Project

General

Profile

1 2 Manuela
<?php
2
/**
3
 *
4
 * @category        modules
5
 * @package         news
6
 * @author          WebsiteBaker Project
7
 * @copyright       WebsiteBaker Org. e.V.
8
 * @link            http://websitebaker.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.3
11
 * @requirements    PHP 5.3.6 and higher
12
 * @version         $Id$
13
 * @filesource      $HeadURL$
14
 * @lastmodified    $Date$
15
 *
16
 */
17
18
   function createNewsAccessFile($newLink, $oldLink, $page_id, $section_id, $post_id)
19
   {
20
      global $admin, $MESSAGE;
21
      $sPagesPath = WB_PATH.PAGES_DIRECTORY;
22
      $sPostsPath = $sPagesPath.'/posts';
23
   // create /posts/ - directory if not exists
24
      if(!file_exists($sPostsPath)) {
25
         if(is_writable($sPagesPath)) {
26
            make_dir(WB_PATH.PAGES_DIRECTORY.'/posts/');
27
         }else {
28
            $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
29
         }
30
      }
31
   // check if /posts/ - dir is writable
32
      if(!is_writable($sPostsPath.'/')) {
33
         $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
34
      }
35
/*
36
   // delete old accessfile if link has changed
37
    if (($newLink != $oldLink) && (is_writable($sPostsPath.$oldLink.PAGE_EXTENSION))) {
38
       if (!unlink($sPostsPath.$oldLink.PAGE_EXTENSION)) {
39
          $admin->print_error($MESSAGE['PAGES_CANNOT_DELETE_ACCESS_FILE'].' - '.$oldLink);
40
       }
41
    }
42
*/
43
    // delete old accessfile if link has changed
44
    if (($newLink != $oldLink) && (is_writable($sPagesPath.$oldLink.PAGE_EXTENSION))) {
45
        if (!unlink($sPagesPath.$oldLink.PAGE_EXTENSION)) {
46
          $admin->print_error($MESSAGE['PAGES_CANNOT_DELETE_ACCESS_FILE'].' - '.$oldLink);
47
        }
48
    }
49
   // all ok, now create new accessfile
50
      $newFile = $sPagesPath.$newLink.PAGE_EXTENSION;
51
      // $backSteps = preg_replace('/^'.preg_quote(WB_PATH).'/', '', $sPostsPath);
52
      $backSteps = preg_replace('@^'.preg_quote(WB_PATH).'@', '', $sPostsPath);
53
      $backSteps = str_repeat( '../', substr_count($backSteps, '/'));
54
      $content =
55
         '<?php'."\n".
56
         '// *** This file is generated by WebsiteBaker Ver.'.WB_VERSION."\n".
57
         '// *** Creation date: '.date('c')."\n".
58
         '// *** Do not modify this file manually'."\n".
59
         '// *** WB will rebuild this file from time to time!!'."\n".
60
         '// *************************************************'."\n".
61
         "\t".'$page_id      = '.$page_id.';'."\n".
62
         "\t".'$section_id   = '.$section_id.';'."\n".
63
         "\t".'$post_id      = '.$post_id.';'."\n".
64
         "\t".'$post_section = '.$section_id.';'."\n".
65
//         "\t".'define(\'POST_SECTION\', '.$section_id.');'."\n".
66
//         "\t".'define(\'POST_ID\',      '.$post_id.');'."\n".
67
         "\t".'require(\''.$backSteps.'index.php\');'."\n".
68
         '// *************************************************'."\n";
69
      if( file_put_contents($newFile, $content) !== false ) {
70
      // Chmod the file
71
         change_mode($newFile);
72
      }else {
73
         $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'],ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
74
         // $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'].': '.$newFile);
75
76
      }
77
   } // end of function createNewsAccessFile
78
/* ************************************************************************** */
79
if ( !defined( 'WB_PATH' ) ){ require( dirname(dirname((__DIR__))).'/config.php' ); }
80
   require_once(WB_PATH."/include/jscalendar/jscalendar-functions.php");
81
// Get post_id
82
   if(!isset($_POST['post_id']) OR !is_numeric($_POST['post_id'])) {
83
      header("Location: ".ADMIN_URL."/pages/index.php");
84
      exit( 0 );
85
   }else {
86
      $post_id = intval($_POST['post_id']);
87
   }
88
89
   $admin_header = false;
90
   // Tells script to update when this page was last updated
91
   $update_when_modified = true;
92
   // Include WB admin wrapper script
93
   require(WB_PATH.'/modules/admin.php');
94
95
   if (!$admin->checkFTAN()) {
96
      $admin->print_header();
97
      $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],
98
                          ADMIN_URL.'/pages/modify.php?page_id='.$page_id );
99
   }
100
   $admin->print_header();
101
102
// Validate all fields
103
   if($admin->get_post('title') == '' AND $admin->get_post('url') == '') {
104
        $recallUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.
105
                   '&section_id='.$section_id.'&post_id='.$admin->getIDKEY($post_id);
106
      $admin->print_error($MESSAGE['GENERIC_FILL_IN_ALL'], $recallUrl);
107
   }else {
108
      $title      = $admin->StripCodeFromText($admin->get_post('title'));
109
      $short      = $admin->get_post('short');
110
      $long       = $admin->get_post('long');
111
      $commenting = $database->escapeString($admin->get_post('commenting'));
112
      $active     = intval($admin->get_post('active'));
113
      $old_link   = $admin->get_post('link');
114
      $group_id   = intval($admin->get_post('group'));
115
   }
116
/*
117
    $sMediaUrl = WB_URL.MEDIA_DIRECTORY;
118
    $searchfor = '@(<[^>]*=\s*")('.preg_quote($sMediaUrl).')([^">]*".*>)@siU';
119
    $short = preg_replace($searchfor, '$1{SYSVAR:MEDIA_REL}$3', $short);
120
    $long  = preg_replace($searchfor, '$1{SYSVAR:MEDIA_REL}$3', $long);
121
*/
122
    $sRelUrl = preg_replace('/^https?:\/\/[^\/]+(.*)/is', '\1', WB_URL);
123
    $sDocumentRootUrl = str_replace($sRelUrl, '', WB_URL);
124
    $sMediaUrl = WB_URL.MEDIA_DIRECTORY;
125
    $aPatterns = array(
126
        '/(<[^>]*?=\s*\")(\/+)([^\"]*?\"[^>]*?)/is',
127
        '/(<[^>]*=\s*")('.preg_quote($sMediaUrl, '/').')([^">]*".*>)/siU'
128
    );
129
    $aReplacements = array(
130
        '\1'.$sDocumentRootUrl.'/\3',
131
        '$1{SYSVAR:MEDIA_REL}$3'
132
    );
133
    $short = preg_replace($aPatterns, $aReplacements, $short);
134
    $long = preg_replace($aPatterns, $aReplacements, $long);
135
/*
136
// Get page link URL
137
    $sql = 'SELECT `link` FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page_id;
138
*/
139
// Get post link URL
140
$sql = 'SELECT `link` FROM `'.TABLE_PREFIX.'mod_news_posts` WHERE `post_id`='.$post_id;
141
$oldLink = $database->get_one($sql);
142
143
// Include WB functions file
144
    require(WB_PATH.'/framework/functions.php');
145
// Work-out what the link should be
146
    $newLink = '/posts/'.page_filename($title).PAGE_SPACER.$post_id;
147
// create new accessfile
148
    createNewsAccessFile($newLink, $oldLink, $page_id, $section_id, $post_id);
149
$now = time();
150
// get publisedwhen and publisheduntil
151
    $publishedwhen = jscalendar_to_timestamp($admin->get_post('publishdate'));
152
    if($publishedwhen == '' || $publishedwhen < 1) { $publishedwhen=0; }
153
    $publisheduntil = jscalendar_to_timestamp($admin->get_post('enddate'), $publishedwhen);
154
    if($publisheduntil == '' || $publisheduntil < 1) { $publisheduntil=0; }
155
// Update row
156
    $sql  = 'UPDATE `'.TABLE_PREFIX.'mod_news_posts` SET '
157
        . '`group_id`='.(int)$group_id.', '
158
        . '`title`=\''.$database->escapeString($title).'\', '
159
        . '`link`=\''.$database->escapeString($newLink).'\', '
160
        . '`content_short`=\''.$database->escapeString($short).'\', '
161
        . '`content_long`=\''.$database->escapeString($long).'\', '
162
        . '`commenting`=\''.$database->escapeString($commenting).'\', '
163
        . '`active`='.$database->escapeString($active).', '
164
        . '`published_when`='.(int)$publishedwhen.', '
165
        . '`published_until`='.(int)$publisheduntil.', '
166
        . '`posted_when`='.$now.', '
167
        . '`posted_by`='.(int)$admin->get_user_id().' '
168
        . 'WHERE `post_id`='.$database->escapeString($post_id);
169
   $database->query($sql);
170
// Check if there is a db error, otherwise say successful
171
   if($database->is_error()) {
172
      $recallUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.
173
                '&section_id='.$section_id.'&post_id='.$admin->getIDKEY($post_id);
174
      $admin->print_error($database->get_error(), $recallUrl);
175
   }else {
176
      $admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
177
   }
178
// Print admin footer
179
   $admin->print_footer();