*
*/
define('INTERNAL', 1);
define('JSON', 1);
define('PUBLIC', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
json_headers();
$id = param_integer('id');
$limit = param_integer('limit', ArtefactTypeBlog::pagination);
$offset = param_integer('offset', 0);
$options = json_decode(param_variable('options'));
$viewid = isset($options->viewid) ? $options->viewid : null;
if ($viewid) {
if (!can_view_view($viewid)) {
throw new AccessDeniedException();
}
} else {
if (!$USER->is_logged_in()) {
throw new AccessDeniedException();
}
if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) {
throw new AccessDeniedException();
}
}
list($count, $data) = ArtefactTypeBlogPost::render_posts(FORMAT_ARTEFACT_RENDERFULL, $options, $id, $limit, $offset);
if (!$count) {
$count = 1;
$data = array(array('content' => get_string('noresults', 'artefact.blog')));
}
echo json_encode(array('count' => $count, 'limit' => $limit, 'offset' => $offset, 'data' => $data));
function delete_submit(Pieform $form, $values)
{
$blogpost = new ArtefactTypeBlogPost((int) $values['delete']);
$blogpost->check_permission();
if ($blogpost->get('locked')) {
$form->reply(PIEFORM_ERR, get_string('submittedforassessment', 'view'));
}
$blogpost->delete();
$form->reply(PIEFORM_OK, array('message' => get_string('blogpostdeleted', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blogpost->get('parent'), 'id' => $values['delete']));
}
function editpost_submit(Pieform $form, $values)
{
global $USER, $SESSION, $blogpost, $blog;
require_once 'embeddedimage.php';
db_begin();
$postobj = new ArtefactTypeBlogPost($blogpost, null);
$postobj->set('title', $values['title']);
$postobj->set('description', $values['description']);
$postobj->set('tags', $values['tags']);
if (get_config('licensemetadata')) {
$postobj->set('license', $values['license']);
$postobj->set('licensor', $values['licensor']);
$postobj->set('licensorurl', $values['licensorurl']);
}
$postobj->set('published', !$values['draft']);
$postobj->set('allowcomments', (int) $values['allowcomments']);
if (!$blogpost) {
$postobj->set('parent', $blog);
$blogobj = new ArtefactTypeBlog($blog);
if ($blogobj->get('institution')) {
$postobj->set('institution', $blogobj->get('institution'));
} else {
if ($blogobj->get('group')) {
$postobj->set('group', $blogobj->get('group'));
} else {
$postobj->set('owner', $USER->id);
}
}
}
$postobj->commit();
$blogpost = $postobj->get('id');
// Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id
$postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id')));
// Attachments
$old = $postobj->attachment_id_list();
// $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
// only allow the attaching of files that exist and are editable by user
foreach ($new as $key => $fileid) {
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
unset($new[$key]);
}
}
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
try {
$postobj->detach($o);
} catch (ArtefactNotFoundException $e) {
}
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
try {
$postobj->attach($n);
} catch (ArtefactNotFoundException $e) {
}
}
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog);
if ($form->submitted_by_js()) {
// Redirect back to the blog page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage artefact-blog
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
json_headers();
$id = param_integer('id');
$blogpost = new ArtefactTypeBlogPost($id);
$blogpost->check_permission();
$blogpost->delete();
json_reply(false, get_string('blogpostdeleted', 'artefact.blog'));
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage artefact-blog
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
json_headers();
$id = param_integer('id');
$limit = param_integer('limit', ArtefactTypeBlog::pagination);
$offset = param_integer('offset', 0);
list($count, $data) = ArtefactTypeBlogPost::get_posts($USER, $id, $limit, $offset);
$result = array('error' => false, 'count' => $count, 'limit' => $limit, 'offset' => $offset, 'data' => $data);
echo json_encode($result);
// adding a post to a blog that is not theirs
mobile_api_json_reply(array('fail' => get_string('youarenottheownerofthisblog', 'artefact.blog')));
}
$postobj = new ArtefactTypeBlogPost(null, null);
$postobj->set('title', $title);
$postobj->set('description', $description);
$postobj->set('tags', $tags);
$postobj->set('published', !$draft);
$postobj->set('allowcomments', (int) $allowcomments);
$postobj->set('parent', $blog);
$postobj->set('owner', $USER->id);
$postobj->commit();
$blogpost = $postobj->get('id');
} else {
if ($blogpost) {
$postobj = new ArtefactTypeBlogPost($blogpost);
$postobj->check_permission();
if ($postobj->get('locked')) {
mobile_api_json_reply(array('fail' => get_string('submittedforassessment', 'view')));
}
}
}
if ($blogpost) {
$json['id'] = $blogpost;
}
// Check to see if we're creating a journal entry
// -- Finally attach the file to the blog post once uploaded and --
if ($artefact_id && $postobj) {
// If we created or matched a blog post and created an artefact
// attach the artefact to the blog.
$postobj->attach($artefact_id);
// Blog security is also checked closer to when blogs are added, this
// check ensures that malicious users do not even see the screen for
// adding a post to a blog that is not theirs
throw new AccessDeniedException(get_string('youarenottheownerofthisblog', 'artefact.blog'));
}
// Should we create a new post or attach the new file to an existing post
$postids = get_records_sql_array("\n SELECT a.id\n FROM {artefact} a\n WHERE a.title = ? AND a.description = ?\n\tAND a.owner = ? ", array($title, $description, $USER->get('id')));
if ($postids) {
$blogpost = $postids[0]->id;
$postobj = new ArtefactTypeBlogPost($blogpost);
$postobj->check_permission();
if ($postobj->get('locked')) {
throw new AccessDeniedException(get_string('submittedforassessment', 'view'));
}
} else {
$postobj = new ArtefactTypeBlogPost($blogpost, null);
$postobj->set('title', $title);
$postobj->set('description', $description);
$postobj->set('tags', $tags);
$postobj->set('published', !$draft);
$postobj->set('allowcomments', (int) $allowcomments);
$postobj->set('parent', $blog);
$postobj->set('owner', $USER->id);
$postobj->commit();
}
}
// Check to see if we're creating a journal entry
// -- Finally attach the file to the blog post once uploaded and --
if ($artefact_id && $postobj) {
// If we created or matched a blog post and created an artefact
// attach the artefact to the blog.
/**
* This function updates an existing blog post.
*
* @param User
* @param array
*/
public static function edit_post(User $user, array $values)
{
$artefact = new ArtefactTypeBlogPost($values['id']);
if ($user->get('id') != $artefact->get('owner')) {
return false;
}
$artefact->set('title', $values['title']);
$artefact->set('description', $values['description']);
$artefact->set('published', $values['published']);
$artefact->set('tags', $values['tags']);
if (get_config('licensemetadata')) {
$artefact->set('license', $values['license']);
$artefact->set('licensor', $values['licensor']);
$artefact->set('licensorurl', $values['licensorurl']);
}
$artefact->commit();
return true;
}
require dirname(dirname(dirname(__FILE__))) . '/init.php';
safe_require('artefact', 'blog');
$id = param_integer('id');
$limit = param_integer('limit', ArtefactTypeBlog::pagination);
$offset = param_integer('offset', 0);
$options = json_decode(param_variable('options'));
$viewid = isset($options->viewid) ? $options->viewid : null;
if ($viewid) {
if (!can_view_view($viewid)) {
throw new AccessDeniedException();
}
} else {
if (!$USER->is_logged_in()) {
throw new AccessDeniedException();
}
if (!$viewid && get_field('artefact', 'owner', 'id', $id) != $USER->get('id')) {
throw new AccessDeniedException();
}
}
($postids = get_records_sql_array("\n SELECT a.id\n FROM {artefact} a\n LEFT OUTER JOIN {artefact_blog_blogpost} bp\n ON a.id = bp.blogpost\n WHERE a.parent = ?\n AND bp.published = 1\n ORDER BY a.ctime DESC\n LIMIT ? OFFSET ?;", array($id, $limit, $offset))) || ($postids = array());
$data = array();
foreach ($postids as $postid) {
$blogpost = new ArtefactTypeBlogPost($postid->id);
$data[] = array('id' => $postid->id, 'content' => $blogpost->render_self((array) $options));
}
$count = (int) get_field_sql("\n SELECT COUNT(*)\n FROM {artefact} a\n LEFT OUTER JOIN {artefact_blog_blogpost} bp\n ON a.id = bp.blogpost\n WHERE a.parent = ?\n AND bp.published = 1", array($id));
if (!$count) {
$count = 1;
$data = array(array('content' => get_string('noresults', 'artefact.blog')));
}
json_reply(false, array('count' => $count, 'limit' => $limit, 'offset' => $offset, 'data' => $data));
/**
* Checks to see if a blogpost had out-of-line content, and if it did,
* attaches the generated file to it
*
* @param SimpleXMLElement $entry The entry to check
* @param PluginImportLeap $importer The importer
*/
private static function setup_outoflinecontent_relationship(SimpleXMLElement $entry, PluginImportLeap $importer)
{
$artefactids = $importer->get_artefactids_imported_by_entryid((string) $entry->id);
if (count($artefactids) == 2) {
// In this case, a file was created as a result of
// importing a blog entry with out-of-line content. We
// attach the file to this post.
$blogpost = new ArtefactTypeBlogPost($artefactids[0]);
$blogpost->attach_file($artefactids[1]);
$blogpost->commit();
}
}
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage artefact-blog
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
require_once get_config('libroot') . 'pieforms/pieform.php';
$id = param_integer('id');
$limit = param_integer('limit', 5);
$offset = param_integer('offset', 0);
$posts = ArtefactTypeBlogPost::get_posts($id, $limit, $offset);
$template = 'artefact:blog:posts.tpl';
$pagination = array('baseurl' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $id, 'id' => 'blogpost_pagination', 'jsonscript' => 'artefact/blog/view/index.json.php', 'datatable' => 'postlist');
ArtefactTypeBlogPost::render_posts($posts, $template, array(), $pagination);
json_reply(false, array('data' => $posts));
function editpost_submit(Pieform $form, $values)
{
global $USER, $SESSION, $blogpost, $blog;
db_begin();
$postobj = new ArtefactTypeBlogPost($blogpost, null);
$postobj->set('title', $values['title']);
$postobj->set('description', $values['description']);
$postobj->set('tags', $values['tags']);
$postobj->set('published', !$values['draft']);
if (!$blogpost) {
$postobj->set('parent', $blog);
$postobj->set('owner', $USER->id);
}
$postobj->commit();
$blogpost = $postobj->get('id');
// Attachments
$old = $postobj->attachment_id_list();
// $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
$postobj->detach($o);
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
$postobj->attach($n);
}
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog);
if ($form->submitted_by_js()) {
// Redirect back to the blog page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
function xmldb_artefact_blog_upgrade($oldversion = 0)
{
// There was no database prior to this version.
if ($oldversion < 2006120501) {
install_from_xmldb_file(get_config('docroot') . 'artefact/blog/db/install.xml');
}
if ($oldversion < 2006121501) {
$table = new XMLDBTable('artefact_blog_blogpost_file_pending');
$table->addFieldInfo('file', XMLDB_TYPE_INTEGER, '10', null, XMLDB_NOTNULL);
$table->addFieldInfo('when', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
$table->addKeyInfo('blogpost_file_pending_pk', XMLDB_KEY_PRIMARY, array('file'));
$table->addKeyInfo('filefk', XMLDB_KEY_FOREIGN, array('file'), 'artefact', array('id'));
if (!create_table($table)) {
throw new SQLException($table . " could not be created, check log for errors.");
}
}
if ($oldversion < 2008012200) {
// From 0.9, some files were not having their temporary download paths
// translated to proper artefact/file/download.php paths. This upgrade
// attempts to fix them. It should work in the vast majority of cases,
// the largest assumption made is that artefacts were inserted in
// ascending ID order when the post was created, which is a pretty safe
// bet.
if ($blogfiles = get_records_array('artefact_blog_blogpost_file', '', '', 'blogpost ASC, file ASC')) {
$blogpostids = join(', ', array_map(create_function('$a', 'return $a->blogpost;'), $blogfiles));
// Find all blogposts that have attached files
if ($blogposts = get_records_select_array('artefact', 'id IN(' . $blogpostids . ')', null, 'id ASC')) {
foreach ($blogposts as $post) {
log_debug("Checking post {$post->id}");
// Only doublecheck posts that are likely to have a broken URL in them
if (false !== strpos($post->description, 'createid')) {
log_debug(" * Looks like post " . $post->id . " has a createid in it");
$i = 0;
$body = $post->description;
foreach ($blogfiles as $file) {
if ($file->blogpost == $post->id) {
// This file is connected to this post, so likely it is to be displayed
$i++;
log_debug('* Replace uploadnumber = ' . $i . ' with artefact id ' . $file->file);
$regexps = array('/<img([^>]+)src="([^>]+)downloadtemp.php\\?uploadnumber=' . $i . '&createid=\\d+/', '/alt="uploaded:' . $i . '"/');
$subs = array('<img$1src="' . get_config('wwwroot') . 'artefact/file/download.php?file=' . $file->file, 'alt="artefact:' . $file->file . '"');
$body = preg_replace($regexps, $subs, $body);
}
}
// Update the post if necessary
if ($body != $post->description) {
$postobj = new ArtefactTypeBlogPost($post->id, null);
$postobj->set('description', $body);
$postobj->commit();
}
}
}
}
}
}
if ($oldversion < 2008020700) {
$table = new XMLDBTable('artefact_blog_blog');
drop_table($table);
if (is_mysql()) {
execute_sql('DROP INDEX {arteblogblog_blo2_ix} ON {artefact_blog_blogpost}');
execute_sql('CREATE INDEX {arteblogblog_blo_ix} ON {artefact_blog_blogpost} (blogpost)');
execute_sql('ALTER TABLE {artefact_blog_blogpost} DROP FOREIGN KEY {arteblogblog_blo2_fk}');
// I can't quite get mysql to name this key correctly, so there
// will be a difference in the database if you upgrade from 0.9
// compared with installing from 1.0
execute_sql('ALTER TABLE {artefact_blog_blogpost} ADD FOREIGN KEY (blogpost) REFERENCES {artefact} (id)');
} else {
// Rename indexes to keep things the same regardless of whether the
// user installed or upgraded to this release
execute_sql('DROP INDEX {arteblogblog_blo2_ix}');
execute_sql('CREATE INDEX {arteblogblog_blo_ix} ON {artefact_blog_blogpost} USING btree (blogpost)');
execute_sql('ALTER TABLE {artefact_blog_blogpost} DROP CONSTRAINT {arteblogblog_blo2_fk}');
execute_sql('ALTER TABLE {artefact_blog_blogpost} ADD CONSTRAINT {arteblogblog_blo_fk} FOREIGN KEY (blogpost) REFERENCES {artefact}(id)');
}
}
if ($oldversion < 2008101602) {
$table = new XMLDBTable('artefact_blog_blogpost_file_pending');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null, null, null);
$table->addFieldInfo('oldextension', XMLDB_TYPE_TEXT, null);
$table->addFieldInfo('filetype', XMLDB_TYPE_TEXT, null);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
create_table($table);
}
if ($oldversion < 2009033100) {
$bloguploadbase = get_config('dataroot') . 'artefact/blog/uploads/';
if (is_dir($bloguploadbase)) {
if ($basedir = opendir($bloguploadbase)) {
while (false !== ($sessionupload = readdir($basedir))) {
if ($sessionupload != "." && $sessionupload != "..") {
$sessionupload = $bloguploadbase . $sessionupload;
$subdir = opendir($sessionupload);
while (false !== ($uploadfile = readdir($subdir))) {
if ($uploadfile != "." && $uploadfile != "..") {
$uploadfile = $sessionupload . '/' . $uploadfile;
unlink($uploadfile);
}
}
closedir($subdir);
rmdir($sessionupload);
}
}
}
@rmdir($bloguploadbase);
}
}
if ($oldversion < 2009081800) {
$subscription = (object) array('plugin' => 'blog', 'event' => 'createuser', 'callfunction' => 'create_default_blog');
ensure_record_exists('artefact_event_subscription', $subscription, $subscription);
}
return true;
}
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage artefact-blog
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('JSON', 1);
require dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php';
safe_require('artefact', 'blog');
$id = param_integer('id');
$blogpost = new ArtefactTypeBlogPost($id);
$blogpost->check_permission();
if (!$blogpost->publish()) {
json_reply('local', get_string('publishfailed', 'artefact.blog'));
}
json_reply(false, get_string('blogpostpublished', 'artefact.blog'));
