146 foreach ( $date_chars as $char ) |
153 foreach ( $date_chars as $char ) |
147 { |
154 { |
148 $strings["DATE_$char"] = date($char, $this->post_timestamp); |
155 $strings["DATE_$char"] = date($char, $this->post_timestamp); |
149 } |
156 } |
150 |
157 |
|
158 $permalink_params = ''; |
|
159 if ( $this->referring_planet ) |
|
160 { |
|
161 $permalink_params = "planet=" . sanitize_page_id($this->referring_planet); |
|
162 } |
|
163 |
151 $strings['POST_TITLE'] = htmlspecialchars($this->post_title); |
164 $strings['POST_TITLE'] = htmlspecialchars($this->post_title); |
152 $strings['POST_TEXT'] = RenderMan::render($this->post_text); |
165 $strings['POST_TEXT'] = RenderMan::render($this->post_text); |
153 $strings['PERMALINK'] = makeUrlNS('Blog', $this->post_author . date('/Y/n/j/', $this->post_timestamp) . $this->post_title_clean, false, true); |
166 $strings['PERMALINK'] = makeUrlNS('Blog', $this->post_author . date('/Y/n/j/', $this->post_timestamp) . $this->post_title_clean, $permalink_params, true); |
154 $strings['EDIT_LINK'] = makeUrlNS('Special', "Preferences/Blog/Write/{$this->post_id}", false, true); |
167 $strings['EDIT_LINK'] = makeUrlNS('Special', "Preferences/Blog/Write/{$this->post_id}", false, true); |
155 |
168 |
156 // if we're on an enano with user rank support, cool. if not, just don't link |
169 // if we're on an enano with user rank support, cool. if not, just don't link |
157 if ( method_exists($session, 'get_user_rank') ) |
170 if ( method_exists($session, 'get_user_rank') ) |
158 { |
171 { |
196 } |
209 } |
197 |
210 |
198 $perms = $session->fetch_page_acl("{$row['post_timestamp']}_{$row['post_id']}", 'Blog'); |
211 $perms = $session->fetch_page_acl("{$row['post_timestamp']}_{$row['post_id']}", 'Blog'); |
199 $perms->perms = $session->acl_merge($this->blog_perms->perms, $perms->perms); |
212 $perms->perms = $session->acl_merge($this->blog_perms->perms, $perms->perms); |
200 |
213 |
201 /* |
214 // if the row has information about the blog's access configuration, process it here. |
|
215 // this is only done from within planets... |
|
216 if ( isset($row['blog_type']) && isset($row['allowed_users']) ) |
|
217 { |
|
218 if ( $row['blog_type'] == 'private' ) |
|
219 { |
|
220 $users = unserialize($row['allowed_users']); |
|
221 if ( !in_array($session->user_id, $users) && !$perms->get_permissions('nuggie_see_non_public') && $row['post_author'] !== $session->user_id ) |
|
222 { |
|
223 return ' '; |
|
224 } |
|
225 } |
|
226 } |
|
227 |
202 if ( !$perms->get_permissions('read') ) |
228 if ( !$perms->get_permissions('read') ) |
203 { |
229 { |
204 return "POST {$this->post_id} DENIED"; |
230 return ' '; |
205 } |
231 } |
206 */ |
|
207 |
232 |
208 $this->post_id = intval($row['post_id']); |
233 $this->post_id = intval($row['post_id']); |
209 $this->post_title = $row['post_title']; |
234 $this->post_title = $row['post_title']; |
210 $this->post_text = $row['post_text']; |
235 $this->post_text = $row['post_text']; |
211 $this->post_author = $row['username']; |
236 $this->post_author = $row['username']; |
212 $this->post_timestamp = intval($row['post_timestamp']); |
237 $this->post_timestamp = intval($row['post_timestamp']); |
213 $this->num_comments = intval($row['num_comments']); |
238 $this->num_comments = intval($row['num_comments']); |
|
239 $this->referring_planet = ( isset($row['referring_planet']) ) ? $row['referring_planet'] : false; |
214 |
240 |
215 return $this->render_post(); |
241 return $this->render_post(); |
216 } |
242 } |
217 } |
243 } |
218 |
244 |
272 if ( $db->numrows() < 1 ) |
298 if ( $db->numrows() < 1 ) |
273 return false; |
299 return false; |
274 |
300 |
275 if ( $db->numrows() > 1 ) |
301 if ( $db->numrows() > 1 ) |
276 { |
302 { |
277 die_friendly('Ambiguous blog posts', '<p>FIXME: You have two posts with the same title posted on the same day by the same user. I was |
303 die_friendly('Ambiguous blog posts', '<p>[fixme] You have two posts with the same title posted on the same day by the same user. I was |
278 not able to distinguish which post you wish to view.</p>'); |
304 not able to distinguish which post you wish to view.</p>'); |
279 } |
305 } |
280 |
306 |
281 $row = $db->fetchrow(); |
307 $row = $db->fetchrow(); |
282 |
308 |
283 $realpost = new PageProcessor($row['post_id'], 'BlogPost'); |
309 $realpost = new PageProcessor($row['post_id'], 'BlogPost'); |
|
310 $realpost->send_headers = true; |
284 |
311 |
285 // huge hack |
312 // huge hack |
286 // the goal here is to fool the page metadata system into thinking that comments are enabled. |
313 // the goal here is to fool the page metadata system into thinking that comments are enabled. |
287 $paths->cpage['comments_on'] = 1; |
314 $paths->cpage['comments_on'] = 1; |
288 if ( !isset($paths->pages[$paths->nslist['BlogPost'] . $row['post_id']]) ) |
315 if ( !isset($paths->pages[$paths->nslist['BlogPost'] . $row['post_id']]) ) |
363 } |
390 } |
364 |
391 |
365 $acl_type = ( $row['post_author'] == $session->user_id ) ? 'nuggie_edit_own' : 'nuggie_edit_other'; |
392 $acl_type = ( $row['post_author'] == $session->user_id ) ? 'nuggie_edit_own' : 'nuggie_edit_other'; |
366 |
393 |
367 if ( !$perms->get_permissions('read') ) |
394 if ( !$perms->get_permissions('read') ) |
|
395 { |
368 return $page->err_access_denied(); |
396 return $page->err_access_denied(); |
|
397 } |
369 |
398 |
370 // enable comments |
399 // enable comments |
371 $paths->cpage['comments_on'] = 1; |
400 $paths->cpage['comments_on'] = 1; |
372 // disable editing |
401 // disable editing |
373 $session->acl_merge_with_current(array( |
402 $session->acl_merge_with_current(array( |
395 { |
424 { |
396 $template->tpl_strings['PAGE_NAME'] = $page_name; |
425 $template->tpl_strings['PAGE_NAME'] = $page_name; |
397 } |
426 } |
398 |
427 |
399 $template->header(); |
428 $template->header(); |
400 echo '< <a href="' . makeUrlNS('Blog', $row['username']) . '">' . htmlspecialchars($row['blog_name']) . '</a>'; |
429 if ( isset($_GET['planet']) ) |
|
430 { |
|
431 echo '< <a href="' . makeUrlNS('Planet', $_GET['planet']) . '">' . htmlspecialchars($_GET['planet']) . '</a>'; |
|
432 } |
|
433 else |
|
434 { |
|
435 echo '< <a href="' . makeUrlNS('Blog', $row['username']) . '">' . htmlspecialchars($row['blog_name']) . '</a>'; |
|
436 } |
401 echo $postbit->render_post(); |
437 echo $postbit->render_post(); |
402 display_page_footers(); |
438 display_page_footers(); |
403 $template->footer(); |
439 $template->footer(); |
404 } |
440 } |
405 |
441 |
425 if ( $blog_type == 'private' ) |
461 if ( $blog_type == 'private' ) |
426 { |
462 { |
427 $allowed_users = unserialize($allowed_users); |
463 $allowed_users = unserialize($allowed_users); |
428 if ( !in_array($session->username, $allowed_users) && !$perms->get_permissions('nuggie_see_non_public') && $username != $session->username ) |
464 if ( !in_array($session->username, $allowed_users) && !$perms->get_permissions('nuggie_see_non_public') && $username != $session->username ) |
429 { |
465 { |
430 return '_err_access_denied'; |
466 return $page->err_access_denied(); |
431 } |
467 } |
432 } |
468 } |
433 |
469 |
434 // Determine number of posts and prefetch ACL info |
470 // Determine number of posts and prefetch ACL info |
435 $q = $db->sql_query('SELECT post_timestamp, post_id FROM ' . table_prefix . 'blog_posts WHERE post_author = ' . $user_id . ' AND post_published = 1;'); |
471 $q = $db->sql_query('SELECT post_timestamp, post_id FROM ' . table_prefix . 'blog_posts WHERE post_author = ' . $user_id . ' AND post_published = 1;'); |