/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2007 The Nucleus Group
+ * Copyright (C) 2002-2011 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* on the screen
*
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: BLOG.php,v 1.7 2007-02-04 06:28:46 kimitake Exp $
- * $NucleusJP: BLOG.php,v 1.6 2006/08/31 20:58:50 kimitake Exp $
+ * @copyright Copyright (C) 2002-2011 The Nucleus Group
+ * @version $Id$
+ * $NucleusJP: BLOG.php,v 1.12.2.2 2007/08/08 05:26:22 kimitake Exp $
*/
-// temporary: dirt way to separe class ITEMACTIONS from BLOG
-require_once $DIR_LIBS . 'ITEMACTIONS.php';
+if ( !function_exists('requestVar') ) exit;
+require_once dirname(__FILE__) . '/ITEMACTIONS.php';
class BLOG {
* Shows the given amount of items for this blog
*
* @param $template
- * String representing the template _NAME_ (!)
+ * String representing the template _NAME_ (!)
* @param $amountEntries
- * amount of entries to show
+ * amount of entries to show
* @param $startpos
- * offset from where items should be shown (e.g. 5 = start at fifth item)
+ * offset from where items should be shown (e.g. 5 = start at fifth item)
* @returns int
- * amount of items shown
+ * amount of items shown
*/
function readLog($template, $amountEntries, $offset = 0, $startpos = 0) {
return $this->readLogAmount($template,$amountEntries,'','',1,1,$offset, $startpos);
* Shows an archive for a given month
*
* @param $year
- * year
+ * year
* @param $month
- * month
+ * month
* @param $template
- * String representing the template name to be used
+ * String representing the template name to be used
*/
- function showArchive($templatename, $year, $month, $day=0) {
+ function showArchive($templatename, $year, $month = 0, $day = 0) {
// create extra where clause for select query
- if ($day == 0) {
+ if ($day == 0 && $month != 0) {
$timestamp_start = mktime(0,0,0,$month,1,$year);
$timestamp_end = mktime(0,0,0,$month+1,1,$year); // also works when $month==12
+ } elseif ($month == 0) {
+ $timestamp_start = mktime(0,0,0,1,1,$year);
+ $timestamp_end = mktime(0,0,0,12,31,$year); // also works when $month==12
} else {
$timestamp_start = mktime(0,0,0,$month,$day,$year);
$timestamp_end = mktime(0,0,0,$month,$day+1,$year);
* Shows the given amount of items for this blog
*
* @param $template
- * String representing the template _NAME_ (!)
+ * String representing the template _NAME_ (!)
* @param $amountEntries
- * amount of entries to show (0 = no limit)
+ * amount of entries to show (0 = no limit)
* @param $extraQuery
- * extra conditions to be added to the query
+ * extra conditions to be added to the query
* @param $highlight
- * contains a query that should be highlighted
+ * contains a query that should be highlighted
* @param $comments
- * 1=show comments 0=don't show comments
+ * 1=show comments 0=don't show comments
* @param $dateheads
- * 1=show dateheads 0=don't show dateheads
+ * 1=show dateheads 0=don't show dateheads
* @param $offset
- * offset
+ * offset
* @returns int
- * amount of items shown
+ * amount of items shown
*/
function readLogAmount($template, $amountEntries, $extraQuery, $highlight, $comments, $dateheads, $offset = 0, $startpos = 0) {
$items = sql_query($query);
// loop over all items
- while ($item = mysql_fetch_object($items)) {
+ $old_date = 0;
+ while ($item = sql_fetch_object($items)) {
- $item->timestamp = strtotime($item->itime); // string timestamp -> unix timestamp
+ $item->timestamp = strtotime($item->itime); // string timestamp -> unix timestamp
// action handler needs to know the item we're handling
$actions->setCurrentItem($item);
// add date header if needed
- $old_date = 0;
if ($dateheads) {
$new_date = date('dFY',$item->timestamp);
if ($new_date != $old_date) {
if ($old_date != 0) {
$oldTS = strtotime($old_date);
$manager->notify('PreDateFoot',array('blog' => &$this, 'timestamp' => $oldTS));
- $tmp_footer = strftime($template['DATE_FOOTER'], $oldTS);
+ $tmp_footer = strftimejp(isset($template['DATE_FOOTER'])?$template['DATE_FOOTER']:'', $oldTS);
$parser->parse($tmp_footer);
$manager->notify('PostDateFoot',array('blog' => &$this, 'timestamp' => $oldTS));
}
$manager->notify('PreDateHead',array('blog' => &$this, 'timestamp' => $timestamp));
// note, to use templatvars in the dateheader, the %-characters need to be doubled in
// order to be preserved by strftime
- $tmp_header = strftime((isset($template['DATE_HEADER']) ? $template['DATE_HEADER'] : null), $timestamp);
+ $tmp_header = strftimejp((isset($template['DATE_HEADER']) ? $template['DATE_HEADER'] : null), $timestamp);
$parser->parse($tmp_header);
$manager->notify('PostDateHead',array('blog' => &$this, 'timestamp' => $timestamp));
}
}
- $numrows = mysql_num_rows($items);
+ $numrows = sql_num_rows($items);
// add another date footer if there was at least one item
if (($numrows > 0) && $dateheads) {
$manager->notify('PostDateFoot',array('blog' => &$this, 'timestamp' => strtotime($old_date)));
}
- mysql_free_result($items); // free memory
+ sql_free_result($items); // free memory
return $numrows;
/**
* Adds an item to this blog
*/
- function additem($catid, $title, $body, $more, $blogid, $authorid, $timestamp, $closed, $draft) {
+ function additem($catid, $title, $body, $more, $blogid, $authorid, $timestamp, $closed, $draft, $posted='1') {
global $manager;
- $blogid = intval($blogid);
- $authorid = intval($authorid);
- $title = $title;
- $body = $body;
- $more = $more;
- $catid = intval($catid);
+ $blogid = intval($blogid);
+ $authorid = intval($authorid);
+ $title = $title;
+ $body = $body;
+ $more = $more;
+ $catid = intval($catid);
// convert newlines to <br />
if ($this->convertBreaks()) {
$more = addBreaks($more);
}
- if ($closed != '1') $closed = '0';
+ if ($closed != '1') $closed = '0';
if ($draft != '0') $draft = '1';
if (!$this->isValidCategory($catid))
$manager->notify('PreAddItem',array('title' => &$title, 'body' => &$body, 'more' => &$more, 'blog' => &$this, 'authorid' => &$authorid, 'timestamp' => &$timestamp, 'closed' => &$closed, 'draft' => &$draft, 'catid' => &$catid));
- $title = addslashes($title);
- $body = addslashes($body);
- $more = addslashes($more);
+ $ititle = sql_real_escape_string($title);
+ $ibody = sql_real_escape_string($body);
+ $imore = sql_real_escape_string($more);
- $query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IDRAFT, ICAT) '
- . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $draft, $catid)";
+ $query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IDRAFT, ICAT, IPOSTED) '
+ . "VALUES ('$ititle', '$ibody', '$imore', $blogid, $authorid, '$timestamp', $closed, $draft, $catid, $posted)";
sql_query($query);
- $itemid = mysql_insert_id();
+ $itemid = sql_insert_id();
$manager->notify('PostAddItem',array('itemid' => $itemid));
// send notification mail
if (!$draft && !$isFuture && $this->getNotifyAddress() && $this->notifyOnNewItem())
- $this->sendNewItemNotification($itemid, stripslashes($title), stripslashes($body));
+ $this->sendNewItemNotification($itemid, $title, $body);
- return $itemid;
+ return $itemid;
}
function sendNewItemNotification($itemid, $title, $body) {
$ascii = toAscii($body);
$mailto_msg = _NOTIFY_NI_MSG . " \n";
- $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";
+// $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";
+ $temp = parse_url($CONF['Self']);
+ if ($temp['scheme']) {
+ $mailto_msg .= createItemLink($itemid) . "\n\n";
+ } else {
+ $tempurl = $this->getURL();
+ if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {
+ $mailto_msg .= $tempurl . '?itemid=' . $itemid . "\n\n";
+ } else {
+ $mailto_msg .= $tempurl . '/?itemid=' . $itemid . "\n\n";
+ }
+ }
$mailto_msg .= _NOTIFY_TITLE . ' ' . strip_tags($title) . "\n";
$mailto_msg .= _NOTIFY_CONTENTS . "\n " . $ascii . "\n";
$mailto_msg .= getMailFooter();
* Creates a new category for this blog
*
* @param $catName
- * name of the new category. When empty, a name is generated automatically
- * (starting with newcat)
+ * name of the new category. When empty, a name is generated automatically
+ * (starting with newcat)
* @param $catDescription
- * description of the new category. Defaults to 'New Category'
+ * description of the new category. Defaults to 'New Category'
*
* @returns
- * the new category-id in case of success.
- * 0 on failure
+ * the new category-id in case of success.
+ * 0 on failure
*/
- function createNewCategory($catName = '', $catDescription = 'New category') {
+ function createNewCategory($catName = '', $catDescription = _CREATED_NEW_CATEGORY_DESC) {
global $member, $manager;
if ($member->blogAdminRights($this->getID())) {
// generate
if ($catName == '')
{
- $catName = 'newcat';
+ $catName = _CREATED_NEW_CATEGORY_NAME;
$i = 1;
$res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cname='".$catName.$i."' and cblog=".$this->getID());
- while (mysql_num_rows($res) > 0)
+ while (sql_num_rows($res) > 0)
{
$i++;
$res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cname='".$catName.$i."' and cblog=".$this->getID());
)
);
- $query = 'INSERT INTO '.sql_table('category').' (cblog, cname, cdesc) VALUES (' . $this->getID() . ", '" . addslashes($catName) . "', '" . addslashes($catDescription) . "')";
+ $query = 'INSERT INTO '.sql_table('category').' (cblog, cname, cdesc) VALUES (' . $this->getID() . ", '" . sql_real_escape_string($catName) . "', '" . sql_real_escape_string($catDescription) . "')";
sql_query($query);
- $catid = mysql_insert_id();
+ $catid = sql_insert_id();
$manager->notify(
'PostAddCategory',
* Searches all months of this blog for the given query
*
* @param $query
- * search query
+ * search query
* @param $template
- * template to be used (__NAME__ of the template)
+ * template to be used (__NAME__ of the template)
* @param $amountMonths
- * max amount of months to be search (0 = all)
+ * max amount of months to be search (0 = all)
* @param $maxresults
- * max number of results to show
+ * max number of results to show
* @param $startpos
- * offset
+ * offset
* @returns
- * amount of hits found
+ * amount of hits found
*/
function search($query, $template, $amountMonths, $maxresults, $startpos) {
global $CONF, $manager;
- $highlight = '';
- $sqlquery = $this->getSqlSearch($query, $amountMonths, $highlight);
+ $highlight = '';
+ $sqlquery = $this->getSqlSearch($query, $amountMonths, $highlight);
if ($sqlquery == '')
{
{
$template =& $manager->getTemplate($template);
$vars = array(
- 'query' => htmlspecialchars($query),
+ 'query' => htmlspecialchars($query),
'blogid' => $this->getID()
);
echo TEMPLATE::fill($template['SEARCH_NOTHINGFOUND'],$vars);
* Returns an SQL query to use for a search query
*
* @param $query
- * search query
+ * search query
* @param $amountMonths
- * amount of months to search back. Default = 0 = unlimited
+ * amount of months to search back. Default = 0 = unlimited
* @param $mode
- * either empty, or 'count'. In this case, the query will be a SELECT COUNT(*) query
+ * either empty, or 'count'. In this case, the query will be a SELECT COUNT(*) query
* @returns $highlight
- * words to highlight (out parameter)
+ * words to highlight (out parameter)
* @returns
- * either a full SQL query, or an empty string (if querystring empty)
+ * either a full SQL query, or an empty string (if querystring empty)
* @note
- * No LIMIT clause is added. (caller should add this if multiple pages are requested)
+ * No LIMIT clause is added. (caller should add this if multiple pages are requested)
*/
function getSqlSearch($query, $amountMonths = 0, &$highlight, $mode = '')
{
$searchclass =& new SEARCH($query);
- $highlight = $searchclass->inclusive;
+ $highlight = $searchclass->inclusive;
// if querystring is empty, return empty string
if ($searchclass->inclusive == '')
$select = $searchclass->boolean_sql_select('ititle,ibody,imore');
// get list of blogs to search
- $blogs = $searchclass->blogs; // array containing blogs that always need to be included
- $blogs[] = $this->getID(); // also search current blog (duh)
- $blogs = array_unique($blogs); // remove duplicates
+ $blogs = $searchclass->blogs; // array containing blogs that always need to be included
+ $blogs[] = $this->getID(); // also search current blog (duh)
+ $blogs = array_unique($blogs); // remove duplicates
$selectblogs = '';
if (count($blogs) > 0)
$selectblogs = ' and i.iblog in (' . implode(',', $blogs) . ')';
$query .= ' FROM '.sql_table('item').' as i, '.sql_table('member').' as m, '.sql_table('category').' as c'
. ' WHERE i.iauthor=m.mnumber'
. ' and i.icat=c.catid'
- . ' and i.idraft=0' // exclude drafts
+ . ' and i.idraft=0' // exclude drafts
. $selectblogs
// don't show future items
. ' and i.itime<=' . mysqldate($this->getCorrectTime())
* Returns the SQL query that's normally used to display the blog items on the index type skins
*
* @param $mode
- * either empty, or 'count'. In this case, the query will be a SELECT COUNT(*) query
+ * either empty, or 'count'. In this case, the query will be a SELECT COUNT(*) query
* @returns
- * either a full SQL query, or an empty string
+ * either a full SQL query, or an empty string
* @note
- * No LIMIT clause is added. (caller should add this if multiple pages are requested)
+ * No LIMIT clause is added. (caller should add this if multiple pages are requested)
*/
function getSqlBlog($extraQuery, $mode = '')
{
. ' WHERE i.iblog='.$this->blogid
. ' and i.iauthor=m.mnumber'
. ' and i.icat=c.catid'
- . ' and i.idraft=0' // exclude drafts
+ . ' and i.idraft=0' // exclude drafts
// don't show future items
. ' and i.itime<=' . mysqldate($this->getCorrectTime());
function showArchiveList($template, $mode = 'month', $limit = 0) {
global $CONF, $catid, $manager;
- if ($catid)
+ if (!isset ($linkparams)) {
+ $linkparams = array();
+ }
+
+ if ($catid) {
$linkparams = array('catid' => $catid);
+ }
$template =& $manager->getTemplate($template);
$data['blogid'] = $this->getID();
- echo TEMPLATE::fill($template['ARCHIVELIST_HEADER'],$data);
+ $tplt = isset($template['ARCHIVELIST_HEADER']) ? $template['ARCHIVELIST_HEADER']
+ : '';
+ echo TEMPLATE::fill($tplt, $data);
$query = 'SELECT itime, SUBSTRING(itime,1,4) AS Year, SUBSTRING(itime,6,2) AS Month, SUBSTRING(itime,9,2) as Day FROM '.sql_table('item')
. ' WHERE iblog=' . $this->getID()
- . ' and itime <=' . mysqldate($this->getCorrectTime()) // don't show future items!
+ . ' and itime <=' . mysqldate($this->getCorrectTime()) // don't show future items!
. ' and idraft=0'; // don't show draft items
if ($catid)
$query .= ' and icat=' . intval($catid);
- $query .= ' GROUP BY Year, Month';
+ $query .= ' GROUP BY Year';
+ if ($mode == 'month' || $mode == 'day')
+ $query .= ', Month';
if ($mode == 'day')
$query .= ', Day';
-
$query .= ' ORDER BY itime DESC';
if ($limit > 0)
$res = sql_query($query);
- while ($current = mysql_fetch_object($res)) {
- $current->itime = strtotime($current->itime); // string time -> unix timestamp
+ while ($current = sql_fetch_object($res)) {
+ $current->itime = strtotime($current->itime); // string time -> unix timestamp
if ($mode == 'day') {
- $archivedate = date('Y-m-d',$current->itime);
- $archive['day'] = date('d',$current->itime);
+ $archivedate = date('Y-m-d',$current->itime);
+ $archive['day'] = date('d',$current->itime);
+ $data['day'] = date('d',$current->itime);
+ $data['month'] = date('m',$current->itime);
+ $archive['month'] = $data['month'];
+ } elseif ($mode == 'year') {
+ $archivedate = date('Y',$current->itime);
+ $data['day'] = '';
+ $data['month'] = '';
+ $archive['day'] = '';
+ $archive['month'] = '';
} else {
$archivedate = date('Y-m',$current->itime);
+ $data['month'] = date('m',$current->itime);
+ $archive['month'] = $data['month'];
+ $data['day'] = '';
+ $archive['day'] = '';
}
- $data['month'] = date('m',$current->itime);
+
$data['year'] = date('Y',$current->itime);
+ $archive['year'] = $data['year'];
$data['archivelink'] = createArchiveLink($this->getID(),$archivedate,$linkparams);
+ $manager->notify(
+ 'PreArchiveListItem',
+ array(
+ 'listitem' => &$data
+ )
+ );
+
$temp = TEMPLATE::fill($template['ARCHIVELIST_LISTITEM'],$data);
- echo strftime($temp,$current->itime);
+ echo strftimejp($temp,$current->itime);
}
- mysql_free_result($res);
+ sql_free_result($res);
- echo TEMPLATE::fill($template['ARCHIVELIST_FOOTER'],$data);
+ $tplt = isset($template['ARCHIVELIST_FOOTER']) ? $template['ARCHIVELIST_FOOTER']
+ : '';
+ echo TEMPLATE::fill($tplt, $data);
}
}
//$blogurl = $this->getURL() . $qargs;
- $blogurl = createBlogLink($this->getURL(), $linkparams);
+ //$blogurl = createBlogLink($this->getURL(), $linkparams);
$template =& $manager->getTemplate($template);
+ //: Change: Set nocatselected variable
+ if ($this->getSelectedCategory()) {
+ $nocatselected = 'no';
+ }
+ else {
+ $nocatselected = 'yes';
+ }
+
echo TEMPLATE::fill((isset($template['CATLIST_HEADER']) ? $template['CATLIST_HEADER'] : null),
array(
'blogid' => $this->getID(),
'blogurl' => $blogurl,
- 'self' => $CONF['Self']
+ 'self' => $CONF['Self'],
+ //: Change: Set catiscurrent template variable for header
+ 'catiscurrent' => $nocatselected,
+ 'currentcat' => $nocatselected
));
$query = 'SELECT catid, cdesc as catdesc, cname as catname FROM '.sql_table('category').' WHERE cblog=' . $this->getID() . ' ORDER BY cname ASC';
$res = sql_query($query);
- while ($data = mysql_fetch_assoc($res)) {
+ while ($data = sql_fetch_assoc($res)) {
$data['blogid'] = $this->getID();
$data['blogurl'] = $blogurl;
$data['catlink'] = createLink(
'name' => $data['catname'],
'extra' => $linkparams
)
- );
+ );
$data['self'] = $CONF['Self'];
+
+ //catiscurrent
+ //: Change: Bugfix for catiscurrent logic so it gives catiscurrent = no when no category is selected.
+ $data['catiscurrent'] = 'no';
+ $data['currentcat'] = 'no';
+ if ($this->getSelectedCategory()) {
+ if ($this->getSelectedCategory() == $data['catid']) {
+ $data['catiscurrent'] = 'yes';
+ $data['currentcat'] = 'yes';
+ }
+ /*else {
+ $data['catiscurrent'] = 'no';
+ $data['currentcat'] = 'no';
+ }*/
+ }
+ else {
+ global $itemid;
+ if (intval($itemid) && $manager->existsItem(intval($itemid),0,0)) {
+ $iobj =& $manager->getItem(intval($itemid),0,0);
+ $cid = $iobj['catid'];
+ if ($cid == $data['catid']) {
+ $data['catiscurrent'] = 'yes';
+ $data['currentcat'] = 'yes';
+ }
+ /*else {
+ $data['catiscurrent'] = 'no';
+ $data['currentcat'] = 'no';
+ }*/
+ }
+ }
+
+ $manager->notify(
+ 'PreCategoryListItem',
+ array(
+ 'listitem' => &$data
+ )
+ );
echo TEMPLATE::fill((isset($template['CATLIST_LISTITEM']) ? $template['CATLIST_LISTITEM'] : null), $data);
//$temp = TEMPLATE::fill((isset($template['CATLIST_LISTITEM']) ? $template['CATLIST_LISTITEM'] : null), $data);
}
- mysql_free_result($res);
+ sql_free_result($res);
echo TEMPLATE::fill((isset($template['CATLIST_FOOTER']) ? $template['CATLIST_FOOTER'] : null),
array(
'self' => $CONF['Self']
));
}
-
+
/**
* Shows a list of all blogs in the system using a given template
+ * ordered by number, name, shortname or description
+ * in ascending or descending order
*/
- function showBlogList($template, $bnametype) {
+ function showBlogList($template, $bnametype, $orderby, $direction) {
global $CONF, $manager;
-
+
+ switch ($orderby) {
+ case 'number':
+ $orderby='bnumber';
+ break;
+ case 'name':
+ $orderby='bname';
+ break;
+ case 'shortname':
+ $orderby='bshortname';
+ break;
+ case 'description':
+ $orderby='bdesc';
+ break;
+ default:
+ $orderby='bnumber';
+ break;
+ }
+
+ $direction=strtolower($direction);
+ switch ($direction) {
+ case 'asc':
+ $direction='ASC';
+ break;
+ case 'desc':
+ $direction='DESC';
+ break;
+ default:
+ $direction='ASC';
+ break;
+ }
+
$template =& $manager->getTemplate($template);
-
- $query = 'SELECT bnumber, bname, bshortname, bdesc, burl FROM '.sql_table('blog').' ORDER BY bnumber ASC';
+
+ echo TEMPLATE::fill((isset($template['BLOGLIST_HEADER']) ? $template['BLOGLIST_HEADER'] : null),
+ array(
+ 'sitename' => $CONF['SiteName'],
+ 'siteurl' => $CONF['IndexURL']
+ ));
+
+ $query = 'SELECT bnumber, bname, bshortname, bdesc, burl FROM '.sql_table('blog').' ORDER BY '.$orderby.' '.$direction;
$res = sql_query($query);
-
- while ($data = mysql_fetch_assoc($res)) {
-
+
+ while ($data = sql_fetch_assoc($res)) {
+
$list = array();
-
- $list['bloglink'] = createLink('blog', array('blogid' => $data['bnumber']));
-
+
+// $list['bloglink'] = createLink('blog', array('blogid' => $data['bnumber']));
+ $list['bloglink'] = createBlogidLink($data['bnumber']);
+
$list['blogdesc'] = $data['bdesc'];
-
+
+ $list['blogurl'] = $data['burl'];
+
if ($bnametype=='shortname') {
$list['blogname'] = $data['bshortname'];
}
else { // all other cases
$list['blogname'] = $data['bname'];
}
-
+
+ $manager->notify(
+ 'PreBlogListItem',
+ array(
+ 'listitem' => &$list
+ )
+ );
+
echo TEMPLATE::fill((isset($template['BLOGLIST_LISTITEM']) ? $template['BLOGLIST_LISTITEM'] : null), $list);
-
+
}
-
- mysql_free_result($res);
+
+ sql_free_result($res);
+
+ echo TEMPLATE::fill((isset($template['BLOGLIST_FOOTER']) ? $template['BLOGLIST_FOOTER'] : null),
+ array(
+ 'sitename' => $CONF['SiteName'],
+ 'siteurl' => $CONF['IndexURL']
+ ));
+
}
/**
. ' WHERE bnumber=' . $this->blogid;
$res = sql_query($query);
- $this->isValid = (mysql_num_rows($res) > 0);
+ $this->isValid = (sql_num_rows($res) > 0);
if (!$this->isValid)
return;
- $this->settings = mysql_fetch_assoc($res);
+ $this->settings = sql_fetch_assoc($res);
}
function writeSettings() {
$offset = intval($offset);
$query = 'UPDATE '.sql_table('blog')
- . " SET bname='" . addslashes($this->getName()) . "',"
- . " bshortname='". addslashes($this->getShortName()) . "',"
- . " bcomments=". intval($this->commentsEnabled()) . ","
- . " bmaxcomments=" . intval($this->getMaxComments()) . ","
- . " btimeoffset=" . $offset . ","
- . " bpublic=" . intval($this->isPublic()) . ","
- . " breqemail=" . intval($this->emailRequired()) . ","
- . " bsendping=" . intval($this->pingUserland()) . ","
- . " bconvertbreaks=" . intval($this->convertBreaks()) . ","
- . " ballowpast=" . intval($this->allowPastPosting()) . ","
- . " bnotify='" . addslashes($this->getNotifyAddress()) . "',"
- . " bnotifytype=" . intval($this->getNotifyType()) . ","
- . " burl='" . addslashes($this->getURL()) . "',"
- . " bupdate='" . addslashes($this->getUpdateFile()) . "',"
- . " bdesc='" . addslashes($this->getDescription()) . "',"
- . " bdefcat=" . intval($this->getDefaultCategory()) . ","
- . " bdefskin=" . intval($this->getDefaultSkin()) . ","
- . " bincludesearch=" . intval($this->getSearchable())
+ . " SET bname='" . sql_real_escape_string($this->getName()) . "',"
+ . " bshortname='". sql_real_escape_string($this->getShortName()) . "',"
+ . " bcomments=". intval($this->commentsEnabled()) . ","
+ . " bmaxcomments=" . intval($this->getMaxComments()) . ","
+ . " btimeoffset=" . $offset . ","
+ . " bpublic=" . intval($this->isPublic()) . ","
+ . " breqemail=" . intval($this->emailRequired()) . ","
+ . " bconvertbreaks=" . intval($this->convertBreaks()) . ","
+ . " ballowpast=" . intval($this->allowPastPosting()) . ","
+ . " bnotify='" . sql_real_escape_string($this->getNotifyAddress()) . "',"
+ . " bnotifytype=" . intval($this->getNotifyType()) . ","
+ . " burl='" . sql_real_escape_string($this->getURL()) . "',"
+ . " bupdate='" . sql_real_escape_string($this->getUpdateFile()) . "',"
+ . " bdesc='" . sql_real_escape_string($this->getDescription()) . "',"
+ . " bdefcat=" . intval($this->getDefaultCategory()) . ","
+ . " bdefskin=" . intval($this->getDefaultSkin()) . ","
+ . " bincludesearch=" . intval($this->getSearchable())
. " WHERE bnumber=" . intval($this->getID());
sql_query($query);
}
- /**
- * Sends a XML-RPC ping message to Userland, so the weblog can
- * show up in the weblogs.com updates-list
- */
- function sendUserlandPing() {
- global $php_errormsg;
-
- if ($this->pingUserland()) {
- // testmessage for adding an item
- $message = new xmlrpcmsg('weblogUpdates.ping',array(
- new xmlrpcval($this->getName(),'string'),
- new xmlrpcval($this->getURL(),'string')
- ));
-
- $c = new xmlrpc_client('/RPC2', 'rpc.weblogs.com', 80);
-
- // $c->setDebug(1);
-
- $r = $c->send($message,15); // 15 seconds timeout...
-
- if (($r == 0) && ($r->errno || $r->errstring)) {
- return 'Error ' . $r->errno . ' : ' . $r->errstring;
- } elseif (($r == 0) && ($php_errormsg)) {
- return 'PHP Error: ' . $php_errormsg;
- } elseif ($r == 0) {
- return 'Error while trying to send ping. Sorry about that.';
- } elseif ($r->faultCode() != 0) {
- return 'Error: ' . $r->faultString();
- } else {
- $r = $r->value(); // get response struct
- // get values
- $flerror = $r->structmem('flerror');
- $flerror = $flerror->scalarval();
-
-
- $message = $r->structmem('message');
- $message = $message->scalarval();
-
- if ($flerror != 0)
- return 'Error (flerror=1): ' . $message;
- else
- return 'Success: ' . $message;
- }
- }
- }
-
function isValidCategory($catid) {
$query = 'SELECT * FROM '.sql_table('category').' WHERE cblog=' . $this->getID() . ' and catid=' . intval($catid);
- $res = mysql_query($query);
- return (mysql_num_rows($res) != 0);
+ $res = sql_query($query);
+ return (sql_num_rows($res) != 0);
}
function getCategoryName($catid) {
- $res = mysql_query('SELECT cname FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
- $o = mysql_fetch_object($res);
+ $res = sql_query('SELECT cname FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
+ $o = sql_fetch_object($res);
return $o->cname;
}
function getCategoryDesc($catid) {
- $res = mysql_query('SELECT cdesc FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
- $o = mysql_fetch_object($res);
+ $res = sql_query('SELECT cdesc FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
+ $o = sql_fetch_object($res);
return $o->cdesc;
}
function getCategoryIdFromName($name) {
- $res = mysql_query('SELECT catid FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and cname="' . addslashes($name) . '"');
- if (mysql_num_rows($res) > 0) {
- $o = mysql_fetch_object($res);
+ $res = sql_query('SELECT catid FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and cname="' . sql_real_escape_string($name) . '"');
+ if (sql_num_rows($res) > 0) {
+ $o = sql_fetch_object($res);
return $o->catid;
} else {
return $this->getDefaultCategory();
}
}
- function pingUserland() {
- return $this->getSetting('bsendping');
- }
-
- function setPingUserland($val) {
- $this->setSetting('bsendping',$val);
- }
-
function convertBreaks() {
return $this->getSetting('bconvertbreaks');
}
setConvertBreaks(<?php echo $this->convertBreaks() ? 'true' : 'false' ?>);
setMediaUrl("<?php echo $CONF['MediaURL']?>");
setAuthorId(<?php echo $authorid?>);
- </script><?php }
+ </script><?php }
function setConvertBreaks($val) {
$this->setSetting('bconvertbreaks',$val);
);
- ACTIONLOG::add(INFO, 'Added ' . $tmem->getDisplayName() . ' (ID=' .
- $memberid .') to the team of blog "' . $this->getName() . '"');
+ $logMsg = sprintf(_TEAM_ADD_NEWTEAMMEMBER, $tmem->getDisplayName(), $memberid, $this->getName());
+ ACTIONLOG::add(INFO, $logMsg);
return 1;
}
// returns true if there is a blog with the given shortname (static)
function exists($name) {
- $r = sql_query('select * FROM '.sql_table('blog').' WHERE bshortname="'.addslashes($name).'"');
- return (mysql_num_rows($r) != 0);
+ $r = sql_query('select * FROM '.sql_table('blog').' WHERE bshortname="'.sql_real_escape_string($name).'"');
+ return (sql_num_rows($r) != 0);
}
// returns true if there is a blog with the given ID (static)
function existsID($id) {
$r = sql_query('select * FROM '.sql_table('blog').' WHERE bnumber='.intval($id));
- return (mysql_num_rows($r) != 0);
+ return (sql_num_rows($r) != 0);
+ }
+
+ // flag there is a future post pending
+ function setFuturePost() {
+ $query = 'UPDATE '.sql_table('blog')
+ . " SET bfuturepost='1' WHERE bnumber=" . $this->getID();
+ sql_query($query);
+ }
+
+ // clear there is a future post pending
+ function clearFuturePost() {
+ $query = 'UPDATE '.sql_table('blog')
+ . " SET bfuturepost='0' WHERE bnumber=" . $this->getID();
+ sql_query($query);
+ }
+
+ // check if we should throw justPosted event
+ function checkJustPosted() {
+ global $manager;
+
+ if ($this->settings['bfuturepost'] == 1) {
+ $blogid = $this->getID();
+ $result = sql_query("SELECT * FROM " . sql_table('item')
+ . " WHERE iposted=0 AND iblog=" . $blogid . " AND itime<NOW()");
+ if (sql_num_rows($result) > 0) {
+ // This $pinged is allow a plugin to tell other hook to the event that a ping is sent already
+ // Note that the plugins's calling order is subject to thri order in the plugin list
+ $pinged = false;
+ $manager->notify(
+ 'JustPosted',
+ array('blogid' => $blogid,
+ 'pinged' => &$pinged
+ )
+ );
+
+ // clear all expired future posts
+ sql_query("UPDATE " . sql_table('item') . " SET iposted='1' WHERE iblog=" . $blogid . " AND itime<NOW()");
+
+ // check to see any pending future post, clear the flag is none
+ $result = sql_query("SELECT * FROM " . sql_table('item')
+ . " WHERE iposted=0 AND iblog=" . $blogid);
+ if (sql_num_rows($result) == 0) {
+ $this->clearFuturePost();
+ }
+ }
+ }
+ }
+
+ /**
+ * Shows the given list of items for this blog
+ *
+ * @param $itemarray
+ * array of item numbers to be displayed
+ * @param $template
+ * String representing the template _NAME_ (!)
+ * @param $highlight
+ * contains a query that should be highlighted
+ * @param $comments
+ * 1=show comments 0=don't show comments
+ * @param $dateheads
+ * 1=show dateheads 0=don't show dateheads
+ * @param $showDrafts
+ * 0=do not show drafts 1=show drafts
+ * @param $showFuture
+ * 0=do not show future posts 1=show future posts
+ * @returns int
+ * amount of items shown
+ */
+ function readLogFromList($itemarray, $template, $highlight = '', $comments = 1, $dateheads = 1,$showDrafts = 0, $showFuture = 0) {
+
+ $query = $this->getSqlItemList($itemarray,$showDrafts,$showFuture);
+
+ return $this->showUsingQuery($template, $query, $highlight, $comments, $dateheads);
}
+ /**
+ * Returns the SQL query used to fill out templates for a list of items
+ *
+ * @param $itemarray
+ * an array holding the item numbers of the items to be displayed
+ * @param $showDrafts
+ * 0=do not show drafts 1=show drafts
+ * @param $showFuture
+ * 0=do not show future posts 1=show future posts
+ * @returns
+ * either a full SQL query, or an empty string
+ * @note
+ * No LIMIT clause is added. (caller should add this if multiple pages are requested)
+ */
+ function getSqlItemList($itemarray,$showDrafts = 0,$showFuture = 0)
+ {
+ if (!is_array($itemarray)) return '';
+ $showDrafts = intval($showDrafts);
+ $showFuture = intval($showFuture);
+ $items = array();
+ foreach ($itemarray as $value) {
+ if (intval($value)) $items[] = intval($value);
+ }
+ if (!count($items)) return '';
+ //$itemlist = implode(',',$items);
+ $i = count($items);
+ $query = '';
+ foreach ($items as $value) {
+ $query .= '('
+ . 'SELECT'
+ . ' i.inumber as itemid,'
+ . ' i.ititle as title,'
+ . ' i.ibody as body,'
+ . ' m.mname as author,'
+ . ' m.mrealname as authorname,'
+ . ' i.itime,'
+ . ' i.imore as more,'
+ . ' m.mnumber as authorid,'
+ . ' m.memail as authormail,'
+ . ' m.murl as authorurl,'
+ . ' c.cname as category,'
+ . ' i.icat as catid,'
+ . ' i.iclosed as closed';
+
+ $query .= ' FROM '
+ . sql_table('item') . ' as i, '
+ . sql_table('member') . ' as m, '
+ . sql_table('category').' as c'
+ . ' WHERE'
+ . ' i.iblog = ' . $this->blogid
+ . ' and i.iauthor = m.mnumber'
+ . ' and i.icat = c.catid';
+
+ if (!$showDrafts) $query .= ' and i.idraft=0'; // exclude drafts
+ if (!$showFuture) $query .= ' and i.itime<=' . mysqldate($this->getCorrectTime()); // don't show future items
+
+ //$query .= ' and i.inumber IN ('.$itemlist.')';
+ $query .= ' and i.inumber = '.intval($value);
+ $query .= ')';
+ $i--;
+ if ($i) $query .= ' UNION ';
+ }
+
+ return $query;
+ }
}
-?>
+?>
\ No newline at end of file