<?php require_once "functions.php"; include "connection.php"; ?> <?php if (request_type() === "GET") { echo get_all_records(); }
function dashboard_script() { list($snippet, $text) = GET('snippet, text'); if ($snippet == '') { $snippet = 'sandbox'; } // Prevent subfoldering $snippet = preg_replace('/[^a-z0-9\\-\\.]/i', '_', $snippet); if (request_type('POST')) { cn_dsi_check(); // Click select only if (!REQ('select', 'POST')) { if (REQ('delete', 'POST')) { $_t = getoption('#snippets'); unset($_t[$snippet]); setoption('#snippets', $_t); $snippet = 'sandbox'; } else { // Create new snippet if (REQ('create', 'POST')) { $snippet = REQ('create'); } setoption('#snippets/' . $snippet, $text); cn_throw_message('Changes saved'); } } else { cn_throw_message('Select snippet [' . cn_htmlspecialchars($snippet) . ']'); } } $list = getoption('#snippets'); if (empty($list)) { $list['sandbox'] = ''; } $opt_txt = getoption('#snippets/' . $snippet); $params = array('list' => $list, 'text' => !empty($opt_txt) ? $opt_txt : '', 'can_delete' => $snippet !== 'sandbox' ? TRUE : FALSE, 'snippet' => $snippet, 'snippets' => getoption('#snippets')); echoheader('-@dashboard/style.css', 'HTML Scripts'); echo exec_tpl('dashboard/script', $params); echofooter(); }
<?php require_once "functions.php"; include "connection.php"; ?> <?php switch (request_type()) { case 'GET': $id = $_GET["id"]; echo get_record_json_by_id($id); break; case 'PUT': $json_str = file_get_contents('php://input'); update_record($json_str); break; case 'DELETE': $id = $_GET["id"]; delete_record_by_id($id); break; case 'POST': $json_str = file_get_contents('php://input'); add_record($json_str); break; default: echo "unknown request"; break; }
</tr> </table> <?php } elseif ($sub == 'rss') { ?> <div style="padding: 8px; color: #555555;"> <p>Rich Site Summary (sometimes referred to as Really Simple Syndication);</p> <p>RSS allows a web developer to share the content on his/her site. RSS repackages the web content as a list of data items, to which you can subscribe from a directory of RSS publishers.</p> <p>RSS 'feeds' can be read with a web browser or special RSS reader called a content aggregator.</p> </div> <?php if (request_type('POST')) { // Show form $rss_clause = array(); if (REQ('rss_category') && !REQ('rss_allcategory')) { $rss_clause[] = 'category=' . join(',', REQ('rss_category')); } if (REQ('rss_number')) { $rss_clause[] = 'number=' . intval(REQ('rss_number')); } $rss_clause = join('&', $rss_clause); if ($rss_clause) { $rss_clause = "?{$rss_clause}"; } ?> <div class="notice-form"> <div style="float: right"><a target="_blank" title="RSS Feed" href="<?php
function media_invoke() { $popup_form = ''; list($path, $opt) = GET('folder, opt', 'GETPOST'); list($do_action, $pending) = GET('do_action, pending', 'POST'); // Change default uploads dir $udir = cn_path_construct(SERVDIR, 'uploads'); if (getoption('uploads_dir')) { $udir = preparation_path(getoption('uploads_dir')); } $edir = getoption('uploads_ext') ? getoption('uploads_ext') : getoption('http_script_dir') . '/uploads'; $dfile = cn_path_construct($udir, $path); // Remove root identifier $path = preparation_path($path); // Path detection $path = preg_replace('/[^a-z0-9\\/_\\\\]/i', '-', $path); $root_dir = cn_path_construct($udir, $path) . DIRECTORY_SEPARATOR; $just_uploaded = array(); // Get path struct $pathes = spsep($path, DIRECTORY_SEPARATOR); if (isset($pathes[0]) && $pathes[0] === '') { unset($pathes[0]); } // Do upload files if (request_type('POST')) { cn_dsi_check(); // Allowed Exts. $AE = spsep(getoption('allowed_extensions')); // Generate thumbnail after upload $thumbnail_with_upload = getoption('thumbnail_with_upload'); // UPLOAD FILES if (REQ('upload', 'POST')) { list($overwrite) = GET('overwrite'); $is_uploaded = FALSE; // Try for fopen url upload if ($upload_from_inet = REQ('upload_from_inet')) { if (ini_get('allow_url_fopen')) { // Get filename $url_name = spsep($upload_from_inet, '/'); $url_name = $url_name[count($url_name) - 1]; $url_name = preg_replace('/(%20|\\s|\\?|&|\\/)/', '_', $url_name); $url_name = str_replace('%', '_', $url_name); // resolve filename $c_file = $dfile . $url_name; // Overwrite [if can], or add file if ($overwrite && file_exists($c_file) || !file_exists($c_file)) { // Use context for disable error notices if (function_exists('stream_context_create')) { $context = stream_context_create(array('http' => array('ignore_errors' => true))); $fw = fopen($upload_from_inet, 'rb', false, $context); } else { // Read file $fw = fopen($upload_from_inet, 'rb'); } // --------- (fetch content) ------ ob_start(); fpassthru($fw); $file_image = ob_get_clean(); fclose($fw); // --------- // write2disk if ($wf = fopen($c_file, 'w')) { fwrite($wf, $file_image); fclose($wf); } // check image list($w, $h) = getimagesize($c_file); if ($w && $h) { cn_throw_message('File uploaded'); $max_width = getoption('max_thumbnail_width'); if ($w > $max_width && $thumbnail_with_upload) { $resize_result = resize_image($c_file, $max_width, 0); cn_throw_message($resize_result['msg'], $resize_result['status'] ? 'n' : 'w'); } $is_uploaded = TRUE; $just_uploaded[$url_name] = TRUE; } else { cn_throw_message("Wrong image file", 'e'); unlink($c_file); } } else { cn_throw_message("Can't overwrite or save", 'e'); } } else { cn_throw_message('allow_url_fopen=0, check server configurations'); } } // Upload from local foreach ($_FILES['upload_file']['name'] as $id => $name) { if ($name) { $ext = NULL; if (preg_match('/\\.(\\w+)$/i', $name, $c)) { $ext = strtolower($c[1]); } // Check allowed ext if ($ext && in_array($ext, $AE)) { // encode url $name = str_replace('%2F', '/', urlencode($name)); // encoded? replace filename if (strpos($name, '%') !== FALSE) { $name = str_replace('%', '', strtolower($name)); } // check file for exist if (file_exists($c_file = $dfile . $name)) { if ($overwrite) { cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] overwritten', 'w'); } else { cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] already exists', 'e'); continue; } } // Upload file to server if (move_uploaded_file($_FILES['upload_file']['tmp_name'][$id], $c_file)) { $just_uploaded[$name] = TRUE; cn_throw_message('File uploaded [<b>' . cn_htmlspecialchars($name) . '</b>]'); $max_width = getoption('max_thumbnail_width'); list($w, $h) = getimagesize($c_file); if ($w > $max_width && $thumbnail_with_upload) { $resize_result = resize_image($c_file, $max_width, 0); cn_throw_message($resize_result['msg'], $resize_result['status'] ? 'n' : 'w'); } } else { cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] not uploaded! Please, check upload_max_filesize in PHP settings.', 'e'); } } else { cn_throw_message('File extension [' . cn_htmlspecialchars($ext) . '] not allowed', 'e'); } } elseif (!$is_uploaded) { cn_throw_message('No selected files for upload', 'e'); } } } elseif ($do_action || $pending) { list($rm) = GET('rm', 'POST'); // action --> delete entries if ($do_action == 'delete') { if (empty($rm)) { cn_throw_message('No files selected', 'w'); } else { foreach ($rm as $file) { if (file_exists($cfile = $dfile . $file)) { if (is_dir($cfile)) { rmdir($cfile); } else { //get thumbnail path $path_parts = pathinfo($cfile); $thumbnail_path = $path_parts['dirname'] . DIRECTORY_SEPARATOR . '.thumb.' . $path_parts['basename']; if (file_exists($thumbnail_path)) { unlink($thumbnail_path); } unlink($cfile); } } if (file_exists($cfile)) { cn_throw_message('File [' . cn_htmlspecialchars($cfile) . '] not deleted!', 'e'); } else { cn_throw_message('File [' . cn_htmlspecialchars($file) . '] deleted successfully'); } } } } elseif ($do_action == 'create') { $popup_form = i18n('Enter directory name') . ' <input type="text" name="new_dir" value="" />'; } elseif ($pending == 'create') { $new_dir_arr = GET('new_dir', 'POST'); $new_folder = array_pop($new_dir_arr); $new_folder = preg_replace('/[^a-z0-9_]/i', '-', $new_folder); if ($new_folder) { $cfile = $dfile . $new_folder; if (is_dir($cfile)) { cn_throw_message('Folder [' . $new_folder . '] already exists!', 'e'); } else { mkdir($cfile); if (!is_dir($cfile)) { cn_throw_message('Folder [' . cn_htmlspecialchars($cfile) . ' not created]', 'e'); } else { cn_throw_message('Folder [' . $new_folder . '] created!'); } } } else { cn_throw_message('Specify folder name', 'w'); } $popup_form = ''; } elseif ($do_action == 'rename') { if ($rm) { $popup_form = '<div class="big_font">' . i18n('Rename file to') . '</div>'; $popup_form .= i18n('Tip: Write new file name') . '<br />'; $popup_form .= '<table>'; foreach ($rm as $id => $fn) { $hfn = cn_htmlspecialchars($fn); $popup_form .= '<tr><td align="right" class="indent"><b>' . $hfn . '</b><td>'; $popup_form .= '<td><input type="hidden" name="ids[' . $id . ']" value="' . $hfn . '"/>→</td>'; $popup_form .= '<td><input style="width: 300px;" type="text" name="place[' . $id . ']" value="' . $hfn . '" /> '; $popup_form .= '</td></tr>'; } $popup_form .= '</table>'; } else { cn_throw_message('Select files to rename', 'w'); } } elseif ($pending == 'rename') { // ... list($ids, $place) = GET('ids, place', 'POST'); // prevent illegal moves $safe_dir = scan_dir($root_dir); foreach ($safe_dir as $id => $v) { $safe_dir[$id] = md5($v); } // do move all files / dirs foreach ($ids as $id => $file) { if (in_array(md5($file), $safe_dir)) { $filename = $place[$id]; if (strpos($filename, '\\') || strpos($filename, '/')) { cn_throw_message(i18n('The name of file [%1] should not contain special characters', cn_htmlspecialchars($file)), 'e'); continue; } $renameto = $root_dir . $filename; $thumb = $root_dir . '.thumb.' . $file; // do move if (rename($root_dir . $file, $renameto)) { if (file_exists($thumb)) { rename($thumb, $root_dir . '.thumb.' . $filename); } cn_throw_message(i18n('File [%1] renamed to [%2]', cn_htmlspecialchars($file), cn_htmlspecialchars($filename))); } else { cn_throw_message(i18n('File [%1] not renamed', cn_htmlspecialchars($file)), 'e'); } } } } elseif ($do_action == 'move') { if ($rm) { $popup_form = '<div class="big_font">' . i18n('Move files to') . '</div>'; $popup_form .= i18n('Tip: You can select the folder to move the file') . '<br />'; $popup_form .= '<table>'; $folders = array(); $dirs = scan_dir($root_dir); foreach ($dirs as $entry) { if (is_dir($root_dir . $entry) && !($entry === '..' || $entry === '.')) { $folders[] = $entry; } } foreach ($rm as $id => $fn) { $hfn = cn_htmlspecialchars($fn); $popup_form .= '<tr><td align="right" class="indent"><b>' . $hfn . '</b><td>'; $popup_form .= '<td><input type="hidden" name="ids[' . $id . ']" value="' . $hfn . '"/>→</td>'; $popup_form .= '<td>'; $cnt_folders = count($folders); if ($cnt_folders != 0 && !($cnt_folders == 1 && in_array($hfn, $folders))) { $popup_form .= '<select name="place_folder_' . $id . '">'; foreach ($folders as $dirn) { if ($dirn != $hfn) { $popup_form .= '<option value="' . $dirn . '">' . $dirn . '</option>'; } } $popup_form .= '</select>'; } if ($root_dir != $udir) { $popup_form .= '<nobr><input type="checkbox" onclick="javascript:hideFolderList(this,' . $id . ')" name="moveup[' . $id . ']" value="Y" /> Move up</nobr>'; } else { $popup_form .= '<nobr> X Move up (You are in root folder)</nobr>'; } $popup_form .= '</td></tr>'; } $popup_form .= '</table>'; } else { cn_throw_message('Select files to move', 'w'); } } elseif ($pending == 'move') { // ... list($ids, $moveup) = GET('ids, moveup', 'POST'); // prevent illegal moves $safe_dir = scan_dir($root_dir); foreach ($safe_dir as $id => $v) { $safe_dir[$id] = md5($v); } // do move all files / dirs foreach ($ids as $id => $file) { list($place_folder) = GET('place_folder_' . $id); if (in_array(md5($file), $safe_dir)) { $NF = ''; $foldername = preg_replace('/\\.\\//i', '', $place_folder); // move this file up if (isset($moveup[$id]) && count($pathes) > 0) { $nwfolder = dirname($root_dir); $foldername = 'up folder'; } else { $nwfolder = $root_dir . ($NF = isset($rm[0]) ? $rm[0] : '') . DIRECTORY_SEPARATOR . $foldername; if ($rm[0]) { $NF = $rm[0] . DIRECTORY_SEPARATOR; } } $moveto = $nwfolder . DIRECTORY_SEPARATOR . $file; //check for image thumbnail $thumb = $root_dir . '.thumb.' . $file; // do move if (rename($root_dir . $file, $moveto)) { if (file_exists($thumb)) { rename($thumb, $nwfolder . DIRECTORY_SEPARATOR . '.thumb.' . $file); } cn_throw_message(i18n('File [%1] moved to [%2]', cn_htmlspecialchars($file), cn_htmlspecialchars($foldername))); } else { cn_throw_message(i18n('File [%1] not moved', cn_htmlspecialchars($file)), 'e'); } } } } elseif ($do_action == 'thumb') { if (!empty($_POST['rm'])) { $popup_form = get_sizes_form('Make thumbnails', $do_action); } else { cn_throw_message('Select files to make thumbnail', 'w'); } } elseif ($pending == 'thumb') { do_resize_image($root_dir); } elseif ($do_action == 'resize') { if (!empty($_POST['rm'])) { $popup_form = get_sizes_form('Resize source image', $do_action); } else { cn_throw_message('Select files to resize', 'w'); } } elseif ($pending == 'resize') { do_resize_image($root_dir, false); } elseif (!hook('media/post_action')) { msg_info("Action error"); } } } // Check dir exists if (is_dir($root_dir)) { $raw_files = scan_dir($root_dir); } else { cn_throw_message('Dir not exists', 'e'); $raw_files = array(); } $dirs = $files = array(); foreach ($raw_files as $file) { if (preg_match('/avatar_/', $file)) { continue; } $file_location = "{$root_dir}/{$file}"; if (is_dir($file_location)) { $dirs[] = array('url' => "{$path}/{$file}", 'name' => $file); } elseif (filesize(cn_path_construct($udir, $path) . $file) != 0) { list($w, $h) = getimagesize(cn_path_construct($udir, $path) . $file); $is_thumb = preg_match('/\\.thumb\\./', $file); $files[] = array('name' => $file, 'url' => $edir . '/' . ($path ? $path . '/' : '') . $file, 'thumb' => file_exists($root_dir . '/.thumb.' . pathinfo($file, PATHINFO_BASENAME)) ? $edir . '/' . ($path ? $path . '/' : '') . '.thumb.' . pathinfo($file, PATHINFO_BASENAME) : '', 'local' => ($path ? $path . '/' : '') . $file, 'just_uploaded' => isset($just_uploaded[$file]) ? TRUE : FALSE, 'is_thumb' => $is_thumb, 'w' => $w, 'h' => $h, 'fs' => round(filesize($file_location) / 1024, 1)); } } uasort($dirs, 'usort_by_name_asc'); uasort($files, 'usort_by_name_asc'); // Top level (dashboard) cn_bc_add('Dashboard', cn_url_modify(array('reset'))); cn_bc_add('Media manager', cn_url_modify()); cn_assign("files, dirs, path, pathes, popup_form, root_dir", $files, $dirs, $path, $pathes, $popup_form, $root_dir); if ($opt === 'inline') { echo exec_tpl('window', 'title=Quick insert image', 'style=media/style.css', 'content=' . exec_tpl('media/general')); } else { echoheader('-@media/style.css', 'Media manager'); echo exec_tpl('media/general'); echofooter(); } }
function edit_news_action_edit() { $flatdb = new FlatDB(); $preview_html = $preview_html_full = ''; $ID = $gstamp = intval(REQ('id', 'GETPOST')); list($status, $preview) = GET('m, preview'); list($vConcat, $vTags, $faddm, $archive_id, $source) = GET('concat, tags, faddm, archive_id, source', 'GETPOST'); // get news part by day $news = db_news_load(db_get_nloc($ID)); if ($ID == 0) { msg_info("Can't edit news without ID"); } if (!isset($news[$ID])) { msg_info("News entry not found!"); } // load entry $entry = $news[$ID]; $oldentry = $entry; // disallowed by category if (!test_cat($entry['c'])) { msg_info("You can't view entry. Category disallow"); } // set status message if ($status == 'added') { cn_throw_message('News was added'); } if ($status == 'moved') { cn_throw_message('Moved to another time'); } // load more fields list($morefields) = cn_get_more_fields($entry['mf']); // do save news? if (request_type('POST')) { $flatdb->cache_clean(); // check exists news if (isset($news[$ID])) { // extract data $entry = $storent = $news[$ID]; // Prepare text list($title, $page, $category, $short_story, $full_story, $if_use_html, $postpone_draft) = GET('title, page, category, short_story, full_story, if_use_html, postpone_draft', 'GETPOST'); // Change date? list($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year) = GET('from_date_hour, from_date_minutes, from_date_seconds, from_date_month, from_date_day, from_date_year', 'GETPOST'); $c_time = intval(mktime($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year)); // sanitize page name $page = preg_replace('/[^a-z0-9_\\.]/i', '-', $page); if (empty($page) && !empty($title) && getoption('auto_news_alias')) { $page = strtolower(preg_replace('/[^a-z0-9_\\.]/i', '-', cn_transliterate($title))); } // current source is archive, active (postponed) or draft news $draft_target = $postpone_draft === 'draft'; // User can't post active news if (test('Bd') && $draft_target !== 'draft') { $draft_target = 'draft'; } // if archive_id is present, unable send to draft $current_source = $archive_id ? "archive-{$archive_id}" : ($source == 'draft' ? 'draft' : ''); $target_source = $archive_id ? "archive-{$archive_id}" : ($draft_target ? 'draft' : ''); $if_use_html = $if_use_html ? TRUE : (getoption('use_wysiwyg') ? TRUE : FALSE); $entry['t'] = cn_htmlclear($title); $entry['c'] = is_array($category) ? join(',', $category) : $category; $entry['s'] = cn_htmlclear($short_story); $entry['f'] = cn_htmlclear($full_story); $entry['ht'] = $if_use_html; $entry['st'] = $draft_target ? 'd' : ''; $entry['pg'] = $page; $entry['cc'] = $vConcat ? TRUE : FALSE; $entry['tg'] = strip_tags($vTags); // apply more field (for news & frontend) list($entry, $disallow_message) = cn_more_fields_apply($entry, $faddm); list($morefields) = cn_get_more_fields($faddm); // has message from function if ($disallow_message) { cn_throw_message($disallow_message, 'e'); } // Make preview if ($preview) { //correct preview links $gstamp = $entry['id'] = $c_time; $preview_html = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'active')); $preview_html_full = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'full')); } elseif (REQ('do_editsave', 'POST')) { if (!getoption('disable_title') && empty($title)) { cn_throw_message('The title cannot be blank', 'e'); } if (!getoption('disable_short') && empty($short_story)) { cn_throw_message('The story cannot be blank', 'e'); } // Check for change alias $pgts = bt_get_id($ID, 'ts_pg'); if ($pgts && $pgts !== $page) { if ($page) { if (bt_get_id($page, 'pg_ts')) { cn_throw_message('For other news page alias already exists!', 'e'); } } else { bt_del_id($pgts, 'pg_ts'); bt_del_id($ID, 'ts_pg'); } } // no errors in a[rticle] area if (cn_get_message('e', 'c') == 0) { $FlatDB = new FlatDB(); $ida = db_index_load($current_source); $idd = db_index_load($target_source); // Time is changed if ($c_time != intval($ID)) { // Load next block (or current) $next = db_news_load(db_get_nloc($c_time)); if (isset($next[$c_time])) { cn_throw_message('The article time already busy, select another', 'e'); } else { // set new time $entry['id'] = $c_time; $next[$c_time] = $entry; // remove old news [from source / dest] if (isset($news[$ID])) { unset($news[$ID]); } if (isset($next[$ID])) { unset($next[$ID]); } // remove old index if (isset($idd[$ID])) { unset($idd[$ID]); } // Delete old indexes $_ts_id = bt_get_id($ID, 'nts_id'); bt_del_id($ID, 'nts_id'); // Update bt_set_id($_ts_id, $c_time, 'nid_ts'); bt_set_id($c_time, $_ts_id, 'nts_id'); // save 2 blocks db_save_news($news, db_get_nloc($ID)); db_save_news($next, db_get_nloc($c_time)); cn_throw_message('News moved from <b>' . date('Y-m-d H:i:s', $ID) . '</b> to <b>' . date('Y-m-d H:i:s', $c_time) . '</b>'); } } else { $news[$ID] = $entry; db_save_news($news, db_get_nloc($ID)); cn_throw_message('News was edited'); } // Update page aliases $_ts_pg = bt_get_id($ID, 'ts_pg'); bt_del_id($ID, 'ts_pg'); bt_del_id($_ts_pg, 'pg_ts'); if ($page) { bt_set_id($c_time, $page, 'ts_pg'); bt_set_id($page, $c_time, 'pg_ts'); } // 1) remove from old index if (isset($ida[$ID])) { unset($ida[$ID]); } // Fill probably unused $storent['tg'] = isset($storent['tg']) ? $storent['tg'] : ''; // 2) add new index $idd[$c_time] = db_index_create($entry); // 3) sync indexes db_index_save($ida, $current_source); db_index_update_overall($current_source); db_index_save($idd, $target_source); db_index_update_overall($target_source); // ------ // UPDATE categories $FlatDB->cn_remove_categories($storent['c'], $storent['id']); $FlatDB->cn_add_categories($entry['c'], $c_time); // UPDATE tags $FlatDB->cn_remove_tags($storent['tg'], $storent['id']); $FlatDB->cn_add_tags($entry['tg'], $c_time); // UPDATE date / id storage [with comments count] $FlatDB->cn_update_date($entry['id'], $storent['id'], count($storent['co'])); // ------ } } } else { msg_info("News entry not found or has been deleted"); } } if (empty($entry['pg']) && isset($entry['t']) && getoption('auto_news_alias')) { $entry['pg'] = strtolower(preg_replace('/[^a-z0-9_\\.]/i', '-', cn_transliterate($entry['t']))); } // Assign template vars $category = spsep($entry['c']); $categories = cn_get_categories(false); $title = isset($entry['t']) ? $entry['t'] : ''; $short_story = isset($entry['s']) ? $entry['s'] : ''; $page = isset($entry['pg']) ? $entry['pg'] : ''; $full_story = isset($entry['f']) ? $entry['f'] : ''; $is_draft = isset($entry['st']) ? $entry['st'] == 'd' : false; $vConcat = isset($entry['cc']) ? $entry['cc'] : ''; $vTags = isset($entry['tg']) ? $entry['tg'] : ''; $if_use_html = isset($entry['ht']) ? $entry['ht'] : false; $is_active_html = test('Csr'); cn_assign('categories, vCategory, vTitle, vPage, vShort, vFull, vUseHtml, preview_html, preview_html_full, gstamp, is_draft, vConcat, vTags, morefields, archive_id, is_active_html', $categories, $category, $title, $page, $short_story, $full_story, $if_use_html, $preview_html, $preview_html_full, $gstamp, $is_draft, $vConcat, $vTags, $morefields, $archive_id, $is_active_html); cn_assign("EDITMODE", 1); // show edit page echoheader("addedit@addedit/main.css", i18n("Edit news")); echo exec_tpl('addedit/main'); echofooter(); }
* @author @iamzzm iamzzm@gmail.com http://www.iamzzm.net * @version 2010-8-26 */ include './config.php'; $method = $_SERVER['REQUEST_METHOD']; $request_api = strval(substr($_SERVER['REQUEST_URI'], strlen(substr($_SERVER["SCRIPT_NAME"], 0, -10)))); $post_data = false; if ($method == 'POST') { $post_str = @file_get_contents('php://input'); parse_str($post_str, $post_data); } if (strpos($request_api, 'api/') === 1) { //workaround for twhirl $request_api = substr($request_api, 4); } $type = request_type($request_api); if ($type == 'search') { $url = TWITTER_SEARCH . $request_api; } else { $url = TWITTER_URL . $request_api; } if ($type != 'oauth') { $result = process_curl($url, $post_data); if ($type == 'maybe') { $checkResult = json_decode($result); if (isset($checkResult->error)) { $type = 'oauth'; } } } if ($type == 'oauth') {
function add_news_invoke() { $FlatDB = new FlatDB(); // loadall list($article_type, $preview) = GET('postpone_draft, preview', 'GETPOST'); list($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year) = GET('from_date_hour, from_date_minutes, from_date_seconds, from_date_month, from_date_day, from_date_year', 'GETPOST'); list($title, $page, $category, $short_story, $full_story, $if_use_html, $vConcat, $vTags, $faddm) = GET('title, page, category, short_story, full_story, if_use_html, concat, tags, faddm', 'GETPOST'); $categories = cn_get_categories(false); list($morefields) = cn_get_more_fields($faddm); $is_active_html = test('Csr'); // Prepare data to add new item if (request_type('POST')) { cn_dsi_check(); if (!preg_match("~^[0-9]{1,}\$~", $from_date_hour) or !preg_match("~^[0-9]{1,}\$~", $from_date_minutes) or !preg_match("~^[0-9]{1,}\$~", $from_date_seconds)) { cn_throw_message("You want to add article, but the hour format is invalid.", 'e'); } // create publish time $c_time = mktime($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year); // flat category to array if ($category == '') { $category = array(); } elseif (!is_array($category)) { $category = array($category); } // article is draft? if ($article_type == 'draft') { $draft = 1; } else { $draft = 0; } $if_use_html = $if_use_html ? TRUE : (getoption('use_wysiwyg') ? TRUE : FALSE); // draft, if Behavior Draft is set if (test('Bd')) { $draft = 1; } // sanitize page name $page = preg_replace('/[^a-z0-9_\\.]/i', '-', $page); if (empty($page) && getoption('auto_news_alias')) { $page = strtolower(preg_replace('/[^a-z0-9_\\.]/i', '-', cn_transliterate($title))); } // basic news $member = member_get(); $entry = array(); $entry['id'] = $c_time; $entry['t'] = cn_htmlclear($title); $entry['u'] = $member['name']; $entry['c'] = news_make_category($category); $entry['s'] = cn_htmlclear($short_story); $entry['f'] = cn_htmlclear($full_story); $entry['ht'] = $if_use_html; $entry['st'] = $draft ? 'd' : ''; $entry['co'] = array(); // 0 comments $entry['cc'] = $vConcat ? TRUE : FALSE; $entry['tg'] = strip_tags($vTags); $entry['pg'] = $page; // Check page alias for exists if ($page && bt_get_id($page, 'pg_ts') && !$preview) { cn_throw_message('Page alias already exists', 'e'); } else { // Get latest id for news $latest_id = intval(bt_get_id('latest_id', 'conf')); $latest_id++; bt_set_id($latest_id, $c_time, 'nid_ts'); bt_set_id($c_time, $latest_id, 'nts_id'); bt_set_id('latest_id', $latest_id, 'conf'); // apply more field list($entry, $disallow_message) = cn_more_fields_apply($entry, $faddm); // has message from function if ($disallow_message) { cn_throw_message($disallow_message, 'e'); } } // ---- if (!$preview) { if (!getoption('disable_title') && empty($title)) { cn_throw_message('The title cannot be blank', 'e'); } if (getoption('news_title_max_long') && strlen($title) > getoption('news_title_max_long')) { cn_throw_message('The title cannon be greater then ' . getoption('news_title_max_long') . ' charecters', 'e'); } if (!getoption('disable_short') && empty($short_story)) { cn_throw_message('The story cannot be blank', 'e'); } // no errors in a[rticle] area if (cn_get_message('e', 'c') == 0) { // Add page alias bt_set_id($page, $c_time, 'pg_ts'); bt_set_id($c_time, $page, 'ts_pg'); $sc = $draft ? 'draft' : ''; $es = db_news_load(db_get_nloc($entry['id'])); // make unique id while (isset($es[$c_time])) { $c_time++; } // override ts $entry['id'] = $c_time; // add default group permission $member = member_get(); // add to database $es[$c_time] = $entry; // do save item db_save_news($es, db_get_nloc($c_time)); // add news to index db_index_add($c_time, $entry['c'], $member['id'], $sc); // ------------------------ $FlatDB->cn_update_date($c_time, 0); $FlatDB->cn_source_update($c_time, $draft ? 'D' : ''); $FlatDB->cn_add_categories($entry['c'], $c_time); $FlatDB->cn_add_tags($entry['tg'], $c_time); $FlatDB->cn_user_sync($entry['u'], $c_time); // ------------------------ // increase user count written news $cnt = intval($member['cnt']) + 1; db_user_update($member['name'], "cnt={$cnt}"); // do update meta-index db_index_update_overall($sc); // Notify for unapproved if (getoption('notify_unapproved') && test('Bd')) { cn_send_mail(getoption('notify_email'), i18n('CuteNews unapproved article was added'), "CuteNews - Unapproved article was added CuUnArWaAd", cn_replace_text(cn_get_template('notify_unapproved', 'mail'), '%username%, %article_title%', $member['name'], $title)); } $FlatDB->cache_clean(); // view in editor cn_relocation(PHP_SELF . '?mod=editnews&action=editnews&id=' . $c_time . '&m=added'); } } else { //correct preview links $preview_html = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'active')); $preview_html_full = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'full')); cn_assign('preview_html, preview_html_full, gstamp', $preview_html, $preview_html_full, $c_time); } } if (empty($category)) { $category = array(); } // ----------------------------------------------------------------------------------------------------------------- cn_assign('categories, vCategory, vTitle, vShort, vFull, is_active_html, vUseHtml, vConcat, vTags, morefields,vPage', $categories, $category, $title, $short_story, $full_story, $is_active_html, $if_use_html, $vConcat, $vTags, $morefields, $page); // --- echoheader("addedit@addedit/main.css", i18n("Add News")); echo exec_tpl('addedit/main'); echofooter(); }