/** * Configures a theme to be active for the current user's session. */ public function get_preview_theme() { $theme_name = $this->handler_vars['theme_name']; $theme_dir = $this->handler_vars['theme_dir']; if (isset($theme_name) && isset($theme_dir)) { if (Themes::get_theme_dir() == $theme_dir) { Themes::cancel_preview(); Session::notice(_t("Ended the preview of the theme '%s'", array($theme_name))); } else { if (Themes::preview_theme($theme_name, $theme_dir)) { Session::notice(_t("Previewing theme '%s'", array($theme_name))); } } } Utils::redirect(URL::get('admin', 'page=themes')); }
public function action_plugin_ui($plugin_id, $action) { if ($plugin_id == $this->plugin_id()) { $frequencies = array('manually' => _t('Manually', 'exportsnapshot'), 'hourly' => _t('Hourly', 'exportsnapshot'), 'daily' => _t('Daily', 'exportsnapshot'), 'weekly' => _t('Weekly', 'exportsnapshot'), 'monthly' => _t('Monthly', 'exportsnapshot')); $types = array('blogml' => _t('BlogML', 'exportsnapshot'), 'wxr' => _t('WXR', 'exportsnapshot')); switch ($action) { case _t('Configure'): $ui = new FormUI('export'); $ui->append('text', 'exportsnapshot_max_snapshots', 'option:exportsnapshot__max_snapshots', _t('Max Snapshots to Save:', 'exportsnapshot')); $ui->append('select', 'exportsnapshot_freq', 'option:exportsnapshot__frequency', _t('Auto Snapshot frequency:', 'exportsnapshot'), $frequencies); $ui->append('select', 'exportsnapshot_type', 'option:exportsnapshot__type', _t('Type of export:', 'exportsnapshot'), $types); $ui->append('submit', 'save', _t('Save')); $ui->on_success(array($this, 'updated_config')); $ui->out(); break; case _t('Take Snapshot'): self::run('manual'); Session::notice(_t('Snapshot saved!', 'exportsnapshot')); //CronTab::add_single_cron('snapshot_single', array( 'ExportSnapshot', 'run' ), HabariDateTime::date_create(), 'Run a single snapshot.' ); //Session::notice( _t( 'Snapshot scheduled for next cron run.' ) ); // don't display the configuration page, just redirect back to the plugin page Utils::redirect(URL::get('admin', 'page=plugins')); break; } } }
public function filter_rssblocks_update($success, $force = false) { EventLog::log('Running rrsblocks update'); $blocks = DB::get_results('SELECT b.* FROM {blocks} b WHERE b.type = ?', array('rssblock'), 'Block'); Plugins::act('get_blocks', $blocks); $success = true; foreach ($blocks as $block) { $cachename = array('rssblock', md5($block->feed_url)); if ($force || Cache::expired($cachename)) { $r = new RemoteRequest($block->feed_url); $r->set_timeout(10); $r->execute(); $feed = $r->get_response_body(); try { if (is_string($feed)) { new SimpleXMLElement($feed); // This throws an exception if the feed isn't valid Cache::set($cachename, $feed, 3600, true); } } catch (Exception $e) { $success = false; } } } Session::notice('ran rssblocks update'); return $success; }
public function action_plugin_activation($file) { if (realpath($file) == __FILE__) { Modules::add('Technorati'); Session::notice(_t('Please set your Technorati API Key in the configuration.')); Options::set('technorati__apikey', ''); } }
public function updated_config(FormUI $ui) { Session::notice(_t('Settings saved.', 's3siloplugin')); $ui->save(); if (is_null(Options::get('s3_bucket'))) { Session::notice(_t('Please select a bucket from your S3 account.', 's3siloplugin')); } Utils::redirect(); }
public function updated_config(FormUI $ui) { $blacklist = explode("\n", $ui->blacklist->value); $blacklist = array_unique($blacklist); natsort($blacklist); $_POST[$ui->blacklist->field] = implode("\n", $blacklist); Session::notice(_t('Blacklist saved.', 'simpleblacklist')); $ui->save(); }
/** * On theme activation, activate some default blocks */ public function action_theme_activated() { $blocks = $this->get_blocks('primary', '', $this); if (count($blocks) == 0) { $block = new Block(array('title' => _t('Posts'), 'type' => 'grayposts')); $block->add_to_area('primary'); Session::notice(_t('Added default blocks to theme areas.')); } }
/** * Add the K2 menu block to the nav area upon theme activation if there's nothing already there */ public function action_theme_activated() { $blocks = $this->get_blocks('nav', 0, $this); if (count($blocks) == 0) { $block = new Block(array('title' => _t('K2 Menu'), 'type' => 'k2_menu')); $block->add_to_area('nav'); Session::notice(_t('Added K2 Menu block to Nav area.')); } }
/** * Handler FormUI success action and do the replacement **/ public function filter_do_replace($show_form, $form) { if (DB::query('UPDATE {posts} SET content = REPLACE(content, ? , ?)', array($form->search->value, $form->replace->value))) { Session::notice(sprintf(_t('Successfully replaced \'%s\' with \'%s\' in all posts'), $form->search->value, $form->replace->value)); Utils::redirect(URL::get('admin', array('page' => 'plugins', 'configure' => Plugins::id_from_file(__FILE__), 'configaction' => _t('Replace'))), false); } else { Session::error(_t('There was an error with replacement.')); } return false; }
public function act_uninstall($handler, $theme) { try { $package = HabariPackages::remove($handler->handler_vars['guid']); Session::notice("{$package->name} {$package->version} was uninstalled."); } catch (Exception $e) { Session::error('Could not complete uninstall: ' . $e->getMessage()); if (DEBUG) { Utils::debug($e); } } }
/** * Save updated configuration */ public function updated_config($ui) { $msg = _t("Maintenance Mode configuration updated"); $msg .= "<br/>"; if ($ui->in_maintenance->value === FALSE) { $msg .= _t("The site is not in maintenance mode"); } else { $msg .= _t("The site is in maintenance mode"); } Session::notice($msg); $ui->save(); }
/** * Handles AJAX from /admin/tags * Used to delete and rename tags */ public function ajax_tags($handler_vars) { Utils::check_request_method(array('POST')); $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']); if ($handler_vars['digest'] != $wsse['digest']) { Session::error(_t('WSSE authentication failed.')); echo Session::messages_get(true, array('Format', 'json_messages')); return; } $tag_names = array(); $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true)); $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir); $action = $this->handler_vars['action']; switch ($action) { case 'delete': foreach ($_POST as $id => $delete) { // skip POST elements which are not tag ids if (preg_match('/^tag_\\d+/', $id) && $delete) { $id = substr($id, 4); $tag = Tags::get_by_id($id); $tag_names[] = $tag->term_display; Tags::vocabulary()->delete_term($tag); } } $msg_status = _n(_t('Tag %s has been deleted.', array(implode('', $tag_names))), _t('%d tags have been deleted.', array(count($tag_names))), count($tag_names)); Session::notice($msg_status); break; case 'rename': if (!isset($this->handler_vars['master'])) { Session::error(_t('Error: New name not specified.')); echo Session::messages_get(true, array('Format', 'json_messages')); return; } $master = $this->handler_vars['master']; $tag_names = array(); foreach ($_POST as $id => $rename) { // skip POST elements which are not tag ids if (preg_match('/^tag_\\d+/', $id) && $rename) { $id = substr($id, 4); $tag = Tags::get_by_id($id); $tag_names[] = $tag->term_display; } } Tags::vocabulary()->merge($master, $tag_names); $msg_status = sprintf(_n('Tag %1$s has been renamed to %2$s.', 'Tags %1$s have been renamed to %2$s.', count($tag_names)), implode($tag_names, ', '), $master); Session::notice($msg_status); break; } $this->theme->tags = Tags::vocabulary()->get_tree(); $this->theme->max = Tags::vocabulary()->max_count(); echo json_encode(array('msg' => Session::messages_get(true, 'array'), 'tags' => $this->theme->fetch('tag_collection'))); }
/** * On theme activation, set the default options and activate a default menu */ public function action_theme_activated() { $opts = Options::get_group(__CLASS__); if (empty($opts)) { Options::set_group(__CLASS__, $this->defaults); } $blocks = $this->get_blocks('nav', 0, $this); if (count($blocks) == 0) { $block = new Block(array('title' => _t('Charcoal Menu'), 'type' => 'charcoal_menu')); $block->add_to_area('nav'); Session::notice(_t('Added Charcoal Menu block to Nav area.')); } }
public function action_plugin_activation($file) { if ($file == str_replace('\\', '/', $this->get_file())) { CpgDb::registerTables(); //Options::set( 'cpg__db_version', CpgDb::DB_VERSION ); CpgOptions::setDbVersion(CpgDb::DB_VERSION); if (CpgDb::install()) { Session::notice(_t('Created the CPG database tables.', 'cpg')); } else { Session::error(_t('Could not install CPG database tables.', 'cpg')); } } }
function action_admin_theme_get_rules($handler, $theme) { $handler_vars = $handler->handler_vars; if (isset($handler_vars['names'])) { foreach ($handler_vars['names'] as $key => $name) { $changes = array('name' => $name, 'parse_regex' => $handler_vars['regexes'][$key], 'action' => $handler_vars['actions'][$key], 'priority' => $handler_vars['priorities'][$key], 'description' => $handler_vars['descriptions'][$key]); self::add_rewrite_rule($key, $changes); } Session::notice(_t('Rewrite rules updated.')); Utils::redirect(); } $theme->display('rules'); exit; }
function action_template_header($theme) { // Add the HTML5 shiv for IE < 9 Stack::add('template_header_javascript', array('http://cdnjs.cloudflare.com/ajax/libs/html5shiv/r29/html5.js', null, '<!--[if lt IE 9]>%s<![endif]-->'), 'html5_shiv'); // Add this line to your config.php to show an error and a notice, and // to process the raw LESS code via javascript instead of the rendered CSS: define('DEBUG_THEME', 1); if (defined('DEBUG_THEME')) { Session::error('This is a <b>sample error</b>'); Session::notice('This is a <b>sample notice</b> for ' . $_SERVER['REQUEST_URI']); Stack::add('template_header_javascript', $theme->get_url('/less/less-1.3.0.min.js'), 'less'); Stack::add('template_stylesheet', array($theme->get_url('/less/style.less'), null, array('type' => null, 'rel' => 'stylesheet/less')), 'style'); } else { Stack::add('template_stylesheet', $theme->get_url('/css/style.css'), 'style'); } }
function action_template_header($theme) { // Add the HTML5 shiv for IE < 9 Stack::add('template_header_javascript', StackItem::get('html5_shiv')); Stack::add('template_header_javascript', StackItem::get('less-js')); Stack::add('template_header_javascript', '$(function(){$("#masthead").click(function(){location.href=$("#home").attr("href");})})', 'homelink', 'jquery'); Stack::add('template_stylesheet', $theme->get_url('/fonts/new_athena_unicode.css'), 'new_athena_unicode'); Stack::add('template_stylesheet', $theme->get_url('/fonts/ss-standard.css'), 'ss-standard'); //Stack::add('template_stylesheet', $theme->get_url('/css/style.css'), 'style'); Stack::add('template_stylesheet', array($theme->get_url('/less/style.less'), null, array('type' => null, 'rel' => 'stylesheet/less')), 'style'); // Add this line to your config.php to show an error and a notice if (defined('DEBUG_THEME')) { Session::error('This is a <b>sample error</b>'); Session::notice('This is a <b>sample notice</b> for ' . $_SERVER['REQUEST_URI']); } }
public function filter_send_mail($handled, $mail) { if (!$handled) { $headers = array('Accept: application/json', 'Content-Type: application/json', 'X-Postmark-Server-Token: ' . Options::get('postmark__apikey')); $data = array('To' => $mail['to'], 'subject' => $mail['subject'], 'TextBody' => $mail['message'], 'From' => $mail['headers']['From']); $rr = new RemoteRequest('http://api.postmarkapp.com/email', 'POST'); $rr->set_body(json_encode($data)); $rr->add_headers($headers); try { $rr->execute(); EventLog::log(_t('Send message to %s via Postmark', array($mail['to'])), 'info', 'default', null, array($data, $headers)); Session::notice(var_export($rr->get_response_headers(), 1)); } catch (Exception $e) { EventLog::log(_t('Failed to send message to %s via Postmark', array($mail['to'])), 'err', 'default', null, array($e->getMessage(), $data, $headers)); Session::error('There was a problem sending your message. Please contact the site administrators directly.'); } } return true; }
public static function update() { $package_list = array(); $packages = array(); foreach (self::get_repos() as $repo) { $packages = self::update_packages($repo); if ($packages === false) { Session::notice(sprintf("Could not update packages from %s", $repo)); } else { $package_list = array_merge($package_list, $packages); } } Options::set('hpm__last_update', time()); // get rid of orphaned/incompatible packages if ($package_list) { DB::query('DELETE FROM {packages} WHERE id NOT IN (' . Utils::placeholder_string(count($package_list)) . ')', $package_list); // @todo add message about number of obsolete packages deleted } else { // there are no compatible packages, so crap 'em all DB::query('DELETE FROM {packages}'); } }
public function formui_submit(FormUI $form) { $filename = basename($form->pluginurl); //local file path (e.g. habari_installation/system/plugins/plugin.zip) $filePath = $this->downloadplugin_pluginsPath . $filename; // check if the remote file is successfully opened if ($fp = fopen($form->pluginurl, 'r')) { $content = ''; // keep reading until there's nothing left while ($line = fread($fp, 1024)) { $content .= $line; } $fp = fopen($filePath, 'w'); fwrite($fp, $content); fclose($fp); } else { Session::notice(_t("Error during file download", 'plugin_locale')); break; } $zip = new ZipArchive(); $res = $zip->open($filePath); if ($res === TRUE) { $zip->extractTo($this->downloadplugin_pluginsPath); $zip->close(); //SET 775 Permission ? Session::notice(_t('Plugin installed', 'plugin_locale')); } else { Session::notice(_t('Error during plugin installation', 'plugin_locale')); $form->save(); unlink($filePath); break; } unlink($filePath); $form->pluginurl->value = ''; $form->save(); Utils::redirect(URL::get('admin', 'page=plugins')); }
/** * Handles AJAX from /comments. * Used to edit comments inline. */ public function action_auth_ajax_in_edit(ActionHandler $handler) { Utils::check_request_method(array('POST')); $handler_vars = $handler->handler_vars; $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']); if ($handler_vars['digest'] != $wsse['digest']) { Session::error(_t('WSSE authentication failed.')); echo Session::messages_get(true, array('Format', 'json_messages')); return; } $comment = Comment::get($handler_vars['id']); if (!ACL::access_check($comment->get_access(), 'edit')) { Session::error(_t('You do not have permission to edit this comment.')); echo Session::messages_get(true, array('Format', 'json_messages')); return; } if (isset($handler_vars['author']) && $handler_vars['author'] != '') { $comment->name = $handler_vars['author']; } if (isset($handler_vars['url'])) { $comment->url = $handler_vars['url']; } if (isset($handler_vars['email']) && $handler_vars['email'] != '') { $comment->email = $handler_vars['email']; } if (isset($handler_vars['content']) && $handler_vars['content'] != '') { $comment->content = $handler_vars['content']; } if (isset($handler_vars['time']) && $handler_vars['time'] != '' && isset($handler_vars['date']) && $handler_vars['date'] != '') { $seconds = date('s', strtotime($comment->date)); $date = date('Y-m-d H:i:s', strtotime($handler_vars['date'] . ' ' . $handler_vars['time'] . ':' . $seconds)); $comment->date = $date; } $comment->update(); Session::notice(_t('Updated 1 comment.')); echo Session::messages_get(true, array('Format', 'json_messages')); }
private function update_num_posts($num_posts) { // get the current number of posts $current_count = intval(Posts::get(array('info' => array('lipsum' => true), 'count' => true))); if ($num_posts == $current_count) { // if we've already got the right number, do nothing Session::notice(_t('%1$d posts already exist, nothing to do!', array($current_count), 'Lipsum')); } else { if ($current_count > $num_posts) { // we need to delete posts, find out how many! $limit = $current_count - $num_posts; // get the posts we're going to delete $posts = Posts::get(array('info' => array('lipsum' => true), 'limit' => $limit)); foreach ($posts as $post) { $post->delete(); } Session::notice(_t('Removed %1$d sample posts and their comments.', array($limit), 'Lipsum')); } else { if ($current_count < $num_posts) { // we need to create posts. yippie! find out how many $limit = $num_posts - $current_count; // make sure the Lipsum user exists and get it $user = $this->get_user(); // the initial time we'll start from - a little in the past $time = time() - 160; for ($i = 0; $i < $limit; $i++) { // calculate a random time in the past for this post $time = $time - mt_rand(3600, 3600 * 36); // between 1 hour and 36 hours before the last post $this->make_post($user, $time); } Session::notice(_t('Created %1$d sample posts with random comments.', array($limit), 'Lipsum')); } } } }
public function form_publish_success( FormUI $form ) { $post_id = 0; if ( isset( $this->handler_vars['id'] ) ) { $post_id = intval( $this->handler_vars['id'] ); } // If an id has been passed in, we're updating an existing post, otherwise we're creating one if ( 0 !== $post_id ) { $post = Post::get( array( 'id' => $post_id, 'status' => Post::status( 'any' ) ) ); // Verify that the post hasn't already been updated since the form was loaded if ( $post->modified != $form->modified->value ) { Session::notice( _t( 'The post %1$s was updated since you made changes. Please review those changes before overwriting them.', array( sprintf( '<a href="%1$s">\'%2$s\'</a>', $post->permalink, Utils::htmlspecialchars( $post->title ) ) ) ) ); Utils::redirect( URL::get( 'admin', 'page=publish&id=' . $post->id ) ); exit; } // REFACTOR: this is duplicated in the insert code below, move it outside of the conditions // Don't try to update form values that have been removed by plugins $expected = array('title', 'tags', 'content'); foreach ( $expected as $field ) { if ( isset( $form->$field ) ) { $post->$field = $form->$field->value; } } if ( $form->newslug->value == '' && $post->status == Post::status( 'published' ) ) { Session::notice( _t( 'A post slug cannot be empty. Keeping old slug.' ) ); } elseif ( $form->newslug->value != $form->slug->value ) { $post->slug = $form->newslug->value; } // REFACTOR: the permissions checks should go before any of this other logic // sorry, we just don't allow changing posts you don't have rights to if ( ! ACL::access_check( $post->get_access(), 'edit' ) ) { Session::error( _t( 'You don\'t have permission to edit that post' ) ); $this->get_blank(); } // sorry, we just don't allow changing content types to types you don't have rights to $user = User::identify(); $type = 'post_' . Post::type_name( $form->content_type->value ); if ( $form->content_type->value != $post->content_type && ( $user->cannot( $type ) || ! $user->can_any( array( 'own_posts' => 'edit', 'post_any' => 'edit', $type => 'edit' ) ) ) ) { Session::error( _t( 'Changing content types is not allowed' ) ); $this->get_blank(); } $post->content_type = $form->content_type->value; // if not previously published and the user wants to publish now, change the pubdate to the current date/time unless a date has been explicitly set if ( ( $post->status != Post::status( 'published' ) ) && ( $form->status->value == Post::status( 'published' ) ) && ( HabariDateTime::date_create( $form->pubdate->value )->int == $form->updated->value ) ) { $post->pubdate = HabariDateTime::date_create(); } // else let the user change the publication date. // If previously published and the new date is in the future, the post will be unpublished and scheduled. Any other status, and the post will just get the new pubdate. // This will result in the post being scheduled for future publication if the date/time is in the future and the new status is published. else { $post->pubdate = HabariDateTime::date_create( $form->pubdate->value ); } $minor = $form->minor_edit->value && ( $post->status != Post::status( 'draft' ) ); $post->status = $form->status->value; } else { // REFACTOR: don't do this here, it's duplicated in Post::create() $post = new Post(); // check the user can create new posts of the set type. $user = User::identify(); $type = 'post_' . Post::type_name( $form->content_type->value ); if ( ACL::user_cannot( $user, $type ) || ( ! ACL::user_can( $user, 'post_any', 'create' ) && ! ACL::user_can( $user, $type, 'create' ) ) ) { Session::error( _t( 'Creating that post type is denied' ) ); $this->get_blank(); } // REFACTOR: why is this on_success here? We don't even display a form $form->on_success( array( $this, 'form_publish_success' ) ); if ( HabariDateTime::date_create( $form->pubdate->value )->int != $form->updated->value ) { $post->pubdate = HabariDateTime::date_create( $form->pubdate->value ); } $postdata = array( 'slug' => $form->newslug->value, 'user_id' => User::identify()->id, 'pubdate' => $post->pubdate, 'status' => $form->status->value, 'content_type' => $form->content_type->value, ); // Don't try to add form values that have been removed by plugins $expected = array( 'title', 'tags', 'content' ); foreach ( $expected as $field ) { if ( isset( $form->$field ) ) { $postdata[$field] = $form->$field->value; } } $minor = false; // REFACTOR: consider using new Post( $postdata ) instead and call ->insert() manually $post = Post::create( $postdata ); } $post->info->comments_disabled = !$form->comments_enabled->value; // REFACTOR: admin should absolutely not have a hook for this here Plugins::act( 'publish_post', $post, $form ); // REFACTOR: we should not have to update a post we just created, this should be moved to the post-update functionality above and only called if changes have been made // alternately, perhaps call ->update() or ->insert() as appropriate here, so things that apply to each operation (like comments_disabled) can still be included once outside the conditions above $post->update( $minor ); $permalink = ( $post->status != Post::status( 'published' ) ) ? $post->permalink . '?preview=1' : $post->permalink; Session::notice( sprintf( _t( 'The post %1$s has been saved as %2$s.' ), sprintf( '<a href="%1$s">\'%2$s\'</a>', $permalink, Utils::htmlspecialchars( $post->title ) ), Post::status_name( $post->status ) ) ); Utils::redirect( URL::get( 'admin', 'page=publish&id=' . $post->id ) ); }
/** * Handle password reset confirmations */ public function act_password_reset() { Utils::check_request_method(array('GET', 'HEAD', 'POST')); $id = $this->handler_vars['id']; $hash = $this->handler_vars['hash']; $name = ''; if ($user = User::get($id)) { if ($user->info->password_reset == md5($hash)) { // Send a new random password $password = Utils::random_password(); $user->password = Utils::crypt($password); if ($user->update()) { $message = _t("Your password for %1\$s has been reset. Your credentials are as follows---\nUsername: %2\$s\nPassword: %3\$s", array(Site::get_url('habari'), $user->username, $password)); Utils::mail($user->email, _t('[%1$s] Password has been reset for %2$s', array(Options::get('title'), $user->displayname)), $message); Session::notice(_t('A new password has been sent to the user.')); } else { Session::notice(_t('There was a problem resetting the password. It was not reset.')); } // Clear the request - it should only work once unset($user->info->password_reset); $user->info->commit(); $name = $user->username; } else { Session::notice(_t('The supplied password reset token has expired or is invalid.')); } } // Display the login form. $this->login_form($name); }
/** * Give the user a session message to confirm options were saved. **/ public function updated_config($ui) { Session::notice(_t('Fontdeck CSS saved.', 'fontdeck')); $ui->save(); }
public function deleted_all($ui) { $count = self::delete_all(); Session::notice(sprintf(_t('Permanently deleted %d posts'), $count)); return false; }
/** * Handle the form submition and save options * @param FormUI $form The FormUI that was submitted */ public function save_config(FormUI $form) { Session::notice(_t('Piwik plugin configuration saved', 'piwik')); $form->save(); }
/** * Add a comment to the site * * @param mixed $post A Post object instance or Post object id * @param string $name The commenter's name * @param string $email The commenter's email address * @param string $url The commenter's website URL * @param string $content The comment content * @param array $extra An associative array of extra values that should be considered */ function add_comment($post, $name = null, $email = null, $url = null, $content = null, $extra = null) { if (is_numeric($post)) { $post = Post::get(array('id' => $post)); } if (!$post instanceof Post) { // Not sure what you're trying to pull here, but that's no good header('HTTP/1.1 403 Forbidden', true, 403); die; } // let's do some basic sanity checking on the submission if (1 == Options::get('comments_require_id') && (empty($name) || empty($email))) { Session::error(_t('Both name and e-mail address must be provided.')); } if (empty($content)) { Session::error(_t('You did not provide any content for your comment!')); } if (Session::has_errors()) { // save whatever was provided in session data Session::add_to_set('comment', $name, 'name'); Session::add_to_set('comment', $email, 'email'); Session::add_to_set('comment', $url, 'url'); Session::add_to_set('comment', $content, 'content'); // now send them back to the form Utils::redirect($post->permalink . '#respond'); } if ($post->info->comments_disabled) { // comments are disabled, so let's just send // them back to the post's permalink Session::error(_t('Comments on this post are disabled!')); Utils::redirect($post->permalink); } /* Sanitize data */ foreach (array('name', 'url', 'email', 'content') as $k) { ${$k} = InputFilter::filter(${$k}); } /* Sanitize the URL */ if (!empty($url)) { $parsed = InputFilter::parse_url($url); if ($parsed['is_relative']) { // guess if they meant to use an absolute link $parsed = InputFilter::parse_url('http://' . $url); if (!$parsed['is_error']) { $url = InputFilter::glue_url($parsed); } else { // disallow relative URLs $url = ''; } } if ($parsed['is_pseudo'] || $parsed['scheme'] !== 'http' && $parsed['scheme'] !== 'https') { // allow only http(s) URLs $url = ''; } else { // reconstruct the URL from the error-tolerant parsing // http:moeffju.net/blog/ -> http://moeffju.net/blog/ $url = InputFilter::glue_url($parsed); } } if (preg_match('/^\\p{Z}*$/u', $content)) { Session::error(_t('Comment contains only whitespace/empty comment')); Utils::redirect($post->permalink); } /* Create comment object*/ $comment = new Comment(array('post_id' => $post->id, 'name' => $name, 'email' => $email, 'url' => $url, 'ip' => sprintf("%u", ip2long($_SERVER['REMOTE_ADDR'])), 'content' => $content, 'status' => Comment::STATUS_UNAPPROVED, 'date' => HabariDateTime::date_create(), 'type' => Comment::COMMENT)); // Should this really be here or in a default filter? // In any case, we should let plugins modify the status after we set it here. $user = User::identify(); if ($user->loggedin && $comment->email == $user->email) { $comment->status = Comment::STATUS_APPROVED; } // Users need to have permission to add comments if (!$user->can('comment')) { Session::error(_t('You do not have permission to create comments.')); Utils::redirect($post->permalink); } // Allow themes to work with comment hooks Themes::create(); // Allow plugins to change comment data and add commentinfo based on plugin-added form fields Plugins::act('comment_accepted', $comment, $this->handler_vars, $extra); $spam_rating = 0; $spam_rating = Plugins::filter('spam_filter', $spam_rating, $comment, $this->handler_vars, $extra); $comment->insert(); $anchor = ''; // If the comment was saved if ($comment->id && $comment->status != Comment::STATUS_SPAM) { $anchor = '#comment-' . $comment->id; // store in the user's session that this comment is pending moderation if ($comment->status == Comment::STATUS_UNAPPROVED) { Session::notice(_t('Your comment is pending moderation.'), 'comment_' . $comment->id); } // if no cookie exists, we should set one // but only if the user provided some details $cookie = 'comment_' . Options::get('GUID'); if (!User::identify()->loggedin && !isset($_COOKIE[$cookie]) && (!empty($name) || !empty($email) || !empty($url))) { $cookie_content = $comment->name . '#' . $comment->email . '#' . $comment->url; $site_url = Site::get_path('base', true); setcookie($cookie, $cookie_content, time() + 31536000, $site_url); } } // Return the commenter to the original page. Utils::redirect($post->permalink . $anchor); }
/** * Processes the 'option edit' form * * @param FormUI $form * @return bool TRUE on success, FALSE on failure */ public function formui_submit_edit(FormUI $form) { if (strlen($form->option_name->value) < 1) { Session::error(_t('The "option_name" requires a value')); return FALSE; } if (strlen($form->option_value->value) < 1) { Session::error(_t('The "option_value" requires a value')); return FALSE; } if (strlen($form->current_option_name->value) < 1) { Session::error(_t('The current/old "option_name" is missing')); return FALSE; } $_opt_curr = $this->get_option_from_name($form->current_option_name->value); Options::set($form->option_name->value, $form->option_value->value); // @todo okay? what if option type = serialized? research later $success = Options::get($form->option_name->value); if (is_null($success) || $success !== $form->option_value->value) { Session::error(_t('The "%s" option failed to edit', array($form->option_name->value))); } else { // The name was changed, so delete the old, depending on if we're allowed if ($form->current_option_name->value !== $form->option_name->value) { if ($this->is_option_genre_delete_allowed($_opt_curr['genre'])) { Options::delete($form->current_option_name->value); $message = 'The "%s" option name was changed and renamed to "%s"'; } else { $message = 'The "%s" option name could not be renamed, but a new option named "%s" was added'; } Session::notice(_t($message, array($form->current_option_name->value, $form->option_name->value))); EventLog::log(_t($message, array($form->current_option_name->value, $form->option_name->value)), 'notice', 'plugin'); } else { Session::notice(_t('The "%s" option was edited to %s', array($form->option_name->value, $form->option_value->value))); EventLog::log(_t('The %s option was edited', array($form->option_name->value)), 'notice', 'plugin'); } } Utils::redirect(URL::get('admin', array('page' => 'options_view')), TRUE); return TRUE; }
public static function save_config_msg($ui) { $ui->save(); Session::notice(_t('Options saved')); return false; }