* @author Bernard Paques
* @reference
* @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
*/
// loaded from articles/view.php
defined('YACS') or exit('Script must be included');
// process uploaded data
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
// update an existing page
if (isset($_REQUEST['id'])) {
// remember the previous version
if ($item['id'] && Versions::are_different($item, $_REQUEST)) {
Versions::save($item, 'article:' . $item['id']);
}
// stop on error
if (!Articles::put_attributes($_REQUEST) || is_object($overlay) && !$overlay->remember('update', $_REQUEST, 'article:' . $_REQUEST['id'])) {
$item = $_REQUEST;
$with_form = TRUE;
// else display the updated page
} else {
// do whatever is necessary on page update
Articles::finalize_update($anchor, $_REQUEST, $overlay, isset($_REQUEST['silent']) && $_REQUEST['silent'] == 'Y', isset($_REQUEST['notify_watchers']) && $_REQUEST['notify_watchers'] == 'Y', isset($_REQUEST['notify_followers']) && $_REQUEST['notify_followers'] == 'Y');
// cascade changes on access rights
if ($_REQUEST['active'] != $item['active']) {
Anchors::cascade('article:' . $item['id'], $_REQUEST['active']);
}
// the page has been modified
$context['text'] .= '<p>' . i18n::s('The page has been successfully updated.') . '</p>';
// display the updated page
if (!($recipients = Mailer::build_recipients('article:' . $item['id']))) {
Safe::redirect(Articles::get_permalink($item));
Articles::finalize_publication($anchor, $_REQUEST);
// message to the query poster
$context['page_title'] = i18n::s('Your query has been registered');
// use the secret handle to access the query
$link = '';
$status = '';
if ($item = Articles::get($_REQUEST['id'])) {
// ensure the article has a private handle
if (!isset($item['handle']) || !$item['handle']) {
$item['handle'] = md5(mt_rand());
// save in the database
$fields = array();
$fields['id'] = $item['id'];
$fields['handle'] = $item['handle'];
$fields['silent'] = 'Y';
Articles::put_attributes($fields);
}
// the secret link --see users/login.php
$link = $context['url_to_home'] . $context['url_to_root'] . Users::get_login_url('edit', 'article:' . $item['id'], $item['create_name'], $item['handle']);
$status = i18n::s('<p>You can check the status of your query at the following address:</p>') . '<p>' . Skin::build_link($link, $link, 'basic', i18n::s('The permanent address for your query')) . '</p>';
}
$context['text'] .= i18n::s('<p>Your query will now be reviewed by one of the associates of this community. It is likely that this will be done within the next 24 hours at the latest.</p>');
$context['text'] .= $status;
// follow-up commands
$follow_up = i18n::s('Where do you want to go now?');
$menu = array();
$menu = array_merge($menu, array($context['url_to_root'] => i18n::s('Front page')));
$menu = array_merge($menu, array('articles/' => i18n::s('All pages')));
$menu = array_merge($menu, array('sections/' => i18n::s('Site map')));
$menu = array_merge($menu, array('search.php' => i18n::s('Search')));
$menu = array_merge($menu, array('help/' => i18n::s('Help index')));
/**
* change some attributes of an anchor
*
* @see shared/anchor.php
*
* @param array of (name, value)
* @return TRUE on success, FALSE otherwise
*/
function set_values($fields)
{
// add our id
$fields['id'] = $this->item['id'];
// save in the database
return Articles::put_attributes($fields);
}
/**
* create a page out of a textual entity
*
* If a target is provided, it is extended with the text of this entity.
* Else if the anchor is an article, a comment is created. Otherwise an article is created.
*
* @param array of entity attributes
* @param string the textual entity to process
* @param array poster attributes
* @param string an optional anchor (e.g., 'article:123')
* @param string reference of the object to be extended, if any
* @return string reference to the created or updated object, or NULL
*/
public static function submit_page($entity_headers, $text, $user, $anchor = NULL, $target = NULL)
{
global $context;
// retrieve queue parameters
list($server, $account, $password, $allowed, $match, $section, $options, $hooks, $prefix, $suffix) = $context['mail_queue'];
// preserve breaks
$text = preg_replace('/\\s*<(br|div|h|p)/is', "\n\n<\$1", $text);
// suppress dangerous html tags
$text = strip_tags($text, $context['users_allowed_tags']);
// trim white spaces
while (TRUE) {
$text = trim($text, " \t\r\n");
if (!strncmp($text, '<br>', 4)) {
$text = substr($text, 4);
} elseif (!strncmp($text, '<br/>', 5)) {
$text = substr($text, 5);
} elseif (!strncmp($text, '<br />', 6)) {
$text = substr($text, 6);
} else {
break;
}
}
// parse article content
include_once $context['path_to_root'] . 'articles/article.php';
$article = new Article();
$entry_fields = array();
$entry_fields = $article->parse($text, $entry_fields);
// trim the header
if ($prefix) {
$tokens = explode($prefix, $entry_fields['description']);
if (isset($tokens[1])) {
$entry_fields['description'] = $tokens[1];
} else {
$entry_fields['description'] = $tokens[0];
}
}
// trim the signature
if ($suffix) {
list($entry_fields['description'], $dropped) = explode($suffix, $entry_fields['description']);
}
// strip extra text
$entry_fields['description'] = trim(preg_replace('/\\(See attached file: [^\\)]+?\\)/', '', $entry_fields['description']));
// anchor this item to something
$entry_fields['anchor'] = $anchor;
// make a title
if (!isset($entry_fields['title'])) {
$entry_fields['title'] = $context['mail_subject'];
}
// message creation stamp
$entry_fields['create_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', strtotime($context['mail_date']));
if (!isset($entry_fields['create_name'])) {
$entry_fields['create_name'] = $user['nick_name'];
}
if (!isset($entry_fields['create_id'])) {
$entry_fields['create_id'] = $user['id'];
}
if (!isset($entry_fields['create_address'])) {
$entry_fields['create_address'] = $user['email'];
}
// message edition stamp
$entry_fields['edit_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
if (!isset($entry_fields['edit_name'])) {
$entry_fields['edit_name'] = $user['nick_name'];
}
if (!isset($entry_fields['edit_id'])) {
$entry_fields['edit_id'] = $user['id'];
}
if (!isset($entry_fields['edit_address'])) {
$entry_fields['edit_address'] = $user['email'];
}
// we have to extend an existing article --this entity is mutable
if ($target && !strncmp($target, 'article:', 8) && ($article = Articles::get(substr($target, 8), TRUE))) {
// append the text to article description field
$fields = array();
$fields['id'] = $article['id'];
$fields['description'] = $article['description'] . $entry_fields['description'];
$fields['silent'] = TRUE;
Articles::put_attributes($fields);
return $target;
// we have to extend an existing comment --this entity is mutable
} elseif ($target && !strncmp($target, 'comment:', 8) && ($comment = Comments::get(substr($target, 8), TRUE))) {
// append the text to comment description field
$comment['description'] .= $entry_fields['description'];
Comments::post($comment);
return $target;
// we have to comment an existing page
} elseif (!strncmp($anchor, 'article:', 8)) {
// insert comment in the database
if (!($entry_fields['id'] = Comments::post($entry_fields))) {
Logger::remember('agents/messages.php: ' . Logger::error_pop());
return NULL;
}
// debug, if required to do so
if ($context['debug_messages'] == 'Y') {
Logger::remember('agents/messages.php: Messages::submit_page() as a comment', $entry_fields, 'debug');
}
// increment the post counter of the surfer
Users::increment_posts($user['id']);
// clear cache
$parent = Anchors::get($entry_fields['anchor']);
// touch the related anchor
if (is_object($parent) && isset($entry_fields['id'])) {
$parent->touch('comment:create', $entry_fields['id'], TRUE);
}
return 'comment:' . $entry_fields['id'];
// create a new page
} else {
// publish automatically, if required to do so
$section = Anchors::get($entry_fields['anchor']);
if (isset($context['users_with_auto_publish']) && $context['users_with_auto_publish'] == 'Y' || preg_match('/\\bauto_publish\\b/i', $options) || is_object($section) && $section->has_option('auto_publish')) {
$entry_fields['publish_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
if (!isset($entry_fields['publish_name'])) {
$entry_fields['publish_name'] = $user['nick_name'];
}
if (!isset($entry_fields['publish_id'])) {
$entry_fields['publish_id'] = $user['id'];
}
if (!isset($entry_fields['publish_address'])) {
$entry_fields['publish_address'] = $user['email'];
}
}
// ensure we are using ids instead of nicknames
if (is_object($section)) {
$entry_fields['anchor'] = $section->get_reference();
}
// save in the database
if (!($entry_fields['id'] = Articles::post($entry_fields))) {
Logger::remember('agents/messages.php: ' . Logger::error_pop());
return NULL;
}
// debugging log
if (isset($context['debug_messages']) && $context['debug_messages'] == 'Y') {
$entry_fields['description'] = substr($entry_fields['description'], 0, 1024);
Logger::remember('agents/messages.php: Messages::submit_page() as an article', $entry_fields, 'debug');
}
// increment the post counter of the surfer
Users::increment_posts($user['id']);
// do whatever is necessary on page creation
if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) {
Articles::finalize_publication($section, $entry_fields);
} else {
Articles::finalize_submission($section, $entry_fields);
}
// get the new item
$article = Anchors::get($anchor);
// if replies are allowed
if (!preg_match('/\\bno_reply\\b/i', $options)) {
// let the sender know about his post
if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) {
$splash = i18n::s("The page received by e-mail has been successfully published. Please review it now to ensure that it reflects your mind.");
} else {
$splash = i18n::s("The page received by e-mail has been posted. Don't forget to read it online. Then click on the Publish command to make it publicly available.");
}
$message = '<p>' . $splash . '</p>' . '<p><a href="' . $context['url_to_home'] . $context['url_to_root'] . $article->get_url() . '">' . $article->get_title() . '</a></p>' . '<div>' . $article->get_teaser('basic') . '</div>' . '<p>' . i18n::c('Thank you for your contribution') . '</p>';
// enable threading
$headers = Mailer::set_thread($section);
// send a mail message
Mailer::notify(NULL, $post_sender, 'Re: ' . $post_subject, $message, $headers);
}
// reference to the new page
return 'article:' . $entry_fields['id'];
}
// job ends
return NULL;
}
$follow_up .= Skin::finalize_list($menu, 'menu_bar');
$context['text'] .= Skin::build_block($follow_up, 'bottom');
// unlock pages
} elseif ($action == 'unlock_articles') {
// articles
if (isset($_REQUEST['selected_articles'])) {
$count = 0;
foreach ($_REQUEST['selected_articles'] as $dummy => $id) {
// an article to lock
if (($article = Articles::get($id)) && $article['locked'] == 'Y') {
$attributes = array();
$attributes['id'] = $article['id'];
$attributes['locked'] = 'N';
$attributes['silent'] = 'Y';
// too minor to be noted
if (Articles::put_attributes($attributes)) {
$count++;
}
}
}
// clear cache for containing section
Sections::clear($item);
// report on results
$context['text'] .= '<p>' . sprintf(i18n::ns('%d page has been unlocked.', '%d pages have been unlocked.', $count), $count) . '</p>';
// follow-up commands
$follow_up = i18n::s('What do you want to do now?');
$menu = array();
$menu[] = Skin::build_link(Sections::get_permalink($item), i18n::s('View the section'), 'span');
$menu[] = Skin::build_link(Sections::get_url($item['id'], 'manage'), i18n::s('Manage it'), 'span');
$follow_up .= Skin::finalize_list($menu, 'menu_bar');
$context['text'] .= Skin::build_block($follow_up, 'bottom');
return;
}
// not found -- help web crawlers
if (!isset($item['id'])) {
Safe::header('Status: 404 Not Found', TRUE, 404);
die(i18n::s('No item has the provided id.'));
// permission denied
} elseif (!$permitted) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
die(i18n::s('You are not allowed to perform this operation.'));
// retrieve some attributes
} elseif ($action) {
$response = Articles::get_attributes($item['id'], $action);
// encode result in JSON
$output = Safe::json_encode($response);
// allow for data compression
render_raw('application/json; charset=' . $context['charset']);
// actual transmission except on a HEAD request
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') {
echo $output;
}
// the post-processing hook, then exit
finalize_page(TRUE);
// update some attributes
} else {
if (Articles::put_attributes($_REQUEST)) {
die('OK');
}
// some error has occured
Safe::header('Status: 500 Internal Error', TRUE, 500);
}
