "] " . $this->subject;
$message = "<p>" . $lBlogEditPost["NotifyInsert"] . " '" . $this->blog->title . "'.</p>" . "<p><b>" . $lBlogEditPost["Name"] . "</b></p><p>" . $login->name . "</p>" . "<p><b>" . $lBlogEditPost["Subject"] . "</b></p><p>" . $this->subject . "</p>" . "<p><b>" . $lBlogEditPost["Summary"] . "</b></p>" . parseString(!empty($this->summary) ? $this->summary : (!empty($this->text) ? $this->text : "")) . "<p>--<br />" . $lBlogEditPost["ReadPost"] . ": " . $this->getPostLink() . "<br />" . $lBlogEditPost["VisitBlog"] . ": " . $this->blog->getBlogLink() . "</p>";
$sender = $login->name;
// If no errors proceed, otherwise return errors
if (!$errorLog->hasErrors()) {
if (empty($this->id)) {
// Insert into database
$dbi->query("INSERT INTO " . blogPostTableName . "(blogId,userId,subject,summary,text,posted,lastUpdated,showComments,disableComments,draft) VALUES(" . $dbi->quote($this->blog->id) . "," . $dbi->quote($this->user->id) . "," . $dbi->quote($this->subject) . "," . $dbi->quote($this->summary) . "," . $dbi->quote($this->text) . ",FROM_UNIXTIME(" . $dbi->quote($this->posted) . "),NOW()," . $dbi->quote($this->showComments) . "," . $dbi->quote($this->disableComments) . "," . $dbi->quote($this->draft) . ")");
// Get new post id
$this->id = $dbi->getInsertId();
// Notify subscribers about the new post
if (!$this->draft) {
$this->notifySubscribers($sender, $subject, $message);
}
} else {
// Update values in database
$dbi->query("UPDATE " . blogPostTableName . " SET blogId=" . $dbi->quote($this->blog->id) . ",userId=" . $dbi->quote($this->user->id) . ",subject=" . $dbi->quote($this->subject) . ",summary=" . $dbi->quote($this->summary) . ",text=" . $dbi->quote($this->text) . ",posted=FROM_UNIXTIME(" . $dbi->quote($this->posted) . "),lastUpdated=lastUpdated,showComments=" . $dbi->quote($this->showComments) . ",disableComments=" . $dbi->quote($this->disableComments) . ",draft=" . $dbi->quote($this->draft) . " WHERE id=" . $dbi->quote($this->id));
// Notify subscribers if the post was a draft previously
if (!$this->draft && $draftBefore) {
$this->notifySubscribers($sender, $subject, $message);
}
}
// Associate categories with this post
$category->addCategoryReferences(blogModuleId, blogPostContentId, $this->id, $this->categories);
// Log transaction
$log->logTransaction(blogPostContentId, $this->id);
// Delete cached files
if (!empty($this->blog)) {
$this->blog->deleteCache();
}
}
}
}
return $errorLog;
}
<?php
require_once ('../helperPhp/parser.php');
parseHtml($_POST["source"]);
?>