<?php\r
\r
+/*\r
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
+ * Copyright (C) 2002-2010 The Nucleus Group\r
+ *\r
+ * This program is free software; you can redistribute it and/or\r
+ * modify it under the terms of the GNU General Public License\r
+ * as published by the Free Software Foundation; either version 2\r
+ * of the License, or (at your option) any later version.\r
+ * (see nucleus/documentation/index.html#license for more info)\r
+ */\r
/**\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
- * Copyright (C) 2002-2005 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- *\r
- * A class representing an item\r
- *\r
- * $Id: ITEM.php,v 1.3 2005-03-12 06:19:05 kimitake Exp $\r
- * $NucleusJP$\r
- */\r
+ * A class representing an item\r
+ *\r
+ * @license http://nucleuscms.org/license.txt GNU General Public License\r
+ * @copyright Copyright (C) 2002-2010 The Nucleus Group\r
+ * @version $Id$\r
+ * $NucleusJP: ITEM.php,v 1.7.2.3 2008/02/07 06:13:30 kimitake Exp $\r
+ */\r
class ITEM {\r
- \r
+\r
var $itemid;\r
- \r
+\r
+ /**\r
+ * Constructor of an ITEM object\r
+ * \r
+ * @param integer $itemid id of the item\r
+ */\r
function ITEM($itemid) {\r
$this->itemid = $itemid;\r
}\r
- \r
+\r
/**\r
* Returns one item with the specific itemid\r
- * (static)\r
+ * \r
+ * @param integer $itemid id of the item\r
+ * @param boolean $allowdraft\r
+ * @param boolean $allowfuture\r
+ * @static\r
*/\r
function getitem($itemid, $allowdraft, $allowfuture) {\r
global $manager;\r
\r
$itemid = intval($itemid);\r
- \r
+\r
$query = 'SELECT i.idraft as draft, i.inumber as itemid, i.iclosed as closed, '\r
- . ' i.ititle as title, i.ibody as body, m.mname as author, '\r
- . ' i.iauthor as authorid, i.itime, i.imore as more, i.ikarmapos as karmapos, '\r
- . ' i.ikarmaneg as karmaneg, i.icat as catid, i.iblog as blogid '\r
- . ' FROM '.sql_table('item').' as i, '.sql_table('member').' as m, ' . sql_table('blog') . ' as b '\r
- . ' WHERE i.inumber=' . $itemid\r
- . ' and i.iauthor=m.mnumber '\r
- . ' and i.iblog=b.bnumber';\r
- \r
+ . ' i.ititle as title, i.ibody as body, m.mname as author, '\r
+ . ' i.iauthor as authorid, i.itime, i.imore as more, i.ikarmapos as karmapos, '\r
+ . ' i.ikarmaneg as karmaneg, i.icat as catid, i.iblog as blogid '\r
+ . ' FROM '.sql_table('item').' as i, '.sql_table('member').' as m, ' . sql_table('blog') . ' as b '\r
+ . ' WHERE i.inumber=' . $itemid\r
+ . ' and i.iauthor=m.mnumber '\r
+ . ' and i.iblog=b.bnumber';\r
+\r
if (!$allowdraft)\r
$query .= ' and i.idraft=0';\r
- \r
+\r
if (!$allowfuture) {\r
$blog =& $manager->getBlog(getBlogIDFromItemID($itemid));\r
- $query .= ' and i.itime <=' . mysqldate($blog->getCorrectTime()); \r
+ $query .= ' and i.itime <=' . mysqldate($blog->getCorrectTime());\r
}\r
- \r
+\r
$query .= ' LIMIT 1';\r
\r
$res = sql_query($query);\r
\r
- if (mysql_num_rows($res) == 1)\r
+ if (sql_num_rows($res) == 1)\r
{\r
- $aItemInfo = mysql_fetch_assoc($res);\r
- $aItemInfo['timestamp'] = strtotime($aItemInfo['itime']); \r
+ $aItemInfo = sql_fetch_assoc($res);\r
+ $aItemInfo['timestamp'] = strtotime($aItemInfo['itime']);\r
return $aItemInfo;\r
} else {\r
return 0;\r
}\r
\r
- } \r
- \r
+ }\r
+\r
/**\r
* Tries to create an item from the data in the current request (comes from\r
- * bookmarklet or admin area \r
+ * bookmarklet or admin area\r
*\r
- * Returns an array with status info (status = 'added', 'error', 'newcategory')\r
+ * Returns an array with status info:\r
+ * status = 'added', 'error', 'newcategory'\r
*\r
- * (static)\r
+ * @static\r
*/\r
function createFromRequest() {\r
global $member, $manager;\r
- \r
- $i_author = $member->getID();\r
+\r
+ $i_author = $member->getID();\r
$i_body = postVar('body');\r
$i_title = postVar('title');\r
$i_more = postVar('more');\r
- $i_actiontype = postVar('actiontype'); \r
+ $i_actiontype = postVar('actiontype');\r
$i_closed = intPostVar('closed');\r
- $i_hour = intPostVar('hour'); \r
- $i_minutes = intPostVar('minutes'); \r
- $i_month = intPostVar('month'); \r
- $i_day = intPostVar('day'); \r
- $i_year = intPostVar('year'); \r
+ $i_hour = intPostVar('hour');\r
+ $i_minutes = intPostVar('minutes');\r
+ $i_month = intPostVar('month');\r
+ $i_day = intPostVar('day');\r
+ $i_year = intPostVar('year');\r
\r
$i_catid = postVar('catid');\r
- \r
+\r
+ $i_draftid = intPostVar('draftid');\r
+\r
if (!$member->canAddItem($i_catid))\r
- return array('status' => 'error', 'message' => _ERROR_DISALLOWED);\r
- \r
+ return array('status' => 'error', 'message' => _ERROR_DISALLOWED);\r
+\r
if (!$i_actiontype) $i_actiontype = 'addnow';\r
\r
switch ($i_actiontype) {\r
- case 'adddraft':\r
- $i_draft = 1;\r
- break;\r
- case 'addfuture':\r
- case 'addnow':\r
- default:\r
- $i_draft = 0;\r
+ case 'adddraft':\r
+ $i_draft = 1;\r
+ break;\r
+ case 'addfuture':\r
+ case 'addnow':\r
+ default:\r
+ $i_draft = 0;\r
}\r
- \r
+\r
if (!trim($i_body))\r
- return array('status' => 'error', 'message' => _ERROR_NOEMPTYITEMS);\r
- \r
- // create new category if needed \r
+ return array('status' => 'error', 'message' => _ERROR_NOEMPTYITEMS);\r
+\r
+ // create new category if needed\r
if (strstr($i_catid,'newcat')) {\r
- // get blogid \r
+ // get blogid\r
list($i_blogid) = sscanf($i_catid,"newcat-%d");\r
- \r
+\r
// create\r
$blog =& $manager->getBlog($i_blogid);\r
$i_catid = $blog->createNewCategory();\r
\r
// show error when sth goes wrong\r
- if (!$i_catid) \r
+ if (!$i_catid)\r
return array('status' => 'error','message' => 'Could not create new category');\r
} else {\r
// force blogid (must be same as category id)\r
$i_blogid = getBlogIDFromCatID($i_catid);\r
$blog =& $manager->getBlog($i_blogid);\r
}\r
- \r
+\r
if ($i_actiontype == 'addfuture') {\r
$posttime = mktime($i_hour, $i_minutes, 0, $i_month, $i_day, $i_year);\r
- \r
- // make sure the date is in the future, unless we allow past dates \r
+\r
+ // make sure the date is in the future, unless we allow past dates\r
if ((!$blog->allowPastPosting()) && ($posttime < $blog->getCorrectTime()))\r
$posttime = $blog->getCorrectTime();\r
} else {\r
// time with offset, or 0 for drafts\r
- $posttime = $i_draft ? 0 : $blog->getCorrectTime(); \r
+ $posttime = $i_draft ? 0 : $blog->getCorrectTime();\r
+ }\r
+\r
+ if ($posttime > $blog->getCorrectTime()) {\r
+ $posted = 0;\r
+ $blog->setFuturePost();\r
}\r
- \r
- $itemid = $blog->additem($i_catid, $i_title,$i_body,$i_more,$i_blogid,$i_author,$posttime,$i_closed,$i_draft); \r
- \r
+ else {\r
+ $posted = 1;\r
+ }\r
+\r
+ $itemid = $blog->additem($i_catid, $i_title,$i_body,$i_more,$i_blogid,$i_author,$posttime,$i_closed,$i_draft,$posted);\r
+\r
//Setting the itemOptions\r
$aOptions = requestArray('plugoption');\r
NucleusPlugin::_applyPluginOptions($aOptions, $itemid);\r
$manager->notify('PostPluginOptionsUpdate',array('context' => 'item', 'itemid' => $itemid, 'item' => array('title' => $i_title, 'body' => $i_body, 'more' => $i_more, 'closed' => $i_closed, 'catid' => $i_catid)));\r
- \r
- // success\r
- if ($i_catid != intRequestVar('catid'))\r
- return array('status' => 'newcategory', 'itemid' => $itemid, 'catid' => $i_catid);\r
+\r
+ if ($i_draftid > 0) {\r
+ // delete permission is checked inside ITEM::delete()\r
+ ITEM::delete($i_draftid);\r
+ }\r
+\r
+ // success\r
+ if ($i_catid != intRequestVar('catid'))\r
+ return array('status' => 'newcategory', 'itemid' => $itemid, 'catid' => $i_catid);\r
else\r
return array('status' => 'added', 'itemid' => $itemid);\r
}\r
- \r
- \r
+\r
+\r
/**\r
- * Updates an item (static)\r
+ * Updates an item\r
+ *\r
+ * @static\r
*/\r
function update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp = 0) {\r
global $manager;\r
- \r
+\r
$itemid = intval($itemid);\r
\r
// make sure value is 1 or 0\r
if ($closed != 1) $closed = 0;\r
- \r
- // get destination blogid \r
+\r
+ // get destination blogid\r
$new_blogid = getBlogIDFromCatID($catid);\r
$old_blogid = getBlogIDFromItemID($itemid);\r
- \r
+\r
// move will be done on end of method\r
if ($new_blogid != $old_blogid)\r
$moveNeeded = 1;\r
- \r
+\r
// add <br /> before newlines\r
$blog =& $manager->getBlog($new_blogid);\r
if ($blog->convertBreaks()) {\r
$body = addBreaks($body);\r
$more = addBreaks($more);\r
}\r
- \r
+\r
// call plugins\r
$manager->notify('PreUpdateItem',array('itemid' => $itemid, 'title' => &$title, 'body' => &$body, 'more' => &$more, 'blog' => &$blog, 'closed' => &$closed, 'catid' => &$catid));\r
- \r
+\r
// update item itsself\r
$query = 'UPDATE '.sql_table('item')\r
- . ' SET' \r
- . " ibody='". addslashes($body) ."',"\r
- . " ititle='" . addslashes($title) . "',"\r
- . " imore='" . addslashes($more) . "',"\r
- . " iclosed=" . intval($closed) . ","\r
- . " icat=" . intval($catid);\r
+ . ' SET'\r
+ . " ibody='". sql_real_escape_string($body) ."',"\r
+ . " ititle='" . sql_real_escape_string($title) . "',"\r
+ . " imore='" . sql_real_escape_string($more) . "',"\r
+ . " iclosed=" . intval($closed) . ","\r
+ . " icat=" . intval($catid);\r
\r
// if we received an updated timestamp in the past, but past posting is not allowed,\r
// reject that date change (timestamp = 0 will make sure the current date is kept)\r
if ( (!$blog->allowPastPosting()) && ($timestamp < $blog->getCorrectTime()))\r
$timestamp = 0;\r
- \r
+\r
+ if ($timestamp > $blog->getCorrectTime(time())) {\r
+ $isFuture = 1;\r
+ $query .= ', iposted=0';\r
+ }\r
+ else {\r
+ $isFuture = 0;\r
+ $query .= ', iposted=1';\r
+ }\r
+\r
if ($wasdraft && $publish) {\r
- $query .= ', idraft=0';\r
- \r
// set timestamp to current date only if it's not a future item\r
// draft items have timestamp == 0\r
// don't allow timestamps in the past (unless otherwise defined in blogsettings)\r
- if ($timestamp > $blog->getCorrectTime())\r
- $isFuture = 1;\r
- \r
+ $query .= ', idraft=0';\r
+\r
if ($timestamp == 0)\r
$timestamp = $blog->getCorrectTime();\r
- \r
+\r
// send new item notification\r
- if (!$isFuture && $blog->getNotifyAddress() && $blog->notifyOnNewItem()) \r
+ if (!$isFuture && $blog->getNotifyAddress() && $blog->notifyOnNewItem())\r
$blog->sendNewItemNotification($itemid, $title, $body);\r
}\r
- \r
+\r
+ // save back to drafts \r
+ if (!$wasdraft && !$publish) {\r
+ $query .= ', idraft=1';\r
+ // set timestamp back to zero for a draft\r
+ $query .= ", itime=" . mysqldate($timestamp);\r
+ }\r
+\r
// update timestamp when needed\r
if ($timestamp != 0)\r
- $query .= ", itime=" . mysqldate($timestamp); \r
+ $query .= ", itime=" . mysqldate($timestamp);\r
\r
- // make sure the correct item is updated \r
+ // make sure the correct item is updated\r
$query .= ' WHERE inumber=' . $itemid;\r
- \r
+\r
// off we go!\r
- sql_query($query); \r
- \r
+ sql_query($query);\r
+\r
+ $manager->notify('PostUpdateItem',array('itemid' => $itemid));\r
+\r
// when needed, move item and comments to new blog\r
- if ($moveNeeded) \r
+ if ($moveNeeded)\r
ITEM::move($itemid, $catid);\r
- \r
+\r
//update the itemOptions\r
$aOptions = requestArray('plugoption');\r
NucleusPlugin::_applyPluginOptions($aOptions);\r
$manager->notify('PostPluginOptionsUpdate',array('context' => 'item', 'itemid' => $itemid, 'item' => array('title' => $title, 'body' => $body, 'more' => $more, 'closed' => $closed, 'catid' => $catid)));\r
- \r
+\r
}\r
- \r
- // move an item to another blog (no checks, static)\r
+\r
+ /**\r
+ * Move an item to another blog (no checks)\r
+ *\r
+ * @static\r
+ */\r
function move($itemid, $new_catid) {\r
global $manager;\r
- \r
+\r
$itemid = intval($itemid);\r
$new_catid = intval($new_catid);\r
- \r
+\r
$new_blogid = getBlogIDFromCatID($new_catid);\r
\r
$manager->notify(\r
'destcatid' => $new_catid\r
)\r
);\r
- \r
- \r
+\r
+\r
// update item table\r
$query = 'UPDATE '.sql_table('item')." SET iblog=$new_blogid, icat=$new_catid WHERE inumber=$itemid";\r
- sql_query($query); \r
- \r
+ sql_query($query);\r
+\r
// update comments\r
$query = 'UPDATE '.sql_table('comment')." SET cblog=" . $new_blogid." WHERE citem=" . $itemid;\r
- sql_query($query); \r
- \r
+ sql_query($query);\r
+\r
$manager->notify(\r
'PostMoveItem',\r
array(\r
'destblogid' => $new_blogid,\r
'destcatid' => $new_catid\r
)\r
- ); \r
+ );\r
}\r
- \r
+\r
/**\r
* Deletes an item\r
*/\r
function delete($itemid) {\r
- global $manager;\r
- \r
+ global $manager, $member;\r
+\r
$itemid = intval($itemid);\r
- \r
+\r
+ // check to ensure only those allow to alter the item can\r
+ // proceed\r
+ if (!$member->canAlterItem($itemid)) {\r
+ return 1;\r
+ }\r
+\r
+\r
$manager->notify('PreDeleteItem', array('itemid' => $itemid));\r
- \r
+\r
// delete item\r
$query = 'DELETE FROM '.sql_table('item').' WHERE inumber=' . $itemid;\r
sql_query($query);\r
\r
// delete the comments associated with the item\r
$query = 'DELETE FROM '.sql_table('comment').' WHERE citem=' . $itemid;\r
- sql_query($query); \r
- \r
+ sql_query($query);\r
+\r
// delete all associated plugin options\r
NucleusPlugin::_deleteOptionValues('item', $itemid);\r
- \r
- $manager->notify('PostDeleteItem', array('itemid' => $itemid)); \r
+\r
+ $manager->notify('PostDeleteItem', array('itemid' => $itemid));\r
+\r
+ return 0;\r
}\r
- \r
- // returns true if there is an item with the given ID (static)\r
+\r
+ /**\r
+ * Returns true if there is an item with the given ID\r
+ *\r
+ * @static\r
+ */\r
function exists($id,$future,$draft) {\r
global $manager;\r
- \r
+\r
$id = intval($id);\r
- \r
+\r
$r = 'select * FROM '.sql_table('item').' WHERE inumber='.$id;\r
if (!$future) {\r
$bid = getBlogIDFromItemID($id);\r
}\r
$r = sql_query($r);\r
\r
- return (mysql_num_rows($r) != 0);\r
- } \r
- \r
+ return (sql_num_rows($r) != 0);\r
+ }\r
+\r
+ /**\r
+ * Tries to create an draft from the data in the current request (comes from\r
+ * bookmarklet or admin area\r
+ *\r
+ * Returns an array with status info:\r
+ * status = 'added', 'error', 'newcategory'\r
+ *\r
+ * @static\r
+ *\r
+ * Used by xmlHTTPRequest AutoDraft\r
+ */\r
+ function createDraftFromRequest() {\r
+ global $member, $manager;\r
+\r
+ $i_author = $member->getID();\r
+ $i_body = postVar('body');\r
+ $i_title = postVar('title');\r
+ $i_more = postVar('more');\r
+\r
+ if(strtoupper(_CHARSET) != 'UTF-8'){\r
+ $i_body = mb_convert_encoding($i_body, _CHARSET, "UTF-8");\r
+ $i_title = mb_convert_encoding($i_title, _CHARSET, "UTF-8");\r
+ $i_more = mb_convert_encoding($i_more, _CHARSET, "UTF-8");\r
+ }\r
+ //$i_actiontype = postVar('actiontype');\r
+ $i_closed = intPostVar('closed');\r
+ //$i_hour = intPostVar('hour');\r
+ //$i_minutes = intPostVar('minutes');\r
+ //$i_month = intPostVar('month');\r
+ //$i_day = intPostVar('day');\r
+ //$i_year = intPostVar('year');\r
+ $i_catid = postVar('catid');\r
+ $i_draft = 1;\r
+ $type = postVar('type');\r
+ if ($type == 'edit') {\r
+ $i_blogid = getBlogIDFromItemID(intPostVar('itemid'));\r
+ }\r
+ else {\r
+ $i_blogid = intPostVar('blogid');\r
+ }\r
+ $i_draftid = intPostVar('draftid');\r
+\r
+ if (!$member->canAddItem($i_catid)) {\r
+ return array('status' => 'error', 'message' => _ERROR_DISALLOWED);\r
+ }\r
+\r
+ if (!trim($i_body)) {\r
+ return array('status' => 'error', 'message' => _ERROR_NOEMPTYITEMS);\r
+ }\r
+\r
+ // create new category if needed\r
+ if (strstr($i_catid, 'newcat')) {\r
+ // Set in default category\r
+ $blog =& $manager->getBlog($i_blogid);\r
+ $i_catid = $blog->getDefaultCategory();\r
+ }\r
+ else {\r
+ // force blogid (must be same as category id)\r
+ $i_blogid = getBlogIDFromCatID($i_catid);\r
+ $blog =& $manager->getBlog($i_blogid);\r
+ }\r
+\r
+ $posttime = 0;\r
+\r
+ if ($i_draftid > 0) {\r
+ ITEM::update($i_draftid, $i_catid, $i_title, $i_body, $i_more, $i_closed, 1, 0, 0);\r
+ $itemid = $i_draftid;\r
+ }\r
+ else {\r
+ $itemid = $blog->additem($i_catid, $i_title, $i_body, $i_more, $i_blogid, $i_author, $posttime, $i_closed, $i_draft);\r
+ }\r
+\r
+ // No plugin support in AutoSaveDraft yet\r
+ //Setting the itemOptions\r
+ //$aOptions = requestArray('plugoption');\r
+ //NucleusPlugin::_applyPluginOptions($aOptions, $itemid);\r
+ //$manager->notify('PostPluginOptionsUpdate',array('context' => 'item', 'itemid' => $itemid, 'item' => array('title' => $i_title, 'body' => $i_body, 'more' => $i_more, 'closed' => $i_closed, 'catid' => $i_catid)));\r
+\r
+ // success\r
+ return array('status' => 'added', 'draftid' => $itemid);\r
+ }\r
+\r
}\r
\r
-?>\r
+?>
\ No newline at end of file