b2evolution PHP Cross Reference Blogging Systems

Source: /htsrv/item_edit.php - 359 lines - 11579 bytes - Text - Print

Description: Edit item with in-skin mode.

   1  <?php
   2  /**
   3   * Edit item with in-skin mode.
   4   *
   5   */
   6  
   7  require_once dirname(__FILE__).'/../conf/_config.php';
   8  
   9  require_once $inc_path.'_main.inc.php';
  10  
  11  if( empty( $Blog ) )
  12  {
  13      param( 'blog', 'integer', 0 );
  14  
  15      if( isset( $blog) && $blog > 0 )
  16      {
  17          $BlogCache = & get_BlogCache();
  18          $Blog = $BlogCache->get_by_ID( $blog, false, false );
  19      }
  20  }
  21  
  22  if( !empty( $Blog ) )
  23  {
  24      // Activate Blog locale because the new item was created in-skin
  25      locale_activate( $Blog->get('locale') );
  26  
  27      // Re-Init charset handling, in case current_charset has changed:
  28      init_charsets( $current_charset );
  29  }
  30  
  31  $post_ID = param ( 'post_ID', 'integer', 0 );
  32  
  33  /**
  34   * Basic security checks:
  35   */
  36  if( ! is_logged_in() )
  37  { // must be logged in!
  38      bad_request_die( T_('You are not logged in.') );
  39  }
  40  // check if user can edit this post
  41  check_item_perm_edit( $post_ID );
  42  
  43  $action = param_action();
  44  
  45  if( !empty( $action ) && $action != 'new' )
  46  { // Check that this action request is not a CSRF hacked request:
  47      $Session->assert_received_crumb( 'item' );
  48  }
  49  
  50  //$post_status = NULL;
  51  if( ( $action == 'create_publish' ) || ( $action == 'update_publish' ) )
  52  {
  53      $post_status = load_publish_status( $action == 'create_publish' );
  54      $action = substr( $action, 0, 6 );
  55  }
  56  else
  57  {
  58      $post_status = param( 'post_status', 'string', 'published' );
  59  }
  60  
  61  switch( $action )
  62  {
  63      case 'update' :
  64      case 'edit_switchtab' : // this gets set as action by JS, when we switch tabs
  65          // Load post to edit:
  66          $post_ID = param ( 'post_ID', 'integer', true, true );
  67          $ItemCache = & get_ItemCache ();
  68          $edited_Item = & $ItemCache->get_by_ID ( $post_ID );
  69  
  70          // Load the blog we're in:
  71          $Blog = & $edited_Item->get_Blog();
  72          set_working_blog( $Blog->ID );
  73  
  74          // Where are we going to redirect to?
  75          param( 'redirect_to', 'url', url_add_param( $admin_url, 'ctrl=items&filter=restore&blog='.$Blog->ID.'&highlight='.$edited_Item->ID, '&' ) );
  76  
  77          // What form button has been pressed?
  78          param( 'save', 'string', '' );
  79          $exit_after_save = ( $action != 'update_edit' );
  80          break;
  81  }
  82  
  83  switch( $action )
  84  {
  85      case 'new_switchtab': // this gets set as action by JS, when we switch tabs
  86          // New post form  (can be a bookmarklet form if mode == bookmarklet )
  87          load_class( 'items/model/_item.class.php', 'Item' );
  88          $edited_Item = new Item();
  89  
  90          $edited_Item->set('main_cat_ID', $Blog->get_default_cat_ID());
  91  
  92          // We use the request variables to fill the edit form, because we need to be able to pass those values
  93          // from tab to tab via javascript when the editor wants to switch views...
  94          // Also used by bookmarklet
  95          $edited_Item->load_from_Request( true ); // needs Blog set
  96  
  97          $edited_Item->status = $post_status;        // 'published' or 'draft' or ...
  98          // We know we can use at least one status,
  99          // but we need to make sure the requested/default one is ok:
 100          $edited_Item->status = $Blog->get_allowed_item_status ( $edited_Item->status );
 101  
 102          // Check if new category was started to create. If yes then set up parameters for next page
 103          check_categories_nosave ( $post_category, $post_extracats );
 104  
 105          $edited_Item->set ( 'main_cat_ID', $post_category );
 106          if( $edited_Item->main_cat_ID && ( get_allow_cross_posting() < 2 ) && $edited_Item->get_blog_ID() != $blog )
 107          { // the main cat is not in the list of categories; this happens, if the user switches blogs during editing:
 108              $edited_Item->set('main_cat_ID', $Blog->get_default_cat_ID());
 109          }
 110          $post_extracats = param( 'post_extracats', 'array/integer', $post_extracats );
 111  
 112          param( 'item_tags', 'string', '' );
 113  
 114          // Trackback addresses (never saved into item)
 115          param( 'trackback_url', 'string', '' );
 116  
 117          // Params we need for tab switching:
 118          $tab_switch_params = 'blog='.$blog;
 119  
 120          // Where are we going to redirect to?
 121          param( 'redirect_to', 'url', url_add_param( $admin_url, 'ctrl=items&filter=restore&blog='.$Blog->ID, '&' ) );
 122          break;
 123  
 124      case 'edit_switchtab': // this gets set as action by JS, when we switch tabs
 125          // Check permission based on DB status:
 126          $current_User->check_perm( 'item_post!CURSTATUS', 'edit', true, $edited_Item );
 127  
 128          $edited_Item->status = $post_status;        // 'published' or 'draft' or ...
 129          // We know we can use at least one status,
 130          // but we need to make sure the requested/default one is ok:
 131          $edited_Item->status = $Blog->get_allowed_item_status( $edited_Item->status );
 132  
 133          // We use the request variables to fill the edit form, because we need to be able to pass those values
 134          // from tab to tab via javascript when the editor wants to switch views...
 135          $edited_Item->load_from_Request ( true ); // needs Blog set
 136  
 137          // Check if new category was started to create. If yes then set up parameters for next page
 138          check_categories_nosave ( $post_category, $post_extracats );
 139  
 140          $edited_Item->set ( 'main_cat_ID', $post_category );
 141          if( $edited_Item->main_cat_ID && ( get_allow_cross_posting() < 2 ) && $edited_Item->get_blog_ID() != $blog )
 142          { // the main cat is not in the list of categories; this happens, if the user switches blogs during editing:
 143              $edited_Item->set('main_cat_ID', $Blog->get_default_cat_ID());
 144          }
 145          $post_extracats = param( 'post_extracats', 'array/integer', $post_extracats );
 146  
 147          param( 'item_tags', 'string', '' );
 148  
 149          // Trackback addresses (never saved into item)
 150          param( 'trackback_url', 'string', '' );
 151  
 152          // Params we need for tab switching:
 153          $tab_switch_params = 'p='.$edited_Item->ID;
 154          break;
 155  
 156      case 'create': // Create a new post
 157          $exit_after_save = ( $action != 'create_edit' );
 158  
 159          // Check if new category was started to create. If yes check if it is valid.
 160          check_categories ( $post_category, $post_extracats );
 161  
 162          // Check permission on statuses:
 163          $current_User->check_perm( 'cats_post!'.$post_status, 'create', true, $post_extracats );
 164          // Check permission on post type:
 165          check_perm_posttype( $post_extracats );
 166  
 167          // CREATE NEW POST:
 168          load_class( 'items/model/_item.class.php', 'Item' );
 169          $edited_Item = new Item();
 170  
 171          // Set the params we already got:
 172          $edited_Item->set( 'status', $post_status );
 173          $edited_Item->set( 'main_cat_ID', $post_category );
 174          $edited_Item->set( 'extra_cat_IDs', $post_extracats );
 175  
 176          // Set object params:
 177          $edited_Item->load_from_Request( /* editing? */ ($action == 'create_edit'), /* creating? */ true );
 178  
 179          $Plugins->trigger_event ( 'AdminBeforeItemEditCreate', array ('Item' => & $edited_Item ) );
 180  
 181          if( !empty( $mass_create ) )
 182          {    // ------ MASS CREATE ------
 183              $Items = & create_multiple_posts( $edited_Item, param( 'paragraphs_linebreak', 'boolean', 0 ) );
 184              if( empty( $Items ) )
 185              {
 186                  param_error( 'content', T_( 'Content must not be empty.' ) );
 187              }
 188          }
 189  
 190          if( $Messages->has_errors() )
 191          {
 192              if( !empty( $mass_create ) )
 193              {
 194                  $action = 'new_mass';
 195              }
 196              // There have been some validation errors:
 197              // Params we need for tab switching:
 198              $tab_switch_params = 'blog='.$blog;
 199              break;
 200          }
 201  
 202          if( isset( $Items ) && !empty( $Items ) )
 203          {    // We can create multiple posts from single post
 204              foreach( $Items as $edited_Item )
 205              {    // INSERT NEW POST INTO DB:
 206                  $edited_Item->dbinsert();
 207              }
 208          }
 209          else
 210          {    // INSERT NEW POST INTO DB:
 211              $edited_Item->dbinsert();
 212          }
 213  
 214          param( 'is_attachments', 'string' );
 215          if( !empty( $is_attachments ) && $is_attachments === 'true' )
 216          { // Set session variable to dynamically create js popup:
 217              $Session->set('create_edit_attachment', true);
 218          }
 219  
 220          // post post-publishing operations:
 221          param( 'trackback_url', 'string' );
 222          if( !empty( $trackback_url ) )
 223          {
 224              if( $edited_Item->status != 'published' )
 225              {
 226                  $Messages->add( T_('Post not publicly published: skipping trackback...'), 'note' );
 227              }
 228              else
 229              { // trackback now:
 230                  load_funcs('comments/_trackback.funcs.php');
 231                  trackbacks( $trackback_url, $edited_Item );
 232              }
 233          }
 234  
 235          // Execute or schedule notifications & pings:
 236          $edited_Item->handle_post_processing( true, $exit_after_save );
 237  
 238          $Messages->add( T_('Post has been created.'), 'success' );
 239  
 240          if( ! $exit_after_save )
 241          {    // We want to continue editing...
 242              $tab_switch_params = 'p='.$edited_Item->ID;
 243              $action = 'edit';    // It's basically as if we had updated
 244              break;
 245          }
 246  
 247          // REDIRECT / EXIT
 248          header_redirect( $edited_Item->get_tinyurl() );
 249          break;
 250  
 251      case 'update': // Update an existing post
 252          // Check that this action request is not a CSRF hacked request:
 253          $Session->assert_received_crumb( 'item' );
 254  
 255          // Check edit permission:
 256          $current_User->check_perm( 'item_post!CURSTATUS', 'edit', true, $edited_Item );
 257  
 258          // Check if new category was started to create.  If yes check if it is valid.
 259          $isset_category = check_categories ( $post_category, $post_extracats );
 260  
 261          // Check permission on statuses:
 262          $current_User->check_perm( 'cats_post!'.$post_status, 'edit', true, $post_extracats );
 263          // Check permission on post type:
 264          check_perm_posttype( $post_extracats );
 265  
 266          // UPDATE POST:
 267          // Set the params we already got:
 268          $edited_Item->set ( 'status', $post_status );
 269  
 270          if( $isset_category )
 271          { // we change the categories only if the check was succesfull
 272              $edited_Item->set ( 'main_cat_ID', $post_category );
 273              $edited_Item->set ( 'extra_cat_IDs', $post_extracats );
 274          }
 275  
 276          // Set object params:
 277          $edited_Item->load_from_Request( false );
 278  
 279          $Plugins->trigger_event( 'AdminBeforeItemEditUpdate', array( 'Item' => & $edited_Item ) );
 280  
 281          // Params we need for tab switching (in case of error or if we save&edit)
 282          $tab_switch_params = 'p='.$edited_Item->ID;
 283  
 284          if( $Messages->has_errors() )
 285          { // There have been some validation errors:
 286              break;
 287          }
 288  
 289          // UPDATE POST IN DB:
 290          $edited_Item->dbupdate();
 291  
 292          // post post-publishing operations:
 293          param( 'trackback_url', 'string' );
 294          if( !empty( $trackback_url ) )
 295          {
 296              if( $edited_Item->status != 'published' )
 297              {
 298                  $Messages->add( T_('Post not publicly published: skipping trackback...'), 'note' );
 299              }
 300              else
 301              { // trackback now:
 302                  load_funcs('comments/_trackback.funcs.php');
 303                  trackbacks( $trackback_url, $edited_Item );
 304              }
 305          }
 306  
 307          // Execute or schedule notifications & pings:
 308          $edited_Item->handle_post_processing( false, $exit_after_save );
 309  
 310          $Messages->add( T_('Post has been updated.'), 'success' );
 311  
 312          $inskin_statuses = get_inskin_statuses();
 313          if( ! in_array( $post_status, $inskin_statuses ) )
 314          { // If post is not published we show it in the Back-office
 315              $edited_Item->load_Blog();
 316              if( $post_status == 'redirected' )
 317              { // If a post is in "Redirected" status - redirect to homepage of the blog
 318                  $redirect_to = $edited_Item->Blog->gen_baseurl();
 319              }
 320              else
 321              { // Redirect to view post in the Back-office
 322                  $redirect_to = url_add_param( $admin_url, 'ctrl=items&blog='.$edited_Item->Blog->ID.'&p='.$edited_Item->ID, '&' );
 323              }
 324          }
 325          else
 326          { // User can see this post in the Front-office
 327              if( $edited_Item->ptyp_ID == 1520 )
 328              { // If post is category intro we should redirect to page of that category
 329                  $main_Chapter = & $edited_Item->get_main_Chapter();
 330                  $redirect_to = $main_Chapter->get_permanent_url();
 331              }
 332              else
 333              { // Redirect to post permanent url for all other posts
 334                  $redirect_to = $edited_Item->get_permanent_url();
 335              }
 336          }
 337  
 338          // REDIRECT / EXIT
 339          header_redirect( $redirect_to );
 340          /* EXITED */
 341          break;
 342  }
 343  
 344  // Require datapicker.css
 345  require_css( 'ui.datepicker.css' );
 346  // Require results.css to display attachments as a result table
 347  require_css( 'results.css' );
 348  
 349  init_tokeninput_js();
 350  
 351  // Display a 'In-skin editing' form
 352  $SkinCache = & get_SkinCache();
 353  $Skin = & $SkinCache->get_by_ID( $Blog->get_skin_ID() );
 354  $skin = $Skin->folder;
 355  $disp = 'edit';
 356  $ads_current_skin_path = $skins_path.$skin.'/';
 357  require $ads_current_skin_path.'index.main.php';
 358  
 359  ?>

title

Description

title

Description

title

Description

title

title

Body