WB 2.11.0

<?php

/**

 *

 * @category        modules

 * @package         news

 * @author          WebsiteBaker Project

 * @copyright       WebsiteBaker Org. e.V.

 * @link            http://websitebaker.org/

 * @license         http://www.gnu.org/licenses/gpl.html

 * @platform        WebsiteBaker 2.8.3

 * @requirements    PHP 5.3.6 and higher

 * @version         $Id$

 * @filesource      $HeadURL$

 * @lastmodified    $Date$

 *

 */

   function createNewsAccessFile($newLink, $oldLink, $page_id, $section_id, $post_id)

   {

      global $admin, $MESSAGE;

      $sPagesPath = WB_PATH.PAGES_DIRECTORY;

      $sPostsPath = $sPagesPath.'/posts';

   // create /posts/ - directory if not exists

      if(!file_exists($sPostsPath)) {

         if(is_writable($sPagesPath)) {

            make_dir(WB_PATH.PAGES_DIRECTORY.'/posts/');

         }else {

            $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);

         }

      }

   // check if /posts/ - dir is writable

      if(!is_writable($sPostsPath.'/')) {

         $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);

      }

/*

   // delete old accessfile if link has changed

    if (($newLink != $oldLink) && (is_writable($sPostsPath.$oldLink.PAGE_EXTENSION))) {

       if (!unlink($sPostsPath.$oldLink.PAGE_EXTENSION)) {

          $admin->print_error($MESSAGE['PAGES_CANNOT_DELETE_ACCESS_FILE'].' - '.$oldLink);

       }

    }

*/

    // delete old accessfile if link has changed

    if (($newLink != $oldLink) && (is_writable($sPagesPath.$oldLink.PAGE_EXTENSION))) {

        if (!unlink($sPagesPath.$oldLink.PAGE_EXTENSION)) {

          $admin->print_error($MESSAGE['PAGES_CANNOT_DELETE_ACCESS_FILE'].' - '.$oldLink);

        }

    }

   // all ok, now create new accessfile

      $newFile = $sPagesPath.$newLink.PAGE_EXTENSION;

      // $backSteps = preg_replace('/^'.preg_quote(WB_PATH).'/', '', $sPostsPath);

      $backSteps = preg_replace('@^'.preg_quote(WB_PATH).'@', '', $sPostsPath);

      $backSteps = str_repeat( '../', substr_count($backSteps, '/'));

      $content =

         '<?php'."\n".

         '// *** This file is generated by WebsiteBaker Ver.'.WB_VERSION."\n".

         '// *** Creation date: '.date('c')."\n".

         '// *** Do not modify this file manually'."\n".

         '// *** WB will rebuild this file from time to time!!'."\n".

         '// *************************************************'."\n".

         "\t".'$page_id      = '.$page_id.';'."\n".

         "\t".'$section_id   = '.$section_id.';'."\n".

         "\t".'$post_id      = '.$post_id.';'."\n".

         "\t".'$post_section = '.$section_id.';'."\n".

//         "\t".'define(\'POST_SECTION\', '.$section_id.');'."\n".

//         "\t".'define(\'POST_ID\',      '.$post_id.');'."\n".

         "\t".'require(\''.$backSteps.'index.php\');'."\n".

         '// *************************************************'."\n";

      if( file_put_contents($newFile, $content) !== false ) {

      // Chmod the file

         change_mode($newFile);

      }else {

         $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'],ADMIN_URL.'/pages/modify.php?page_id='.$page_id);

         // $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'].': '.$newFile);

      }

   } // end of function createNewsAccessFile

/* ************************************************************************** */

if ( !defined( 'WB_PATH' ) ){ require( dirname(dirname((__DIR__))).'/config.php' ); }

   require_once(WB_PATH."/include/jscalendar/jscalendar-functions.php");

// Get post_id

   if(!isset($_POST['post_id']) OR !is_numeric($_POST['post_id'])) {

      header("Location: ".ADMIN_URL."/pages/index.php");

      exit( 0 );

   }else {

      $post_id = intval($_POST['post_id']);

   }

   $admin_header = false;

   // Tells script to update when this page was last updated

   $update_when_modified = true;

   // Include WB admin wrapper script

   require(WB_PATH.'/modules/admin.php');

   if (!$admin->checkFTAN()) {

      $admin->print_header();

      $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],

                          ADMIN_URL.'/pages/modify.php?page_id='.$page_id );

   }

   $admin->print_header();

// Validate all fields

   if($admin->get_post('title') == '' AND $admin->get_post('url') == '') {

        $recallUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.

                   '&section_id='.$section_id.'&post_id='.$admin->getIDKEY($post_id);

      $admin->print_error($MESSAGE['GENERIC_FILL_IN_ALL'], $recallUrl);

   }else {

      $title      = $admin->StripCodeFromText($admin->get_post('title'));

      $short      = $admin->get_post('short');

      $long       = $admin->get_post('long');

      $commenting = $database->escapeString($admin->get_post('commenting'));

      $active     = intval($admin->get_post('active'));

      $old_link   = $admin->get_post('link');

      $group_id   = intval($admin->get_post('group'));

   }

/*

    $sMediaUrl = WB_URL.MEDIA_DIRECTORY;

    $searchfor = '@(<[^>]*=\s*")('.preg_quote($sMediaUrl).')([^">]*".*>)@siU';

    $short = preg_replace($searchfor, '$1{SYSVAR:MEDIA_REL}$3', $short);

    $long  = preg_replace($searchfor, '$1{SYSVAR:MEDIA_REL}$3', $long);

*/

    $sRelUrl = preg_replace('/^https?:\/\/[^\/]+(.*)/is', '\1', WB_URL);

    $sDocumentRootUrl = str_replace($sRelUrl, '', WB_URL);

    $sMediaUrl = WB_URL.MEDIA_DIRECTORY;

    $aPatterns = array(

        '/(<[^>]*?=\s*\")(\/+)([^\"]*?\"[^>]*?)/is',

        '/(<[^>]*=\s*")('.preg_quote($sMediaUrl, '/').')([^">]*".*>)/siU'

    );

    $aReplacements = array(

        '\1'.$sDocumentRootUrl.'/\3',

        '$1{SYSVAR:MEDIA_REL}$3'

    );

    $short = preg_replace($aPatterns, $aReplacements, $short);

    $long = preg_replace($aPatterns, $aReplacements, $long);

/*

// Get page link URL

    $sql = 'SELECT `link` FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page_id;

*/

// Get post link URL

$sql = 'SELECT `link` FROM `'.TABLE_PREFIX.'mod_news_posts` WHERE `post_id`='.$post_id;

$oldLink = $database->get_one($sql);

// Include WB functions file

    require(WB_PATH.'/framework/functions.php');

// Work-out what the link should be

    $newLink = '/posts/'.page_filename($title).PAGE_SPACER.$post_id;

// create new accessfile

    createNewsAccessFile($newLink, $oldLink, $page_id, $section_id, $post_id);

$now = time();

// get publisedwhen and publisheduntil

    $publishedwhen = jscalendar_to_timestamp($admin->get_post('publishdate'));

    if($publishedwhen == '' || $publishedwhen < 1) { $publishedwhen=0; }

    $publisheduntil = jscalendar_to_timestamp($admin->get_post('enddate'), $publishedwhen);

    if($publisheduntil == '' || $publisheduntil < 1) { $publisheduntil=0; }

// Update row

    $sql  = 'UPDATE `'.TABLE_PREFIX.'mod_news_posts` SET '

        . '`group_id`='.(int)$group_id.', '

        . '`title`=\''.$database->escapeString($title).'\', '

        . '`link`=\''.$database->escapeString($newLink).'\', '

        . '`content_short`=\''.$database->escapeString($short).'\', '

        . '`content_long`=\''.$database->escapeString($long).'\', '

        . '`commenting`=\''.$database->escapeString($commenting).'\', '

        . '`active`='.$database->escapeString($active).', '

        . '`published_when`='.(int)$publishedwhen.', '

        . '`published_until`='.(int)$publisheduntil.', '

        . '`posted_when`='.$now.', '

        . '`posted_by`='.(int)$admin->get_user_id().' '

        . 'WHERE `post_id`='.$database->escapeString($post_id);

   $database->query($sql);

// Check if there is a db error, otherwise say successful

   if($database->is_error()) {

      $recallUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.

                '&section_id='.$section_id.'&post_id='.$admin->getIDKEY($post_id);

      $admin->print_error($database->get_error(), $recallUrl);

   }else {

      $admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);

   }

// Print admin footer

   $admin->print_footer();