function testEditNews() { // Test the forum edits edit_news($id = $this->news_id, $title = "Politics", $news = "teheyehehj ", $author = "rolly", $validated = 1, $allow_rating = 1, $allow_comments = 1, $allow_trackbacks = 1, $notes = "yedd", $news_article = "test article 22222222", $main_news_category = 5, $news_category = NULL, $meta_keywords = "", $meta_description = "", $image = ""); // Test the forum was actually created $this->assertTrue('Politics' == get_translated_text($GLOBALS['SITE_DB']->query_value('news', 'title ', array('id' => $this->news_id)))); }
//проверяем были ли переданы данные из формы if (add_news()) { redirect('?view=news'); } else { redirect(); } //иначе редирект на эту же стр, откуда пришли } break; case 'edit_news': //редактирование новости $news_id = (int) $_GET['news_id']; $get_news = get_news($news_id); if ($_POST) { //проверяем были ли переданы данные из формы if (edit_news($news_id)) { redirect('?view=news'); } else { redirect(); } //иначе редирект на эту же стр, откуда пришли } break; case 'del_news': $news_id = (int) $_GET['news_id']; del_news($news_id); redirect(); break; case 'add_informer': //добавление информера if ($_POST) {
function route($action) { global $html_main_content, $title; show_err(); switch ($action) { case '': main(); break; case 'user_show': $title = print_lg('Show all users', $_SESSION['lang']); user_show(); break; case 'user_info': $title = print_lg('User info', $_SESSION['lang']); user_info(); break; case 'show_news': show_news(); break; case 'logout': logout(); break; case 'add_news': $title = print_lg('Add news', $_SESSION['lang']); add_news(); break; case 'registration': $title = print_lg('Registration', $_SESSION['lang']); registration(); break; case 'delete_news': delete_news(); break; case 'edit_news': $title = print_lg('Edit news', $_SESSION['lang']); edit_news(); break; case 'pages': main(); break; case 'profileview': $title = print_lg('You information', $_SESSION['lang']); profileview(); break; case 'delete_user': delete_user(); break; case 'user_delete': user_delete(); break; case 'user_edit': $title = print_lg('Edit user', $_SESSION['lang']); user_edit(); break; case 'edit_language': $title = print_lg('Edit language', $_SESSION['lang']); edit_language(); break; case 'delete_comments': delete_comments(); break; case 'delete_vote': delete_vote(); break; default: $html_main_content .= print_lg('Page not found', $_SESSION['lang']); break; } }
protected function main() { // Seuls les membres peuvent créer des brouillons if (!is_logged_in()) { redir(Nw::$lang['common']['need_login'], false, 'users-10.html'); } // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id'])) { header('Location: news-70.html'); } inc_lib('news/news_exists'); $count_news_existe = news_exists($_GET['id']); if ($count_news_existe == 0) { redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html'); } inc_lib('news/get_info_news'); $donnees_news = get_info_news($_GET['id']); // Ce membre a le droit d'éditer la news ? inc_lib('news/can_edit_news'); if (!can_edit_news($donnees_news['n_id_auteur'], $donnees_news['n_etat'])) { redir(Nw::$lang['news']['not_edit_news_perm'], false, 'news-70.html'); } // Est-ce que le membre peut éditer le titre, la catégorie et les tags de la news ? inc_lib('news/can_edit_news_related'); $edit_related = can_edit_news_related($donnees_news['n_id_auteur'], $donnees_news['n_etat']); $edition_grilled = false; $this->set_title(sprintf(Nw::$lang['news']['title_edit_news'], $donnees_news['n_titre'])); $this->set_tpl('news/edit_news.html'); $this->add_css('forms.css'); $this->add_css('code.css'); $this->add_js('write.js'); $this->add_form('contenu'); // Pour rediriger le visiteur d'où il est venu if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'news-60-' . $_GET['id'] . '.html') === false) { $_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER']; } $link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : 'news-60-' . intval($_GET['id']) . '.html'; // Fil ariane $this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['edit_fil_ariane'] => array(''))); $array_status = array(3 => Nw::$lang['news']['etat_news_3'], 2 => Nw::$lang['news']['etat_news_2'], 1 => Nw::$lang['news']['etat_news_1'], 0 => Nw::$lang['news']['etat_news_0']); $list_src = array(); $list_src_url = array(); $position = 0; if ($donnees_news['n_nb_src'] > 0) { inc_lib('news/get_list_src'); $donnees_src = get_list_src($_GET['id']); foreach ($donnees_src as $donnees) { ++$position; $list_src[$position] = $donnees['src_media']; $list_src_url[$position] = $donnees['src_url']; Nw::$tpl->setBlock('src', array('ID' => $position)); } } Nw::$tpl->set(array('ID' => $_GET['id'], 'TITRE' => $donnees_news['n_titre'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'CAT_REWRITE' => $donnees_news['c_rewrite'], 'ID_CAT' => $donnees_news['n_id_cat'], 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'LINK_NB_CONTRIB' => sprintf(Nw::$lang['news']['edit_nb_contrib'], $donnees_news['n_nb_versions']), 'LAST_VERSION' => $donnees_news['n_last_version'], 'BAL_CHAMP' => 'contenu', 'ETAT_ACTUEL' => $donnees_news['n_etat'], 'ETATS_NEWS' => $array_status, 'EDIT_RELATED' => $edit_related, 'MOD_STATUS' => Nw::$droits['mod_news_status'], 'GRILLED' => false, 'MAX_SRC' => $position == 0 ? $position + 1 : $position)); // Formulaire soumis if (isset($_POST['submit'])) { $array_post = array('titre_news' => $_POST['titre_news'], 'cat' => isset($_POST['cat']) ? $_POST['cat'] : 0, 'contenu' => $_POST['contenu'], 'tags' => isset($_POST['tags']) ? $_POST['tags'] : '', 'private_news' => isset($_POST['private_news']), 'sources' => isset($_POST['sources']) ? $_POST['sources'] : '', 'sources_nom' => isset($_POST['sources_nom']) ? $_POST['sources_nom'] : ''); $var_titre = trim($_POST['titre_news']); $var_content = trim($_POST['contenu']); // Les champs titre & contenu & source ne sont pas vides if ($edit_related && !multi_empty($var_titre, $var_content) || !$edit_related && !empty($var_content)) { // On édite la news inc_lib('news/count_anti_grille'); inc_lib('news/edit_news'); $anti_grille = count_anti_grille($_GET['id'], $_POST['last_version']); if ($anti_grille['count']) { inc_lib('bbcode/parse'); inc_lib('bbcode/unparse'); inc_lib('news/get_info_vrs'); $output_compare = ''; $dn_vrs_grilled = get_info_vrs($donnees_news['n_last_version']); $news_vrs1 = $dn_vrs_grilled['v_texte']; $news_vrs2 = parse($_POST['contenu']); function clean_cache_file($content) { $content = explode("\r", trim($content)); $array_return = array(); foreach ($content as $texte_trim) { if (strlen(trim($texte_trim)) > 0) { $array_return[] = trim($texte_trim); } } return $array_return; } include_once 'Text/Diff.php'; include_once 'Text/Diff/Renderer/unified.php'; $lines1 = clean_cache_file(unparse($news_vrs1, 0)); $lines2 = clean_cache_file(unparse($news_vrs2, 0)); $diff = new Text_Diff($lines1, $lines2); $renderer = new Text_Diff_Renderer_unified(); $array_compare = explode("\n", $renderer->render($diff)); foreach ($array_compare as $donnees) { $first_cararacter = ''; $style_line = ''; if (isset($donnees[0]) && in_array($donnees[0], array('-', '+'))) { if ($donnees[0] == '-') { $style_line = ' style="background-color: #ffcccc;"'; } elseif ($donnees[0] == '+') { $style_line = ' style="background-color: #ccffcc;"'; } $first_cararacter = $donnees[0]; $ligne_changee = substr($donnees, 1); } else { $ligne_changee = $donnees; } if (!in_array(substr($donnees, 0, 2), array('@@')) && strlen(trim($ligne_changee)) > 0) { $output_compare .= '<tr> <td class="line_statut">' . $first_cararacter . '</td> <td' . $style_line . '>' . trim($ligne_changee) . '</td> </tr>'; } } display_form($array_post); Nw::$tpl->set(array('GRILLED' => true, 'COMPARAISON' => $output_compare, 'TEXTE_GRILLED' => sprintf(Nw::$lang['news']['mbr_grilled_edit'], $dn_vrs_grilled['u_alias'], $dn_vrs_grilled['u_pseudo']))); } else { edit_news($_GET['id'], $edit_related); redir(Nw::$lang['news']['msg_news_edit'], true, $link_redir); } } else { display_form($array_post, Nw::$lang['news']['title_content_oblig']); } return; } // Si l'auteur veut supprimer la news if (isset($_GET['imgdel']) && is_numeric($_GET['imgdel']) && $edit_related) { inc_lib('news/delete_img_news'); delete_img_news($_GET['imgdel'], $_GET['id']); redir(Nw::$lang['news']['msg_image_delete'], true, 'news-60-' . $_GET['id'] . '.html'); } // Catégories de news foreach (Nw::$cache_categories as $idcs => $donnees_categorie) { Nw::$tpl->setBlock('cats_news', array('ID' => $idcs, 'TITRE' => $donnees_categorie[0])); } inc_lib('news/get_list_tags_news'); $list_tags = get_list_tags_news(0, $_GET['id']); $list_tags_html = ''; foreach ($list_tags as $dn_tags) { $list_tags_html .= $dn_tags['t_tag'] . ', '; } // On affiche le template inc_lib('bbcode/unparse'); display_form(array('titre_news' => $donnees_news['n_titre'], 'cat' => 0, 'contenu' => unparse($donnees_news['v_texte']), 'tags' => substr($list_tags_html, 0, -2), 'private_news' => $donnees_news['n_private'], 'sources' => $list_src_url, 'sources_nom' => $list_src)); }
/** * Standard aed_module edit actualiser. * * @param ID_TEXT The entry being edited */ function edit_actualisation($_id) { $id = intval($_id); $validated = post_param_integer('validated', fractional_edit() ? INTEGER_MAGIC_NULL : 0); $news_article = post_param('post', STRING_MAGIC_NULL); if (post_param('main_news_category') != 'personal') { $main_news_category = post_param_integer('main_news_category', INTEGER_MAGIC_NULL); } else { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } $news_category = array(); if (array_key_exists('news_category', $_POST)) { foreach ($_POST['news_category'] as $val) { $news_category[] = intval($val); } } $allow_rating = post_param_integer('allow_rating', fractional_edit() ? INTEGER_MAGIC_NULL : 0); $allow_comments = post_param_integer('allow_comments', fractional_edit() ? INTEGER_MAGIC_NULL : 0); $allow_trackbacks = post_param_integer('allow_trackbacks', fractional_edit() ? INTEGER_MAGIC_NULL : 0); $notes = post_param('notes', STRING_MAGIC_NULL); $this->donext_type = $main_news_category; if (!fractional_edit()) { $urls = get_url('', 'file', 'uploads/grepimages', 0, OCP_UPLOAD_IMAGE); $url = $urls[0]; if ($url != '' && function_exists('imagecreatefromstring')) { convert_image(get_base_url() . '/' . $url, get_file_base() . '/uploads/grepimages/' . basename(rawurldecode($url)), -1, -1, intval(get_option('thumb_width')), true, NULL, false, true); } if ($url == '' && post_param_integer('file_unlink', 0) != 1) { $url = NULL; } } else { $url = STRING_MAGIC_NULL; } $owner = $GLOBALS['SITE_DB']->query_value_null_ok('news_categories', 'nc_owner', array('id' => $main_news_category)); // null_ok in case somehow category setting corrupted if (!is_null($owner) && $owner != get_member()) { check_specific_permission('can_submit_to_others_categories', array('news', $main_news_category), NULL, 'cms_news'); } $schedule = get_input_date('schedule'); $add_time = is_null($schedule) ? mixed() : $schedule; if (addon_installed('calendar') && has_specific_permission(get_member(), 'scheduled_publication_times')) { require_code('calendar2'); $schedule_code = ':$GLOBALS[\'SITE_DB\']->query_update(\'news\',array(\'date_and_time\'=>$GLOBALS[\'event_timestamp\'],\'validated\'=>1),array(\'id\'=>' . strval($id) . '),\'\',1);'; $past_event = $GLOBALS['SITE_DB']->query_value_null_ok('calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'translate t ON e.e_content=t.id', 'e.id', array('text_original' => $schedule_code)); require_code('calendar'); if (!is_null($past_event)) { delete_calendar_event($past_event); } if (!is_null($schedule) && $schedule > time()) { $validated = 0; $start_year = post_param_integer('schedule_year'); $start_month = post_param_integer('schedule_month'); $start_day = post_param_integer('schedule_day'); $start_hour = post_param_integer('schedule_hour'); $start_minute = post_param_integer('schedule_minute'); $event_id = add_calendar_event(db_get_first_id(), 'none', NULL, 0, do_lang('PUBLISH_NEWS', 0, post_param('title')), $schedule_code, 3, 0, $start_year, $start_month, $start_day, $start_hour, $start_minute); regenerate_event_reminder_jobs($event_id, true); } } $title = post_param('title', STRING_MAGIC_NULL); if ($validated == 1 && $main_news_category != INTEGER_MAGIC_NULL && $GLOBALS['SITE_DB']->query_value('news', 'validated', array('id' => intval($id))) == 0) { $is_blog = true; $submitter = $GLOBALS['SITE_DB']->query_value('news', 'submitter', array('id' => $id)); $activity_title = $is_blog ? 'news:ACTIVITY_ADD_NEWS_BLOG' : 'news:ACTIVITY_ADD_NEWS'; $activity_title_validate = $is_blog ? 'news:ACTIVITY_VALIDATE_NEWS_BLOG' : 'news:ACTIVITY_VALIDATE_NEWS'; if (has_actual_page_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), 'news')) { // NB: no category permission check, as syndication choice was explicit, and news categorisation is a bit more complex syndicate_described_activity($submitter != get_member() ? $activity_title_validate : $activity_title, $title, '', '', '_SEARCH:news:view:' . strval($id), '', '', 'news', 1, NULL, true); } } edit_news(intval($id), $title, post_param('news', STRING_MAGIC_NULL), post_param('author', STRING_MAGIC_NULL), $validated, $allow_rating, $allow_comments, $allow_trackbacks, $notes, $news_article, $main_news_category, $news_category, post_param('meta_keywords', STRING_MAGIC_NULL), post_param('meta_description', STRING_MAGIC_NULL), $url, $add_time); }
function projectDispatch($op) { switch ($op) { case "project": project(); break; case "addprj": addprj(); break; case "addprj_now": if (!isset($_POST["undo"])) { addprj_now(); } else { project(); } break; case "showprj": show_prj(); break; case "manprjadmin": manprjadmin(); break; case "update_admins": update_admins(); break; case "prjadditem": if (isset($_POST["undo"])) { Util::jump_to("index.php?modname=project&op=showprj&id=" . $_GET["id"]); } else { if ($_GET["type"] == "news") { edit_news("new"); } if ($_GET["type"] == "todo") { edit_todo("new"); } if ($_GET["type"] == "task") { edit_tasks("new"); } if ($_GET["type"] == "file") { edit_files("new"); } } break; case "prjedititem": if (isset($_POST["undo"])) { Util::jump_to("index.php?modname=project&op=showprj&id=" . $_GET["id"]); } else { if ($_GET["type"] == "news") { edit_news(); } if ($_GET["type"] == "todo") { edit_todo(); } if ($_GET["type"] == "task") { edit_tasks(); } if ($_GET["type"] == "file") { edit_files(); } } break; case "prjdelitem": del_item(); break; case "prjsendmsg": send_msg(); break; case "prjreadmsg": read_msg(); break; case "modprj": if ($_GET["id"] == 0) { sel_prj("modprj"); } else { if (!isset($_POST["undo"])) { mod_prj($_GET["id"]); } else { project(); } } break; case "delprj": if ($_GET["id"] == 0) { sel_prj("delprj"); } else { del_prj(); } break; case "prjreaditem": read_item(); break; case "editprogtot": edit_progtot(); break; case "download": require_once _base_ . '/lib/lib.download.php'; $id = importVar('id', true, 0); $type = importVar('type'); $can_view = checkPerm('view', true); switch ($type) { case "file": $query = sql_query("SELECT * FROM " . $GLOBALS["prefix_lms"] . "_prj_msg WHERE pid='{$id}' {$filter} ORDER BY {$oby} {$ord}, id DESC;"); list($pid, $fname, $ftitle) = sql_fetch_row(sql_query("\r\n\t\t\t\t\tSELECT pid, fname, ftitle\r\n\t\t\t\t\tFROM " . $GLOBALS["prefix_lms"] . "_prj_files\r\n\t\t\t\t\tWHERE id = '{$id}'")); $myprj = user_projects(Docebo::user()->getIdSt()); if ($can_view && in_array($pid, $myprj)) { $expFileName = explode('.', $fname); $totPart = count($expFileName) - 1; sendFile(_FPATH_INTERNAL, $fname, $expFileName[$totPart], $ftitle); } else { die('You can\'t access'); } break; } break; } }
$page[0] = trim($tmppage[0]); $pageparam = trim($tmppage[1]); } else { $pageparam = null; } $limit = get_number_limit($pageparam, 1, $CONFIG['quote_list_limit']); switch ($page[0]) { case 'add': if (isset($CONFIG['login_required']) && $CONFIG['login_required'] == 1 && !isset($_SESSION['logged_in'])) { break; } add_quote($page[1]); break; case 'edit_news': if (isset($_SESSION['logged_in']) && $_SESSION['level'] <= USER_ADMIN) { edit_news($page[1], $page[2]); } break; case 'add_news': if (isset($_SESSION['logged_in']) && $_SESSION['level'] <= USER_ADMIN) { add_news($page[1]); } break; case 'add_user': if (isset($_SESSION['logged_in']) && $_SESSION['level'] <= USER_SUPERUSER) { add_user($page[1]); } break; case 'register': if (isset($CONFIG['login_required']) && $CONFIG['login_required'] == 1) { register_user($page[1]);