/** * The name says it all */ public function setVarsFromRequest() { //Required fields // if (!empty($categoryid = XoopsRequest::getInt('categoryid', 0, 'POST'))) { // $this->setVar('categoryid', $categoryid);} $this->setVar('categoryid', XoopsRequest::getInt('categoryid', 0, 'POST')); $this->setVar('title', XoopsRequest::getString('title', '', 'POST')); $this->setVar('body', XoopsRequest::getText('body', '', 'POST')); //Not required fields $this->setVar('summary', XoopsRequest::getText('summary', '', 'POST')); $this->setVar('subtitle', XoopsRequest::getString('subtitle', '', 'POST')); $this->setVar('item_tag', XoopsRequest::getString('item_tag', '', 'POST')); if ($imageFeatured = XoopsRequest::getString('image_featured', '', 'POST')) { $imageItem = XoopsRequest::getArray('image_item', array(), 'POST'); // $imageFeatured = XoopsRequest::getString('image_featured', '', 'POST'); //Todo: get a better image class for xoops! //Image hack $imageItemIds = array(); $sql = 'SELECT image_id, image_name FROM ' . $GLOBALS['xoopsDB']->prefix('image'); $result = $GLOBALS['xoopsDB']->query($sql, 0, 0); while (($myrow = $GLOBALS['xoopsDB']->fetchArray($result)) !== false) { $imageName = $myrow['image_name']; $id = $myrow['image_id']; if ($imageName == $imageFeatured) { $this->setVar('image', $id); } if (in_array($imageName, $imageItem)) { $imageItemIds[] = $id; } } $this->setVar('images', implode('|', $imageItemIds)); } if ($authorAlias = XoopsRequest::getString('author_alias', '', 'POST')) { $this->setVar('author_alias', $authorAlias); if ($this->getVar('author_alias') !== '') { $this->setVar('uid', 0); } } //mb TODO check on version if ($datesub = XoopsRequest::getString('datesub', '', 'POST')) { // if (version_compare(PHP_VERSION, '5.4.0') >= 0) { // $this->setVar('datesub', strtotime(XoopsRequest::getArray('datesub', array(), 'POST')['date']) + XoopsRequest::getArray('datesub', array(), 'POST')['time']); // } else { $resDate = XoopsRequest::getArray('datesub', array(), 'POST'); $resTime = XoopsRequest::getArray('datesub', array(), 'POST'); // $this->setVar('datesub', strtotime($resDate['date']) + $resTime['time']); $localTimestamp = strtotime($resDate['date']) + $resTime['time']; // get user Timezone offset and use it to find out the Timezone, needed for PHP DataTime $userTimeoffset = $GLOBALS['xoopsUser']->getVar('timezone_offset'); $tz = timezone_name_from_abbr(null, $userTimeoffset * 3600); if ($tz === false) { $tz = timezone_name_from_abbr(null, $userTimeoffset * 3600, false); } $userTimezone = new DateTimeZone($tz); $gmtTimezone = new DateTimeZone('GMT'); $myDateTime = new DateTime('now', $gmtTimezone); $offset = $userTimezone->getOffset($myDateTime); $gmtTimestamp = $localTimestamp - $offset; $this->setVar('datesub', $gmtTimestamp); // } } elseif ($this->isNew()) { $this->setVar('datesub', time()); } $this->setVar('short_url', XoopsRequest::getString('item_short_url', '', 'POST')); $this->setVar('meta_keywords', XoopsRequest::getString('item_meta_keywords', '', 'POST')); $this->setVar('meta_description', XoopsRequest::getString('item_meta_description', '', 'POST')); $this->setVar('weight', XoopsRequest::getInt('weight', 0, 'POST')); if ($this->isNew()) { $this->setVar('uid', is_object($GLOBALS['xoopsUser']) ? $GLOBALS['xoopsUser']->uid() : 0); $this->setVar('cancoment', $this->publisher->getConfig('submit_allowcomments')); $this->setVar('status', $this->publisher->getConfig('submit_status')); $this->setVar('dohtml', $this->publisher->getConfig('submit_dohtml')); $this->setVar('dosmiley', $this->publisher->getConfig('submit_dosmiley')); $this->setVar('doxcode', $this->publisher->getConfig('submit_doxcode')); $this->setVar('doimage', $this->publisher->getConfig('submit_doimage')); $this->setVar('dobr', $this->publisher->getConfig('submit_dobr')); } else { $this->setVar('uid', XoopsRequest::getInt('uid', 0, 'POST')); $this->setVar('cancomment', XoopsRequest::getInt('allowcomments', 1, 'POST')); $this->setVar('status', XoopsRequest::getInt('status', 1, 'POST')); $this->setVar('dohtml', XoopsRequest::getInt('dohtml', 1, 'POST')); $this->setVar('dosmiley', XoopsRequest::getInt('dosmiley', 1, 'POST')); $this->setVar('doxcode', XoopsRequest::getInt('doxcode', 1, 'POST')); $this->setVar('doimage', XoopsRequest::getInt('doimage', 1, 'POST')); $this->setVar('dobr', XoopsRequest::getInt('dolinebreak', 1, 'POST')); } $this->setVar('notifypub', XoopsRequest::getString('notify', '', 'POST')); }
public static function edit() { $publisher =& PublisherPublisher::getInstance(); global $start, $limit; $mimeId = 0; $error = array(); $hasErrors = false; if (0 == XoopsRequest::getInt('id', 0, 'GET')) { redirect_header(PUBLISHER_ADMIN_URL . '/mimetypes.php', 3, _AM_PUBLISHER_MESSAGE_NO_ID); } else { $mimeId = XoopsRequest::getInt('id', 0, 'GET'); } $mimeTypeObj =& $publisher->getHandler('mimetype')->get($mimeId); // Retrieve mimetype object if (!XoopsRequest::getString('edit_mime', '', 'POST')) { $session =& PublisherSession::getInstance(); $mimeType = $session->get('publisher_editMime_' . $mimeId); $mimeErrors = $session->get('publisher_editMimeErr_' . $mimeId); // Display header publisherCpHeader(); //publisher_adminMenu(4, _AM_PUBLISHER_MIMETYPES . " > " . _AM_PUBLISHER_BUTTON_EDIT); publisherOpenCollapsableBar('mimemedittable', 'mimeediticon', _AM_PUBLISHER_MIME_EDIT_TITLE); //Display any form errors if (!$mimeErrors === false) { publisherRenderErrors($mimeErrors, publisherMakeUri(PUBLISHER_ADMIN_URL . '/mimetypes.php', array('op' => 'clearEditSession', 'id' => $mimeId))); } if ($mimeType === false) { $mimeExt = $mimeTypeObj->getVar('mime_ext'); $mimeName = $mimeTypeObj->getVar('mime_name', 'e'); $mimeTypes = $mimeTypeObj->getVar('mime_types', 'e'); $mimeAdmin = $mimeTypeObj->getVar('mime_admin'); $mimeUser = $mimeTypeObj->getVar('mime_user'); } else { $mimeExt = $mimeType['mime_ext']; $mimeName = $mimeType['mime_name']; $mimeTypes = $mimeType['mime_types']; $mimeAdmin = $mimeType['mime_admin']; $mimeUser = $mimeType['mime_user']; } // Display edit form echo "<form action='mimetypes.php?op=edit&id=" . $mimeId . "' method='post'>"; echo "<input type='hidden' name='limit' value='" . $limit . "' />"; echo "<input type='hidden' name='start' value='" . $start . "' />"; echo "<table width='100%' cellspacing='1' class='outer'>"; echo "<tr><th colspan='2'>" . _AM_PUBLISHER_MIME_MODIFYF . '</th></tr>'; echo "<tr valign='top'>\n <td class='head'>" . _AM_PUBLISHER_MIME_EXTF . "</td>\n <td class='even'><input type='text' name='mime_ext' id='mime_ext' value='{$mimeExt}' size='5' /></td>\n </tr>"; echo "<tr valign='top'>\n <td class='head'>" . _AM_PUBLISHER_MIME_NAMEF . "</td>\n <td class='even'><input type='text' name='mime_name' id='mime_name' value='{$mimeName}' /></td>\n </tr>"; echo "<tr valign='top'>\n <td class='head'>" . _AM_PUBLISHER_MIME_TYPEF . "</td>\n <td class='even'><textarea name='mime_types' id='mime_types' cols='60' rows='5'>{$mimeTypes}</textarea></td>\n </tr>"; echo "<tr valign='top'>\n <td class='head'>" . _AM_PUBLISHER_MIME_ADMINF . "</td>\n <td class='even'>\n <input type='radio' name='mime_admin' value='1' " . ($mimeAdmin == 1 ? "checked='checked'" : '') . ' />' . _YES . "\n <input type='radio' name='mime_admin' value='0' " . ($mimeAdmin == 0 ? "checked='checked'" : '') . ' />' . _NO . ' </td> </tr>'; echo "<tr valign='top'>\n <td class='head'>" . _AM_PUBLISHER_MIME_USERF . "</td>\n <td class='even'>\n <input type='radio' name='mime_user' value='1' " . ($mimeUser == 1 ? "checked='checked'" : '') . ' />' . _YES . "\n <input type='radio' name='mime_user' value='0' " . ($mimeUser == 0 ? "checked='checked'" : '') . ' />' . _NO . ' </td> </tr>'; echo "<tr valign='top'>\n <td class='head'></td>\n <td class='even'>\n <input type='submit' name='edit_mime' id='edit_mime' value='" . _AM_PUBLISHER_BUTTON_UPDATE . "' class='formButton' />\n <input type='button' name='cancel' value='" . _AM_PUBLISHER_BUTTON_CANCEL . "' onclick='history.go(-1)' class='formButton' />\n </td>\n </tr>"; echo '</table></form>'; // end of edit form publisherCloseCollapsableBar('mimeedittable', 'mimeediticon'); // xoops_cp_footer(); include_once __DIR__ . '/admin_footer.php'; } else { $mimeAdmin = 0; $mimeUser = 0; if (1 == XoopsRequest::getInt('mime_admin', 0, 'POST')) { $mimeAdmin = 1; } if (1 == XoopsRequest::getInt('mime_user', 0, 'POST')) { $mimeUser = 1; } //Validate Mimetype entry if ('' === XoopsRequest::getString('mime_ext', '', 'POST')) { $hasErrors = true; $error['mime_ext'][] = _AM_PUBLISHER_VALID_ERR_MIME_EXT; } if ('' === XoopsRequest::getString('mime_name', '', 'POST')) { $hasErrors = true; $error['mime_name'][] = _AM_PUBLISHER_VALID_ERR_MIME_NAME; } if ('' === XoopsRequest::getString('mime_types', '', 'POST')) { $hasErrors = true; $error['mime_types'][] = _AM_PUBLISHER_VALID_ERR_MIME_TYPES; } if ($hasErrors) { $session =& PublisherSession::getInstance(); $mime = array(); $mime['mime_ext'] = XoopsRequest::getString('mime_ext', '', 'POST'); $mime['mime_name'] = XoopsRequest::getString('mime_name', '', 'POST'); $mime['mime_types'] = XoopsRequest::getText('mime_types', '', 'POST'); $mime['mime_admin'] = $mimeAdmin; $mime['mime_user'] = $mimeUser; $session->set('publisher_editMime_' . $mimeId, $mime); $session->set('publisher_editMimeErr_' . $mimeId, $error); header('Location: ' . publisherMakeUri(PUBLISHER_ADMIN_URL . '/mimetypes.php', array('op' => 'edit', 'id' => $mimeId), false)); } $mimeTypeObj->setVar('mime_ext', XoopsRequest::getString('mime_ext', '', 'POST')); $mimeTypeObj->setVar('mime_name', XoopsRequest::getString('mime_name', '', 'POST')); $mimeTypeObj->setVar('mime_types', XoopsRequest::getText('mime_types', '', 'POST')); $mimeTypeObj->setVar('mime_admin', $mimeAdmin); $mimeTypeObj->setVar('mime_user', $mimeUser); if (!$publisher->getHandler('mimetype')->insert($mimeTypeObj, true)) { redirect_header(PUBLISHER_ADMIN_URL . "/mimetypes.php?op=edit&id={$mimeId}", 3, _AM_PUBLISHER_MESSAGE_EDIT_MIME_ERROR); } else { self::clearEditSessionVars($mimeId); header('Location: ' . PUBLISHER_ADMIN_URL . "/mimetypes.php?op=manage&limit={$limit}&start={$start}"); } } }
* This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) * @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html) * @package xoopsform * @since 2.3.0 * @author Vinod <*****@*****.**> * @author Taiwen Jiang <*****@*****.**> */ include_once dirname(__DIR__) . '/mainfile.php'; $xoopsLogger->activated = false; $myts = MyTextSanitizer::getInstance(); XoopsLoad::load('XoopsRequest'); $content = rawurldecode(XoopsRequest::getText('text', '', 'POST')); if (!$GLOBALS['xoopsSecurity']->validateToken(@$_POST['token'], false)) { $content = 'Direct access is not allowed!!!'; } $html = empty($_POST['html']) ? 0 : 1; $content = $myts->displayTarea($content, $html, 1, 1, 1, 1); if (preg_match_all('/%u([[:alnum:]]{4})/', $content, $matches)) { foreach ($matches[1] as $uniord) { $utf = '&#x' . $uniord . ';'; $content = str_replace('%u' . $uniord, $utf, $content); } $content = urldecode($content); } if (!headers_sent()) { $charset = defined('_CHARSET') ? _CHARSET : 'UTF-8'; header('Content-Type:text/html; charset=' . $charset);