/system/cp/cp.publish.php
PHP | 12868 lines | 9690 code | 2051 blank | 1127 comment | 1357 complexity | 0b20243405f78f6fdced90969332db15 MD5 | raw file
Large files files are truncated, but you can click here to view the full file
- <?php
- /*
- =====================================================
- ExpressionEngine - by EllisLab
- -----------------------------------------------------
- http://expressionengine.com/
- -----------------------------------------------------
- Copyright (c) 2003 - 2010 EllisLab, Inc.
- =====================================================
- THIS IS COPYRIGHTED SOFTWARE
- PLEASE READ THE LICENSE AGREEMENT
- http://expressionengine.com/docs/license.html
- =====================================================
- File: cp.publish.php
- -----------------------------------------------------
- Purpose: The main weblog class
- =====================================================
- */
- if ( ! defined('EXT'))
- {
- exit('Invalid file request');
- }
- class Publish {
- var $assign_cat_parent = TRUE;
- var $direct_return = FALSE;
- var $categories = array();
- var $cat_parents = array();
- var $smileys = array();
- var $glossary = array();
- var $nest_categories = 'y';
- var $cat_array = array();
-
- var $SPELL = FALSE;
- var $comment_chars = 25;
- var $comment_leave_breaks = 'n';
- var $url_title_error = FALSE;
-
- var $installed_modules = array();
- /** ------------------------
- /** Request handler
- /** ------------------------*/
-
- function request_handler()
- {
- global $IN, $DSP, $LANG, $FNS, $PREFS, $DB;
- $this->assign_cat_parent = ($PREFS->ini('auto_assign_cat_parents') == 'n') ? FALSE : TRUE;
-
- $query = $DB->query("SELECT LOWER(module_name) as name FROM exp_modules");
-
- foreach($query->result as $row)
- {
- $this->installed_modules[$row['name']] = $row['name'];
- }
- switch ($IN->GBL('M'))
- {
- case 'new_entry' : ( ! $IN->GBL('preview', 'POST')) ? $this->submit_new_entry() : $this->new_entry_form('preview');
- break;
- case 'entry_form' : $this->new_entry_form();
- break;
- case 'edit_entry' : $this->new_entry_form('edit');
- break;
- case 'view_entry' : $this->view_entry();
- break;
- case 'view_entries' : $this->edit_entries();
- break;
- case 'multi_edit' : $this->multi_edit_form();
- break;
- case 'update_multi_entries' : $this->update_multi_entries();
- break;
- case 'entry_category_update': $this->multi_entry_category_update();
- break;
- case 'delete_conf' : $this->delete_entries_confirm();
- break;
- case 'delete_entries' : $this->delete_entries();
- break;
- case 'view_comments' : $this->view_comments();
- break;
- case 'view_trackbacks' : $this->view_trackbacks();
- break;
- case 'move_comments_form' : $this->move_comments_form();
- break;
- case 'move_comments' : $this->move_comments();
- break;
- case 'edit_comment' : $this->edit_comment_form();
- break;
- case 'edit_trackback' : $this->edit_trackback_form();
- break;
- case 'change_status' : $this->change_comment_status();
- break;
- case 'update_comment' : $this->update_comment();
- break;
- case 'update_trackback' : $this->update_trackback();
- break;
- case 'modify_comments' : $this->modify_comments();
- break;
- case 'del_comment_conf' : $this->delete_comment_confirm();
- break;
- case 'del_comment' : $this->delete_comment();
- break;
- case 'view_pings' : $this->view_previous_pings();
- break;
- case 'file_upload_form' : $this->file_upload_form();
- break;
- case 'upload_file' : $this->upload_file();
- break;
- case 'file_browser' : $this->file_browser();
- break;
- case 'replace_file' : $this->replace_file();
- break;
- case 'image_options' : $this->image_options_form();
- break;
- case 'create_thumb' : $this->create_thumb();
- break;
- case 'spellcheck_iframe' : $this->spellcheck_iframe();
- break;
- case 'spellcheck' : $this->spellcheck();
- break;
- case 'emoticons' : $this->emoticons();
- break;
- default :
-
- if ($IN->GBL('C') == 'publish')
- {
- if ($IN->GBL('BK'))
- {
- return $this->new_entry_form();
- }
-
- $assigned_weblogs = $FNS->fetch_assigned_weblogs();
-
- if (count($assigned_weblogs) == 0)
- {
- return $DSP->no_access_message($LANG->line('unauthorized_for_any_blogs'));
- }
- else
- {
- if (count($assigned_weblogs) == 1)
- {
- return $this->new_entry_form();
- }
- else
- {
- return $this->weblog_select_list();
- }
- }
- }
- else
- {
- return $this->edit_entries();
- }
- break;
- }
- }
- /* END */
-
- /** --------------------------------------------
- /** Weblog selection menu
- /** --------------------------------------------*/
- // This function shows a list of available weblogs.
- // This list will be displayed when a user clicks the
- // "publish" link when more than one weblog exist.
- //--------------------------------------------
- function weblog_select_list($add='')
- {
- global $IN, $DSP, $DB, $LANG, $FNS, $SESS;
-
-
- if ($IN->GBL('C') == 'publish')
- {
- $blurb = $LANG->line('select_blog_to_post_in');
- $title = $LANG->line('publish');
- $action = 'C=publish'.AMP.'M=entry_form';
- }
- else
- {
- $blurb = $LANG->line('select_blog_to_edit');
- $title = $LANG->line('edit');
- $action = 'C=edit'.AMP.'M=view_entries';
- }
-
- /** -------------------------------------------------
- /** Fetch the blogs the user is allowed to post in
- /** -------------------------------------------------*/
- $links = array();
-
- $i = 0;
-
- foreach ($SESS->userdata['assigned_weblogs'] as $weblog_id => $weblog_title)
- {
- $links[] = $DSP->table_qrow(($i++ % 2) ? 'tableCellOne' : 'tableCellTwo', $DSP->qdiv('defaultBold', $DSP->anchor(BASE.AMP.$action.AMP.'weblog_id='.$weblog_id.$add, $weblog_title)));
- }
-
- // If there are no allowed blogs, show a message
-
- if (count($links) < 1)
- {
- return $DSP->no_access_message($LANG->line('unauthorized_for_any_blogs'));
- }
-
- $DSP->body .= $DSP->table('tableBorder', '0', '', '100%')
- .$DSP->table_qrow('tableHeading', $blurb);
-
- foreach ($links as $val)
- {
- $DSP->body .= $val;
- }
-
- $DSP->body .= $DSP->table_c();
-
- $DSP->title = $title;
- $DSP->crumb = $title;
- }
- /* END */
- /** --------------------------------------------
- /** Weblog "new entry" form
- /** --------------------------------------------*/
- // This function displays the form used to submit, edit, or
- // preview new weblog entries with.
- //--------------------------------------------
- function new_entry_form($which = 'new', $submission_error = '', $entry_id='', $hidden = array())
- {
- global $DSP, $LANG, $LOC, $DB, $IN, $REGX, $FNS, $SESS, $PREFS, $EXT;
-
- $title = '';
- $url_title = '';
- $url_title_prefix = '';
- $default_entry_title = '';
- $status = '';
- $expiration_date = '';
- $comment_expiration_date = '';
- $entry_date = '';
- $sticky = '';
- $allow_trackbacks = '';
- $trackback_urls = '';
- $field_data = '';
- $allow_comments = '';
- $preview_text = '';
- $catlist = '';
- $author_id = '';
- $tb_url = '';
- $bookmarklet = FALSE;
- $version_id = $IN->GBL('version_id');
- $version_num = $IN->GBL('version_num');
- $dst_enabled = $SESS->userdata('daylight_savings');
- $weblog_id = '';
-
- if ($PREFS->ini('site_pages') !== FALSE)
- {
- $LANG->fetch_language_file('pages');
- }
-
- $publish_tabs = array('form' => $LANG->line('publish_form'),
- 'date' => $LANG->line('date'),
- 'cat' => $LANG->line('categories'),
- 'option' => $LANG->line('options'),
- 'tb' => $LANG->line('trackbacks'),
- 'ping' => $LANG->line('pings'),
- 'forum' => $LANG->line('forum'),
- 'revisions' => $LANG->line('revisions'),
- 'pages' => $LANG->line('pages_module_name'),
- 'show_all' => $LANG->line('show_all'),
- );
-
- /** ------------------------------------------------------------------
- /** We need to first determine which weblog to post the entry into.
- /** ------------------------------------------------------------------*/
- $assigned_weblogs = $FNS->fetch_assigned_weblogs();
- // if it's an edit, we just need the entry id and can figure out the rest
- if ($IN->GBL('entry_id', 'GET') !== FALSE AND is_numeric($IN->GBL('entry_id', 'GET')) AND $weblog_id == '')
- {
- $query = $DB->query("SELECT weblog_id FROM exp_weblog_titles WHERE entry_id = '".$DB->escape_str($IN->GBL('entry_id', 'GET'))."'");
-
- if ($query->num_rows == 1)
- {
- $weblog_id = $query->row['weblog_id'];
- }
- }
- if ($weblog_id == '' AND ! ($weblog_id = $IN->GBL('weblog_id', 'GP')))
- {
- // Does the user have their own blog?
-
- if ($SESS->userdata['weblog_id'] != 0)
- {
- $weblog_id = $SESS->userdata['weblog_id'];
- }
- elseif (sizeof($assigned_weblogs) == 1)
- {
- $weblog_id = $assigned_weblogs['0'];
- }
- else
- {
- $query = $DB->query("SELECT weblog_id from exp_weblogs WHERE is_user_blog = 'n'");
-
- if ($query->num_rows == 1)
- {
- $weblog_id = $query->row['weblog_id'];
- }
- else
- {
- return false;
- }
- }
- }
- if ( ! is_numeric($weblog_id))
- return FALSE;
-
- /** ----------------------------------------------
- /** Security check
- /** ---------------------------------------------*/
-
- if ( ! in_array($weblog_id, $assigned_weblogs))
- {
- return $DSP->no_access_message($LANG->line('unauthorized_for_this_blog'));
- }
-
- // -------------------------------------------
- // 'publish_form_start' hook.
- // - Allows complete rewrite of Publish page.
- // - Added $hidden: 1.6.0
- //
- $edata = $EXT->call_extension('publish_form_start', $which, $submission_error, $entry_id, $hidden);
- if ($EXT->end_script === TRUE) return;
- //
- // -------------------------------------------
-
- // -------------------------------------------
- // 'publish_form_headers' hook.
- // - Adds content to headers for Publish page.
- // - Added $weblog_id: 1.6
- // - Added $hidden: 1.6.0
- //
- $DSP->extra_header .= $EXT->call_extension('publish_form_headers', $which, $submission_error, $entry_id, $weblog_id, $hidden);
- if ($EXT->end_script === TRUE) return;
- //
- // -------------------------------------------
-
- // -------------------------------------------
- // 'publish_form_new_tabs' hook.
- // - Allows adding of new tabs to submission form
- // - Added: 1.4.1
- // - Added $hidden: 1.6.0
- //
- if ($EXT->active_hook('publish_form_new_tabs') === TRUE)
- {
- $publish_tabs = $EXT->call_extension('publish_form_new_tabs', $publish_tabs, $weblog_id, $entry_id, $hidden);
- }
- //
- // -------------------------------------------
-
- /** ----------------------------------------------
- /** If Still Set, Show All Goes at the End
- /** ---------------------------------------------*/
-
- if (isset($publish_tabs['show_all']))
- {
- unset($publish_tabs['show_all']);
- $publish_tabs['show_all'] = $LANG->line('show_all');
- }
-
- /** ----------------------------------------------
- /** Fetch weblog preferences
- /** ---------------------------------------------*/
- $query = $DB->query("SELECT * FROM exp_weblogs WHERE weblog_id = '".$DB->escape_str($weblog_id)."'");
-
- if ($query->num_rows == 0)
- {
- return $DSP->error_message($LANG->line('no_weblog_exits'));
- }
-
- // -------------------------------------------
- // 'publish_form_weblog_preferences' hook.
- // - Modify weblog preferences
- // - Added: 1.4.1
- //
- if ($EXT->active_hook('publish_form_weblog_preferences') === TRUE)
- {
- $query->row = $EXT->call_extension('publish_form_weblog_preferences', $query->row);
- }
- //
- // -------------------------------------------
- foreach ($query->row as $key => $val)
- {
- $$key = $val;
- }
-
- /** ----------------------------------------------
- /** Fetch Revision if Necessary
- /** ---------------------------------------------*/
-
- $show_revision_cluster = ($enable_versioning == 'y') ? 'y' : 'n';
-
- if ($which == 'new')
- {
- $versioning_enabled = ($enable_versioning == 'y') ? 'y' : 'n';
- }
- else
- {
- $versioning_enabled = (isset($_POST['versioning_enabled'])) ? 'y' : 'n';
- }
-
- if (is_numeric($version_id))
- {
- $entry_id = $IN->GBL('entry_id');
- $revquery = $DB->query("SELECT version_data FROM exp_entry_versioning WHERE entry_id = '{$entry_id}' AND version_id = '{$version_id}'");
-
- if ($revquery->num_rows == 1)
- {
- $_POST = $REGX->array_stripslashes(@unserialize($revquery->row['version_data']));
- $_POST['entry_id'] = $entry_id;
- $which = 'preview';
- }
- unset($revquery);
- }
-
- /** ---------------------------------------
- /** Insane Idea to Have Defaults and Prefixes
- /** ---------------------------------------*/
-
- if ($which == 'edit')
- {
- $url_title_prefix = '';
- }
- elseif ($which == 'new')
- {
- $title = $default_entry_title;
- $url_title = $url_title_prefix;
- }
-
- // --------------------------------------------------------------------
- // The $which variable determines what the page should show:
- // If $which = 'new' we'll show a blank "new entry" page
- // If $which = "preview", the user has clicked the "preview" button.
- // If $which = "edit", we are editing an already existing entry.
- // If $which = 'save', like a preview, but also an edit.
- // --------------------------------------------------------------------
- if ($which == 'edit')
- {
- if ( ! $entry_id = $IN->GBL('entry_id', 'GET'))
- {
- return false;
- }
-
- // Fetch the weblog data
-
- $sql = "SELECT t.*, d.*
- FROM exp_weblog_titles AS t, exp_weblog_data AS d
- WHERE t.entry_id = '$entry_id'
- AND t.weblog_id = '$weblog_id'
- AND t.entry_id = d.entry_id";
-
- $result = $DB->query($sql);
-
- if ($result->num_rows == 0)
- {
- return $DSP->error_message($LANG->line('no_weblog_exits'));
- }
-
- if ($result->row['author_id'] != $SESS->userdata('member_id'))
- {
- if ( ! $DSP->allowed_group('can_edit_other_entries'))
- {
- return $DSP->no_access_message();
- }
- }
-
- // -------------------------------------------
- // 'publish_form_entry_data' hook.
- // - Modify entry's data
- // - Added: 1.4.1
- //
- if ($EXT->active_hook('publish_form_entry_data') === TRUE)
- {
- $result->row = $EXT->call_extension('publish_form_entry_data', $result->row);
- }
- //
- // -------------------------------------------
-
- foreach ($result->row as $key => $val)
- {
- $$key = $val;
- }
- }
- /** ---------------------------------------------
- /** Assign page title based on type of request
- /** ---------------------------------------------*/
-
- switch ($which)
- {
- case 'edit' : $DSP->title = $LANG->line('edit_entry');
- break;
- case 'save' : $DSP->title = $LANG->line('edit_entry');
- break;
- case 'preview' : $DSP->title = $LANG->line('preview');
- break;
- default : $DSP->title = $LANG->line('new_entry');
- break;
- }
- /** ----------------------------------------------
- /** Assign breadcrumb
- /** ---------------------------------------------*/
-
- $DSP->crumb = $DSP->title.$DSP->crumb_item($blog_title);
- $activate_calendars = '"';
- if ($show_date_menu == 'y')
- {
- // Setup some onload items
-
- $activate_calendars = 'activate_calendars();" ';
- $DSP->extra_header .= '<script type="text/javascript">
- // depending on timezones, local settings and localization prefs, its possible for js to misinterpret the day,
- // but the humanized time is correct, so we activate the humanized time to sync the calendar
-
- function activate_calendars() {
- update_calendar(\'entry_date\', document.getElementById(\'entry_date\').value);
- update_calendar(\'expiration_date\', document.getElementById(\'expiration_date\').value);';
- if ($comment_system_enabled == 'y')
- {
- $DSP->extra_header .= "\n\t\t\t\t".'update_calendar(\'comment_expiration_date\', document.getElementById(\'comment_expiration_date\').value);';
- }
- $DSP->extra_header .= "\n\t\t\t\t"."current_month = '';
- current_year = '';
- last_date = '';";
- $DSP->extra_header .= "\n".'}
- </script>';
- }
- /* -------------------------------------
- /* Publish Page Title Focus
- /*
- /* makes the title field gain focus when the page is loaded
- /*
- /* Hidden Configuration Variable
- /* - publish_page_title_focus => Set focus to the tile? (y/n)
- /* -------------------------------------*/
-
- if ($which != 'edit' && $PREFS->ini('publish_page_title_focus') !== 'n')
- {
- $load_events = 'document.forms[0].title.focus();set_catlink();';
- }
- else
- {
- $load_events = 'set_catlink();';
- }
-
- $DSP->body_props .= ' onload="'.$load_events.$activate_calendars;
-
-
- // -------------------------------------------
- // 'publish_form_body_props' hook.
- // - Allows setting of the body properties
- //
- $edata = $EXT->call_extension('publish_form_body_props');
- if ($EXT->end_script === TRUE) return;
- //
- // -------------------------------------------
-
- /** ----------------------------------------------
- /** Are we using the bookmarklet?
- /** ---------------------------------------------*/
-
- if ($IN->GBL('BK', 'GP'))
- {
- $bookmarklet = TRUE;
-
- $tb_url = $IN->GBL('tb_url', 'GP');
- }
-
- /** ----------------------------------------------
- /** Start building the page output
- /** ---------------------------------------------*/
-
- $r = '';
-
- /** ----------------------------------------------
- /** Form header and hidden fields
- /** ---------------------------------------------*/
-
- $BK = ($bookmarklet == TRUE) ? AMP.'BK=1'.AMP.'Z=1' : '';
-
- if ($IN->GBL('C') == 'publish')
- {
- $r .= $DSP->form_open(
- array(
- 'action' => 'C=publish'.AMP.'M=new_entry'.$BK,
- 'name' => 'entryform',
- 'id' => 'entryform'
- )
- );
- }
- else
- {
- $r .= $DSP->form_open(
- array(
- 'action' => 'C=edit'.AMP.'M=new_entry'.$BK,
- 'name' => 'entryform',
- 'id' => 'entryform'
- )
- );
- }
-
- $r .= $DSP->input_hidden('weblog_id', $weblog_id);
-
- foreach($hidden as $key => $value)
- {
- $r .= $DSP->input_hidden($key, $value);
- }
-
- if ($IN->GBL('entry_id', 'POST'))
- {
- $entry_id = $IN->GBL('entry_id');
- }
-
- if (isset($entry_id))
- {
- $r .= $DSP->input_hidden('entry_id', $entry_id);
- }
-
- if ($bookmarklet == TRUE)
- {
- $r .= $DSP->input_hidden('tb_url', $tb_url);
- }
-
- /** --------------------------------
- /** Fetch Custom Fields
- /** --------------------------------*/
- // Even though we don't need this query until laters we'll run the
- // query here so that we can show previews in the proper order.
-
- // -------------------------------------------
- // 'publish_form_field_query' hook.
- // - Allows control over the field query, controlling what fields will be displayed
- //
- if (isset($EXT->extensions['publish_form_field_query']))
- {
- $field_query = $EXT->call_extension('publish_form_field_query', $this, $field_group);
- }
- else
- {
- $field_query = $DB->query("SELECT * FROM exp_weblog_fields WHERE group_id = '$field_group' ORDER BY field_order");
- }
- //
- // -------------------------------------------
-
- /** ----------------------------------------------
- /** Javascript stuff
- /** ---------------------------------------------*/
-
- $convert_ascii = ($PREFS->ini('auto_convert_high_ascii') == 'y') ? TRUE : FALSE;
-
- // "title" input Field
- if ($IN->GBL('title', 'GET'))
- {
- $title = $this->bm_qstr_decode($IN->GBL('title', 'GET'));
- }
-
- $word_separator = $PREFS->ini('word_separator') != "dash" ? '_' : '-';
-
- if ( ! class_exists('Spellcheck'))
- {
- require PATH_CORE.'core.spellcheck'.EXT;
- }
-
- $this->SPELL = new Spellcheck();
- $spellcheck_js = $this->SPELL->JavaScript(BASE.'&C=publish&M=spellcheck');
-
- /** -------------------------------------
- /** Create Foreign Character Conversion JS
- /** -------------------------------------*/
-
- /* -------------------------------------
- /* 'foreign_character_conversion_array' hook.
- /* - Allows you to use your own foreign character conversion array
- /* - Added 1.6.0
- */
- if (isset($EXT->extensions['foreign_character_conversion_array']))
- {
- $foreign_characters = $EXT->call_extension('foreign_character_conversion_array');
- }
- else
- {
- $foreign_characters = array('223' => "ss", // ß
- '224' => "a", '225' => "a", '226' => "a", '229' => "a",
- '227' => "ae", '230' => "ae", '228' => "ae",
- '231' => "c",
- '232' => "e", // è
- '233' => "e", // é
- '234' => "e", // ê
- '235' => "e", // ë
- '236' => "i", '237' => "i", '238' => "i", '239' => "i",
- '241' => "n",
- '242' => "o", '243' => "o", '244' => "o", '245' => "o",
- '246' => "oe", // ö
- '249' => "u", '250' => "u", '251' => "u",
- '252' => "ue", // ü
- '255' => "y",
- '257' => "aa",
- '269' => "ch",
- '275' => "ee",
- '291' => "gj",
- '299' => "ii",
- '311' => "kj",
- '316' => "lj",
- '326' => "nj",
- '353' => "sh",
- '363' => "uu",
- '382' => "zh",
- '256' => "aa",
- '268' => "ch",
- '274' => "ee",
- '290' => "gj",
- '298' => "ii",
- '310' => "kj",
- '315' => "lj",
- '325' => "nj",
- '352' => "sh",
- '362' => "uu",
- '381' => "zh",
- );
- }
- /*
- /* -------------------------------------*/
- $foreign_replace = '';
-
- foreach($foreign_characters as $old => $new)
- {
- $foreign_replace .= "if (c == '$old') {NewTextTemp += '$new'; continue;}\n\t\t\t\t";
- }
-
- /** -------------------------------------
- /** Publish Tabs JavaScript
- /** -------------------------------------*/
-
- $publish_tabs_javascript = "var blockarray = new Array(".(sizeof($publish_tabs) - 1).")\n";
- $p = 0;
- foreach($publish_tabs as $short => $long)
- {
- $publish_tabs_javascript .= "\t\t".'blockarray['.$p.'] = "block'.$short.'"'."\n"; $p++;
- }
-
- $default_entry_title = $REGX->form_prep($default_entry_title);
-
- $r .= <<<EOT
-
- <script type="text/javascript">
- <!--
-
- /** ------------------------------------
- /** Swap out categories
- /** -------------------------------------*/
-
- // This is used by the "edit categories" feature
-
- function set_catlink()
- {
- if (document.getElementById('cateditlink'))
- {
- if (browser == "IE" && OS == "Mac")
- {
- document.getElementById('cateditlink').style.display = "none";
- }
- else
- {
- document.getElementById('cateditlink').style.display = "block";
- }
- }
- }
-
- function swap_categories(str)
- {
- document.getElementById('categorytree').innerHTML = str;
- }
-
- /** ------------------------------------
- /** Array Helper Functions
- /** -------------------------------------*/
- function getarraysize(thearray)
- {
- for (i = 0; i < thearray.length; i++)
- {
- if ((thearray[i] == "undefined") || (thearray[i] == "") || (thearray[i] == null))
- {
- return i;
- }
- }
-
- return thearray.length;
- }
-
- // Array push
- function arraypush(thearray, value)
- {
- thearray[getarraysize(thearray)] = value;
- }
-
- // Array pop
- function arraypop(thearray)
- {
- thearraysize = getarraysize(thearray);
- retval = thearray[thearraysize - 1];
- delete thearray[thearraysize - 1];
- return retval;
- }
-
- /** ------------------------------------
- /** Live URL Title Function
- /** -------------------------------------*/
-
- function liveUrlTitle()
- {
- var defaultTitle = '{$default_entry_title}';
- var NewText = document.getElementById("title").value;
-
- if (defaultTitle != '')
- {
- if (NewText.substr(0, defaultTitle.length) == defaultTitle)
- {
- NewText = NewText.substr(defaultTitle.length);
- }
- }
-
- NewText = NewText.toLowerCase();
- var separator = "{$word_separator}";
-
- // Foreign Character Attempt
-
- var NewTextTemp = '';
- for(var pos=0; pos<NewText.length; pos++)
- {
- var c = NewText.charCodeAt(pos);
-
- if (c >= 32 && c < 128)
- {
- NewTextTemp += NewText.charAt(pos);
- }
- else
- {
- {$foreign_replace}
- }
- }
-
- var multiReg = new RegExp(separator + '{2,}', 'g');
-
- NewText = NewTextTemp;
-
- NewText = NewText.replace('/<(.*?)>/g', '');
- NewText = NewText.replace(/\s+/g, separator);
- NewText = NewText.replace(/\//g, separator);
- NewText = NewText.replace(/[^a-z0-9\-\._]/g,'');
- NewText = NewText.replace(/\+/g, separator);
- NewText = NewText.replace(multiReg, separator);
- NewText = NewText.replace(/-$/g,'');
- NewText = NewText.replace(/_$/g,'');
- NewText = NewText.replace(/^_/g,'');
- NewText = NewText.replace(/^-/g,'');
- NewText = NewText.replace(/\.+$/g,'');
-
- if (document.getElementById("url_title"))
- {
- document.getElementById("url_title").value = "{$url_title_prefix}" + NewText;
- }
- else
- {
- document.forms['entryform'].elements['url_title'].value = "{$url_title_prefix}" + NewText;
- }
- }
- /** ------------------------------------
- /** Publish Option Tabs Open/Close
- /** -------------------------------------*/
- {$publish_tabs_javascript}
-
- function showblock(which)
- {
- for (i = 0 ; i < blockarray.length; i++ )
- {
- if (document.getElementById(blockarray[i]))
- {
- if (which == 'blockshow_all')
- {
- document.getElementById(blockarray[i]).style.display = "block";
- }
- else
- {
- document.getElementById(blockarray[i]).style.display = "none";
- }
- }
-
- var menu = blockarray[i].substring(5) + 'menu';
-
- if (document.getElementById(menu))
- {
- document.getElementById(menu).style.display = "none";
- }
- }
-
- var menu = which.substring(5) + 'menu';
-
- if (document.getElementById(which))
- {
- document.getElementById(which).style.display = "block";
- document.getElementById(menu).style.display = "block";
- }
- }
-
- function styleswitch(link)
- {
- if (document.getElementById(link).className == 'publishTabs')
- {
- document.getElementById(link).className = 'publishTabsHover';
- }
- }
-
- function stylereset(link)
- {
- if (document.getElementById(link).className == 'publishTabsHover')
- {
- document.getElementById(link).className = 'publishTabs';
- }
- }
-
- /** ------------------------------------
- /** Glossary Item Insert
- /** -------------------------------------*/
- function glossaryInsert(item, id, tag)
- {
- selField = "field_id_" + id;
- taginsert('other', tag, '');
- }
-
- /** ------------------------------------
- /** Smiley Insert
- /** -------------------------------------*/
-
- function add_smiley(smiley, id)
- {
- selField = "field_id_" + id;
- taginsert('other', " " + smiley + " ", '');
-
- showhide_smileys(id);
- }
-
-
- {$spellcheck_js}
-
-
- /** ------------------------------------
- /** Show/Hide Similey Pane
- /** -------------------------------------*/
- var open_panes = new Array();
-
- function showhide_smileys(id)
- {
- cid = 'smileys_' + id;
- gl = 'glossary_' + id;
- sp = 'spellcheck_field_id_' + id;
-
-
- if (document.getElementById(cid))
- {
- if (document.getElementById(cid).style.display == "block")
- {
- hide_open_panes();
- }
- else
- {
- document.getElementById(cid).style.display = "block";
- document.getElementById(gl).style.display = "none";
-
- if (document.getElementById(sp))
- {
- document.getElementById(sp).style.display = "none";
- }
-
- hide_open_panes();
- arraypush(open_panes, cid);
- }
- }
- }
-
- /** ------------------------------------
- /** Show/hide Glossary Pane
- /** -------------------------------------*/
- function showhide_glossary(id)
- {
- cid = 'glossary_' + id;
- sm = 'smileys_' + id;
- sp = 'spellcheck_field_id_' + id;
-
-
- if (document.getElementById(cid))
- {
- if (document.getElementById(cid).style.display == "block")
- {
- hide_open_panes();
- }
- else
- {
- document.getElementById(cid).style.display = "block";
- document.getElementById(sm).style.display = "none";
- if (document.getElementById(sp))
- {
- document.getElementById(sp).style.display = "none";
- }
-
- hide_open_panes();
- arraypush(open_panes, cid);
- }
- }
- }
-
-
- /** ------------------------------------
- /** Show/hide Spellcheck Pane
- /** -------------------------------------*/
- function showhide_spellcheck(id)
- {
- cid = 'spellcheck_field_id_' + id;
- sm = 'smileys_' + id;
- gl = 'glossary_' + id;
-
- if (document.getElementById(cid))
- {
- if (document.getElementById(cid).style.display == "block")
- {
- SP_closeSpellCheck();
-
- hide_open_panes();
- }
- else
- {
- document.getElementById(cid).style.display = "block";
- document.getElementById(sm).style.display = "none";
- document.getElementById(gl).style.display = "none";
-
- eeSpell.getResults('field_id_'+id);
-
- hide_open_panes();
- arraypush(open_panes, cid);
- }
- }
- }
-
- /** ------------------------------------
- /** Close Open Panes
- /** -------------------------------------*/
- function hide_open_panes()
- {
- if (open_panes[0])
- {
- while (open_panes[0])
- {
- clearState = arraypop(open_panes);
- document.getElementById(clearState).style.display = "none";
- }
- }
- }
- /** ------------------------------------
- /** Generic show/hide
- /** -------------------------------------*/
- function showhide_item(id)
- {
- if (document.getElementById(id).style.display == "block")
- {
- document.getElementById(id).style.display = "none";
- }
- else
- {
- document.getElementById(id).style.display = "block";
- }
- }
-
-
- /** ------------------------------------
- /** Show/hide Fields
- /** -------------------------------------*/
- function showhide_field(id)
- {
- f_off = 'field_pane_off_' + id;
- f_on = 'field_pane_on_' + id;
-
- if (document.getElementById(f_off).style.display == "block")
- {
- document.getElementById(f_off).style.display = "none";
- document.getElementById(f_on).style.display = "block";
- }
- else
- {
- document.getElementById(f_off).style.display = "block";
- document.getElementById(f_on).style.display = "none";
- }
- }
- // Remove the Preview from the DOM so it isn't added to submitted content
- document.getElementById('entryform').onsubmit = function()
- {
- if (document.getElementById('entryform').hasChildNodes(document.getElementById('previewBox')) == true)
- {
- document.getElementById('entryform').removeChild(document.getElementById('previewBox'));
- }
- }
- -->
- </script>
- EOT;
- $r .= NL.NL;
-
- if ($bookmarklet == TRUE)
- {
- $r .= $DSP->qdiv('defaultSmall', NBS);
- }
-
- /** ----------------------------------------------
- /** Are we previewing an entry?
- /** ---------------------------------------------*/
-
- if ($which == 'preview')
- {
- /** ----------------------------------------
- /** Instantiate Typography class
- /** ----------------------------------------*/
-
- if ( ! class_exists('Typography'))
- {
- require PATH_CORE.'core.typography'.EXT;
- }
-
- $TYPE = new Typography;
- $TYPE->convert_curly = FALSE;
-
- $this->smileys = $TYPE->smiley_array;
-
- $preview = ($version_id == FALSE) ? $LANG->line('preview') : $LANG->line('version_preview');
-
- if (is_numeric($version_num))
- {
- $preview = str_replace('%s', $version_num, $preview);
- }
-
- $prv_title = ($submission_error == '') ? $preview : $DSP->qspan('alert', $LANG->line('error'));
-
- $r .= '<fieldset class="previewBox" id="previewBox">';
- $r .= '<legend class="previewItemTitle"> '.$prv_title.' </legend>';
-
- if ($submission_error == '')
- {
- $r .= $DSP->heading($TYPE->format_characters(stripslashes($IN->GBL('title', 'POST'))));
- }
-
- // We need to grab each global array index and do a little formatting
-
- $preview_build = array();
-
- foreach($_POST as $key => $val)
- {
- // Gather categories. Since you can select as many categories as you want
- // they are submitted as an array. The $_POST['category'] index
- // contains a sub-array as the value, therefore we need to loop through
- // it and assign discrete variables.
-
- if (is_array($val))
- {
- foreach($val as $k => $v)
- {
- $_POST[$k] = $v;
- }
- if ($key == 'category' OR $key == 'ping')
- {
- unset($_POST[$key]);
- }
- }
- else
- {
- if ($submission_error == '')
- {
- if (strstr($key, 'field_id'))
- {
- $expl = explode('field_id_', $key);
-
- // Pass the entry data to the typography class
-
- $txt_fmt = ( ! isset($_POST['field_ft_'.$expl['1']])) ? 'xhtml' : $_POST['field_ft_'.$expl['1']];
-
- $p_open = ($txt_fmt != 'xhtml') ? '<p>' : '';
- $p_close = ($txt_fmt != 'xhtml') ? '</p>' : '';
-
- $preview_build['field_id_'.$expl['1']] = $p_open.$TYPE->parse_type( stripslashes($val),
- array(
- 'text_format' => $txt_fmt,
- 'html_format' => $weblog_html_formatting,
- 'auto_links' => $weblog_auto_link_urls,
- 'allow_img_url' => $weblog_allow_img_urls
- )
- ).$p_close;
-
- /** ----------------------------
- /** Certain tags might cause havoc, so we remove them
- /** ----------------------------*/
-
- $preview_build['field_id_'.$expl['1']] = preg_replace("#<script([^>]*)>.*?</script>#is", '', $preview_build['field_id_'.$expl['1']]);
- $preview_build['field_id_'.$expl['1']] = preg_replace("#<form([^>]*)>(.*?)</form>#is", '\2', $preview_build['field_id_'.$expl['1']]);
- }
- }
-
- $val = stripslashes($val);
-
- $_POST[$key] = $val;
- }
-
- $$key = $val;
- }
-
- // Show the preview. We do it this way in order to honor
- // the custom field order since we can't guarantee that $_POST
- // data will be in the correct order
-
- if (count($preview_build) > 0)
- {
- foreach ($field_query->result as $row)
- {
- if (isset($preview_build['field_id_'.$row['field_id']]))
- {
- $r .= $preview_build['field_id_'.$row['field_id']];
- }
- }
- }
-
- // Do we have a forum topic preview?
-
- if ($PREFS->ini('forum_is_installed') == "y")
- {
- if ($IN->GBL('forum_title') != '')
- {
- $r .= $DSP->qdiv('itemWrapper',
- $DSP->qdiv('itemTitle', $LANG->line('forum_title', 'title')).
- $DSP->qdiv('', $IN->GBL('forum_title'))
- );
- }
-
- if ($IN->GBL('forum_body') != '')
- {
- $forum_body = $TYPE->parse_type( stripslashes($IN->GBL('forum_body')),
- array(
- 'text_format' => 'xhtml',
- 'html_format' => 'safe',
- 'auto_links' => 'y',
- 'allow_img_url' => 'y'
- )
- );
-
- $r .= $DSP->qdiv('itemWrapper',
- $DSP->qdiv('itemTitle', $LANG->line('forum_body', 'title')).
- $DSP->qdiv('', $forum_body)
- );
- }
- }
-
- // -------------------------------------------
- // 'publish_form_preview_additions' hook.
- // - Add content to preview
- // - As this is a preview, content can be gotten from $_POST
- // - Added: 1.4.1
- //
- if ($EXT->active_hook('publish_form_preview_additions') === TRUE)
- {
- $r .= $EXT->call_extension('publish_form_preview_additions');
- }
- //
- // -------------------------------------------
-
- // Are there any errors?
-
- if ($submission_error != '')
- {
- $r .= $DSP->qdiv('highlight', $submission_error);
- }
-
- $r .= '</fieldset>';
- }
- // END PREVIEW
-
-
- // QUICK SAVE: THE PREVIEW PART
- if ($which == 'save')
- {
- foreach($_POST as $key => $val)
- {
- if (is_array($val))
- {
- foreach($val as $k => $v)
- {
- $_POST[$k] = $v;
- }
-
- if ($key == 'category' OR $key == 'ping')
- {
- unset($_POST[$key]);
- }
- }
- else
- {
- $val = stripslashes($val);
-
- $_POST[$key] = $val;
- }
-
- if ($key != 'entry_id')
- {
- $$key = $val;
- }
-
- // we need to unset this or it will cause the forum tab to not display the existing connection
- unset($forum_topic_id);
- }
-
- $r .= '<fieldset class="previewBox" id="previewBox">';
- $r .= '<legend class="previewItemTitle"> '.$LANG->line('quick_save').' </legend></fieldset>';
- }
- // END SAVE
-
- /** --------------------------------
- /** Weblog pull-down menu
- /** --------------------------------*/
-
- $menu_weblog = '';
-
- $show_weblog_menu = 'y';
-
- if ($show_weblog_menu == 'n')
- {
- $r .= $DSP->input_hidden('new_weblog', $weblog_id);
- }
- elseif($which != 'new')
- {
- /** --------------------------------
- /** Create weblog menu
- /** --------------------------------*/
-
- $query = $DB->query("SELECT weblog_id, blog_title FROM exp_weblogs
- WHERE status_group = '$status_group'
- AND cat_group = '".$DB->escape_str($cat_group)."'
- AND field_group = '$field_group'
- AND site_id = '".$DB->escape_str($PREFS->ini('site_id'))."'
- ORDER BY blog_title");
-
- if ($query->num_rows > 0)
- {
- foreach ($query->result as $row)
- {
- if ($SESS->userdata['group_id'] == 1 OR in_array($row['weblog_id'], $assigned_weblogs))
- {
- if (isset($_POST['new_weblog']) && is_numeric($_POST['new_weblog']))
- {
- $selected = ($_POST['new_weblog'] == $row['weblog_id']) ? 1 : '';
- }
- else
- {
- $selected = ($weblog_id == $row['weblog_id']) ? 1 : '';
- }
-
- $menu_weblog .= $DSP->input_select_option($row['weblog_id'], $REGX->form_prep($row['blog_title']), $selected);
- }
- }
-
- if ($menu_weblog != '')
- {
- $menu_weblog = $DSP->input_select_header('new_weblog').$menu_weblog.$DSP->input_select_footer();
- }
- }
- }
-
-
-
- /** --------------------------------
- /** Status pull-down menu
- /** --------------------------------*/
-
- $menu_status = '';
- if ($deft_status == '')
- $deft_status = 'open';
-
- if ($status == '')
- $status = $deft_status;
-
- if ($show_status_menu == 'n')
- {
- $r .= $DSP->input_hidden('status', $status);
- }
- else
- {
- $menu_status .= $DSP->input_select_header('status');
-
- /** --------------------------------
- /** Fetch disallowed statuses
- /** --------------------------------*/
-
- $no_status_access = array();
-
- if ($SESS->userdata['group_id'] != 1)
- {
- $query = $DB->query("SELECT status_id FROM exp_status_no_access WHERE member_group = '".$SESS->userdata['group_id']."'");
-
- if ($query->num_rows > 0)
- {
- foreach ($query->result as $row)
- {
- $no_status_access[] = $row['status_id'];
- }
- }
- }
-
- /** --------------------------------
- /** Create status menu
- /** --------------------------------*/
-
- $query = $DB->query("SELECT * FROM exp_statuses WHERE group_id = '$status_group' order by status_order");
-
- if ($query->num_rows == 0)
- {
- // if there is no status group assigned, only Super Admins can create 'open' entries
- if ($SESS->userdata['group_id'] == 1)
- {
- $menu_status .= $DSP->input_select_option('open', $LANG->line('open'), ($status == 'open') ? 1 : '');
- }
- $menu_status .= $DSP->input_select_option('closed', $LANG->line('closed'), ($status == 'closed') ? 1 : '');
- }
- else
- {
- $no_status_flag = TRUE;
-
- foreach ($query->result as $row)
- {
- $selected = ($status == $row['status']) ? 1 : '';
-
- if (in_array($row['status_id'], $no_status_access))
- {
- continue;
- }
-
- $no_status_flag = FALSE;
- $status_name = ($row['status'] == 'open' OR $row['status'] == 'closed') ? $LANG->line($row['status']) : $row['status'];
- $menu_status .= $DSP->input_select_option($REGX->form_prep($row['status']), $REGX->form_prep($status_name), $selected);
- }
-
- /** --------------------------------
- /** Were there no statuses?
- /** --------------------------------*/
-
- // If the current user is not allowed to submit any statuses
- // we'll set the default to closed
-
- if ($no_status_flag == TRUE)
- {
- $menu_status .= $DSP->input_select_option('closed', $LANG->line('closed'));
- }
- }
-
- $menu_status .= $DSP->input_select_footer();
- }
-
-
-
- /** --------------------------------
- /** Author pull-down menu
- /** --------------------------------*/
-
- $menu_author = '';
-
- // First we'll assign the default author.
-
- if ($author_id == '')
- $author_id = $SESS->userdata('member_id');
- if ($show_author_menu == 'n')
- {
- $r .= $DSP->input_hidden('author_id', $author_id);
- }
- else
- {
- $menu_author .= $DSP->input_select_header('author_id');
- $query = $DB->query("SELECT username, screen_name FROM exp_members WHERE member_id = '$author_id'");
- $author = ($query->row['screen_name'] == '') ? $query->row['username'] : $query->row['screen_name'];
- $menu_author .= $DSP->input_select_option($author_id, $author);
-
- // Next we'll gather all the authors that are allowed to be in this list
- /*
- // OLD VERSION OF THE QUERY... not so good
- $ss = "SELECT exp_members.member_id, exp_members.group_id, exp_members.username, exp_members.screen_name, exp_members.weblog_id,
- exp_member_groups.*
- FROM exp_members, exp_member_groups
- WHERE exp_members.member_id != '$author_id'
- AND (exp_members.in_authorlist = 'y' OR exp_member_groups.include_in_authorlist = 'y')
- AND exp_members.group_id = exp_member_groups.group_id
- AND exp_member_groups.site_id = '".$DB->escape_str($PREFS->ini('site_id'))."'
- ORDER BY screen_name asc, username asc";
- */
-
- $ss = "SELECT exp_members.member_id, exp_members.group_id, exp_members.username, exp_members.screen_name, exp_members.weblog_id
- FROM exp_members
- LEFT JOIN exp_member_groups on exp_member_groups.group_id = exp_members.group_id
- WHERE exp_members.member_id != '$author_id'
- AND (exp_members.in_authorlist = 'y' OR exp_member_groups.include_in_authorlist = 'y')
- AND exp_member_groups.site_id = '".$DB->escape_str($PREFS->ini('site_id'))."'
- ORDER BY screen_name asc, username asc";
-
- $query = $DB->query($ss);
-
- if ($query->num_rows > 0)
- {
- foreach ($query->result as $row)
- {
- // Is this a "user blog"? If so, we'll only allow
- // multiple authors if they are assigned to this particular blog
-
- if ($SESS->userdata['weblog_id'] != 0)
- {
- if ($row['weblog_id'] == $weblog_id)
- {
- $author = ($row['screen_name'] == '') ? $row['username'] : $row['screen_name'];
-
- $selected = ($author_id == $row['member_id']) ? 1 : '';
-
- $menu_author .= $DSP->input_select_option($row['member_i…
Large files files are truncated, but you can click here to view the full file