euc/nucleus/bookmarklet.php

   1 <?php\r
   2 /**\r
   3   * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
   4   * Copyright (C) 2002-2004 The Nucleus Group\r
   5   *\r
   6   * This program is free software; you can redistribute it and/or\r
   7   * modify it under the terms of the GNU General Public License\r
   8   * as published by the Free Software Foundation; either version 2\r
   9   * of the License, or (at your option) any later version.\r
  10   * (see nucleus/documentation/index.html#license for more info)\r
  11   *\r
  12   * This script allows adding items to Nucleus through bookmarklets. The member must be logged in\r
  13   * in order to use this.\r
  14   */\r
  15 \r
  16 // bookmarklet is part of admin area (might need XML-RPC)\r
  17 $CONF = array();\r
  18 $CONF['UsingAdminArea'] = 1;\r
  19 \r
  20 // include all classes and config data \r
  21 include('../config.php');\r
  22 \r
  23 $action = requestVar('action');\r
  24 \r
  25 if ($action == 'contextmenucode') {\r
  26         bm_doContextMenuCode();\r
  27         exit;\r
  28 }\r
  29 \r
  30 if (!$member->isLoggedIn()) {\r
  31         bm_loginAndPassThrough();\r
  32         exit;\r
  33 }\r
  34 \r
  35 // on successfull login\r
  36 if (($action == 'login') && ($member->isLoggedIn()))\r
  37         $action = requestVar('nextaction');\r
  38 if ($action == '')\r
  39         $action = 'add';\r
  40         \r
  41 sendContentType('application/xhtml+xml', 'bookmarklet-'.$action);       \r
  42 \r
  43 // find out what to do\r
  44 switch ($action) {\r
  45         case 'additem':\r
  46                 bm_doAddItem();         // adds the item for real\r
  47                 break;\r
  48         case 'edit':\r
  49                 bm_doEditForm();        // shows the edit item form\r
  50                 break;\r
  51         case 'edititem':                // edits the item for real\r
  52                 bm_doEditItem();\r
  53                 break;\r
  54         case 'login':                   // on login, 'action' gets changed to 'nextaction'\r
  55                 bm_doError('Something went wrong');\r
  56                 break;\r
  57         case 'add':\r
  58         default:\r
  59                 bm_doShowForm();        // shows the fill in form\r
  60                 break;\r
  61 }\r
  62         \r
  63 function bm_doAddItem() {\r
  64         global $member, $manager;\r
  65         \r
  66         $manager->loadClass('ITEM');\r
  67         $result = ITEM::createFromRequest();\r
  68         \r
  69         if ($result['status'] == 'error')\r
  70                 bm_doError($result['message']);\r
  71 \r
  72         $blogid = getBlogIDFromItemID($result['itemid']);\r
  73         $blog =& $manager->getBlog($blogid);\r
  74         \r
  75         if ($result['status'] == 'newcategory') {\r
  76                 $message = '¥¢¥¤¥Æ¥à¤ÏÄÉ²Ã¤µ¤ì¡¢¿·¤·¤¤¥«¥Æ¥´¥ê¡¼¤¬ºîÀ®¤µ¤ì¤Þ¤·¤¿¡£ <a href="index.php?action=categoryedit&amp;blogid='.$blogid.'&amp;catid='.$result['catid'].'" onclick="if (event &amp;&amp; event.preventDefault) event.preventDefault(); window.open(this.href); return false;" title="Opens in new window">¤³¤³¤ò¥¯¥ê¥Ã¥¯¤·¤Æ¥«¥Æ¥´¥ê¡¼¤ÎÌ¾Á°¤ÈÀâÌÀ¤òÊÔ½¸¤·¤Æ¤¯¤À¤µ¤¤¡£</a>';\r
  77                 $extrahead = '';\r
  78         } elseif ((postVar('actiontype') == 'addnow') && $blog->pingUserland()) {\r
  79                 $message = '¥¢¥¤¥Æ¥à¤ÎÄÉ²Ã¤ËÀ®¸ù¤·¤Þ¤·¤¿¡£¸½ºßweblogs.com¤Ëping¤òÁ÷¤Ã¤Æ¤¤¤Þ¤¹¡£¤·¤Ð¤é¤¯¤Î´Ö¤ªÂÔ¤Á¤¯¤À¤µ¤¤...';\r
  80                 $extrahead = '<meta http-equiv="refresh" content="1; url=index.php?action=sendping&amp;blogid=' . $blogid . '" />';\r
  81         } else {\r
  82                 $message = _ITEM_ADDED;\r
  83                 $extrahead = '';\r
  84         }\r
  85         \r
  86         bm_message(_ITEM_ADDED, _ITEM_ADDED, $message,$extrahead);\r
  87 }\r
  88 \r
  89 function bm_doEditItem() {\r
  90         global $member, $manager, $CONF;\r
  91         \r
  92         $itemid         = intRequestVar('itemid');\r
  93         $catid          = postVar('catid');\r
  94         \r
  95         // only allow if user is allowed to alter item\r
  96         if (!$member->canUpdateItem($itemid, $catid))\r
  97                 bm_doError(_ERROR_DISALLOWED);\r
  98 \r
  99         $body           = postVar('body');\r
 100         $title          = postVar('title');\r
 101         $more           = postVar('more');\r
 102         $closed         = intPostVar('closed');\r
 103         $actiontype = postVar('actiontype');\r
 104         \r
 105         // redirect to admin area on delete (has delete confirmation)\r
 106         if ($actiontype == 'delete') {\r
 107                 redirect('index.php?action=itemdelete&itemid='.$itemid);\r
 108                 exit;   \r
 109         }\r
 110         \r
 111         // create new category if needed (only on edit/changedate)\r
 112         if (strstr($catid,'newcat')) {\r
 113                 // get blogid \r
 114                 list($blogid) = sscanf($catid,"newcat-%d");\r
 115 \r
 116                 // create\r
 117                 $blog =& $manager->getBlog($blogid);\r
 118                 $catid = $blog->createNewCategory();\r
 119 \r
 120                 // show error when sth goes wrong\r
 121                 if (!$catid) \r
 122                         bm_doError('Could not create new category');\r
 123         } \r
 124 \r
 125         // only edit action is allowed for bookmarklet edit\r
 126         switch ($actiontype) {\r
 127                 case 'changedate':\r
 128                         $publish = 1;\r
 129                         $wasdraft = 0;\r
 130                         $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year'));\r
 131                         break;\r
 132                 case 'edit':\r
 133                         $publish = 1;\r
 134                         $wasdraft = 0;\r
 135                         $timestamp = 0;\r
 136                         break;\r
 137                 default:\r
 138                         bm_doError('Something went wrong');\r
 139         }\r
 140         \r
 141         // update item for real\r
 142         ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);\r
 143         \r
 144         // show success message\r
 145         if ($catid != intPostVar('catid'))\r
 146                 bm_message(_ITEM_UPDATED, _ITEM_UPDATED, '¥¢¥¤¥Æ¥à¤ÏÄÉ²Ã¤µ¤ì¡¢¿·¤·¤¤¥«¥Æ¥´¥ê¡¼¤¬ºîÀ®¤µ¤ì¤Þ¤·¤¿¡£<a href="index.php?action=categoryedit&amp;blogid='.$blog->getID().'&amp;catid='.$catid.'" onclick="if (event &amp;&amp; event.preventDefault) event.preventDefault(); window.open(this.href); return false;" title="Opens in new window">¤³¤³¤ò¥¯¥ê¥Ã¥¯¤·¤Æ¥«¥Æ¥´¥ê¡¼¤ÎÌ¾Á°¤ÈÀâÌÀ¤òÊÔ½¸¤·¤Æ¤¯¤À¤µ¤¤¡£</a>', '');\r
 147         else\r
 148                 bm_message(_ITEM_UPDATED, _ITEM_UPDATED, _ITEM_UPDATED, '');\r
 149 }\r
 150 \r
 151 function bm_loginAndPassThrough() {\r
 152 \r
 153         $blogid = intRequestVar('blogid');\r
 154         $log_text = requestVar('logtext');\r
 155         $log_link = requestVar('loglink');\r
 156         $log_linktitle = requestVar('loglinktitle');\r
 157         \r
 158         ?>\r
 159 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\r
 160         <html xmlns="http://www.w3.org/1999/xhtml">\r
 161         <head>\r
 162                 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />\r
 163                 <title>Nucleus</title>\r
 164                 <?php bm_style(); ?>\r
 165         </head>\r
 166         <body>\r
 167         <h1><?php echo _LOGIN_PLEASE?></h1>\r
 168         \r
 169         <form method="post" action="bookmarklet.php">\r
 170         <p>\r
 171                 <input name="action" value="login" type="hidden" />\r
 172                 <input name="blogid" value="<?php echo  htmlspecialchars($blogid) ?>" type="hidden" />\r
 173                 <input name="logtext" value="<?php echo  htmlspecialchars($log_text) ?>" type="hidden" />\r
 174                 <input name="loglink" value="<?php echo  htmlspecialchars($log_link) ?>" type="hidden" />\r
 175                 <input name="loglinktitle" value="<?php echo  htmlspecialchars($log_linktitle) ?>" type="hidden" />\r
 176                 <?php echo _LOGINFORM_NAME?>:\r
 177                 <br /><input name="login" />\r
 178                 <br /><?php echo _LOGINFORM_PWD?>:\r
 179                 <br /><input name="password" type="password" />\r
 180                 <br /><br />\r
 181                 <br /><input type="submit" value="<?php echo _LOGIN?>" />\r
 182         </p>\r
 183         </form>\r
 184         <p><a href="bookmarklet.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>\r
 185         </body>\r
 186         </html>\r
 187         <?php\r
 188 }\r
 189 \r
 190 function bm_doShowForm() {\r
 191         global $member;\r
 192         \r
 193         $blogid = intRequestVar('blogid');\r
 194         $log_text = trim(requestVar('logtext'));\r
 195         $log_link = requestVar('loglink');\r
 196         $log_linktitle = requestVar('loglinktitle');\r
 197 \r
 198         $log_text = uniDecode($log_text,_CHARSET);\r
 199         $log_linktitle = uniDecode($log_linktitle,_CHARSET);\r
 200         \r
 201         if (!BLOG::existsID($blogid))\r
 202                 bm_doError(_ERROR_NOSUCHBLOG);\r
 203 \r
 204         if (!$member->isTeamMember($blogid))\r
 205                 bm_doError(_ERROR_NOTONTEAM);\r
 206         \r
 207         $logje = '';\r
 208         if ($log_text)\r
 209                 $logje .= '<blockquote><div>"' . htmlspecialchars($log_text) .'"</div></blockquote>' . "\n";\r
 210         if (!$log_linktitle)\r
 211                 $log_linktitle = $log_link;\r
 212         if ($log_link) \r
 213                 $logje .= '<a href="'. htmlspecialchars($log_link) . '">'. htmlspecialchars($log_linktitle).'</a>';\r
 214                 \r
 215 \r
 216         $item['body'] = $logje;\r
 217         $item['title'] = htmlspecialchars($log_linktitle);\r
 218 \r
 219         $factory = new PAGEFACTORY($blogid);\r
 220         $factory->createAddForm('bookmarklet',$item);\r
 221 }\r
 222 \r
 223 function bm_doEditForm() {\r
 224         global $member, $manager;\r
 225         \r
 226         $itemid = intRequestVar('itemid');\r
 227         \r
 228         if (!$manager->existsItem($itemid, 0, 0)) \r
 229                 bm_doError(_ERROR_NOSUCHITEM);\r
 230                 \r
 231         if (!$member->canAlterItem($itemid))\r
 232                 bm_doError(_ERROR_DISALLOWED);\r
 233                 \r
 234         $item =& $manager->getItem($itemid,1,1);\r
 235         $blog =& $manager->getBlog(getBlogIDFromItemID($itemid));\r
 236         \r
 237         $manager->notify('PrepareItemForEdit', array('item' => &$item));\r
 238 \r
 239         if ($blog->convertBreaks()) {\r
 240                 $item['body'] = removeBreaks($item['body']);\r
 241                 $item['more'] = removeBreaks($item['more']);\r
 242         }\r
 243 \r
 244         $formfactory = new PAGEFACTORY($blog->getID());\r
 245         $formfactory->createEditForm('bookmarklet',$item);              \r
 246 \r
 247 }\r
 248 \r
 249 function bm_doError($msg) {\r
 250         bm_message(_ERROR,_ERRORMSG,$msg);\r
 251         die;\r
 252 }\r
 253 \r
 254 function bm_message($title, $head, $msg, $extrahead = '') {\r
 255         ?>\r
 256 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\r
 257         <html xmlns="http://www.w3.org/1999/xhtml">\r
 258         <head>\r
 259                 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />\r
 260                 <title><?php echo  $title ?></title>\r
 261                 <?php bm_style(); ?>\r
 262                 <?php echo $extrahead?>\r
 263         </head>\r
 264         <body>\r
 265         <h1><?php echo  $head ?></h1>\r
 266         <p><?php echo  $msg ?></p>\r
 267         <p><a href="bookmarklet.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>\r
 268         </body>\r
 269         </html>\r
 270         \r
 271         <?php }\r
 272 \r
 273 function bm_style() {\r
 274         echo '<link rel="stylesheet" type="text/css" href="styles/bookmarklet.css" />';\r
 275         echo '<link rel="stylesheet" type="text/css" href="styles/addedit.css" />';     \r
 276 }\r
 277 \r
 278 function bm_doContextMenuCode() {\r
 279         global $CONF;\r
 280         ?>\r
 281 <script type="text/javascript" defer="defer">\r
 282 doc=external.menuArguments.document;\r
 283 lt=escape(doc.selection.createRange().text);\r
 284 loglink=escape(external.menuArguments.location.href);\r
 285 loglinktitle=escape(doc.title);\r
 286 wingm=window.open('<?php echo $CONF['AdminURL']?>bookmarklet.php?blogid=<?php echo intGetVar('blogid')?>&logtext='+lt+'&loglink='+loglink+'&loglinktitle='+loglinktitle,'nucleusbm','scrollbars=yes,width=600,height=500,left=10,top=10,status=yes,resizable=yes');\r
 287 wingm.focus();\r
 288 </script>       \r
 289         <?php\r
 290 }\r
 291 \r
 292 function uniDecode($str,$charcode){\r
 293   $text = preg_replace_callback("/%u[0-9A-Za-z]{4}/",toUtf8,$str);\r
 294   return mb_convert_encoding($text, $charcode, 'utf-8');\r
 295 }\r
 296 function toUtf8($ar){\r
 297   foreach($ar as $val){\r
 298     $val = intval(substr($val,2),16);\r
 299     if($val < 0x7F){        // 0000-007F\r
 300         $c .= chr($val);\r
 301     }elseif($val < 0x800) { // 0080-0800\r
 302         $c .= chr(0xC0 | ($val / 64));\r
 303         $c .= chr(0x80 | ($val % 64));\r
 304     }else{                // 0800-FFFF\r
 305         $c .= chr(0xE0 | (($val / 64) / 64));\r
 306         $c .= chr(0x80 | (($val / 64) % 64));\r
 307         $c .= chr(0x80 | ($val % 64));\r
 308     }\r
 309   }\r
 310   return $c;\r
 311 }\r
 312 \r
 313 ?>