示例#1
0
 /**
  * show thread
  *
  * @param integer $intThreadId
  * @return bool
  */
 function showThread($intThreadId)
 {
     global $objDatabase, $_ARRAYLANG;
     $objFWUser = \FWUser::getFWUserObject();
     $this->_communityLogin();
     $intThreadId = intval($intThreadId);
     if (!empty($_REQUEST['notification_update']) && $_REQUEST['notification_update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION']) {
         $this->_updateNotification($intThreadId);
     }
     $intCatId = !empty($_REQUEST['category_id']) ? intval($_REQUEST['category_id']) : '0';
     if ($intCatId == 0) {
         $intCatId = $this->_getCategoryIdFromThread($intThreadId);
     }
     if (empty($intCatId)) {
         \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum');
         die;
     }
     if ($objFWUser->objUser->login()) {
         $this->_objTpl->touchBlock('notificationRow');
     } else {
         $this->_objTpl->hideBlock('notificationRow');
     }
     $intPostId = !empty($_REQUEST['postid']) ? intval($_REQUEST['postid']) : 0;
     $intPostId = $intPostId == 0 && !empty($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : $intPostId;
     $this->_objTpl->setVariable('FORUM_EDIT_POST_ID', $intPostId);
     $_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : '';
     if ($_REQUEST['act'] == 'delete') {
         if ($this->_checkAuth($intCatId, 'delete')) {
             if ($this->_deletePost($intCatId, $intThreadId, $_REQUEST['postid'])) {
                 $this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']);
             } else {
                 $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']);
             }
         } else {
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
         }
     }
     $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0;
     $this->_objTpl->setVariable(array('FORUM_PAGING_POS' => $pos));
     if (!empty($_REQUEST['preview_new'])) {
         $pos = $this->_getLastPos($intPostId, $intThreadId);
     }
     if (!empty($_REQUEST['postid'])) {
         if ($_REQUEST['act'] == 'quote') {
             $pos = $this->_getLastPos($intPostId, $intThreadId);
         }
         if ($_REQUEST['act'] == 'edit') {
             $pos = $this->_getEditPos($intPostId, $intThreadId);
         }
     }
     if (!empty($_REQUEST['l']) && $_REQUEST['l'] == 1) {
         $pos = $this->_getEditPos($intPostId, $intThreadId);
     }
     $arrPosts = $this->createPostArray($intThreadId, $pos);
     if (!empty($_REQUEST['preview_edit']) && $_REQUEST['post_id'] != 0 && $_REQUEST['act'] != 'quote') {
         $intPostId = intval($intPostId);
         $pos = $this->_getEditPos($intPostId, $intThreadId);
         $arrPosts = $this->createPostArray($intThreadId, $pos);
         $arrPosts[$intPostId]['subject'] = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT'];
         $arrPosts[$intPostId]['content'] = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput(contrexx_input2raw($_REQUEST['message']));
     }
     $userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0;
     $icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1;
     if ($_REQUEST['act'] == 'edit') {
         //submit is an edit
         $arrEditedPost = $this->_getPostingData($intPostId);
         $subject = addcslashes(htmlentities($arrEditedPost['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
         $content = $arrEditedPost['content'];
         $keywords = addcslashes(htmlentities($arrEditedPost['keywords'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
         $attachment = $arrEditedPost['attachment'];
         $this->_objTpl->setVariable('FORUM_POST_EDIT_USERID', $arrPosts[$intPostId]['user_id']);
         if (!empty($attachment)) {
             $this->_objTpl->setVariable('TXT_FORUM_DELETE_ATTACHMENT', sprintf($_ARRAYLANG['TXT_FORUM_DELETE_ATTACHMENT'], $attachment));
         }
         $this->_objTpl->touchBlock('updatePost');
         $this->_objTpl->hideBlock('createPost');
         $this->_objTpl->hideBlock('previewNewPost');
         $this->_objTpl->touchBlock('previewEditPost');
     } else {
         //new post
         if ($this->_objTpl->blockExists('delAttachment')) {
             $this->_objTpl->hideBlock('delAttachment');
         }
         $subject = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : '';
         $content = !empty($_REQUEST['message']) ? contrexx_input2raw(strip_tags($_REQUEST['message'])) : '';
         $keywords = !empty($_REQUEST['keywords']) ? contrexx_strip_tags($_REQUEST['keywords']) : '';
         $attachment = !empty($_REQUEST['attachment']) ? contrexx_strip_tags($_REQUEST['attachment']) : '';
         $this->_objTpl->touchBlock('createPost');
         $this->_objTpl->hideBlock('updatePost');
         $this->_objTpl->touchBlock('previewNewPost');
         $this->_objTpl->hideBlock('previewEditPost');
     }
     if ($_REQUEST['act'] == 'quote') {
         $quoteContent = $this->_getPostingData($intPostId);
         $subject = 'RE: ' . addcslashes(htmlentities($quoteContent['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
         $content = '[quote=' . $arrPosts[$intPostId]['user_name'] . ']' . strip_tags($quoteContent['content']) . '[/quote]';
     }
     $firstPost = current($arrPosts);
     if ($this->_arrSettings['wysiwyg_editor'] == 1) {
         //IF WYSIWIG enabled..
         $strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('message', $content, 'bbcode');
     } else {
         //plain textarea
         $strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="message">' . contrexx_raw2xhtml($content) . '</textarea>';
     }
     $this->_objTpl->setGlobalVariable(array('FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deletePost'), 'FORUM_JAVASCRIPT_SCROLLTO' => $this->getJavascript('scrollto'), 'FORUM_SCROLLPOS' => !empty($_REQUEST['scrollpos']) ? intval($_REQUEST['scrollpos']) : '0', 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText', array($intCatId, $intThreadId, $firstPost)), 'FORUM_NAME' => $this->_shortenString($firstPost['subject'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId) . '<a title="' . $this->_arrTranslations[$intCatId][$this->_intLangId]['name'] . '" href="index.php?section=Forum&amp;cmd=board&amp;id=' . $intCatId . '">' . $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength) . '</a> > ', 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_RATING' => $_ARRAYLANG['TXT_FORUM_RATING'], 'TXT_FORUM_ADD_POST' => $_ARRAYLANG['TXT_FORUM_ADD_POST'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_POST' => $_ARRAYLANG['TXT_FORUM_CREATE_POST'], 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_QUOTE' => $_ARRAYLANG['TXT_FORUM_QUOTE'], 'TXT_FORUM_EDIT' => $_ARRAYLANG['TXT_FORUM_EDIT'], 'TXT_FORUM_DELETE' => $_ARRAYLANG['TXT_FORUM_DELETE'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_UPDATE_POST' => $_ARRAYLANG['TXT_FORUM_UPDATE_POST'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'TXT_FORUM_THREAD_ACTION_DESC' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DESC'], 'TXT_FORUM_THREAD_ACTION_MOVE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE'], 'TXT_FORUM_THREAD_ACTION_CLOSE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_CLOSE_' . $firstPost['is_locked']], 'TXT_FORUM_THREAD_ACTION_STICKY' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_STICKY_' . $firstPost['is_sticky']], 'TXT_FORUM_THREAD_ACTION_DELETE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DELETE'], 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'FORUM_SUBJECT' => stripslashes($subject), 'FORUM_KEYWORDS' => stripslashes($keywords), 'FORUM_ATTACHMENT_OLDNAME' => $attachment, 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_THREAD_ID' => $intThreadId, 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_POSTS_PAGING' => getPaging($this->_postCount, $pos, '&section=Forum&cmd=thread&id=' . $intThreadId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], true, $this->_arrSettings['posting_paging'])));
     if ($objFWUser->objUser->login()) {
         $this->_objTpl->hideBlock('captcha');
     } else {
         $this->_objTpl->touchBlock('captcha');
     }
     $this->_setIcons($this->_getIcons());
     if (!$this->_checkAuth($intCatId, 'read')) {
         $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
         return false;
     }
     $intCounter = 0;
     foreach ($arrPosts as $postId => $arrValues) {
         $strRating = '<span id="forum_current_rating_' . $postId . '" class="rating_%s">%s</span>';
         if ($arrValues['rating'] == 0) {
             $class = 'none';
         } elseif ($arrValues['rating'] > 0) {
             $class = 'pos';
         } else {
             $class = 'neg';
         }
         $strRating = sprintf($strRating, $class, $arrValues['rating']);
         $strUserProfileLink = $arrValues['user_id'] > 0 ? '<a title="' . $arrValues['user_name'] . '" href="index.php?section=Access&amp;cmd=user&amp;id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName;
         $arrAttachment = $this->_getAttachment($arrValues['attachment']);
         $this->_objTpl->setGlobalVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1));
         $quoteLink = "id=" . $intThreadId . "&act=quote&postid=" . $postId;
         $quoteLinkLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Forum") . "&amp;cmd=thread&amp;" . htmlentities($quoteLink) . "';";
         $quoteLinkNotLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Login") . "&amp;redirect=" . base64_encode("index.php?section=Forum&cmd=thread&" . $quoteLink) . "';";
         $this->_objTpl->setVariable(array('FORUM_POST_DATE' => $arrValues['time_created'], 'FORUM_POST_LAST_EDITED' => $arrValues['time_edited'] != date(ASCMS_DATE_FORMAT, 0) ? $_ARRAYLANG['TXT_FORUM_LAST_EDITED'] . $arrValues['time_edited'] : '', 'FORUM_USER_ID' => $arrValues['user_id'], 'FORUM_USER_NAME' => $strUserProfileLink, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . $arrValues['post_number'], 'FORUM_POST_ICON' => $arrValues['post_icon'], 'FORUM_POST_SUBJECT' => $arrValues['subject'], 'FORUM_POST_MESSAGE' => $arrValues['content'], 'FORUM_POST_RATING' => $strRating, 'FORUM_POST_ATTACHMENT_LINK' => $arrAttachment['webpath'], 'FORUM_POST_ATTACHMENT_FILENAME' => $arrAttachment['name'], 'FORUM_POST_ATTACHMENT_ICON' => $arrAttachment['icon'], 'FORUM_POST_ATTACHMENT_FILESIZE' => $arrAttachment['size'], 'FORUM_QUOTE_ONCLICK' => $this->_checkAuth($intCatId, 'write') ? $quoteLinkLoggedIn : $quoteLinkNotLoggedIn));
         if (!$objFWUser->objUser->login() && !$this->_checkAuth($intCatId, 'write')) {
             $button = '<input type="button" value="' . $_ARRAYLANG['TXT_FORUM_CREATE_POST'] . '" onclick="location.href=\'' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?section=Login') . '&redirect=' . base64_encode($_SERVER['REQUEST_URI']) . '\';" />';
             $this->_objTpl->setVariable(array('FORUM_POST_REPLY_REDIRECT' => $button));
         }
         $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId, 'FORUM_RATING_POST_ID' => $postId));
         if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'edit') || $objFWUser->objUser->login() && $arrValues['user_id'] == $objFWUser->objUser->getId())) {
             $this->_objTpl->touchBlock('postEdit');
         } else {
             $this->_objTpl->hideBlock('postEdit');
         }
         if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'write') || !$firstPost['is_locked'])) {
             $this->_objTpl->touchBlock('postQuote');
         } else {
             $this->_objTpl->hideBlock('postQuote');
         }
         if ($this->_checkAuth($intCatId, 'delete') && $arrValues['post_number'] != 1) {
             $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId));
             $this->_objTpl->touchBlock('postDelete');
         } else {
             $this->_objTpl->hideBlock('postDelete');
         }
         if ($this->_objTpl->blockExists('rating')) {
             if ($objFWUser->objUser->login() && !$this->_hasRated($postId)) {
                 $this->_objTpl->parse('rating');
             } else {
                 $this->_objTpl->hideBlock('rating');
             }
         }
         if ($this->_objTpl->blockExists('attachment')) {
             if (!empty($arrValues['attachment'])) {
                 $this->_objTpl->parse('attachment');
             } else {
                 $this->_objTpl->hideBlock('attachment');
             }
         }
         $this->_objTpl->parse('forumPosts');
     }
     if (!$this->_checkAuth($intCatId, 'write') || $firstPost['is_locked'] == 1) {
         $this->_objTpl->hideBlock('addPost');
         $this->_objTpl->hideBlock('addPostAnchor');
     } else {
         $this->_objTpl->touchBlock('addPostAnchor');
     }
     // initialize the uploader
     $this->initForumUploader();
     //addpost code
     if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_POST']) {
         if (!$this->_checkAuth($intCatId, 'write') && $firstPost['is_locked'] != 1) {
             //auth check
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
             $this->_objTpl->hideBlock('addPost');
             return false;
         }
         if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
             //captcha check
             return false;
         }
         if (strlen(trim($content)) < $this->_minPostlength) {
             //content check
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
             return false;
         }
         if (false !== ($match = $this->_hasBadWords($content))) {
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
             return false;
         }
         $fileInfo = $this->_handleUpload('forum_attachment');
         if ($fileInfo === false) {
             //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload()
             return false;
         }
         $lastPostIdQuery = '    SELECT max( id ) as last_post_id
                                 FROM ' . DBPREFIX . 'module_forum_postings
                                 WHERE category_id = ' . $intCatId . '
                                 AND      thread_id = ' . $intThreadId;
         if (($objRSmaxId = $objDatabase->SelectLimit($lastPostIdQuery, 1)) !== false) {
             $intPrevPostId = $objRSmaxId->fields['last_post_id'];
         } else {
             die('Database error: ' . $objDatabase->ErrorMsg());
         }
         $insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings (
                         id,             category_id,    thread_id,            prev_post_id,
                         user_id,         time_created,    time_edited,         is_locked,
                         is_sticky,         rating,         views,                 icon,
                         keywords,        subject,        content,             attachment
                     ) VALUES (
                         NULL, ' . $intCatId . ', ' . $intThreadId . ', ' . $intPrevPostId . ',
                         ' . $userId . ', ' . time() . ',         0,                     0,
                         0,                   0,        0, ' . $icon . ",\n                            '{$keywords}' ,'" . $subject . "',    '" . contrexx_raw2db($content) . "', '" . $fileInfo['name'] . "'\n                        )";
         if ($objDatabase->Execute($insertQuery) !== false) {
             $lastInsertId = $objDatabase->Insert_ID();
             $this->updateViewsNewItem($intCatId, $lastInsertId, true);
             $this->_updateNotification($intThreadId);
             $this->_sendNotifications($intThreadId, $subject, $content);
             $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
             $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
             $cacheManager->deleteSingleFile($pageId);
         }
         \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId));
         die;
     }
     if (!empty($_REQUEST['preview_new'])) {
         $content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($content);
         if (false !== ($match = $this->_hasBadWords($content))) {
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
             return false;
         }
         if (strlen(trim($content)) < $this->_minPostlength) {
             //content check
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
             return false;
         }
         $this->_objTpl->setVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_POST_DATE' => date(ASCMS_DATE_FORMAT, time()), 'FORUM_USER_ID' => $userId, 'FORUM_USER_NAME' => $objFWUser->objUser->login() ? '<a href="index.php?section=Access&amp;cmd=user&amp;id=' . $userId . '" title="' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : $this->_anonymousName, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . ($this->_postCount + 1), 'FORUM_POST_ICON' => $this->getThreadIcon($icon), 'FORUM_POST_SUBJECT' => stripslashes($subject), 'FORUM_POST_MESSAGE' => $content, 'FORUM_POST_RATING' => '0'));
         $this->_objTpl->touchBlock('createPost');
         $this->_objTpl->hideBlock('updatePost');
         if ($this->_objTpl->blockExists('attachment')) {
             $this->_objTpl->hideBlock('attachment');
         }
         $this->_objTpl->hideBlock('postEdit');
         $this->_objTpl->hideBlock('postQuote');
         $this->_objTpl->touchBlock('previewNewPost');
         $this->_objTpl->hideBlock('previewEditPost');
         $this->_objTpl->parse('forumPosts');
     }
     if (!empty($_REQUEST['update']) && $_REQUEST['update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_POST']) {
         if (strlen(trim($content)) < $this->_minPostlength) {
             //content size check
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
             return false;
         }
         if (!$this->_checkAuth($intCatId, 'edit') && (!$objFWUser->objUser->login() || $arrValues['user_id'] != $objFWUser->objUser->getId())) {
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
             $this->_objTpl->hideBlock('postEdit');
             return false;
         }
         if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
             $this->_objTpl->touchBlock('updatePost');
             $this->_objTpl->hideBlock('createPost');
             return false;
         }
         if (false !== ($match = $this->_hasBadWords($content))) {
             $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
             return false;
         }
         $fileInfo = $this->_handleUpload('forum_attachment');
         if ($fileInfo === false) {
             //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload()
             return false;
         }
         if (empty($_POST['forum_delete_attachment']) && empty($fileInfo['name']) && !empty($_REQUEST['forum_attachment_oldname'])) {
             $fileInfo['name'] = contrexx_addslashes($_REQUEST['forum_attachment_oldname']);
         } elseif (!empty($_POST['forum_delete_attachment']) && $_POST['forum_delete_attachment'] == 1 || !empty($_REQUEST['forum_attachment_oldname']) && $fileInfo['name'] != $_REQUEST['forum_attachment_oldname']) {
             unlink(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteMediaForumUploadPath() . '/' . str_replace(array('./', '.\\'), '', $_REQUEST['forum_attachment_oldname']));
         }
         $updateQuery = 'UPDATE ' . DBPREFIX . 'module_forum_postings SET
                         time_edited = ' . mktime() . ',
                         icon = ' . $icon . ',
                         subject = \'' . $subject . '\',
                         keywords = \'' . $keywords . '\',
                         content = \'' . contrexx_raw2db($content) . '\',
                         attachment = \'' . $fileInfo['name'] . '\'
                         WHERE id = ' . $intPostId;
         if ($objDatabase->Execute($updateQuery) !== false) {
             $this->updateViews($intThreadId, $intPostId);
             $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
             $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
             $cacheManager->deleteSingleFile($pageId);
         }
         \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId));
         die;
     }
     if (!empty($_REQUEST['preview_edit'])) {
         $this->_objTpl->touchBlock('updatePost');
         $this->_objTpl->hideBlock('createPost');
         $this->_objTpl->hideBlock('previewNewPost');
         $this->_objTpl->touchBlock('previewEditPost');
     }
     $hasAccess = false;
     foreach (array('STICKY', 'MOVE', 'CLOSE', 'DELETE') as $action) {
         if (!$this->_checkAuth($intCatId, strtolower($action))) {
             $this->_objTpl->setVariable('FORUM_THREAD_ACTIONS_DISABLED_' . $action, 'disabled="disabled"');
         } else {
             $hasAccess = true;
         }
     }
     if ($this->_objTpl->blockExists('threadActionsSelect')) {
         if ($userId < 1 || !$hasAccess) {
             $this->_objTpl->hideBlock('threadActionsSelect');
         } else {
             $this->_objTpl->touchBlock('threadActionsSelect');
         }
     }
     if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'move' && !empty($_REQUEST['id'])) {
         $thread = intval($_REQUEST['id']);
         $newCat = intval($_REQUEST['moveToThread']);
         $oldCat = $this->_getCategoryIdFromThread($thread);
         $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `category_id` = {$newCat} WHERE `thread_id` = " . $thread;
         if ($objDatabase->Execute($query)) {
             $intMovedPosts = $objDatabase->Affected_Rows();
             $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `thread_id` = {$thread}";
             $objRS = $objDatabase->SelectLimit($query, 1);
             $intMovedPostLastId = $objRS->fields['lastid'];
             $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$oldCat}";
             $objRS = $objDatabase->SelectLimit($query, 1);
             $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` - 1, `post_count` = `post_count` - {$intMovedPosts}, `last_post_id` = " . (intval($objRS->fields['lastid']) > 0 ? intval($objRS->fields['lastid']) : 0) . " WHERE `category_id` = {$oldCat}";
             $objDatabase->Execute($query);
             $query = "SELECT `id` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$newCat} GROUP BY `time_created` DESC";
             $objRS = $objDatabase->Execute($query);
             $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` + 1, `post_count` = `post_count` + {$intMovedPosts}, `last_post_id` = " . $objRS->fields['id'] . " WHERE `category_id` = {$newCat}";
             $objDatabase->Execute($query);
             $this->_objTpl->hideBlock('moveForm');
             $this->_objTpl->setVariable(array('TXT_THREAD_ACTION_' . ($success ? 'SUCCESS' : 'ERROR') => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE' . (!$success ? 'UN' : '') . 'SUCCESSFUL'], 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_THREAD_ID' => $intThreadId));
             \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $thread);
         }
     }
     if (!empty($_GET['a'])) {
         $this->_objTpl->setVariable(array('TXT_FORUM_' . ($_GET['r'] == 1 ? 'SUCCESS' : 'ERROR') => '<br />' . $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_' . strtoupper($_GET['a']) . '_' . (!$_GET['r'] ? 'UN' : '') . 'SUCCESSFUL' . $_GET['s']]));
     }
     $success = false;
     if (!empty($_REQUEST['thread_actions'])) {
         $action = contrexx_addslashes($_REQUEST['thread_actions']);
         if ($this->_checkAuth($intCatId, $action)) {
             switch ($action) {
                 case 'move':
                     $arrForums = $this->createForumArray($this->_intLangId);
                     foreach ($arrForums as $intCatID => $arrThread) {
                         $strOptions .= '<option value="' . $intCatID . '" ' . ($arrThread['level'] == 0 ? 'disabled="disabled"' : '') . '>' . str_repeat('&nbsp;', $arrThread['level'] * 2) . $arrThread['name'] . '</option>';
                     }
                     $this->_objTpl->setVariable(array('FORUM_THREADS' => $strOptions));
                     $success = true;
                     $suffix = '';
                     \Env::get('cx')->getPage()->setTitle($_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE']);
                     break;
                 case 'close':
                     $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_locked` = IF(`is_locked` = '0' OR `is_locked` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']);
                     if ($objDatabase->Execute($query) !== false) {
                         $success = true;
                     }
                     $suffix = '_' . $firstPost['is_locked'];
                     break;
                 case 'sticky':
                     $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_sticky` = IF(`is_sticky` = '0' OR `is_sticky` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']);
                     if ($objDatabase->Execute($query) !== false) {
                         $success = true;
                     }
                     $suffix = '_' . $firstPost['is_sticky'];
                     break;
                 default:
                     break;
             }
             if ($action != 'move') {
                 \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&a=' . $action . '&r=' . $success . '&s=' . $suffix);
             }
         } else {
             $this->_objTpl->setVariable('TXT_THREAD_ACTION_ERROR', $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
         }
         $this->_objTpl->parse('threadActions');
         $this->_objTpl->touchBlock('threadActions');
         $this->_objTpl->hideBlock('threadDisplay');
     } else {
         $this->updateViews($intThreadId, $intPostId);
         $this->_objTpl->hideBlock('threadActions');
     }
     return true;
 }
示例#2
0
 function _modifyMedium()
 {
     global $_ARRAYLANG, $_CONFIG;
     if (!isset($_REQUEST['section'])) {
         $_REQUEST['section'] = '';
     }
     $mediumId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
     $mediumTitle = '';
     $mediumYoutubeID = '';
     $mediumAuthor = '';
     $mediumDescription = '';
     $mediumSource = '';
     $mediumThumbnail = '';
     $mediumTemplate = '';
     $mediumWidth = 0;
     $mediumHeight = 0;
     $mediumPlaylength = 0;
     $mediumSize = 0;
     $mediumStatus = 1;
     $mediumCategories = array();
     $saveStatus = true;
     if ($_REQUEST['section'] != 'Podcast') {
         //load backend template
         $this->_objTpl->loadTemplatefile('module_podcast_modify_medium.html');
     } else {
         //load frontend content as template
         $pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page');
         $pages = $pageRepo->findBy(array('module' => 'Podcast', 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'cmd' => 'modifyMedium'));
         if (count($pages)) {
             //overwrite template, since _modifyMedium is called in the same request as the _selectMediumSource
             $this->_objTpl->setTemplate(current($pages)->getContent());
         }
     }
     $this->_pageTitle = $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM'];
     $this->_objTpl->setVariable(array('TXT_PODCAST_TITLE' => $_ARRAYLANG['TXT_PODCAST_TITLE'], 'TXT_PODCAST_DESCRIPTION' => $_ARRAYLANG['TXT_PODCAST_DESCRIPTION'], 'TXT_PODCAST_SOURCE' => $_ARRAYLANG['TXT_PODCAST_SOURCE'], 'TXT_PODCAST_TEMPLATE' => $_ARRAYLANG['TXT_PODCAST_TEMPLATE'], 'TXT_PODCAST_DIMENSIONS' => $_ARRAYLANG['TXT_PODCAST_DIMENSIONS'], 'TXT_PODCAST_PIXEL_WIDTH' => $_ARRAYLANG['TXT_PODCAST_PIXEL_WIDTH'], 'TXT_PODCAST_PIXEL_HEIGHT' => $_ARRAYLANG['TXT_PODCAST_PIXEL_HEIGHT'], 'TXT_PODCAST_CATEGORIES' => $_ARRAYLANG['TXT_PODCAST_CATEGORIES'], 'TXT_PODCAST_STATUS' => $_ARRAYLANG['TXT_PODCAST_STATUS'], 'TXT_PODCAST_ACTIVE' => $_ARRAYLANG['TXT_PODCAST_ACTIVE'], 'TXT_PODCAST_SAVE' => $_ARRAYLANG['TXT_PODCAST_SAVE'], 'TXT_PODCAST_PLAYLENGHT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT'], 'TXT_PODCAST_PLAYLENGTH' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH'], 'TXT_PODCAST_PLAYLENGHT_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT_FORMAT'], 'TXT_PODCAST_PLAYLENGTH_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH_FORMAT'], 'TXT_PODCAST_FILESIZE' => $_ARRAYLANG['TXT_PODCAST_FILESIZE'], 'TXT_PODCAST_BYTES' => $_ARRAYLANG['TXT_PODCAST_BYTES'], 'TXT_PODCAST_AUTHOR' => $_ARRAYLANG['TXT_PODCAST_AUTHOR'], 'TXT_PODCAST_EDIT_OR_ADD_IMAGE' => $_ARRAYLANG['TXT_PODCAST_EDIT_OR_ADD_IMAGE'], 'TXT_PODCAST_THUMBNAIL' => $_ARRAYLANG['TXT_PODCAST_THUMBNAIL'], 'TXT_PODCAST_SHOW_FILE' => $_ARRAYLANG['TXT_PODCAST_SHOW_FILE']));
     if (isset($_POST['podcast_medium_save'])) {
         if (isset($_POST['podcast_medium_title'])) {
             $mediumTitle = trim($_POST['podcast_medium_title']);
         }
         if (isset($_POST['podcast_medium_author'])) {
             $mediumAuthor = trim($_POST['podcast_medium_author']);
         }
         if (isset($_POST['podcast_medium_description'])) {
             $mediumDescription = trim($_POST['podcast_medium_description']);
         }
         if (isset($_POST['podcast_medium_template'])) {
             $mediumTemplate = intval($_POST['podcast_medium_template']);
         }
         $mediumWidth = isset($_POST['podcast_medium_width']) ? intval($_POST['podcast_medium_width']) : 0;
         $mediumHeight = isset($_POST['podcast_medium_height']) ? intval($_POST['podcast_medium_height']) : 0;
         $mediumSize = isset($_POST['podcast_medium_filesize']) ? intval($_POST['podcast_medium_filesize']) : 0;
         if (!empty($_POST['podcast_medium_playlength'])) {
             $arrPlaylength = array();
             if (preg_match('/^(([0-9]*):)?(([0-9]*):)?([0-9]*)$/', $_POST['podcast_medium_playlength'], $arrPlaylength)) {
                 $minutes = empty($arrPlaylength[3]) ? $arrPlaylength[2] : $arrPlaylength[4];
                 $hours = empty($arrPlaylength[3]) ? $arrPlaylength[4] : $arrPlaylength[2];
                 $mediumPlaylength = $hours * 3600 + $minutes * 60 + $arrPlaylength[5];
             }
         }
         if (isset($_POST['podcast_medium_source'])) {
             $mediumSource = trim($_POST['podcast_medium_source']);
         }
         if (isset($_POST['podcast_medium_thumbnail'])) {
             $mediumThumbnail = trim($_POST['podcast_medium_thumbnail']);
         }
         if (!empty($_POST['podcast_youtubeID'])) {
             $mediumYoutubeID = trim($_POST['podcast_youtubeID']);
             $mediumSize = 0;
             $mediumTemplate = $this->_getYoutubeTemplate();
         }
         $mediumStatus = $_REQUEST['section'] != 'podcast' ? isset($_POST['podcast_medium_status']) ? intval($_POST['podcast_medium_status']) : 0 : ($this->_arrSettings['auto_validate'] ? 1 : 0);
         if (isset($_POST['podcast_medium_associated_category'])) {
             foreach ($_POST['podcast_medium_associated_category'] as $categoryId => $status) {
                 if (intval($status) == 1) {
                     array_push($mediumCategories, intval($categoryId));
                 }
             }
         }
         if (empty($mediumTitle)) {
             $saveStatus = false;
             $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TITLE_MSG'] . "<br />\n";
         }
         /*elseif (!$this->_isUniqueMediumTitle($mediumTitle, $mediumId)) {
               $saveStatus = false;
               $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_DUPLICATE_MEDIUM_TITLE_MSG']."<br />\n";
           }*/
         if (empty($mediumTemplate)) {
             $saveStatus = false;
             $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TEMPLATE_MSG'] . "<br />\n";
         }
         if ($saveStatus) {
             if ($mediumId > 0 && $_REQUEST['section'] != 'podcast') {
                 if ($this->_updateMedium($mediumId, $mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) {
                     $this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_SUCCESSFULL'];
                     // Class in /core_modules/index.class.php is named Cache
                     // Class in /core_modules/admin.class.php is named CacheManager
                     $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
                     $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
                     $cacheManager->deleteSingleFile($pageId);
                     $this->_createRSS();
                     return $this->_media();
                 } else {
                     $this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_FAILED'];
                 }
             } else {
                 if ($this->_addMedium($mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumSource, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) {
                     // Class in /core_modules/index.class.php is named Cache
                     // Class in /core_modules/admin.class.php is named CacheManager
                     $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
                     $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
                     $cacheManager->deleteSingleFile($pageId);
                     $this->_createRSS();
                     if ($_REQUEST['section'] != 'Podcast') {
                         $this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_SUCCESSFULL'];
                         return $this->_media();
                     } else {
                         if ($this->_objTpl->blockExists('podcastThanks')) {
                             $this->_objTpl->touchBlock('podcastThanks');
                         }
                         if ($this->_objTpl->blockExists('podcastForm')) {
                             $this->_objTpl->hideBlock('podcastForm');
                         }
                         return true;
                     }
                 } else {
                     $this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_FAILED'];
                 }
             }
         }
     } elseif ($mediumId > 0 && ($arrMedium =& $this->_getMedium($mediumId)) !== false && $_REQUEST['section'] != 'Podcast') {
         $mediumTitle = $arrMedium['title'];
         $mediumAuthor = $arrMedium['author'];
         $mediumDescription = $arrMedium['description'];
         $mediumYoutubeID = $arrMedium['youtube_id'];
         $mediumSource = $arrMedium['source'];
         $mediumThumbnail = $arrMedium['thumbnail'];
         $mediumTemplate = $arrMedium['template_id'];
         $mediumWidth = $arrMedium['width'];
         $mediumHeight = $arrMedium['height'];
         $mediumStatus = $arrMedium['status'];
         $mediumCategories = $arrMedium['category'];
         $mediumPlaylength = $arrMedium['playlength'];
         $mediumSize = $arrMedium['size'];
     } elseif ($mediumId == 0) {
         $mediumSource = '';
         if (isset($_POST['podcast_medium_source_type']) && in_array($_POST['podcast_medium_source_type'], array('local', 'remote', 'youtube'))) {
             if ($_POST['podcast_medium_source_type'] == 'local') {
                 if (isset($_POST['podcast_medium_local_source'])) {
                     if (strpos($_POST['podcast_medium_local_source'], ASCMS_PATH_OFFSET) === 0) {
                         $mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . substr($_POST['podcast_medium_local_source'], strlen(ASCMS_PATH_OFFSET));
                     } else {
                         $mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . $_POST['podcast_medium_local_source'];
                     }
                 }
             } elseif ($_POST['podcast_medium_source_type'] == 'youtube') {
                 $mediumYoutubeID = contrexx_addslashes(trim($_POST['youtubeID']));
                 $mediumSource = 'http://youtube.com/v/' . $mediumYoutubeID;
             } elseif (isset($_POST['podcast_medium_remote_source'])) {
                 $mediumSource = $_POST['podcast_medium_remote_source'];
             }
         }
         if (empty($mediumSource)) {
             return $this->_selectMediumSource();
         }
         if (!empty($mediumYoutubeID)) {
             $mediumTitle = $this->_getYoutubeTitle($mediumYoutubeID);
             $mediumThumbnail = ASCMS_PATH_OFFSET . $this->_saveYoutubeThumbnail($mediumYoutubeID);
             $mediumTemplate =& $this->_getYoutubeTemplate();
             $mediumDescription =& $this->_getYoutubeDescription($mediumYoutubeID);
             $mediumWidth = $this->_youTubeDefaultWidth;
             $mediumSize = 0;
             $mediumHeight = $this->_youTubeDefaultHeight;
         } else {
             $mediumTitle = ($lastSlash = strrpos($mediumSource, '/')) !== false ? substr($mediumSource, $lastSlash + 1) : $mediumSource;
             $mediumTemplate =& $this->_getSuitableTemplate($mediumSource);
             $dimensions = isset($_POST['podcast_medium_local_source']) && \Cx\Core_Modules\Media\Controller\MediaLibrary::_isImage(ASCMS_PATH . $_POST['podcast_medium_local_source']) ? @getimagesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : false;
             if ($dimensions) {
                 $mediumWidth = $dimensions[0];
                 $mediumHeight = $dimensions[1];
             } else {
                 $mediumWidth = $this->_arrSettings['default_width'];
                 $mediumHeight = $this->_arrSettings['default_height'];
             }
             $mediumSize = isset($_POST['podcast_medium_local_source']) ? filesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : 0;
             $mediumSource = htmlentities(str_replace(array('%domain%', '%offset%'), array($_CONFIG['domainUrl'], ASCMS_PATH_OFFSET), $mediumSource), ENT_QUOTES, CONTREXX_CHARSET);
         }
     }
     $this->_objTpl->setVariable(array('PODCAST_MODIFY_TITLE' => $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM'] . ' (' . $_ARRAYLANG['TXT_PODCAST_STEP'] . ' 2: ' . $_ARRAYLANG['TXT_PODCAST_CONFIG_MEDIUM'] . ')', 'PODCAST_MEDIUM_ID' => $mediumId, 'PODCAST_MEDIUM_TITLE' => htmlentities($mediumTitle, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_AUTHOR' => htmlentities($mediumAuthor, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_DESCRIPTION' => htmlentities($mediumDescription, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_SOURCE' => $mediumSource, 'PODCAST_MEDIUM_SOURCE_URL' => htmlentities($mediumSource, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_TEMPLATE_MENU' => $this->_getTemplateMenu($mediumTemplate, 'name="podcast_medium_template" style="width:450px;"'), 'PODCAST_MEDIUM_WIDTH' => $mediumWidth, 'PODCAST_MEDIUM_HEIGHT' => $mediumHeight, 'PODCAST_MEDIUM_PLAYLENGHT' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_PLAYLENGTH' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_FILESIZE' => $mediumSize, 'PODCAST_MEDIUM_THUMBNAIL_SRC' => !empty($mediumThumbnail) ? $mediumThumbnail : $this->_noThumbnail, 'PODCAST_MEDIUM_STATUS' => $mediumStatus == 1 ? 'checked="checked"' : '', 'PODCAST_MEDIUM_YOUTUBE_DISABLED' => !empty($mediumYoutubeID) ? 'disabled="disabled"' : '', 'PODCAST_MEDIUM_YOUTUBE_ID' => !empty($mediumYoutubeID) ? $mediumYoutubeID : '', 'PODCAST_THUMB_BROWSE' => self::getMediaBrowserButton('', array('data-cx-mb-views' => 'filebrowser', 'type' => 'button', 'style' => 'display:none', 'id' => 'podcast_thumbnail_browser'), 'mediaBrowserCallback')));
     $arrCategories =& $this->_getCategories();
     $categoryNr = 0;
     $arrLanguages = \FWLanguage::getLanguageArray();
     foreach ($arrCategories as $categoryId => $arrCategory) {
         if ($_REQUEST['section'] == 'Podcast') {
             if (!in_array($categoryId, $this->_communityCategories) && !empty($this->_communityCategories)) {
                 continue;
             }
         }
         $column = $categoryNr % 3;
         $arrCatLangIds =& $this->_getLangIdsOfCategory($categoryId);
         array_walk($arrCatLangIds, create_function('&$cat, $k, $arrLanguages', '$cat = $arrLanguages[$cat]["lang"];'), $arrLanguages);
         $arrCategory['title'] .= ' (' . implode(', ', $arrCatLangIds) . ')';
         $this->_objTpl->setVariable(array('PODCAST_CATEGORY_ID' => $categoryId, 'PODCAST_CATEGORY_ASSOCIATED' => in_array($categoryId, $mediumCategories) ? 'checked="checked"' : '', 'PODCAST_SHOW_MEDIA_OF_CATEGORY_TXT' => sprintf($_ARRAYLANG['TXT_PODCAST_SHOW_MEDIA_OF_CATEGORY'], $arrCategory['title']), 'PODCAST_CATEGORY_NAME' => $arrCategory['title']));
         $this->_objTpl->parse('podcast_medium_associated_category_' . $column);
         $categoryNr++;
     }
 }
 function _deleteTemplateProcess()
 {
     global $_ARRAYLANG;
     $templateId = isset($_GET['id']) ? intval($_GET['id']) : 0;
     if (($arrTemplate =& $this->_getTemplate($templateId)) !== false) {
         if (!$this->_isTemplateInUse($templateId)) {
             if ($this->_deleteTemplate($templateId)) {
                 $this->_strOkMessage = sprintf($_ARRAYLANG['TXT_PODCAST_TEMPLATE_DELETED_SUCCESSFULL'], $arrTemplate['description']);
                 $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
                 $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
                 $cacheManager->deleteSingleFile($pageId);
                 $this->_createRSS();
             } else {
                 $this->_strErrMessage = sprintf($_ARRAYLANG['TXT_PODCAST_TEMPLATE_DELETED_FAILURE'], $arrTemplate['description']);
             }
         } else {
             $this->_strErrMessage = sprintf($_ARRAYLANG['TXT_PODCAST_TEMPLATE_STILL_IN_USE_MSG'], $arrTemplate['description']);
         }
     }
     $this->_templates();
 }
示例#4
0
 /**
  * Add a new voting to database
  * @global     ADONewConnection
  * @global     Cache
  * @param     integer        $intPicId: The picture with this id will be rated
  * @param     integer        $intMark: This mark will be set for the picture
  */
 function countVoting($intPicId, $intMark)
 {
     global $objDatabase;
     $intPicId = intval($intPicId);
     $categoryId = $this->getCategoryId($intPicId);
     $boolVoting = $this->categoryAllowsVoting($categoryId);
     if (checkForSpider() || $this->arrSettings['show_voting'] == 'off' || !$boolVoting) {
         return;
     }
     $intMark = intval($intMark);
     $strMd5 = md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']);
     $intCookieTime = time() + 7 * 24 * 60 * 60;
     $intVotingCheckTime = time() - 12 * 60 * 60;
     $objResult = $objDatabase->Execute("SELECT id FROM " . DBPREFIX . "module_gallery_votes " . "WHERE ip='" . $_SERVER['REMOTE_ADDR'] . "' AND md5='" . $strMd5 . "' AND date > {$intVotingCheckTime} AND picid={$intPicId} LIMIT 1");
     if ($objResult->RecordCount() == 1) {
         $boolIpCheck = false;
         setcookie('Gallery_Voting_' . $intPicId, $intMark, $intCookieTime, ASCMS_PATH_OFFSET . '/');
     } else {
         $boolIpCheck = true;
     }
     if ($intPicId != 0 && $intMark >= 1 && $intMark <= 10 && $boolIpCheck && !isset($_COOKIE['Gallery_Voting_' . $intPicId])) {
         $objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_gallery_votes " . "SET picid={$intPicId}, date=" . time() . ", ip='" . $_SERVER['REMOTE_ADDR'] . "', " . "md5='" . $strMd5 . "', mark={$intMark}");
         setcookie('Gallery_Voting_' . $intPicId, $intMark, $intCookieTime, ASCMS_PATH_OFFSET . '/');
         $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
         $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
         $cacheManager->deleteSingleFile($pageId);
     }
 }
示例#5
0
 /**
  * Handles request from the client
  * @todo Clean up usage of $param and $_GET
  * @global Array $_CORELANG Core language data
  * @param Array $params Client parameters
  * @return type 
  */
 public function set($params)
 {
     global $_CORELANG;
     // Global access check
     if (!\Permission::checkAccess(6, 'static', true) || !\Permission::checkAccess(35, 'static', true)) {
         throw new \Exception($_CORELANG['TXT_CORE_CM_USAGE_DENIED']);
     }
     $newPage = false;
     $reload = false;
     $pg = \Env::get('pageguard');
     $dataPost = !empty($params['post']) ? $params['post'] : array();
     $pageArray = !empty($dataPost['page']) ? $dataPost['page'] : array();
     // Only set in the editing mode.
     $pageId = !empty($pageArray['id']) ? intval($pageArray['id']) : (!empty($dataPost['pageId']) ? intval($dataPost['pageId']) : 0);
     $nodeId = !empty($pageArray['node']) ? intval($pageArray['node']) : (!empty($dataPost['nodeId']) ? intval($dataPost['nodeId']) : 0);
     $lang = !empty($pageArray['lang']) ? contrexx_input2raw($pageArray['lang']) : (!empty($dataPost['lang']) ? contrexx_input2raw($dataPost['lang']) : \FWLanguage::getLanguageCodeById(\FWLanguage::getDefaultLangId()));
     $action = !empty($dataPost['action']) ? contrexx_input2raw($dataPost['action']) : '';
     $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
     $cacheManager->deleteSingleFile($pageId);
     if (!empty($pageArray)) {
         if (!empty($pageArray['target']) && !empty($pageArray['target_protocol'])) {
             $pageArray['target'] = $pageArray['target_protocol'] . $pageArray['target'];
         } elseif (empty($pageArray['target']) && !empty($pageArray['target_protocol'])) {
             $pageArray['target'] = '';
         }
         $validatedPageArray = $this->validatePageArray($pageArray);
     }
     // UPDATE
     if (!empty($pageId)) {
         // If we got a page id, the page already exists and can be updated.
         $page = $this->pageRepo->find($pageId, 0, null, false);
         $node = $page->getNode();
         // TRANSLATE
     } else {
         if (!empty($nodeId) && !empty($lang)) {
             // We are translating the page.
             $node = $this->nodeRepo->find($nodeId);
             $page = $node->translatePage(true, \FWLanguage::getLanguageIdByCode($lang));
             $page->setNodeIdShadowed($node->getId());
             $page->setEditingStatus('');
             $newPage = true;
             $reload = true;
             // CREATE
         } else {
             if (empty($pageId) && !empty($lang)) {
                 if (!\Permission::checkAccess(5, 'static', true)) {
                     throw new \Exception($_CORELANG['TXT_CORE_CM_CREATION_DENIED']);
                 }
                 // Create a new node/page combination.
                 $node = new \Cx\Core\ContentManager\Model\Entity\Node();
                 // CREATE WITHIN
                 if (isset($dataPost['parent_node'])) {
                     $parentNode = $this->nodeRepo->find($dataPost['parent_node']);
                     if (!$parentNode) {
                         $parentNode = $this->nodeRepo->getRoot();
                     }
                     $node->setParent($parentNode);
                     $parentNode->addChildren($node);
                     // add parent node to ID, so the node containing the new page is opened
                     if (!isset($_COOKIE['jstree_open'])) {
                         $_COOKIE['jstree_open'] = '';
                     }
                     $openNodes = explode(',', $_COOKIE['jstree_open']);
                     if ($openNodes == array(0 => '')) {
                         $openNodes = array();
                     }
                     if (!in_array('#node_' . $parentNode->getId(), $openNodes)) {
                         $openNodes[] = '#node_' . $parentNode->getId();
                     }
                     setcookie('jstree_open', implode(',', $openNodes));
                     $this->em->persist($node);
                     $this->em->flush();
                     // CREATE
                 } else {
                     $node->setParent($this->nodeRepo->getRoot());
                     $this->nodeRepo->getRoot()->addChildren($node);
                     $this->em->persist($node);
                     $this->em->flush();
                 }
                 $page = new \Cx\Core\ContentManager\Model\Entity\Page();
                 $page->setNode($node);
                 $node->addPage($page);
                 $page->setNodeIdShadowed($node->getId());
                 $page->setLang(\FWLanguage::getLanguageIdByCode($lang));
                 $page->setUpdatedBy(\FWUser::getFWUserObject()->objUser->getUsername());
                 $newPage = true;
                 $reload = true;
             } else {
                 throw new \Exception('Page cannot be created. There are too little information.');
             }
         }
     }
     // Page access check
     if ($page->isBackendProtected() && !\Permission::checkAccess($page->getBackendAccessId(), 'dynamic', true)) {
         throw new \Cx\Core\ContentManager\Model\Entity\PageException('Not allowed to read page');
     }
     if (!empty($pageArray)) {
         $page->updateFromArray($validatedPageArray);
         if ($newPage) {
             // Make sure page has an ID
             $this->em->persist($page);
             $this->em->flush();
         }
     }
     if (!empty($action)) {
         switch ($action) {
             case 'activate':
             case 'publish':
                 $page->setActive(true);
                 break;
             case 'deactivate':
                 $page->setActive(false);
                 break;
             case 'show':
                 $page->setDisplay(true);
                 break;
             case 'hide':
                 $page->setDisplay(false);
                 break;
             case 'protect':
                 $page->setFrontendProtection(true);
                 break;
             case 'unprotect':
                 $page->setFrontendProtection(false);
                 break;
             case 'lock':
                 $page->setBackendProtection(true);
                 break;
             case 'unlock':
                 $page->setBackendProtection(false);
                 break;
         }
         if ($action != 'publish' && !$page->isDraft()) {
             $action = 'publish';
         }
     }
     $page->setUpdatedAtToNow();
     $page->validate();
     // Permissions are only updated in the editing mode.
     if (!empty($pageArray)) {
         if ($action == 'publish') {
             if (\Permission::checkAccess(36, 'static', true)) {
                 if ($page->isFrontendProtected()) {
                     // remove all
                     \Permission::removeAccess($page->getFrontendAccessId(), 'dynamic');
                     if (isset($dataPost['frontendGroups'])) {
                         // set new
                         $pg->setAssignedGroupIds($page, $dataPost['frontendGroups'], true);
                     }
                 }
                 if ($page->isBackendProtected()) {
                     // remove all
                     $groupIds = $pg->getAssignedGroupIds($page, false);
                     \Permission::removeAccess($page->getBackendAccessId(), 'dynamic');
                     if (isset($dataPost['backendGroups'])) {
                         // set new
                         $pg->setAssignedGroupIds($page, $dataPost['backendGroups'], false);
                     }
                     if ($page->isBackendProtected() && !\Permission::checkAccess($page->getBackendAccessId(), 'dynamic', true)) {
                         if (!count($groupIds)) {
                             $page->setBackendProtection(false);
                         } else {
                             $pg->setAssignedGroupIds($page, $groupIds, false);
                         }
                     }
                 }
             }
         }
     }
     // Block associations are only updated in the editing mode.
     if (!empty($pageArray) && empty($dataPost['ignoreBlocks'])) {
         if (!isset($dataPost['pageBlocks'])) {
             $dataPost['pageBlocks'] = array();
         }
         $page->setRelatedBlocks($dataPost['pageBlocks']);
     }
     $draftUpdateLog = null;
     $liveUpdateLog = null;
     $updatingDraft = false;
     if ($action == 'publish' && \Permission::checkAccess(78, 'static', true)) {
         // User w/permission clicked save&publish. we should either publish the page or submit the draft for approval.
         if ($page->getEditingStatus() == 'hasDraftWaiting') {
             $reload = true;
         }
         if ($page->getEditingStatus() != '') {
             $logEntries = $this->logRepo->getLogEntries($page, false);
             $this->em->remove($logEntries[0]);
         }
         $page->setEditingStatus('');
         $this->messages[] = $_CORELANG['TXT_CORE_SAVED'];
     } else {
         // User clicked save [as draft], so let's do that.
         $updatingDraft = $page->getEditingStatus() != '' ? true : false;
         if ($action == 'publish') {
             // User w/o publish permission clicked save&publish. submit it as a draft.
             $page->setEditingStatus('hasDraftWaiting');
             $this->messages[] = $_CORELANG['TXT_CORE_DRAFT_SUBMITTED'];
         } else {
             if ($page->getEditingStatus() == 'hasDraftWaiting' && \Permission::checkAccess(78, 'static', true)) {
                 $reload = true;
             }
             $page->setEditingStatus('hasDraft');
             $this->messages[] = $_CORELANG['TXT_CORE_SAVED_AS_DRAFT'];
         }
         // Gedmo-loggable generates a LogEntry (i.e. revision) on persist, so we'll have to
         // store the draft first, then revert the current version to what it previously was.
         // In the end, we'll have the current [published] version properly stored as a page
         // and the draft version stored as a gedmo LogEntry.
         $this->em->persist($page);
         // Gedmo hooks in on persist/flush, so we unfortunately need to flush our em in
         // order to get a clean set of logEntries.
         $this->em->flush();
         $logEntries = $this->logRepo->getLogEntries($page, false);
         // Revert to the published version.
         $cachedEditingStatus = $page->getEditingStatus();
         $this->logRepo->revert($page, $logEntries[1]->getVersion());
         $page->setEditingStatus($cachedEditingStatus);
         switch ($action) {
             case 'activate':
             case 'publish':
                 $page->setActive(true);
                 break;
             case 'deactivate':
                 $page->setActive(false);
                 break;
             case 'show':
                 $page->setDisplay(true);
                 break;
             case 'hide':
                 $page->setDisplay(false);
                 break;
             case 'protect':
                 $page->setFrontendProtection(true);
                 break;
             case 'unprotect':
                 $page->setFrontendProtection(false);
                 break;
             case 'lock':
                 $page->setBackendProtection(true);
                 break;
             case 'unlock':
                 $page->setBackendProtection(false);
                 break;
         }
         $this->em->persist($page);
         // Gedmo auto-logs slightly too much data. clean up unnecessary revisions:
         if ($updatingDraft) {
             $this->em->flush();
             $logEntries = $this->logRepo->getLogEntries($page);
             $currentLog = $logEntries[1];
             $currentLogData = $currentLog->getData();
             $currentLogData['editingStatus'] = $page->getEditingStatus();
             $currentLog->setData($currentLogData);
             $this->em->persist($currentLog);
             $liveUpdateLog = $logEntries[2];
             $this->em->remove($logEntries[2]);
         }
     }
     $this->em->persist($page);
     if (isset($dataPost['inheritFrontendAccess']) && $dataPost['inheritFrontendAccess'] == 'on' || isset($dataPost['inheritBackendAccess']) && $dataPost['inheritBackendAccess'] == 'on' || isset($dataPost['inheritSkin']) && $dataPost['inheritSkin'] == 'on' || isset($dataPost['inheritCustomContent']) && $dataPost['inheritCustomContent'] == 'on' || isset($dataPost['inheritCssName']) && $dataPost['inheritCssName'] == 'on' || isset($dataPost['inheritCssNavName']) && $dataPost['inheritCssNavName'] == 'on' || isset($dataPost['inheritCaching']) && $dataPost['inheritCaching'] == 'on') {
         $pageStack = $page->getChildren();
         while (count($pageStack)) {
             $currentPage = array_pop($pageStack);
             foreach ($currentPage->getChildren() as $child) {
                 array_push($pageStack, $child);
             }
             if (isset($dataPost['inheritFrontendAccess']) && $dataPost['inheritFrontendAccess'] == 'on') {
                 $reload = true;
                 $page->copyProtection($currentPage, true);
             }
             if (isset($dataPost['inheritBackendAccess']) && $dataPost['inheritBackendAccess'] == 'on') {
                 $reload = true;
                 $page->copyProtection($currentPage, false);
             }
             if (isset($dataPost['inheritSkin']) && $dataPost['inheritSkin'] == 'on') {
                 $currentPage->setSkin($page->getSkin());
             }
             if (isset($dataPost['inheritCustomContent']) && $dataPost['inheritCustomContent'] == 'on') {
                 $currentPage->setCustomContent($page->getCustomContent());
             }
             if (isset($dataPost['inheritCssName']) && $dataPost['inheritCssName'] == 'on') {
                 $currentPage->setCssName($page->getCssName());
             }
             if (isset($dataPost['inheritCssNavName']) && $dataPost['inheritCssNavName'] == 'on') {
                 $currentPage->setCssNavName($page->getCssNavName());
             }
             if (isset($dataPost['inheritCaching']) && $dataPost['inheritCaching'] == 'on') {
                 $currentPage->setCaching($page->getCaching());
             }
             $this->em->persist($currentPage);
         }
     }
     $this->em->flush();
     // bug fix #2279
     // could not save alias after running $this->em->clear()
     // Aliases are only updated in the editing mode.
     if (!empty($pageArray)) {
         // Only users with publish rights can create aliases.
         if (\Permission::checkAccess(115, 'static', true) && \Permission::checkAccess(78, 'static', true)) {
             // Aliases are updated after persist.
             $data = array();
             $data['alias'] = $pageArray['alias'];
             $aliases = $page->getAliases();
             $page->updateFromArray($data);
             if ($aliases != $page->getAliases()) {
                 $reload = true;
             }
         } else {
             // Users without permission shouldn't see the aliasses anyway
             //$this->messages[] = $_CORELANG['TXT_CORE_ALIAS_CREATION_DENIED'];
         }
     }
     // this fixes log version number skipping
     $this->em->clear();
     $logs = $this->logRepo->getLogEntries($page);
     $this->em->persist($logs[0]);
     if ($updatingDraft) {
         $data = $logs[1]->getData();
         if (!empty($action) && $draftUpdateLog) {
             $data = $draftUpdateLog->getData();
         }
         $data['editingStatus'] = 'hasDraft';
         if ($action == 'publish' && !\Permission::checkAccess(78, 'static', true)) {
             $data['editingStatus'] = 'hasDraftWaiting';
         }
         switch ($action) {
             case 'activate':
                 $data['active'] = true;
                 break;
             case 'deactivate':
                 $data['active'] = false;
                 break;
             case 'show':
                 $data['display'] = true;
                 break;
             case 'hide':
                 $data['display'] = false;
                 break;
             case 'protect':
                 $data['protection'] = $data['protection'] | FRONTEND_PROTECTION;
                 break;
             case 'unprotect':
                 $data['protection'] = $data['protection'] & ~FRONTEND_PROTECTION;
                 break;
             case 'lock':
                 $data['protection'] = $data['protection'] | BACKEND_PROTECTION;
                 break;
             case 'unlock':
                 $data['protection'] = $data['protection'] & ~BACKEND_PROTECTION;
                 break;
         }
         $logs[1]->setData($data);
         if (!empty($action) && $action != 'publish') {
             $data = $logs[0]->getData();
             if ($liveUpdateLog) {
                 $data = $liveUpdateLog->getData();
             }
             switch ($action) {
                 case 'activate':
                     $data['active'] = true;
                     break;
                 case 'deactivate':
                     $data['active'] = false;
                     break;
                 case 'show':
                     $data['display'] = true;
                     break;
                 case 'hide':
                     $data['display'] = false;
                     break;
                 case 'protect':
                     $data['protection'] = $data['protection'] | FRONTEND_PROTECTION;
                     break;
                 case 'unprotect':
                     $data['protection'] = $data['protection'] & ~FRONTEND_PROTECTION;
                     break;
                 case 'lock':
                     $data['protection'] = $data['protection'] | BACKEND_PROTECTION;
                     break;
                 case 'unlock':
                     $data['protection'] = $data['protection'] & ~BACKEND_PROTECTION;
                     break;
             }
             $logs[0]->setData($data);
         }
         $this->em->persist($logs[0]);
         $this->em->persist($logs[1]);
         $this->em->flush();
     }
     // get version
     // if it is a draft, don't take the last one
     $version = $page->getVersion()->getVersion();
     if ($page->isDraft()) {
         $version--;
     }
     return array('reload' => $reload, 'id' => $page->getId(), 'version' => $version, 'node' => $page->getNode()->getId(), 'lang' => \FWLanguage::getLanguageCodeById($page->getLang()));
 }