/**
* @param $version
* @param $input
* @return null|ControlPacket
*/
public static function getByMessage($version, $input)
{
$message = null;
if (empty($input)) {
throw new \InvalidArgumentException();
}
$packetControlType = ord($input[0]) >> 4;
switch ($packetControlType) {
case ConnectionAck::getControlPacketType():
$message = new ConnectionAck($version, $input);
break;
case PingResponse::getControlPacketType():
$message = new PingResponse($version, $input);
break;
case SubscribeAck::getControlPacketType():
$message = new SubscribeAck($version, $input);
break;
case Publish::getControlPacketType():
$message = Publish::parse($version, $input);
break;
case PublishComplete::getControlPacketType():
$message = PublishComplete::parse($version, $input);
break;
case PublishRelease::getControlPacketType():
$message = PublishRelease::parse($version, $input);
break;
case PublishReceived::getControlPacketType():
$message = PublishReceived::parse($version, $input);
break;
default:
throw new \InvalidArgumentException('got message with control packet type ' . $packetControlType);
}
return $message;
}
function execute()
{
global $wgUser, $wgOut, $wgVoteDirectory, $wgCommentsDirectory, $IP;
require_once "{$wgVoteDirectory}/VoteClass.php";
require_once "{$wgVoteDirectory}/Publish.php";
require_once "{$wgVoteDirectory}/RSS.php";
require_once "{$wgCommentsDirectory}/CommentClass.php";
if ($_POST["mk"] == md5($_POST["pid"] . 'pants' . $wgUser->mName)) {
require_once "{$IP}/extensions/UserStats/UserStatsClass.php";
$stats = new UserStatsTrack(1, $wgUser->mId, $wgUser->mName);
if (($_GET["Action"] == 1 || $_GET["Action"] == 2) && is_numeric($_POST["pid"]) && (is_numeric($_POST["TheVote"]) || $_GET["Action"] == 2)) {
//echo 'test2';
$Vote = new Vote($_POST["pid"]);
$Vote->setUser($wgUser->mName, $wgUser->mId);
if ($_GET["Action"] == 1) {
$Vote->insert($_POST["TheVote"]);
$stats->incVoteCount();
} else {
$Vote->delete();
}
$CommentList = new Comment($_POST["pid"]);
$publish = new Publish();
$publish->PageID = $_POST["pid"];
$publish->VoteCount = $Vote->count(1);
$publish->CommentCount = $CommentList->count();
$publish->check_score();
echo $Vote->count(1);
}
if ($_GET["Action"] == 3) {
$Vote = new VoteStars($_POST["pid"]);
$Vote->setUser($wgUser->mName, $wgUser->mId);
$Vote->insert($_POST["TheVote"]);
$stats->incVoteCount();
echo $Vote->display();
}
if ($_GET["Action"] == 4) {
$Vote = new VoteStars($_POST["pid"]);
$Vote->setUser($wgUser->mName, $wgUser->mId);
$Vote->delete();
echo $Vote->display();
}
}
// This line removes the navigation and everything else from the
// page, if you don't set it, you get what looks like a regular wiki
// page, with the body you defined above.
$wgOut->setArticleBodyOnly(true);
}
public function publish()
{
if (!$this->loadData()) {
$this->dataError();
sendBack();
}
$systemcompany = $this->_uses[$this->modeltype];
$flash = Flash::Instance();
$errors = array();
if (Publish::systemCompany($systemcompany, $errors)) {
$flash->addMessage($systemcompany->company . ' successfully published');
} else {
$flash->addError('Failed to publish ' . $systemcompany->company);
}
if (count($errors) > 0) {
$flash->addErrors($errors);
}
sendTo($this->name, 'index', $this->_modules);
}
/**
* @method GET
*/
function get()
{
// get an authuser
$authUser = new AuthUser();
if (isset($authUser->UserUniqId)) {
// check if authorized
Publish::PublishSite($authUser->SiteUniqId);
$response = new Tonic\Response(Tonic\Response::OK);
return $response;
} else {
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
public static function PublishPage($pageUniqId, $preview = false, $remove_draft = false, $root = '../')
{
$page = Page::GetByPageUniqId($pageUniqId);
if ($page != null) {
$site = Site::GetBySiteId($page['SiteId']);
// test for now
$dest = $root . 'sites/' . $site['FriendlyId'] . '/';
$imageurl = $dest . 'files/';
$siteurl = 'http://' . $site['Domain'] . '/';
$friendlyId = $page['FriendlyId'];
$url = '';
$file = '';
if ($preview == true) {
$previewId = uniqid();
$file = $page['FriendlyId'] . '-' . $previewId . '-preview.php';
} else {
$file = $page['FriendlyId'] . '.php';
}
// create a nice path to store the file
if ($page['PageTypeId'] == -1) {
$url = $page['FriendlyId'] . '.php';
$path = '';
} else {
$pageType = PageType::GetByPageTypeId($page['PageTypeId']);
$path = 'uncategorized/';
if ($pageType != null) {
$path = strtolower($pageType['FriendlyId']) . '/';
}
}
// generate default
$html = Utilities::GeneratePage($site, $page, $siteurl, $imageurl, $preview, $root);
// remove any drafts associated with the page
if ($remove_draft == true) {
$draft = $root . 'sites/' . $site['FriendlyId'] . '/fragments/draft/' . $page['PageUniqId'] . '.html';
if (file_exists($draft)) {
unlink($draft);
}
}
if ($preview == true) {
$s_dest = $dest . 'preview/';
} else {
$s_dest = $dest . $path;
}
// save the content to the published file
Utilities::SaveContent($s_dest, $file, $html);
// publish a rendered fragment
Publish::PublishRender($site, $page, $root);
// build the search index for the page
Publish::BuildSearchIndex($site, $page, $root);
return $s_dest . $file;
}
}
/**
* @method POST
*/
function update()
{
// get token
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
$name = $request['name'];
$content = $request['content'];
$site = Site::GetBySiteId($token->SiteId);
$directory = SITES_LOCATION . '/' . $site['FriendlyId'] . '/themes/' . $site['Theme'] . '/styles/';
$f = $directory . $name . '.less';
file_put_contents($f, $content);
// save to file
$errors = Publish::GetLESSErrors($site, $name);
if ($errors == NULL) {
// publishes all css
Publish::PublishAllCSS($site['SiteId']);
// send success
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'text/HTML';
$response->body = 'yay!';
} else {
// send errors
$response = new Tonic\Response(Tonic\Response::BADREQUEST);
$response->contentType = 'text/HTML';
$response->body = $errors;
}
return $response;
} else {
// return an unauthorized exception (401)
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
/**
* @method POST
*/
function post()
{
// get token
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
$configurations = $request['configurations'];
$site = Site::GetBySiteId($token->SiteId);
// get configuration
$configure_file = SITES_LOCATION . '/' . $site['FriendlyId'] . '/themes/' . $site['Theme'] . '/configure.json';
// put contents
file_put_contents($configure_file, $configurations);
// republish css
Publish::PublishAllCSS($site);
// get index
$page = Page::GetByFriendlyId('index', '-1', $token->SiteId);
// republish home page
Publish::PublishPage($page['PageId']);
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
return $response;
} else {
// return an unauthorized exception (401)
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
function view_entries($weblog_id = '', $message = '', $extra_sql = '', $search_url = '', $form_url = '', $action = '', $extra_fields_search = '', $extra_fields_entries = '')
{
global $IN, $LANG, $DSP, $FNS, $LOC, $DB, $SESS, $REGX, $PREFS, $EXT;
// Security check
if (!$DSP->allowed_group('can_access_edit')) {
return $DSP->no_access_message();
}
/** --------------------------------------------
/** Fetch weblog ID numbers assigned to the current user
/** --------------------------------------------*/
$allowed_blogs = $FNS->fetch_assigned_weblogs();
if (empty($allowed_blogs)) {
return $DSP->no_access_message($LANG->line('no_weblogs'));
}
// -------------------------------------------
// 'edit_entries_start' hook.
// - Allows complete rewrite of Edit Entries page.
//
$edata = $EXT->call_extension('edit_entries_start', $weblog_id, $message);
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** ------------------------------
/** Fetch Color Library
/** ------------------------------*/
// We use this to assist with our status colors
if (file_exists(PATH . 'lib/colors' . EXT)) {
include PATH . 'lib/colors' . EXT;
} else {
$colors = '';
}
// We need to determine which weblog to show entries from.
// if the weblog_id global doesn't exist we'll show all weblogs
// combined
if ($weblog_id == '') {
$weblog_id = $IN->GBL('weblog_id', 'GP');
}
if ($weblog_id == 'null' or $weblog_id === FALSE or !is_numeric($weblog_id)) {
$weblog_id = '';
}
$cat_group = '';
$cat_id = $IN->GBL('cat_id', 'GP');
$status = $IN->GBL('status', 'GP');
$order = $IN->GBL('order', 'GP');
$date_range = $IN->GBL('date_range', 'GP');
$total_blogs = count($allowed_blogs);
// Begin building the page output
$r = $DSP->qdiv('tableHeading', $LANG->line('edit_weblog_entries'));
// Do we have a message to show?
// Note: a message is displayed on this page after editing or submitting a new entry
if ($IN->GBL("U") == 'mu') {
$message = $DSP->qdiv('success', $LANG->line('multi_entries_updated'));
}
if ($message != '') {
$r .= $message;
}
// Declare the "filtering" form
$s = $DSP->form_open(array('action' => $search_url != '' ? $search_url : 'C=edit' . AMP . 'M=view_entries', 'name' => 'filterform', 'id' => 'filterform'));
$s .= $extra_fields_search;
// If we have more than one weblog we'll write the JavaScript menu switching code
if ($total_blogs > 1) {
$s .= Publish::filtering_menus();
}
// Table start
$s .= $DSP->div('box');
$s .= $DSP->table('', '0', '', '100%') . $DSP->tr() . $DSP->td('itemWrapper', '', '7') . NL;
// If we have more than one blog we'll add the "onchange" method to
// the form so that it'll automatically switch categories and statuses
if ($total_blogs > 1) {
$s .= "<select name='weblog_id' class='select' onchange='changemenu(this.selectedIndex);'>\n";
} else {
$s .= "<select name='weblog_id' class='select'>\n";
}
// Design note: Becuase the JavaScript code dynamically switches the information inside the
// pull-down menus we can't show any particular menu in a "selected" state unless there is only
// one weblog. Remember that each weblog is fully independent, so it can have its own
// categories, statuses, etc.
// Weblog selection pull-down menu
// Fetch the names of all weblogs and write each one in an <option> field
$sql = "SELECT blog_title, weblog_id, cat_group FROM exp_weblogs";
// If the user is restricted to specific blogs, add that to the query
if ($SESS->userdata['group_id'] == 1) {
$sql .= " WHERE is_user_blog = 'n'";
} else {
$sql .= " WHERE weblog_id IN (";
foreach ($allowed_blogs as $val) {
$sql .= "'" . $val . "',";
}
$sql = substr($sql, 0, -1) . ')';
}
$sql .= " AND site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' order by blog_title";
$query = $DB->query($sql);
if ($query->num_rows == 1) {
$weblog_id = $query->row['weblog_id'];
$cat_group = $query->row['cat_group'];
} elseif ($weblog_id != '') {
foreach ($query->result as $row) {
if ($row['weblog_id'] == $weblog_id) {
$weblog_id = $row['weblog_id'];
$cat_group = $row['cat_group'];
}
}
}
$s .= $DSP->input_select_option('null', $LANG->line('filter_by_weblog'));
if ($query->num_rows > 1) {
$s .= $DSP->input_select_option('null', $LANG->line('all'));
}
$selected = '';
foreach ($query->result as $row) {
if ($weblog_id != '') {
$selected = $weblog_id == $row['weblog_id'] ? 'y' : '';
}
$s .= $DSP->input_select_option($row['weblog_id'], $row['blog_title'], $selected);
}
$s .= $DSP->input_select_footer() . $DSP->nbs(2);
// Category pull-down menu
$s .= $DSP->input_select_header('cat_id') . $DSP->input_select_option('', $LANG->line('filter_by_category'));
if ($total_blogs > 1) {
$s .= $DSP->input_select_option('all', $LANG->line('all'), $cat_id == 'all' ? 'y' : '');
}
$s .= $DSP->input_select_option('none', $LANG->line('none'), $cat_id == 'none' ? 'y' : '');
if ($cat_group != '') {
if (TRUE) {
$corder = $this->nest_categories == 'y' ? 'group_id, parent_id, cat_name' : 'cat_name';
$query = $DB->query("SELECT cat_id, cat_name, group_id, parent_id FROM exp_categories WHERE site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' ORDER BY " . $corder);
$categories = array();
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
$categories[] = array($row['group_id'], $row['cat_id'], $REGX->entities_to_ascii($row['cat_name']), $row['parent_id']);
}
if ($this->nest_categories == 'y') {
$this->cat_array = array();
foreach ($categories as $key => $val) {
if (0 == $val['3']) {
$this->cat_array[] = array($val['0'], $val['1'], $val['2']);
$this->category_edit_subtree($val['1'], $categories, $depth = 1);
}
}
} else {
$this->cat_array = $categories;
}
}
foreach ($this->cat_array as $key => $val) {
if (!in_array($val['0'], explode('|', $cat_group))) {
unset($this->cat_array[$key]);
}
}
}
foreach ($this->cat_array as $ckey => $cat) {
if ($ckey - 1 < 0 or !isset($this->cat_array[$ckey - 1])) {
$s .= $DSP->input_select_option('', '-------');
}
$s .= $DSP->input_select_option($cat['1'], str_replace('!-!', ' ', $cat['2']), $cat_id == $cat['1'] ? 'y' : '');
if (isset($this->cat_array[$ckey + 1]) && $this->cat_array[$ckey + 1]['0'] != $cat['0']) {
$s .= $DSP->input_select_option('', '-------');
}
}
}
$s .= $DSP->input_select_footer() . $DSP->nbs(2);
// Status pull-down menu
$s .= $DSP->input_select_header('status') . $DSP->input_select_option('', $LANG->line('filter_by_status')) . $DSP->input_select_option('all', $LANG->line('all'), $status == 'all' ? 1 : '');
if ($weblog_id != '') {
$rez = $DB->query("SELECT status_group FROM exp_weblogs WHERE weblog_id = '{$weblog_id}'");
$query = $DB->query("SELECT status FROM exp_statuses WHERE group_id = '" . $DB->escape_str($rez->row['status_group']) . "' ORDER BY status_order");
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
$selected = $status == $row['status'] ? 1 : '';
$status_name = ($row['status'] == 'closed' or $row['status'] == 'open') ? $LANG->line($row['status']) : $row['status'];
$s .= $DSP->input_select_option($row['status'], $status_name, $selected);
}
}
} else {
$s .= $DSP->input_select_option('open', $LANG->line('open'), $status == 'open' ? 1 : '');
$s .= $DSP->input_select_option('closed', $LANG->line('closed'), $status == 'closed' ? 1 : '');
}
$s .= $DSP->input_select_footer() . $DSP->nbs(2);
// Date range pull-down menu
$sel_1 = $date_range == '1' ? 1 : '';
$sel_2 = $date_range == '7' ? 1 : '';
$sel_3 = $date_range == '31' ? 1 : '';
$sel_4 = $date_range == '182' ? 1 : '';
$sel_5 = $date_range == '365' ? 1 : '';
$s .= $DSP->input_select_header('date_range') . $DSP->input_select_option('', $LANG->line('date_range')) . $DSP->input_select_option('1', $LANG->line('today'), $sel_1) . $DSP->input_select_option('7', $LANG->line('past_week'), $sel_2) . $DSP->input_select_option('31', $LANG->line('past_month'), $sel_3) . $DSP->input_select_option('182', $LANG->line('past_six_months'), $sel_4) . $DSP->input_select_option('365', $LANG->line('past_year'), $sel_5) . $DSP->input_select_option('', $LANG->line('any_date')) . $DSP->input_select_footer() . $DSP->nbs(2);
// Display order pull-down menu
$sel_1 = $order == 'desc' ? 1 : '';
$sel_2 = $order == 'asc' ? 1 : '';
$sel_3 = $order == 'alpha' ? 1 : '';
$s .= $DSP->input_select_header('order') . $DSP->input_select_option('desc', $LANG->line('order'), $sel_1) . $DSP->input_select_option('asc', $LANG->line('ascending'), $sel_2) . $DSP->input_select_option('desc', $LANG->line('descending'), $sel_1) . $DSP->input_select_option('alpha', $LANG->line('alpha'), $sel_3) . $DSP->input_select_footer() . $DSP->nbs(2);
// Results per page pull-down menu
if (!($perpage = $IN->GBL('perpage', 'GP'))) {
$perpage = $IN->GBL('perpage', 'COOKIE');
}
if ($perpage == '') {
$perpage = 50;
}
$FNS->set_cookie('perpage', $perpage, 60 * 60 * 24 * 182);
$s .= $DSP->input_select_header('perpage') . $DSP->input_select_option('25', '25 ' . $LANG->line('results'), $perpage == 25 ? 1 : '') . $DSP->input_select_option('50', '50 ' . $LANG->line('results'), $perpage == 50 ? 1 : '') . $DSP->input_select_option('75', '75 ' . $LANG->line('results'), $perpage == 75 ? 1 : '') . $DSP->input_select_option('100', '100 ' . $LANG->line('results'), $perpage == 100 ? 1 : '') . $DSP->input_select_option('150', '150 ' . $LANG->line('results'), $perpage == 150 ? 1 : '') . $DSP->input_select_footer() . $DSP->nbs(2);
$s .= $DSP->td_c() . $DSP->tr_c() . $DSP->tr() . $DSP->td('itemWrapper', '', '7') . NL;
if (isset($_POST['keywords'])) {
$keywords = $REGX->keyword_clean($_POST['keywords']);
} elseif (isset($_GET['keywords'])) {
$keywords = $REGX->keyword_clean(base64_decode($_GET['keywords']));
} else {
$keywords = '';
}
if (substr(strtolower($keywords), 0, 3) == 'ip:') {
$keywords = str_replace('_', '.', $keywords);
}
// Because of the auto convert we prepare a specific variable
// with the converted ascii characters while leaving the $keywords
// variable intact for display and URL purposes
$search_keywords = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($keywords) : $keywords;
$exact_match = $IN->GBL('exact_match', 'GP') != '' ? $IN->GBL('exact_match', 'GP') : '';
$s .= $DSP->div('default') . $LANG->line('keywords', 'keywords') . NBS . NBS;
$s .= $DSP->input_text('keywords', stripslashes($keywords), '40', '200', 'input', '200px') . NBS . NBS;
$s .= $DSP->input_checkbox('exact_match', 'yes', $exact_match) . NBS . $LANG->line('exact_match') . NBS . NBS;
$search_in = $IN->GBL('search_in', 'GP') != '' ? $IN->GBL('search_in', 'GP') : 'title';
$s .= $DSP->input_select_header('search_in') . $DSP->input_select_option('title', $LANG->line('title_only'), $search_in == 'title' ? 1 : '') . $DSP->input_select_option('body', $LANG->line('title_and_body'), $search_in == 'body' ? 1 : '') . $DSP->input_select_option('everywhere', $LANG->line('title_body_comments'), $search_in == 'everywhere' ? 1 : '') . (!isset($this->installed_modules['comment']) ? '' : $DSP->input_select_option('comments', $LANG->line('comments'), $search_in == 'comments' ? 1 : '')) . (!isset($this->installed_modules['trackback']) ? '' : $DSP->input_select_option('trackbacks', $LANG->line('trackbacks'), $search_in == 'trackbacks' ? 1 : '')) . $DSP->input_select_footer() . $DSP->nbs(2);
// Submit button and form close
$s .= $DSP->input_submit($LANG->line('search'), 'submit');
$s .= $DSP->div_c();
$s .= $DSP->td_c() . $DSP->tr_c() . $DSP->table_c();
$s .= $DSP->div_c();
$s .= $DSP->form_close();
// -------------------------------------------
// 'edit_entries_search_form' hook.
// - Allows complete rewrite of Edit Entries Search form.
//
if ($EXT->active_hook('edit_entries_search_form') === TRUE) {
$r .= $EXT->call_extension('edit_entries_search_form', $s);
if ($EXT->end_script === TRUE) {
return;
}
} else {
$r .= $s;
}
//
// -------------------------------------------
/** ------------------------------
/** Build the main query
/** ------------------------------*/
if ($search_url != '') {
$pageurl = BASE . AMP . $search_url;
} else {
$pageurl = BASE . AMP . 'C=edit' . AMP . 'M=view_entries';
}
$sql_a = "SELECT ";
if ($search_in == 'comments') {
$sql_b = "DISTINCT(exp_comments.comment_id) ";
} elseif ($search_in == 'trackbacks') {
$sql_b = "DISTINCT(exp_trackbacks.trackback_id) ";
} else {
$sql_b = $cat_id == 'none' || $cat_id != "" ? "DISTINCT(exp_weblog_titles.entry_id) " : "exp_weblog_titles.entry_id ";
}
$sql = "FROM exp_weblog_titles\n\t\t\t\tLEFT JOIN exp_weblogs ON exp_weblog_titles.weblog_id = exp_weblogs.weblog_id ";
if ($keywords != '') {
if ($search_in != 'title') {
$sql .= "LEFT JOIN exp_weblog_data ON exp_weblog_titles.entry_id = exp_weblog_data.entry_id ";
}
if ($search_in == 'everywhere' or $search_in == 'comments') {
$sql .= "LEFT JOIN exp_comments ON exp_weblog_titles.entry_id = exp_comments.entry_id ";
} elseif ($search_in == 'trackbacks') {
$sql .= "LEFT JOIN exp_trackbacks ON exp_weblog_titles.entry_id = exp_trackbacks.entry_id ";
}
} elseif ($search_in == 'comments') {
$sql .= "LEFT JOIN exp_comments ON exp_weblog_titles.entry_id = exp_comments.entry_id ";
} elseif ($search_in == 'trackbacks') {
$sql .= "LEFT JOIN exp_trackbacks ON exp_weblog_titles.entrY_id = exp_trackbacks.entry_id ";
}
$sql .= "LEFT JOIN exp_members ON exp_members.member_id = exp_weblog_titles.author_id ";
if ($cat_id == 'none' || $cat_id != "") {
$sql .= "LEFT JOIN exp_category_posts ON exp_weblog_titles.entry_id = exp_category_posts.entry_id\n\t\t\t\t\t LEFT JOIN exp_categories ON exp_category_posts.cat_id = exp_categories.cat_id ";
}
if (is_array($extra_sql) && isset($extra_sql['tables'])) {
$sql .= ' ' . $extra_sql['tables'] . ' ';
}
// -------------------------------------------
// 'edit_entries_search_tables' hook.
// - Add additional parts to the TABLES part of query
//
if ($EXT->active_hook('edit_entries_search_tables') === TRUE) {
$sql .= $EXT->call_extension('edit_entries_search_tables');
}
//
// -------------------------------------------
// Limit to weblogs assigned to user
if ($SESS->userdata('member_id') == 0) {
$sql .= " WHERE is_user_blog = 'n' AND exp_weblogs.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'";
} else {
$sql .= " WHERE exp_weblogs.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' AND exp_weblog_titles.weblog_id IN (";
foreach ($allowed_blogs as $val) {
$sql .= "'" . $val . "',";
}
$sql = substr($sql, 0, -1) . ')';
if (!$DSP->allowed_group('can_edit_other_entries') and !$DSP->allowed_group('can_view_other_entries')) {
$sql .= " AND exp_weblog_titles.author_id = " . $SESS->userdata('member_id');
}
}
if (is_array($extra_sql) && isset($extra_sql['where'])) {
$sql .= ' ' . $extra_sql['where'] . ' ';
}
if ($keywords != '') {
$pageurl .= AMP . 'keywords=' . base64_encode($keywords);
if ($search_in == 'trackbacks' or $search_in == 'comments') {
// When searching in comments and trackbacks we do not want to
// search the entry title. However, by removing this we would
// have to make the rest of the query creation code below really messy
// so we simply check for an empty title, which should never happen.
// That makes this check pointless and allows us some cleaner code. -Paul
$sql .= " AND (exp_weblog_titles.title = '' ";
} else {
if ($exact_match != 'yes') {
$sql .= " AND (exp_weblog_titles.title LIKE '%" . $DB->escape_like_str($search_keywords) . "%' ";
} else {
$pageurl .= AMP . 'exact_match=yes';
$sql .= " AND (exp_weblog_titles.title = '" . $DB->escape_str($search_keywords) . "' OR exp_weblog_titles.title LIKE '" . $DB->escape_like_str($search_keywords) . " %' OR exp_weblog_titles.title LIKE '% " . $DB->escape_like_str($search_keywords) . " %' ";
}
}
$pageurl .= AMP . 'search_in=' . $search_in;
if ($search_in == 'body' or $search_in == 'everywhere') {
/** ---------------------------------------
/** Fetch the searchable field names
/** ---------------------------------------*/
$fields = array();
$xql = "SELECT DISTINCT(field_group) FROM exp_weblogs WHERE ";
$xql .= USER_BLOG !== FALSE ? "weblog_id = '" . UB_BLOG_ID . "' " : "is_user_blog = 'n' ";
if ($weblog_id != '') {
$xql .= " AND weblog_id = '" . $DB->escape_str($weblog_id) . "' ";
}
$query = $DB->query($xql);
if ($query->num_rows > 0) {
$fql = "SELECT field_id, field_type FROM exp_weblog_fields WHERE group_id IN (";
foreach ($query->result as $row) {
$fql .= "'" . $row['field_group'] . "',";
}
$fql = substr($fql, 0, -1) . ')';
$query = $DB->query($fql);
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
if ($row['field_type'] == 'text' or $row['field_type'] == 'textarea' or $row['field_type'] == 'select') {
$fields[] = $row['field_id'];
}
}
}
}
foreach ($fields as $val) {
if ($exact_match != 'yes') {
$sql .= " OR exp_weblog_data.field_id_" . $val . " LIKE '%" . $DB->escape_like_str($search_keywords) . "%' ";
} else {
$sql .= " OR (exp_weblog_data.field_id_" . $val . " LIKE '" . $DB->escape_like_str($search_keywords) . " %' OR exp_weblog_data.field_id_" . $val . " LIKE '% " . $DB->escape_like_str($search_keywords) . " %' OR exp_weblog_data.field_id_" . $val . " = '" . $DB->escape_str($search_keywords) . "') ";
}
}
}
if ($search_in == 'everywhere' or $search_in == 'comments') {
if ($search_in == 'comments' && (substr(strtolower($search_keywords), 0, 3) == 'ip:' or substr(strtolower($search_keywords), 0, 4) == 'mid:')) {
if (substr(strtolower($search_keywords), 0, 3) == 'ip:') {
$sql .= " OR (exp_comments.ip_address = '" . $DB->escape_str(str_replace('_', '.', substr($search_keywords, 3))) . "') ";
} elseif (substr(strtolower($search_keywords), 0, 4) == 'mid:') {
$sql .= " OR (exp_comments.author_id = '" . $DB->escape_str(substr($search_keywords, 4)) . "') ";
}
} else {
$sql .= " OR (exp_comments.comment LIKE '%" . $DB->escape_like_str($keywords) . "%') ";
// No ASCII conversion here!
}
} elseif ($search_in == 'trackbacks') {
if ($search_in == 'trackbacks' && substr(strtolower($search_keywords), 0, 3) == 'ip:') {
$sql .= " OR (exp_trackbacks.trackback_ip = '" . $DB->escape_str(str_replace('_', '.', substr($search_keywords, 3))) . "') ";
} else {
$sql .= " OR (CONCAT_WS(' ', exp_trackbacks.content, exp_trackbacks.title, exp_trackbacks.weblog_name) LIKE '%" . $DB->escape_like_str($keywords) . "%') ";
// No ASCII conversion here either!
}
}
$sql .= ")";
}
if ($weblog_id) {
$pageurl .= AMP . 'weblog_id=' . $weblog_id;
$sql .= " AND exp_weblog_titles.weblog_id = {$weblog_id}";
}
if ($date_range) {
$pageurl .= AMP . 'date_range=' . $date_range;
$date_range = time() - $date_range * 60 * 60 * 24;
$sql .= " AND exp_weblog_titles.entry_date > {$date_range}";
}
if (is_numeric($cat_id)) {
$pageurl .= AMP . 'cat_id=' . $cat_id;
$sql .= " AND exp_category_posts.cat_id = '{$cat_id}' \n AND exp_category_posts.entry_id = exp_weblog_titles.entry_id ";
}
if ($cat_id == 'none') {
$pageurl .= AMP . 'cat_id=' . $cat_id;
$sql .= " AND exp_category_posts.entry_id IS NULL ";
}
if ($status && $status != 'all') {
$pageurl .= AMP . 'status=' . $status;
$sql .= " AND exp_weblog_titles.status = '{$status}'";
}
// -------------------------------------------
// 'edit_entries_search_where' hook.
// - Add additional parts to the WHERE clause of search
//
if ($EXT->active_hook('edit_entries_search_where') === TRUE) {
$sql .= $EXT->call_extension('edit_entries_search_where');
}
//
// -------------------------------------------
$end = " ORDER BY ";
if ($order) {
$pageurl .= AMP . 'order=' . $order;
switch ($order) {
case 'asc':
$end .= "entry_date asc";
break;
case 'desc':
$end .= "entry_date desc";
break;
case 'alpha':
$end .= "title asc";
break;
default:
$end .= "entry_date desc";
}
} else {
$end .= "entry_date desc";
}
/** ------------------------------
/** Are there results?
/** ------------------------------*/
$query = $DB->query($sql_a . $sql_b . $sql);
// No result? Show the "no results" message
$total_count = $query->num_rows;
if ($total_count == 0) {
$r .= $DSP->qdiv('highlight', BR . $LANG->line('no_entries_matching_that_criteria'));
return $DSP->set_return_data($LANG->line('edit') . $DSP->crumb_item($LANG->line('edit_weblog_entries')), $r, $LANG->line('edit_weblog_entries'));
}
// Get the current row number and add the LIMIT clause to the SQL query
if (!($rownum = $IN->GBL('rownum', 'GP'))) {
$rownum = 0;
}
/** --------------------------------------------
/** Run the query again, fetching ID numbers
/** --------------------------------------------*/
$query = $DB->query($sql_a . $sql_b . $sql . $end . " LIMIT " . $rownum . ", " . $perpage);
$pageurl .= AMP . 'perpage=' . $perpage;
if ($search_in == 'comments') {
$comment_array = array();
foreach ($query->result as $row) {
$comment_array[] = $row['comment_id'];
}
if ($keywords == '') {
$pageurl .= AMP . 'keywords=' . base64_encode($keywords) . AMP . 'search_in=' . $search_in;
}
$pagination_links = $DSP->pager($pageurl, $total_count, $perpage, $rownum, 'rownum');
return $this->view_comments('', '', '', FALSE, array_unique($comment_array), $pagination_links, $rownum);
} elseif ($search_in == 'trackbacks') {
$trackback_array = array();
foreach ($query->result as $row) {
$trackback_array[] = $row['trackback_id'];
}
if ($keywords == '') {
$pageurl .= AMP . 'keywords=' . base64_encode($keywords) . AMP . 'search_in=' . $search_in;
}
$pagination_links = $DSP->pager($pageurl, $total_count, $perpage, $rownum, 'rownum');
return $this->view_comments('', '', $message, TRUE, array_unique($trackback_array));
}
/** --------------------------------------------
/** Fetch the weblog information we need later
/** --------------------------------------------*/
$sql = "SELECT weblog_id, blog_name FROM exp_weblogs ";
if (USER_BLOG !== FALSE) {
$sql .= " WHERE exp_weblogs.weblog_id = '" . UB_BLOG_ID . "'";
} else {
$sql .= " WHERE exp_weblogs.is_user_blog = 'n'";
}
$sql .= "AND site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' ";
$w_array = array();
$result = $DB->query($sql);
if ($result->num_rows > 0) {
foreach ($result->result as $rez) {
$w_array[$rez['weblog_id']] = $rez['blog_name'];
}
}
/** --------------------------------------------
/** Fetch the status highlight colors
/** --------------------------------------------*/
$cql = "SELECT exp_weblogs.weblog_id, exp_weblogs.blog_name, exp_statuses.status, exp_statuses.highlight\n FROM exp_weblogs, exp_statuses, exp_status_groups\n WHERE exp_status_groups.group_id = exp_weblogs.status_group\n AND exp_status_groups.group_id = exp_statuses.group_id\n AND exp_statuses.highlight != ''\n AND exp_status_groups.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' ";
// Limit to weblogs assigned to user
if ($SESS->userdata['weblog_id'] != 0) {
$sql .= " AND exp_weblogs.weblog_id IN (";
foreach ($allowed_blogs as $val) {
$sql .= "'" . $val . "',";
}
$sql = substr($sql, 0, -1) . ')';
} else {
$cql .= " AND is_user_blog = 'n'";
}
$result = $DB->query($cql);
$c_array = array();
if ($result->num_rows > 0) {
foreach ($result->result as $rez) {
$c_array[$rez['weblog_id'] . '_' . $rez['status']] = str_replace('#', '', $rez['highlight']);
}
}
// "select all" checkbox
$r .= $DSP->toggle();
$DSP->body_props .= ' onload="magic_check()" ';
$r .= $DSP->magic_checkboxes();
// Build the item headings
// Declare the "multi edit actions" form
$r .= $DSP->form_open(array('action' => $form_url != '' ? $form_url : 'C=edit' . AMP . 'M=multi_edit', 'name' => 'target', 'id' => 'target'));
$r .= $extra_fields_entries;
/** --------------------------------------------
/** Build the output table
/** --------------------------------------------*/
$o = $DSP->table('tableBorder', '0', '', '100%') . $DSP->tr() . $DSP->table_qcell('tableHeadingAlt', '#') . $DSP->table_qcell('tableHeadingAlt', $LANG->line('title')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('view')) . (!isset($this->installed_modules['comment']) ? '' : $DSP->table_qcell('tableHeadingAlt', $LANG->line('comments'))) . (!isset($this->installed_modules['trackback']) ? '' : $DSP->table_qcell('tableHeadingAlt', $LANG->line('trackbacks'))) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('author')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('date')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('weblog')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('status'));
// -------------------------------------------
// 'edit_entries_additional_tableheader' hook.
// - Add another cell row to display, title here
//
if ($EXT->active_hook('edit_entries_additional_tableheader') === TRUE) {
$o .= $EXT->call_extension('edit_entries_additional_tableheader', $query->row);
}
//
// -------------------------------------------
$o .= $DSP->table_qcell('tableHeadingAlt', $DSP->input_checkbox('toggleflag', '', '', "onclick=\"toggle(this);\"")) . $DSP->tr_c();
// -------------------------------------------
// 'edit_entries_modify_tableheader' hook.
// - Allows modifying or rewrite of Edit sections Table Header.
//
if ($EXT->active_hook('edit_entries_modify_tableheader') === TRUE) {
$r .= $EXT->call_extension('edit_entries_modify_tableheader', $o);
if ($EXT->end_script === TRUE) {
return;
}
} else {
$r .= $o;
}
//
// -------------------------------------------
/** ----------------------------------------------
/** Build and run the full SQL query
/** ----------------------------------------------*/
$sql = "SELECT ";
$sql .= $cat_id == 'none' || $cat_id != "" ? "DISTINCT(exp_weblog_titles.entry_id), " : "exp_weblog_titles.entry_id, ";
$sql .= "exp_weblog_titles.weblog_id, \n\t\t\t\texp_weblog_titles.title, \n\t\t\t\texp_weblog_titles.author_id, \n\t\t\t\texp_weblog_titles.status, \n\t\t\t\texp_weblog_titles.entry_date, \n\t\t\t\texp_weblog_titles.dst_enabled,\n\t\t\t\texp_weblog_titles.comment_total, \n\t\t\t\texp_weblog_titles.trackback_total,\n\t\t\t\texp_weblogs.live_look_template,\n\t\t\t\texp_members.username,\n\t\t\t\texp_members.email,\n\t\t\t\texp_members.screen_name";
// -------------------------------------------
// 'edit_entries_search_fields' hook.
// - Add additional parts to the FIELDS part of query
//
if ($EXT->active_hook('edit_entries_search_fields') === TRUE) {
$sql .= $EXT->call_extension('edit_entries_search_fields');
}
//
// -------------------------------------------
$sql .= " FROM exp_weblog_titles\n\t\t\t\t LEFT JOIN exp_weblogs ON exp_weblog_titles.weblog_id = exp_weblogs.weblog_id\n\t\t\t\t LEFT JOIN exp_members ON exp_members.member_id = exp_weblog_titles.author_id ";
if ($cat_id != 'none' and $cat_id != "") {
$sql .= "INNER JOIN exp_category_posts ON exp_weblog_titles.entry_id = exp_category_posts.entry_id\n\t\t\t\t\t INNER JOIN exp_categories ON exp_category_posts.cat_id = exp_categories.cat_id ";
}
$sql .= "WHERE exp_weblog_titles.entry_id IN (";
foreach ($query->result as $row) {
$sql .= $row['entry_id'] . ',';
}
$sql = substr($sql, 0, -1) . ') ' . $end;
$query = $DB->query($sql);
// load the site's templates
$templates = array();
$tquery = $DB->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id\n\t\t\t\t\t\t\tFROM exp_template_groups, exp_templates\n\t\t\t\t\t\t\tWHERE exp_template_groups.group_id = exp_templates.group_id\n\t\t\t\t\t\t\tAND exp_templates.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'");
if ($tquery->num_rows > 0) {
foreach ($tquery->result as $row) {
$templates[$row['template_id']] = $row['group_name'] . '/' . $row['template_name'];
}
}
// Loop through the main query result and write each table row
$i = 0;
foreach ($query->result as $row) {
$style = $i % 2 ? 'tableCellOne' : 'tableCellTwo';
$i++;
$tr = $DSP->tr();
// Entry ID number
$tr .= $DSP->table_qcell($style, $row['entry_id']);
// Weblog entry title (view entry)
$tr .= $DSP->table_qcell($style, $DSP->anchor(BASE . AMP . 'C=edit' . AMP . 'M=edit_entry' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id'], '<b>' . $row['title'] . '</b>'));
// Edit entry
$show_link = TRUE;
if ($row['live_look_template'] != 0 && isset($templates[$row['live_look_template']])) {
$qm = $PREFS->ini('force_query_string') == 'y' ? '' : '?';
$view_link = $DSP->anchor($FNS->fetch_site_index() . $qm . 'URL=' . $FNS->create_url($templates[$row['live_look_template']] . '/' . $row['entry_id']), $LANG->line('live_look'), '', TRUE);
} else {
if ($row['author_id'] != $SESS->userdata('member_id') && !$DSP->allowed_group('can_edit_other_entries')) {
$show_link = FALSE;
}
$view_url = BASE . AMP . 'C=edit' . AMP . 'M=view_entry' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id'];
$view_link = $show_link == FALSE ? '--' : $DSP->anchor($view_url, $LANG->line('view'));
}
$tr .= $DSP->table_qcell($style, $view_link);
// Comment count
$show_link = TRUE;
if ($row['author_id'] == $SESS->userdata('member_id')) {
if (!$DSP->allowed_group('can_edit_own_comments') and !$DSP->allowed_group('can_delete_own_comments') and !$DSP->allowed_group('can_moderate_comments')) {
$show_link = FALSE;
}
} else {
if (!$DSP->allowed_group('can_edit_all_comments') and !$DSP->allowed_group('can_delete_all_comments') and !$DSP->allowed_group('can_moderate_comments')) {
$show_link = FALSE;
}
}
if (isset($this->installed_modules['comment'])) {
// Comment Link
if ($show_link !== FALSE) {
$res = $DB->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '" . $row['entry_id'] . "'");
$DB->q_count--;
$view_url = BASE . AMP . 'C=edit' . AMP . 'M=view_comments' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id'];
}
$view_link = $show_link == FALSE ? $DSP->qdiv('lightLinks', '--') : $DSP->qspan('lightLinks', '(' . $res->row['count'] . ')') . NBS . $DSP->anchor($view_url, $LANG->line('view'));
$tr .= $DSP->table_qcell($style, $view_link);
}
if (isset($this->installed_modules['trackback'])) {
// Trackback Link
if ($show_link !== FALSE) {
$res = $DB->query("SELECT COUNT(*) AS count FROM exp_trackbacks WHERE entry_id = '" . $row['entry_id'] . "'");
$DB->q_count--;
$view_url = BASE . AMP . 'C=edit' . AMP . 'M=view_trackbacks' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id'];
}
$view_link = $show_link == FALSE ? $DSP->qdiv('lightLinks', '--') : $DSP->qspan('lightLinks', '(' . $res->row['count'] . ')') . NBS . $DSP->anchor($view_url, $LANG->line('view'));
$tr .= $DSP->table_qcell($style, $view_link);
}
// Username
$name = $row['screen_name'] != '' ? $row['screen_name'] : $row['username'];
$name = $DSP->anchor('mailto:' . $row['email'], $name, 'title="Send an email to ' . $name . '"');
$tr .= $DSP->table_qcell($style, $DSP->qdiv('smallLinks', $name));
// Date
$date_fmt = $SESS->userdata['time_format'] != '' ? $SESS->userdata['time_format'] : $PREFS->ini('time_format');
if ($date_fmt == 'us') {
$datestr = '%m/%d/%y %h:%i %a';
} else {
$datestr = '%Y-%m-%d %H:%i';
}
if ($PREFS->ini('honor_entry_dst') == 'y') {
if ($row['dst_enabled'] == 'n' and $SESS->userdata('daylight_savings') == 'y') {
if ($row['entry_date'] != '') {
$row['entry_date'] -= 3600;
}
} elseif ($row['dst_enabled'] == 'y' and $SESS->userdata('daylight_savings') == 'n') {
if ($row['entry_date'] != '') {
$row['entry_date'] += 3600;
}
}
}
// -------------------------------------------
// 'edit_entries_decode_date' hook.
// - Change how the date is formatted in the edit entries list
//
if ($EXT->active_hook('edit_entries_decode_date') === TRUE) {
$tr .= $EXT->call_extension('edit_entries_decode_date', $row['entry_date']);
} else {
$tr .= $DSP->td($style) . $DSP->qdiv('smallNoWrap', $LOC->decode_date($datestr, $row['entry_date'], TRUE)) . $DSP->td_c();
}
//
// -------------------------------------------
// Weblog
$tr .= $DSP->table_qcell($style, isset($w_array[$row['weblog_id']]) ? $DSP->qdiv('smallNoWrap', $w_array[$row['weblog_id']]) : '');
// Status
$tr .= $DSP->td($style);
$status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? $LANG->line($row['status']) : $row['status'];
if (isset($c_array[$row['weblog_id'] . '_' . $row['status']]) and $c_array[$row['weblog_id'] . '_' . $row['status']] != '') {
$color = $c_array[$row['weblog_id'] . '_' . $row['status']];
$prefix = (is_array($colors) and !array_key_exists(strtolower($color), $colors)) ? '#' : '';
$tr .= "<div style='color:" . $prefix . $color . ";'>" . $status_name . '</div>';
} else {
if ($row['status'] == 'open') {
$tr .= "<div style='color:#009933;'>" . $status_name . '</div>';
} elseif ($row['status'] == 'closed') {
$tr .= "<div style='color:#990000;'>" . $status_name . '</div>';
} else {
$tr .= $status_name;
}
}
$tr .= $DSP->td_c();
// -------------------------------------------
// 'edit_entries_additional_celldata' hook.
// - Add another cell to display?
//
if ($EXT->active_hook('edit_entries_additional_celldata') === TRUE) {
$tr .= $EXT->call_extension('edit_entries_additional_celldata', $row);
}
//
// -------------------------------------------
// Delete checkbox
$tr .= $DSP->table_qcell($style, $DSP->input_checkbox('toggle[]', $row['entry_id'], '', ' id="delete_box_' . $row['entry_id'] . '"'));
$tr .= $DSP->tr_c();
// -------------------------------------------
// 'edit_entries_modify_tablerow' hook.
// - Allows modifying or rewrite of entry row in Edit section.
//
if ($EXT->active_hook('edit_entries_modify_tablerow') === TRUE) {
$r .= $EXT->call_extension('edit_entries_modify_tablerow', $tr);
if ($EXT->end_script === TRUE) {
return;
}
} else {
$r .= $tr;
}
//
// -------------------------------------------
}
// End foreach
$r .= $DSP->table_c();
$r .= $DSP->table('', '0', '', '100%');
$r .= $DSP->tr() . $DSP->td();
// Pass the relevant data to the paginate class
$r .= $DSP->div('crumblinks') . $DSP->pager($pageurl, $total_count, $perpage, $rownum, 'rownum') . $DSP->div_c() . $DSP->td_c() . $DSP->td('defaultRight');
$r .= $DSP->input_hidden('pageurl', base64_encode($pageurl));
// Delete button
$r .= $DSP->div('itemWrapper');
$r .= $DSP->input_submit($LANG->line('submit'));
if ($action == '') {
$r .= NBS . $DSP->input_select_header('action') . $DSP->input_select_option('edit', $LANG->line('edit_selected')) . $DSP->input_select_option('delete', $LANG->line('delete_selected')) . $DSP->input_select_option('edit', '------') . $DSP->input_select_option('add_categories', $LANG->line('add_categories')) . $DSP->input_select_option('remove_categories', $LANG->line('remove_categories'));
// -------------------------------------------
// 'edit_entries_extra_actions' hook.
// - Add more options to the actions form at the bottom of the Edit screen
//
if ($EXT->active_hook('edit_entries_extra_actions') === TRUE) {
$r .= $EXT->call_extension('edit_entries_extra_actions');
}
//
// -------------------------------------------
$r .= $DSP->input_select_footer();
} else {
$r .= $action;
}
$r .= $DSP->div_c();
$r .= $DSP->td_c() . $DSP->tr_c() . $DSP->table_c();
$r .= $DSP->form_close();
// Set output data
return $r;
}
/** ----------------------------------------
/** Stand-alone version of the entry form
/** ----------------------------------------*/
function entry_form($return_form = FALSE, $captcha = '')
{
global $TMPL, $LANG, $LOC, $OUT, $DB, $IN, $REGX, $FNS, $SESS, $PREFS, $EXT;
$field_data = '';
$catlist = '';
$status = '';
$title = '';
$url_title = '';
$dst_enabled = $SESS->userdata('daylight_savings');
$LANG->fetch_language_file('weblog');
// No loggy? No looky...
if ($SESS->userdata('member_id') == 0) {
return '';
}
if (!($weblog = $TMPL->fetch_param('weblog'))) {
return $OUT->show_user_error('general', $LANG->line('weblog_not_specified'));
}
// Fetch the action ID number. Even though we don't need it until later
// we'll grab it here. If not found it means the action table doesn't
// contain the ID, which means the user has not updated properly. Ya know?
if (!($insert_action = $FNS->fetch_action_id('Weblog', 'insert_new_entry'))) {
return $OUT->show_user_error('general', $LANG->line('weblog_no_action_found'));
}
// We need to first determine which weblog to post the entry into.
$assigned_weblogs = $FNS->fetch_assigned_weblogs();
$weblog_id = !$IN->GBL('weblog_id', 'POST') ? '' : $IN->GBL('weblog_id');
if ($weblog_id == '') {
$query = $DB->query("SELECT weblog_id from exp_weblogs WHERE site_id IN ('" . implode("','", $TMPL->site_ids) . "') AND blog_name = '" . $DB->escape_str($weblog) . "' AND is_user_blog = 'n'");
if ($query->num_rows == 1) {
$weblog_id = $query->row['weblog_id'];
}
}
/** ----------------------------------------------
/** Security check
/** ---------------------------------------------*/
if (!in_array($weblog_id, $assigned_weblogs)) {
return $TMPL->no_results();
}
/** ----------------------------------------------
/** Fetch weblog preferences
/** ---------------------------------------------*/
$query = $DB->query("SELECT * FROM exp_weblogs WHERE weblog_id = '{$weblog_id}'");
if ($query->num_rows == 0) {
return "The weblog you have specified does not exist.";
}
foreach ($query->row as $key => $val) {
${$key} = $val;
}
if (!isset($_POST['weblog_id'])) {
$title = $default_entry_title;
$url_title = $url_title_prefix;
}
// -------------------------------------------
// 'weblog_standalone_form_start' hook.
// - Rewrite the Stand Alone Entry Form completely
//
$edata = $EXT->call_extension('weblog_standalone_form_start', $return_form, $captcha, $weblog_id);
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** ----------------------------------------
/** Return the "no cache" version of the form
/** ----------------------------------------*/
if ($return_form == FALSE) {
$nc = '{{NOCACHE_WEBLOG_FORM ';
if (count($TMPL->tagparams) > 0) {
foreach ($TMPL->tagparams as $key => $val) {
$nc .= ' ' . $key . '="' . $val . '" ';
}
}
$nc .= '}}' . $TMPL->tagdata . '{{/NOCACHE_FORM}}';
return $nc;
}
/** ----------------------------------------------
/** JavaScript For URL Title
/** ---------------------------------------------*/
$convert_ascii = $PREFS->ini('auto_convert_high_ascii') == 'y' ? TRUE : FALSE;
$word_separator = $PREFS->ini('word_separator') != "dash" ? '_' : '-';
/** -------------------------------------
/** Create Foreign Character Conversion JS
/** -------------------------------------*/
/* -------------------------------------
/* 'foreign_character_conversion_array' hook.
/* - Allows you to use your own foreign character conversion array
/* - Added 1.6.0
*/
if (isset($EXT->extensions['foreign_character_conversion_array'])) {
$foreign_characters = $EXT->call_extension('foreign_character_conversion_array');
} else {
$foreign_characters = array('223' => "ss", '224' => "a", '225' => "a", '226' => "a", '229' => "a", '227' => "ae", '230' => "ae", '228' => "ae", '231' => "c", '232' => "e", '233' => "e", '234' => "e", '235' => "e", '236' => "i", '237' => "i", '238' => "i", '239' => "i", '241' => "n", '242' => "o", '243' => "o", '244' => "o", '245' => "o", '246' => "oe", '249' => "u", '250' => "u", '251' => "u", '252' => "ue", '255' => "y", '257' => "aa", '269' => "ch", '275' => "ee", '291' => "gj", '299' => "ii", '311' => "kj", '316' => "lj", '326' => "nj", '353' => "sh", '363' => "uu", '382' => "zh", '256' => "aa", '268' => "ch", '274' => "ee", '290' => "gj", '298' => "ii", '310' => "kj", '315' => "lj", '325' => "nj", '352' => "sh", '362' => "uu", '381' => "zh");
}
/*
/* -------------------------------------*/
$foreign_replace = '';
foreach ($foreign_characters as $old => $new) {
$foreign_replace .= "if (c == '{$old}') {NewTextTemp += '{$new}'; continue;}\n\t\t\t\t";
}
$default_entry_title = $REGX->form_prep($default_entry_title);
$url_title_js = <<<EOT
<script type="text/javascript">
<!--
function liveUrlTitle()
{
\t\t\tvar defaultTitle = '{$default_entry_title}';
\t\t\tvar NewText = document.getElementById("title").value;
\t\t\t
\t\t\tif (defaultTitle != '')
\t\t\t{
\t\t\t\tif (NewText.substr(0, defaultTitle.length) == defaultTitle)
\t\t\t\t{
\t\t\t\t\tNewText = NewText.substr(defaultTitle.length);
\t\t\t\t}\t
\t\t\t}
\t\t\t
\t\t\tNewText = NewText.toLowerCase();
\t\t\tvar separator = "{$word_separator}";
\t
\t\t\t// Foreign Character Attempt
\t\t\t
\t\t\tvar NewTextTemp = '';
\t\t\tfor(var pos=0; pos<NewText.length; pos++)
\t\t\t{
\t\t\t\tvar c = NewText.charCodeAt(pos);
\t\t\t\t
\t\t\t\tif (c >= 32 && c < 128)
\t\t\t\t{
\t\t\t\t\tNewTextTemp += NewText.charAt(pos);
\t\t\t\t}
\t\t\t\telse
\t\t\t\t{
\t\t\t\t\t{$foreign_replace}
\t\t\t\t}
\t\t\t}
\t\t\tvar multiReg = new RegExp(separator + '{2,}', 'g');
\t\t\t
\t\t\tNewText = NewTextTemp;
\t\t\t
\t\t\tNewText = NewText.replace('/<(.*?)>/g', '');
\t\t\tNewText = NewText.replace(/\\s+/g, separator);
\t\t\tNewText = NewText.replace(/\\//g, separator);
\t\t\tNewText = NewText.replace(/[^a-z0-9\\-\\._]/g,'');
\t\t\tNewText = NewText.replace(/\\+/g, separator);
\t\t\tNewText = NewText.replace(multiReg, separator);
\t\t\tNewText = NewText.replace(/-\$/g,'');
\t\t\tNewText = NewText.replace(/_\$/g,'');
\t\t\tNewText = NewText.replace(/^_/g,'');
\t\t\tNewText = NewText.replace(/^-/g,'');
\t\t\t
\t\t\tif (document.getElementById("url_title"))
\t\t\t{
\t\t\t\tdocument.getElementById("url_title").value = "{$url_title_prefix}" + NewText;\t\t\t
\t\t\t}
\t\t\telse
\t\t\t{
\t\t\t\tdocument.forms['entryform'].elements['url_title'].value = "{$url_title_prefix}" + NewText;
\t\t\t}\t\t
\t\t}
function showhide_item(id)
{
\t\t\tif (document.getElementById(id).style.display == "block")
\t\t\t{
\t\t\t\tdocument.getElementById(id).style.display = "none";
\t}
\telse
\t{
\t\t\t\tdocument.getElementById(id).style.display = "block";
\t}
}
\t\t
\t\t
\t\t-->
\t\t</script>
EOT;
// -------------------------------------------
// 'weblog_standalone_form_urltitle_js' hook.
// - Rewrite the Stand Alone Entry Form's URL Title JavaScript
//
if ($EXT->active_hook('weblog_standalone_form_urltitle_js') === TRUE) {
$url_title_js = $EXT->call_extension('weblog_standalone_form_urltitle_js', $url_title_js);
if ($EXT->end_script === TRUE) {
return;
}
}
//
// -------------------------------------------
$LANG->fetch_language_file('publish');
/** ----------------------------------------
/** Compile form declaration and hidden fields
/** ----------------------------------------*/
$RET = isset($_POST['RET']) ? $_POST['RET'] : $FNS->fetch_current_uri();
$XID = !isset($_POST['XID']) ? '' : $_POST['XID'];
$PRV = isset($_POST['PRV']) ? $_POST['PRV'] : '{PREVIEW_TEMPLATE}';
$hidden_fields = array('ACT' => $insert_action, 'RET' => $RET, 'PRV' => $PRV, 'URI' => $IN->URI == '' ? 'index' : $IN->URI, 'XID' => $XID, 'return_url' => isset($_POST['return_url']) ? $_POST['return_url'] : $TMPL->fetch_param('return'), 'author_id' => $SESS->userdata('member_id'), 'weblog_id' => $weblog_id);
/** ----------------------------------------
/** Add status to hidden fields
/** ----------------------------------------*/
$status_id = !isset($_POST['status_id']) ? $TMPL->fetch_param('status') : $_POST['status_id'];
if ($status_id == 'Open' || $status_id == 'Closed') {
$status_id = strtolower($status_id);
}
$status_query = $DB->query("SELECT * FROM exp_statuses WHERE group_id = '{$status_group}' order by status_order");
if ($status_id != '') {
$closed_flag = TRUE;
if ($status_query->num_rows > 0) {
foreach ($status_query->result as $row) {
if ($row['status'] == $status_id) {
$closed_flag = FALSE;
}
}
}
$hidden_fields['status'] = $closed_flag == TRUE ? 'closed' : $status_id;
}
/** ----------------------------------------
/** Add "allow" options
/** ----------------------------------------*/
$allow_cmts = !isset($_POST['allow_cmts']) ? $TMPL->fetch_param('allow_comments') : $_POST['allow_cmts'];
if ($allow_cmts != '' and $comment_system_enabled == 'y') {
$hidden_fields['allow_comments'] = $allow_cmts == 'yes' ? 'y' : 'n';
}
$allow_tbks = !isset($_POST['allow_tbks']) ? $TMPL->fetch_param('allow_trackbacks') : $_POST['allow_tbks'];
if ($allow_tbks != '') {
$hidden_fields['allow_trackbacks'] = $allow_tbks == 'yes' ? 'y' : 'n';
}
$sticky_entry = !isset($_POST['sticky_entry']) ? $TMPL->fetch_param('sticky_entry') : $_POST['sticky_entry'];
if ($sticky_entry != '') {
$hidden_fields['sticky'] = $sticky_entry == 'yes' ? 'y' : 'n';
}
/** ----------------------------------------
/** Add categories to hidden fields
/** ----------------------------------------*/
if ($category_id = $TMPL->fetch_param('category')) {
if (isset($_POST['category'])) {
foreach ($_POST as $key => $val) {
if (strstr($key, 'category') and is_array($val)) {
$i = 0;
foreach ($val as $v) {
$hidden_fields['category[' . $i++ . ']'] = $v;
}
}
}
} else {
if (strpos($category_id, '|') === FALSE) {
$hidden_fields['category[]'] = $category_id;
} else {
$category_id = trim($category_id, '|');
$i = 0;
foreach (explode("|", $category_id) as $val) {
$hidden_fields['category[' . $i++ . ']'] = $val;
}
}
}
}
/** ----------------------------------------
/** Add pings to hidden fields
/** ----------------------------------------*/
$hidden_pings = !isset($_POST['hidden_pings']) ? $TMPL->fetch_param('hidden_pings') : $_POST['hidden_pings'];
if ($hidden_pings == 'yes') {
$hidden_fields['hidden_pings'] = 'yes';
$ping_servers = $this->fetch_ping_servers('new');
if (is_array($ping_servers) and count($ping_servers) > 0) {
$i = 0;
foreach ($ping_servers as $val) {
if ($val['1'] != '') {
$hidden_fields['ping[' . $i++ . ']'] = $val['0'];
}
}
}
}
/** -------------------------------------
/** Parse out the tag
/** -------------------------------------*/
$tagdata = $TMPL->tagdata;
/** ----------------------------------------------
/** Upload and Smileys Link
/** ---------------------------------------------*/
$s = $PREFS->ini('admin_session_type') != 'c' ? $SESS->userdata['session_id'] : 0;
$cp_url = $PREFS->ini('cp_url') . '?S=' . $s;
// -------------------------------------------
// 'weblog_standalone_form_upload_url' hook.
// - Rewrite URL for Upload Link
//
if ($EXT->active_hook('weblog_standalone_form_upload_url') === TRUE) {
$upload_url = $EXT->call_extension('weblog_standalone_form_upload_url', $weblog_id);
} else {
$upload_url = $cp_url . '&C=publish&M=file_upload_form&field_group=' . $field_group . '&Z=1';
}
//
// -------------------------------------------
$tagdata = str_replace('{upload_url}', $upload_url, $tagdata);
$tagdata = str_replace('{smileys_url}', $cp_url . '&C=publish&M=emoticons&field_group=' . $field_group . '&Z=1', $tagdata);
// Onward...
$which = $IN->GBL('preview', 'POST') ? 'preview' : 'new';
/** --------------------------------
/** Fetch Custom Fields
/** --------------------------------*/
if ($TMPL->fetch_param('show_fields') !== FALSE) {
if (strncmp('not ', $TMPL->fetch_param('show_fields'), 4) == 0) {
$these = "AND field_name NOT IN ('" . str_replace('|', "','", trim(substr($TMPL->fetch_param('show_fields'), 3))) . "') ";
} else {
$these = "AND field_name IN ('" . str_replace('|', "','", trim($TMPL->fetch_param('show_fields'))) . "') ";
}
} else {
$these = '';
}
$query = $DB->query("SELECT * FROM exp_weblog_fields WHERE group_id = '{$field_group}' {$these} ORDER BY field_order");
$fields = array();
$date_fields = array();
$cond = array();
if ($which == 'preview') {
foreach ($query->result as $row) {
$fields['field_id_' . $row['field_id']] = $row['field_name'];
$cond[$row['field_name']] = '';
if ($row['field_type'] == 'date') {
$date_fields[$row['field_name']] = $row['field_id'];
}
}
}
/** ----------------------------------------
/** Preview
/** ----------------------------------------*/
if (preg_match("#" . LD . "preview" . RD . "(.+?)" . LD . '/' . "preview" . RD . "#s", $tagdata, $match)) {
if ($which != 'preview') {
$tagdata = str_replace($match['0'], '', $tagdata);
} else {
/** ----------------------------------------
/** Instantiate Typography class
/** ----------------------------------------*/
if (!class_exists('Typography')) {
require PATH_CORE . 'core.typography' . EXT;
}
$TYPE = new Typography();
$TYPE->convert_curly = FALSE;
$title = $TYPE->format_characters(stripslashes($IN->GBL('title', 'POST')));
$match['1'] = str_replace(LD . 'title' . RD, $title, $match['1']);
// We need to grab each global array index and do a little formatting
$str = '';
foreach ($_POST as $key => $val) {
if (!is_array($val)) {
if (strstr($key, 'field_id')) {
$expl = explode('field_id_', $key);
if (in_array($expl['1'], $date_fields)) {
$temp_date = $LOC->convert_human_date_to_gmt($_POST['field_id_' . $expl['1']]);
$temp = $_POST['field_id_' . $expl['1']];
$cond[$fields['field_id_' . $expl['1']]] = $temp_date;
} else {
$cond[$fields['field_id_' . $expl['1']]] = $_POST['field_id_' . $expl['1']];
$txt_fmt = !isset($_POST['field_ft_' . $expl['1']]) ? 'xhtml' : $_POST['field_ft_' . $expl['1']];
$temp = $TYPE->parse_type(stripslashes($val), array('text_format' => $txt_fmt, 'html_format' => $weblog_html_formatting, 'auto_links' => $weblog_allow_img_urls, 'allow_img_url' => $weblog_auto_link_urls));
}
if (isset($fields[$key])) {
$match['1'] = str_replace(LD . $fields[$key] . RD, $temp, $match['1']);
}
$str .= $temp;
}
}
}
$match['1'] = str_replace(LD . 'display_custom_fields' . RD, $str, $match['1']);
$match['1'] = $FNS->prep_conditionals($match['1'], $cond);
$tagdata = str_replace($match['0'], $match['1'], $tagdata);
}
}
/** -------------------------------------
/** Formatting buttons
/** -------------------------------------*/
if (preg_match("#" . LD . "formatting_buttons" . RD . "#s", $tagdata)) {
if (!defined('BASE')) {
$s = $PREFS->ini('admin_session_type') != 'c' ? $SESS->userdata['session_id'] : 0;
define('BASE', $PREFS->ini('cp_url', FALSE) . '?S=' . $s);
}
if (!class_exists('Display')) {
require PATH_CP . 'cp.display' . EXT;
}
global $DSP;
$DSP = new Display();
if (!class_exists('Publish')) {
require PATH_CP . 'cp.publish' . EXT;
}
$PUB = new Publish();
$tagdata = str_replace(LD . 'formatting_buttons' . RD, str_replace('.entryform.', ".getElementById('entryform').", $PUB->html_formatting_buttons($SESS->userdata('member_id'), $field_group)), $tagdata);
}
/** -------------------------------------
/** Fetch the {custom_fields} chunk
/** -------------------------------------*/
$custom_fields = '';
if (preg_match("#" . LD . "custom_fields" . RD . "(.+?)" . LD . '/' . "custom_fields" . RD . "#s", $tagdata, $match)) {
$custom_fields = trim($match['1']);
$tagdata = str_replace($match['0'], LD . 'temp_custom_fields' . RD, $tagdata);
}
// If we have custom fields to show, generate them
if ($custom_fields != '') {
$field_array = array('textarea', 'textinput', 'pulldown', 'date', 'relationship');
$textarea = '';
$textinput = '';
$pulldown = '';
$date = '';
$relationship = '';
$rel_options = '';
$pd_options = '';
$required = '';
foreach ($field_array as $val) {
if (preg_match("#" . LD . "\\s*if\\s+" . $val . RD . "(.+?)" . LD . '/' . "if" . RD . "#s", $custom_fields, $match)) {
${$val} = $match['1'];
if ($val == 'pulldown') {
if (preg_match("#" . LD . "options" . RD . "(.+?)" . LD . '/' . "options" . RD . "#s", $pulldown, $pmatch)) {
$pd_options = $pmatch['1'];
$pulldown = str_replace($pmatch['0'], LD . 'temp_pd_options' . RD, $pulldown);
}
}
if ($val == 'relationship') {
if (preg_match("#" . LD . "options" . RD . "(.+?)" . LD . '/' . "options" . RD . "#s", $relationship, $pmatch)) {
$rel_options = $pmatch['1'];
$relationship = str_replace($pmatch['0'], LD . 'temp_rel_options' . RD, $relationship);
}
}
$custom_fields = str_replace($match['0'], LD . 'temp_' . $val . RD, $custom_fields);
}
}
if (preg_match("#" . LD . "if\\s+required" . RD . "(.+?)" . LD . '/' . "if" . RD . "#s", $custom_fields, $match)) {
$required = $match['1'];
$custom_fields = str_replace($match['0'], LD . 'temp_required' . RD, $custom_fields);
}
/** --------------------------------
/** Parse Custom Fields
/** --------------------------------*/
$build = '';
foreach ($query->result as $row) {
$temp_chunk = $custom_fields;
$temp_field = '';
switch ($which) {
case 'preview':
$field_data = !isset($_POST['field_id_' . $row['field_id']]) ? '' : $_POST['field_id_' . $row['field_id']];
$field_fmt = !isset($_POST['field_ft_' . $row['field_id']]) ? $row['field_fmt'] : $_POST['field_ft_' . $row['field_id']];
break;
case 'edit':
$field_data = !isset($result->row['field_id_' . $row['field_id']]) ? '' : $result->row['field_id_' . $row['field_id']];
$field_fmt = !isset($result->row['field_ft_' . $row['field_id']]) ? $row['field_fmt'] : $result->row['field_ft_' . $row['field_id']];
break;
default:
$field_data = '';
$field_fmt = $row['field_fmt'];
break;
}
/** --------------------------------
/** Textarea field types
/** --------------------------------*/
if ($row['field_type'] == 'textarea' and $textarea != '') {
$temp_chunk = str_replace(LD . 'temp_textarea' . RD, $textarea, $temp_chunk);
}
if ($row['field_type'] == 'text' and $textinput != '') {
$temp_chunk = str_replace(LD . 'temp_textinput' . RD, $textinput, $temp_chunk);
}
if ($row['field_type'] == 'rel') {
if ($row['field_related_to'] == 'blog') {
$relto = 'exp_weblog_titles';
$relid = 'weblog_id';
} else {
$relto = 'exp_gallery_entries';
$relid = 'gallery_id';
}
if ($row['field_related_orderby'] == 'date') {
$row['field_related_orderby'] = 'entry_date';
}
$sql = "SELECT entry_id, title FROM " . $relto . " WHERE " . $relid . " = '" . $DB->escape_str($row['field_related_id']) . "' ";
$sql .= "ORDER BY " . $row['field_related_orderby'] . " " . $row['field_related_sort'];
if ($row['field_related_max'] > 0) {
$sql .= " LIMIT " . $row['field_related_max'];
}
$relquery = $DB->query($sql);
if ($relquery->num_rows > 0) {
$relentry_id = '';
if (!isset($_POST['field_id_' . $row['field_id']])) {
$relentry = $DB->query("SELECT rel_child_id FROM exp_relationships WHERE rel_id = '" . $DB->escape_str($field_data) . "'");
if ($relentry->num_rows == 1) {
$relentry_id = $relentry->row['rel_child_id'];
}
} else {
$relentry_id = $_POST['field_id_' . $row['field_id']];
}
$temp_options = $rel_options;
$temp_options = str_replace(LD . 'option_name' . RD, '--', $temp_options);
$temp_options = str_replace(LD . 'option_value' . RD, '', $temp_options);
$temp_options = str_replace(LD . 'selected' . RD, '', $temp_options);
$pdo = $temp_options;
foreach ($relquery->result as $relrow) {
$temp_options = $rel_options;
$temp_options = str_replace(LD . 'option_name' . RD, $relrow['title'], $temp_options);
$temp_options = str_replace(LD . 'option_value' . RD, $relrow['entry_id'], $temp_options);
$temp_options = str_replace(LD . 'selected' . RD, $relentry_id == $relrow['entry_id'] ? ' selected="selected"' : '', $temp_options);
$pdo .= $temp_options;
}
$temp_relationship = str_replace(LD . 'temp_rel_options' . RD, $pdo, $relationship);
$temp_chunk = str_replace(LD . 'temp_relationship' . RD, $temp_relationship, $temp_chunk);
}
}
if ($row['field_type'] == 'date' and $date != '') {
$temp_chunk = $custom_fields;
$date_field = 'field_id_' . $row['field_id'];
$date_local = 'field_dt_' . $row['field_id'];
$dtwhich = $which;
if (isset($_POST[$date_field])) {
$field_data = $_POST[$date_field];
$dtwhich = 'preview';
}
$custom_date = '';
$localize = FALSE;
if ($dtwhich != 'preview') {
$localize = TRUE;
if ($field_data != '' and isset($result->row['field_dt_' . $row['field_id']]) and $result->row['field_dt_' . $row['field_id']] != '') {
$field_data = $LOC->offset_entry_dst($field_data, $dst_enabled);
$field_data = $LOC->simpl_offset($field_data, $result->row['field_dt_' . $row['field_id']]);
$localize = FALSE;
}
if ($field_data != '') {
$custom_date = $LOC->set_human_time($field_data, $localize);
}
$cal_date = $LOC->set_localized_time($custom_date) * 1000;
} else {
$custom_date = $_POST[$date_field];
$cal_date = $custom_date != '' ? $LOC->set_localized_time($LOC->convert_human_date_to_gmt($custom_date)) * 1000 : $LOC->set_localized_time() * 1000;
}
$temp_chunk = str_replace(LD . 'temp_date' . RD, $date, $temp_chunk);
$temp_chunk = str_replace(LD . 'date' . RD, $custom_date, $temp_chunk);
} elseif ($row['field_type'] == 'select' and $pulldown != '') {
if ($row['field_pre_populate'] == 'n') {
$pdo = '';
if ($row['field_required'] == 'n') {
$temp_options = $pd_options;
$temp_options = str_replace(LD . 'option_name' . RD, '--', $temp_options);
$temp_options = str_replace(LD . 'option_value' . RD, '', $temp_options);
$temp_options = str_replace(LD . 'selected' . RD, '', $temp_options);
$pdo = $temp_options;
}
foreach (explode("\n", trim($row['field_list_items'])) as $v) {
$temp_options = $pd_options;
$v = trim($v);
$temp_options = str_replace(LD . 'option_name' . RD, $v, $temp_options);
$temp_options = str_replace(LD . 'option_value' . RD, $v, $temp_options);
$temp_options = str_replace(LD . 'selected' . RD, $v == $field_data ? ' selected="selected"' : '', $temp_options);
$pdo .= $temp_options;
}
$temp_pulldown = str_replace(LD . 'temp_pd_options' . RD, $pdo, $pulldown);
$temp_chunk = str_replace(LD . 'temp_pulldown' . RD, $temp_pulldown, $temp_chunk);
} else {
// We need to pre-populate this menu from an another weblog custom field
$pop_query = $DB->query("SELECT field_id_" . $row['field_pre_field_id'] . " FROM exp_weblog_data WHERE weblog_id = " . $row['field_pre_blog_id'] . "");
if ($pop_query->num_rows > 0) {
$temp_options = $rel_options;
$temp_options = str_replace(LD . 'option_name' . RD, '--', $temp_options);
$temp_options = str_replace(LD . 'option_value' . RD, '', $temp_options);
$temp_options = str_replace(LD . 'selected' . RD, '', $temp_options);
$pdo = $temp_options;
foreach ($pop_query->result as $prow) {
$pretitle = substr($prow['field_id_' . $row['field_pre_field_id']], 0, 110);
$pretitle = preg_replace("/\r\n|\r|\n|\t/", ' ', $pretitle);
$pretitle = $REGX->form_prep($pretitle);
$temp_options = $rel_options;
$temp_options = str_replace(LD . 'option_name' . RD, $pretitle, $temp_options);
$temp_options = str_replace(LD . 'option_value' . RD, $REGX->form_prep($prow['field_id_' . $row['field_pre_field_id']]), $temp_options);
$temp_options = str_replace(LD . 'selected' . RD, $prow['field_id_' . $row['field_pre_field_id']] == $field_data ? ' selected="selected"' : '', $temp_options);
$pdo .= $temp_options;
}
$temp_relationship = str_replace(LD . 'temp_rel_options' . RD, $pdo, $relationship);
$temp_chunk = str_replace(LD . 'temp_relationship' . RD, $temp_relationship, $temp_chunk);
}
}
}
if ($row['field_required'] == 'y') {
$temp_chunk = str_replace(LD . 'temp_required' . RD, $required, $temp_chunk);
} else {
$temp_chunk = str_replace(LD . 'temp_required' . RD, '', $temp_chunk);
}
$temp_chunk = str_replace(LD . 'field_data' . RD, $REGX->form_prep($field_data), $temp_chunk);
$temp_chunk = str_replace(LD . 'temp_date' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'temp_textarea' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'temp_relationship' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'temp_textinput' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'temp_pulldown' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'temp_pd_options' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'calendar_link' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'calendar_id' . RD, '', $temp_chunk);
$temp_chunk = str_replace(LD . 'rows' . RD, !isset($row['field_ta_rows']) ? '10' : $row['field_ta_rows'], $temp_chunk);
$temp_chunk = str_replace(LD . 'field_label' . RD, $row['field_label'], $temp_chunk);
$temp_chunk = str_replace(LD . 'field_instructions' . RD, $row['field_instructions'], $temp_chunk);
$temp_chunk = str_replace(LD . 'text_direction' . RD, $row['field_text_direction'], $temp_chunk);
$temp_chunk = str_replace(LD . 'maxlength' . RD, $row['field_maxl'], $temp_chunk);
$temp_chunk = str_replace(LD . 'field_name' . RD, 'field_id_' . $row['field_id'], $temp_chunk);
$hidden_fields['field_ft_' . $row['field_id']] = $field_fmt;
// $temp_chunk .= "\n<input type='hidden' name='field_ft_".$row['field_id']."' value='".$field_fmt."' />\n";
$build .= $temp_chunk;
}
$tagdata = str_replace(LD . 'temp_custom_fields' . RD, stripslashes($build), $tagdata);
}
/** ----------------------------------------
/** Categories
/** ----------------------------------------*/
if (preg_match("#" . LD . "category_menu" . RD . "(.+?)" . LD . '/' . "category_menu" . RD . "#s", $tagdata, $match)) {
// -------------------------------------------
// 'weblog_standalone_form_category_menu' hook.
// - Rewrite the displaying of categories, if you dare!
//
if ($EXT->active_hook('weblog_standalone_form_category_menu') === TRUE) {
$edata = $EXT->call_extension('weblog_standalone_form_category_menu', $cat_group, $which, $deft_category, $catlist);
$match['1'] = str_replace(LD . 'select_options' . RD, $edata, $match['1']);
$tagdata = str_replace($match['0'], $match['1'], $tagdata);
if ($EXT->end_script === TRUE) {
return;
}
} else {
$this->category_tree_form($cat_group, $which, $deft_category, $catlist);
if (count($this->categories) == 0) {
$tagdata = str_replace($match['0'], '', $tagdata);
} else {
$c = '';
foreach ($this->categories as $val) {
$c .= $val;
}
$match['1'] = str_replace(LD . 'select_options' . RD, $c, $match['1']);
$tagdata = str_replace($match['0'], $match['1'], $tagdata);
}
}
//
// -------------------------------------------
}
/** ----------------------------------------
/** Ping Servers
/** ----------------------------------------*/
if (preg_match("#" . LD . "ping_servers" . RD . "(.+?)" . LD . '/' . "ping_servers" . RD . "#s", $tagdata, $match)) {
$field = preg_match("#" . LD . "ping_row" . RD . "(.+?)" . LD . '/' . "ping_row" . RD . "#s", $tagdata, $match1) ? $match1['1'] : '';
if (!isset($match1['0'])) {
$tagdata = str_replace($match['0'], '', $tagdata);
}
$ping_servers = $this->fetch_ping_servers($which);
if (!is_array($ping_servers) or count($ping_servers) == 0) {
$tagdata = str_replace($match['0'], '', $tagdata);
} else {
$ping_build = '';
foreach ($ping_servers as $val) {
$temp = $field;
$temp = str_replace(LD . 'ping_value' . RD, $val['0'], $temp);
$temp = str_replace(LD . 'ping_checked' . RD, $val['1'], $temp);
$temp = str_replace(LD . 'ping_server_name' . RD, $val['2'], $temp);
$ping_build .= $temp;
}
$match['1'] = str_replace($match1['0'], $ping_build, $match['1']);
$tagdata = str_replace($match['0'], $match['1'], $tagdata);
}
}
/** ----------------------------------------
/** Status
/** ----------------------------------------*/
if (preg_match("#" . LD . "status_menu" . RD . "(.+?)" . LD . '/' . "status_menu" . RD . "#s", $tagdata, $match)) {
if (isset($_POST['status'])) {
$deft_status = $_POST['status'];
}
if ($deft_status == '') {
$deft_status = 'open';
}
if ($status == '') {
$status = $deft_status;
}
/** --------------------------------
/** Fetch disallowed statuses
/** --------------------------------*/
$no_status_access = array();
if ($SESS->userdata['group_id'] != 1) {
$query = $DB->query("SELECT status_id FROM exp_status_no_access WHERE member_group = '" . $SESS->userdata['group_id'] . "'");
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
$no_status_access[] = $row['status_id'];
}
}
}
/** --------------------------------
/** Create status menu
/** --------------------------------*/
$r = '';
if ($status_query->num_rows == 0) {
// if there is no status group assigned, only Super Admins can create 'open' entries
if ($SESS->userdata['group_id'] == 1) {
$selected = $status == 'open' ? " selected='selected'" : '';
$r .= "<option value='open'" . $selected . ">" . $LANG->line('open') . "</option>";
}
$selected = $status == 'closed' ? " selected='selected'" : '';
$r .= "<option value='closed'" . $selected . ">" . $LANG->line('closed') . "</option>";
} else {
$no_status_flag = TRUE;
foreach ($status_query->result as $row) {
$selected = $status == $row['status'] ? " selected='selected'" : '';
if ($selected != 1) {
if (in_array($row['status_id'], $no_status_access)) {
continue;
}
}
$no_status_flag = FALSE;
$status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? $LANG->line($row['status']) : $row['status'];
$r .= "<option value='" . $REGX->form_prep($row['status']) . "'" . $selected . ">" . $REGX->form_prep($status_name) . "</option>\n";
}
if ($no_status_flag == TRUE) {
$tagdata = str_replace($match['0'], '', $tagdata);
}
}
$match['1'] = str_replace(LD . 'select_options' . RD, $r, $match['1']);
$tagdata = str_replace($match['0'], $match['1'], $tagdata);
}
/** ----------------------------------------
/** Trackback field
/** ----------------------------------------*/
if (preg_match("#" . LD . "if\\s+trackback" . RD . "(.+?)" . LD . '/' . "if" . RD . "#s", $tagdata, $match)) {
if ($show_trackback_field == 'n') {
$tagdata = str_replace($match['0'], '', $tagdata);
} else {
$tagdata = str_replace($match['0'], $match['1'], $tagdata);
}
}
/** ----------------------------------------
/** Parse single variables
/** ----------------------------------------*/
foreach ($TMPL->var_single as $key => $val) {
/** ----------------------------------------
/** {title}
/** ----------------------------------------*/
if ($key == 'title') {
$title = !isset($_POST['title']) ? $title : stripslashes($_POST['title']);
$tagdata = $TMPL->swap_var_single($key, $REGX->form_prep($title), $tagdata);
}
/** ----------------------------------------
/** {allow_comments}
/** ----------------------------------------*/
if ($key == 'allow_comments') {
if ($which == 'preview') {
$checked = !isset($_POST['allow_comments']) || $comment_system_enabled != 'y' ? '' : "checked='checked'";
} else {
$checked = $deft_comments == 'n' || $comment_system_enabled != 'y' ? '' : "checked='checked'";
}
$tagdata = $TMPL->swap_var_single($key, $checked, $tagdata);
}
/** ----------------------------------------
/** {allow_trackbacks}
/** ----------------------------------------*/
if ($key == 'allow_trackbacks') {
if ($which == 'preview') {
$checked = !isset($_POST['allow_trackbacks']) || $trackback_system_enabled != 'y' ? '' : "checked='checked'";
} else {
$checked = $deft_trackbacks == 'n' || $trackback_system_enabled != 'y' ? '' : "checked='checked'";
}
$tagdata = $TMPL->swap_var_single($key, $checked, $tagdata);
}
/** ----------------------------------------
/** {dst_enabled}
/** ----------------------------------------*/
if ($key == 'dst_enabled') {
if ($which == 'preview') {
$checked = isset($_POST['dst_enabled']) && $PREFS->ini('honor_entry_dst') == 'y' ? "checked='checked'" : '';
} else {
$checked = $dst_enabled == 'y' ? "checked='checked'" : '';
}
$tagdata = $TMPL->swap_var_single($key, $checked, $tagdata);
}
/** ----------------------------------------
/** {sticky}
/** ----------------------------------------*/
if ($key == 'sticky') {
$checked = '';
if ($which == 'preview') {
$checked = !isset($_POST['sticky']) ? '' : "checked='checked'";
}
$tagdata = $TMPL->swap_var_single($key, $checked, $tagdata);
}
/** ----------------------------------------
/** {url_title}
/** ----------------------------------------*/
if ($key == 'url_title') {
$url_title = !isset($_POST['url_title']) ? $url_title : $_POST['url_title'];
$tagdata = $TMPL->swap_var_single($key, $url_title, $tagdata);
}
/** ----------------------------------------
/** {entry_date}
/** ----------------------------------------*/
if ($key == 'entry_date') {
$entry_date = !isset($_POST['entry_date']) ? $LOC->set_human_time($LOC->now) : $_POST['entry_date'];
$tagdata = $TMPL->swap_var_single($key, $entry_date, $tagdata);
}
/** ----------------------------------------
/** {expiration_date}
/** ----------------------------------------*/
if ($key == 'expiration_date') {
$expiration_date = !isset($_POST['expiration_date']) ? '' : $_POST['expiration_date'];
$tagdata = $TMPL->swap_var_single($key, $expiration_date, $tagdata);
}
/** ----------------------------------------
/** {comment_expiration_date}
/** ----------------------------------------*/
if ($key == 'comment_expiration_date') {
$comment_expiration_date = '';
if ($which == 'preview') {
$comment_expiration_date = !isset($_POST['comment_expiration_date']) ? '' : $_POST['comment_expiration_date'];
} else {
if ($comment_expiration > 0) {
$comment_expiration_date = $comment_expiration * 86400;
$comment_expiration_date = $comment_expiration_date + $LOC->now;
$comment_expiration_date = $LOC->set_human_time($comment_expiration_date);
}
}
$tagdata = $TMPL->swap_var_single($key, $comment_expiration_date, $tagdata);
}
/** ----------------------------------------
/** {trackback_urls}
/** ----------------------------------------*/
if ($key == 'trackback_urls') {
$trackback_urls = !isset($_POST['trackback_urls']) ? '' : stripslashes($_POST['trackback_urls']);
$tagdata = $TMPL->swap_var_single($key, $trackback_urls, $tagdata);
}
}
// -------------------------------------------
// 'weblog_standalone_form_end' hook.
// - Allows adding to end of submission form
//
if ($EXT->active_hook('weblog_standalone_form_end') === TRUE) {
$tagdata = $EXT->call_extension('weblog_standalone_form_end', $tagdata);
}
//
// -------------------------------------------
// Build the form
$data = array('hidden_fields' => $hidden_fields, 'action' => $RET, 'id' => 'entryform');
$res = $FNS->form_declaration($data);
if ($TMPL->fetch_param('use_live_url') != 'no') {
$res .= $url_title_js;
}
$res .= $tagdata;
$res .= "</form>";
return $res;
}
public static function GenerateRenderAtPublish($html, $site, $page)
{
// set images URL
$imagesURL = $site['Domain'] . '/';
// build out the menus where render is set to publish
foreach ($html->find('respond-menu[render=publish]') as $el) {
// get the type
if ($el->type) {
$type = $el->type;
// init menu
$menu = '<ul';
// set class if applicable
if (isset($el->class)) {
$menu .= ' class="' . $el->class . '">';
} else {
$menu .= '>';
}
// get items for type
$menuItems = MenuItem::GetMenuItemsForType($site['SiteId'], $type);
$i = 0;
$parent_flag = false;
$new_parent = true;
// walk through items
foreach ($menuItems as $menuItem) {
$url = $menuItem['Url'];
$name = $menuItem['Name'];
$css = '';
$cssClass = '';
$active = '';
if ($page['PageId'] == $menuItem['PageId']) {
$css = 'active';
}
$css .= ' ' . $menuItem['CssClass'];
if (trim($css) != '') {
$cssClass = ' class="' . $css . '"';
}
// check for new parent
if (isset($menuItems[$i + 1])) {
if ($menuItems[$i + 1]['IsNested'] == 1 && $new_parent == true) {
$parent_flag = true;
}
}
$menu_root = '/';
// check for external links
if (strpos($url, 'http') !== false) {
$menu_root = '';
}
if ($new_parent == true && $parent_flag == true) {
$menu .= '<li class="dropdown">';
$menu .= '<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">' . $menuItem['Name'] . ' <span class="caret"></span></a>';
$menu .= '<ul class="dropdown-menu">';
$new_parent = false;
} else {
$menu .= '<li' . $cssClass . '>';
$menu .= '<a href="' . $url . '">' . $menuItem['Name'] . '</a>';
$menu .= '</li>';
}
// end parent
if (isset($menuItems[$i + 1])) {
if ($menuItems[$i + 1]['IsNested'] == 0 && $parent_flag == true) {
$menu .= '</ul></li>';
// end parent if next item is not nested
$parent_flag = false;
$new_parent = true;
}
} else {
if ($parent_flag == true) {
$menu .= '</ul></li>';
// end parent if next menu item is null
$parent_flag = false;
$new_parent = true;
}
}
$i = $i + 1;
}
$menu .= '</ul>';
$el->outertext = $menu;
}
/* isset */
}
/* foreach */
// replace content where render is set to publish
foreach ($html->find('respond-content[render=publish]') as $el) {
// get the url
if (isset($el->url)) {
$url = $el->url;
$url = Publish::ApplyMustacheSyntax($url, $site, $page);
// replace the / with a period
$url = str_replace('/', '.', $url);
$url .= '.html';
$content_html = '';
// get the content from the site
$content_dest = SITES_LOCATION . '/' . $site['FriendlyId'] . '/templates/page/' . $url;
if (file_exists($content_dest)) {
$content_html = file_get_contents($content_dest);
}
// update images url
$content_html = str_replace('{{site.ImagesUrl}}', $imagesURL, $content_html);
$content_html = str_replace('{{site.ImagesURL}}', $imagesURL, $content_html);
// set outer text
if ($content_html != '') {
$el->outertext = $content_html;
}
}
}
/* foreach */
return $html;
}
/**
* @method POST
*/
function update()
{
// get token
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
$url = $request['url'];
$type = $request['type'];
$site = Site::GetBySiteId($token->SiteId);
if ($type == 'logo') {
Site::EditLogo($token->SiteId, $url);
} else {
if ($type == 'icon') {
Site::EditIcon($token->SiteId, $url);
if (FILES_ON_S3 == true) {
$bucket = $site['Bucket'];
$imagesURL = str_replace('{{bucket}}', $bucket, S3_URL);
$imagesURL = str_replace('{{site}}', $site['FriendlyId'], $imagesURL);
$source = $imagesURL . '/files/' . $url;
} else {
$source = SITES_LOCATION . '/' . $site['FriendlyId'] . '/files/' . $url;
}
// create the icon
$destination = SITES_LOCATION . '/' . $site['FriendlyId'] . '/favicon.ico';
$ico_lib = new PHP_ICO($source, array(array(32, 32), array(64, 64)));
$ico_lib->save_ico($destination);
}
}
// publish site JSON
Publish::PublishSiteJSON($token->SiteId);
return new Tonic\Response(Tonic\Response::OK);
} else {
// unauthorized access
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
return new Tonic\Response(Tonic\Response::NOTIMPLEMENTED);
}
/**
* @method POST
*/
function post()
{
// get token
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
$name = $request['name'];
$content = $request['content'];
$site = Site::GetBySiteId($token->SiteId);
$directory = SITES_LOCATION . '/' . $site['FriendlyId'] . '/themes/' . $site['Theme'] . '/layouts/';
$file = $directory . $name . '.html';
file_put_contents($file, $content);
// save to file
// publish index to root
if ($name == 'index' && $site['UrlMode'] != 'static') {
$index = SITES_LOCATION . '/' . $site['FriendlyId'] . '/index.html';
file_put_contents($index, $content);
// save to file
}
// republish pages for static mode
if ($site['UrlMode'] == 'static') {
Publish::PublishAllPages($site['SiteId']);
}
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'text/HTML';
$response->body = $content;
return $response;
} else {
// return an unauthorized exception (401)
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
function mark($as = 'spam', $type = 'comments')
{
global $IN, $LANG, $DSP, $FNS, $DB;
// if no comments are posted, go home
if ($as == 'spam' && !$IN->GBL('comment_ids', 'POST') or $as == 'ham' && !$IN->GBL('toggle', 'POST')) {
return $this->home();
}
$comments = array();
$type = $IN->GBL('T');
// turn comments into array
if ($as == 'spam') {
$comments = explode('|', $IN->GBL('comment_ids', 'POST'));
} else {
foreach ($IN->GBL('toggle', 'POST') as $key => $comment_id) {
$comments[] = $comment_id;
// needed to play nice with the Publish class
$_POST['toggle_' . $key] = 'c' . $comment_id;
}
}
// Get the Low_nospam class
if (!class_exists('Low_nospam')) {
require PATH_MOD . 'low_nospam/mod.low_nospam' . EXT;
}
// init nospam class
$NSPM = new Low_nospam();
if ($NSPM->is_available and $NSPM->is_valid) {
$method = 'mark_as_' . $as;
foreach ($this->get_comments($comments, $type) as $row) {
// marks the comments as spam/ham
$NSPM->{$method}($row);
}
if ($type == 'gallery') {
// Handle gallery comments
if ($as == 'spam') {
// Just delete 'em; they're closed, so no stats are affected
$DB->query("DELETE FROM exp_gallery_comments WHERE comment_id IN ('" . implode("','", $comments) . "')");
} else {
// Gallery module doesn't support batch opening of closed comments,
// and I'll be damned if I'm gonna write all that stuff myself.
// I'll just show a message saying 'open them using the Gallery module'...
$FNS->redirect(BASE . AMP . 'C=modules' . AMP . 'M=' . $this->name . AMP . 'msg=open_gallery_comments_not_supported');
}
} else {
// Get the Publish class, to delete the comments
if (!class_exists('Publish')) {
require PATH_CP . 'cp.publish' . EXT;
}
$PUB = new Publish();
// init publish class
// Delete or Open
$as == 'spam' ? $PUB->delete_comment() : $PUB->change_comment_status('open');
}
// go back home, using redirect
$FNS->redirect(BASE . AMP . 'C=modules' . AMP . 'M=' . $this->name . AMP . 'msg=comments_' . ($as == 'spam' ? 'deleted' : 'opened'));
exit;
} else {
// Service not available or invalid key...
}
}
/**
* 删除一篇文章
*
* @param int $id
*
* @throws \Exception\Msg
*
* @return int
*/
public static function destory($id)
{
$data = self::show($id);
if (empty($data)) {
throw new \Exception\Msg(_('文章不存在'));
}
User::validateAuth($data['uid']);
//发布至Github中
try {
$publish_result = Publish::articleDestroy($id);
} catch (\Exception\Api $e) {
if ($e->getCode() != 404) {
throw $e;
}
}
$result = parent::destory($id);
if ($result) {
//计数器-1
Counter\Article::decr($data['category_id']);
Counter\Article::decr(0);
}
return $result;
}
function category_manager($group_id = '', $update = FALSE)
{
global $DSP, $IN, $DB, $LANG, $SESS;
if ($IN->GBL('Z') == 1) {
if (!$DSP->allowed_group('can_admin_weblogs') and !$DSP->allowed_group('can_edit_categories')) {
return $DSP->no_access_message();
}
} else {
if (!$DSP->allowed_group('can_admin_weblogs')) {
return $DSP->no_access_message();
}
}
if ($group_id == '') {
if (($group_id = $IN->GBL('group_id')) === FALSE or !is_numeric($group_id)) {
return FALSE;
}
}
/** ---------------------------------------
/** Check discrete privileges
/** ---------------------------------------*/
if ($IN->GBL('Z') == 1) {
$query = $DB->query("SELECT can_edit_categories FROM exp_category_groups WHERE group_id = '" . $DB->escape_str($group_id) . "'");
if ($query->num_rows == 0) {
return FALSE;
}
$can_edit = explode('|', rtrim($query->row['can_edit_categories'], '|'));
if ($SESS->userdata['group_id'] != 1 and !in_array($SESS->userdata['group_id'], $can_edit)) {
return $DSP->no_access_message();
}
}
$zurl = $IN->GBL('Z') == 1 ? AMP . 'Z=1' : '';
$zurl .= $IN->GBL('cat_group') !== FALSE ? AMP . 'cat_group=' . $IN->GBL('cat_group') : '';
$zurl .= $IN->GBL('integrated') !== FALSE ? AMP . 'integrated=' . $IN->GBL('integrated') : '';
$query = $DB->query("SELECT group_name, sort_order FROM exp_category_groups WHERE group_id = '" . $DB->escape_str($group_id) . "'");
$group_name = $query->row['group_name'];
$sort_order = $query->row['sort_order'];
$r = '';
if ($IN->GBL('Z') == 1) {
$url = BASE . AMP . 'C=admin' . AMP . 'M=blog_admin' . AMP . 'P=edit_category' . AMP . 'group_id=' . $group_id . $zurl;
$js = ' onclick="navjump(\'' . $url . '\');" onmouseover="navCrumbOn();" onmouseout="navCrumbOff();" ';
$r .= $DSP->anchor($url, '<div class="crumblinksR" style="width:300px;margin-left:auto;" id="rcrumb" ' . $js . '>' . $DSP->qdiv('itemWrapper', $LANG->line('new_category')) . '</div>');
}
$r .= $DSP->qdiv('tableHeading', $group_name);
if ($update != FALSE) {
$r .= $DSP->qdiv('box', $DSP->qspan('success', $LANG->line('category_updated')));
}
// Fetch the category tree
$this->category_tree('table', $group_id, '', $sort_order);
if (count($this->categories) == 0) {
$r .= $DSP->qdiv('box', $DSP->qdiv('highlight', $LANG->line('no_category_message')));
} else {
$r .= $DSP->table('tableBorder', '0', '0') . $DSP->tr() . $DSP->table_qcell('tableHeadingAlt', 'ID', '2%') . $DSP->table_qcell('tableHeadingAlt', $LANG->line('order'), '8%') . $DSP->table_qcell('tableHeadingAlt', $LANG->line('category_name'), '50%') . $DSP->table_qcell('tableHeadingAlt', $LANG->line('edit'), '20%') . $DSP->table_qcell('tableHeadingAlt', $LANG->line('delete'), '20%');
$r .= $DSP->tr_c();
foreach ($this->categories as $val) {
$prefix = strlen($val['0']) == 1 ? NBS . NBS : NBS;
$r .= $val;
}
$r .= $DSP->table_c();
$r .= $DSP->qdiv('defaultSmall', '');
// Category order
if ($IN->GBL('Z') == FALSE) {
$r .= $DSP->form_open(array('action' => 'C=admin' . AMP . 'M=blog_admin' . AMP . 'P=global_cat_order' . AMP . 'group_id=' . $group_id . $zurl));
$r .= $DSP->div('box320');
$r .= $DSP->qdiv('defaultBold', $LANG->line('global_sort_order'));
$r .= $DSP->div('itemWrapper');
$r .= $DSP->input_radio('sort_order', 'a', $sort_order == 'a' ? 1 : '') . NBS . $LANG->line('alpha') . NBS . NBS . $DSP->input_radio('sort_order', 'c', $sort_order != 'a' ? 1 : '') . NBS . $LANG->line('custom');
$r .= NBS . NBS . NBS . $DSP->input_submit($LANG->line('update'));
$r .= $DSP->div_c();
$r .= $DSP->div_c();
$r .= $DSP->form_close();
}
}
// Build category tree for javascript replacement
if ($IN->GBL('Z') == 1) {
if (!class_exists('Publish')) {
require PATH_CP . 'cp.publish' . EXT;
}
$PUB = new Publish();
$PUB->category_tree($IN->GBL('cat_group') !== FALSE ? $IN->GBL('cat_group') : $IN->GBL('group_id'), 'new', '', '', $IN->GBL('integrated') == 'y' ? 'y' : 'n');
$cm = "";
foreach ($PUB->categories as $val) {
$cm .= $val;
}
$cm = preg_replace("/(\r\n)|(\r)|(\n)/", '', $cm);
$DSP->extra_header = '
<script type="text/javascript">
function update_cats()
{
var str = "' . $cm . '";
opener.swap_categories(str);
window.close();
}
</script>';
// $r .= $DSP->qdiv('itemWrapper', $DSP->qdiv('defaultCenter', '<a href="javascript:update_cats();"><b>'.$LANG->line('update_publish_cats').'</b></a>'));
$r .= '<form>';
$r .= $DSP->qdiv('itemWrapper', $DSP->qdiv('defaultCenter', '<input type="submit" value="' . NBS . $LANG->line('update_publish_cats') . NBS . '" onclick="update_cats();"/>'));
$r .= '</form>';
}
// Assign output data
$DSP->title = $LANG->line('categories');
$DSP->crumb = $DSP->anchor(BASE . AMP . 'C=admin' . AMP . 'area=weblog_administration', $LANG->line('weblog_administration')) . $DSP->crumb_item($DSP->anchor(BASE . AMP . 'C=admin' . AMP . 'M=blog_admin' . AMP . 'P=categories', $LANG->line('category_groups'))) . $DSP->crumb_item($LANG->line('categories'));
$DSP->right_crumb($LANG->line('new_category'), BASE . AMP . 'C=admin' . AMP . 'M=blog_admin' . AMP . 'P=edit_category' . AMP . 'group_id=' . $group_id);
$DSP->body = $r;
}
public static function PublishPage($pageId, $preview = false, $remove_draft = false)
{
$page = Page::GetByPageId($pageId);
if ($page != null) {
$site = Site::GetBySiteId($page['SiteId']);
// test for now
Publish::PublishTemplate($page, $site, $preview, $remove_draft);
// do not publish a static page for include only pages
if ($page['IncludeOnly'] == 0) {
Publish::PublishStaticPage($page, $site, $preview, $remove_draft);
}
}
}
public static function DeploySite($siteId)
{
// get a reference to the site
$site = Site::GetBySiteId($siteId);
// create AWS client
$client = Aws\S3\S3Client::factory(array('key' => S3_KEY, 'secret' => S3_SECRET, 'region' => S3_LOCATION));
$bucket = $site['Bucket'];
$bucket_www = 'www.' . $site['Bucket'];
// create a bucket if it doesn't already exist
S3::CreateBucket($bucket);
// set local director
$local_dir = SITES_LOCATION . '/' . $site['FriendlyId'];
// prefix
$keyPrefix = '';
// set permissions
$options = array('params' => array('ACL' => 'public-read'), 'concurrency' => 20, 'debug' => true);
// sync folders, #ref: http://blogs.aws.amazon.com/php/post/Tx2W9JAA7RXVOXA/Syncing-Data-with-Amazon-S3
$client->uploadDirectory($local_dir, $bucket, $keyPrefix, $options);
// get json for the site
$json = json_encode(Publish::CreateSiteJSON($site, 'S3'));
// deploy an updated site.json
$result = $client->putObject(array('Bucket' => $bucket, 'Key' => 'data/site.json', 'Body' => $json, 'ContentType' => 'application/json', 'ACL' => 'public-read', 'StorageClass' => 'REDUCED_REDUNDANCY'));
/*
// #support for S3 ANAME
// #ref: http://docs.aws.amazon.com/aws-sdk-php/latest/class-Aws.S3.S3Client.html#_createBucket
$result = $client->createBucket(array(
'Bucket' => $bucket_www,
'ACL' => 'public-read'
));
// enable hosting for the bucket
$result = $client->putBucketWebsite(array(
// Bucket is required
'Bucket' => $bucket_www,
'RedirectAllRequestsTo' => array(
'HostName' => $bucket
)));
*/
}
function execute()
{
global $wgUser, $wgOut, $wgVoteDirectory, $IP;
require_once 'CommentClass.php';
require_once "{$wgVoteDirectory}/VoteClass.php";
require_once "{$wgVoteDirectory}/Publish.php";
require_once "{$IP}/extensions/UserStats/UserStatsClass.php";
$stats = new UserStatsTrack(1, $wgUser->mId, $wgUser->mName);
// Vote for a Comment
if ($_POST["mk"] == md5($_POST["cid"] . 'pants' . $wgUser->mName)) {
if (is_numeric($_GET["Action"]) && $_GET["Action"] == 1 && is_numeric($_POST["cid"])) {
if (is_numeric($_POST["cid"]) && is_numeric($_POST["vt"])) {
$dbr =& wfGetDB(DB_MASTER);
$sql = "SELECT comment_page_id,comment_user_id, comment_username FROM Comments WHERE CommentID = " . $_POST["cid"];
$res = $dbr->query($sql);
$row = $dbr->fetchObject($res);
if ($row) {
$PageID = $row->comment_page_id;
$Comment = new Comment($PageID);
$Comment->setUser($wgUser->mName, $wgUser->mId);
$Comment->CommentID = $_POST["cid"];
$Comment->setCommentVote($_POST["vt"]);
$Comment->setVoting($_POST["vg"]);
$Comment->addVote();
$out = $Comment->getCommentScore();
//must update stats for user doing the voting
$stats->incCommentScoreGiven($_POST["vt"]);
//also must update the stats for user receiving the vote
$stats_comment_owner = new UserStatsTrack(1, $row->comment_user_id, $row->comment_username);
$stats_comment_owner->updateCommentScoreRec($_POST["vt"]);
echo $out;
}
}
}
}
// get new Comment list
if (is_numeric($_GET["Action"]) && $_GET["Action"] == 2 && is_numeric($_POST["pid"])) {
$Comment = new Comment($_POST["pid"]);
$Comment->setUser($wgUser->mName, $wgUser->mId);
$Comment->setOrderBy($_POST["ord"]);
if ($_POST["shwform"] == 1) {
$output .= $Comment->displayOrderForm();
}
$output .= $Comment->display();
if ($_POST["shwform"] == 1) {
$output .= $Comment->diplayForm();
}
echo $output;
}
if ($_POST['ct'] != "" && is_numeric($_GET["Action"]) && $_GET["Action"] == 3) {
$input = $_POST['ct'];
$host = $_SERVER['SERVER_NAME'];
$input = str_replace($host, "", $input);
$AddComment = true;
if ($AddComment == true) {
$Comment = new Comment($_POST["pid"]);
$Comment->setUser($wgUser->mName, $wgUser->mId);
$Comment->setCommentText($_POST['ct']);
$Comment->setCommentParentID($_POST['par']);
$Comment->add();
//$stats->incCommentCount();
//score check after comment add
$Vote = new Vote($_POST["pid"]);
$publish = new Publish();
$publish->PageID = $_POST["pid"];
$publish->VoteCount = $Vote->count(1);
$publish->CommentCount = $Comment->count();
$publish->check_score();
}
}
if (is_numeric($_GET["Action"]) && $_GET["Action"] == 4 && is_numeric($_GET["pid"])) {
$Comment = new Comment($_GET["pid"]);
$Comment->setUser($wgUser->mName, $wgUser->mId);
echo $Comment->getLatestCommentID();
}
// This line removes the navigation and everything else from the
// page, if you don't set it, you get what looks like a regular wiki
// page, with the body you defined above.
$wgOut->setArticleBodyOnly(true);
}
public static function PublishPage($pageId, $preview = false, $remove_draft = false)
{
$page = Page::GetByPageId($pageId);
if ($page != null) {
$site = Site::GetBySiteId($page['SiteId']);
// test for now
if ($site['UrlMode'] == 'static') {
// for sites using static html pages (URL-based routing)
Publish::PublishDynamicPage($page, $site, $preview, $remove_draft);
// do not publish a static page for include only pages
if ($page['IncludeOnly'] == 0) {
Publish::PublishStaticPage($page, $site, $preview, $remove_draft);
}
// inject controllers
Publish::InjectControllers($site);
} else {
// publishes a dynamic version of the page (for sites using UI-ROUTER (html5, hashbang, etc)
Publish::PublishDynamicPage($page, $site, $preview, $remove_draft);
// inject states
Publish::InjectStates($site);
}
}
}
/**
* @method POST
*/
function publish($pageUniqId)
{
// get an authuser
$authUser = new AuthUser();
if (isset($authUser->UserUniqId)) {
// check if authorized
// get page
$page = Page::GetByPageUniqId($pageUniqId);
// make sure the user is part of the site (or is a superadmin)
if ($authUser->IsSuperAdmin == false && $authUser->SiteId != $page['SiteId']) {
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
// default is root
$pageTypeUniqId = -1;
// determine if file is in sub-direcotry
if ($page['PageTypeId'] != -1) {
$pageType = PageType::GetByPageTypeId($page['PageTypeId']);
// set page type
$pageTypeUniqId = $pageType['PageTypeUniqId'];
}
// check permissions
if (Utilities::CanPerformAction($pageTypeUniqId, $authUser->CanPublish) == false) {
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
// set the page to active
Page::SetIsActive($pageUniqId, 1);
// publish the page
Publish::PublishPage($pageUniqId);
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
} else {
// unauthorized access
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
/**
* @method POST
*/
function update()
{
// get an authuser
$authUser = new AuthUser();
if (isset($authUser->UserUniqId)) {
// check if authorized
parse_str($this->request->data, $request);
// parse request
$name = $request['name'];
$content = $request['content'];
$site = Site::GetBySiteId($authUser->SiteId);
$directory = '../sites/' . $site['FriendlyId'] . '/themes/' . $site['Theme'] . '/layouts/';
$file = $directory . $name . '.html';
file_put_contents($file, $content);
// save to file
Publish::PublishAllPages($site['SiteUniqId']);
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'text/HTML';
$response->body = $content;
} else {
// return an unauthorized exception (401)
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
/**
* @method POST
*/
function update()
{
// get token
$token = Utilities::ValidateJWTToken();
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
$color = $request['color'];
Site::EditIconBg($token->SiteId, $color);
// republish site
Publish::PublishContent($token->SiteId);
return new Tonic\Response(Tonic\Response::OK);
} else {
// unauthorized access
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
return new Tonic\Response(Tonic\Response::NOTIMPLEMENTED);
}
public function import_ics_data($calendar_id)
{
// -------------------------------------
// Get some basic info to use later
// -------------------------------------
$cbasics = $this->data->calendar_basics();
$cbasics = $cbasics[$calendar_id];
$urls = $cbasics['ics_url'];
if ($urls == '') {
return FALSE;
}
$tz_offset = $cbasics['tz_offset'] != '' ? $cbasics['tz_offset'] : '0000';
/*
This shouldn't be happening because DST is only something that
would need to be applied when generating the users current local time.
If an event were at 7pm EST or EDT, it would still be at 7pm either way.
I hate DST.
if ($tz_offset != '0000' AND ee()->config->item('daylight_savings') == 'y')
{
$tz_offset += 100;
}
*/
$channel_id = $this->data->channel_is_events_channel();
$author_id = $cbasics['author_id'];
// -------------------------------------
// Prepare the URLs
// -------------------------------------
if (!is_array($urls)) {
$urls = explode("\n", $urls);
}
foreach ($urls as $k => $url) {
$urls[$k] = trim($url);
}
// -------------------------------------
// Load iCalCreator
// -------------------------------------
if (!class_exists('vcalendar')) {
require_once CALENDAR_PATH_ASSETS . 'icalcreator/iCalcreator.class.php';
}
// -------------------------------------
// Load Calendar_datetime
// -------------------------------------
if (!class_exists('Calendar_datetime')) {
require_once CALENDAR_PATH . 'calendar.datetime' . EXT;
}
$CDT = new Calendar_datetime();
$CDT_end = new Calendar_datetime();
// -------------------------------------
// Load Publish
// -------------------------------------
if (APP_VER < 2.0) {
//need to set DSP if not present
if (!isset($GLOBALS['DSP']) or !is_object($GLOBALS['DSP'])) {
if (!class_exists('Display')) {
require_once PATH_CP . 'cp.display' . EXT;
}
$GLOBALS['DSP'] = new Display();
}
if (!class_exists('Publish')) {
require_once PATH_CP . 'cp.publish' . EXT;
}
$PB = new Publish();
$PB->assign_cat_parent = ee()->config->item('auto_assign_cat_parents') == 'n' ? FALSE : TRUE;
} else {
ee()->load->library('api');
ee()->api->instantiate(array('channel_entries', 'channel_categories', 'channel_fields'));
ee()->api_channel_entries->assign_cat_parent = ee()->config->item('auto_assign_cat_parents') == 'n' ? FALSE : TRUE;
}
// -------------------------------------
// Tell our extensions that we're running the icalendar import
// -------------------------------------
$this->cache['ical'] = TRUE;
// -------------------------------------
// Get already-imported events
// -------------------------------------
$imported = $this->data->get_imported_events($calendar_id);
// -------------------------------------
// Don't let EXT drop us early
// -------------------------------------
ee()->extensions->in_progress = '';
// -------------------------------------
// Cycle through the URLs
// -------------------------------------
foreach ($urls as $url) {
$ICAL = new vcalendar();
$ICAL->parse($this->fetch_url($url));
// -------------------------------------
// Iterate among the events
// -------------------------------------
while ($event = $ICAL->getComponent('vevent')) {
// -------------------------------------
// Times
// -------------------------------------
$hour = isset($event->dtstart['value']['hour']) ? $event->dtstart['value']['hour'] : 00;
$minute = isset($event->dtstart['value']['min']) ? $event->dtstart['value']['min'] : 00;
$end_hour = isset($event->dtend['value']['hour']) ? $event->dtend['value']['hour'] : $hour;
$end_minute = isset($event->dtend['value']['min']) ? $event->dtend['value']['min'] : $minute;
// -------------------------------------
// Last-modified date
// -------------------------------------
if (isset($event->lastmodified['value'])) {
$lm_date = $event->lastmodified['value']['year'] . $event->lastmodified['value']['month'] . $event->lastmodified['value']['day'] . $event->lastmodified['value']['hour'] . $event->lastmodified['value']['min'];
} elseif (isset($event->dtstamp['value'])) {
$lm_date = $event->dtstamp['value']['year'] . $event->dtstamp['value']['month'] . $event->dtstamp['value']['day'] . $event->dtstamp['value']['hour'] . $event->dtstamp['value']['min'];
} else {
$lm_date = $event->created['value']['year'] . $event->created['value']['month'] . $event->created['value']['day'] . $event->created['value']['hour'] . $event->created['value']['min'];
}
// -------------------------------------
// Does this event already exist? Do we need to update?
// -------------------------------------
if (isset($imported[$event->uid['value']])) {
// -------------------------------------
// Has the event been updated? No reason
// to do any work if it's the same old stuff.
// -------------------------------------
if ($lm_date == $imported[$event->uid['value']]['last_mod']) {
continue;
} elseif ($lm_date == $imported[$event->uid['value']]['last_mod']) {
continue;
}
$entry_id = $imported[$event->uid['value']]['entry_id'];
} else {
$entry_id = '';
}
// -------------------------------------
// Adjust CDT
// -------------------------------------
$CDT->change_datetime($event->dtstart['value']['year'], $event->dtstart['value']['month'], $event->dtstart['value']['day'], $hour, $minute);
if (isset($event->dtend['value'])) {
$CDT_end->change_datetime($event->dtend['value']['year'], $event->dtend['value']['month'], $event->dtend['value']['day'], $end_hour, $end_minute);
} else {
$CDT_end->change_ymd($CDT->ymd);
$CDT_end->change_time($end_hour, $end_minute);
}
// -------------------------------------
// Adjust to the correct timezone for thie calendar
// -------------------------------------
if (!isset($event->dtstart['params']['TZID']) or $event->dtstart['params']['TZID'] == '') {
if (isset($event->dtstart['value']['hour'])) {
$CDT->add_time($tz_offset);
$CDT_end->add_time($tz_offset);
} else {
$CDT_end->add_day(-1);
}
}
// -------------------------------------
// Variableification
// -------------------------------------
$title = isset($event->summary['value']) ? $event->summary['value'] : lang('no_title');
$summary = (isset($event->description) and is_array($event->description) and isset($event->description[0]['value'])) ? $event->description[0]['value'] : '';
$location = isset($event->location['value']) ? $event->location['value'] : '';
$rules = $this->ical_rule_to_calendar_rule($event->rrule);
$exceptions = array('date' => array());
if (mb_strlen($title) > 100) {
$title = substr($title, 0, 100);
}
if (is_array($event->exdate) and !empty($event->exdate)) {
$exceptions = $this->ical_exdate_to_calendar_exception($event->exdate);
}
$recurs = (is_array($event->rrule) and !empty($event->rrule)) ? 'y' : 'n';
// -------------------------------------
// Fix some linebreak problems
// -------------------------------------
$summary = str_replace(array("\r", "\n"), '', $summary);
$summary = str_replace('\\n', "\n", $summary);
// -------------------------------------
// Set up $_POST
// -------------------------------------
$_POST = $post_data = array('site_id' => $this->data->get_site_id(), 'author_id' => $author_id, 'entry_id' => $entry_id, 'weblog_id' => $channel_id, 'channel_id' => $channel_id, 'status' => 'open', 'entry_date' => date('Y-m-d H:i a', ee()->localize->now - 3600 * 24 * 2), 'title' => $title, 'calendar_id' => $calendar_id, 'field_id_' . $this->data->get_field_id(CALENDAR_EVENTS_FIELD_PREFIX . 'summary') => $summary, 'field_id_' . $this->data->get_field_id(CALENDAR_EVENTS_FIELD_PREFIX . 'location') => $location, 'rule_id' => array(), 'start_date' => array($CDT->ymd), 'start_time' => array($CDT->hour . $CDT->minute), 'end_date' => array($CDT_end->ymd), 'end_time' => array($CDT_end->hour . $CDT_end->minute), 'all_day' => !isset($event->dtstart['value']['hour']) ? 'y' : 'n', 'rule_type' => $rules['rule_type'], 'repeat_years' => $rules['repeat_years'], 'repeat_months' => $rules['repeat_months'], 'repeat_weeks' => $rules['repeat_weeks'], 'repeat_days' => $rules['repeat_days'], 'days_of_week' => $rules['days_of_week'], 'relative_dow' => $rules['relative_dow'], 'days_of_month' => $rules['days_of_month'], 'months_of_year' => $rules['months_of_year'], 'end_by' => $rules['end_by'], 'end_after' => $rules['end_after'], 'occurrences' => $exceptions, 'expiration_date' => '', 'comment_expiration_date' => '', 'allow_comments' => 'n');
// -------------------------------------
// Let Publish do its things
// -------------------------------------
if (APP_VER < 2.0) {
$PB->submit_new_entry(FALSE);
//<- LOOK HOW EASY IT USED TO BE >:|
} else {
//EE 1.x doesn't have this field
$opt_field = 'field_id_' . $this->data->get_field_id(CALENDAR_EVENTS_FIELD_PREFIX . 'dates_and_options');
$_POST[$opt_field] = $calendar_id;
$post_data[$opt_field] = $calendar_id;
//this worked pre EE 2.1.3, then stopped working? *sigh*
//now we have to do all of this mess manually for field
//settings before inserting new entries via the API
//ee()->api_channel_fields->fetch_custom_channel_fields();
//--------------------------------------------
// Check for custom field group
//--------------------------------------------
$fg_query = ee()->db->query("SELECT field_group\n\t\t\t\t\t\t FROM\texp_channels\n\t\t\t\t\t\t WHERE\tchannel_id = '" . ee()->db->escape_str($channel_id) . "'");
if ($fg_query->num_rows() > 0) {
$field_group = $fg_query->row('field_group');
ee()->lang->loadfile('channel');
ee()->lang->loadfile('content');
ee()->load->model('field_model');
ee()->load->model('channel_model');
// Rudimentary handling of custom fields
$field_query = ee()->channel_model->get_channel_fields($field_group);
$dst_enabled = ee()->session->userdata('daylight_savings');
foreach ($field_query->result_array() as $row) {
$field_data = '';
$field_dt = '';
$field_fmt = $row['field_fmt'];
// Settings that need to be prepped
$settings = array('field_instructions' => trim($row['field_instructions']), 'field_text_direction' => $row['field_text_direction'] == 'rtl' ? 'rtl' : 'ltr', 'field_fmt' => $field_fmt, 'field_dt' => $field_dt, 'field_data' => $field_data, 'field_name' => 'field_id_' . $row['field_id'], 'dst_enabled' => $dst_enabled);
$ft_settings = array();
if (isset($row['field_settings']) and strlen($row['field_settings'])) {
$ft_settings = unserialize(base64_decode($row['field_settings']));
}
$settings = array_merge($row, $settings, $ft_settings);
ee()->api_channel_fields->set_settings($row['field_id'], $settings);
}
}
//now we can do the new entry
ee()->api_channel_entries->submit_new_entry($channel_id, $post_data);
}
// -------------------------------------
// Update the imports table
// -------------------------------------
$data = array('calendar_id' => $calendar_id, 'event_id' => $this->cache['ical_event_id'], 'entry_id' => $this->cache['ical_entry_id'], 'uid' => $event->uid['value'], 'last_mod' => $lm_date);
if ($entry_id != '') {
$data['import_id'] = $imported[$event->uid['value']]['import_id'];
$this->data->update_imported_event($data);
} else {
//$data['import_id'] = '0';
$this->data->add_imported_event($data);
}
}
}
$this->data->update_ics_updated($calendar_id);
ee()->extensions->end_script = FALSE;
ee()->extensions->in_progress = APP_VER < 2.0 ? 'submit_new_entry_end' : 'entry_submission_end';
return TRUE;
}
/**
* @method POST
*/
function post()
{
// get token
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
// get user
$user = User::GetByUserId($token->UserId);
$site = Site::GetBySiteId($token->SiteId);
// creates an access object
$access = Utilities::SetAccess($user);
parse_str($this->request->data, $request);
// parse request
$pageId = $request['pageId'];
// get page type
$content = $request['content'];
// get page type
$status = 'draft';
// get page and site
$page = Page::GetByPageId($pageId);
// make sure the user is part of the site (or is a superadmin)
if ($user['SiteId'] != $page['SiteId']) {
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
// default is root
$pageTypeId = -1;
$pageType = NULL;
// determine if file is in sub-direcotry
if ($page['PageTypeId'] != -1) {
$pageType = PageType::GetByPageTypeId($page['PageTypeId']);
// set page type
$pageTypeId = $pageType['PageTypeId'];
}
// get permissions
$canEdit = Utilities::CanPerformAction($pageTypeId, $access['CanEdit']);
$canPublish = Utilities::CanPerformAction($pageTypeId, $access['CanPublish']);
// check permissions to save a draft
if ($canEdit == true || $canPublish == true) {
// create a preview
$url = Publish::PublishPage($page['PageId'], true);
}
// strip leading '../' from string
$url = str_replace('../', '', $url);
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'text/html';
$response->body = $url;
return $response;
} else {
// unauthorized access
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
public static function PublishStaticPage($page, $site, $preview = false, $remove_draft = false)
{
$dest = SITES_LOCATION . '/' . $site['FriendlyId'] . '/';
$imageurl = $dest . 'files/';
$siteurl = $site['Domain'] . '/';
$friendlyId = $page['FriendlyId'];
$url = '';
$file = '';
// created ctrl
$ctrl = ucfirst($page['FriendlyId']);
$ctrl = str_replace('-', '', $ctrl);
// set base
$base = '';
// create a static location for the page
if ($page['PageTypeId'] == -1) {
$url = $page['FriendlyId'] . '.html';
$dest = SITES_LOCATION . '/' . $site['FriendlyId'] . '/';
} else {
$pageType = PageType::GetByPageTypeId($page['PageTypeId']);
$dest = SITES_LOCATION . '/' . $site['FriendlyId'] . '/uncategorized/';
if ($pageType != null) {
$dest = SITES_LOCATION . '/' . $site['FriendlyId'] . '/' . $pageType['FriendlyId'] . '/';
// created ctrl
$ctrl = ucfirst($pageType['FriendlyId']) . $ctrl;
$ctrl = str_replace('-', '', $ctrl);
}
// explode friendlyid by '/'
$parts = explode('/', $pageType['FriendlyId']);
// set base based on the depth
foreach ($parts as $part) {
$base .= '../';
}
}
// create directory if it does not exist
if (!file_exists($dest)) {
mkdir($dest, 0755, true);
}
// generate default
$html = '';
$content = '';
// get index and layout (file_get_contents)
$index = SITES_LOCATION . '/' . $site['FriendlyId'] . '/themes/' . $site['Theme'] . '/layouts/index.html';
$layout = SITES_LOCATION . '/' . $site['FriendlyId'] . '/themes/' . $site['Theme'] . '/layouts/' . $page['Layout'] . '.html';
// get index html
if (file_exists($index)) {
$html = file_get_contents($index);
}
// get layout html
if (file_exists($layout)) {
$layout_html = file_get_contents($layout);
// set class
$cssClass = $page['Stylesheet'];
// set show-cart, show-settings, show-languages, show-login
if ($site['ShowCart'] == 1) {
$cssClass .= ' show-cart';
}
if ($site['ShowSettings'] == 1) {
$cssClass .= ' show-settings';
}
if ($site['ShowLanguages'] == 1) {
$cssClass .= ' show-languages';
}
if ($site['ShowLogin'] == 1) {
$cssClass .= ' show-login';
}
$html = str_replace('<body ui-view></body>', '<body page="' . $page['PageId'] . '" class="' . $cssClass . '">' . $layout_html . '</body>', $html);
$html = str_replace('<body></body>', '<body page="' . $page['PageId'] . '" class="' . $cssClass . '">' . $layout_html . '</body>', $html);
}
// get draft/content
if ($preview == true) {
$file = $page['FriendlyId'] . '.preview.html';
$content = $page['Draft'];
} else {
$file = $page['FriendlyId'] . '.html';
$content = $page['Content'];
}
// replace respond-content for layout with content
$html = str_replace('<respond-content id="main-content" url="{{page.Url}}"></respond-content>', $content, $html);
// remove any drafts associated with the page
if ($remove_draft == true) {
// remove a draft from the page
Page::RemoveDraft($page['PageId']);
}
if ($html !== NULL) {
// parse the html for menus
$html = str_get_html($html, true, true, DEFAULT_TARGET_CHARSET, false, DEFAULT_BR_TEXT);
// generate the [render=publish] components
$html = Publish::GenerateRenderAtPublish($html, $site, $page);
// applies the style attributes to the $html
$html = Publish::ApplyStyleAttributes($html);
// applies the mustache syntax
$html = Publish::ApplyMustacheSyntax($html, $site, $page);
} else {
$html = '';
}
// update base
$html = str_replace('<base href="/">', '<base href="' . $base . '">', $html);
// save the content to the published file
Utilities::SaveContent($dest, $file, $html);
return $dest . $file;
}
/**
* @method POST
*/
function post($theme)
{
// get an authuser
$authUser = new AuthUser();
if (isset($authUser->UserUniqId)) {
// check if authorized
$site = Site::GetBySiteUniqId($authUser->SiteUniqId);
// publishes a theme for a site
Publish::PublishTheme($site, $theme);
// republish site with the new theme
Publish::PublishSite($site['SiteUniqId']);
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
return $response;
} else {
// return an unauthorized exception (401)
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
/**
* 根据主键ID删除用户的一个或多个分类
*
* @param mixed $id ID或ID集
* @param string $uid 用户UID
*
* @return \int
*/
public static function destroyByUserBatch($ids, $uid = false)
{
$uid || ($uid = \Yaf_Registry::get('current_uid'));
$where = array(static::$_primary_key => $ids, 'uid' => $uid);
$result = self::db()->wAnd($where)->delete(true);
Publish::sidebar(true);
return $result;
}
/**
* @method POST
*/
function post()
{
// get an authuser
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
Publish::PublishMenuJSON($token->SiteId);
return new Tonic\Response(Tonic\Response::OK);
} else {
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
public function publish()
{
$flash = Flash::Instance();
$errors = array();
if ($this->checkParams('id')) {
$person = $this->_templateobject;
$person->load($this->_data['id']);
if (Publish::addUser($person, $errors)) {
$flash->addMessage($person->firstname . ' ' . $person->surname . ' successfully published');
} else {
$flash->addError('Failed to publish ' . $person->firstname . ' ' . $person->surname);
}
}
if (count($errors) > 0) {
$flash->addErrors($errors);
}
sendTo($this->name, 'index', $this->_modules);
}
/**
* @method POST
*/
function post()
{
// get an authuser
$token = Utilities::ValidateJWTToken();
// check if token is not null
if ($token != NULL) {
parse_str($this->request->data, $request);
// parse request
// re-publish the content of the site
Publish::PublishContent($token->SiteId);
return new Tonic\Response(Tonic\Response::OK);
} else {
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
