function cn_api_add_news($id, $data)
{
$nloc = db_get_nloc($id);
$db = db_news_load($nloc);
$db[$id] = $data;
// add data
db_save_news($db, $nloc);
$user = db_user_by_name($data['u']);
db_index_add($id, $data['c'], $user['id'], $data['is_draft']);
}
$is_true_user = TRUE;
foreach ($db[$id]['co'] as $dnews) {
if ($dnews['u'] == $name && $dnews['e'] != $mail) {
$is_true_user = FALSE;
break;
}
}
if (!$is_true_user) {
echo '<div class="cn_error_comment">' . i18n('This user name already exist, choose another') . '. <a href="' . $refer . '">Go back</a></div>';
return FALSE;
}
}
// Can edit comment?
$acl_edit_comment = FALSE;
$edit_id = intval(REQ('edit_id'));
$_target_user = isset($db[$id]['co'][$edit_id]) ? db_user_by_name($db[$id]['co'][$edit_id]['u']) : FALSE;
// Check: self [if can], group, and edit all
if ($edit_id && (test('Mes') && $_target_user && $_target_user['name'] == $user['name'] || test('Meg', $_target_user) || test('Mea'))) {
$acl_edit_comment = TRUE;
}
// Check access for edit comment
if ($acl_edit_comment && REQ('cm_edit_comment', 'POST')) {
$cid = $edit_id;
} else {
$cid = ctime();
while (isset($db['co'][$cid])) {
$cid++;
}
}
//convert to right encoding
if (getoption('frontend_encoding') != 'UTF-8' && function_exists('iconv')) {
function cn_modify_comm_input_commentbox($e)
{
$edit_id = intval(REQ('edit_id'));
$cm_text = REQ('comments', 'POST');
if (!empty($edit_id)) {
$username = $e['co'][$edit_id]['u'];
$member = member_get();
$target_user = db_user_by_name($username);
// Check ACL for edit
if (test('Mes') && $username == $member['name'] || test('Meg', $target_user) || test('Mea')) {
$cm_text = str_replace('[', '[', $e['co'][$edit_id]['c']);
}
}
return '<textarea cols="40" rows="6" name="comments" class="cn_comm_textarea" id="ncomm_' . $e['id'] . '">' . cn_htmlspecialchars($cm_text) . '</textarea>';
}
function dashboard_userman()
{
list($section, $st, $delete) = GET('section, st, delete');
list($user_name, $user_pass, $user_confirm, $user_nick, $user_email, $user_acl) = GET('user_name, user_pass, user_confirm, user_nick, user_email, user_acl');
$per_page = 100;
$section = intval($section);
$st = intval($st);
$grp = getoption('#grp');
$is_edit = FALSE;
//visability Edit btton
if (request_type('POST')) {
cn_dsi_check();
// Do Delete
if ($delete) {
db_user_delete($user_name);
cn_throw_message('User [' . cn_htmlspecialchars($user_name) . '] deleted');
$user_name = $user_nick = $user_email = $user_acl = '';
} else {
$user_data = db_user_by_name($user_name);
if (REQ('edit')) {
if ($user_data === null) {
$is_edit = FALSE;
cn_throw_message("User not exists", 'e');
}
} else {
// Check user
if (!$user_name) {
cn_throw_message("Fill required field: username", 'e');
}
if (!$user_pass) {
cn_throw_message("Fill required field: password", 'e');
}
if ($user_data !== null) {
cn_throw_message("Username already exist", 'e');
}
if ($user_confirm != $user_pass) {
cn_throw_message('Confirm not match', 'e');
}
// Invalid email
if (!check_email($user_email)) {
cn_throw_message("Email not valid", "e");
} elseif (db_user_by($user_email, 'email')) {
cn_throw_message('Email already exists', 'e');
}
}
// Must be correct all
if (cn_get_message('e', 'c') == 0) {
// Edit user [user exist]
if (REQ('edit')) {
db_user_update($user_name, "email={$user_email}", "nick={$user_nick}", "acl={$user_acl}");
// Update exists (change password)
if ($user_pass) {
if ($user_confirm == $user_pass) {
db_user_update($user_name, 'pass='******'User password / user info updated');
} else {
cn_throw_message('Confirm not match', 'e');
}
} else {
cn_throw_message('User info updated');
}
} else {
if ($user_id = db_user_add($user_name, $user_acl)) {
if (db_user_update($user_name, "email={$user_email}", "nick={$user_nick}", 'pass='******'t update user", 'e');
}
} else {
cn_throw_message("User not added: internal error", 'e');
}
}
}
}
}
// ----
$userlist = db_user_list();
// Get users by ACL from index
if ($section) {
foreach ($userlist as $id => $dt) {
if ($dt['acl'] != $section) {
unset($userlist[$id]);
}
}
}
// Sort by latest & make pagination
krsort($userlist);
$userlist = array_slice($userlist, $st, $per_page, TRUE);
// Fetch estimate user list
foreach ($userlist as $id => $data) {
$user = db_user_by($id);
$userlist[$id] = $user;
}
// Retrieve info about user
if ($user = db_user_by_name($user_name)) {
$user_nick = isset($user['nick']) ? $user['nick'] : '';
$user_email = isset($user['email']) ? $user['email'] : '';
$user_acl = isset($user['acl']) ? $user['acl'] : '';
$is_edit = TRUE;
}
// By default for section
if (!$user_acl) {
$user_acl = $section;
}
cn_assign('users, section, st, per_page, grp', $userlist, $section, $st, $per_page, $grp);
cn_assign('user_name, user_nick, user_email, user_acl, is_edit', $user_name, $user_nick, $user_email, $user_acl, $is_edit);
echoheader('-@dashboard/style.css', "Users manager");
echo exec_tpl('dashboard/users');
echofooter();
}
function load_users_id($ufilter)
{
foreach ($ufilter as $key => $user_name) {
$u = db_user_by_name($user_name);
$ufilter[$key] = $u['id'];
}
return $ufilter;
}
function edit_news_action_list()
{
// init
list($source, $archive_id, $per_page, $sort, $dir, $YS, $MS, $DS, $page) = GET('source, archive_id, per_page, sort, dir, year, mon, day, page', 'GET,POST');
list($add_category, $add_user, $rm_cat, $rm_user, $cat_filter) = GET('add_category_filter, add_user_filter, rm_category_filter, rm_user_filter, cat_filter', 'GET');
// defaults
$has_next = FALSE;
$page = intval($page);
$ctime = ctime();
$nocat = FALSE;
if ($per_page == 0) {
$per_page = 25;
}
if ($sort == '') {
$sort = 'date';
}
if ($sort == 'date' && !$dir) {
$dir = 'd';
}
if ($dir == '') {
$dir = 'a';
}
// --- changes in acp filters ---
list($cfilter, $ufilter) = cn_cookie_unpack('filter_cat, filter_user');
if ($add_category) {
$sp = spsep($add_category);
foreach ($sp as $id) {
if (test_cat($id)) {
$cfilter[$id] = $id;
}
}
}
if ($add_user) {
$sp = spsep($add_user);
foreach ($sp as $id) {
$ufilter[$id] = $id;
}
}
if ($rm_cat) {
$sp = spsep($rm_cat);
foreach ($sp as $id) {
unset($cfilter[$id]);
}
}
if ($rm_user) {
$sp = spsep($rm_user);
foreach ($sp as $id) {
unset($ufilter[$id]);
}
}
// Add concrete filter
if ($cat_filter) {
if ($cat_filter !== '-') {
$filter = intval($cat_filter);
if (test_cat($filter)) {
$cfilter[$filter] = $filter;
}
} else {
$nocat = TRUE;
}
}
cn_cookie_pack('filter_cat, filter_user', $cfilter, $ufilter);
// ----------------------------------------------------
$opts = array('source' => $source, 'archive_id' => $archive_id, 'sort' => $sort, 'dir' => $dir, 'start' => $page, 'per_page' => $per_page + 1, 'cfilter' => $cfilter, 'ufilter' => $ufilter, 'nocat' => $nocat, 'nlpros' => TRUE, 'by_date' => "{$YS}-{$MS}-{$DS}");
list($entries, $rev) = cn_get_news($opts);
// Detect next exists
if (count($entries) > $per_page) {
end($entries);
unset($entries[key($entries)]);
$has_next = TRUE;
}
$meta = array();
// Load meta-data (and userlist data)
if ($archive_id && $source == 'archive') {
$meta = db_index_meta_load("archive-{$archive_id}", TRUE);
} else {
$meta = db_index_meta_load($source, TRUE);
}
// Meta-data for draft only
$meta_draft = db_index_meta_load('draft');
$ptree = isset($meta['locs']) ? $meta['locs'] : false;
$userlist = $meta['uids'];
$nprospect = intval($rev['cpostponed']);
$ndraft = is_array($meta_draft['locs']) ? intval(array_sum($meta_draft['locs'])) : 0;
$found_rows = isset($meta['locs']) && is_array($meta['locs']) ? intval(array_sum($meta['locs'])) : 0;
$archives = count(db_get_archives());
// ---
// Decode proto tree for list news
$tree_years = array();
$tree_mons = array();
$tree_days = array();
// Is draft or active (or prospected)
if ($source !== 'archive') {
if ($ptree) {
foreach ($ptree as $nloc => $c) {
list($Y, $M, $D) = explode('-', $nloc);
if (isset($tree_years[$Y])) {
$tree_years[$Y] += $c;
} else {
$tree_years[$Y] = $c;
}
if ($Y == $YS) {
if (isset($tree_mons[$M])) {
$tree_mons[$M] += $c;
} else {
$tree_mons[$M] = $c;
}
if ($M == $MS) {
$tree_days[$D] = $c;
}
}
}
}
} else {
$found_rows = 0;
$ptree = db_get_archives();
// Archive Id exists
if ($archive_id) {
$found_rows = $ptree[$archive_id]['c'];
} else {
foreach ($ptree as $item) {
$found_rows += $item['c'];
}
$entries = array();
}
$nprospect = 0;
}
// ----------------------------------------------------
foreach ($entries as $id => $entry) {
$can = FALSE;
$nv_user = db_user_by_name($entry['u']);
// User not exists, deny, except admins
if (!$nv_user && !test('Nva')) {
$can = FALSE;
} elseif (test('Nvs', $nv_user, TRUE) || test('Nvg', $nv_user) || test('Nva')) {
$can = test_cat($entry['c']);
}
$entries[$id]['user'] = $entry['u'];
$entries[$id]['date'] = $YS ? date('M, d H:i', $id) : date('M, d Y H:i', $id);
$entries[$id]['date_full'] = date('Y M d, H:i:s', $id);
$entries[$id]['user'] = $entry['u'];
$entries[$id]['comments'] = count($entry['co']);
$entries[$id]['title'] = $entry['t'];
$entries[$id]['cats'] = spsep($entry['c']);
$entries[$id]['is_pros'] = $id > $ctime ? TRUE : FALSE;
$entries[$id]['can'] = $can;
}
// clear differs for cn_url_*
unset($_GET['add_category_filter'], $_GET['add_user_filter'], $_GET['rm_category_filter'], $_GET['rm_user_filter']);
// ------
cn_assign('sort, dir, source, per_page, entries_showed, entries_total, entries, page, userlist, category_filters, user_filters, cat_filter', $sort, $dir, $source, $per_page, count($entries), $found_rows, $entries, $page, $userlist, $cfilter, $ufilter, $cat_filter);
cn_assign('year_selected, mon_selected, day_selected, TY, TM, TD, ptree', $YS, $MS, $DS, $tree_years, $tree_mons, $tree_days, $ptree);
cn_assign('nprospect, ndraft, has_next, archives', $nprospect, $ndraft, $has_next, $archives);
echoheader('editnews@editnews/main.css', 'News list');
echo exec_tpl('editnews/list');
echofooter();
}
