author | Dan |
Tue, 15 Jul 2008 11:38:12 -0400 | |
changeset 11 | 059a5a8566fc |
parent 5 | 172544257e2c |
permissions | -rw-r--r-- |
0
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
1 |
<?php |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
2 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
3 |
/* |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
4 |
* Nuggie |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
5 |
* Version 0.1 |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
6 |
* Copyright (C) 2007 Dan Fuhry |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
7 |
* |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
10 |
* |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
13 |
*/ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
14 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
15 |
function nuggie_user_cp($section) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
16 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
17 |
global $db, $session, $paths, $template, $plugins; // Common objects |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
18 |
if ( $section != 'Blog' ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
19 |
return false; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
20 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
21 |
if ( getConfig('nuggie_installed') != '1' ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
22 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
23 |
echo '<h3>Nuggie not installed</h3>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
24 |
echo '<p>It looks like Nuggie isn\'t installed yet. You\'ll need to <a href="' . makeUrlNS('Special', 'NuggieInstall') . '">install Nuggie</a> before you can do anything more.</p>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
25 |
return true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
26 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
27 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
28 |
$subsection = $paths->getParam(1); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
29 |
$initted = true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
30 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
31 |
$q = $db->sql_query('SELECT blog_id, blog_name, blog_subtitle, blog_type, allowed_users FROM ' . table_prefix . "blogs WHERE user_id = {$session->user_id};"); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
32 |
if ( !$q ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
33 |
$db->_die('Nuggie User CP selecting blog info'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
34 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
35 |
if ( $db->numrows() < 1 ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
36 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
37 |
$subsection = 'Settings'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
38 |
$initted = false; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
39 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
40 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
41 |
list(, $blog_name, $blog_desc, $blog_type, $allowed_users) = $db->fetchrow_num($q); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
42 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
43 |
switch($subsection) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
44 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
45 |
case false: |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
46 |
case 'Home': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
47 |
echo 'module Home'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
48 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
49 |
case 'Settings': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
50 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
51 |
switch ( isset($_POST['do_save']) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
52 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
53 |
// We're doing this so we can break out if we need to (if form validation fails) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
54 |
case true: |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
55 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
56 |
$errors = array(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
57 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
58 |
$blog_name = trim($_POST['blog_name']); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
59 |
$blog_desc = trim($_POST['blog_desc']); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
60 |
$blog_access = trim($_POST['blog_access']); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
61 |
$allowed_users = $_POST['allowed_users']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
62 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
63 |
if ( empty($blog_name) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
64 |
$errors[] = 'Please enter a name for your blog.'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
65 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
66 |
if ( !in_array($blog_access, array('public', 'private')) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
67 |
$errors[] = 'Hacking attempt on blog_access: must be one of public, private.'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
68 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
69 |
if ( count($allowed_users) > 500 ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
70 |
$errors[] = 'You\'re asking that an unreasonable number of users have access to this blog. If you really have that many readers, you may want to ask the administrator of this site to make a usergroup with read access to your blog.'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
71 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
72 |
if ( count($allowed_users) < 1 && $blog_access == 'private' ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
73 |
$errors[] = 'Please enter at least one username that will have access to your blog. Note that your account always has access to your blog.'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
74 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
75 |
if ( $blog_access == 'public' ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
76 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
77 |
$allowed_users = 'NULL'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
78 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
79 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
80 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
81 |
if ( is_array($allowed_users) && count($errors) < 1 ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
82 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
83 |
$allowed_users = array_values(array_unique($allowed_users)); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
84 |
foreach ( $allowed_users as $i => $_ ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
85 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
86 |
if ( empty( $allowed_users[$i] ) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
87 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
88 |
unset($allowed_users[$i]); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
89 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
90 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
91 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
92 |
$allowed_users[$i] = $db->escape($allowed_users[$i]); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
93 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
94 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
95 |
$fragment = "username='" . implode("' OR username='", $allowed_users) . "'"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
96 |
$e = $db->sql_query('SELECT COUNT(username) AS num_valid FROM ' . table_prefix . "users WHERE $fragment;"); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
97 |
if ( !$e ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
98 |
$db->_die('Nuggie user CP validating usernames'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
99 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
100 |
$row = $db->fetchrow(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
101 |
if ( intval($row['num_valid']) != count($allowed_users) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
102 |
$errors[] = 'One or more of the usernames you entered does not exist.'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
103 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
104 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
105 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
106 |
$errors[] = 'Invalid datatype on allowed_users.'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
107 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
108 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
109 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
110 |
if ( count($errors) > 0 ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
111 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
112 |
$initted = true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
113 |
echo '<div class="error-box" style="margin: 0 0 10px 0"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
114 |
<b>The following problems prevented your blog settings from being saved:</b> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
115 |
<ul> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
116 |
<li> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
117 |
' . implode("</li>\n <li>", $errors) . ' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
118 |
</li> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
119 |
</ul> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
120 |
</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
121 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
122 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
123 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
124 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
125 |
// Save changes |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
126 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
127 |
if ( !is_string($allowed_users) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
128 |
$allowed_users = "'" . $db->escape( serialize($allowed_users) ) . "'"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
129 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
130 |
$blog_name = $db->escape($blog_name); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
131 |
$blog_desc = $db->escape($blog_desc); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
132 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
133 |
if ( $initted ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
134 |
{ |
11
059a5a8566fc
Fixed WHERE user_id = ... not specified in user CP blog settings save
Dan
parents:
5
diff
changeset
|
135 |
$sql = 'UPDATE ' . table_prefix . "blogs SET blog_name = '$blog_name', blog_subtitle = '$blog_desc', blog_type = '$blog_access', allowed_users = $allowed_users WHERE user_id = {$session->user_id};"; |
0
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
136 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
137 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
138 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
139 |
$sql = 'INSERT INTO ' . table_prefix . 'blogs(blog_name, blog_subtitle, blog_type, allowed_users, user_id)' . |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
140 |
"\n VALUES ( '$blog_name', '$blog_desc', '$blog_access', $allowed_users, {$session->user_id} );"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
141 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
142 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
143 |
if ( $db->sql_query($sql) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
144 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
145 |
echo '<div class="info-box" style="margin: 0 0 10px 0;">' . |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
146 |
( $initted ? 'Your changes have been saved.' : 'Your blog has been created; you can now |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
147 |
<a href="' . makeUrlNS('Special', 'Preferences/Blog/Write', false, true) . '">start writing some posts</a> and |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
148 |
then <a href="' . makeUrlNS('Blog', $session->username, false, true) . '">view your blog</a>.' ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
149 |
. '</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
150 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
151 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
152 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
153 |
$db->_die('Nuggie user CP saving settings'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
154 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
155 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
156 |
// Re-select the blog data |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
157 |
$db->free_result($q); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
158 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
159 |
$q = $db->sql_query('SELECT blog_id, blog_name, blog_subtitle, blog_type, allowed_users FROM ' . table_prefix . "blogs WHERE user_id = {$session->user_id};"); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
160 |
if ( !$q ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
161 |
$db->_die('Nuggie User CP selecting blog info'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
162 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
163 |
list(, $blog_name, $blog_desc, $blog_type, $allowed_users) = $db->fetchrow_num($q); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
164 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
165 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
166 |
$initted = true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
167 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
168 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
169 |
if ( !$initted ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
170 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
171 |
echo '<div class="error-box" style="margin: 0 0 10px 0;"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
172 |
<b>It looks like your blog isn\'t set up yet.</b><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
173 |
You\'ll need to set up your blog by entering some basic information here before you can write any posts. |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
174 |
</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
175 |
$blog_name = htmlspecialchars($session->username) . "'s blog"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
176 |
$blog_desc = ''; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
177 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
178 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
179 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
180 |
$blog_name = htmlspecialchars(strtr($blog_name, array('"' => '"'))); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
181 |
$blog_desc = htmlspecialchars(strtr($blog_desc, array('"' => '"'))); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
182 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
183 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
184 |
if ( !isset($blog_type) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
185 |
$blog_type = 'public'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
186 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
187 |
if ( !isset($allowed_users) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
188 |
$allowed_users = serialize(array()); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
189 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
190 |
$form_action = makeUrlNS('Special', 'Preferences/Blog/Settings', false, true); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
191 |
echo "<form action=\"$form_action\" method=\"post\" enctype=\"multipart/form-data\">"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
192 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
193 |
?> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
194 |
<div class="tblholder"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
195 |
<table border="0" cellspacing="1" cellpadding="4"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
196 |
<tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
197 |
<th colspan="2"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
198 |
<?php echo ( $initted ) ? 'Manage blog settings' : 'Create blog'; ?> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
199 |
</th> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
200 |
</tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
201 |
<tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
202 |
<td class="row2"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
203 |
Blog name: |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
204 |
</td> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
205 |
<td class="row1"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
206 |
<input type="text" name="blog_name" size="60" value="<?php echo $blog_name; ?>" tabindex="1" /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
207 |
</td> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
208 |
</tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
209 |
<tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
210 |
<td class="row2"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
211 |
Blog description:<br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
212 |
<small>You're best off keeping this short and sweet.</small> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
213 |
</td> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
214 |
<td class="row1"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
215 |
<input type="text" name="blog_desc" size="60" value="<?php echo $blog_desc; ?>" tabindex="2" /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
216 |
</td> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
217 |
</tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
218 |
<tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
219 |
<td class="row2"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
220 |
Blog access: |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
221 |
</td> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
222 |
<td class="row1"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
223 |
<label><input onclick="$('nuggie_allowed_users').object.style.display='none';" tabindex="3" type="radio" name="blog_access" value="public"<?php echo ( $blog_type == 'public' ) ? ' checked="checked"' : ''; ?> /> Let everyone read my blog</label><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
224 |
<label><input onclick="$('nuggie_allowed_users').object.style.display='block';" tabindex="4" type="radio" name="blog_access" value="private"<?php echo ( $blog_type == 'private' ) ? ' checked="checked"' : ''; ?> /> Only allow the users I list below</label><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
225 |
<small style="margin-left: 33px;">Administrators can always read all blogs, including private ones.</small> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
226 |
<div id="nuggie_allowed_users"<?php echo ( $blog_type == 'public' ) ? ' style="display: none;"' : ''; ?>> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
227 |
<?php |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
228 |
if ( $initted ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
229 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
230 |
$allowed_users = unserialize($allowed_users); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
231 |
foreach ( $allowed_users as $user ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
232 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
233 |
echo '<input type="text" name="allowed_users[]" tabindex="5" value="' . $user . '" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br />'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
234 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
235 |
echo '<input type="text" name="allowed_users[]" tabindex="5" value="" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br />'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
236 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
237 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
238 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
239 |
?> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
240 |
<input type="text" name="allowed_users[]" tabindex="5" value="" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
241 |
<input type="text" name="allowed_users[]" tabindex="5" value="" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
242 |
<input type="text" name="allowed_users[]" tabindex="5" value="" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
243 |
<input type="text" name="allowed_users[]" tabindex="5" value="" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
244 |
<input type="text" name="allowed_users[]" tabindex="5" value="" size="25" style="margin-bottom: 5px;" onkeyup="new AutofillUsername(this);" /><br /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
245 |
<?php |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
246 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
247 |
?> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
248 |
<input type="button" tabindex="6" onclick="var x = document.createElement('input'); x.tabindex = '5'; x.onkeyup = function() { new AutofillUsername(this); }; x.size='25'; x.style.marginBottom='5px'; x.type='text'; x.name='allowed_users[]'; $('nuggie_allowed_users').object.insertBefore(x, this); $('nuggie_allowed_users').object.insertBefore(document.createElement('br'), this); x.focus();" value="+ Add another" /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
249 |
</div> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
250 |
</td> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
251 |
</tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
252 |
<tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
253 |
<th class="subhead" colspan="2"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
254 |
<input tabindex="7" type="submit" name="do_save" value="<?php echo ( $initted ) ? 'Save changes' : 'Create my blog »' ?>" /> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
255 |
</th> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
256 |
</tr> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
257 |
</table> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
258 |
</div> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
259 |
<?php |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
260 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
261 |
echo '</form>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
262 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
263 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
264 |
case 'Posts': |
3
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
265 |
if ( $paths->getParam(2) == 'AjaxHandler' ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
266 |
{ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
267 |
ob_end_clean(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
268 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
269 |
if ( !isset($_POST['act']) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
270 |
die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
271 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
272 |
switch($_POST['act']) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
273 |
{ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
274 |
case 'delete': |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
275 |
header('Content-type: application/json'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
276 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
277 |
if ( !isset($_POST['post_id']) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
278 |
die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
279 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
280 |
if ( strval(intval($_POST['post_id'])) !== $_POST['post_id'] ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
281 |
die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
282 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
283 |
// make sure it's ok |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
284 |
$post_id =& $_POST['post_id']; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
285 |
$post_id = intval($post_id); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
286 |
$q = $db->sql_query('SELECT post_author FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
287 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
288 |
$db->die_json(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
289 |
if ( $db->numrows() < 1 ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
290 |
die('That post doesn\'t exist.'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
291 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
292 |
list($author) = $db->fetchrow_num(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
293 |
$author = intval($author); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
294 |
if ( $author !== $session->user_id && !$session->get_permissions('nuggie_edit_other') ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
295 |
die('No permissions'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
296 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
297 |
// try to delete the post... |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
298 |
$q = $db->sql_query('DELETE FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
299 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
300 |
$db->die_json(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
301 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
302 |
echo '1'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
303 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
304 |
break; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
305 |
case 'publish': |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
306 |
if ( !isset($_POST['post_id']) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
307 |
die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
308 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
309 |
if ( strval(intval($_POST['post_id'])) !== $_POST['post_id'] ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
310 |
die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
311 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
312 |
if ( !in_array(@$_POST['state'], array('0', '1')) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
313 |
die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
314 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
315 |
$state = intval($_POST['state']); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
316 |
$post_id =& $_POST['post_id']; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
317 |
$post_id = intval($post_id); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
318 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
319 |
// validate permissions |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
320 |
$q = $db->sql_query('SELECT post_author FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
321 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
322 |
$db->die_json(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
323 |
if ( $db->numrows() < 1 ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
324 |
die('That post doesn\'t exist.'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
325 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
326 |
list($author) = $db->fetchrow_num(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
327 |
$author = intval($author); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
328 |
if ( $author !== $session->user_id && !$session->get_permissions('nuggie_edit_other') ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
329 |
die('No permissions'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
330 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
331 |
// try to delete the post... |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
332 |
$q = $db->sql_query('UPDATE ' . table_prefix . 'blog_posts SET post_published = ' . $state . ' WHERE post_id = ' . $post_id . ';'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
333 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
334 |
$db->die_json(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
335 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
336 |
echo "good;$state"; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
337 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
338 |
break; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
339 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
340 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
341 |
$db->close(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
342 |
exit(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
343 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
344 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
345 |
if ( isset($_POST['action']) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
346 |
{ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
347 |
$action =& $_POST['action']; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
348 |
// Parse parameters |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
349 |
if ( strpos($action, ';') ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
350 |
{ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
351 |
// Parameter section |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
352 |
$parms = substr($action, strpos($action, ';') + 1); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
353 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
354 |
// Action name section |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
355 |
$action = substr($action, 0, strpos($action, ';')); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
356 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
357 |
// Match all parameters |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
358 |
preg_match_all('/([a-z0-9_]+)=(.+?)(;|$)/', $parms, $matches); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
359 |
$parms = array(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
360 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
361 |
// For each full parameter, assign $parms an associative value |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
362 |
foreach ( $matches[0] as $i => $_ ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
363 |
{ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
364 |
$parm = $matches[2][$i]; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
365 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
366 |
// Is this parameter in the form of an integer? |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
367 |
// (designed to ease validation later) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
368 |
if ( preg_match('/^[0-9]+$/', $parm) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
369 |
// Yes, run intval(), this enabling is_int()-ish checks |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
370 |
$parm = intval($parm); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
371 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
372 |
$parms[$matches[1][$i]] = $parm; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
373 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
374 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
375 |
switch ( $action ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
376 |
{ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
377 |
case 'edit': |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
378 |
if ( !is_int(@$parms['id']) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
379 |
break; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
380 |
// This is hackish. Really, REALLY hackish. |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
381 |
$_SERVER['PATH_INFO'] = '.../' . $paths->nslist['Special'] . 'Preferences/Blog/Write/' . $parms['id']; |
4 | 382 |
$_GET['title'] = $paths->nslist['Special'] . 'Preferences/Blog/Write/' . $parms['id']; |
3
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
383 |
nuggie_user_cp('Blog'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
384 |
return true; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
385 |
break; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
386 |
case 'delete': |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
387 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
388 |
if ( !is_int(@$parms['id']) ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
389 |
break; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
390 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
391 |
// make sure it's ok |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
392 |
$post_id = $parms['id']; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
393 |
$post_id = intval($post_id); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
394 |
$q = $db->sql_query('SELECT post_author FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
395 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
396 |
$db->_die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
397 |
if ( $db->numrows() < 1 ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
398 |
die('That post doesn\'t exist.'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
399 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
400 |
list($author) = $db->fetchrow_num(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
401 |
$author = intval($author); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
402 |
if ( $author !== $session->user_id && !$session->get_permissions('nuggie_edit_other') ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
403 |
die('No permissions'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
404 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
405 |
// try to delete the post... |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
406 |
$q = $db->sql_query('DELETE FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
407 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
408 |
$db->_die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
409 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
410 |
echo '<div class="info-box" style="margin: 0 0 0 0;">Post deleted.</div>'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
411 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
412 |
break; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
413 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
414 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
415 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
416 |
// include some javascript for management |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
417 |
echo '<script type="text/javascript" src="' . scriptPath . '/plugins/nuggie/client/usercp.js"></script>'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
418 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
419 |
// the form |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
420 |
// +------------------+------------+------+-----+---------+----------------+ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
421 |
// | Field | Type | Null | Key | Default | Extra | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
422 |
// +------------------+------------+------+-----+---------+----------------+ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
423 |
// | post_id | int(15) | NO | PRI | NULL | auto_increment | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
424 |
// | post_title | text | NO | | | | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
425 |
// | post_title_clean | text | NO | | | | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
426 |
// | post_author | int(12) | NO | | 1 | | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
427 |
// | post_text | longtext | NO | | | | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
428 |
// | post_timestamp | int(32) | NO | | 0 | | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
429 |
// | post_published | tinyint(1) | NO | | 0 | | |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
430 |
// +------------------+------------+------+-----+---------+----------------+ |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
431 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
432 |
echo '<form action="' . makeUrlNS('Special', 'Preferences/Blog/Posts') . '" method="post">'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
433 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
434 |
$q = $db->sql_query('SELECT post_id, post_title, post_title_clean, post_timestamp, post_published FROM ' . table_prefix . 'blog_posts WHERE post_author = ' . $session->user_id . ' ORDER BY post_timestamp DESC;'); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
435 |
if ( !$q ) |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
436 |
$db->_die(); |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
437 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
438 |
echo '<div class="tblholder"> |
5
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
439 |
<table border="0" cellspacing="1" cellpadding="4" id="nuggie_postlist">'; |
3
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
440 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
441 |
echo '<tr> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
442 |
<th style="width: 1px;">#</th> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
443 |
<th style="width: 80%;">Post title</th> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
444 |
<th>Published</th> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
445 |
<th>Time</th> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
446 |
<th colspan="2"></th> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
447 |
</tr>'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
448 |
|
5
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
449 |
if ( $row = $db->fetchrow() ) |
3
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
450 |
{ |
5
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
451 |
do |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
452 |
{ |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
453 |
echo '<tr>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
454 |
|
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
455 |
$uri = makeUrlNS('Blog', $session->username . date('/Y/n/j/', $row['post_timestamp']) . $row['post_title_clean'], false, true); |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
456 |
|
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
457 |
echo '<td class="row2" style="text-align: center;">' . $row['post_id'] . '</td>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
458 |
echo '<td class="row1">' . "<a href=\"$uri\">" . htmlspecialchars($row['post_title']) . '</a></td>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
459 |
$cls = ( $row['post_published'] == 1 ) ? 'row3_green' : 'row3_red'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
460 |
echo '<td class="' . $cls . ' nuggie_publishbtn" onclick="ajaxNuggieTogglePublished(' . $row['post_id'] . ', this);" nuggie:published="' . $row['post_published'] . '" style="text-align: center;">' . ( ( $row['post_published'] == 1 ) ? '<b>Yes</b>' : 'No' ) . '</td>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
461 |
echo '<td class="row3" style="white-space: nowrap;">' . ( function_exists('enano_date') ? enano_date('Y-m-d', $row['post_timestamp']) : date('Y-m-d h:i', $row['post_timestamp']) ) . '</td>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
462 |
echo '<td class="row1" style="white-space: nowrap;"><button class="nuggie_edit" name="action" value="edit;id=' . $row['post_id'] . '">Edit</button> <button class="nuggie_delete" name="action" onclick="return ajaxNuggieDeletePost(' . $row['post_id'] . ', this.parentNode.parentNode);" value="delete;id=' . $row['post_id'] . '">Delete</button></td>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
463 |
|
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
464 |
echo '</tr>'; |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
465 |
} while ( $row = $db->fetchrow() ); |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
466 |
} |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
467 |
else |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
468 |
{ |
172544257e2c
Merging changes from Nighthawk - visual tweak to post manager
Dan
parents:
4
diff
changeset
|
469 |
echo '<tr><td class="row3" colspan="6" style="text-align: center;">No posts.</td></tr>'; |
3
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
470 |
} |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
471 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
472 |
echo ' </table> |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
473 |
</div>'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
474 |
|
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
475 |
echo '</form>'; |
a050ff3d4509
Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress.
Dan
parents:
0
diff
changeset
|
476 |
|
0
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
477 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
478 |
case 'Write': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
479 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
480 |
$post_text = ''; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
481 |
$post_title = 'Post title'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
482 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
483 |
$post_id = $paths->getParam(2); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
484 |
if ( isset($_POST['post_id']) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
485 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
486 |
$post_id = $_POST['post_id']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
487 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
488 |
if ( $post_id ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
489 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
490 |
/* |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
491 |
* FIXME: Validate blog public/private status before sending text |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
492 |
* FIXME: Avoid ambiguous post_title_cleans through appending numbers when needed |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
493 |
*/ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
494 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
495 |
$post_id = intval($post_id); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
496 |
$q = $db->sql_query('SELECT p.post_id, p.post_title, p.post_title_clean, p.post_author, p.post_text, p.post_timestamp, u.username ' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
497 |
. 'FROM ' . table_prefix . 'blog_posts AS p' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
498 |
. ' LEFT JOIN ' . table_prefix . 'users AS u' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
499 |
. ' ON ( p.post_author = u.user_id )' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
500 |
. ' WHERE post_id = ' . $post_id . ';'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
501 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
502 |
if ( !$q ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
503 |
$db->_die('Nuggie user CP obtaining post info'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
504 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
505 |
if ( $db->numrows() > 0 ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
506 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
507 |
$row = $db->fetchrow(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
508 |
if ( $session->user_id != $row['post_author'] ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
509 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
510 |
// We have a possible security issue on our hands - the user is trying |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
511 |
// to edit someone else's post. Verify read and write permissions. |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
512 |
$post_page_id = "{$row['post_timestamp']}_{$row['post_id']}"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
513 |
$perms = $session->fetch_page_acl($post_page_id, 'Blog'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
514 |
if ( !$perms->get_permissions('read') || !$perms->get_permissions('nuggie_edit_other') ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
515 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
516 |
echo '<h3>Post editing error</h3>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
517 |
echo '<p>You do not have permission to edit this blog post.</p>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
518 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
519 |
unset($row); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
520 |
unset($row); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
521 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
522 |
$db->free_result(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
523 |
// Break out of this entire user CP module |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
524 |
return true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
525 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
526 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
527 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
528 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
529 |
$post_page_id = "{$row['post_timestamp']}_{$row['post_id']}"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
530 |
$perms = $session->fetch_page_acl($post_page_id, 'Blog'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
531 |
if ( !$perms->get_permissions('nuggie_edit_own') || !$perms->get_permissions('read') ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
532 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
533 |
echo '<h3>Post editing error</h3>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
534 |
echo '<p>You do not have permission to edit this blog post.</p>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
535 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
536 |
unset($row); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
537 |
unset($row); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
538 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
539 |
$db->free_result(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
540 |
// Break out of this entire user CP module |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
541 |
return true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
542 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
543 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
544 |
// We have permission - load post |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
545 |
$post_title = $row['post_title']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
546 |
$post_text = $row['post_text']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
547 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
548 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
549 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
550 |
if ( isset($_POST['submit']) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
551 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
552 |
switch($_POST['submit']) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
553 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
554 |
case 'save_publish': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
555 |
$publish = '1'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
556 |
case 'save_draft': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
557 |
if ( !isset($publish) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
558 |
$publish = '0'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
559 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
560 |
$save_post_text = $_POST['post_text']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
561 |
$save_post_title = $db->escape($_POST['post_title']); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
562 |
$save_post_title_clean = $db->escape(nuggie_sanitize_title($_POST['post_title'])); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
563 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
564 |
$save_post_text = RenderMan::preprocess_text($save_post_text, true, true); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
565 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
566 |
if ( $post_id ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
567 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
568 |
$sql = 'UPDATE ' . table_prefix . "blog_posts SET post_title = '$save_post_title', post_title_clean = '$save_post_title_clean', post_text = '$save_post_text', post_published = $publish WHERE post_id = $post_id;"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
569 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
570 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
571 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
572 |
$time = time(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
573 |
$sql = 'INSERT INTO ' . table_prefix . 'blog_posts ( post_title, post_title_clean, post_text, post_author, post_timestamp, post_published ) ' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
574 |
. "VALUES ( '$save_post_title', '$save_post_title_clean', '$save_post_text', {$session->user_id}, $time, $publish );"; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
575 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
576 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
577 |
if ( $db->sql_query($sql) ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
578 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
579 |
echo '<div class="info-box" style="margin: 0 0 10px 0;"> |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
580 |
' . ( $publish == '1' ? 'Your post has been published.' : 'Your post has been saved.' ) . ' |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
581 |
</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
582 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
583 |
else |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
584 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
585 |
$db->_die('Nuggie user CP running post-save query'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
586 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
587 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
588 |
if ( !$post_id ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
589 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
590 |
$post_id = $db->insert_id(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
591 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
592 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
593 |
$post_title = $_POST['post_title']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
594 |
$post_text = $_POST['post_text']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
595 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
596 |
case 'preview': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
597 |
$preview_text = $_POST['post_text']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
598 |
$preview_text = RenderMan::preprocess_text($preview_text, true, false); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
599 |
$preview_text = RenderMan::render($preview_text); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
600 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
601 |
/* |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
602 |
* FIXME: Use the real post renderer (when it's ready) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
603 |
*/ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
604 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
605 |
echo '<div style="border: 1px solid #406080; background-color: #F0F0F0; margin: 0 0 10px 0; padding: 10px; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
606 |
overflow: auto; max-height: 500px; clip: rect(0px, auto, auto, 0px);">'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
607 |
echo '<h2>Post preview</h2>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
608 |
echo '<p style="color: red;">FIXME: This does not use the real post-display API, which is not yet implemented. Eventually this should look just like a real post.</p>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
609 |
echo '<h3>' . htmlspecialchars($_POST['post_title']) . '</h3>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
610 |
echo $preview_text; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
611 |
echo '</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
612 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
613 |
$post_title = $_POST['post_title']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
614 |
$post_text = $_POST['post_text']; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
615 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
616 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
617 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
618 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
619 |
$q = $db->sql_query('SELECT post_id, post_title FROM ' . table_prefix . "blog_posts WHERE post_published = 0 AND post_author = {$session->user_id};"); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
620 |
if ( !$q ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
621 |
$db->_die('Nuggie user CP selecting draft posts'); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
622 |
if ( $db->numrows() > 0 ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
623 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
624 |
echo '<div class="mdg-infobox" style="margin: 0 0 10px 0;"><b>Your drafts:</b> '; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
625 |
$posts = array(); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
626 |
while ( $row = $db->fetchrow() ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
627 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
628 |
$posts[] = '<a href="' . makeUrlNS('Special', "Preferences/Blog/Write/{$row['post_id']}") . '">' . htmlspecialchars($row['post_title']) . '</a>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
629 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
630 |
echo implode(', ', $posts); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
631 |
echo '</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
632 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
633 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
634 |
echo '<form action="' . makeUrlNS('Special', 'Preferences/Blog/Write', false, true) . '" method="post">'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
635 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
636 |
$post_text = htmlspecialchars($post_text); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
637 |
$post_title = strtr(htmlspecialchars($post_title), array('"' => '"')); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
638 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
639 |
echo '<input type="text" name="post_title" value="' . $post_title . '" style="font-size: 16pt; margin-bottom: 10px; width: 100%;' . ( $post_title == 'Post title' ? ' color: #808080;' : '' ) . '" onfocus="if ( this.value == \'Post title\' ) { this.value = \'\'; this.style.color = null; }" onblur="if ( this.value == \'\' ) { this.value = \'Post title\'; this.style.color = \'#808080\'; } else { this.style.color = null; }" />'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
640 |
echo $template->tinymce_textarea('post_text', $post_text); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
641 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
642 |
// Buttons! |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
643 |
echo '<div style="margin-top: 10px;">'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
644 |
echo '<button name="submit" value="save_draft">Save draft</button> '; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
645 |
echo '<button name="submit" value="preview">Show preview</button> '; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
646 |
echo '<button name="submit" value="save_publish">Publish to blog</button> '; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
647 |
echo '</div>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
648 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
649 |
if ( $post_id ) |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
650 |
{ |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
651 |
echo '<input type="hidden" name="post_id" value="' . $post_id . '" />'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
652 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
653 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
654 |
echo '</form>'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
655 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
656 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
657 |
case 'Planets': |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
658 |
echo 'module Planets'; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
659 |
break; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
660 |
default: |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
661 |
return false; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
662 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
663 |
return true; |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
664 |
} |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
665 |
|
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
666 |
$plugins->attachHook("userprefs_jbox", " |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
667 |
userprefs_menu_add('My blog', 'Manage blog settings', makeUrlNS('Special', 'Preferences/Blog/Settings')); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
668 |
userprefs_menu_add('My blog', 'Manage posts', makeUrlNS('Special', 'Preferences/Blog/Posts')); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
669 |
userprefs_menu_add('My blog', 'Write new post', makeUrlNS('Special', 'Preferences/Blog/Write')); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
670 |
userprefs_menu_add('My blog', 'Manage my planets', makeUrlNS('Special', 'Preferences/Blog/Planets')); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
671 |
\$userprefs_menu_links['My blog'] = makeUrlNS('Blog', \$session->username); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
672 |
"); |
a09fb41e48d5
First commit! Woohoo! Basic status of things is in extended description.
Dan
parents:
diff
changeset
|
673 |
$plugins->attachHook("userprefs_body", "return nuggie_user_cp(\$section);"); |