PageRenderTime 86ms CodeModel.GetById 41ms app.highlight 18ms RepoModel.GetById 22ms app.codeStats 0ms

/phpmyfaq/admin/record.add.php

https://github.com/cyrke/phpMyFAQ
PHP | 286 lines | 207 code | 38 blank | 41 comment | 28 complexity | 68862f4bde773a38272a03dff6f7af5a MD5 | raw file
  1<?php
  2/**
  3 * Adds a record in the database, handles the preview and checks for missing
  4 * category entries.
  5 *
  6 * PHP Version 5.3
  7 *
  8 * This Source Code Form is subject to the terms of the Mozilla Public License,
  9 * v. 2.0. If a copy of the MPL was not distributed with this file, You can
 10 * obtain one at http://mozilla.org/MPL/2.0/.
 11 *
 12 * @category  phpMyFAQ
 13 * @package   Administration
 14 * @author    Thorsten Rinne <thorsten@phpmyfaq.de>
 15 * @copyright 2003-2012 phpMyFAQ Team
 16 * @license   http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
 17 * @link      http://www.phpmyfaq.de
 18 * @since     2003-02-23
 19 */
 20
 21if (!defined('IS_VALID_PHPMYFAQ')) {
 22    header('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME']));
 23    exit();
 24}
 25
 26// Re-evaluate $user
 27$user = PMF_User_CurrentUser::getFromSession($faqConfig);
 28
 29if ($permission['editbt']|| $permission['addbt']) {
 30
 31    // FAQ data
 32    $dateStart     = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING);
 33    $dateEnd       = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING);
 34    $question      = PMF_Filter::filterInput(INPUT_POST, 'question', FILTER_SANITIZE_STRING);
 35    $categories    = PMF_Filter::filterInputArray(INPUT_POST, array('rubrik' => array('filter' => FILTER_VALIDATE_INT,
 36                                                                                      'flags'  => FILTER_REQUIRE_ARRAY)));
 37    $record_lang   = PMF_Filter::filterInput(INPUT_POST, 'lang', FILTER_SANITIZE_STRING);
 38    $tags          = PMF_Filter::filterInput(INPUT_POST, 'tags', FILTER_SANITIZE_STRING);
 39    $active        = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING);
 40    $sticky        = PMF_Filter::filterInput(INPUT_POST, 'sticky', FILTER_SANITIZE_STRING);
 41    $content       = PMF_Filter::filterInput(INPUT_POST, 'answer', FILTER_SANITIZE_SPECIAL_CHARS);
 42    $keywords      = PMF_Filter::filterInput(INPUT_POST, 'keywords', FILTER_SANITIZE_STRING);
 43    $author        = PMF_Filter::filterInput(INPUT_POST, 'author', FILTER_SANITIZE_STRING);
 44    $email         = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
 45    $comment       = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
 46    $record_id     = PMF_Filter::filterInput(INPUT_POST, 'id', FILTER_VALIDATE_INT);
 47    $solution_id   = PMF_Filter::filterInput(INPUT_POST, 'solution_id', FILTER_VALIDATE_INT);
 48    $revision_id   = PMF_Filter::filterInput(INPUT_POST, 'revision_id', FILTER_VALIDATE_INT);
 49    $changed       = PMF_Filter::filterInput(INPUT_POST, 'changed', FILTER_SANITIZE_STRING);
 50    
 51    // Permissions
 52    $user_permission   = PMF_Filter::filterInput(INPUT_POST, 'userpermission', FILTER_SANITIZE_STRING);
 53    $restricted_users  = ('all' == $user_permission) ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_users', FILTER_VALIDATE_INT);
 54    $group_permission  = PMF_Filter::filterInput(INPUT_POST, 'grouppermission', FILTER_SANITIZE_STRING);
 55    $restricted_groups = ('all' == $group_permission) ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_groups', FILTER_VALIDATE_INT);
 56    
 57    if (!isset($categories['rubrik'])) {
 58        $categories['rubrik'] = array();
 59    }
 60    
 61    if (!is_null($question) && !is_null($categories['rubrik'])) {
 62        // new entry
 63        $logging = new PMF_Logging($faqConfig);
 64        $logging->logAdmin($user, 'Beitragcreatesave');
 65        printf("<h2>%s</h2>\n", $PMF_LANG['ad_entry_aor']);
 66
 67        $category = new PMF_Category($faqConfig, false);
 68        $category->setUser($currentAdminUser);
 69        $category->setGroups($currentAdminGroups);
 70        $tagging  = new PMF_Tags($faqConfig);
 71
 72        $recordData     = array(
 73            'lang'          => $record_lang,
 74            'active'        => $active,
 75            'sticky'        => (!is_null($sticky) ? 1 : 0),
 76            'thema'         => html_entity_decode($question),
 77            'content'       => html_entity_decode($content),
 78            'keywords'      => $keywords,
 79            'author'        => $author,
 80            'email'         => $email,
 81            'comment'       => (!is_null($comment) ? 'y' : 'n'),
 82            'date'          => date('YmdHis'),
 83            'dateStart'     => (empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000'),
 84            'dateEnd'       => (empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959'),
 85            'linkState'     => '',
 86            'linkDateCheck' => 0);
 87        
 88        // Add new record and get that ID
 89        $record_id = $faq->addRecord($recordData);
 90
 91        if ($record_id) {
 92            // Create ChangeLog entry
 93            $faq->createChangeEntry($record_id, $user->getUserId(), nl2br($changed), $recordData['lang']);
 94            // Create the visit entry
 95
 96            $visits = new PMF_Visits($faqConfig);
 97            $visits->add($record_id);
 98
 99            // Insert the new category relations
100            $faq->addCategoryRelations($categories['rubrik'], $record_id, $recordData['lang']);
101            // Insert the tags
102            if ($tags != '') {
103                $tagging->saveTags($record_id, explode(',',$tags));
104            }
105            
106            // Add user permissions
107            $faq->addPermission('user', $record_id, $restricted_users);
108            $category->addPermission('user', $categories['rubrik'], $restricted_users);
109            // Add group permission
110            if ($faqConfig->get('security.permLevel') != 'basic') {
111                $faq->addPermission('group', $record_id, $restricted_groups);
112                $category->addPermission('group', $categories['rubrik'], $restricted_groups);
113            }
114
115            printf('<p class="alert alert-success">%s</p>', $PMF_LANG['ad_entry_savedsuc']);
116
117            // Open question answered
118            $openQuestionId = PMF_Filter::filterInput(INPUT_POST, 'openQuestionId', FILTER_VALIDATE_INT);
119            if (null !== $openQuestionId) {
120
121                if ($faqConfig->get('records.enableDeleteQuestion')) { // deletes question
122                    $faq->deleteQuestion($openQuestionId);
123                } else { // adds this faq record id to the related open question
124                    $faq->updateQuestionAnswer($openQuestionId, $record_id, $categories['rubrik'][0]);
125                }
126
127                $url   = sprintf(
128                    '%s?action=artikel&amp;cat=%d&amp;id=%d&amp;artlang=%s',
129                    $faqConfig->get('main.referenceURL'),
130                    $categories['rubrik'][0],
131                    $record_id,
132                    $record_lang
133                );
134                $oLink = new PMF_Link($url, $faqConfig);
135
136                // notify the user who added the question
137                $notifyEmail = PMF_Filter::filterInput(INPUT_POST, 'notifyEmail', FILTER_SANITIZE_EMAIL);
138                $notifyUser  = PMF_Filter::filterInput(INPUT_POST, 'notifyUser', FILTER_SANITIZE_STRING);
139
140                $notification = new PMF_Notification($faqConfig);
141                $notification->sendOpenQuestionAnswered($notifyEmail, $notifyUser, $oLink->toString());
142            }
143
144            // Call Link Verification
145            PMF_Helper_Linkverifier::linkOndemandJavascript($record_id, $recordData['lang']);
146
147            // Callback to Twitter if enabled
148            if ($faqConfig->get('socialnetworks.enableTwitterSupport')) {
149                require '../inc/libs/twitteroauth/twitteroauth.php';
150                $connection = new TwitterOAuth($faqConfig->get('socialnetworks.twitterConsumerKey'),
151                                               $faqConfig->get('socialnetworks.twitterConsumerSecret'),
152                                               $faqConfig->get('socialnetworks.twitterAccessTokenKey'),
153                                               $faqConfig->get('socialnetworks.twitterAccessTokenSecret'));
154
155                $link = PMF_Link::getSystemRelativeUri() .
156                        sprintf('?action=artikel&amp;cat=%d&amp;id=%d&amp;artlang=%s',
157                            $category,
158                            $record_id,
159                            $record_lang);
160                $link             = $faqConfig->get('main.referenceURL') . str_replace('/admin/','/', $link);
161                $oLink            = new PMF_Link($link, $faqConfig);
162                $oLink->itemTitle = $question;
163                $link             = $oLink->toString();
164                
165                if ($connection) {
166                    $twitter = new PMF_Services_Twitter($connection);
167                    $twitter->addPost($question, $tags, $link);
168                }
169            }
170
171            // All the other translations
172            $languages = PMF_Filter::filterInput(INPUT_POST, 'used_translated_languages', FILTER_SANITIZE_STRING);            
173            if ($faqConfig->get('main.enableGoogleTranslation') === true && !empty($languages)) {
174                
175                $linkverifier = new PMF_Linkverifier($faqConfig, $user->getLogin());
176    
177                $languages = explode(",", $languages);
178                foreach ($languages as $translated_lang) {
179                    if ($translated_lang == $record_lang) {
180                        continue;
181                    }
182                    $translated_question = PMF_Filter::filterInput(INPUT_POST, 'question_translated_' . $translated_lang, FILTER_SANITIZE_STRING);
183                    $translated_answer   = PMF_Filter::filterInput(INPUT_POST, 'answer_translated_' . $translated_lang, FILTER_SANITIZE_SPECIAL_CHARS);
184                    $translated_keywords = PMF_Filter::filterInput(INPUT_POST, 'keywords_translated_' . $translated_lang, FILTER_SANITIZE_STRING);
185    
186                    $recordData = array_merge($recordData, array(
187                        'id'            => $record_id,
188                        'lang'          => $translated_lang,
189                        'thema'         => html_entity_decode($translated_question),
190                        'content'       => html_entity_decode($translated_answer),
191                        'keywords'      => $translated_keywords,
192                        'author'        => 'Google Translate',
193                        'email'         => $faqConfig->get('main.administrationMail')));
194    
195                    // Create ChangeLog entry
196                    $faq->createChangeEntry($record_id, $user->getUserId(), nl2br($changed), $translated_lang);
197    
198                    // save or update the FAQ record
199                    if ($faq->isAlreadyTranslated($record_id, $translated_lang)) {
200                        $faq->updateRecord($recordData);
201                    } else {
202                        $faq->addRecord($recordData, false);
203                    }
204    
205                    // delete category relations
206                    $faq->deleteCategoryRelations($record_id, $translated_lang);
207    
208                    // save or update the category relations
209                    $faq->addCategoryRelations($categories['rubrik'], $record_id, $translated_lang);
210    
211                    // Copy Link Verification
212                    $linkverifier->markEntry($record_id, $translated_lang);
213
214                    // add faqvisit entry
215                    $visits->add($record_id, $translated_lang);
216
217                    // Set attachment relations
218                    $attachments = PMF_Attachment_Factory::fetchByRecordId($faqConfig, $record_id);
219                    foreach ($attachments as $attachment) {
220                        if ($attachment instanceof PMF_Attachment_Abstract) {
221                            $attachment->setId(null);
222                            $attachment->setRecordLang($translated_lang);
223                            $attachment->saveMeta();
224                        }
225                    }
226
227                }
228            }
229?>
230    <script type="text/javascript">
231    $(document).ready(function(){
232        setTimeout(function() {
233            window.location = "index.php?action=editentry&id=<?php print $record_id; ?>&lang=<?php print $recordData['lang'] ?>";
234            }, 5000);
235        });
236    </script>
237
238<?php
239        } else {
240            printf(
241                '<p class="alert alert-error">%s</p>',
242                $PMF_LANG['ad_entry_savedfail'] . $faqConfig->getDb()->error()
243            );
244        }
245
246    } else {
247        printf("<h2>%s</h2>\n", $PMF_LANG['ad_entry_aor']);
248        printf('<p class="alert alert-error">%s</p>', $PMF_LANG['ad_entryins_fail']);
249?>
250    <form action="?action=editpreview" method="post">
251    <input type="hidden" name="question"            value="<?php print PMF_String::htmlspecialchars($question); ?>" />
252    <input type="hidden" name="content" class="mceNoEditor" value="<?php print PMF_String::htmlspecialchars($content); ?>" />
253    <input type="hidden" name="lang"                value="<?php print $record_lang; ?>" />
254    <input type="hidden" name="keywords"            value="<?php print $keywords; ?>" />
255    <input type="hidden" name="tags"                value="<?php print $tags; ?>" />
256    <input type="hidden" name="author"              value="<?php print $author; ?>" />
257    <input type="hidden" name="email"               value="<?php print $email; ?>" />
258<?php
259        if (is_array($categories['rubrik'])) {
260            foreach ($categories['rubrik'] as $key => $_categories) {
261                print '    <input type="hidden" name="rubrik['.$key.']" value="'.$_categories.'" />';
262            }
263        }
264?>
265    <input type="hidden" name="solution_id"         value="<?php print $solution_id; ?>" />
266    <input type="hidden" name="revision"            value="<?php print $revision_id; ?>" />
267    <input type="hidden" name="active"              value="<?php print $active; ?>" />
268    <input type="hidden" name="changed"             value="<?php print $changed; ?>" />
269    <input type="hidden" name="comment"             value="<?php print $comment; ?>" />
270    <input type="hidden" name="dateStart"           value="<?php print $dateStart; ?>" />
271    <input type="hidden" name="dateEnd"             value="<?php print $dateEnd; ?>" />
272    <input type="hidden" name="userpermission"      value="<?php print $user_permission; ?>" />
273    <input type="hidden" name="restricted_users"    value="<?php print $restricted_users; ?>" />
274    <input type="hidden" name="grouppermission"     value="<?php print $group_permission; ?>" />
275    <input type="hidden" name="restricted_group"    value="<?php print $restricted_groups; ?>" />
276    <p align="center">
277        <button class="btn btn-primary" type="submit" name="submit">
278            <?php print $PMF_LANG['ad_entry_back']; ?>
279        </button>
280    </p>
281    </form>
282<?php
283    }
284} else {
285    print $PMF_LANG['err_NotAuth'];
286}