/** * Saves the content item an edit form submit */ function saveContent(&$access) { global $database, $mainframe, $my; global $mosConfig_absolute_path; $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (trim($row->publish_down) == 'Never') { $row->publish_down = '0000-00-00 00:00:00'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (mosGetParam($_REQUEST, 'frontpage', 0)) { // toggles go to first place if (!$fp->load($row->id)) { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$row->id}','1')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid='{$row->catid}'"); // gets section name of item $database->setQuery("SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = '" . $row->sectionid . "'"); // gets category name of item $section = $database->loadResult(); $database->setQuery("SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = '" . $row->catid . "'"); $category = $database->loadResult(); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $database->setQuery("SELECT id FROM #__users WHERE sendEmail = '1'"); $users = $database->loadResultArray(); foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, "New Item", sprintf(_ON_NEW_CONTENT, $my->username, $row->title, $section, $category)); } } $Itemid = mosGetParam($_POST, 'Returnid', '0'); mosRedirect('index.php?option=com_content&task=view&id=' . $row->id . '&Itemid=' . $Itemid, $isNew ? _THANK_SUB : _E_ITEM_SAVED); }
function saveOrder(&$cid) { global $database; josSpoofCheck(); $total = count($cid); $order = josGetArrayInts('order'); $row = new mosContent($database); $conditions = array(); // update ordering values for ($i = 0; $i < $total; $i++) { $row->load((int) $cid[$i]); if ($row->ordering != $order[$i]) { $row->ordering = $order[$i]; if (!$row->store()) { echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n"; exit; } // if // remember to updateOrder this group $condition = "catid=" . (int) $row->catid . " AND state >= 0"; $found = false; foreach ($conditions as $cond) { if ($cond[1] == $condition) { $found = true; break; } } // if if (!$found) { $conditions[] = array($row->id, $condition); } } // if } // for // execute updateOrder for each group foreach ($conditions as $cond) { $row->load($cond[0]); $row->updateOrder($cond[1]); } // foreach // clean any existing cache files mosCache::cleanCache('com_content'); $msg = 'New ordering saved'; mosRedirect('index2.php?option=com_typedcontent', $msg); }
/** * saves Copies of items **/ function copyItemSave($cid, $sectionid, $option) { global $database, $my, $adminLanguage; $sectcat = mosGetParam($_POST, 'sectcat', ''); //seperate sections and categories from selection $sectcat = explode(',', $sectcat); list($newsect, $newcat) = $sectcat; if (!$newsect && !$newcat) { mosRedirect("index.php?option=com_content§ionid=" . $sectionid . "&mosmsg=" . $adminLanguage->A_COMP_CONTENT_ERR_OCCURRED); } // find section name $query = "SELECT a.name" . "\n FROM #__sections AS a" . "\n WHERE a.id = " . $newsect . ""; $database->setQuery($query); $section = $database->loadResult(); // find category name $query = "SELECT a.name" . "\n FROM #__categories AS a" . "\n WHERE a.id = " . $newcat . ""; $database->setQuery($query); $category = $database->loadResult(); $total = count($cid); for ($i = 0; $i < $total; $i++) { $row = new mosContent($database); // main query $query = "SELECT a.* FROM mos_content AS a" . "\n WHERE a.id = " . $cid[$i] . ""; $database->setQuery($query); $item = $database->loadObjectList(); // values loaded into array set for store $row->id = NULL; $row->sectionid = $newsect; $row->catid = $newcat; $row->hits = '0'; $row->ordering = '0'; $row->title = $item[0]->title; $row->title_alias = $item[0]->title_alias; $row->introtext = $item[0]->introtext; $row->fulltext = $item[0]->fulltext; $row->state = $item[0]->state; $row->mask = $item[0]->mask; $row->created = $item[0]->created; $row->created_by = $item[0]->created_by; $row->created_by_alias = $item[0]->created_by_alias; $row->modified = $item[0]->modified; $row->modified_by = $item[0]->modified_by; $row->checked_out = $item[0]->checked_out; $row->checked_out_time = $item[0]->checked_out_time; $row->frontpage_up = $item[0]->frontpage_up; $row->frontpage_down = $item[0]->frontpage_down; $row->publish_up = $item[0]->publish_up; $row->publish_down = $item[0]->publish_down; $row->images = $item[0]->images; $row->attribs = $item[0]->attribs; $row->version = $item[0]->parentid; $row->parentid = $item[0]->parentid; $row->metakey = $item[0]->metakey; $row->metadesc = $item[0]->metadesc; $row->access = $item[0]->access; if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->updateOrder("catid='" . $row->catid . "' AND state >= 0"); } $msg = $total . " " . $adminLanguage->A_COMP_CONTENT_COPIED . ": " . $section . ", " . $adminLanguage->A_COMP_CATEG . ": " . $category; mosRedirect('index2.php?option=' . $option . '§ionid=' . $sectionid . '&mosmsg=' . $msg); }
/** * Saves the content item an edit form submit */ function saveContent(&$access, $task) { global $database, $mainframe, $my; global $mosConfig_absolute_path, $mosConfig_offset, $Itemid; // simple spoof check security josSpoofCheck(); $nullDate = $database->getNullDate(); $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitise id field $row->id = (int) $row->id; $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $row->publish_up = mosFormatDate($row->publish_up, _CURRENT_SERVER_TIME_FORMAT, -$mosConfig_offset); if (trim($row->publish_down) == 'Never' || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $row->publish_down = mosFormatDate($row->publish_down, _CURRENT_SERVER_TIME_FORMAT, -$mosConfig_offset); } // code cleaner for xhtml transitional compliance $row->introtext = str_replace('<br>', '<br />', $row->introtext); $row->fulltext = str_replace('<br>', '<br />', $row->fulltext); // remove <br /> take being automatically added to empty fulltext $length = strlen($row->fulltext) < 9; $search = strstr($row->fulltext, '<br />'); if ($length && $search) { $row->fulltext = NULL; } $row->title = ampReplace($row->title); // Publishing state hardening for Authors if (!$access->canPublish) { if ($isNew) { // For new items - author is not allowed to publish - prevent them from doing so $row->state = 0; } else { // For existing items keep existing state - author is not allowed to change status $query = "SELECT state" . "\n FROM #__content" . "\n WHERE id = " . (int) $row->id; $database->setQuery($query); $state = $database->loadResult(); if ($state) { $row->state = 1; } else { $row->state = 0; } } } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (intval(mosGetParam($_REQUEST, 'frontpage', 0))) { // toggles go to first place if (!$fp->load((int) $row->id)) { // new entry $query = "INSERT INTO #__content_frontpage" . "\n VALUES ( " . (int) $row->id . ", 1 )"; $database->setQuery($query); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete((int) $row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid = " . (int) $row->catid); // gets section name of item $query = "SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = " . (int) $row->sectionid; $database->setQuery($query); // gets category name of item $section = $database->loadResult(); $query = "SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = " . (int) $row->catid; $database->setQuery($query); $category = $database->loadResult(); $category = stripslashes($category); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $query = "SELECT id" . "\n FROM #__users" . "\n WHERE sendEmail = 1"; $database->setQuery($query); $users = $database->loadResultArray(); foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, "New Item", sprintf(_ON_NEW_CONTENT, $my->username, $row->title, $section, $category)); } } $msg = $isNew ? _THANK_SUB : _E_ITEM_SAVED; $msg = $my->usertype == 'Publisher' ? _THANK_SUB_PUB : $msg; switch ($task) { case 'apply': $link = $_SERVER['HTTP_REFERER']; break; case 'apply_new': $Itemid = intval(mosGetParam($_POST, 'Returnid', $Itemid)); $link = 'index.php?option=com_content&task=edit&id=' . $row->id . '&Itemid=' . $Itemid; break; case 'save': default: $Itemid = mosGetParam($_POST, 'Returnid', ''); if ($Itemid) { if ($access->canEdit) { $link = 'index.php?option=com_content&task=view&id=' . $row->id . '&Itemid=' . $Itemid; } else { $link = 'index.php'; } } else { $link = strval(mosGetParam($_POST, 'referer', '')); } break; } mosRedirect($link, $msg); }
function saveOrder(&$cid) { global $database; $order = mosGetParam($_POST, 'order', array(0)); $redirect = mosGetParam($_POST, 'redirect', 0); $rettask = mosGetParam($_POST, 'returntask', ''); $row = new mosContent($database); $categories = array(); // update ordering values foreach ($cid as $i => $ciditem) { $row->load($ciditem); if ($row->ordering != $order[$i]) { $row->ordering = $order[$i]; if (!$row->store()) { echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n"; exit; } // remember to updateOrder this group $categories[$row->catid] = $row->id; } } // execute updateOrder for each group foreach ($categories as $catid => $rowid) { $row->updateOrder("catid = {$catid} AND state >= 0"); } // foreach $msg = T_('New ordering saved'); switch ($rettask) { case 'showarchive': mosRedirect('index2.php?option=com_content&task=showarchive§ionid=' . $redirect, $msg); break; default: mosRedirect('index2.php?option=com_content§ionid=' . $redirect, $msg); break; } // switch }
function saveOrder(&$cid) { global $database; josSpoofCheck(); $total = count($cid); $redirect = mosGetParam($_POST, 'redirect', 0); $rettask = strval(mosGetParam($_POST, 'returntask', '')); $order = josGetArrayInts('order'); $row = new mosContent($database); $conditions = array(); // update ordering values for ($i = 0; $i < $total; $i++) { $row->load((int) $cid[$i]); if ($row->ordering != $order[$i]) { $row->ordering = $order[$i]; if (!$row->store()) { echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n"; exit; } // if // remember to updateOrder this group $condition = "catid = " . (int) $row->catid . " AND state >= 0"; $found = false; foreach ($conditions as $cond) { if ($cond[1] == $condition) { $found = true; break; } } // if if (!$found) { $conditions[] = array($row->id, $condition); } } // if } // for // execute updateOrder for each group foreach ($conditions as $cond) { $row->load($cond[0]); $row->updateOrder($cond[1]); } // foreach // clean any existing cache files mosCache::cleanCache('com_content'); $msg = 'Nova ordenação salva'; switch ($rettask) { case 'showarchive': mosRedirect('index2.php?option=com_content&task=showarchive§ionid=' . $redirect, $msg); break; default: mosRedirect('index2.php?option=com_content§ionid=' . $redirect, $msg); break; } // switch }
/** * Saves the content item an edit form submit */ function saveContent(&$access) { global $database, $mainframe, $my; global $mosConfig_absolute_path; $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitize $row->id = intval($row->id); $row->catid = intval($row->catid); $row->sectionid = intval($row->sectionid); $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (trim($row->publish_down) == 'Never') { $row->publish_down = '0000-00-00 00:00:00'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (mosGetParam($_REQUEST, 'frontpage', 0)) { // toggles go to first place if (!$fp->load($row->id)) { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$row->id}','1')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid='{$row->catid}'"); // gets section name of item $database->setQuery("SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = '" . $row->sectionid . "'"); // gets category name of item $section = $database->loadResult(); $database->setQuery("SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = '" . $row->catid . "'"); $category = $database->loadResult(); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $database->setQuery("SELECT id FROM #__users WHERE sendEmail = '1'"); $users = $database->loadResultArray(); if ($users) { foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, T_("New Item"), sprintf(T_('A new content item has been submitted by [ %s ] titled [ %s ] from section [ %s ] and category [ %s ]'), $my->username, $row->title, $section, $category)); } } } $Itemid = mosGetParam($_POST, 'Returnid', '0'); $msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : T_('Item saved successfully.'); mosRedirect('index.php', $msg); }