function mw_post_form($edit = 0) { global $xoopsConfig, $xoopsUser, $xoopsSecurity; if (!$xoopsUser) { redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords')); die; } // Check if user is a editor $author = new MWEditor(); if (!$author->from_user($xoopsUser->uid()) && !$xoopsUser->isAdmin()) { redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords')); die; } RMTemplate::get()->add_script(RMCURL . '/include/js/jquery.min.js'); RMTemplate::get()->add_script(RMCURL . '/include/js/jquery-ui.min.js'); if ($edit) { $id = rmc_server_var($_GET, 'id', 0); if ($id <= 0) { redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1); die; } $post = new MWPost($id); if ($post->isNew()) { redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1); die; } // Check if user is the admin or a editor of this this post if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) { redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords')); die; } } // Read privileges $perms = @$author->getVar('privileges'); $perms = is_array($perms) ? $perms : array(); $allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false; $xoopsOption['module_subpage'] = 'submit'; include 'header.php'; $form = new RMForm('', '', ''); $editor = new RMFormEditor('', 'content', '99%', '300px', $edit ? $post->getVar('content') : ''); $meta_names = MWFunctions::get()->get_metas(); RMTemplate::get()->add_xoops_style('submit.css', 'mywords'); RMTemplate::get()->add_script(XOOPS_URL . '/modules/mywords/include/js/scripts.php?file=posts.js&front=1'); include RMTemplate::get()->get_template('mywords_submit_form.php', 'module', 'mywords'); include 'footer.php'; }
/** * Agregamos nuevos editores a la base de datos */ function save_editor($edit = false) { global $xoopsConfig, $xoopsSecurity; $page = rmc_server_var($_POST, 'page', 1); if (!$xoopsSecurity->check()) { redirectMsg('editors.php?page=' . $page, __('Operation not allowed!', 'mywords'), 1); die; } if ($edit) { $id = rmc_server_var($_POST, 'id', 0); if ($id <= 0) { redirectMsg('editors.php?page=' . $page, __('Editor ID has not been provided!', 'mywords'), 1); die; } $editor = new MWEditor($id); if ($editor->isNew()) { redirectMsg('editors.php?page=' . $page, __('Editor has not been found!', 'mywords'), 1); die; } } else { $editor = new MWEditor(); } $name = rmc_server_var($_POST, 'name', ''); $bio = rmc_server_var($_POST, 'bio', ''); $uid = rmc_server_var($_POST, 'new_user', 0); $perms = rmc_server_var($_POST, 'perms', array()); $short = rmc_server_var($_POST, 'short', ''); if (trim($name) == '') { redirectMsg('editors.php?page=' . $page, __('You must provide a display name for this editor!', 'mywords'), 1); die; } if ($uid <= 0) { redirectMsg('editors.php?page=' . $page, __('You must specify a registered user ID for this editor!', 'mywords'), 1); die; } // Check if XoopsUser is already register $db = XoopsDatabaseFactory::getDatabaseConnection(); $sql = "SELECT COUNT(*) FROM " . $db->prefix("mw_editors") . " WHERE uid={$uid}"; if ($edit) { $sql .= " AND id_editor<>" . $editor->id(); } list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg('editors.php?page=' . $page, __('This user has been registered as editor before.', 'mywords'), 1); die; } $editor->setVar('name', $name); $editor->setVar('shortname', TextCleaner::sweetstring($short != '' ? $short : $name)); $editor->setVar('bio', $bio); $editor->setVar('uid', $uid); $editor->setVar('privileges', $perms); if (!$editor->save()) { redirectMsg('editors.php?page=' . $page, __('Errors occurs while trying to save editor data', 'mywords') . '<br />' . $editor->errors(), 1); die; } else { redirectMsg('editors.php?page=' . $page, __('Database updated succesfully!', 'mywords'), 0); die; } }
} $pendings = array(); $result = $db->query("SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE status='waiting' ORDER BY id_post DESC LIMIT 0,8"); while ($row = $db->fetchArray($result)) { $post = new MWPost(); $post->assignVars($row); $pendings[] = $post; } // Editors $sql = "SELECT *, (SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_posts") . " WHERE author=id_editor) as counter FROM " . $db->prefix("mod_mywords_editors") . " ORDER BY counter DESC LIMIT 0, 5"; $result = $db->query($sql); $editors = array(); while ($row = $db->fetchArray($result)) { $editor = new MWEditor(); $editor->assignVars($row); $editors[] = array('id' => $editor->id(), 'name' => $editor->getVar('name'), 'link' => $editor->permalink(), 'total' => $row['counter']); } unset($editor, $result, $sql); // URL rewriting $rule = "RewriteRule ^" . trim($xoopsModuleConfig['basepath'], '/') . "/?(.*)\$ modules/mywords/index.php [L]"; if ($xoopsModuleConfig['permalinks'] > 1) { $ht = new RMHtaccess('mywords'); $htResult = $ht->write($rule); if ($htResult !== true) { showMessage(__('An error ocurred while trying to write .htaccess file!', 'mywords'), RMMSG_ERROR); } } else { $ht = new RMHtaccess('mywords'); $ht->removeRule(); $ht->write(); }
} RMTemplate::get()->add_jquery(); $edit = isset($edit) ? $edit : 0; if ($edit > 0) { $id = $edit; if ($id <= 0) { redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1); die; } $post = new MWPost($id); if ($post->isNew()) { redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1); die; } // Check if user is the admin or a editor of this this post if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) { redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords')); die; } } else { $post = new MWPost(); } // Read privileges $perms = @$author->getVar('privileges'); $perms = is_array($perms) ? $perms : array(); $allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false; $allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false; $xoopsOption['module_subpage'] = 'submit'; include 'header.php';
if ($editor->isNew() && !$xoopsUser->isAdmin()) { $status = 'pending'; } else { if ($xoopsUser->isAdmin()) { $status = $status; } elseif ($mc->approve && $editor->active) { $status = $status; } else { $status = 'pending'; } } $post->setVar('status', $status); $post->setVar('visibility', $visibility); $post->setVar('schedule', $schedule); $post->setVar('password', $vis_password); $post->setVar('author', $editor->id()); $post->setVar('comstatus', isset($comstatus) ? $comstatus : 0); $post->setVar('pingstatus', isset($pingstatus) ? $pingstatus : 0); $post->setVar('authorname', $editor->name != '' ? $editor->name : $editor->shortname); $post->setVar('image', $image); $post->setVar('format', $format); // SEO $post->setVar('description', $description); $post->setVar('keywords', $keywords); $post->setVar('customtitle', $seotitle); if ($edit) { $post->setVar('modified', time()); } if ($post->isNew()) { $post->setVar('created', time()); }
/** * Funciones para el control de lecturas */ public function add_read() { global $xoopsUser; $editor = new MWEditor($this->getVar('author')); if ($xoopsUser && $editor->id() == $xoopsUser->uid()) { return; } $this->setVar('reads', $this->getVar('reads') + 1); $this->db->queryF("UPDATE " . $this->db->prefix("mw_posts") . " SET `reads`='" . $this->getVar('reads') . "' \n\t\t\t\tWHERE id_post='" . $this->id() . "'"); }
$editor = new MWEditor(); $editor->from_user($author); if ($editor->isNew() && !$xoopsUser->isAdmin()) { return_error(__('You are not allowed to do this action!', 'mywords'), false, MW_URL); } if ($op == 'saveedit') { if (!isset($id) || $id <= 0) { return_error(__('You must provide a valid post ID', 'mywords'), 0, 'posts.php'); die; } $post = new MWPost($id); if ($post->isNew()) { return_error(__('You must provide an existing post ID', 'mywords'), 0, 'posts.php'); die; } if (!$editor->id() == $post->getVar('author') && !$xoopsUser->isAdmin()) { return_error(__('You are not allowed to do this action!', 'mywords'), false, MW_URL); } $query = 'op=edit&id=' . $id; $edit = true; } else { $query = 'op=new'; $post = new MWPost(); $edit = false; } /** * @todo Insert code to verify token */ // Verify title if ($title == '') { return_error(__('You must provide a title for this post', 'mywords'), true);
$xoopsOption['module_subpage'] = 'author'; include 'header.php'; if (!is_numeric($editor)) { $sql = "SELECT id_editor FROM " . $db->prefix("mod_mywords_editors") . " WHERE shortname='{$editor}'"; list($editor) = $db->fetchRow($db->query($sql)); if ($editor == '') { $editor = 0; } } $ed = new MWEditor($editor); if ($ed->isNew()) { $params = array('page' => 'author'); RMFunctions::error_404(__('Sorry, we don\'t know this editor', 'admin_mywords'), 'mywords', $params); die; } $xoopsTpl->assign('editor', array('id' => $ed->id(), 'uid' => $ed->uid, 'name' => $ed->name, 'email' => $ed->data('email'), 'uname' => $ed->uname)); $page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 0; if ($page <= 0) { $path = explode("/", $request); $srh = array_search('page', $path); if (isset($path[$srh]) && $path[$srh] == 'page') { if (!isset($path[$srh])) { $page = 0; } else { $page = $path[$srh + 1]; } } } $request = substr($request, 0, strpos($request, 'page') > 0 ? strpos($request, 'page') - 1 : strlen($request)); /** * Paginamos los resultados
} $xoopsTpl->assign('shownav', $xoopsModuleConfig['shownav']); if ($xoopsUser && ($xoopsUser->isAdmin() || $editor->getVar('uid') == $xoopsUser->uid())) { $editLink = XOOPS_URL . '/modules/mywords/admin/posts.php?op=edit&id=' . $post->id(); $xoopsTpl->assign('can_edit', true); $xoopsTpl->assign('edit_link', $editLink); unset($editLink); } $xoopsTpl->assign('lang_reads', sprintf(__('%u views', 'mywords'), $post->getVar('reads'))); // Post pages $total_pages = $post->total_pages(); $nav = new RMPageNav($total_pages, 1, $page, 5); $nav->target_url($post->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}')); $xoopsTpl->assign('post_navbar', $nav->render(true)); // Post data $post_arr = array('id' => $post->id(), 'title' => $post->getVar('title'), 'published' => sprintf(__('%s by %s', 'mywords'), MWFunctions::format_time($post->getVar('pubdate')) . ' ' . date('H:i', $post->getVar('pubdate')), '<a href="' . $editor->permalink() . '">' . (isset($editor) ? $editor->getVar('name') : __('Anonymous', 'mywords')) . "</a>"), 'text' => $post->content(false, $page), 'cats' => $post->get_categos('data'), 'tags' => $post->tags(false), 'trackback' => $post->getVar('pingstatus') ? MWFunctions::get_url(true) . $post->id() : '', 'meta' => $post->get_meta('', false), 'time' => $post->getVar('pubdate'), 'image' => $post->image(), 'video' => $post->video, 'player' => $post->video != '' ? $post->video_player() : '', 'author' => array('name' => $editor->getVar('name') != '' ? $editor->name : $editor->shortname, 'id' => $editor->id(), 'link' => $editor->permalink(), 'bio' => $editor->getVar('bio'), 'email' => $editor->data('email'), 'uid' => $editor->uid, 'url' => $editor->data('url')), 'alink' => $editor->permalink(), 'format' => $post->format, 'comments' => $post->comments, 'comments_enabled' => $post->comstatus); $xoopsTpl->assign('full_post', 1); $xoopsTpl->assign('lang_editpost', __('Edit Post', 'mywords')); $xoopsTpl->assign('lang_postedin', __('Posted in:', 'mywords')); $xoopsTpl->assign('lang_taggedas', __('Tagged as:', 'mywords')); $xoopsTpl->assign('enable_images', $xoopsModuleConfig['list_post_imgs']); // Plugins? $post_arr = RMEvents::get()->run_event('mywords.view.post', $post_arr, $post); $xoopsTpl->assign('post', $post_arr); // Related posts if ($xoopsModuleConfig['related']) { $rtags = $post->tags(); $tt = array(); foreach ($rtags as $tag) { $tt[] = $tag['id_tag']; }