weblogs_actions.php

Revision 136, 9.5 kB (checked in by sven, 3 years ago)
static rss - files, profile and weblog rss now use it. could do with a way of deliberately triggering a republish, as upgrades will have 404s until users update their files/weblogs.
Property svn:eol-style set to `native`

Line
1	<?php
2
3	// Actions to perform
4
5	if (isset($_REQUEST['action'])) {
6
7	switch($_REQUEST['action']) {
8
9	// Create a new weblog post
10	case "weblogs:post:add":
11	if (
12	logged_on
13	&& isset($_REQUEST['new_weblog_title'])
14	&& isset($_REQUEST['new_weblog_post'])
15	&& isset($_REQUEST['new_weblog_access'])
16	&& isset($_REQUEST['new_weblog_keywords'])
17	&& run("permissions:check", "weblog")
18	) {
19	$title = trim($_REQUEST['new_weblog_title']);
20	$body = trim($_REQUEST['new_weblog_post']);
21	$access = trim($_REQUEST['new_weblog_access']);
22	db_query("insert into weblog_posts
23	set title = '$title',
24	body = '$body',
25	access = '$access',
26	posted = ".time().",
27	weblog = $page_owner,
28	owner = ".$_SESSION['userid']);
29	$insert_id = db_id();
30	$value = trim(stripslashes($_REQUEST['new_weblog_keywords']));
31	if ($value != "") {
32	$value = str_replace("\n","",$value);
33	$value = str_replace("\r","",$value);
34	$keyword_list = explode(",",$value);
35	sort($keyword_list);
36	if (sizeof($keyword_list) > 0) {
37	foreach($keyword_list as $key => $list_item) {
38	$list_item = addslashes(trim($list_item));
39	db_query("insert into tags set tagtype = 'weblog', access = '$access', tag = '$list_item', ref = $insert_id, owner = " . $_SESSION['userid']);
40	}
41	}
42	}
43	$rssresult = run("weblogs:rss:publish", array($page_owner, false));
44	$rssresult = run("profile:rss:publish", array($page_owner, false));
45	if (run("users:type:get",$page_owner) == "person") {
46	$messages[] = gettext("Your post has been added to your weblog.");
47	}
48	// define('redirect_url',url . $_SESSION['username'] . "/weblog/");
49	define('redirect_url',url . run("users:id_to_name", $page_owner) . "/weblog/");
50	}
51	break;
52
53
54	// Edit a weblog post
55	case "weblogs:post:edit":
56	if (
57	logged_on
58	&& isset($_REQUEST['edit_weblog_title'])
59	&& isset($_REQUEST['new_weblog_post'])
60	&& isset($_REQUEST['edit_weblog_access'])
61	&& isset($_REQUEST['edit_weblog_post_id'])
62	&& isset($_REQUEST['edit_weblog_keywords'])
63	) {
64	$id = (int) $_REQUEST['edit_weblog_post_id'];
65	$title = trim($_REQUEST['edit_weblog_title']);
66	$body = trim($_REQUEST['new_weblog_post']);
67	$access = trim($_REQUEST['edit_weblog_access']);
68	$exists = db_query("select owner
69	from weblog_posts
70	where ident = " . $id)
71	or die(mysql_error());
72	if (is_array($exists) && count($exists)) {
73	$owner = $exists[0]->owner;
74	$exists = true;
75	} else {
76	$owner = 0;
77	$exists = false;
78	}
79
80	if (!run("permissions:check", array("weblog:edit", $owner))) {
81	$exists = false;
82	}
83
84	if ($exists) {
85	db_query("update weblog_posts
86	set title = '$title',
87	body = '$body',
88	access = '$access'
89	where ident = $id");
90	db_query("delete from tags where tagtype = 'weblog' and ref = $id");
91	$value = trim(stripslashes($_REQUEST['edit_weblog_keywords']));
92	if ($value != "") {
93	$value = str_replace("\n","",$value);
94	$value = str_replace("\r","",$value);
95	$keyword_list = explode(",",$value);
96	sort($keyword_list);
97	if (sizeof($keyword_list) > 0) {
98	foreach($keyword_list as $key => $list_item) {
99	$list_item = addslashes(trim($list_item));
100	db_query("insert into tags set tagtype = 'weblog', access = '$access', tag = '$list_item', ref = $id, owner = $owner");
101	}
102	}
103	}
104
105	$rssresult = run("weblogs:rss:publish", array($owner, false));
106	$rssresult = run("profile:rss:publish", array($owner, false));
107	$messages[] = gettext("The weblog post has been modified."); // gettext variable
108	}
109
110	}
111	break;
112
113
114	// Delete a weblog post
115	case "delete_weblog_post":
116	if (
117	logged_on
118	&& isset($_REQUEST['delete_post_id'])
119	) {
120	$id = (int) $_REQUEST['delete_post_id'];
121	$post_info = db_query("select * from weblog_posts where ident = $id");
122	$post_info = $post_info[0];
123	if (run("permissions:check", array("weblog:edit", $post_info->owner))) {
124	db_query("delete from weblog_posts where ident = $id");
125	db_query("delete from weblog_comments where post_id = $id");
126	db_query("delete from tags where tagtype = 'weblog' and ref = $id");
127	$rssresult = run("weblogs:rss:publish", array($post_info->owner, false));
128	$rssresult = run("profile:rss:publish", array($post_info->owner, false));
129	$modified2 = gettext("The selected weblog post was deleted."); // gettext variable - NOT SURE ABOUT THIS POSITION!!!
130	$messages[] = "$modified2";
131	} else {
132	$messages[] = gettext("You do not appear to have permissions to delete this weblog post. It was not deleted."); // gettext variable
133	}
134	global $redirect_url;
135	$redirect_url = url . run("users:id_to_name",$post_info->weblog) . "/weblog/";
136	define('redirect_url',$redirect_url);
137	}
138	break;
139
140
141	// Create a weblog comment
142	case "weblogs:comment:add":
143	if (
144	isset($_REQUEST['post_id'])
145	&& isset($_REQUEST['new_weblog_comment'])
146	&& isset($_REQUEST['postedname'])
147	&& isset($_REQUEST['owner'])
148	) {
149	$post_id = (int) $_REQUEST['post_id'];
150	$where = run("users:access_level_sql_where",$_SESSION['userid']);
151	$post = db_query("select ident, owner, title from weblog_posts where ($where) and ident = $post_id");
152	if (sizeof($post) > 0) {
153	if (run("spam:check",$_REQUEST['new_weblog_comment']) != true) {
154	$post = $post[0];
155	$post_id = (int) $_REQUEST['post_id'];
156	$body = trim($_REQUEST['new_weblog_comment']);
157	$postedname = trim($_REQUEST['postedname']);
158	$owner = (int) $_SESSION['userid'];
159	$posted = time();
160
161	// If we're logged on or comments are public, add one
162	if (logged_on \|\| run("users:flags:get",array("publiccomments",$post->owner))) {
163	db_query("insert into weblog_comments
164	set body = '$body',
165	posted = $posted,
166	postedname = '$postedname',
167	owner = $owner,
168	post_id = $post_id");
169
170	// If we're logged on and not the owner of this comment, add this to our watchlist
171	if (logged_on && $owner != $post->owner) {
172	db_query("delete from weblog_watchlist where weblog_post = $post_id and owner = $owner");
173	db_query("insert into weblog_watchlist
174	set owner = $owner,
175	weblog_post = $post_id");
176	}
177
178	// Email comment if applicable
179	if (run("users:flags:get",array("emailreplies",$post->owner))) {
180	$email = db_query("select email,username from users where ident = " . ((int) $post->owner));
181	if (sizeof($email) > 0) {
182	$username = $email[0]->username;
183	$email = $email[0]->email;
184	$message = gettext(sprintf("You have received a comment from %s on your blog post '%s'. It reads as follows:", $postedname, stripslashes($post->title)));
185	$message .= "\n\n\n" . stripslashes($body) . "\n\n\n";
186	$message .= gettext(sprintf("To reply and see other comments on this blog post, click here: %s", url . $username . "/weblog/" . $post->ident . ".html"));
187	$message = wordwrap($message);
188	mail(stripslashes($email), stripslashes($post->title), $message, "From: " . sitename . "<" . email . ">");
189	}
190	}
191	$messages[] = gettext("Your comment has been added."); // gettext variable
192	}
193	} else {
194	$messages[] = gettext("Your comment could not be posted. The system thought it was spam.");
195	}
196	}
197	}
198	break;
199
200
201	// Delete a weblog comment
202	case "weblog_comment_delete":
203	if (
204	logged_on
205	&& isset($_REQUEST['weblog_comment_delete'])
206	) {
207	$comment_id = (int) $_REQUEST['weblog_comment_delete'];
208	$commentinfo = db_query("select weblog_comments.*, weblog_posts.owner as postowner,
209	weblog_posts.ident as postid
210	from weblog_comments
211	left join weblog_posts on weblog_posts.ident = weblog_comments.post_id
212	where weblog_comments.ident = $comment_id");
213	$commentinfo = $commentinfo[0];
214	if ($_SESSION['userinfo'] == $commentinfo->owner
215	\|\| $_SESSION['userinfo'] == $comentinfo->postowner) {
216	db_query("delete from weblog_comments where ident = $comment_id");
217	$messages[] = gettext("Your comment was deleted.");
218	$redirect_url = url . run("users:id_to_name",$commentinfo->postowner) . "/weblog/" . $commentinfo->postid . ".html";
219	define('redirect_url',$redirect_url);
220	}
221	}
222	break;
223
224	//Mark a weblog post as interesting
225	case "weblog:interesting:on":
226	if (
227	logged_on
228	&& isset($_REQUEST['weblog_post'])
229	) {
230
231	$weblog_post = (int) $_REQUEST['weblog_post'];
232	db_query("insert into weblog_watchlist set weblog_post = $weblog_post, owner = " . $_SESSION['userid']);
233	$messages[] = gettext("This weblog post has now been added to your 'interesting' list.");
234
235	}
236	break;
237
238	//Remove an 'interesting' flag
239	case "weblog:interesting:off":
240	if (
241	logged_on
242	&& isset($_REQUEST['weblog_post'])
243	) {
244
245	$weblog_post = (int) $_REQUEST['weblog_post'];
246	db_query("delete from weblog_watchlist where weblog_post = $weblog_post and owner = " . $_SESSION['userid']);
247	$messages[] = gettext("You are no longer monitoring this weblog post.");
248
249	}
250	break;
251
252	}
253
254	}
255
256	?>

Note: See TracBrowser for help on using the browser.

root/devel-backup/units/weblogs/weblogs_actions.php

Download in other formats:

Developers

Discuss

Specialised

Featured