Revision 1457
Added by Dietmar almost 13 years ago
save_post.php | ||
---|---|---|
16 | 16 |
* |
17 | 17 |
*/ |
18 | 18 |
|
19 |
require('../../config.php'); |
|
19 |
function createNewsAccessFile($newLink, $oldLink, $page_id, $section_id, $post_id) |
|
20 |
{ |
|
21 |
global $admin, $MESSAGE; |
|
22 |
$sPagesPath = WB_PATH.PAGES_DIRECTORY; |
|
23 |
$sPostsPath = $sPagesPath.'/posts'; |
|
24 |
// create /posts/ - directory if not exists |
|
25 |
if(!file_exists($sPostsPath)) { |
|
26 |
if(is_writable($sPagesPath)) { |
|
27 |
make_dir(WB_PATH.PAGES_DIRECTORY.'/posts/'); |
|
28 |
}else { |
|
29 |
$admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']); |
|
30 |
} |
|
31 |
} |
|
32 |
// check if /posts/ - dir is writable |
|
33 |
if(!is_writable($sPostsPath.'/')) { |
|
34 |
$admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']); |
|
35 |
} |
|
36 |
// delete old accessfile if link has changed |
|
37 |
if(($newLink != $oldLink) && (is_writable($sPostsPath.$oldLink.PAGE_EXTENSION))) { |
|
38 |
if(!unlink($sPostsPath.$oldLink.PAGE_EXTENSION)) { |
|
39 |
$admin->print_error($MESSAGE['PAGES_CANNOT_DELETE_ACCESS_FILE'].' - '.$oldLink); |
|
40 |
} |
|
41 |
} |
|
42 |
// all ok, now create new accessfile |
|
43 |
$newFile = $sPagesPath.$newLink.PAGE_EXTENSION; |
|
44 |
// $backSteps = preg_replace('/^'.preg_quote(WB_PATH).'/', '', $sPostsPath); |
|
45 |
$backSteps = preg_replace('@^'.preg_quote(WB_PATH).'@', '', $sPostsPath); |
|
46 |
$backSteps = str_repeat( '../', substr_count($backSteps, '/')); |
|
47 |
$content = |
|
48 |
'<?php'."\n". |
|
49 |
'// *** This file is generated by WebsiteBaker Ver.'.WB_VERSION."\n". |
|
50 |
'// *** Creation date: '.date('c')."\n". |
|
51 |
'// *** Do not modify this file manually'."\n". |
|
52 |
'// *** WB will rebuild this file from time to time!!'."\n". |
|
53 |
'// *************************************************'."\n". |
|
54 |
"\t".'$page_id = '.$page_id.';'."\n". |
|
55 |
"\t".'$section_id = '.$section_id.';'."\n". |
|
56 |
"\t".'$post_id = '.$post_id.';'."\n". |
|
57 |
"\t".'$post_section = '.$section_id.';'."\n". |
|
58 |
// "\t".'define(\'POST_SECTION\', '.$section_id.');'."\n". |
|
59 |
// "\t".'define(\'POST_ID\', '.$post_id.');'."\n". |
|
60 |
"\t".'require(\''.$backSteps.'index.php\');'."\n". |
|
61 |
'// *************************************************'."\n"; |
|
62 |
if( file_put_contents($newFile, $content) !== false ) { |
|
63 |
// Chmod the file |
|
64 |
change_mode($newFile); |
|
65 |
}else { |
|
66 |
$admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'],ADMIN_URL.'/pages/modify.php?page_id='.$page_id); |
|
67 |
// $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'].': '.$newFile); |
|
20 | 68 |
|
21 |
require_once(WB_PATH."/include/jscalendar/jscalendar-functions.php"); |
|
69 |
} |
|
70 |
} // end of function createNewsAccessFile |
|
71 |
/* ************************************************************************** */ |
|
72 |
require('../../config.php'); |
|
73 |
require_once(WB_PATH."/include/jscalendar/jscalendar-functions.php"); |
|
74 |
// Get post_id |
|
75 |
if(!isset($_POST['post_id']) OR !is_numeric($_POST['post_id'])) { |
|
76 |
header("Location: ".ADMIN_URL."/pages/index.php"); |
|
77 |
exit( 0 ); |
|
78 |
}else { |
|
79 |
$post_id = intval($_POST['post_id']); |
|
80 |
} |
|
22 | 81 |
|
23 |
// Get id |
|
24 |
if(!isset($_POST['post_id']) OR !is_numeric($_POST['post_id'])) |
|
25 |
{ |
|
26 |
header("Location: ".ADMIN_URL."/pages/index.php"); |
|
27 |
exit( 0 ); |
|
28 |
} |
|
29 |
else |
|
30 |
{ |
|
31 |
$id = (int)$_POST['post_id']; |
|
32 |
$post_id = $id; |
|
33 |
} |
|
82 |
$admin_header = false; |
|
83 |
// Tells script to update when this page was last updated |
|
84 |
$update_when_modified = true; |
|
85 |
// Include WB admin wrapper script |
|
86 |
require(WB_PATH.'/modules/admin.php'); |
|
34 | 87 |
|
35 |
// Include WB admin wrapper script |
|
36 |
$update_when_modified = true; // Tells script to update when this page was last updated |
|
37 |
require(WB_PATH.'/modules/admin.php'); |
|
38 |
|
|
39 |
if (!$admin->checkFTAN()) |
|
40 |
{ |
|
41 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id ); |
|
42 |
exit(); |
|
43 |
} |
|
44 |
|
|
45 |
function create_file($filename, $filetime=NULL ) |
|
46 |
{ |
|
47 |
global $page_id, $section_id, $post_id; |
|
48 |
|
|
49 |
// We need to create a new file |
|
50 |
// First, delete old file if it exists |
|
51 |
if(file_exists(WB_PATH.PAGES_DIRECTORY.$filename.PAGE_EXTENSION)) |
|
52 |
{ |
|
53 |
$filetime = isset($filetime) ? $filetime : filemtime($filename); |
|
54 |
unlink(WB_PATH.PAGES_DIRECTORY.$filename.PAGE_EXTENSION); |
|
88 |
if (!$admin->checkFTAN()) { |
|
89 |
$admin->print_header(); |
|
90 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], |
|
91 |
ADMIN_URL.'/pages/modify.php?page_id='.$page_id ); |
|
55 | 92 |
} |
56 |
else { |
|
57 |
$filetime = isset($filetime) ? $filetime : time(); |
|
58 |
} |
|
59 |
// The depth of the page directory in the directory hierarchy |
|
60 |
// '/pages' is at depth 1 |
|
61 |
$pages_dir_depth = count(explode('/',PAGES_DIRECTORY))-1; |
|
62 |
// Work-out how many ../'s we need to get to the index page |
|
63 |
$index_location = '../'; |
|
64 |
for($i = 0; $i < $pages_dir_depth; $i++) |
|
65 |
{ |
|
66 |
$index_location .= '../'; |
|
67 |
} |
|
93 |
$admin->print_header(); |
|
68 | 94 |
|
69 |
// Write to the filename |
|
70 |
$content = ''. |
|
71 |
'<?php |
|
72 |
$page_id = '.$page_id.'; |
|
73 |
$section_id = '.$section_id.'; |
|
74 |
$post_id = '.$post_id.'; |
|
75 |
define("POST_SECTION", $section_id); |
|
76 |
define("POST_ID", $post_id); |
|
77 |
require("'.$index_location.'config.php"); |
|
78 |
require(WB_PATH."/index.php"); |
|
79 |
?>'; |
|
80 |
if($handle = fopen($filename, 'w+')) |
|
81 |
{ |
|
82 |
fwrite($handle, $content); |
|
83 |
fclose($handle); |
|
84 |
if($filetime) |
|
85 |
{ |
|
86 |
touch($filename, $filetime); |
|
87 |
} |
|
88 |
change_mode($filename); |
|
89 |
} |
|
90 |
|
|
91 |
} |
|
92 |
|
|
93 | 95 |
// Validate all fields |
94 |
if($admin->get_post('title') == '' AND $admin->get_post('url') == '') |
|
95 |
{ |
|
96 |
$admin->print_error($MESSAGE['GENERIC']['FILL_IN_ALL'], WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.'§ion_id='.$section_id.'&post_id='.$admin->getIDKEY($id)); |
|
97 |
} |
|
98 |
else |
|
99 |
{ |
|
100 |
$title = $admin->get_post_escaped('title'); |
|
101 |
$short = $admin->get_post_escaped('short'); |
|
102 |
$long = $admin->get_post_escaped('long'); |
|
103 |
$commenting = $admin->get_post_escaped('commenting'); |
|
104 |
$active = $admin->get_post_escaped('active'); |
|
105 |
$old_link = $admin->get_post_escaped('link'); |
|
106 |
$group_id = $admin->get_post_escaped('group'); |
|
107 |
} |
|
108 |
|
|
96 |
if($admin->get_post('title') == '' AND $admin->get_post('url') == '') { |
|
97 |
$recallUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id. |
|
98 |
'§ion_id='.$section_id.'&post_id='.$admin->getIDKEY($post_id); |
|
99 |
$admin->print_error($MESSAGE['GENERIC']['FILL_IN_ALL'], $recallUrl); |
|
100 |
}else { |
|
101 |
$title = $admin->get_post_escaped('title'); |
|
102 |
$short = $admin->get_post_escaped('short'); |
|
103 |
$long = $admin->get_post_escaped('long'); |
|
104 |
$commenting = $admin->get_post_escaped('commenting'); |
|
105 |
$active = $admin->get_post_escaped('active'); |
|
106 |
$old_link = $admin->get_post_escaped('link'); |
|
107 |
$group_id = $admin->get_post_escaped('group'); |
|
108 |
} |
|
109 | 109 |
// Get page link URL |
110 |
$query_page = $database->query("SELECT level,link FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'"); |
|
111 |
$page = $query_page->fetchRow(); |
|
112 |
$page_level = $page['level']; |
|
113 |
$page_link = $page['link']; |
|
114 |
|
|
110 |
$sql = 'SELECT `link` FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page_id; |
|
111 |
$oldLink = $database->get_one($sql); |
|
115 | 112 |
// Include WB functions file |
116 |
require(WB_PATH.'/framework/functions.php'); |
|
117 |
|
|
113 |
require(WB_PATH.'/framework/functions.php'); |
|
118 | 114 |
// Work-out what the link should be |
119 |
$post_link = '/posts/'.page_filename($title).PAGE_SPACER.$post_id; |
|
120 |
|
|
121 |
// Make sure the post link is set and exists |
|
122 |
// Make news post access files dir |
|
123 |
make_dir(WB_PATH.PAGES_DIRECTORY.'/posts/'); |
|
124 |
$file_create_time = ''; |
|
125 |
if(!is_writable(WB_PATH.PAGES_DIRECTORY.'/posts/')) |
|
126 |
{ |
|
127 |
$admin->print_error($MESSAGE['PAGES']['CANNOT_CREATE_ACCESS_FILE']); |
|
128 |
} |
|
129 |
elseif(($old_link != $post_link) OR !file_exists(WB_PATH.PAGES_DIRECTORY.$post_link.PAGE_EXTENSION)) |
|
130 |
{ |
|
131 |
// We need to create a new file |
|
132 |
// First, delete old file if it exists |
|
133 |
if(file_exists(WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION)) |
|
134 |
{ |
|
135 |
$file_create_time = filemtime($old_link.PAGE_EXTENSION); |
|
136 |
unlink(WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION); |
|
137 |
} |
|
138 |
|
|
139 |
// Specify the filename |
|
140 |
$filename = WB_PATH.PAGES_DIRECTORY.'/'.$post_link.PAGE_EXTENSION; |
|
141 |
create_file($filename, $file_create_time); |
|
142 |
} |
|
143 |
|
|
144 |
|
|
115 |
$newLink = '/posts/'.page_filename($title).PAGE_SPACER.$post_id; |
|
116 |
// create new accessfile |
|
117 |
createNewsAccessFile($newLink, $oldLink, $page_id, $section_id, $post_id); |
|
145 | 118 |
// get publisedwhen and publisheduntil |
146 |
$publishedwhen = jscalendar_to_timestamp($admin->get_post_escaped('publishdate')); |
|
147 |
if($publishedwhen == '' || $publishedwhen < 1) |
|
148 |
$publishedwhen=0; |
|
149 |
$publisheduntil = jscalendar_to_timestamp($admin->get_post_escaped('enddate'), $publishedwhen); |
|
150 |
if($publisheduntil == '' || $publisheduntil < 1) |
|
151 |
$publisheduntil=0; |
|
152 |
|
|
119 |
$publishedwhen = jscalendar_to_timestamp($admin->get_post_escaped('publishdate')); |
|
120 |
if($publishedwhen == '' || $publishedwhen < 1) { $publishedwhen=0; } |
|
121 |
$publisheduntil = jscalendar_to_timestamp($admin->get_post_escaped('enddate'), $publishedwhen); |
|
122 |
if($publisheduntil == '' || $publisheduntil < 1) { $publisheduntil=0; } |
|
153 | 123 |
// Update row |
154 |
$database->query("UPDATE ".TABLE_PREFIX."mod_news_posts SET group_id = '$group_id', title = '$title', link = '$post_link', content_short = '$short', content_long = '$long', commenting = '$commenting', active = '$active', published_when = '$publishedwhen', published_until = '$publisheduntil', posted_when = '".time()."', posted_by = '".$admin->get_user_id()."' WHERE post_id = '$post_id'"); |
|
155 |
|
|
124 |
$sql = 'UPDATE `'.TABLE_PREFIX.'mod_news_posts` '; |
|
125 |
$sql .= 'SET `group_id`='.(int)$group_id.', '; |
|
126 |
$sql .= '`title`=\''.$title.'\', '; |
|
127 |
$sql .= '`link`=\''.$newLink.'\', '; |
|
128 |
$sql .= '`content_short`=\''.$short.'\', '; |
|
129 |
$sql .= '`content_long`=\''.$long.'\', '; |
|
130 |
$sql .= '`commenting`=\''.$commenting.'\', '; |
|
131 |
$sql .= '`active`='.(int)$active.', '; |
|
132 |
$sql .= '`published_when`='.(int)$publishedwhen.', '; |
|
133 |
$sql .= '`published_until`='.(int)$publisheduntil.', '; |
|
134 |
$sql .= '`posted_when`='.time().', '; |
|
135 |
$sql .= '`posted_by`='.(int)$admin->get_user_id().' '; |
|
136 |
$sql .= 'WHERE `post_id`='.(int)$post_id; |
|
137 |
$database->query($sql); |
|
156 | 138 |
// Check if there is a db error, otherwise say successful |
157 |
if($database->is_error()) |
|
158 |
{ |
|
159 |
$admin->print_error($database->get_error(), WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.'§ion_id='.$section_id.'&post_id='.$admin->getIDKEY($id)); |
|
160 |
} |
|
161 |
else |
|
162 |
{ |
|
163 |
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id); |
|
164 |
} |
|
165 |
|
|
139 |
if($database->is_error()) { |
|
140 |
$recallUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id. |
|
141 |
'§ion_id='.$section_id.'&post_id='.$admin->getIDKEY($post_id); |
|
142 |
$admin->print_error($database->get_error(), $recallUrl); |
|
143 |
}else { |
|
144 |
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id); |
|
145 |
} |
|
166 | 146 |
// Print admin footer |
167 |
$admin->print_footer(); |
|
168 |
|
|
169 |
?> |
|
147 |
$admin->print_footer(); |
|
170 | 148 |
Also available in: Unified diff
Preparing 2.8.2 stable, last tests