Exemplo n.º 1
0
 /**
  * remember the last action for this article
  *
  * This function is called by related items. What does it do?
  * - On image creation, the adequate code is added to the description field to let the image be displayed inline
  * - On icon selection, the icon field is updated
  * - On thumbnail image selection, the thumbnail image field is updated
  * - On location creation, some code is inserted in the description field to display location name inline
  * - On table creation, some code is inserted in the description field to display the table inline
  *
  * @see articles/article.php
  * @see articles/edit.php
  * @see shared/anchor.php
  *
  * @param string one of the pre-defined action code
  * @param string the id of the item related to this update
  * @param boolean TRUE to not change the edit date of this anchor, default is FALSE
  */
 function touch($action, $origin = NULL, $silently = FALSE)
 {
     global $context;
     // we make extensive use of comments below
     include_once $context['path_to_root'] . 'comments/comments.php';
     // don't go further on import
     if (preg_match('/import$/i', $action)) {
         return;
     }
     // no article bound
     if (!isset($this->item['id'])) {
         return;
     }
     // delegate to overlay
     if (is_object($this->overlay) && $this->overlay->touch($action, $origin, $silently) === false) {
         return;
         // stop on false
     }
     // clear floating objects
     if ($action == 'clear') {
         $this->item['description'] .= ' [clear]';
         $query = "UPDATE " . SQL::table_name('articles') . " SET description='" . SQL::escape($this->item['description']) . "'" . " WHERE id = " . SQL::escape($this->item['id']);
         SQL::query($query);
         return;
     }
     // get the related overlay, if any
     if (!isset($this->overlay)) {
         $this->overlay = NULL;
         if (isset($this->item['overlay'])) {
             $this->overlay = Overlay::load($this->item, 'article:' . $this->item['id']);
         }
     }
     // components of the query
     $query = array();
     // a new comment has been posted
     if ($action == 'comment:create') {
         // purge oldest comments
         Comments::purge_for_anchor('article:' . $this->item['id']);
         // file upload
     } elseif ($action == 'file:create' || $action == 'file:upload') {
         // actually, several files have been added
         $label = '';
         if (!$origin) {
             // only when comments are allowed
             if (!Articles::has_option('no_comments', $this->anchor, $this->item)) {
                 // remember this as an automatic notification
                 $fields = array();
                 $fields['anchor'] = 'article:' . $this->item['id'];
                 $fields['description'] = i18n::s('Several files have been added');
                 $fields['type'] = 'notification';
                 Comments::post($fields);
             }
             // one file has been added
         } elseif (!Codes::check_embedded($this->item['description'], 'embed', $origin) && ($item = Files::get($origin, TRUE))) {
             // this file is eligible for being embedded in the page
             if (isset($item['file_name']) && Files::is_embeddable($item['file_name'])) {
                 // the overlay may prevent embedding
                 if (is_object($this->overlay) && !$this->overlay->should_embed_files()) {
                 } else {
                     $label = '[embed=' . $origin . ']';
                 }
                 // else add a comment to take note of the upload
             } else {
                 // only when comments are allowed
                 if (!Articles::has_option('no_comments', $this->anchor, $this->item)) {
                     // remember this as an automatic notification
                     $fields = array();
                     $fields['anchor'] = 'article:' . $this->item['id'];
                     if ($action == 'file:create') {
                         $fields['description'] = '[file=' . $item['id'] . ',' . $item['file_name'] . ']';
                     } else {
                         $fields['description'] = '[download=' . $item['id'] . ',' . $item['file_name'] . ']';
                     }
                     Comments::post($fields);
                 }
             }
         }
         // we are in some interactive thread
         if ($origin && $this->has_option('view_as_chat')) {
             // default is to download the file
             if (!$label) {
                 $label = '[download=' . $origin . ']';
             }
             // this is the first contribution to the thread
             if (!($comment = Comments::get_newest_for_anchor('article:' . $this->item['id']))) {
                 $fields = array();
                 $fields['anchor'] = 'article:' . $this->item['id'];
                 $fields['description'] = $label;
                 // this is a continuated contribution from this authenticated surfer
             } elseif ($comment['type'] != 'notification' && Surfer::get_id() && (isset($comment['create_id']) && Surfer::get_id() == $comment['create_id'])) {
                 $comment['description'] .= BR . $label;
                 $fields = $comment;
                 // else process the contribution as a new comment
             } else {
                 $fields = array();
                 $fields['anchor'] = 'article:' . $this->item['id'];
                 $fields['description'] = $label;
             }
             // only when comments are allowed
             if (!Articles::has_option('no_comments', $this->anchor, $this->item)) {
                 Comments::post($fields);
             }
             // include flash videos in a regular page
         } elseif ($origin && $label) {
             $query[] = "description = '" . SQL::escape($this->item['description'] . ' ' . $label) . "'";
         }
         // suppress references to a deleted file
     } elseif ($action == 'file:delete' && $origin) {
         // suppress reference in main description field
         $text = Codes::delete_embedded($this->item['description'], 'download', $origin);
         $text = Codes::delete_embedded($text, 'embed', $origin);
         $text = Codes::delete_embedded($text, 'file', $origin);
         // save changes
         $query[] = "description = '" . SQL::escape($text) . "'";
         // append a reference to a new image to the description
     } elseif ($action == 'image:create' && $origin) {
         if (!Codes::check_embedded($this->item['description'], 'image', $origin)) {
             // the overlay may prevent embedding
             if (is_object($this->overlay) && !$this->overlay->should_embed_files()) {
             } else {
                 // list has already started
                 if (preg_match('/\\[image=[^\\]]+?\\]\\s*$/', $this->item['description'])) {
                     $this->item['description'] .= ' [image=' . $origin . ']';
                 } else {
                     $this->item['description'] .= "\n\n" . '[image=' . $origin . ']';
                 }
                 $query[] = "description = '" . SQL::escape($this->item['description']) . "'";
             }
         }
         // also use it as thumnail if none has been defined yet
         if (!isset($this->item['thumbnail_url']) || !trim($this->item['thumbnail_url'])) {
             include_once $context['path_to_root'] . 'images/images.php';
             if (($image = Images::get($origin)) && ($url = Images::get_thumbnail_href($image))) {
                 $query[] = "thumbnail_url = '" . SQL::escape($url) . "'";
             }
         }
         // refresh stamp only if image update occurs within 6 hours after last edition
         if (SQL::strtotime($this->item['edit_date']) + 6 * 60 * 60 < time()) {
             $silently = TRUE;
         }
         // suppress a reference to an image that has been deleted
     } elseif ($action == 'image:delete' && $origin) {
         // suppress reference in main description field
         $query[] = "description = '" . SQL::escape(Codes::delete_embedded($this->item['description'], 'image', $origin)) . "'";
         // suppress references as icon and thumbnail as well
         include_once $context['path_to_root'] . 'images/images.php';
         if ($image = Images::get($origin)) {
             if ($url = Images::get_icon_href($image)) {
                 if ($this->item['icon_url'] == $url) {
                     $query[] = "icon_url = ''";
                 }
                 if ($this->item['thumbnail_url'] == $url) {
                     $query[] = "thumbnail_url = ''";
                 }
             }
             if ($url = Images::get_thumbnail_href($image)) {
                 if ($this->item['icon_url'] == $url) {
                     $query[] = "icon_url = ''";
                 }
                 if ($this->item['thumbnail_url'] == $url) {
                     $query[] = "thumbnail_url = ''";
                 }
             }
         }
         // set an existing image as the article icon
     } elseif ($action == 'image:set_as_icon' && $origin) {
         include_once $context['path_to_root'] . 'images/images.php';
         if ($image = Images::get($origin)) {
             if ($url = Images::get_icon_href($image)) {
                 $query[] = "icon_url = '" . SQL::escape($url) . "'";
             }
             // also use it as thumnail if none has been defined yet
             if (!(isset($this->item['thumbnail_url']) && trim($this->item['thumbnail_url'])) && ($url = Images::get_thumbnail_href($image))) {
                 $query[] = "thumbnail_url = '" . SQL::escape($url) . "'";
             }
         }
         // set an existing image as the article thumbnail
     } elseif ($action == 'image:set_as_thumbnail' && $origin) {
         include_once $context['path_to_root'] . 'images/images.php';
         if ($image = Images::get($origin)) {
             // use the thumbnail for large files, or the image itself for smaller files
             if ($image['image_size'] > $context['thumbnail_threshold']) {
                 $url = Images::get_thumbnail_href($image);
             } else {
                 $url = Images::get_icon_href($image);
             }
             $query[] = "thumbnail_url = '" . SQL::escape($url) . "'";
         } elseif ($origin) {
             $query[] = "thumbnail_url = '" . SQL::escape($origin) . "'";
         }
         // do not remember minor changes
         $silently = TRUE;
         // append a new image, and set it as the article thumbnail
     } elseif ($action == 'image:set_as_both' && $origin) {
         if (!Codes::check_embedded($this->item['description'], 'image', $origin)) {
             $query[] = "description = '" . SQL::escape($this->item['description'] . ' [image=' . $origin . ']') . "'";
         }
         include_once $context['path_to_root'] . 'images/images.php';
         if ($image = Images::get($origin)) {
             // use the thumbnail for large files, or the image itself for smaller files
             if ($image['image_size'] > $context['thumbnail_threshold']) {
                 $url = Images::get_thumbnail_href($image);
             } else {
                 $url = Images::get_icon_href($image);
             }
             $query[] = "thumbnail_url = '" . SQL::escape($url) . "'";
         } elseif ($origin) {
             $query[] = "thumbnail_url = '" . SQL::escape($origin) . "'";
         }
         // do not remember minor changes
         $silently = TRUE;
         // add a reference to a location in the article description
     } elseif ($action == 'location:create' && $origin) {
         if (!Codes::check_embedded($this->item['description'], 'location', $origin)) {
             $query[] = "description = '" . SQL::escape($this->item['description'] . ' [location=' . $origin . ']') . "'";
         }
         // suppress a reference to a location that has been deleted
     } elseif ($action == 'location:delete' && $origin) {
         $query[] = "description = '" . SQL::escape(Codes::delete_embedded($this->item['description'], 'location', $origin)) . "'";
         // add a reference to a new table in the article description
     } elseif ($action == 'table:create' && $origin) {
         if (!Codes::check_embedded($this->item['description'], 'table', $origin)) {
             $query[] = "description = '" . SQL::escape($this->item['description'] . "\n" . '[table=' . $origin . ']' . "\n") . "'";
         }
         // suppress a reference to a table that has been deleted
     } elseif ($action == 'table:delete' && $origin) {
         $query[] = "description = '" . SQL::escape(Codes::delete_embedded($this->item['description'], 'table', $origin)) . "'";
     }
     // stamp the update
     if (!$silently) {
         $query[] = "edit_name='" . SQL::escape(Surfer::get_name()) . "'," . "edit_id=" . SQL::escape(Surfer::get_id()) . "," . "edit_address='" . SQL::escape(Surfer::get_email_address()) . "'," . "edit_action='" . SQL::escape($action) . "'," . "edit_date='" . gmstrftime('%Y-%m-%d %H:%M:%S') . "'";
     }
     // update the database
     if (count($query)) {
         $query = "UPDATE " . SQL::table_name('articles') . " SET " . implode(', ', $query) . " WHERE id = " . SQL::escape($this->item['id']);
         SQL::query($query);
     }
     // add this page to the watch list of the contributor, on any action
     if (Surfer::get_id()) {
         Members::assign('article:' . $this->item['id'], 'user:'******'article:' . $this->item['id'], $this->item['active']);
     // always clear the cache, even on no update
     Articles::clear($this->item);
     // get the parent
     if (!$this->anchor) {
         $this->anchor = Anchors::get($this->item['anchor']);
     }
     // propagate the touch upwards
     if (is_object($this->anchor)) {
         $this->anchor->touch('article:update', $this->item['id'], TRUE);
     }
 }
Exemplo n.º 2
0
Arquivo: links.php Projeto: rair/yacs
 /**
  * check if new links can be added
  *
  * This function returns TRUE if links can be added to some place,
  * and FALSE otherwise.
  *
  * @param object an instance of the Anchor interface, if any
  * @param array a set of item attributes, if any
  * @param string the type of item, e.g., 'section'
  * @return boolean TRUE or FALSE
  */
 public static function allow_creation($item = NULL, $anchor = NULL, $variant = NULL)
 {
     global $context;
     // backward compatibility, reverse parameters :
     // $anchor is always a object and $item a array
     if (is_object($item) || is_array($anchor)) {
         $permute = $anchor;
         $anchor = $item;
         $item = $permute;
     }
     // guess the variant
     if (!$variant) {
         // most frequent case
         if (isset($item['id'])) {
             $variant = 'article';
         } elseif (is_object($anchor)) {
             $variant = $anchor->get_type();
         } else {
             return FALSE;
         }
     }
     // only in articles
     if ($variant == 'article') {
         // 'no_links' option
         if (Articles::has_option('no_links', $anchor, $item)) {
             return FALSE;
         }
         // other containers
     } else {
         // links have to be activated
         if (isset($item['options']) && is_string($item['options']) && preg_match('/\\bwith_links\\b/i', $item['options'])) {
         } elseif (!isset($item['id']) && is_object($anchor) && $anchor->has_option('with_links', FALSE)) {
         } else {
             return FALSE;
         }
     }
     // surfer is an associate
     if (Surfer::is_associate()) {
         return TRUE;
     }
     // submissions have been disallowed
     if (isset($context['users_without_submission']) && $context['users_without_submission'] == 'Y') {
         return FALSE;
     }
     // only in articles
     if ($variant == 'article') {
         // surfer owns this item, or the anchor
         if (Articles::is_owned($item, $anchor)) {
             return TRUE;
         }
         // surfer is an editor, and the page is not private
         if (isset($item['active']) && $item['active'] != 'N' && Articles::is_assigned($item['id'])) {
             return TRUE;
         }
         // only in sections
     } elseif ($variant == 'section') {
         // surfer owns this item, or the anchor
         if (Sections::is_owned($item, $anchor, TRUE)) {
             return TRUE;
         }
         // surfer is an editor, and the section is not private
         if (isset($item['active']) && $item['active'] != 'N' && Sections::is_assigned($item['id'])) {
             return TRUE;
         }
     }
     // surfer is an editor, and container is not private
     if (isset($item['active']) && $item['active'] != 'N' && is_object($anchor) && $anchor->is_assigned()) {
         return TRUE;
     }
     if (!isset($item['id']) && is_object($anchor) && !$anchor->is_hidden() && $anchor->is_assigned()) {
         return TRUE;
     }
     // item has been locked
     if (isset($item['locked']) && $item['locked'] == 'Y') {
         return FALSE;
     }
     // anchor has been locked --only used when there is no item provided
     if (!isset($item['id']) && is_object($anchor) && $anchor->has_option('locked')) {
         return FALSE;
     }
     // surfer is an editor (and item has not been locked)
     if ($variant == 'article' && isset($item['id']) && Articles::is_assigned($item['id'])) {
         return TRUE;
     }
     if ($variant == 'section' && isset($item['id']) && Sections::is_assigned($item['id'])) {
         return TRUE;
     }
     if (is_object($anchor) && $anchor->is_assigned()) {
         return TRUE;
     }
     // container is hidden
     if (isset($item['active']) && $item['active'] == 'N') {
         return FALSE;
     }
     if (is_object($anchor) && $anchor->is_hidden()) {
         return FALSE;
     }
     // authenticated members and subscribers are allowed to add links
     if (Surfer::is_logged()) {
         return TRUE;
     }
     // container is restricted
     if (isset($item['active']) && $item['active'] == 'R') {
         return FALSE;
     }
     if (is_object($anchor) && !$anchor->is_public()) {
         return FALSE;
     }
     // anonymous contributions are allowed for articles
     if ($variant == 'article') {
         if (isset($item['options']) && preg_match('/\\banonymous_edit\\b/i', $item['options'])) {
             return TRUE;
         }
         if (is_object($anchor) && $anchor->has_option('anonymous_edit')) {
             return TRUE;
         }
     }
     // the default is to not allow for new links
     return FALSE;
 }
 /**
  * layout the newest articles
  *
  * caution: this function also updates page title directly, and this makes its call non-cacheable
  *
  * @param array the article
  * @return string the rendered text
  **/
 function layout_newest($item)
 {
     global $context;
     // get the related overlay, if any
     $overlay = Overlay::load($item, 'article:' . $item['id']);
     // get the anchor
     $anchor = Anchors::get($item['anchor']);
     // the url to view this item
     $url = Articles::get_permalink($item);
     // reset the rendering engine between items
     Codes::initialize($url);
     // build a title
     if (is_object($overlay)) {
         $title = Codes::beautify_title($overlay->get_text('title', $item));
     } else {
         $title = Codes::beautify_title($item['title']);
     }
     // title prefix & suffix
     $text = $prefix = $suffix = '';
     // flag articles updated recently
     if ($context['site_revisit_after'] < 1) {
         $context['site_revisit_after'] = 2;
     }
     $context['fresh'] = gmstrftime('%Y-%m-%d %H:%M:%S', mktime(0, 0, 0, date("m"), date("d") - $context['site_revisit_after'], date("Y")));
     // link to permalink
     if (Surfer::is_empowered()) {
         $title = Skin::build_box_title($title, $url, i18n::s('Permalink'));
     }
     // signal articles to be published
     if ($item['publish_date'] <= NULL_DATE) {
         $prefix .= DRAFT_FLAG;
     } else {
         if ($item['publish_date'] > NULL_DATE && $item['publish_date'] > $context['now']) {
             $prefix .= DRAFT_FLAG;
         }
     }
     // signal restricted and private articles
     if ($item['active'] == 'N') {
         $prefix .= PRIVATE_FLAG . ' ';
     } elseif ($item['active'] == 'R') {
         $prefix .= RESTRICTED_FLAG . ' ';
     }
     // signal locked articles
     if (isset($item['locked']) && $item['locked'] == 'Y' && Articles::is_owned($item, $anchor)) {
         $suffix .= LOCKED_FLAG;
     }
     // flag expired article
     if ($item['expiry_date'] > NULL_DATE && $item['expiry_date'] <= $context['now']) {
         $suffix .= EXPIRED_FLAG;
     }
     // update page title directly
     $text .= Skin::build_block($prefix . $title . $suffix, 'title');
     // if this article has a specific icon, use it
     if ($item['icon_url']) {
         $icon = $item['icon_url'];
     } elseif ($item['anchor'] && ($anchor = Anchors::get($item['anchor']))) {
         $icon = $anchor->get_icon_url();
     }
     // if we have a valid image
     if (preg_match('/(.gif|.jpg|.jpeg|.png)$/i', $icon)) {
         // fix relative path
         if (!preg_match('/^(\\/|http:|https:|ftp:)/', $icon)) {
             $icon = $context['url_to_root'] . $icon;
         }
         // flush the image on the right
         $text .= '<img src="' . $icon . '" class="right_image" alt="" />';
     }
     // article rating, if the anchor allows for it
     if (!is_object($anchor) || !$anchor->has_option('without_rating')) {
         // report on current rating
         $label = '';
         if ($item['rating_count']) {
             $label = Skin::build_rating_img((int) round($item['rating_sum'] / $item['rating_count'])) . ' ';
         }
         $label .= i18n::s('Rate this page');
         // allow for rating
         $text .= Skin::build_link(Articles::get_url($item['id'], 'like'), $label, 'basic');
     }
     // the introduction text, if any
     if (is_object($overlay)) {
         $text .= Skin::build_block($overlay->get_text('introduction', $item), 'introduction');
     } else {
         $text .= Skin::build_block($item['introduction'], 'introduction');
     }
     // insert overlay data, if any
     if (is_object($overlay)) {
         $text .= $overlay->get_text('view', $item);
     }
     // the beautified description, which is the actual page body
     if ($item['description']) {
         // use adequate label
         if (is_object($overlay) && ($label = $overlay->get_label('description'))) {
             $text .= Skin::build_block($label, 'title');
         }
         $text .= Skin::build_block($item['description'], 'description', '', $item['options']);
     }
     //
     // list related files
     //
     // if this surfer is an editor of this article, show hidden files as well
     if (Articles::is_assigned($item['id']) || is_object($anchor) && $anchor->is_assigned()) {
         Surfer::empower();
     }
     // build a complete box
     $box['bar'] = array();
     $box['text'] = '';
     // count the number of files in this article
     if ($count = Files::count_for_anchor('article:' . $item['id'])) {
         if ($count > 20) {
             $box['bar'] += array('_count' => sprintf(i18n::ns('%d file', '%d files', $count), $count));
         }
         // list files by date (default) or by title (option files_by_title)
         if (Articles::has_option('files_by', $anchor, $item) == 'title') {
             $items = Files::list_by_title_for_anchor('article:' . $item['id'], 0, FILES_PER_PAGE, 'article:' . $item['id']);
         } else {
             $items = Files::list_by_date_for_anchor('article:' . $item['id'], 0, FILES_PER_PAGE, 'article:' . $item['id']);
         }
         if (is_array($items)) {
             $box['text'] .= Skin::build_list($items, 'decorated');
         }
         // navigation commands for files
         $prefix = Articles::get_url($item['id'], 'navigate', 'files');
         $box['bar'] += Skin::navigate($url, $prefix, $count, FILES_PER_PAGE, 0);
         // the command to post a new file, if allowed
         if (Files::allow_creation($item, $anchor, 'article')) {
             $link = 'files/edit.php?anchor=' . urlencode('article:' . $item['id']);
             $box['bar'] += array($link => i18n::s('Add a file'));
         }
         if (is_array($box['bar'])) {
             $box['text'] .= Skin::build_list($box['bar'], 'menu_bar');
         }
     }
     // actually render the html for this box
     if ($box['text']) {
         $text .= Skin::build_box(i18n::s('Files'), $box['text'], 'header1', 'files');
     }
     //
     // bottom page menu
     //
     // discuss this page, if the index page can be commented, and comments are accepted at the article level
     if (Comments::allow_creation($item, $anchor)) {
         $this->menu[] = Skin::build_link(Comments::get_url('article:' . $item['id'], 'comment'), i18n::s('Post a comment'), 'span');
     }
     // info on related comments
     if ($count = Comments::count_for_anchor('article:' . $item['id'])) {
         $this->menu[] = Skin::build_link(Comments::get_url('article:' . $item['id'], 'list'), sprintf(i18n::ns('%d comment', '%d comments', $count), $count), 'span');
     }
     // new links are accepted at the index page and at the article level
     if (Links::allow_trackback()) {
         $this->menu[] = Skin::build_link('links/trackback.php?anchor=' . urlencode('article:' . $item['id']), i18n::s('Reference this page'), 'span');
     }
     // info on related links
     if ($count = Links::count_for_anchor('article:' . $item['id'])) {
         $this->menu[] = Skin::build_link($url . '#_attachments', sprintf(i18n::ns('%d link', '%d links', $count), $count), 'span');
     }
     // new files are accepted at the index page and at the article level
     if (is_object($anchor) && $anchor->has_option('with_files') && !($anchor->has_option('no_files') || preg_match('/\\bno_files\\b/i', $item['options']))) {
         // add a file
         if (Files::allow_creation($item, $anchor, 'article')) {
             if ($context['with_friendly_urls'] == 'Y') {
                 $link = 'files/edit.php/article/' . $item['id'];
             } else {
                 $link = 'files/edit.php?anchor=' . urlencode('article:' . $item['id']);
             }
             $this->menu[] = Skin::build_link($link, i18n::s('Add a file'), 'span');
         }
     }
     // modify this page
     if (Surfer::is_empowered()) {
         $this->menu[] = Skin::build_link(Articles::get_url($item['id'], 'edit'), i18n::s('Edit'), 'span');
     }
     // view permalink
     if (Surfer::is_empowered()) {
         $this->menu[] = Skin::build_link($url, i18n::s('Permalink'), 'span');
     }
     // insert overlay data, if any
     if (is_object($overlay)) {
         $text .= $overlay->get_text('trailer', $item);
     }
     // add trailer information from this item, if any
     if (isset($item['trailer']) && trim($item['trailer'])) {
         $text .= Codes::beautify($item['trailer']);
     }
     // returned the formatted content
     return $text;
 }
Exemplo n.º 4
0
Arquivo: view.php Projeto: rair/yacs
 //
 // links attached to this article
 //
 // the list of related links if not at another follow-up page
 if (!$zoom_type || $zoom_type == 'links') {
     // build a complete box
     $box = array('bar' => array(), 'text' => '');
     // a navigation bar for these links
     if ($count = Links::count_for_anchor('article:' . $item['id'])) {
         $attachments_count += $count;
         if ($count > 20) {
             $box['bar'] += array('_count' => sprintf(i18n::ns('%d link', '%d links', $count), $count));
         }
         // list links by date (default) or by title (option links_by_title)
         $offset = ($zoom_index - 1) * LINKS_PER_PAGE;
         if (Articles::has_option('links_by_title', $anchor, $item)) {
             $items = Links::list_by_title_for_anchor('article:' . $item['id'], $offset, LINKS_PER_PAGE);
         } else {
             $items = Links::list_by_date_for_anchor('article:' . $item['id'], $offset, LINKS_PER_PAGE);
         }
         // actually render the html
         if (is_array($items)) {
             $box['text'] .= Skin::build_list($items, 'decorated');
         } elseif (is_string($items)) {
             $box['text'] .= $items;
         }
         // navigation commands for links
         $home = Articles::get_permalink($item);
         $prefix = Articles::get_url($item['id'], 'navigate', 'links');
         $box['bar'] += Skin::navigate($home, $prefix, $count, LINKS_PER_PAGE, $zoom_index);
         // new links are allowed
Exemplo n.º 5
0
Arquivo: files.php Projeto: rair/yacs
 /**
  * check if new files can be added
  *
  * This function returns TRUE if files can be added to some place,
  * and FALSE otherwise.
  *
  * @param array a set of item attributes, if any
  * @param object an instance of the Anchor interface, if any
  * @param string the type of item, e.g., 'article' or 'section'
  * @return boolean TRUE or FALSE
  */
 public static function allow_creation($item = NULL, $anchor = NULL, $variant = NULL)
 {
     global $context;
     // guess the variant
     if (!$variant) {
         // most frequent case
         if (isset($item['id'])) {
             $variant = 'article';
         } elseif (is_object($anchor)) {
             $variant = $anchor->get_type();
         } else {
             return FALSE;
         }
     }
     // attach a file to an article
     if ($variant == 'article') {
         // 'no initial upload' option
         if (!isset($item['id']) && Articles::has_option('no_initial_upload', $anchor, $item)) {
             return FALSE;
         }
         // 'no files' option
         if (Articles::has_option('no_files', $anchor, $item)) {
             return FALSE;
         }
         // attach a file to a user profile
     } elseif ($variant == 'user') {
         // associates can always proceed
         if (Surfer::is_associate()) {
         } elseif (!is_object($anchor) || !Surfer::get_id()) {
             return FALSE;
         } elseif ($anchor->get_reference() != 'user:'******'options']) && is_string($item['options']) && preg_match('/\\bwith_files\\b/i', $item['options'])) {
         } elseif (!isset($item['id']) && is_object($anchor) && $anchor->has_option('with_files', FALSE)) {
         } else {
             return FALSE;
         }
     }
     // surfer is not allowed to upload a file
     if (!Surfer::may_upload()) {
         return FALSE;
     }
     // surfer is an associate
     if (Surfer::is_associate()) {
         return TRUE;
     }
     // submissions have been disallowed
     if (isset($context['users_without_submission']) && $context['users_without_submission'] == 'Y') {
         return FALSE;
     }
     // only in articles
     if ($variant == 'article') {
         // surfer owns this item, or the anchor
         if (Articles::is_owned($item, $anchor)) {
             return TRUE;
         }
         // surfer is an editor, and the page is not private
         if (isset($item['active']) && $item['active'] != 'N' && Articles::is_assigned($item['id'])) {
             return TRUE;
         }
         // only in sections
     } elseif ($variant == 'section') {
         // surfer owns this item, or the anchor
         if (Sections::is_owned($item, $anchor, TRUE)) {
             return TRUE;
         }
         // surfer is an editor, and the section is not private
         if (isset($item['active']) && $item['active'] != 'N' && Sections::is_assigned($item['id'])) {
             return TRUE;
         }
     }
     // surfer is an editor, and container is not private
     if (isset($item['active']) && $item['active'] != 'N' && is_object($anchor) && $anchor->is_assigned()) {
         return TRUE;
     }
     if (!isset($item['id']) && is_object($anchor) && !$anchor->is_hidden() && $anchor->is_assigned()) {
         return TRUE;
     }
     // item has been locked
     if (isset($item['locked']) && $item['locked'] == 'Y') {
         return FALSE;
     }
     // anchor has been locked --only used when there is no item provided
     if (!isset($item['id']) && is_object($anchor) && $anchor->has_option('locked')) {
         return FALSE;
     }
     // surfer is an editor (and item has not been locked)
     if ($variant == 'article' && isset($item['id']) && Articles::is_assigned($item['id'])) {
         return TRUE;
     }
     if ($variant == 'section' && isset($item['id']) && Sections::is_assigned($item['id'])) {
         return TRUE;
     }
     if (is_object($anchor) && $anchor->is_assigned()) {
         return TRUE;
     }
     // container is hidden
     if (isset($item['active']) && $item['active'] == 'N') {
         return FALSE;
     }
     if (is_object($anchor) && $anchor->is_hidden()) {
         return FALSE;
     }
     // authenticated members and subscribers are allowed to add files
     if (Surfer::is_logged()) {
         return TRUE;
     }
     // container is restricted
     if (isset($item['active']) && $item['active'] == 'R') {
         return FALSE;
     }
     if (is_object($anchor) && !$anchor->is_public()) {
         return FALSE;
     }
     // anonymous contributions are allowed for articles and for sections
     if ($variant == 'article' || $variant == 'section') {
         if (isset($item['options']) && preg_match('/\\banonymous_edit\\b/i', $item['options'])) {
             return TRUE;
         }
         if (is_object($anchor) && $anchor->has_option('anonymous_edit')) {
             return TRUE;
         }
     }
     // the default is to not allow for new files
     return FALSE;
 }
Exemplo n.º 6
0
 /**
  * list articles
  *
  * @param resource the SQL result
  * @return a string to be displayed
  *
  * @see layouts/layout.php
  **/
 function layout($result)
 {
     global $context;
     // we return some text
     $text = '';
     // empty list
     if (!SQL::count($result)) {
         return $text;
     }
     // no hovering label
     $href_title = '';
     // we build an array for the skin::build_tabs() function
     $panels = array();
     // process all items in the list
     while ($item = SQL::fetch($result)) {
         // get the main anchor
         $anchor = Anchors::get($item['anchor']);
         // get the related overlay, if any
         $overlay = Overlay::load($item, 'article:' . $item['id']);
         // panel content
         $text = '';
         // insert anchor prefix
         if (is_object($anchor)) {
             $text .= $anchor->get_prefix();
         }
         // the introduction text, if any
         if (is_object($overlay)) {
             $text .= Skin::build_block($overlay->get_text('introduction', $item), 'introduction');
         } elseif (isset($item['introduction']) && trim($item['introduction'])) {
             $text .= Skin::build_block($item['introduction'], 'introduction');
         }
         // get text related to the overlay, if any
         if (is_object($overlay)) {
             $text .= $overlay->get_text('view', $item);
         }
         // filter description, if necessary
         if (is_object($overlay)) {
             $description = $overlay->get_text('description', $item);
         } else {
             $description = $item['description'];
         }
         // the beautified description, which is the actual page body
         if ($description) {
             // use adequate label
             if (is_object($overlay) && ($label = $overlay->get_label('description'))) {
                 $text .= Skin::build_block($label, 'title');
             }
             // beautify the target page
             $text .= Skin::build_block($description, 'description', '', $item['options']);
         }
         // list files only to people able to change the page
         if (Articles::allow_modification($item, $anchor)) {
             $embedded = NULL;
         } else {
             $embedded = Codes::list_embedded($item['description']);
         }
         // build a complete box
         $box = array('bar' => array(), 'text' => '');
         // count the number of files in this article
         if ($count = Files::count_for_anchor('article:' . $item['id'], FALSE, $embedded)) {
             if ($count > 20) {
                 $box['bar'] += array('_count' => sprintf(i18n::ns('%d file', '%d files', $count), $count));
             }
             // list files by date (default) or by title (option files_by_title)
             $offset = ($zoom_index - 1) * FILES_PER_PAGE;
             if (Articles::has_option('files_by', $anchor, $item) == 'title') {
                 $items = Files::list_by_title_for_anchor('article:' . $item['id'], 0, 300, 'article:' . $item['id'], $embedded);
             } else {
                 $items = Files::list_by_date_for_anchor('article:' . $item['id'], 0, 300, 'article:' . $item['id'], $embedded);
             }
             // actually render the html
             if (is_array($items)) {
                 $box['text'] .= Skin::build_list($items, 'decorated');
             } elseif (is_string($items)) {
                 $box['text'] .= $items;
             }
             // the command to post a new file
             if (Files::allow_creation($item, $anchor, 'article')) {
                 Skin::define_img('FILES_UPLOAD_IMG', 'files/upload.gif');
                 $box['bar'] += array('files/edit.php?anchor=' . urlencode('article:' . $item['id']) => FILES_UPLOAD_IMG . i18n::s('Add a file'));
             }
         }
         // some files have been attached to this page
         if ($page == 1 && $count > 1) {
             // the command to download all files
             $link = 'files/fetch_all.php?anchor=' . urlencode('article:' . $item['id']);
             if ($count > 20) {
                 $label = i18n::s('Zip 20 first files');
             } else {
                 $label = i18n::s('Zip all files');
             }
             $box['bar'] += array($link => $label);
         }
         // there is some box content
         if ($box['text']) {
             $text .= Skin::build_content('files', i18n::s('Files'), $box['text'], $box['bar']);
         }
         // list of comments
         $title_label = '';
         if (is_object($anchor)) {
             $title_label = ucfirst($overlay->get_label('list_title', 'comments'));
         }
         if (!$title_label) {
             $title_label = i18n::s('Comments');
         }
         // no layout yet
         $layout = NULL;
         // label to create a comment
         $add_label = '';
         if (is_object($overlay)) {
             $add_label = $overlay->get_label('new_command', 'comments');
         }
         if (!$add_label) {
             $add_label = i18n::s('Post a comment');
         }
         // get a layout from anchor
         $layout =& Comments::get_layout($anchor, $item);
         // provide author information to layout
         if (is_object($layout) && isset($item['create_id']) && $item['create_id']) {
             $layout->set_focus('user:'******'create_id']);
         }
         // the maximum number of comments per page
         if (is_object($layout)) {
             $items_per_page = $layout->items_per_page();
         } else {
             $items_per_page = COMMENTS_PER_PAGE;
         }
         // the first comment to list
         $offset = 0;
         if (is_object($layout) && method_exists($layout, 'set_offset')) {
             $layout->set_offset($offset);
         }
         // build a complete box
         $box = array('bar' => array(), 'prefix_bar' => array(), 'text' => '');
         // feed the wall
         if (Comments::allow_creation($item, $anchor)) {
             $box['text'] .= Comments::get_form('article:' . $item['id']);
         }
         // a navigation bar for these comments
         if ($count = Comments::count_for_anchor('article:' . $item['id'])) {
             if ($count > 20) {
                 $box['bar'] += array('_count' => sprintf(i18n::ns('%d comment', '%d comments', $count), $count));
             }
             // list comments by date
             $items = Comments::list_by_date_for_anchor('article:' . $item['id'], $offset, $items_per_page, $layout, TRUE);
             // actually render the html
             if (is_array($items)) {
                 $box['text'] .= Skin::build_list($items, 'rows');
             } elseif (is_string($items)) {
                 $box['text'] .= $items;
             }
             // navigation commands for comments
             $prefix = Comments::get_url('article:' . $item['id'], 'navigate');
             $box['bar'] = array_merge($box['bar'], Skin::navigate(NULL, $prefix, $count, $items_per_page, $zoom_index));
         }
         // ensure that the surfer can change content
         if (Articles::allow_modification($item, $anchor)) {
             // view or modify this section
             $menu = array();
             $box['bar'] += array(Articles::get_permalink($item) => i18n::s('View the page'));
             if (!is_object($overlay) || !($label = $overlay->get_label('edit_command', 'articles'))) {
                 $label = i18n::s('Edit this page');
             }
             $box['bar'] += array(Articles::get_url($item['id'], 'edit') => $label);
         }
         // show commands
         if (count($box['bar'])) {
             // commands before the box
             $box['text'] = Skin::build_list($box['prefix_bar'], 'menu_bar') . $box['text'];
             // append the menu bar at the end
             $box['text'] .= Skin::build_list($box['bar'], 'menu_bar');
         }
         // build a box
         if ($box['text']) {
             // put a title if there are other titles or if more than 2048 chars
             $title = '';
             if (preg_match('/(<h1|<h2|<h3|<table|\\[title|\\[subtitle)/i', $context['text'] . $text) || strlen($context['text'] . $text) > 2048) {
                 $title = $title_label;
             }
             // insert a full box
             $text .= Skin::build_box($title, $box['text'], 'header1', 'comments');
         }
         // assemble the full panel
         $panels[] = array('att' . $item['id'], ucfirst(Skin::strip($item['title'], 30)), 'atc' . $item['id'], $text);
     }
     // there is some box content
     if (trim($box['text'])) {
         $text .= $box['text'];
     }
     // format tabs
     $text = Skin::build_tabs($panels);
     // end of processing
     SQL::free($result);
     return $text;
 }
Exemplo n.º 7
0
Arquivo: move.php Projeto: rair/yacs
    Safe::header('Status: 401 Unauthorized', TRUE, 401);
    Logger::error(i18n::s('You are not allowed to perform this operation.'));
    // maybe this article cannot be modified anymore
} elseif (isset($item['locked']) && $item['locked'] == 'Y' && !Surfer::is_empowered()) {
    Safe::header('Status: 401 Unauthorized', TRUE, 401);
    Logger::error(i18n::s('This page has been locked.'));
    // do the job
} else {
    // attributes to change
    $fields = array();
    $fields['id'] = $item['id'];
    $fields['anchor'] = $destination->get_reference();
    // do the change
    if (Articles::put_attributes($fields)) {
        // only when comments are allowed
        if (!Articles::has_option('no_comments', $anchor, $item)) {
            // add a comment to make the move explicit
            include_once $context['path_to_root'] . 'comments/comments.php';
            $fields = array();
            $fields['anchor'] = 'article:' . $item['id'];
            $fields['description'] = sprintf(i18n::s('Moved by %s from %s to %s'), Surfer::get_name(), $anchor->get_title(), $destination->get_title());
            Comments::post($fields);
        }
        // update previous container
        Cache::clear($anchor->get_reference());
        // switch to the updated page
        Safe::redirect(Articles::get_permalink($item));
    }
}
// render the skin
render_skin();
Exemplo n.º 8
0
 /**
  * check if an article can be modified
  *
  * This function returns TRUE if the page can be modified,
  * and FALSE otherwise.
  *
  * @param array a set of item attributes, aka, the target article
  * @param object an instance of the Anchor interface
  * @return TRUE or FALSE
  */
 public static function allow_modification($item, $anchor)
 {
     global $context;
     // sanity check
     if (!isset($item['id']) && !$anchor) {
         return FALSE;
     }
     // surfer is an associate
     if (Surfer::is_associate()) {
         return TRUE;
     }
     // ensure access rights
     if (!Articles::allow_access($item, $anchor)) {
         return FALSE;
     }
     // submissions have been disallowed
     if (isset($context['users_without_submission']) && $context['users_without_submission'] == 'Y') {
         return FALSE;
     }
     // surfer owns the container or the article
     if (Articles::is_owned($item, $anchor)) {
         return TRUE;
     }
     // allow section editors to manage content, except on private sections
     if (Surfer::is_member() && is_object($anchor) && !$anchor->is_hidden() && $anchor->is_assigned()) {
         return TRUE;
     }
     // allow page editors to manage content, except on private page
     if (Surfer::is_member() && $item['active'] != 'N' && Articles::is_assigned($item['id'])) {
         return TRUE;
     }
     // article has been locked
     if (isset($item['locked']) && $item['locked'] == 'Y') {
         return FALSE;
     }
     // maybe this anonymous surfer is allowed to handle this item
     if (isset($item['handle']) && Surfer::may_handle($item['handle'])) {
         return TRUE;
     }
     // community wiki
     if (Surfer::is_logged() && Articles::has_option('members_edit', $anchor, $item)) {
         return TRUE;
     }
     // public wiki
     if (Articles::has_option('anonymous_edit', $anchor, $item)) {
         return TRUE;
     }
     // default case
     return FALSE;
 }
Exemplo n.º 9
0
 /**
  * list articles as a daily weblog do
  *
  * @param resource the SQL result
  * @return string the rendered text
  *
  * @see layouts/layout.php
  **/
 function layout($result)
 {
     global $context;
     // we return some text
     $text = '';
     // empty list
     if (!SQL::count($result)) {
         if (Surfer::is_associate()) {
             $text .= '<p>' . sprintf(i18n::s('Use the %s to populate this server.'), Skin::build_link('help/populate.php', i18n::s('Content Assistant'), 'shortcut')) . '</p>';
         }
         return $text;
     }
     // build a list of articles
     include_once $context['path_to_root'] . 'comments/comments.php';
     include_once $context['path_to_root'] . 'links/links.php';
     while ($item = SQL::fetch($result)) {
         // three components per box
         $box = array();
         $box['date'] = '';
         $box['title'] = '';
         $box['content'] = '';
         // get the related overlay, if any
         $overlay = Overlay::load($item, 'article:' . $item['id']);
         // get the anchor
         $anchor = Anchors::get($item['anchor']);
         // permalink
         $url = Articles::get_permalink($item);
         // make a live title
         if (is_object($overlay)) {
             $box['title'] .= Codes::beautify_title($overlay->get_text('title', $item));
         } else {
             $box['title'] .= Codes::beautify_title($item['title']);
         }
         // make a clickable title
         $box['title'] = Skin::build_link($url, $box['title'], 'basic');
         // signal restricted and private articles
         if ($item['active'] == 'N') {
             $box['title'] = PRIVATE_FLAG . $box['title'];
         } elseif ($item['active'] == 'R') {
             $box['title'] = RESTRICTED_FLAG . $box['title'];
         }
         // flag articles updated recently
         if ($item['expiry_date'] > NULL_DATE && $item['expiry_date'] <= $context['now']) {
             $box['title'] .= EXPIRED_FLAG;
         } elseif ($item['create_date'] >= $context['fresh']) {
             $box['title'] .= NEW_FLAG;
         } elseif ($item['edit_date'] >= $context['fresh']) {
             $box['title'] .= UPDATED_FLAG;
         }
         // what's the date of publication?
         if (isset($item['publish_date']) && $item['publish_date'] > NULL_DATE) {
             $box['date'] .= Skin::build_date($item['publish_date'], 'publishing');
         }
         // the icon to put aside - never use anchor images
         if ($item['icon_url']) {
             $box['content'] .= '<a href="' . $context['url_to_root'] . $url . '"><img src="' . $item['icon_url'] . '" class="left_image" alt="" /></a>';
         }
         // details
         $details = array();
         // rating
         if ($item['rating_count'] && !(is_object($anchor) && $anchor->has_option('without_rating'))) {
             $details[] = Skin::build_link(Articles::get_url($item['id'], 'like'), Skin::build_rating_img((int) round($item['rating_sum'] / $item['rating_count'])), 'basic');
         }
         // show details
         if (count($details)) {
             $box['content'] .= '<p class="details">' . implode(' ~ ', $details) . '</p>' . "\n";
         }
         // list categories by title, if any
         if ($items = Members::list_categories_by_title_for_member('article:' . $item['id'], 0, 7, 'raw')) {
             $tags = array();
             foreach ($items as $id => $attributes) {
                 // add background color to distinguish this category against others
                 if (isset($attributes['background_color']) && $attributes['background_color']) {
                     $attributes['title'] = '<span style="background-color: ' . $attributes['background_color'] . '; padding: 0 3px 0 3px;">' . $attributes['title'] . '</span>';
                 }
                 $tags[] = Skin::build_link(Categories::get_permalink($attributes), $attributes['title'], 'basic');
             }
             $box['content'] .= '<p class="tags">' . implode(' ', $tags) . '</p>';
         }
         // the introduction text, if any
         if (is_object($overlay)) {
             $box['content'] .= Skin::build_block($overlay->get_text('introduction', $item), 'introduction');
         } else {
             $box['content'] .= Skin::build_block($item['introduction'], 'introduction');
         }
         // insert overlay data, if any
         if (is_object($overlay)) {
             $box['content'] .= $overlay->get_text('list', $item);
         }
         // the description
         $box['content'] .= Skin::build_block($item['description'], 'description', '', $item['options']);
         // a compact list of attached files
         if ($count = Files::count_for_anchor('article:' . $item['id'])) {
             // list files by date (default) or by title (option files_by_title)
             if (Articles::has_option('files_by', $anchor, $item) == 'title') {
                 $items = Files::list_by_title_for_anchor('article:' . $item['id'], 0, FILES_PER_PAGE, 'compact');
             } else {
                 $items = Files::list_by_date_for_anchor('article:' . $item['id'], 0, FILES_PER_PAGE, 'compact');
             }
             if (is_array($items)) {
                 $items = Skin::build_list($items, 'compact');
             }
             if ($items) {
                 $box['content'] .= Skin::build_box(i18n::s('Files'), $items, 'header2');
             }
         }
         // build a menu
         $menu = array();
         // read the article
         $menu[] = Skin::build_link($url, i18n::s('Permalink'), 'span');
         // info on related files
         if ($count) {
             $menu[] = Skin::build_link($url . '#_attachments', sprintf(i18n::ns('%d file', '%d files', $count), $count), 'span');
         }
         // info on related comments
         if ($count = Comments::count_for_anchor('article:' . $item['id'])) {
             $menu[] = Skin::build_link(Comments::get_url('article:' . $item['id'], 'list'), sprintf(i18n::ns('%d comment', '%d comments', $count), $count), 'span');
         }
         // comment
         if (Comments::allow_creation($item, $anchor)) {
             $menu[] = Skin::build_link(Comments::get_url('article:' . $item['id'], 'comment'), i18n::s('Discuss'), 'span');
         }
         // info on related links
         if ($count = Links::count_for_anchor('article:' . $item['id'], TRUE)) {
             $menu[] = Skin::build_link($url . '#_attachments', sprintf(i18n::ns('%d link', '%d links', $count), $count), 'span');
         }
         // trackback
         if (Links::allow_trackback()) {
             $menu[] = Skin::build_link('links/trackback.php?anchor=' . urlencode('article:' . $item['id']), i18n::s('Reference this page'), 'span');
         }
         // a menu bar
         if (count($menu)) {
             $box['content'] .= '<div class="menu_bar" style="clear: left;">' . MENU_PREFIX . implode(MENU_SEPARATOR, $menu) . MENU_SUFFIX . "</div>\n";
         }
         // build a simple box for this post
         $text .= '<div class="post">' . '<div class="date">' . $box['date'] . '</div>' . '<h2><span>' . $box['title'] . '</span></h2>' . '<div class="content">' . $box['content'] . '</div>' . '</div>';
     }
     // end of processing
     SQL::free($result);
     return $text;
 }
Exemplo n.º 10
0
Arquivo: images.php Projeto: rair/yacs
 /**
  * check if new images can be added
  *
  * This function returns TRUE if images can be added to some place,
  * and FALSE otherwise.
  *
  * @param object an instance of the Anchor interface, if any
  * @param array a set of item attributes, if any
  * @param string the type of item, e.g., 'section'
  * @return TRUE or FALSE
  */
 public static function allow_creation($item = NULL, $anchor = NULL, $variant = NULL)
 {
     global $context;
     // backward compatibility, reverse parameters :
     // $anchor is always a object and $item a array
     if (is_object($item) || is_array($anchor)) {
         $permute = $anchor;
         $anchor = $item;
         $item = $permute;
     }
     // guess the variant
     if (!$variant) {
         // most frequent case
         if (isset($item['id'])) {
             $variant = 'article';
         } elseif (is_object($anchor)) {
             $variant = $anchor->get_type();
         } else {
             return FALSE;
         }
     }
     // only in articles
     if ($variant == 'article') {
         // 'no images' option
         if (Articles::has_option('no_images', $anchor, $item)) {
             return FALSE;
         }
         // other containers
     } else {
         // in item
         if (isset($item['options']) && is_string($item['options']) && preg_match('/\\bno_images\\b/i', $item['options'])) {
             return FALSE;
         }
         // in container
         if (is_object($anchor) && $anchor->has_option('no_images', FALSE)) {
             return FALSE;
         }
     }
     // surfer is not allowed to upload a file
     if (!Surfer::may_upload()) {
         return FALSE;
     }
     // surfer is an associate
     if (Surfer::is_associate()) {
         return TRUE;
     }
     // submissions have been disallowed
     if (isset($context['users_without_submission']) && $context['users_without_submission'] == 'Y') {
         return FALSE;
     }
     // only in articles
     if ($variant == 'article') {
         // surfer is entitled to change content
         if (Articles::allow_modification($item, $anchor)) {
             return TRUE;
         }
         // surfer is an editor, and the page is not private
         if (isset($item['active']) && $item['active'] != 'N' && Articles::is_assigned($item['id'])) {
             return TRUE;
         }
         if (is_object($anchor) && !$anchor->is_hidden() && $anchor->is_assigned()) {
             return TRUE;
         }
         // only in iles
     } elseif ($variant == 'file') {
         // surfer owns the anchor
         if (is_object($anchor) && $anchor->is_owned()) {
             return TRUE;
         }
         // only in sections
     } elseif ($variant == 'section') {
         // surfer is entitled to change content
         if (Sections::allow_modification($item, $anchor)) {
             return TRUE;
         }
         // only in user profiles
     } elseif ($variant == 'user') {
         // the item is anchored to the profile of this member
         if (Surfer::get_id() && is_object($anchor) && !strcmp($anchor->get_reference(), 'user:'******'id']) && Surfer::is($item['id'])) {
             return TRUE;
         }
     }
     // item has been locked
     if (isset($item['locked']) && $item['locked'] == 'Y') {
         return FALSE;
     }
     // anchor has been locked --only used when there is no item provided
     if (!isset($item['id']) && is_object($anchor) && $anchor->has_option('locked')) {
         return FALSE;
     }
     // not for subscribers
     if (Surfer::is_member()) {
         // surfer is an editor (and item has not been locked)
         if ($variant == 'article' && isset($item['id']) && Articles::is_assigned($item['id'])) {
             return TRUE;
         }
         // surfer is assigned to parent container
         if (is_object($anchor) && $anchor->is_assigned()) {
             return TRUE;
         }
     }
     // container is hidden
     if (isset($item['active']) && $item['active'] == 'N') {
         return FALSE;
     }
     if (is_object($anchor) && $anchor->is_hidden()) {
         return FALSE;
     }
     // authenticated members are allowed to add images to pages
     if ($variant == 'article' && Surfer::is_logged()) {
         return TRUE;
     }
     // container is restricted
     if (isset($item['active']) && $item['active'] == 'R') {
         return FALSE;
     }
     if (is_object($anchor) && !$anchor->is_public()) {
         return FALSE;
     }
     // anonymous contributions are allowed for articles
     if ($variant == 'article') {
         if (isset($item['options']) && preg_match('/\\banonymous_edit\\b/i', $item['options'])) {
             return TRUE;
         }
         if (is_object($anchor) && $anchor->has_option('anonymous_edit')) {
             return TRUE;
         }
     }
     // the default is to not allow for new images
     return FALSE;
 }
Exemplo n.º 11
0
// look for the action
$action = NULL;
if (isset($_REQUEST['action'])) {
    $action = $_REQUEST['action'];
} elseif (isset($context['arguments'][1])) {
    $action = $context['arguments'][1];
}
$action = strip_tags($action);
// maybe this anonymous surfer is allowed to handle this item
if (isset($item['handle']) && Surfer::may_handle($item['handle'])) {
    Surfer::empower();
} elseif (isset($item['id']) && Articles::is_assigned($item['id']) || is_object($anchor) && $anchor->is_assigned()) {
    Surfer::empower();
} elseif (Articles::has_option('anonymous_edit', $anchor, $item)) {
    Surfer::empower();
} elseif (Surfer::is_member() && Articles::has_option('members_edit', $anchor, $item)) {
    Surfer::empower();
}
// associates and editors can do what they want
if (Surfer::is_empowered()) {
    $permitted = TRUE;
} else {
    $permitted = FALSE;
}
// no not kill script validation
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'HEAD') {
    return;
}
// not found -- help web crawlers
if (!isset($item['id'])) {
    Safe::header('Status: 404 Not Found', TRUE, 404);