/**
* Implementation of module_content()
*
* Blog content and parameters can be interpreted in several different methods
*
* - /
* No parameters. Should show (paged) all posts in the blog.
*
* - /tag/xxx
* Responds with paged posts relating to that tag.
*
* - /yyyy/mm/dd/post-name
* Retrieve the post based on the url safe-name
*
* - /id/123
* Used as permalink. Perma-redirect to current /yyyy/mm/dd/post-name url
*
* - /yyyy
* Archival retrieval of posts (no content) in the specified year
*
* - /atom
* Atom style feed for the current blog
*/
function blog_content()
{
global $ssc_database, $ssc_site_path;
$result = $ssc_database->query("SELECT name, comments, page FROM #__blog WHERE id = %d LIMIT 1", $_GET['path-id']);
if ($result && ($data = $ssc_database->fetch_assoc($result))) {
// Load display library
if (!ssc_load_library('sscText')) {
ssc_not_found();
return;
}
// Get blog settings
ssc_set_title($data['name']);
$_GET['param'] = explode("/", $_GET['param']);
$_GET['blog_comments'] = (bool) $data['comments'];
$action = array_shift($_GET['param']);
if ($action == '' || $action == 'page') {
// Show paged posts
array_unshift($_GET['param'], 'page');
if (count($_GET['param']) > 2) {
ssc_not_found();
}
return _blog_gen_post($data['page'], $_GET['path'] . '/page/', "SELECT p.id, p.title, p.created, p.urltext, u.displayname author, count(c.post_id) count, p.body, p.commentsdisabled FROM\n\t\t\t\t#__blog_post p LEFT JOIN #__user u ON u.id = p.author_id LEFT JOIN #__blog_comment c ON (post_id = p.id AND (status & %d = 0))\n\t\t\t\tWHERE blog_id = %d AND p.is_draft = 0 GROUP BY p.id ORDER BY p.created DESC", SSC_BLOG_COMMENT_SPAM, $_GET['path-id']);
} elseif ($action == 'tag') {
// Show posts for the tag
if (count($_GET['param']) == 2 || count($_GET['param']) > 3) {
ssc_not_found();
}
$tag = array_shift($_GET['param']);
if (empty($tag)) {
ssc_not_found();
}
// If to parameter for the tag, die gracefully
return _blog_gen_post($data['page'], $_GET['path'] . '/tag/' . $tag . '/page/', "SELECT p.id, p.title, p.created, p.urltext, u.displayname author, count(c.post_id) count, p.body, p.commentsdisabled FROM \n\t\t\t\t#__blog_post p LEFT JOIN #__user u ON u.id = p.author_id LEFT JOIN #__blog_comment c ON (post_id = p.id AND (status & %d = 0))\n\t\t\t\tLEFT JOIN #__blog_relation r ON r.post_id = p.id LEFT JOIN #__blog_tag t ON t.id = r.tag_id WHERE blog_id = %d AND p.is_draft = 0 AND t.tag = '%s'\n\t\t\t\tGROUP BY p.id ORDER BY p.created DESC", SSC_BLOG_COMMENT_SPAM, $_GET['path-id'], $tag);
} elseif ($action == 'id') {
// Redirect as needed
if (count($_GET['param']) != 1) {
ssc_not_found();
}
// Extra parameters
$result = $ssc_database->query("SELECT created, urltext FROM #__blog_post WHERE id = %d AND is_draft = 0 LIMIT 1", (int) array_shift($_GET['param']));
if ($data = $ssc_database->fetch_object($result)) {
ssc_redirect($_GET['path'] . date("/Y/m/d/", $data->created) . $data->urltext, 301);
return;
}
// Post ID doesn't exist - kill
ssc_not_found();
} elseif ($action == 'feed') {
// Internal redirect to atom feed
$feedPath = $ssc_site_path . '/modules/blog/atom-' . $_GET['path-id'] . '.xml';
// Check if feed exists yet
if (!file_exists($feedPath)) {
ssc_not_found();
}
// Try and read it
$rss = file_get_contents($feedPath);
// See if read success?
if ($rss === FALSE) {
ssc_not_found();
}
// Guess not - die gracefully
// Output rss
header("Content-Type: application/xml", true);
echo $rss;
// And now quit ...
ssc_close();
// ... fully
exit(0);
} elseif ($action == 'atom') {
if (count($_GET['param']) > 1) {
ssc_not_found();
}
header("Content-Type: application/atom+xml", true);
include $ssc_site_path . '/modules/blog/rss.inline.php';
ssc_close();
exit(0);
} else {
// Not those - is int?
$action = (int) $action;
// Check for bad first param
if ($action == 0) {
ssc_not_found();
return;
}
// Check if the post name exists?
if (!empty($_GET['param'][2])) {
// Retrieve post
$result = $ssc_database->query("SELECT p.id, p.title, p.created, p.urltext, p.commentsdisabled, u.displayname author, p.body FROM #__blog_post p \n\t\t\t\t\tLEFT JOIN #__user u ON u.id = p.author_id WHERE blog_id = %d AND p.is_draft = 0 AND p.urltext = '%s' \n\t\t\t\t\tLIMIT 1", $_GET['path-id'], $_GET['param'][2]);
if (!($data = $ssc_database->fetch_object($result))) {
// No post with name - kill output
ssc_not_found();
return;
}
// Don't allow any further params
if (!empty($_GET['param'][3])) {
// Unless admin, and the param is 'mark'
if (login_check_auth("blog") && $_GET['param'][3] == 'mark') {
if ($ssc_database->query("UPDATE #__blog_comment SET status = status | %d WHERE post_id = %d", SSC_BLOG_COMMENT_READ, $data->id)) {
ssc_add_message(SSC_MSG_INFO, t('Marked the comments as read'));
}
} else {
ssc_not_found();
return;
}
}
// Comments disabled flag
$comments_disabled = $data->commentsdisabled;
// Post id number
$pid = $data->id;
$out = "\n<h3>{$data->title}</h3>\n";
$out .= t("Posted !date at !time by !author\n", array('!date' => date(ssc_var_get('date_med', SSC_DATE_MED), $data->created), '!time' => date(ssc_var_get('time_short', SSC_TIME_SHORT), $data->created), '!author' => $data->author)) . '<br />';
$result = $ssc_database->query("SELECT tag FROM #__blog_relation r, #__blog_tag t WHERE r.tag_id = t.id AND r.post_id = %d ORDER BY tag ASC", $data->id);
// Retrieve list of tags for the post
if ($ssc_database->number_rows()) {
$out .= "Tagged: ";
$txt = '';
while ($dat = $ssc_database->fetch_object($result)) {
$txt .= ', ' . l($dat->tag, $_GET['path'] . '/tag/' . $dat->tag);
}
$txt = substr($txt, 2);
$out .= $txt . '<br />';
}
$out .= sscText::convert($data->body);
if ($_GET['blog_comments']) {
// Retrieve comments
$out .= '<div class="clear"></div><h3 id="comments">Comments</h3>';
// Are we admin?
$is_admin = login_check_auth("blog");
if ($is_admin) {
$result = $ssc_database->query("SELECT id, author, email, site, created, status, body FROM #__blog_comment \n\t\t\t\t\t\tWHERE post_id = %d ORDER BY created ASC", $data->id, SSC_BLOG_COMMENT_SPAM, SSC_BLOG_COMMENT_SPAM);
// Start spam/ham/commentstate form
$out .= '<form action="" method="post"><div><input type="hidden" name="form-id" value="blog_spam_ham" />';
// Show (dis-)enable comments button on posts with or without comments
if ($comments_disabled == 0) {
$sub_disable_comments = array('#value' => 'Disable Comments', '#type' => 'submit', '#name' => "disable_comments[{$pid}]");
} else {
$sub_disable_comments = array('#value' => 'Enable Comments', '#type' => 'submit', '#name' => "enable_comments[{$pid}]");
}
// Render button
$out .= theme_render_input($sub_disable_comments);
} else {
$result = $ssc_database->query("SELECT author, email, site, created, body FROM #__blog_comment \n\t\t\t\t\t\tWHERE post_id = %d AND status & %d = 0 ORDER BY created ASC", $data->id, SSC_BLOG_COMMENT_SPAM);
}
if (!$result || $ssc_database->number_rows($result) == 0) {
// Bad SQL
$out .= t('There are no comments posted yet.');
} else {
// Admin user - show spam/ham/commentstate options
if ($is_admin) {
// For each comment, show it, it's visible state, and possible options
while ($data = $ssc_database->fetch_object($result)) {
$status = $data->status;
$out .= "<div class='" . ($status & SSC_BLOG_COMMENT_SPAM ? "blog-spam-icon" : "blog-notspam-icon") . "'><p>" . nl2br(check_plain($data->body)) . "</p><p>";
$out .= t("Posted !date at !time by !author\n", array('!date' => date(ssc_var_get('date_med', SSC_DATE_MED), $data->created), '!time' => date(ssc_var_get('time_short', SSC_TIME_SHORT), $data->created), '!author' => empty($data->site) ? check_plain($data->author) : l(check_plain($data->author), $data->site))) . '</p>';
$sub_hide = array('#value' => 'Hide comment', '#type' => 'submit');
$sub_show = array('#value' => 'Show comment', '#type' => 'submit');
$sub_spam = array('#value' => 'Mark spam', '#type' => 'submit');
$sub_ham = array('#value' => 'Unmark spam', '#type' => 'submit');
// If tree for actions
if ($status & SSC_BLOG_COMMENT_CAN_SPAM) {
// Hasn't been re-submitted yet
if ($status & SSC_BLOG_COMMENT_SPAM) {
// Was marked as spam
$sub_ham['#name'] = "ham[{$data->id}]";
$out .= theme_render_input($sub_ham);
$sub_show['#name'] = "show[{$data->id}]";
$out .= theme_render_input($sub_show);
} else {
// Was not marked spam
$sub_spam['#name'] = "spam[{$data->id}]";
$out .= theme_render_input($sub_spam);
$sub_hide['#name'] = "hide[{$data->id}]";
$out .= theme_render_input($sub_hide);
}
} else {
// Has already been resubmitted
if ($status & SSC_BLOG_COMMENT_SPAM) {
// Currently spam/hidden
$sub_show['#name'] = "show[{$data->id}]";
$out .= theme_render_input($sub_show);
} else {
// Marked as normal currently
$sub_hide['#name'] = "hide[{$data->id}]";
$out .= theme_render_input($sub_hide);
}
}
$out .= '</div><hr />';
}
} else {
// Just show comments
while ($data = $ssc_database->fetch_object($result)) {
//$out .= "<div class='gravatar' style='background-image: url(\""._blog_gravatar_get_url($data->email)."\");'>";
$out .= '<p>' . nl2br(check_plain($data->body)) . '</p><p>';
$out .= t("Posted !date at !time by !author\n", array('!date' => date(ssc_var_get('date_med', SSC_DATE_MED), $data->created), '!time' => date(ssc_var_get('time_short', SSC_TIME_SHORT), $data->created), '!author' => empty($data->site) ? $data->author : l($data->author, $data->site))) . '</p><hr />';
//'</p></div><hr />';
}
}
}
// End admin form
if ($is_admin) {
$out .= '</div></form>';
}
if ($comments_disabled == 0 || $is_admin) {
$out .= ssc_generate_form('blog_guest_comment', $pid);
} else {
$out .= '<br />' . t("Sorry, commenting has been closed on this post.");
}
}
return $out;
} elseif (isset($_GET['param'][0])) {
// First param set not expecting anything - kill page
ssc_not_found();
return;
} else {
// Yearly archive
return _blog_gen_post(10000, $_GET['path'] . '/page/', "SELECT p.id, p.title, p.created, p.urltext, u.displayname author, count(c.post_id) count, p.commentsdisabled FROM \n\t\t\t\t\t#__blog_post p LEFT JOIN #__blog_comment c ON (post_id = p.id AND (c.status & %d = 0)) LEFT JOIN #__user u ON u.id = p.author_id \n\t\t\t\t\tWHERE blog_id = %d AND p.created >= %d AND p.created < %d AND p.is_draft = 0 GROUP BY p.id ORDER BY p.created DESC", SSC_BLOG_COMMENT_SPAM, $_GET['path-id'], mktime(0, 0, 0, 1, 1, $action), mktime(0, 0, 0, 1, 0, $action + 1));
}
}
}
// Find content
ssc_not_found();
}
*/
define("_SSC_DEBUG", 0);
$ssc_execute_time = microtime(true);
error_reporting(E_ALL);
// App startup
include './includes/core.inc.php';
// We don't need the front-end initialized for ajax requests
if (isset($_GET['ajax']) && $_GET['ajax'] == 'y') {
ssc_init(SSC_INIT_EXTENSION);
header("Content-type: application/x-javascript; charset=utf-8", true);
// Hook in form validation as a core function
if (isset($_GET['core']) && $_GET['core'] == 'val-form') {
// Check the form target exists
if (!isset($_GET['form'])) {
exit;
}
$target = str_replace("-", "_", $_GET['form']);
if (function_exists($target)) {
echo json_encode($target());
}
} else {
echo ssc_execute();
}
} else {
ssc_init(SSC_INIT_FULL);
$page = ssc_execute();
theme_render($page);
}
// Clean up
ssc_close();
/**
* Called to redirect the current page
*/
function ssc_redirect($path = '', $response_code = 302)
{
global $ssc_site_url;
ssc_close();
header("Location: {$ssc_site_url}{$path}", true, $response_code);
exit;
}
