Project

General

Profile

« Previous | Next » 

Revision 1108

Added by Matthias over 15 years ago

Fixed again some bugs in news modul (ticket #756) (Thanks to Aldus and Luisehahne)

View differences:

view.php
1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
// Must include code to stop this file being access directly
27
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
28

  
29
// check if frontend.css file needs to be included into the <body></body> of view.php
30
if((!function_exists('register_frontend_modfiles') || !defined('MOD_FRONTEND_CSS_REGISTERED')) &&  file_exists(WB_PATH .'/modules/news/frontend.css')) {
31
   echo '<style type="text/css">';
32
   include(WB_PATH .'/modules/news/frontend.css');
33
   echo "\n</style>\n";
34
} 
35

  
36
// check if module language file exists for the language set by the user (e.g. DE, EN)
37
if(!file_exists(WB_PATH .'/modules/news/languages/'.LANGUAGE .'.php')) {
38
	// no module language file exists for the language set by the user, include default module language file EN.php
39
	require_once(WB_PATH .'/modules/news/languages/EN.php');
40
} else {
41
	// a module language file exists for the language defined by the user, load it
42
	require_once(WB_PATH .'/modules/news/languages/'.LANGUAGE .'.php');
43
}
44

  
45
//overwrite php.ini on Apache servers for valid SESSION ID Separator
46
if(function_exists('ini_set')) {
47
	ini_set('arg_separator.output', '&amp;');
48
}
49

  
50
// Check if there is a start point defined
51
if(isset($_GET['p']) AND is_numeric($_GET['p']) AND $_GET['p'] >= 0) {
52
	$position = $_GET['p'];
53
} else {
54
	$position = 0;
55
}
56

  
57
// Get user's username, display name, email, and id - needed for insertion into post info
58
$users = array();
59
$query_users = $database->query("SELECT user_id,username,display_name,email FROM ".TABLE_PREFIX."users");
60
if($query_users->numRows() > 0) {
61
	while($user = $query_users->fetchRow()) {
62
		// Insert user info into users array
63
		$user_id = $user['user_id'];
64
		$users[$user_id]['username'] = $user['username'];
65
		$users[$user_id]['display_name'] = $user['display_name'];
66
		$users[$user_id]['email'] = $user['email'];
67
	}
68
}
69

  
70
// Get groups (title, if they are active, and their image [if one has been uploaded])
71
if (isset($groups)) {
72
   unset($groups);
73
}
74
$groups[0]['title'] = '';
75
$groups[0]['active'] = true;
76
$groups[0]['image'] = '';
77
$query_users = $database->query("SELECT group_id,title,active FROM ".TABLE_PREFIX."mod_news_groups WHERE section_id = '$section_id' ORDER BY position ASC");
78
if($query_users->numRows() > 0) {
79
	while($group = $query_users->fetchRow()) {
80
		// Insert user info into users array
81
		$group_id = $group['group_id'];
82
		$groups[$group_id]['title'] = ($group['title']);
83
		$groups[$group_id]['active'] = $group['active'];
84
		if(file_exists(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg')) {
85
			$groups[$group_id]['image'] = WB_URL.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg';
86
		} else {
87
			$groups[$group_id]['image'] = '';
88
		}
89
	}
90
}
91

  
92
// Check if we should show the main page or a post itself
93
if(!defined('POST_ID') OR !is_numeric(POST_ID)) {
94
	
95
	// Check if we should only list posts from a certain group
96
	if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
97
		$query_extra = " AND group_id = '".$_GET['g']."'";
98
	} else {
99
		$query_extra = '';
100
	}
101
	
102
	// Get settings
103
	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
104
	if($query_settings->numRows() > 0) {
105
		$fetch_settings = $query_settings->fetchRow();
106
		$setting_header = ($fetch_settings['header']);
107
		$setting_post_loop = ($fetch_settings['post_loop']);
108
		$setting_footer = ($fetch_settings['footer']);
109
		$setting_posts_per_page = $fetch_settings['posts_per_page'];
110
	} else {
111
		$setting_header = '';
112
		$setting_post_loop = '';
113
		$setting_footer = '';
114
		$setting_posts_per_page = '';
115
	}
116
	
117
	$t = time();
118
	// Get total number of posts
119
	$query_total_num = $database->query("SELECT post_id FROM ".TABLE_PREFIX."mod_news_posts
120
		WHERE section_id = '$section_id' AND active = '1' AND title != '' $query_extra 
121
		AND (published_when = '0' OR published_when <= $t) AND (published_until = 0 OR published_until >= $t)");
122
	$total_num = $query_total_num->numRows();
123

  
124
	// Work-out if we need to add limit code to sql
125
	if($setting_posts_per_page != 0) {
126
		$limit_sql = " LIMIT $position,$setting_posts_per_page";
127
	} else {
128
		$limit_sql = "";
129
	}
130
	
131
	// Query posts (for this page)
132
	$query_posts = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_posts
133
		WHERE section_id = '$section_id' AND active = '1' AND title != ''$query_extra
134
		AND (published_when = '0' OR published_when <= $t) AND (published_until = 0 OR published_until >= $t)
135
		ORDER BY position DESC".$limit_sql);
136
	$num_posts = $query_posts->numRows();
137
	
138
	// Create previous and next links
139
	if($setting_posts_per_page != 0) {
140
		if($position > 0) {
141
			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
142
				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'&amp;g='.$_GET['g'].'">&lt;&lt; ';
143
			} else {
144
				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'">&lt;&lt; ';
145
			}
146
			$pl_append = '</a>';
147
			$previous_link = $pl_prepend.$TEXT['PREVIOUS'].$pl_append;
148
			$previous_page_link = $pl_prepend.$TEXT['PREVIOUS_PAGE'].$pl_append;
149
		} else {
150
			$previous_link = '';
151
			$previous_page_link = '';
152
		}
153
		if($position+$setting_posts_per_page >= $total_num) {
154
			$next_link = '';
155
			$next_page_link = '';
156
		} else {
157
			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
158
				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'&amp;g='.$_GET['g'].'"> ';
159
			} else {
160
				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'"> ';
161
			}
162
			$nl_append = ' &gt;&gt;</a>';
163
			$next_link = $nl_prepend.$TEXT['NEXT'].$nl_append;
164
			$next_page_link = $nl_prepend.$TEXT['NEXT_PAGE'].$nl_append;
165
		}
166
		if($position+$setting_posts_per_page > $total_num) {
167
			$num_of = $position+$num_posts;
168
		} else {
169
			$num_of = $position+$setting_posts_per_page;
170
		}
171
		$out_of = ($position+1).'-'.$num_of.' '.strtolower($TEXT['OUT_OF']).' '.$total_num;
172
		$of = ($position+1).'-'.$num_of.' '.strtolower($TEXT['OF']).' '.$total_num;
173
		$display_previous_next_links = '';
174
	} else {
175
		$display_previous_next_links = 'none';
176
	}
177
		
178
	// Print header
179
	if($display_previous_next_links == 'none') {
180
		echo  str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array('','','','','','', $display_previous_next_links), $setting_header);
181
	} else {
182
		echo str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array($next_page_link, $next_link, $previous_page_link, $previous_link, $out_of, $of, $display_previous_next_links), $setting_header);
183
	}
184
	
185
	if($num_posts > 0) {
186
		if($query_extra != '') {
187
			?>
188
			<div class="selected_group_title">
189
				<?php echo '<a href="'.htmlspecialchars(strip_tags($_SERVER['PHP_SELF'])).'">'.PAGE_TITLE.'</a> &gt;&gt; '.$groups[$_GET['g']]['title']; ?>
190
			</div>
191
			<?php
192
		}
193
		while($post = $query_posts->fetchRow()) {
194
			if(isset($groups[$post['group_id']]['active']) AND $groups[$post['group_id']]['active'] != false) { // Make sure parent group is active
195
				$uid = $post['posted_by']; // User who last modified the post
196
				// Workout date and time of last modified post
197
				if ($post['published_when'] > $post['posted_when']) {
198
					$post_date = gmdate(DATE_FORMAT, $post['published_when']+TIMEZONE);
199
					$post_time = gmdate(TIME_FORMAT, $post['published_when']+TIMEZONE);
200
				} else {
201
					$post_date = gmdate(DATE_FORMAT, $post['posted_when']+TIMEZONE);
202
					$post_time = gmdate(TIME_FORMAT, $post['posted_when']+TIMEZONE);
203
				}
204
				$publ_date = date(DATE_FORMAT,$post['published_when']);
205
				$publ_time = date(TIME_FORMAT,$post['published_when']);
206
				// Work-out the post link
207
				$post_link = page_link($post['link']);
208
				if(isset($_GET['p']) AND $position > 0) {
209
					$post_link .= '?p='.$position;
210
				}
211
				if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
212
					if(isset($_GET['p']) AND $position > 0) { $post_link .= '&amp;'; } else { $post_link .= '?'; }
213
					$post_link .= 'g='.$_GET['g'];
214
				}
215
				// Get group id, title, and image
216
				$group_id = $post['group_id'];
217
				$group_title = $groups[$group_id]['title'];
218
				$group_image = $groups[$group_id]['image'];
219
				$display_image = ($group_image == '') ? "none" : "inherit";
220
				$display_group = ($group_id == 0) ? 'none' : 'inherit';
221
				// Replace [wblink--PAGE_ID--] with real link
222
				$short = ($post['content_short']);
223
				$wb->preprocess($short);
224
				// Replace vars with values
225
				$post_long_len = strlen($post['content_long']);
226
				$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[LINK]', '[MODI_DATE]', '[MODI_TIME]', '[PUBLISHED_DATE]', '[PUBLISHED_TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]', '[TEXT_READ_MORE]','[SHOW_READ_MORE]');
227
				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
228
					if($post_long_len < 9) {
229
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, '#" onclick="javascript:void(0);return false;" style="cursor:no-drop;', $post_date, $post_time, $publ_date, $publ_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], '', 'none');
230
					} else {
231
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, $publ_date, $publ_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $MOD_NEWS['TEXT_READ_MORE'], 'visible');
232
					}
233
				} else {
234
					if($post_long_len < 9) {
235
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, '#" onclick="javascript:void(0);return false;" style="cursor:no-drop;', $post_date, $post_time, $publ_date, $publ_time, '', '', '', '', '','none');
236
					} else {
237
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, $publ_date, $publ_time, '', '', '', '', $MOD_NEWS['TEXT_READ_MORE'],'visible');
238
					}
239
				}
240
				echo str_replace($vars, $values, $setting_post_loop);
241
			}
242
		}
243
	}
244
	
245
	// Print footer
246
	if($display_previous_next_links == 'none') {
247
		echo  str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array('','','','','','', $display_previous_next_links), $setting_footer);
248
	} else {
249
		echo str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array($next_page_link, $next_link, $previous_page_link, $previous_link, $out_of, $of, $display_previous_next_links), $setting_footer);
250
	}
251
	
252
} elseif(defined('POST_ID') AND is_numeric(POST_ID)) {
253
	
254
	// Get settings
255
	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
256
	if($query_settings->numRows() > 0) {
257
		$fetch_settings = $query_settings->fetchRow();
258
		$setting_post_header = ($fetch_settings['post_header']);
259
		$setting_post_footer = ($fetch_settings['post_footer']);
260
		$setting_comments_header = ($fetch_settings['comments_header']);
261
		$setting_comments_loop = ($fetch_settings['comments_loop']);
262
		$setting_comments_footer = ($fetch_settings['comments_footer']);
263
	} else {
264
		$setting_post_header = '';
265
		$setting_post_footer = '';
266
		$setting_comments_header = '';
267
		$setting_comments_loop = '';
268
		$setting_comments_footer = '';
269
	}
270
	
271
	// Get page info
272
	$query_page = $database->query("SELECT link FROM ".TABLE_PREFIX."pages WHERE page_id = '".PAGE_ID."'");
273
	if($query_page->numRows() > 0) {
274
		$page = $query_page->fetchRow();
275
		$page_link = page_link($page['link']);
276
		if(isset($_GET['p']) AND $position > 0) {
277
			$page_link .= '?p='.$_GET['p'];
278
		}
279
		if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
280
			if(isset($_GET['p']) AND $position > 0) { $page_link .= '&amp;'; } else { $page_link .= '?'; }
281
			$page_link .= 'g='.$_GET['g'];
282
		}
283
	} else {
284
		exit('Page not found');
285
	}
286
	
287
	// Get post info
288
	$t = time();
289
	$query_post = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_posts
290
		WHERE post_id = '".POST_ID."' AND active = '1'
291
		AND (published_when = '0' OR published_when <= $t) AND (published_until = 0 OR published_until >= $t)
292
	");
293
	if($query_post->numRows() > 0) {
294
		$post = $query_post->fetchRow();
295
		if(isset($groups[$post['group_id']]['active']) AND $groups[$post['group_id']]['active'] != false) { // Make sure parent group is active
296
			$uid = $post['posted_by']; // User who last modified the post
297
			// Workout date and time of last modified post
298
			if ($post['published_when'] > $post['posted_when']) {
299
				$post_date = gmdate(DATE_FORMAT, $post['published_when']+TIMEZONE);
300
				$post_time = gmdate(TIME_FORMAT, $post['published_when']+TIMEZONE);
301
			} else {
302
				$post_date = gmdate(DATE_FORMAT, $post['posted_when']+TIMEZONE);
303
				$post_time = gmdate(TIME_FORMAT, $post['posted_when']+TIMEZONE);
304
			}
305
			$publ_date = date(DATE_FORMAT,$post['published_when']);
306
			$publ_time = date(TIME_FORMAT,$post['published_when']);
307
			// Get group id, title, and image
308
			$group_id = $post['group_id'];
309
			$group_title = $groups[$group_id]['title'];
310
			$group_image = $groups[$group_id]['image'];
311
			$display_image = ($group_image == '') ? "none" : "inherit";
312
			$display_group = ($group_id == 0) ? 'none' : 'inherit';
313
			$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[BACK]', '[TEXT_BACK]', '[TEXT_LAST_CHANGED]', '[MODI_DATE]', '[TEXT_AT]', '[MODI_TIME]', '[PUBLISHED_DATE]', '[PUBLISHED_TIME]', '[TEXT_POSTED_BY]', '[TEXT_ON]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]');
314
			$post_short=$post['content_short'];
315
			$wb->preprocess($post_short);
316
			if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
317
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $post_short, $page_link, $MOD_NEWS['TEXT_BACK'], $MOD_NEWS['TEXT_LAST_CHANGED'], $post_date, $MOD_NEWS['TEXT_AT'], $post_time, $publ_date, $publ_time, $MOD_NEWS['TEXT_POSTED_BY'], $MOD_NEWS['TEXT_ON'], $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email']);
318
			} else {
319
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $post_short, $page_link, $MOD_NEWS['TEXT_BACK'], $MOD_NEWS['TEXT_LAST_CHANGED'], $post_date, $MOD_NEWS['TEXT_AT'], $post_time, $publ_date, $publ_time, $MOD_NEWS['TEXT_POSTED_BY'], $MOD_NEWS['TEXT_ON'], '', '', '', '');
320
			}
321
			$post_long = ($post['content_long']);
322
		}
323
	} else {
324
		$wb->print_error($MESSAGE['FRONTEND']['SORRY_NO_ACTIVE_SECTIONS'], "javascript: history.go(-1);", false);
325
		exit(0);
326
	}
327
	
328
	// Print post header
329
	echo str_replace($vars, $values, $setting_post_header);
330
	
331
	// Replace [wblink--PAGE_ID--] with real link
332
  	$wb->preprocess($post_long);
333
	// Print long
334
	echo $post_long;
335
	
336
	// Print post footer
337
	echo str_replace($vars, $values, $setting_post_footer);
338
	
339
	// Show comments section if we have to
340
	if(($post['commenting'] == 'private' AND isset($wb) AND $wb->is_authenticated() == true) OR $post['commenting'] == 'public') {
341
		
342
		// Print comments header
343
		$vars = array('[ADD_COMMENT_URL]','[TEXT_COMMENTS]');
344
		$values = array(WB_URL.'/modules/news/comment.php?id='.POST_ID.'&amp;sid='.$section_id, $MOD_NEWS['TEXT_COMMENTS']);
345
		echo str_replace($vars, $values, $setting_comments_header);
346
		
347
		// Query for comments
348
		$query_comments = $database->query("SELECT title,comment,commented_when,commented_by FROM ".TABLE_PREFIX."mod_news_comments WHERE post_id = '".POST_ID."' ORDER BY commented_when ASC");
349
		if($query_comments->numRows() > 0) {
350
			while($comment = $query_comments->fetchRow()) {
351
				// Display Comments without slashes, but with new-line characters
352
				$comment['comment'] = nl2br($wb->strip_slashes($comment['comment']));
353
				$comment['title'] = $wb->strip_slashes($comment['title']);
354
				// Print comments loop
355
				$commented_date = gmdate(DATE_FORMAT, $comment['commented_when']+TIMEZONE);
356
				$commented_time = gmdate(TIME_FORMAT, $comment['commented_when']+TIMEZONE);
357
				$uid = $comment['commented_by'];
358
				$vars = array('[TITLE]','[COMMENT]','[TEXT_ON]','[DATE]','[TEXT_AT]','[TIME]','[TEXT_BY]','[USER_ID]','[USERNAME]','[DISPLAY_NAME]', '[EMAIL]');
359
				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
360
					$values = array(($comment['title']), ($comment['comment']), $MOD_NEWS['TEXT_ON'], $commented_date, $MOD_NEWS['TEXT_AT'], $commented_time, $MOD_NEWS['TEXT_BY'], $uid, ($users[$uid]['username']), ($users[$uid]['display_name']), ($users[$uid]['email']));
361
				} else {
362
					$values = array(($comment['title']), ($comment['comment']), $MOD_NEWS['TEXT_ON'], $commented_date, $MOD_NEWS['TEXT_AT'], $commented_time, $MOD_NEWS['TEXT_BY'], '0', strtolower($TEXT['UNKNOWN']), $TEXT['UNKNOWN'], '');
363
				}
364
				echo str_replace($vars, $values, $setting_comments_loop);
365
			}
366
		} else {
367
			// Say no comments found
368
			$content = '';
369
			if(isset($TEXT['NONE_FOUND'])) {
370
				$content .= '<tr><td>'.$TEXT['NONE_FOUND'].'<br /></td></tr>';
371
			} else {
372
				$content .= '<tr><td>None Found<br /></td></tr>';
373
			}
374
		}
375
		
376
		// Print comments footer
377
		$vars = array('[ADD_COMMENT_URL]','[TEXT_ADD_COMMENT]');
378
		$values = array(WB_URL.'/modules/news/comment.php?id='.POST_ID.'&amp;sid='.$section_id, $MOD_NEWS['TEXT_ADD_COMMENT']);
379
		echo str_replace($vars, $values, $setting_comments_footer);
380
	}
381
	if(ENABLED_ASP) {
382
		$_SESSION['comes_from_view'] = POST_ID;
383
		$_SESSION['comes_from_view_time'] = time();
384
	}
385
}
386

  
1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
// Must include code to stop this file being access directly
27
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
28

  
29
// check if frontend.css file needs to be included into the <body></body> of view.php
30
if((!function_exists('register_frontend_modfiles') || !defined('MOD_FRONTEND_CSS_REGISTERED')) &&  file_exists(WB_PATH .'/modules/news/frontend.css')) {
31
   echo '<style type="text/css">';
32
   include(WB_PATH .'/modules/news/frontend.css');
33
   echo "\n</style>\n";
34
} 
35

  
36
// check if module language file exists for the language set by the user (e.g. DE, EN)
37
if(!file_exists(WB_PATH .'/modules/news/languages/'.LANGUAGE .'.php')) {
38
	// no module language file exists for the language set by the user, include default module language file EN.php
39
	require_once(WB_PATH .'/modules/news/languages/EN.php');
40
} else {
41
	// a module language file exists for the language defined by the user, load it
42
	require_once(WB_PATH .'/modules/news/languages/'.LANGUAGE .'.php');
43
}
44

  
45
//overwrite php.ini on Apache servers for valid SESSION ID Separator
46
if(function_exists('ini_set')) {
47
	ini_set('arg_separator.output', '&amp;');
48
}
49

  
50
// Check if there is a start point defined
51
if(isset($_GET['p']) AND is_numeric($_GET['p']) AND $_GET['p'] >= 0) {
52
	$position = $_GET['p'];
53
} else {
54
	$position = 0;
55
}
56

  
57
// Get user's username, display name, email, and id - needed for insertion into post info
58
$users = array();
59
$query_users = $database->query("SELECT user_id,username,display_name,email FROM ".TABLE_PREFIX."users");
60
if($query_users->numRows() > 0) {
61
	while($user = $query_users->fetchRow()) {
62
		// Insert user info into users array
63
		$user_id = $user['user_id'];
64
		$users[$user_id]['username'] = $user['username'];
65
		$users[$user_id]['display_name'] = $user['display_name'];
66
		$users[$user_id]['email'] = $user['email'];
67
	}
68
}
69

  
70
// Get groups (title, if they are active, and their image [if one has been uploaded])
71
if (isset($groups)) {
72
   unset($groups);
73
}
74
$groups[0]['title'] = '';
75
$groups[0]['active'] = true;
76
$groups[0]['image'] = '';
77
$query_users = $database->query("SELECT group_id,title,active FROM ".TABLE_PREFIX."mod_news_groups WHERE section_id = '$section_id' ORDER BY position ASC");
78
if($query_users->numRows() > 0) {
79
	while($group = $query_users->fetchRow()) {
80
		// Insert user info into users array
81
		$group_id = $group['group_id'];
82
		$groups[$group_id]['title'] = ($group['title']);
83
		$groups[$group_id]['active'] = $group['active'];
84
		if(file_exists(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg')) {
85
			$groups[$group_id]['image'] = WB_URL.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg';
86
		} else {
87
			$groups[$group_id]['image'] = '';
88
		}
89
	}
90
}
91

  
92
// Check if we should show the main page or a post itself
93
if(!defined('POST_ID') OR !is_numeric(POST_ID)) {
94
	
95
	// Check if we should only list posts from a certain group
96
	if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
97
		$query_extra = " AND group_id = '".$_GET['g']."'";
98
	} else {
99
		$query_extra = '';
100
	}
101
	
102
	// Get settings
103
	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
104
	if($query_settings->numRows() > 0) {
105
		$fetch_settings = $query_settings->fetchRow();
106
		$setting_header = ($fetch_settings['header']);
107
		$setting_post_loop = ($fetch_settings['post_loop']);
108
		$setting_footer = ($fetch_settings['footer']);
109
		$setting_posts_per_page = $fetch_settings['posts_per_page'];
110
	} else {
111
		$setting_header = '';
112
		$setting_post_loop = '';
113
		$setting_footer = '';
114
		$setting_posts_per_page = '';
115
	}
116
	
117
	$t = time();
118
	// Get total number of posts
119
	$query_total_num = $database->query("SELECT post_id FROM ".TABLE_PREFIX."mod_news_posts
120
		WHERE section_id = '$section_id' AND active = '1' AND title != '' $query_extra 
121
		AND (published_when = '0' OR published_when <= $t) AND (published_until = 0 OR published_until >= $t)");
122
	$total_num = $query_total_num->numRows();
123

  
124
	// Work-out if we need to add limit code to sql
125
	if($setting_posts_per_page != 0) {
126
		$limit_sql = " LIMIT $position,$setting_posts_per_page";
127
	} else {
128
		$limit_sql = "";
129
	}
130
	
131
	// Query posts (for this page)
132
	$query_posts = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_posts
133
		WHERE section_id = '$section_id' AND active = '1' AND title != ''$query_extra
134
		AND (published_when = '0' OR published_when <= $t) AND (published_until = 0 OR published_until >= $t)
135
		ORDER BY position DESC".$limit_sql);
136
	$num_posts = $query_posts->numRows();
137
	
138
	// Create previous and next links
139
	if($setting_posts_per_page != 0) {
140
		if($position > 0) {
141
			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
142
				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'&amp;g='.$_GET['g'].'">&lt;&lt; ';
143
			} else {
144
				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'">&lt;&lt; ';
145
			}
146
			$pl_append = '</a>';
147
			$previous_link = $pl_prepend.$TEXT['PREVIOUS'].$pl_append;
148
			$previous_page_link = $pl_prepend.$TEXT['PREVIOUS_PAGE'].$pl_append;
149
		} else {
150
			$previous_link = '';
151
			$previous_page_link = '';
152
		}
153
		if($position+$setting_posts_per_page >= $total_num) {
154
			$next_link = '';
155
			$next_page_link = '';
156
		} else {
157
			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
158
				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'&amp;g='.$_GET['g'].'"> ';
159
			} else {
160
				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'"> ';
161
			}
162
			$nl_append = ' &gt;&gt;</a>';
163
			$next_link = $nl_prepend.$TEXT['NEXT'].$nl_append;
164
			$next_page_link = $nl_prepend.$TEXT['NEXT_PAGE'].$nl_append;
165
		}
166
		if($position+$setting_posts_per_page > $total_num) {
167
			$num_of = $position+$num_posts;
168
		} else {
169
			$num_of = $position+$setting_posts_per_page;
170
		}
171
		$out_of = ($position+1).'-'.$num_of.' '.strtolower($TEXT['OUT_OF']).' '.$total_num;
172
		$of = ($position+1).'-'.$num_of.' '.strtolower($TEXT['OF']).' '.$total_num;
173
		$display_previous_next_links = '';
174
	} else {
175
		$display_previous_next_links = 'none';
176
	}
177

  
178
	if ($num_posts === 0) {
179
		$setting_header = '';
180
		$setting_post_loop = '';
181
		$setting_footer = '';
182
		$setting_posts_per_page = '';
183

  
184
	}
185

  
186
	// Print header
187
	if($display_previous_next_links == 'none') {
188
		echo  str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array('','','','','','', $display_previous_next_links), $setting_header);
189
	} else {
190
		echo str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array($next_page_link, $next_link, $previous_page_link, $previous_link, $out_of, $of, $display_previous_next_links), $setting_header);
191
	}
192
	
193
	if($num_posts > 0) {
194
		if($query_extra != '') {
195
			?>
196
			<div class="selected_group_title">
197
				<?php echo '<a href="'.htmlspecialchars(strip_tags($_SERVER['PHP_SELF'])).'">'.PAGE_TITLE.'</a> &gt;&gt; '.$groups[$_GET['g']]['title']; ?>
198
			</div>
199
			<?php
200
		}
201
		while($post = $query_posts->fetchRow()) {
202
			if(isset($groups[$post['group_id']]['active']) AND $groups[$post['group_id']]['active'] != false) { // Make sure parent group is active
203
				$uid = $post['posted_by']; // User who last modified the post
204
				// Workout date and time of last modified post
205
				if ($post['published_when'] === '0') $post['published_when'] = time();
206
				if ($post['published_when'] > $post['posted_when']) {
207
					$post_date = gmdate(DATE_FORMAT, $post['published_when']+TIMEZONE);
208
					$post_time = gmdate(TIME_FORMAT, $post['published_when']+TIMEZONE);
209
				} else {
210
					$post_date = gmdate(DATE_FORMAT, $post['posted_when']+TIMEZONE);
211
					$post_time = gmdate(TIME_FORMAT, $post['posted_when']+TIMEZONE);
212
				}
213
				$publ_date = date(DATE_FORMAT,$post['published_when']);
214
				$publ_time = date(TIME_FORMAT,$post['published_when']);
215
				// Work-out the post link
216
				$post_link = page_link($post['link']);
217
				if(isset($_GET['p']) AND $position > 0) {
218
					$post_link .= '?p='.$position;
219
				}
220
				if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
221
					if(isset($_GET['p']) AND $position > 0) { $post_link .= '&amp;'; } else { $post_link .= '?'; }
222
					$post_link .= 'g='.$_GET['g'];
223
				}
224
				// Get group id, title, and image
225
				$group_id = $post['group_id'];
226
				$group_title = $groups[$group_id]['title'];
227
				$group_image = $groups[$group_id]['image'];
228
				$display_image = ($group_image == '') ? "none" : "inherit";
229
				$display_group = ($group_id == 0) ? 'none' : 'inherit'; 
230
				if ($group_image != "") $group_image= "<img src='".$group_image."' alt='".$group_title."' />";
231
				// Replace [wblink--PAGE_ID--] with real link
232
				$short = ($post['content_short']);
233
				$wb->preprocess($short);
234
				// Replace vars with values
235
				$post_long_len = strlen($post['content_long']);
236
				$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[LINK]', '[MODI_DATE]', '[MODI_TIME]', '[PUBLISHED_DATE]', '[PUBLISHED_TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]', '[TEXT_READ_MORE]','[SHOW_READ_MORE]');
237
				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
238
					if($post_long_len < 9) {
239
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, '#" onclick="javascript:void(0);return false;" style="cursor:no-drop;', $post_date, $post_time, $publ_date, $publ_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], '', 'none');
240
					} else {
241
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, $publ_date, $publ_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $MOD_NEWS['TEXT_READ_MORE'], 'visible');
242
					}
243
				} else {
244
					if($post_long_len < 9) {
245
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, '#" onclick="javascript:void(0);return false;" style="cursor:no-drop;', $post_date, $post_time, $publ_date, $publ_time, '', '', '', '', '','none');
246
					} else {
247
						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, $publ_date, $publ_time, '', '', '', '', $MOD_NEWS['TEXT_READ_MORE'],'visible');
248
					}
249
				}
250
				echo str_replace($vars, $values, $setting_post_loop);
251
			}
252
		}
253
	}
254
	
255
	// Print footer
256
	if($display_previous_next_links == 'none') {
257
		echo  str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array('','','','','','', $display_previous_next_links), $setting_footer);
258
	} else {
259
		echo str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array($next_page_link, $next_link, $previous_page_link, $previous_link, $out_of, $of, $display_previous_next_links), $setting_footer);
260
	}
261
	
262
} elseif(defined('POST_ID') AND is_numeric(POST_ID)) {
263
	
264
	// Get settings
265
	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
266
	if($query_settings->numRows() > 0) {
267
		$fetch_settings = $query_settings->fetchRow();
268
		$setting_post_header = ($fetch_settings['post_header']);
269
		$setting_post_footer = ($fetch_settings['post_footer']);
270
		$setting_comments_header = ($fetch_settings['comments_header']);
271
		$setting_comments_loop = ($fetch_settings['comments_loop']);
272
		$setting_comments_footer = ($fetch_settings['comments_footer']);
273
	} else {
274
		$setting_post_header = '';
275
		$setting_post_footer = '';
276
		$setting_comments_header = '';
277
		$setting_comments_loop = '';
278
		$setting_comments_footer = '';
279
	}
280
	
281
	// Get page info
282
	$query_page = $database->query("SELECT link FROM ".TABLE_PREFIX."pages WHERE page_id = '".PAGE_ID."'");
283
	if($query_page->numRows() > 0) {
284
		$page = $query_page->fetchRow();
285
		$page_link = page_link($page['link']);
286
		if(isset($_GET['p']) AND $position > 0) {
287
			$page_link .= '?p='.$_GET['p'];
288
		}
289
		if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
290
			if(isset($_GET['p']) AND $position > 0) { $page_link .= '&amp;'; } else { $page_link .= '?'; }
291
			$page_link .= 'g='.$_GET['g'];
292
		}
293
	} else {
294
		exit('Page not found');
295
	}
296
	
297
	// Get post info
298
	$t = time();
299
	$query_post = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_posts
300
		WHERE post_id = '".POST_ID."' AND active = '1'
301
		AND (published_when = '0' OR published_when <= $t) AND (published_until = 0 OR published_until >= $t)
302
	");
303
	if($query_post->numRows() > 0) {
304
		$post = $query_post->fetchRow();
305
		if(isset($groups[$post['group_id']]['active']) AND $groups[$post['group_id']]['active'] != false) { // Make sure parent group is active
306
			$uid = $post['posted_by']; // User who last modified the post
307
			// Workout date and time of last modified post
308
			if ($post['published_when'] === '0') $post['published_when'] = time();
309
			if ($post['published_when'] > $post['posted_when']) {
310
				$post_date = gmdate(DATE_FORMAT, $post['published_when']+TIMEZONE);
311
				$post_time = gmdate(TIME_FORMAT, $post['published_when']+TIMEZONE);
312
			} else {
313
				$post_date = gmdate(DATE_FORMAT, $post['posted_when']+TIMEZONE);
314
				$post_time = gmdate(TIME_FORMAT, $post['posted_when']+TIMEZONE);
315
			}
316
			$publ_date = date(DATE_FORMAT,$post['published_when']);
317
			$publ_time = date(TIME_FORMAT,$post['published_when']);
318
			// Get group id, title, and image
319
			$group_id = $post['group_id'];
320
			$group_title = $groups[$group_id]['title'];
321
			$group_image = $groups[$group_id]['image'];
322
			$display_image = ($group_image == '') ? "none" : "inherit";
323
			$display_group = ($group_id == 0) ? 'none' : 'inherit'; 
324
			if ($group_image != "") $group_image= "<img src='".$group_image."' alt='".$group_title."' />";
325
			$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[BACK]', '[TEXT_BACK]', '[TEXT_LAST_CHANGED]', '[MODI_DATE]', '[TEXT_AT]', '[MODI_TIME]', '[PUBLISHED_DATE]', '[PUBLISHED_TIME]', '[TEXT_POSTED_BY]', '[TEXT_ON]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]');
326
			$post_short=$post['content_short'];
327
			$wb->preprocess($post_short);
328
			if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
329
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $post_short, $page_link, $MOD_NEWS['TEXT_BACK'], $MOD_NEWS['TEXT_LAST_CHANGED'], $post_date, $MOD_NEWS['TEXT_AT'], $post_time, $publ_date, $publ_time, $MOD_NEWS['TEXT_POSTED_BY'], $MOD_NEWS['TEXT_ON'], $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email']);
330
			} else {
331
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $post_short, $page_link, $MOD_NEWS['TEXT_BACK'], $MOD_NEWS['TEXT_LAST_CHANGED'], $post_date, $MOD_NEWS['TEXT_AT'], $post_time, $publ_date, $publ_time, $MOD_NEWS['TEXT_POSTED_BY'], $MOD_NEWS['TEXT_ON'], '', '', '', '');
332
			}
333
			$post_long = ($post['content_long']);
334
		}
335
	} else {
336
		$wb->print_error($MESSAGE['FRONTEND']['SORRY_NO_ACTIVE_SECTIONS'], "javascript: history.go(-1);", false);
337
		exit(0);
338
	}
339
	
340
	// Print post header
341
	echo str_replace($vars, $values, $setting_post_header);
342
	
343
	// Replace [wblink--PAGE_ID--] with real link
344
  	$wb->preprocess($post_long);
345
	// Print long
346
	echo $post_long;
347
	
348
	// Print post footer
349
	echo str_replace($vars, $values, $setting_post_footer);
350
	
351
	// Show comments section if we have to
352
	if(($post['commenting'] == 'private' AND isset($wb) AND $wb->is_authenticated() == true) OR $post['commenting'] == 'public') {
353
		
354
		// Print comments header
355
		$vars = array('[ADD_COMMENT_URL]','[TEXT_COMMENTS]');
356
		$values = array(WB_URL.'/modules/news/comment.php?id='.POST_ID.'&amp;sid='.$section_id, $MOD_NEWS['TEXT_COMMENTS']);
357
		echo str_replace($vars, $values, $setting_comments_header);
358
		
359
		// Query for comments
360
		$query_comments = $database->query("SELECT title,comment,commented_when,commented_by FROM ".TABLE_PREFIX."mod_news_comments WHERE post_id = '".POST_ID."' ORDER BY commented_when ASC");
361
		if($query_comments->numRows() > 0) {
362
			while($comment = $query_comments->fetchRow()) {
363
				// Display Comments without slashes, but with new-line characters
364
				$comment['comment'] = nl2br($wb->strip_slashes($comment['comment']));
365
				$comment['title'] = $wb->strip_slashes($comment['title']);
366
				// Print comments loop
367
				$commented_date = gmdate(DATE_FORMAT, $comment['commented_when']+TIMEZONE);
368
				$commented_time = gmdate(TIME_FORMAT, $comment['commented_when']+TIMEZONE);
369
				$uid = $comment['commented_by'];
370
				$vars = array('[TITLE]','[COMMENT]','[TEXT_ON]','[DATE]','[TEXT_AT]','[TIME]','[TEXT_BY]','[USER_ID]','[USERNAME]','[DISPLAY_NAME]', '[EMAIL]');
371
				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
372
					$values = array(($comment['title']), ($comment['comment']), $MOD_NEWS['TEXT_ON'], $commented_date, $MOD_NEWS['TEXT_AT'], $commented_time, $MOD_NEWS['TEXT_BY'], $uid, ($users[$uid]['username']), ($users[$uid]['display_name']), ($users[$uid]['email']));
373
				} else {
374
					$values = array(($comment['title']), ($comment['comment']), $MOD_NEWS['TEXT_ON'], $commented_date, $MOD_NEWS['TEXT_AT'], $commented_time, $MOD_NEWS['TEXT_BY'], '0', strtolower($TEXT['UNKNOWN']), $TEXT['UNKNOWN'], '');
375
				}
376
				echo str_replace($vars, $values, $setting_comments_loop);
377
			}
378
		} else {
379
			// Say no comments found
380
			$content = '';
381
			if(isset($TEXT['NONE_FOUND'])) {
382
				$content .= '<tr><td>'.$TEXT['NONE_FOUND'].'<br /></td></tr>';
383
			} else {
384
				$content .= '<tr><td>None Found<br /></td></tr>';
385
			}
386
		}
387
		
388
		// Print comments footer
389
		$vars = array('[ADD_COMMENT_URL]','[TEXT_ADD_COMMENT]');
390
		$values = array(WB_URL.'/modules/news/comment.php?id='.POST_ID.'&amp;sid='.$section_id, $MOD_NEWS['TEXT_ADD_COMMENT']);
391
		echo str_replace($vars, $values, $setting_comments_footer);
392
	}
393
	if(ENABLED_ASP) {
394
		$_SESSION['comes_from_view'] = POST_ID;
395
		$_SESSION['comes_from_view_time'] = time();
396
	}
397
}
398

  
387 399
?>

Also available in: Unified diff