weblogs_actions.php

Revision 2, 7.2 kB (checked in by sven, 3 years ago)
importing elgg-0.1.1a

Line
1	<?php
2
3	// Actions to perform
4
5	if (isset($_REQUEST['action'])) {
6
7	switch($_REQUEST['action']) {
8
9	// Create a new weblog post
10	case "weblogs:post:add": if (
11	logged_on
12	&& isset($_REQUEST['new_weblog_title'])
13	&& isset($_REQUEST['new_weblog_post'])
14	&& isset($_REQUEST['new_weblog_access'])
15	&& isset($_REQUEST['new_weblog_keywords'])
16	) {
17
18	$title = addslashes($_REQUEST['new_weblog_title']);
19	$body = addslashes($_REQUEST['new_weblog_post']);
20	$access = addslashes($_REQUEST['new_weblog_access']);
21	db_query("insert into weblog_posts
22	set title = '$title',
23	body = '$body',
24	access = '$access',
25	posted = ".time().",
26	owner = ".$_SESSION['userid']);
27	$insert_id = db_id();
28	if ($_REQUEST['new_weblog_keywords'] != "") {
29	$value = $_REQUEST['new_weblog_keywords'];
30	$value = str_replace("\n","",$value);
31	$value = str_replace("\r","",$value);
32	$keyword_list = explode(",",$value);
33	sort($keyword_list);
34	if (sizeof($keyword_list) > 0) {
35	foreach($keyword_list as $key => $list_item) {
36	$list_item = addslashes(trim($list_item));
37	db_query("insert into tags set tagtype = 'weblog', access = '$access', tag = '$list_item', ref = $insert_id, owner = " . $_SESSION['userid']);
38	}
39	}
40	}
41	$messages[] = "Your post has been added to your weblog.";
42	define('redirect_url',url . $_SESSION['username'] . "/weblog/");
43	}
44	break;
45	// Edit a weblog post
46	case "weblogs:post:edit": if (
47	logged_on
48	&& isset($_REQUEST['edit_weblog_title'])
49	&& isset($_REQUEST['new_weblog_post'])
50	&& isset($_REQUEST['edit_weblog_access'])
51	&& isset($_REQUEST['edit_weblog_post_id'])
52	&& isset($_REQUEST['edit_weblog_keywords'])
53	) {
54	$id = (int) $_REQUEST['edit_weblog_post_id'];
55	$title = addslashes($_REQUEST['edit_weblog_title']);
56	$body = addslashes($_REQUEST['new_weblog_post']);
57	$access = addslashes($_REQUEST['edit_weblog_access']);
58	$exists = db_query("select count(ident) as post_exists
59	from weblog_posts
60	where ident = $id and
61	owner = ".$_SESSION['userid']);
62	$exists = $exists[0]->post_exists;
63	if ($exists) {
64	db_query("update weblog_posts
65	set title = '$title',
66	body = '$body',
67	access = '$access'
68	where ident = $id");
69	db_query("delete from tags where tagtype = 'weblog' and ref = $id");
70	if ($_REQUEST['edit_weblog_keywords'] != "") {
71	$value = $_REQUEST['edit_weblog_keywords'];
72	$value = str_replace("\n","",$value);
73	$value = str_replace("\r","",$value);
74	$keyword_list = explode(",",$value);
75	sort($keyword_list);
76	if (sizeof($keyword_list) > 0) {
77	foreach($keyword_list as $key => $list_item) {
78	$list_item = addslashes(trim($list_item));
79	db_query("insert into tags set tagtype = 'weblog', access = '$access', tag = '$list_item', ref = $id, owner = " . $_SESSION['userid']);
80	}
81	}
82	}
83	$messages[] = "Your post has been modified.";
84	}
85
86	}
87	break;
88	// Delete a weblog post
89	case "delete_weblog_post": if (
90	logged_on
91	&& isset($_REQUEST['delete_post_id'])
92	) {
93	$id = (int) $_REQUEST['delete_post_id'];
94	$post_info= db_query("select * from weblog_posts where ident = $id");
95	if ($post_info[0]->owner == $_SESSION['userid']) {
96	db_query("delete from weblog_posts where ident = $id");
97	db_query("delete from weblog_comments where post_id = $id");
98	db_query("delete from tags where tagtype = 'weblog' and ref = $id");
99	$messages[] = "Your weblog post was deleted.";
100	} else {
101	$messages[] = "You do not appear to own this weblog post. It was not deleted.";
102	}
103	global $redirect_url;
104	$redirect_url = url . $_SESSION['username'] . "/weblog/";
105	define('redirect_url',$redirect_url);
106	}
107	break;
108	// Create a weblog comment
109	case "weblogs:comment:add": if (
110	isset($_REQUEST['post_id'])
111	&& isset($_REQUEST['new_weblog_comment'])
112	&& isset($_REQUEST['postedname'])
113	&& isset($_REQUEST['owner'])
114	) {
115	$post_id = (int) $_REQUEST['post_id'];
116	$where = run("users:access_level_sql_where",$_SESSION['userid']);
117	$post = db_query("select ident from weblog_posts where ($where) and ident = $post_id");
118	if (sizeof($post) > 0) {
119
120	$post_id = (int) $_REQUEST['post_id'];
121	$body = addslashes($_REQUEST['new_weblog_comment']);
122	$postedname = addslashes($_REQUEST['postedname']);
123	$owner = (int) $_SESSION['userid'];
124	$posted = time();
125	db_query("insert into weblog_comments
126	set body = '$body',
127	posted = $posted,
128	postedname = '$postedname',
129	owner = $owner,
130	post_id = $post_id");
131	$messages[] = "Your comment has been added.";
132
133	}
134	}
135	break;
136	// Delete a weblog comment
137	case "weblog_comment_delete": if (
138	logged_on
139	&& isset($_REQUEST['weblog_comment_delete'])
140	) {
141	$comment_id = (int) $_REQUEST['weblog_comment_delete'];
142	$commentinfo = db_query("select weblog_comments.*, weblog_posts.owner as postowner,
143	weblog_posts.ident as postid
144	from weblog_comments
145	left join weblog_posts on weblog_posts.ident = weblog_comments.post_id
146	where weblog_comments.ident = $comment_id");
147	$commentinfo = $commentinfo[0];
148	if ($_SESSION['userinfo'] == $commentinfo->owner
149	\|\| $_SESSION['userinfo'] == $comentinfo->postowner) {
150	db_query("delete from weblog_comments where ident = $comment_id");
151	$messages[] = "Your comment was deleted.";
152	$redirect_url = url . run("users:id_to_name",$commentinfo->postowner) . "/weblog/" . $commentinfo->postid . ".html";
153	define('redirect_url',$redirect_url);
154	}
155	}
156	break;
157
158	}
159
160	}
161
162	?>

Note: See TracBrowser for help on using the browser.

root/releases/0.1.1b/units/weblogs/weblogs_actions.php

Download in other formats:

Developers

Discuss

Specialised

Featured