Exemplo n.º 1
0
 function submit_new_entry($cp_call = TRUE)
 {
     global $IN, $PREFS, $OUT, $LANG, $FNS, $LOC, $DSP, $DB, $SESS, $STAT, $REGX, $EXT;
     $url_title = '';
     $tb_format = 'xhtml';
     $tb_errors = FALSE;
     $ping_errors = FALSE;
     $revision_post = $_POST;
     $return_url = !$IN->GBL('return_url', 'POST') ? '' : $IN->GBL('return_url');
     unset($_POST['return_url']);
     if ($PREFS->ini('site_pages') !== FALSE) {
         $LANG->fetch_language_file('pages');
     }
     if (!($weblog_id = $IN->GBL('weblog_id', 'POST')) or !is_numeric($weblog_id)) {
         return false;
     }
     $assigned_weblogs = $FNS->fetch_assigned_weblogs();
     /** ----------------------------------------------
         /**  Security check
         /** ---------------------------------------------*/
     if (!in_array($weblog_id, $assigned_weblogs)) {
         return false;
     }
     // -------------------------------------------
     // 'submit_new_entry_start' hook.
     //  - Add More Stuff to do when you first submit an entry
     //  - Added 1.4.2
     //
     $edata = $EXT->call_extension('submit_new_entry_start');
     if ($EXT->end_script === TRUE) {
         return;
     }
     //
     // -------------------------------------------
     /** -----------------------------
         /**  Does entry ID exist?  And is valid for this weblog?
         /** -----------------------------*/
     if (($entry_id = $IN->GBL('entry_id', 'POST')) !== FALSE && is_numeric($entry_id)) {
         // we grab the author_id now as we use it later for author validation
         $query = $DB->query("SELECT entry_id, author_id FROM exp_weblog_titles WHERE entry_id = '" . $DB->escape_str($entry_id) . "' AND weblog_id = '" . $DB->escape_str($weblog_id) . "'");
         if ($query->num_rows != 1) {
             return FALSE;
         } else {
             $entry_id = $query->row['entry_id'];
             $orig_author_id = $query->row['author_id'];
         }
     } else {
         $entry_id = '';
     }
     /** -----------------------------
         /**  Weblog Switch?
         /** -----------------------------*/
     $old_weblog = '';
     if (($new_weblog = $IN->GBL('new_weblog', 'POST')) !== FALSE && $new_weblog != $weblog_id) {
         $query = $DB->query("SELECT status_group, cat_group, field_group, weblog_id \n        \t\t\t\t\t\t FROM exp_weblogs \n        \t\t\t\t\t\t WHERE weblog_id IN ('" . $DB->escape_str($weblog_id) . "', '" . $DB->escape_str($new_weblog) . "')");
         if ($query->num_rows == 2) {
             if ($query->result['0']['status_group'] == $query->result['1']['status_group'] && $query->result['0']['cat_group'] == $query->result['1']['cat_group'] && $query->result['0']['field_group'] == $query->result['1']['field_group']) {
                 if ($SESS->userdata['group_id'] == 1) {
                     $old_weblog = $weblog_id;
                     $weblog_id = $new_weblog;
                 } else {
                     $assigned_weblogs = $FNS->fetch_assigned_weblogs();
                     if (in_array($new_weblog, $assigned_weblogs)) {
                         $old_weblog = $weblog_id;
                         $weblog_id = $new_weblog;
                     }
                 }
             }
         }
     }
     /** -----------------------------
         /**  Fetch Weblog Prefs
         /** -----------------------------*/
     $query = $DB->query("SELECT blog_title, blog_url, comment_url, deft_status, enable_versioning,  enable_qucksave_versioning, max_revisions, weblog_notify, weblog_notify_emails, ping_return_url, rss_url, tb_return_url, trackback_field, comment_system_enabled, trackback_system_enabled FROM exp_weblogs WHERE weblog_id = '" . $weblog_id . "'");
     $blog_title = $REGX->ascii_to_entities($query->row['blog_title']);
     $blog_url = $query->row['blog_url'];
     $ping_url = $query->row['ping_return_url'] == '' ? $query->row['blog_url'] : $query->row['ping_return_url'];
     $tb_url = $query->row['tb_return_url'] == '' ? $query->row['blog_url'] : $query->row['tb_return_url'];
     $rss_url = $query->row['rss_url'];
     $deft_status = $query->row['deft_status'];
     $comment_url = $query->row['comment_url'];
     $trackback_field = $query->row['trackback_field'];
     $comment_system_enabled = $query->row['comment_system_enabled'];
     $trackback_system_enabled = $query->row['trackback_system_enabled'];
     $notify_address = ($query->row['weblog_notify'] == 'y' and $query->row['weblog_notify_emails'] != '') ? $query->row['weblog_notify_emails'] : '';
     $enable_versioning = $query->row['enable_versioning'];
     $enable_qucksave_versioning = $query->row['enable_qucksave_versioning'];
     $max_revisions = $query->row['max_revisions'];
     /** -----------------------------
         /**  Error trapping
         /** -----------------------------*/
     $error = array();
     // Fetch language file
     $LANG->fetch_language_file('publish_ad');
     /** ---------------------------------
         /**  No entry title? Assign error.
         /** ---------------------------------*/
     if (!($title = strip_tags(trim(stripslashes($IN->GBL('title', 'POST')))))) {
         $error[] = $LANG->line('missing_title');
     }
     /** ---------------------------------------------
         /**  No date? Assign error.
         /** ---------------------------------------------*/
     if (!$IN->GBL('entry_date', 'POST')) {
         $error[] = $LANG->line('missing_date');
     }
     /** ---------------------------------------------
         /**  Convert the date to a Unix timestamp
         /** ---------------------------------------------*/
     $entry_date = $LOC->convert_human_date_to_gmt($IN->GBL('entry_date', 'POST'));
     if (!is_numeric($entry_date)) {
         // Localize::convert_human_date_to_gmt() returns verbose errors
         if ($entry_date !== FALSE) {
             $error[] = $entry_date . NBS . NBS . '(' . $LANG->line('entry_date') . ')';
         } else {
             $error[] = $LANG->line('invalid_date_formatting');
         }
     }
     /** ---------------------------------------------
         /**  Convert expiration date to a Unix timestamp
         /** ---------------------------------------------*/
     if (!$IN->GBL('expiration_date', 'POST')) {
         $expiration_date = 0;
     } else {
         $expiration_date = $LOC->convert_human_date_to_gmt($IN->GBL('expiration_date', 'POST'));
         if (!is_numeric($expiration_date)) {
             // Localize::convert_human_date_to_gmt() returns verbose errors
             if ($expiration_date !== FALSE) {
                 $error[] = $expiration_date . NBS . NBS . '(' . $LANG->line('expiration_date') . ')';
             } else {
                 $error[] = $LANG->line('invalid_date_formatting');
             }
         }
     }
     /** ---------------------------------------------
         /**  Convert comment expiration date timestamp
         /** ---------------------------------------------*/
     if (!$IN->GBL('comment_expiration_date', 'POST')) {
         $comment_expiration_date = 0;
     } else {
         $comment_expiration_date = $LOC->convert_human_date_to_gmt($IN->GBL('comment_expiration_date', 'POST'));
         if (!is_numeric($comment_expiration_date)) {
             // Localize::convert_human_date_to_gmt() returns verbose errors
             if ($comment_expiration_date !== FALSE) {
                 $error[] = $comment_expiration_date . NBS . NBS . '(' . $LANG->line('comment_expiration_date') . ')';
             } else {
                 $error[] = $LANG->line('invalid_date_formatting');
             }
         }
     }
     /** --------------------------------------
         /**  Are all requred fields filled out?
         /** --------------------------------------*/
     $query = $DB->query("SELECT field_id, field_label FROM exp_weblog_fields WHERE field_required = 'y'");
     if ($query->num_rows > 0) {
         foreach ($query->result as $row) {
             if (isset($_POST['field_id_' . $row['field_id']]) and $_POST['field_id_' . $row['field_id']] == '') {
                 $error[] = $LANG->line('custom_field_empty') . NBS . $row['field_label'];
             }
         }
     }
     /** --------------------------------------
         /**  Are there any custom date fields?
         /** --------------------------------------*/
     $query = $DB->query("SELECT field_id, field_label FROM exp_weblog_fields WHERE field_type = 'date'");
     if ($query->num_rows > 0) {
         foreach ($query->result as $row) {
             if (isset($_POST['field_id_' . $row['field_id']]) and $_POST['field_id_' . $row['field_id']] != '') {
                 $_POST['field_ft_' . $row['field_id']] = 'none';
                 $custom_date = $LOC->convert_human_date_to_gmt($_POST['field_id_' . $row['field_id']]);
                 if (!is_numeric($custom_date)) {
                     // Localize::convert_human_date_to_gmt() returns verbose errors
                     if ($custom_date !== FALSE) {
                         $error[] = $custom_date . NBS . NBS . '(' . $row['field_label'] . ')';
                     } else {
                         $error[] = $LANG->line('invalid_date_formatting');
                     }
                 } else {
                     $custom_date = $LOC->offset_entry_dst($custom_date, $IN->GBL('dst_enabled', 'POST'));
                     $_POST['field_id_' . $row['field_id']] = $custom_date;
                     if (!isset($_POST['field_offset_' . $row['field_id']])) {
                         $_POST['field_dt_' . $row['field_id']] = '';
                     } else {
                         if ($_POST['field_offset_' . $row['field_id']] == 'y') {
                             $_POST['field_dt_' . $row['field_id']] = '';
                         } else {
                             $_POST['field_dt_' . $row['field_id']] = $SESS->userdata('timezone');
                         }
                     }
                 }
             }
         }
     }
     /** ---------------------------------
         /**  Fetch xml-rpc ping server IDs
         /** ---------------------------------*/
     $ping_servers = array();
     foreach ($_POST as $key => $val) {
         if (strstr($key, 'ping') and !is_array($val)) {
             $ping_servers[] = $val;
             unset($_POST[$key]);
         }
     }
     /** -------------------------------------
         /**  Pre-process Trackback data
         /** -------------------------------------*/
     // If the weblog submission was via the bookmarklet we need to fetch the trackback URLs
     $tb_auto_urls = '';
     if ($IN->GBL('BK', 'GP')) {
         foreach ($_POST as $key => $val) {
             if (preg_match('#^TB_AUTO_#', $key)) {
                 $tb_auto_urls .= $val . NL;
             }
         }
     }
     // Join the manually submitted trackbacks with the auto-disovered ones
     $trackback_urls = $IN->GBL('trackback_urls');
     if ($tb_auto_urls != '') {
         $trackback_urls .= NL . $tb_auto_urls;
     }
     /** --------------------------------------
         /**  Is weblog data present?
         /** --------------------------------------*/
     // In order to send pings or trackbacks, the weblog needs a title and URL
     if ($trackback_urls != '' && ($blog_title == '' || $tb_url == '')) {
         $error[] = $LANG->line('missing_weblog_data_for_pings');
     }
     if (count($ping_servers) > 0 && ($blog_title == '' || $ping_url == '')) {
         $error[] = $LANG->line('missing_weblog_data_for_pings');
     }
     /** --------------------------------------
         /**  Is the title unique?
         /** --------------------------------------*/
     if ($title != '') {
         /** ---------------------------------
             /**  Do we have a URL title?
             /** ---------------------------------*/
         // If not, create one from the title
         $url_title = $IN->GBL('url_title');
         if (!$url_title) {
             $url_title = $REGX->create_url_title($title, TRUE);
         }
         // Kill all the extraneous characters.
         // We want the URL title to pure alpha text
         if ($entry_id != '') {
             $url_query = $DB->query("SELECT url_title FROM exp_weblog_titles WHERE entry_id = '{$entry_id}'");
             if ($url_query->row['url_title'] != $url_title) {
                 $url_title = $REGX->create_url_title($url_title);
             }
         } else {
             $url_title = $REGX->create_url_title($url_title);
         }
         // Is the url_title a pure number?  If so we show an error.
         if (is_numeric($url_title)) {
             $this->url_title_error = TRUE;
             $error[] = $LANG->line('url_title_is_numeric');
         }
         /** -------------------------------------
         			/**  Is the URL Title empty?  Can't have that
         			/** -------------------------------------*/
         if (trim($url_title) == '') {
             $this->url_title_error = TRUE;
             $error[] = $LANG->line('unable_to_create_url_title');
             $msg = '';
             foreach ($error as $val) {
                 $msg .= $DSP->qdiv('itemWrapper', $val);
             }
             if ($cp_call == TRUE) {
                 return $this->new_entry_form('preview', $msg);
             } else {
                 return $OUT->show_user_error('general', $error);
             }
         }
         /** ---------------------------------
             /**  Is URL title unique?
             /** ---------------------------------*/
         // Field is limited to 75 characters, so trim url_title before querying
         $url_title = substr($url_title, 0, 75);
         $e_sql = '';
         $sql = "SELECT count(*) AS count FROM exp_weblog_titles WHERE url_title = '" . $DB->escape_str($url_title) . "' AND weblog_id = '{$weblog_id}'";
         if ($entry_id != '') {
             $e_sql = " AND entry_id != '{$entry_id}'";
         }
         $query = $DB->query($sql . $e_sql);
         if ($query->row['count'] > 0) {
             // We may need some room to add our numbers- trim url_title to 70 characters
             $url_title = substr($url_title, 0, 70);
             // Check again
             $sql = "SELECT count(*) AS count FROM exp_weblog_titles WHERE url_title = '" . $DB->escape_str($url_title) . "' AND weblog_id = '{$weblog_id}'" . $e_sql;
             $query = $DB->query($sql);
             if ($query->row['count'] > 0) {
                 $url_create_error = FALSE;
                 $sql = "SELECT url_title, MID(url_title, " . (strlen($url_title) + 1) . ") + 1 AS next_suffix FROM " . "exp_weblog_titles WHERE weblog_id = '" . $weblog_id . "' " . "AND url_title REGEXP('" . preg_quote($DB->escape_str($url_title)) . "[0-9]*\$') " . "AND weblog_id = '" . $weblog_id . "'" . $e_sql . " ORDER BY next_suffix DESC LIMIT 1";
                 $query = $DB->query($sql);
                 // Did something go tragically wrong?
                 if ($query->num_rows == 0) {
                     $url_create_error = TRUE;
                     $error[] = $LANG->line('unable_to_create_url_title');
                 }
                 // Is the appended number going to kick us over the 75 character limit?
                 if ($query->row['next_suffix'] > 99999) {
                     $url_create_error = TRUE;
                     $error[] = $LANG->line('url_title_not_unique');
                 }
                 if ($url_create_error == FALSE) {
                     $url_title = $url_title . $query->row['next_suffix'];
                     // little double check for safety
                     $sql = "SELECT count(*) AS count FROM exp_weblog_titles WHERE url_title = '" . $DB->escape_str($url_title) . "' AND weblog_id = '{$weblog_id}'" . $e_sql;
                     $query = $DB->query($sql);
                     if ($query->row['count'] > 0) {
                         $error[] = $LANG->line('unable_to_create_url_title');
                     }
                 }
             }
         }
     }
     // Did they name the URL title "index"?  That's a bad thing which we disallow
     if ($url_title == 'index') {
         $this->url_title_error = TRUE;
         $error[] = $LANG->line('url_title_is_index');
     }
     /** -------------------------------------
         /**  Validate Page URI
         /** -------------------------------------*/
     if ($PREFS->ini('site_pages') !== FALSE && $IN->GBL('pages_uri', 'POST') !== FALSE && $IN->GBL('pages_uri', 'POST') != '' && $IN->GBL('pages_uri', 'POST') != '/example/pages/uri/') {
         if (!is_numeric($IN->GBL('pages_template_id', 'POST'))) {
             $error[] = $LANG->line('invalid_template');
         }
         $page_uri = preg_replace("#[^a-zA-Z0-9_\\-/\\.]+\$#i", '', str_replace($PREFS->ini('site_url'), '', $IN->GBL('pages_uri')));
         if ($page_uri !== $IN->GBL('pages_uri', 'POST')) {
             $error[] = $LANG->line('invalid_page_uri');
         }
         /** -------------------------------------
         			/**  Check if Duplicate Page URI
         			/**  - Do NOT delete this as the $static_pages variable is used further down
         			/** -------------------------------------*/
         $static_pages = $PREFS->ini('site_pages');
         $uris = isset($static_pages[$PREFS->ini('site_id')]['uris']) ? $static_pages[$PREFS->ini('site_id')]['uris'] : array();
         if ($entry_id != '') {
             unset($uris[$entry_id]);
         }
         if (in_array($IN->GBL('pages_uri', 'POST'), $uris)) {
             $error[] = $LANG->line('duplicate_page_uri');
         }
         unset($uris);
     }
     /** ---------------------------------------
         /**  Validate Author ID
         /** ---------------------------------------*/
     $author_id = !$IN->GBL('author_id', 'POST') ? $SESS->userdata('member_id') : $IN->GBL('author_id', 'POST');
     if ($author_id != $SESS->userdata['member_id'] && !$DSP->allowed_group('can_edit_other_entries')) {
         $error[] = $LANG->line('not_authorized');
     }
     if (isset($orig_author_id) && $author_id != $orig_author_id && (!$DSP->allowed_group('can_edit_other_entries') or !$DSP->allowed_group('can_assign_post_authors'))) {
         $error[] = $LANG->line('not_authorized');
     }
     if ($author_id != $SESS->userdata['member_id'] && $SESS->userdata['group_id'] != 1) {
         // we only need to worry about this if the author has changed
         if (!isset($orig_author_id) or $author_id != $orig_author_id) {
             if (!$DSP->allowed_group('can_assign_post_authors')) {
                 $error[] = $LANG->line('not_authorized');
             } else {
                 $allowed_authors = array();
                 $ss = "SELECT exp_members.member_id\n\t\t\t\t\t\t   FROM exp_members\n\t\t\t\t\t\t   LEFT JOIN exp_member_groups on exp_member_groups.group_id = exp_members.group_id\n\t\t\t\t\t\t   WHERE (exp_members.in_authorlist = 'y' OR exp_member_groups.include_in_authorlist = 'y')\n\t\t\t\t\t\t   AND exp_member_groups.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'";
                 $query = $DB->query($ss);
                 if ($query->num_rows > 0) {
                     foreach ($query->result as $row) {
                         // Is this a "user blog"?  If so, we'll only allow
                         // authors if they are assigned to this particular blog
                         if ($SESS->userdata['weblog_id'] != 0) {
                             if ($row['weblog_id'] == $weblog_id) {
                                 $allowed_authors[] = $row['member_id'];
                             }
                         } else {
                             $allowed_authors[] = $row['member_id'];
                         }
                     }
                 }
                 if (!in_array($author_id, $allowed_authors)) {
                     $error[] = $LANG->line('invalid_author');
                 }
             }
         }
     }
     /** ---------------------------------------
     		/**  Validate status
     		/** ---------------------------------------*/
     $status = $IN->GBL('status', 'POST') == FALSE ? $deft_status : $IN->GBL('status', 'POST');
     if ($SESS->userdata['group_id'] != 1) {
         $disallowed_statuses = array();
         $valid_statuses = array();
         $sq = "SELECT s.status_id, s.status\n\t\t\t\t   FROM exp_statuses AS s\n\t\t\t\t   LEFT JOIN exp_status_groups AS sg ON sg.group_id = s.group_id\n\t\t\t\t   LEFT JOIN exp_weblogs AS w ON w.status_group = sg.group_id\n\t\t\t\t   WHERE w.weblog_id = '" . $DB->escape_str($weblog_id) . "'";
         $query = $DB->query($sq);
         if ($query->num_rows > 0) {
             foreach ($query->result as $row) {
                 $valid_statuses[$row['status_id']] = strtolower($row['status']);
                 // lower case to match MySQL's case-insensitivity
             }
         }
         $dsq = "SELECT exp_status_no_access.status_id, exp_statuses.status\n\t\t\t\t\tFROM exp_status_no_access, exp_statuses\n\t\t\t\t\tWHERE exp_statuses.status_id = exp_status_no_access.status_id\n\t\t\t\t\tAND exp_status_no_access.member_group = '" . $SESS->userdata['group_id'] . "'";
         $query = $DB->query($dsq);
         if ($query->num_rows > 0) {
             foreach ($query->result as $row) {
                 $disallowed_statuses[$row['status_id']] = strtolower($row['status']);
                 // lower case to match MySQL's case-insensitivity
             }
             $valid_statuses = array_diff_assoc($valid_statuses, $disallowed_statuses);
         }
         if (!in_array(strtolower($status), $valid_statuses)) {
             // if there are no valid statuses, set to closed
             $status = 'closed';
         }
     }
     /** ---------------------------------
         /**  Do we have an error to display?
         /** ---------------------------------*/
     if (count($error) > 0) {
         $msg = '';
         foreach ($error as $val) {
             $msg .= $DSP->qdiv('itemWrapper', $val);
         }
         if ($cp_call == TRUE) {
             return $this->new_entry_form('preview', $msg);
         } else {
             return $OUT->show_user_error('general', $error);
         }
     }
     /** ---------------------------------
         /**  Fetch catagories
         /** ---------------------------------*/
     // We do this first so we can destroy the category index from
     // the $_POST array since we use a separate table to store categories in
     if (isset($_POST['category']) and is_array($_POST['category'])) {
         foreach ($_POST['category'] as $cat_id) {
             $this->cat_parents[] = $cat_id;
         }
         if ($this->assign_cat_parent == TRUE) {
             $this->fetch_category_parents($_POST['category']);
         }
     }
     unset($_POST['category']);
     /** ---------------------------------
         /**  Fetch previously sent trackbacks
         /** ---------------------------------*/
     // If we are editing an existing entry, fetch the previously sent trackbacks
     // and add the new trackback URLs to them
     $sent_trackbacks = '';
     if ($trackback_urls != '' and $entry_id != '') {
         $sent_trackbacks = trim($trackback_urls) . "\n";
         $query = $DB->query("SELECT sent_trackbacks FROM exp_weblog_titles WHERE entry_id = '{$entry_id}'");
         if ($query->num_rows > 0) {
             $sent_trackbacks = $query->row['sent_trackbacks'];
         }
     }
     /** ---------------------------------
         /**  Set "mode" cookie
         /** ---------------------------------*/
     // We do it now so we can destry it from the POST array
     if (isset($_POST['mode'])) {
         $FNS->set_cookie('mode', $_POST['mode'], 60 * 60 * 24 * 182);
         unset($_POST['mode']);
     }
     if ($cp_call == TRUE) {
         $allow_comments = $IN->GBL('allow_comments', 'POST') == 'y' ? 'y' : 'n';
         $allow_trackbacks = $IN->GBL('allow_trackbacks', 'POST') == 'y' ? 'y' : 'n';
     } else {
         $allow_comments = $IN->GBL('allow_comments', 'POST') !== 'y' || $comment_system_enabled == 'n' ? 'n' : 'y';
         $allow_trackbacks = $IN->GBL('allow_trackbacks', 'POST') !== 'y' || $trackback_system_enabled == 'n' ? 'n' : 'y';
     }
     /** --------------------------------------
         /**  Do we have a relationship?
         /** --------------------------------------*/
     // If the entry being submitted is the "parent" entry we need to compile and cache the "child" entry.
     $query = $DB->query("SELECT field_id, field_related_to, field_related_id FROM exp_weblog_fields WHERE field_type = 'rel'");
     $rel_updates = array();
     if ($query->num_rows > 0) {
         foreach ($query->result as $row) {
             if (isset($_POST['field_id_' . $row['field_id']])) {
                 $_POST['field_ft_' . $row['field_id']] = 'none';
                 $rel_exists = FALSE;
                 // If editing an existing entry....
                 // Does an existing relationship exist? If so, we may not  need to recompile the data
                 if ($entry_id != '') {
                     // First we fetch the previously stored related entry ID.
                     $rel_query = $DB->query("SELECT field_id_" . $row['field_id'] . " FROM exp_weblog_data WHERE entry_id = '" . $entry_id . "'");
                     // If the previous ID matches the current ID being submitted it means that
                     // the existing relationship has not changed so there's no need to recompile.
                     // If it has changed we'll clear the old relationship.
                     if (is_numeric($rel_query->row['field_id_' . $row['field_id']])) {
                         if ($rel_query->row['field_id_' . $row['field_id']] == $_POST['field_id_' . $row['field_id']]) {
                             $rel_exists = TRUE;
                         } else {
                             $DB->query("DELETE FROM exp_relationships WHERE rel_id = '" . $rel_query->row['field_id_' . $row['field_id']] . "'");
                         }
                     }
                 }
                 if (is_numeric($_POST['field_id_' . $row['field_id']]) and $rel_exists == FALSE) {
                     $reldata = array('type' => $row['field_related_to'], 'parent_id' => $entry_id, 'child_id' => $_POST['field_id_' . $row['field_id']], 'related_id' => $weblog_id);
                     $_POST['field_id_' . $row['field_id']] = $FNS->compile_relationship($reldata, TRUE);
                     $rel_updates[] = $_POST['field_id_' . $row['field_id']];
                 }
             }
         }
     }
     /** ---------------------------------
         /**  Build our query data
         /** ---------------------------------*/
     if ($enable_versioning == 'n') {
         $version_enabled = 'y';
     } else {
         $version_enabled = isset($_POST['versioning_enabled']) ? 'y' : 'n';
     }
     $data = array('entry_id' => '', 'weblog_id' => $weblog_id, 'author_id' => $author_id, 'site_id' => $PREFS->ini('site_id'), 'ip_address' => $IN->IP, 'title' => $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($title) : $title, 'url_title' => $url_title, 'entry_date' => $entry_date, 'edit_date' => date("YmdHis"), 'versioning_enabled' => $version_enabled, 'year' => date('Y', $entry_date), 'month' => date('m', $entry_date), 'day' => date('d', $entry_date), 'expiration_date' => $expiration_date, 'comment_expiration_date' => $comment_expiration_date, 'sticky' => $IN->GBL('sticky', 'POST') == 'y' ? 'y' : 'n', 'status' => $status, 'allow_comments' => $allow_comments, 'allow_trackbacks' => $allow_trackbacks, 'forum_topic_id' => ($IN->GBL('forum_topic_id') != '' and is_numeric($IN->GBL('forum_topic_id'))) ? trim($IN->GBL('forum_topic_id')) : 0);
     // If we have the "honor_entry_dst" pref turned on we need to reverse the effects.
     if ($PREFS->ini('honor_entry_dst') == 'y') {
         $data['dst_enabled'] = $IN->GBL('dst_enabled', 'POST') == 'y' ? 'y' : 'n';
     }
     /** ---------------------------------
         /**  Insert the entry
         /** ---------------------------------*/
     if ($entry_id == '') {
         $DB->query($DB->insert_string('exp_weblog_titles', $data));
         $entry_id = $DB->insert_id;
         /** ------------------------------------
             /**  Update Relationships
             /** ------------------------------------*/
         if (sizeof($rel_updates) > 0) {
             $DB->query("UPDATE exp_relationships SET rel_parent_id = '" . $entry_id . "' WHERE rel_id IN (" . implode(',', $rel_updates) . ")");
         }
         /** ------------------------------------
             /**  Insert the custom field data
             /** ------------------------------------*/
         $cust_fields = array('entry_id' => $entry_id, 'weblog_id' => $weblog_id);
         foreach ($_POST as $key => $val) {
             if (strstr($key, 'field_offset_')) {
                 unset($_POST[$key]);
                 continue;
             }
             if (strstr($key, 'field')) {
                 if ($key == 'field_ft_' . $trackback_field) {
                     $tb_format = $val;
                 }
                 if (strstr($key, 'field_id_') and !is_numeric($val)) {
                     $cust_fields[$key] = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($val) : $val;
                 } else {
                     $cust_fields[$key] = $val;
                 }
             }
         }
         if (count($cust_fields) > 0) {
             $cust_fields['site_id'] = $PREFS->ini('site_id');
             // Submit the custom fields
             $DB->query($DB->insert_string('exp_weblog_data', $cust_fields));
         }
         /** ------------------------------------
             /**  Update member stats
             /** ------------------------------------*/
         if ($data['author_id'] == $SESS->userdata('member_id')) {
             $total_entries = $SESS->userdata['total_entries'] + 1;
         } else {
             $query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '" . $data['author_id'] . "'");
             $total_entries = $query->row['total_entries'] + 1;
         }
         $DB->query("UPDATE exp_members set total_entries = '{$total_entries}', last_entry_date = '" . $LOC->now . "' WHERE member_id = '" . $data['author_id'] . "'");
         /** -------------------------------------
             /**  Set page title and success message
             /** -------------------------------------*/
         $type = 'new';
         $page_title = 'entry_has_been_added';
         $message = $LANG->line($page_title);
         /** -------------------------------------
             /**  Is there a forum post?
             /** -------------------------------------*/
         if ($PREFS->ini('forum_is_installed') == "y" and $IN->GBL('forum_title') != '' and $IN->GBL('forum_body') != '') {
             $query = $DB->query("SELECT board_id FROM exp_forums WHERE forum_id = '" . $DB->escape_str($IN->GBL('forum_id')) . "'");
             if ($query->num_rows > 0) {
                 $title = $this->_convert_forum_tags($IN->GBL('forum_title'));
                 $body = $this->_convert_forum_tags(str_replace('{permalink}', $FNS->remove_double_slashes($comment_url . '/' . $url_title . '/'), $IN->GBL('forum_body')));
                 $DB->query($DB->insert_string('exp_forum_topics', array('topic_id' => '', 'forum_id' => $IN->GBL('forum_id'), 'board_id' => $query->row['board_id'], 'topic_date' => $LOC->now, 'title' => $REGX->xss_clean($title), 'body' => $REGX->xss_clean($body), 'author_id' => $author_id, 'ip_address' => $IN->IP, 'last_post_date' => $LOC->now, 'last_post_author_id' => $author_id, 'sticky' => 'n', 'status' => 'o', 'announcement' => 'n', 'poll' => 'n', 'parse_smileys' => 'y', 'thread_total' => 1)));
                 $topic_id = $DB->insert_id;
                 $rand = $author_id . $FNS->random('alpha', 8);
                 $DB->query("UPDATE exp_weblog_titles SET forum_topic_id = '{$topic_id}' WHERE entry_id = '{$entry_id}'");
                 $DB->query("INSERT INTO exp_forum_subscriptions (topic_id, member_id, subscription_date, hash) \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t \t\tVALUES \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t \t\t('{$topic_id}', '{$author_id}', '{$LOC->now}', '{$rand}')");
                 // Update the forum stats
                 if (!class_exists('Forum')) {
                     require PATH_MOD . 'forum/mod.forum' . EXT;
                     require PATH_MOD . 'forum/mod.forum_core' . EXT;
                 }
                 Forum_Core::_update_post_stats($IN->GBL('forum_id'));
                 // Update member post total
                 $DB->query("UPDATE exp_members SET last_forum_post_date = '{$LOC->now}' WHERE member_id = '" . $author_id . "'");
             }
         }
         /** ----------------------------
         			/**  Send admin notification
         			/** ----------------------------*/
         if ($notify_address != '') {
             $swap = array('name' => $SESS->userdata('screen_name'), 'email' => $SESS->userdata('email'), 'weblog_name' => $blog_title, 'entry_title' => $title, 'entry_url' => $FNS->remove_double_slashes($blog_url . '/' . $url_title . '/'), 'comment_url' => $FNS->remove_double_slashes($comment_url . '/' . $url_title . '/'));
             $template = $FNS->fetch_email_template('admin_notify_entry');
             $email_tit = $FNS->var_swap($template['title'], $swap);
             $email_msg = $FNS->var_swap($template['data'], $swap);
             // We don't want to send a notification if the person
             // leaving the entry is in the notification list
             if (stristr($notify_address, $SESS->userdata['email'])) {
                 $notify_address = str_replace($SESS->userdata('email'), "", $notify_address);
             }
             $notify_address = $REGX->remove_extra_commas($notify_address);
             if ($notify_address != '') {
                 /** ----------------------------
                 				/**  Send email
                 				/** ----------------------------*/
                 if (!class_exists('EEmail')) {
                     require PATH_CORE . 'core.email' . EXT;
                 }
                 $email = new EEmail();
                 foreach (explode(',', $notify_address) as $addy) {
                     $email->initialize();
                     $email->wordwrap = false;
                     $email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
                     $email->to($addy);
                     $email->reply_to($PREFS->ini('webmaster_email'));
                     $email->subject($email_tit);
                     $email->message($REGX->entities_to_ascii($email_msg));
                     $email->Send();
                 }
             }
         }
     } else {
         /** ---------------------------------
             /**  Update an existing entry
             /** ---------------------------------*/
         if ($PREFS->ini('honor_entry_dst') == 'y') {
             $data['entry_date'] = $LOC->offset_entry_dst($data['entry_date'], $data['dst_enabled']);
             if ($data['expiration_date'] != '' and $data['expiration_date'] != 0) {
                 $data['expiration_date'] = $LOC->offset_entry_dst($data['expiration_date'], $data['dst_enabled']);
             }
             if ($data['comment_expiration_date'] != '' and $data['comment_expiration_date'] != 0) {
                 $data['comment_expiration_date'] = $LOC->offset_entry_dst($data['comment_expiration_date'], $data['dst_enabled']);
             }
         }
         // First we need to see if the author of the entry has changed.
         $query = $DB->query("SELECT author_id FROM exp_weblog_titles WHERE entry_id = '{$entry_id}'");
         $old_author = $query->row['author_id'];
         if ($old_author != $data['author_id']) {
             // Decremenet the counter on the old author
             $query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '{$old_author}'");
             $total_entries = $query->row['total_entries'] - 1;
             $DB->query("UPDATE exp_members set total_entries = '{$total_entries}' WHERE member_id = '{$old_author}'");
             // Increment the counter on the new author
             $query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '" . $data['author_id'] . "'");
             $total_entries = $query->row['total_entries'] + 1;
             $DB->query("UPDATE exp_members set total_entries = '{$total_entries}' WHERE member_id = '" . $data['author_id'] . "'");
         }
         /** ------------------------------------
             /**  Update the entry
             /** ------------------------------------*/
         unset($data['entry_id']);
         $topic_id = $data['forum_topic_id'];
         $DB->query($DB->update_string('exp_weblog_titles', $data, "entry_id = '{$entry_id}'"));
         /** ------------------------------------
             /**  Update the custom fields
             /** ------------------------------------*/
         $cust_fields = array('weblog_id' => $weblog_id);
         foreach ($_POST as $key => $val) {
             if (strstr($key, 'field_offset_')) {
                 // removed the unset in 1.6.5 as the localization was being lost on quicksave
                 // unset($_POST[$key]);
                 continue;
             }
             if (strstr($key, 'field')) {
                 if ($key == 'field_ft_' . $trackback_field) {
                     $tb_format = $val;
                 }
                 if (strstr($key, 'field_id_') and !is_numeric($val)) {
                     $cust_fields[$key] = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($val) : $val;
                 } else {
                     $cust_fields[$key] = $val;
                 }
             }
         }
         if (count($cust_fields) > 0) {
             // Update the custom fields
             $DB->query($DB->update_string('exp_weblog_data', $cust_fields, "entry_id = '{$entry_id}'"));
         }
         /** ------------------------------------
             /**  Delete categories
             /** ------------------------------------*/
         // We will resubmit all categories next
         $DB->query("DELETE FROM exp_category_posts WHERE entry_id = '{$entry_id}'");
         /** ------------------------------------
             /**  Set page title and success message
             /** ------------------------------------*/
         $type = 'update';
         $page_title = 'entry_has_been_updated';
         $message = $LANG->line($page_title);
     }
     /** ---------------------------------
         /**  Insert categories
         /** ---------------------------------*/
     if ($this->cat_parents > 0) {
         $this->cat_parents = array_unique($this->cat_parents);
         sort($this->cat_parents);
         foreach ($this->cat_parents as $val) {
             if ($val != '') {
                 $DB->query("INSERT INTO exp_category_posts (entry_id, cat_id) VALUES ('{$entry_id}', '{$val}')");
             }
         }
     }
     /** --------------------------------------
         /**  Is this entry a child of another parent?
         /** --------------------------------------*/
     // If the entry being submitted is a "child" of another parent
     // we need to re-compile and cache the data.  Confused?  Me too...
     $query = $DB->query("SELECT COUNT(*) AS count FROM exp_relationships WHERE rel_type = 'blog' AND rel_child_id = '" . $DB->escape_str($entry_id) . "'");
     if ($query->row['count'] > 0) {
         $reldata = array('type' => 'blog', 'child_id' => $entry_id);
         $FNS->compile_relationship($reldata, FALSE);
     }
     /** --------------------------------------
         /**  Is this entry a parent of a child?
         /** --------------------------------------*/
     $query = $DB->query("SELECT COUNT(*) AS count FROM exp_relationships \n\t\t\t\t\t\t\t WHERE rel_parent_id = '" . $DB->escape_str($entry_id) . "'\n\t\t\t\t\t\t\t AND reverse_rel_data != ''");
     if ($query->row['count'] > 0) {
         $reldata = array('type' => 'blog', 'parent_id' => $entry_id);
         $FNS->compile_relationship($reldata, FALSE, TRUE);
     }
     /** -------------------------------------
     		/**  Is there a forum post to update
     		/** -------------------------------------*/
     if ($PREFS->ini('forum_is_installed') == "y" and $IN->GBL('forum_title') != '' and $IN->GBL('forum_body') != '' and $topic_id != 0) {
         $title = $this->_convert_forum_tags($IN->GBL('forum_title'));
         $body = $this->_convert_forum_tags(str_replace('{permalink}', $FNS->remove_double_slashes($comment_url . '/' . $url_title . '/'), $IN->GBL('forum_body')));
         $DB->query("UPDATE exp_forum_topics SET title = '{$title}', body = '{$body}' WHERE topic_id = '{$topic_id}' ");
         // Update the forum stats
         if (!class_exists('Forum')) {
             require PATH_MOD . 'forum/mod.forum' . EXT;
             require PATH_MOD . 'forum/mod.forum_core' . EXT;
         }
         Forum_Core::_update_post_stats($IN->GBL('forum_id'));
     }
     /** -------------------------------------
     		/**  Is there a Page being updated or created?
     		/** -------------------------------------*/
     if ($PREFS->ini('site_pages') !== FALSE && $IN->GBL('pages_uri', 'POST') !== FALSE && $IN->GBL('pages_uri', 'POST') != '' && $IN->GBL('pages_uri', 'POST') != '/example/pages/uri/' && is_numeric($IN->GBL('pages_template_id', 'POST'))) {
         /** ----------------------------------------
         			/**  Update the Very, Most Current Pages Data for Site
         			/** ----------------------------------------*/
         $site_id = $PREFS->ini('site_id');
         $static_pages[$site_id]['uris'][$entry_id] = '/' . trim(preg_replace("#[^a-zA-Z0-9_\\-/\\.]+\$#i", '', str_replace($PREFS->ini('site_url'), '', $IN->GBL('pages_uri'))), '/') . '/';
         $static_pages[$site_id]['templates'][$entry_id] = preg_replace("#[^0-9]+\$#i", '', $IN->GBL('pages_template_id', 'POST'));
         if ($static_pages[$site_id]['uris'][$entry_id] == '//') {
             $static_pages[$site_id]['uris'][$entry_id] = '/';
         }
         $DB->query($DB->update_string('exp_sites', array('site_pages' => addslashes(serialize($static_pages))), "site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'"));
     }
     /** ----------------------------------------
         /**  Save revisions if needed
         /** ----------------------------------------*/
     if (!isset($_POST['versioning_enabled'])) {
         $enable_versioning = 'n';
     }
     if (isset($_POST['save']) and $enable_qucksave_versioning == 'n') {
         $enable_versioning = 'n';
     }
     if ($enable_versioning == 'y') {
         $DB->query("INSERT INTO exp_entry_versioning (version_id, entry_id, weblog_id, author_id, version_date, version_data) VALUES ('', '" . $entry_id . "', '" . $weblog_id . "', '" . $SESS->userdata('member_id') . "', '" . $LOC->now . "', '" . addslashes(serialize($revision_post)) . "')");
         // Clear old revisions if needed
         $max = (is_numeric($max_revisions) and $max_revisions > 0) ? $max_revisions : 10;
         $query = $DB->query("SELECT COUNT(*) AS count FROM exp_entry_versioning WHERE entry_id = '" . $entry_id . "'");
         if ($query->row['count'] > $max) {
             $query = $DB->query("SELECT version_id FROM exp_entry_versioning WHERE entry_id = '" . $entry_id . "' ORDER BY version_id desc limit " . $max);
             $ids = '';
             foreach ($query->result as $row) {
                 $ids .= $row['version_id'] . ',';
             }
             $ids = substr($ids, 0, -1);
             $DB->query("DELETE FROM exp_entry_versioning WHERE version_id NOT IN (" . $ids . ") AND entry_id = '" . $entry_id . "'");
         }
     }
     //---------------------------------
     // Quick Save Returns Here
     //  - does not process pings
     //  - does not update stats
     //  - does not empty caches
     //---------------------------------
     if (isset($_POST['save'])) {
         return $this->new_entry_form('save', '', $entry_id);
     }
     /** ----------------------------------------
         /**  Update global stats
         /** ----------------------------------------*/
     if ($old_weblog != '') {
         // Change weblog_id in exp_comments
         if (isset($this->installed_modules['comment'])) {
             $DB->query("UPDATE exp_comments SET weblog_id = '{$weblog_id}' WHERE entry_id = '{$entry_id}'");
         }
         $STAT->update_weblog_stats($old_weblog);
     }
     $STAT->update_weblog_stats($weblog_id);
     /** ---------------------------------
         /**  Send trackbacks
         /** ---------------------------------*/
     $tb_body = !isset($_POST['field_id_' . $trackback_field]) ? '' : $_POST['field_id_' . $trackback_field];
     if ($trackback_urls != '' and $tb_body != '' and $data['status'] != 'closed' and $data['entry_date'] < $LOC->now + 90) {
         $entry_link = $REGX->prep_query_string($tb_url);
         $entry_link = $FNS->remove_double_slashes($entry_link . '/' . $url_title . '/');
         $tb_data = array('entry_id' => $entry_id, 'entry_link' => $FNS->remove_double_slashes($entry_link), 'entry_title' => $title, 'entry_content' => $tb_body, 'tb_format' => $tb_format, 'weblog_name' => $blog_title, 'trackback_url' => $trackback_urls);
         require PATH_MOD . 'trackback/mcp.trackback' . EXT;
         $TB = new Trackback_CP();
         $tb_res = $TB->send_trackback($tb_data);
         /** ---------------------------------------
             /**  Update the "sent_trackbacks" field
             /** ---------------------------------------*/
         // Fetch the URLs that were sent successfully and update the DB
         if (count($tb_res['0']) > 0) {
             foreach ($tb_res['0'] as $val) {
                 $sent_trackbacks .= $val . "\n";
             }
             $DB->query("UPDATE exp_weblog_titles SET sent_trackbacks = '{$sent_trackbacks}' WHERE entry_id = '{$entry_id}'");
         }
         if (count($tb_res['1']) > 0) {
             $tb_errors = TRUE;
         }
     }
     /** ---------------------------------
         /**  Send xml-rpc pings
         /** ---------------------------------*/
     $ping_message = '';
     if (count($ping_servers) > 0) {
         // We only ping entries that are posted now, not in the future
         if ($entry_date - 90 < $LOC->now) {
             $ping_result = $this->send_pings($ping_servers, $blog_title, $ping_url, $rss_url);
             if (is_array($ping_result) and count($ping_result) > 0) {
                 $ping_errors = TRUE;
                 $ping_message .= $DSP->qdiv('highlight', $DSP->qdiv('defaultBold', $LANG->line('xmlrpc_ping_errors')));
                 foreach ($ping_result as $val) {
                     $ping_message .= $DSP->qdiv('highlight', $DSP->qspan('highlight_bold', $val['0']) . ' - ' . $val['1']);
                 }
             }
         }
         /** ---------------------------------
             /**  Save ping button state
             /** ---------------------------------*/
         $DB->query("DELETE FROM exp_entry_ping_status WHERE entry_id = '{$entry_id}'");
         foreach ($ping_servers as $val) {
             $DB->query("INSERT INTO exp_entry_ping_status (entry_id, ping_id) VALUES ('{$entry_id}', '{$val}')");
         }
     }
     /** ---------------------------------
         /**  Clear caches if needed
         /** ---------------------------------*/
     if ($PREFS->ini('new_posts_clear_caches') == 'y') {
         $FNS->clear_caching('all');
     } else {
         $FNS->clear_caching('sql');
     }
     // -------------------------------------------
     // 'submit_new_entry_end' hook.
     //  - Add More Stuff to Do For Entry
     //  - 1.5.2 => Added $ping_message variable
     //
     $edata = $EXT->call_extension('submit_new_entry_end', $entry_id, $data, $ping_message);
     if ($EXT->end_script === TRUE) {
         return;
     }
     //
     // -------------------------------------------
     /** ---------------------------------------
         /**  Show ping erors if there are any
         /** ---------------------------------------*/
     if ($tb_errors == TRUE || $ping_errors == TRUE) {
         if ($cp_call == TRUE) {
             $r = $DSP->qdiv('success', $LANG->line($page_title) . BR . BR);
             if (isset($tb_res['1']) and count($tb_res['1']) > 0) {
                 $r .= $DSP->qdiv('highlight', $DSP->qdiv('defaultBold', $LANG->line('trackback_url_errors')));
                 foreach ($tb_res['1'] as $val) {
                     $r .= $DSP->qdiv('highlight', $DSP->qspan('highlight_bold', $val['0']) . ' - ' . $val['1']);
                 }
             }
             $r .= $ping_message;
             $r .= $DSP->qdiv('', BR . $DSP->anchor(BASE . AMP . 'C=edit' . AMP . 'M=view_entry' . AMP . 'weblog_id=' . $IN->GBL('weblog_id', 'POST') . AMP . 'entry_id=' . $entry_id, $LANG->line('click_to_view_your_entry')));
             return $DSP->set_return_data($LANG->line('publish'), $r);
         }
     }
     /** ---------------------------------
         /**  Redirect to ths "success" page
         /** ---------------------------------*/
     if ($cp_call == TRUE) {
         $loc = BASE . AMP . 'C=edit' . AMP . 'M=view_entry' . AMP . 'weblog_id=' . $weblog_id . AMP . 'entry_id=' . $entry_id . AMP . 'U=' . $type;
     } else {
         $FNS->template_type = 'webpage';
         $loc = $return_url == '' ? $FNS->fetch_site_index() : $FNS->create_url($return_url, 1, 1);
     }
     // -------------------------------------------
     // 'submit_new_entry_redirect' hook.
     //  - Modify Redirect Location
     //  - 1.5.2 => Added $cp_call variable
     //
     if ($EXT->active_hook('submit_new_entry_redirect') === TRUE) {
         $loc = $EXT->call_extension('submit_new_entry_redirect', $entry_id, $data, $cp_call);
         if ($EXT->end_script === TRUE) {
             return;
         }
     }
     //
     // -------------------------------------------
     // -------------------------------------------
     // 'submit_new_entry_absolute_end' hook.
     //  - Add More Stuff to Do For Entry
     //	- Still allows Trackback/Ping error messages
     //
     $edata = $EXT->call_extension('submit_new_entry_absolute_end', $entry_id, $data);
     if ($EXT->end_script === TRUE) {
         return;
     }
     //
     // -------------------------------------------
     $FNS->redirect($loc);
     exit;
 }
Exemplo n.º 2
0
 /** -----------------------------------------
 	/**  USAGE: Edit Post
 	/** -----------------------------------------*/
 function editPost($plist)
 {
     global $DB, $LANG, $FNS, $LOC, $PREFS, $REGX, $IN, $STAT;
     $parameters = $plist->output_parameters();
     if (!$this->fetch_member_data($parameters['1'], $parameters['2'])) {
         return new XML_RPC_Response('0', '802', $LANG->line('invalid_access'));
     }
     if (!$this->userdata['can_access_edit'] && $this->userdata['group_id'] != '1') {
         return new XML_RPC_Response('0', '803', $LANG->line('invalid_access'));
     }
     if (!$this->userdata['can_edit_other_entries'] && $this->userdata['group_id'] != '1') {
         // If there aren't any blogs assigned to the user, bail out
         if (count($this->userdata['assigned_weblogs']) == 0) {
             return new XML_RPC_Response('0', '804', $LANG->line('invalid_access'));
         }
     }
     /** ---------------------------------------
        	/**  Retrieve Entry Information
        	/** ---------------------------------------*/
     $entry_id = $parameters['0'];
     $sql = "SELECT wt.weblog_id, wt.author_id, wt.title, wt.sent_trackbacks, wt.url_title,\n    \t\t\twb.blog_title, wb.blog_url, wb.tb_return_url, wb.trackback_field, wb.trackback_system_enabled\n    \t\t\tFROM exp_weblog_titles wt, exp_weblogs wb\n    \t\t\tWHERE wt.weblog_id = wb.weblog_id \n    \t\t\tAND wt.entry_id = '" . $DB->escape_str($entry_id) . "' ";
     $query = $DB->query($sql);
     if ($query->num_rows == 0) {
         return new XML_RPC_Response('0', '805', $LANG->line('no_entry_found'));
     }
     if (!$this->userdata['can_edit_other_entries'] && $this->userdata['group_id'] != '1') {
         if ($query->row['author_id'] != $this->userdata['member_id']) {
             return new XML_RPC_Response('0', '806', $LANG->line('entry_uneditable'));
         }
     }
     $this->weblog_id = $query->row['weblog_id'];
     $this->title = $query->row['title'];
     $this->parse_weblog($this->weblog_id);
     if ($this->entry_status != '' && $this->entry_status != 'null') {
         $this->status = $this->entry_status;
     } else {
         $this->status = $parameters['4'] == '0' ? 'closed' : 'open';
     }
     /** ---------------------------------------
        	/**  Parse Weblog Meta-Information
        	/** ---------------------------------------*/
     $this->title = $parameters['3']['title'];
     $ping_urls = !isset($parameters['3']['mt_tb_ping_urls']) ? '' : implode("\n", $parameters['3']['mt_tb_ping_urls']);
     $sent_trackbacks = $query->row['sent_trackbacks'];
     $this->field_data['excerpt'] = !isset($parameters['3']['mt_excerpt']) ? '' : $parameters['3']['mt_excerpt'];
     $this->field_data['content'] = !isset($parameters['3']['description']) ? '' : $parameters['3']['description'];
     $this->field_data['more'] = !isset($parameters['3']['mt_text_more']) ? '' : $parameters['3']['mt_text_more'];
     $this->field_data['keywords'] = !isset($parameters['3']['mt_keywords']) ? '' : $parameters['3']['mt_keywords'];
     /** ---------------------------------
         /**  Build our query string
         /** ---------------------------------*/
     $metadata = array('entry_id' => $entry_id, 'title' => $this->title, 'ip_address' => $IN->IP, 'status' => $this->status);
     if (isset($parameters['3']['mt_allow_comments'])) {
         $metadata['allow_comments'] = $parameters['3']['mt_allow_comments'] == 1 ? 'y' : 'n';
     }
     if (isset($parameters['3']['mt_allow_pings'])) {
         $metadata['allow_trackbacks'] = $parameters['3']['mt_allow_pings'] == 1 ? 'y' : 'n';
     }
     if (!empty($parameters['3']['dateCreated'])) {
         $metadata['entry_date'] = $this->iso8601_decode($parameters['3']['dateCreated']);
     }
     $metadata['edit_date'] = date("YmdHis");
     /** ---------------------------------------
        	/**  Parse Weblog Field Data
        	/** ---------------------------------------*/
     $entry_data = array('weblog_id' => $this->weblog_id);
     $convert_breaks = !isset($parameters['3']['mt_convert_breaks']) ? '' : $parameters['3']['mt_convert_breaks'];
     if ($convert_breaks != '') {
         $plugins = $this->fetch_plugins();
         if (!in_array($convert_breaks, $plugins)) {
             $convert_breaks = '';
         }
     }
     if (isset($this->fields[$this->excerpt_field])) {
         if (isset($entry_data['field_id_' . $this->excerpt_field])) {
             $entry_data['field_id_' . $this->excerpt_field] .= $this->field_data['excerpt'];
         } else {
             $entry_data['field_id_' . $this->excerpt_field] = $this->field_data['excerpt'];
         }
         $entry_data['field_ft_' . $this->excerpt_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->excerpt_field]['1'];
     }
     if (isset($this->fields[$this->content_field])) {
         if (isset($entry_data['field_id_' . $this->content_field])) {
             $entry_data['field_id_' . $this->content_field] .= $this->field_data['content'];
         } else {
             $entry_data['field_id_' . $this->content_field] = $this->field_data['content'];
         }
         $entry_data['field_ft_' . $this->content_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->content_field]['1'];
     }
     if (isset($this->fields[$this->more_field])) {
         if (isset($entry_data['field_id_' . $this->more_field])) {
             $entry_data['field_id_' . $this->more_field] .= $this->field_data['more'];
         } else {
             $entry_data['field_id_' . $this->more_field] = $this->field_data['more'];
         }
         $entry_data['field_ft_' . $this->more_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->more_field]['1'];
     }
     if (isset($this->fields[$this->keywords_field])) {
         if (isset($entry_data['field_id_' . $this->keywords_field])) {
             $entry_data['field_id_' . $this->keywords_field] .= $this->field_data['keywords'];
         } else {
             $entry_data['field_id_' . $this->keywords_field] = $this->field_data['keywords'];
         }
         $entry_data['field_ft_' . $this->keywords_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->keywords_field]['1'];
     }
     /** ---------------------------------
         /**  Update the entry data
         /** ---------------------------------*/
     $DB->query($DB->update_string('exp_weblog_titles', $metadata, "entry_id = '{$entry_id}'"));
     $DB->query($DB->update_string('exp_weblog_data', $entry_data, "entry_id = '{$entry_id}'"));
     /** ---------------------------------
         /**  Insert Categories, if any
         /** ---------------------------------*/
     if (!empty($parameters['3']['categories']) && sizeof($parameters['3']['categories']) > 0) {
         $this->check_categories($parameters['3']['categories']);
     }
     if (sizeof($this->categories) > 0) {
         $DB->query("DELETE FROM exp_category_posts WHERE entry_id = '{$entry_id}'");
         foreach ($this->categories as $cat_id => $cat_name) {
             $DB->query("INSERT INTO exp_category_posts \n        \t\t\t\t\t(entry_id, cat_id) \n        \t\t\t\t\tVALUES \n        \t\t\t\t\t('" . $entry_id . "', '{$cat_id}')");
         }
     }
     /** ------------------------------------
         /**  Send Pings - So Many Conditions...
         /** ------------------------------------*/
     if (trim($ping_urls) != '' && $query->row['trackback_system_enabled'] == 'y' && isset($entry_data['field_id_' . $query->row['trackback_field']]) && $entry_data['field_id_' . $query->row['trackback_field']] != '' && $metadata['status'] != 'closed' && (!isset($metadata['entry_date']) or $metadata['entry_date'] < $LOC->now + 90)) {
         $entry_link = $REGX->prep_query_string($query->row['tb_return_url'] == '' ? $query->row['blog_url'] : $query->row['tb_return_url']);
         $entry_link = $FNS->remove_double_slashes($entry_link . '/' . $query->row['url_title'] . '/');
         $tb_data = array('entry_id' => $entry_id, 'entry_link' => $FNS->remove_double_slashes($entry_link), 'entry_title' => $metadata['title'], 'entry_content' => $entry_data['field_id_' . $query->row['trackback_field']], 'tb_format' => $entry_data['field_ft_' . $query->row['trackback_field']], 'weblog_name' => $query->row['blog_title'], 'trackback_url' => str_replace("\n", ',', $ping_urls));
         require PATH_MOD . 'trackback/mcp.trackback' . EXT;
         $TB = new Trackback_CP();
         $tb_res = $TB->send_trackback($tb_data);
         /** ---------------------------------------
             /**  Update the "sent_trackbacks" field
             /** ---------------------------------------*/
         // Fetch the URLs that were sent successfully and update the DB
         if (count($tb_res['0']) > 0) {
             foreach ($tb_res['0'] as $val) {
                 $sent_trackbacks .= "\n" . $val;
             }
             $DB->query("UPDATE exp_weblog_titles SET sent_trackbacks = '{$sent_trackbacks}' WHERE entry_id = '" . $entry_id . "'");
         }
         $tb_errors = count($tb_res['1']) > 0 ? TRUE : FALSE;
     }
     /** ---------------------------------
         /**  Clear caches if needed
         /** ---------------------------------*/
     if ($PREFS->ini('new_posts_clear_caches') == 'y') {
         $FNS->clear_caching('all');
     } else {
         $FNS->clear_caching('sql');
     }
     /** ---------------------------------
         /**  Count your chickens after they've hatched
         /** ---------------------------------*/
     $STAT->update_weblog_stats($this->weblog_id);
     /** ---------------------------------
         /**  Return Boolean TRUE
         /** ---------------------------------*/
     return new XML_RPC_Response(new XML_RPC_Values(1, 'boolean'));
 }