X-Git-Url: http://git.sourceforge.jp/view?p=nucleus-jp%2Fnucleus-jp-ancient.git;a=blobdiff_plain;f=utf8%2Fnucleus%2Flibs%2FADMIN.php;h=682ce2aede6e1ff32c06c5178992faa920aa3050;hp=dbeef1a02b16bb8b92d69763a3279cc7d9ace2b7;hb=b5f3f1bf515d9979f70fd0043dc562d6c6ca3a4b;hpb=4b16861085a5a9bc281f4782b9e1547f5ad15e2d
diff --git a/utf8/nucleus/libs/ADMIN.php b/utf8/nucleus/libs/ADMIN.php
index dbeef1a..682ce2a 100755
--- a/utf8/nucleus/libs/ADMIN.php
+++ b/utf8/nucleus/libs/ADMIN.php
@@ -1,78 +1,165 @@
action_xxxx method)
+ /**
+ * @var string $action action currently being executed ($action=xxxx -> action_xxxx method)
+ */
var $action;
+ /**
+ * Class constructor
+ */
function ADMIN() {
}
-
+
/**
- * Executes an action
- *
- * @param $action
- * action to be performed
- */
+ * Executes an action
+ *
+ * @param string $action action to be performed
+ */
function action($action) {
+ global $CONF, $manager;
+
// list of action aliases
$alias = array(
'login' => 'overview',
'' => 'overview'
);
- if ($alias[$action])
+ if (isset($alias[$action]))
$action = $alias[$action];
$methodName = 'action_' . $action;
-
- $this->action = $action;
+
+ $this->action = strtolower($action);
+
+ // check ticket. All actions need a ticket, unless they are considered to be safe (a safe action
+ // is an action that requires user interaction before something is actually done)
+ // all safe actions are in this array:
+ $aActionsNotToCheck = array(
+ 'showlogin',
+ 'login',
+ 'overview',
+ 'itemlist',
+ 'blogcommentlist',
+ 'bookmarklet',
+ 'blogsettings',
+ 'banlist',
+ 'deleteblog',
+ 'editmembersettings',
+ 'browseownitems',
+ 'browseowncomments',
+ 'createitem',
+ 'itemedit',
+ 'itemmove',
+ 'categoryedit',
+ 'categorydelete',
+ 'manage',
+ 'actionlog',
+ 'settingsedit',
+ 'backupoverview',
+ 'pluginlist',
+ 'createnewlog',
+ 'usermanagement',
+ 'skinoverview',
+ 'templateoverview',
+ 'skinieoverview',
+ 'itemcommentlist',
+ 'commentedit',
+ 'commentdelete',
+ 'banlistnewfromitem',
+ 'banlistdelete',
+ 'itemdelete',
+ 'manageteam',
+ 'teamdelete',
+ 'banlistnew',
+ 'memberedit',
+ 'memberdelete',
+ 'pluginhelp',
+ 'pluginoptions',
+ 'plugindelete',
+ 'skinedittype',
+ 'skinremovetype',
+ 'skindelete',
+ 'skinedit',
+ 'templateedit',
+ 'templatedelete',
+ 'activate',
+ 'systemoverview'
+ );
+/*
+ // the rest of the actions needs to be checked
+ $aActionsToCheck = array('additem', 'itemupdate', 'itemmoveto', 'categoryupdate', 'categorydeleteconfirm', 'itemdeleteconfirm', 'commentdeleteconfirm', 'teamdeleteconfirm', 'memberdeleteconfirm', 'templatedeleteconfirm', 'skindeleteconfirm', 'banlistdeleteconfirm', 'plugindeleteconfirm', 'batchitem', 'batchcomment', 'batchmember', 'batchcategory', 'batchteam', 'regfile', 'commentupdate', 'banlistadd', 'changemembersettings', 'clearactionlog', 'settingsupdate', 'blogsettingsupdate', 'categorynew', 'teamchangeadmin', 'teamaddmember', 'memberadd', 'addnewlog', 'addnewlog2', 'backupcreate', 'backuprestore', 'pluginup', 'plugindown', 'pluginupdate', 'pluginadd', 'pluginoptionsupdate', 'skinupdate', 'skinclone', 'skineditgeneral', 'templateclone', 'templatenew', 'templateupdate', 'skinieimport', 'skinieexport', 'skiniedoimport', 'skinnew', 'deleteblogconfirm', 'sendping', 'rawping', 'activatesetpwd');
+*/
+ if (!in_array($this->action, $aActionsNotToCheck))
+ {
+ if (!$manager->checkTicket())
+ $this->error(_ERROR_BADTICKET);
+ }
if (method_exists($this, $methodName))
call_user_func(array(&$this, $methodName));
else
- $this->error(_BADACTION . " ($action)");
-
- }
+ $this->error(_BADACTION . htmlspecialchars(" ($action)"));
+ }
+ /**
+ * @todo document this
+ */
function action_showlogin() {
global $error;
$this->action_login($error);
}
+ /**
+ * @todo document this
+ */
function action_login($msg = '', $passvars = 1) {
global $member;
-
+
// skip to overview when allowed
if ($member->isLoggedIn() && $member->canLogin()) {
$this->action_overview();
exit;
}
-
+
$this->pagehead();
-
+
echo '
', _LOGIN ,'
';
if ($msg) echo _MESSAGE , ': ', htmlspecialchars($msg);
?>
-
+
pagefoot();
@@ -97,56 +184,57 @@ class ADMIN {
/**
- * provides a screen with the overview of the actions available
- */
+ * provides a screen with the overview of the actions available
+ * @todo document parameter
+ */
function action_overview($msg = '') {
global $member;
-
+
$this->pagehead();
-
+
if ($msg)
echo _MESSAGE , ': ', $msg;
-
+
/* ---- add items ---- */
echo '
' . _OVERVIEW_YRBLOGS . '
';
-
+
$showAll = requestVar('showall');
-
+
if (($member->isAdmin()) && ($showAll == 'yes')) {
// Super-Admins have access to all blogs! (no add item support though)
$query = 'SELECT bnumber, bname, 1 as tadmin, burl, bshortname'
- . ' FROM ' . sql_table('blog')
- . ' ORDER BY bname';
+ . ' FROM ' . sql_table('blog')
+ . ' ORDER BY bname';
} else {
$query = 'SELECT bnumber, bname, tadmin, burl, bshortname'
- . ' FROM ' . sql_table('blog') . ', ' . sql_table('team')
- . ' WHERE tblog=bnumber and tmember=' . $member->getID()
- . ' ORDER BY bname';
+ . ' FROM ' . sql_table('blog') . ', ' . sql_table('team')
+ . ' WHERE tblog=bnumber and tmember=' . $member->getID()
+ . ' ORDER BY bname';
}
$template['content'] = 'bloglist';
$template['superadmin'] = $member->isAdmin();
$amount = showlist($query,'table',$template);
-
+
if (($showAll != 'yes') && ($member->isAdmin())) {
$total = quickQuery('SELECT COUNT(*) as result FROM ' . sql_table('blog'));
- if ($total > $amount)
- echo '
';
-
+
// walk over all itemids and perform action
foreach ($selected as $itemid) {
@@ -315,48 +417,51 @@ class ADMIN {
$error = $this->moveOneItem($itemid, $destCatid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '',($error ? $error : _BATCH_SUCCESS),'';
echo '';
}
-
+
echo '
';
echo '',_BATCH_DONE,'';
-
+
$this->pagefoot();
-
+
}
-
+
+ /**
+ * @todo document this
+ */
function action_batchcomment() {
global $member;
-
+
// check if logged in
$member->isLoggedIn() or $this->disallow();
-
- // more precise check will be done for each performed operation
-
+
+ // more precise check will be done for each performed operation
+
// get array of itemids from request
$selected = requestIntArray('batch');
$action = requestVar('batchaction');
-
+
// Show error when no items were selected
if (!is_array($selected) || sizeof($selected) == 0)
$this->error(_BATCH_NOSELECTION);
-
+
// On delete: check if confirmation has been given
- if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
+ if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
$this->batchAskDeleteConfirmation('comment',$selected);
$this->pagehead();
-
- echo '(',_BACKHOME,')';
+
+ echo '(',_BACKHOME,')';
echo '
';
-
+
// walk over all itemids and perform action
foreach ($selected as $commentid) {
$commentid = intval($commentid);
@@ -368,46 +473,49 @@ class ADMIN {
$error = $this->deleteOneComment($commentid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '',($error ? $error : _BATCH_SUCCESS),'';
echo '';
}
-
+
echo '
';
echo '',_BATCH_DONE,'';
-
+
$this->pagefoot();
-
+
}
+ /**
+ * @todo document this
+ */
function action_batchmember() {
global $member;
-
+
// check if logged in and admin
($member->isLoggedIn() && $member->isAdmin()) or $this->disallow();
-
+
// get array of itemids from request
$selected = requestIntArray('batch');
$action = requestVar('batchaction');
-
+
// Show error when no members selected
if (!is_array($selected) || sizeof($selected) == 0)
$this->error(_BATCH_NOSELECTION);
-
+
// On delete: check if confirmation has been given
- if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
+ if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
$this->batchAskDeleteConfirmation('member',$selected);
$this->pagehead();
-
- echo '(',_MEMBERS_BACKTOOVERVIEW,')';
+
+ echo '(',_MEMBERS_BACKTOOVERVIEW,')';
echo '
';
-
+
// walk over all itemids and perform action
foreach ($selected as $memberid) {
$memberid = intval($memberid);
@@ -494,61 +604,62 @@ class ADMIN {
case 'unsetadmin':
// there should always remain at least one admin
$r = sql_query('SELECT * FROM '.sql_table('team').' WHERE tadmin=1 and tblog='.$blogid);
- if (mysql_num_rows($r) < 2)
+ if (sql_num_rows($r) < 2)
$error = _ERROR_ATLEASTONEBLOGADMIN;
else
sql_query('UPDATE '.sql_table('team').' SET tadmin=0 WHERE tblog='.$blogid.' and tmember='.$memberid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '',($error ? $error : _BATCH_SUCCESS),'';
echo '';
}
-
+
echo '
';
echo '',_BATCH_DONE,'';
-
+
$this->pagefoot();
-
- }
+ }
-
+ /**
+ * @todo document this
+ */
function action_batchcategory() {
global $member, $manager;
-
+
// check if logged in
$member->isLoggedIn() or $this->disallow();
-
- // more precise check will be done for each performed operation
-
+
+ // more precise check will be done for each performed operation
+
// get array of itemids from request
$selected = requestIntArray('batch');
$action = requestVar('batchaction');
-
+
// Show error when no items were selected
if (!is_array($selected) || sizeof($selected) == 0)
$this->error(_BATCH_NOSELECTION);
-
+
// On move: when no destination blog chosen, show choice now
$destBlogId = intRequestVar('destblogid');
- if (($action == 'move') && (!$manager->existsBlogID($destBlogId)))
+ if (($action == 'move') && (!$manager->existsBlogID($destBlogId)))
$this->batchMoveCategorySelectDestination('category',$selected);
-
+
// On delete: check if confirmation has been given
- if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
+ if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
$this->batchAskDeleteConfirmation('category',$selected);
$this->pagehead();
-
- echo '(',_BACKHOME,')';
+
+ echo '(',_BACKHOME,')';
echo '
';
echo '',_BATCH_DONE,'';
-
+
$this->pagefoot();
-
+
}
-
+
+ /**
+ * @todo document this
+ */
function batchMoveSelectDestination($type, $ids) {
+ global $manager;
$this->pagehead();
?>
@@ -585,25 +700,32 @@ class ADMIN {
- addTicketHidden();
+
+ // insert selected item numbers
$idx = 0;
foreach ($ids as $id)
echo '';
-
+
// show blog/category selection list
$this->selectBlogCategory('destcatid');
-
+
?>
-
-
+
+
pagefoot();
exit;
}
-
+
+ /**
+ * @todo document this
+ */
function batchMoveCategorySelectDestination($type, $ids) {
+ global $manager;
$this->pagehead();
?>
@@ -611,94 +733,106 @@ class ADMIN {
- addTicketHidden();
+
+ // insert selected item numbers
$idx = 0;
foreach ($ids as $id)
echo '';
-
+
// show blog/category selection list
$this->selectBlog('destblogid');
-
+
?>
-
-
+
+
pagefoot();
exit;
}
-
+
+ /**
+ * @todo document this
+ */
function batchAskDeleteConfirmation($type, $ids) {
+ global $manager;
+
$this->pagehead();
?>
pagefoot();
exit;
}
-
-
+
+
/**
- * Inserts a HTML select element with choices for all categories to which the current
- * member has access
- */
+ * Inserts a HTML select element with choices for all categories to which the current
+ * member has access
+ * @see function selectBlog
+ */
function selectBlogCategory($name, $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) {
ADMIN::selectBlog($name, 'category', $selected, $tabindex, $showNewCat, $iForcedBlogInclude);
}
-
+
/**
- * Inserts a HTML select element with choices for all blogs to which the user has access
- * mode = 'blog' => shows blognames and values are blogids
- * mode = 'category' => show category names and values are catids
- *
- * @param $iForcedBlogInclude
- * ID of a blog that always needs to be included, without checking if the member is on the blog team (-1 = none)
- */
+ * Inserts a HTML select element with choices for all blogs to which the user has access
+ * mode = 'blog' => shows blognames and values are blogids
+ * mode = 'category' => show category names and values are catids
+ *
+ * @param $iForcedBlogInclude
+ * ID of a blog that always needs to be included, without checking if the
+ * member is on the blog team (-1 = none)
+ * @todo document parameters
+ */
function selectBlog($name, $mode='blog', $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) {
global $member, $CONF;
-
+
// 0. get IDs of blogs to which member can post items (+ forced blog)
$aBlogIds = array();
if ($iForcedBlogInclude != -1)
$aBlogIds[] = intval($iForcedBlogInclude);
- if (($member->isAdmin()) && ($CONF['ShowAllBlogs']))
+ if (($member->isAdmin()) && ($CONF['ShowAllBlogs']))
$queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').' ORDER BY bname';
else
- $queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').', '.sql_table('team').' WHERE tblog=bnumber and tmember=' . $member->getID();
+ $queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').', '.sql_table('team').' WHERE tblog=bnumber and tmember=' . $member->getID();
$rblogids = sql_query($queryBlogs);
- while ($o = mysql_fetch_object($rblogids))
+ while ($o = sql_fetch_object($rblogids))
if ($o->bnumber != $iForcedBlogInclude)
$aBlogIds[] = intval($o->bnumber);
-
+
if (count($aBlogIds) == 0)
return;
-
+
echo '';
-
+
}
-
+
+ /**
+ * @todo document this
+ */
function action_browseownitems() {
- global $member;
-
+ global $member, $manager, $CONF;
+
$this->pagehead();
-
- echo '
';
-
+
$template['content'] = 'commentlist';
$template['canAddBan'] = $member->blogAdminRights($blogid);
-
+
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('blogcommentlist', $start, $amount, 0, 1000, $blogid, $search, 0);
- $navList->showBatchList('comment',$query,'table',$template, 'No comments were made on items of this blog');
-
+ $navList->showBatchList('comment',$query,'table',$template, _NOCOMMENTS_BLOG);
+
$this->pagefoot();
}
/**
- * Provide a page to item a new item to the given blog
- */
+ * Provide a page to item a new item to the given blog
+ */
function action_createitem() {
global $member, $manager;
-
+
$blogid = intRequestVar('blogid');
-
+
// check if allowed
- $member->teamRights($blogid) or $this->disallow();
-
+ $member->teamRights($blogid) or $this->disallow();
+
$memberid = $member->getID();
-
+
$blog =& $manager->getBlog($blogid);
-
+
$this->pagehead();
-
+
// generate the add-item form
- $formfactory = new PAGEFACTORY($blogid);
+ $formfactory =& new PAGEFACTORY($blogid);
$formfactory->createAddForm('admin');
- $this->pagefoot();
+ $this->pagefoot();
}
-
+
+ /**
+ * @todo document this
+ */
function action_itemedit() {
global $member, $manager;
-
+
$itemid = intRequestVar('itemid');
-
+
// only allow if user is allowed to alter item
$member->canAlterItem($itemid) or $this->disallow();
-
+
$item =& $manager->getItem($itemid,1,1);
$blog =& $manager->getBlog(getBlogIDFromItemID($itemid));
-
+
$manager->notify('PrepareItemForEdit', array('item' => &$item));
-
+
if ($blog->convertBreaks()) {
$item['body'] = removeBreaks($item['body']);
$item['more'] = removeBreaks($item['more']);
}
-
+
// form to edit blog items
$this->pagehead();
- $formfactory = new PAGEFACTORY($blog->getID());
- $formfactory->createEditForm('admin',$item);
- $this->pagefoot();
+ $formfactory =& new PAGEFACTORY($blog->getID());
+ $formfactory->createEditForm('admin',$item);
+ $this->pagefoot();
}
-
- function action_itemupdate() {
+
+ /**
+ * @todo document this
+ */
+ function action_itemupdate() {
global $member, $manager, $CONF;
-
+
$itemid = intRequestVar('itemid');
$catid = postVar('catid');
-
+
// only allow if user is allowed to alter item
$member->canUpdateItem($itemid, $catid) or $this->disallow();
$actiontype = postVar('actiontype');
-
+
// delete actions are handled by itemdelete (which has confirmation)
if ($actiontype == 'delete') {
$this->action_itemdelete();
- return;
+ return;
}
-
+
$body = postVar('body');
$title = postVar('title');
$more = postVar('more');
$closed = intPostVar('closed');
+ $draftid = intPostVar('draftid');
// default action = add now
- if (!$actiontype)
+ if (!$actiontype)
$actiontype='addnow';
-
- // create new category if needed
+
+ // create new category if needed
if (strstr($catid,'newcat')) {
- // get blogid
+ // get blogid
list($blogid) = sscanf($catid,"newcat-%d");
-
+
// create
$blog =& $manager->getBlog($blogid);
$catid = $blog->createNewCategory();
// show error when sth goes wrong
- if (!$catid)
+ if (!$catid)
$this->doError(_ERROR_CATCREATEFAIL);
- }
+ }
/*
set some variables based on actiontype
-
+
actiontypes:
draft items -> addnow, addfuture, adddraft, delete
non-draft items -> edit, changedate, delete
-
+
variables set:
$timestamp: set to a nonzero value for future dates or date changes
$wasdraft: set to 1 when the item used to be a draft item
$publish: set to 1 when the edited item is not a draft
*/
- switch ($actiontype) {
- case 'adddraft':
- $publish = 0;
- $wasdraft = 1;
- $timestamp = 0;
- break;
- case 'addfuture':
- $wasdraft = 1;
- $publish = 1;
- $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year'));
- break;
- case 'addnow':
- $wasdraft = 1;
- $publish = 1;
- $timestamp = 0;
- break;
- case 'changedate':
- $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year'));
- $publish = 1;
- $wasdraft = 0;
- break;
- case 'edit':
- default:
- $publish = 1;
- $wasdraft = 0;
- $timestamp = 0;
+ $blogid = getBlogIDFromItemID($itemid);
+ $blog =& $manager->getBlog($blogid);
+
+ $wasdrafts = array('adddraft', 'addfuture', 'addnow');
+ $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
+ $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
+ if ($actiontype == 'addfuture' || $actiontype == 'changedate') {
+ $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
+ } else {
+ $timestamp =0;
}
-
+ $doping = ($publish && $timestamp < $blog->getCorrectTime() && postVar('dosendping')) ? 1 : 0;
+
// edit the item for real
ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
-
+
+ $this->updateFuturePosted($blogid);
+
+ if ($draftid > 0) {
+ // delete permission is checked inside ITEM::delete()
+ ITEM::delete($draftid);
+ }
+
+ if (!$closed && $doping && $blog->sendPing() && numberOfEventSubscriber('SendPing') > 0) { //
+ $this->action_sendping($blogid);
+ return;
+ }
+
// show category edit window when we created a new category
// ($catid will then be a new category ID, while postVar('catid') will be 'newcat-x')
if ($catid != intPostVar('catid')) {
$this->action_categoryedit(
- $catid,
+ $catid,
$blog->getID(),
$CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid)
);
@@ -1081,136 +1240,191 @@ class ADMIN {
$this->action_itemlist(getBlogIDFromItemID($itemid));
}
}
-
+
+ /**
+ * @todo document this
+ */
function action_itemdelete() {
global $member, $manager;
-
+
$itemid = intRequestVar('itemid');
-
+
// only allow if user is allowed to alter item
$member->canAlterItem($itemid) or $this->disallow();
-
+
if (!$manager->existsItem($itemid,1,1))
$this->error(_ERROR_NOSUCHITEM);
-
+
$item =& $manager->getItem($itemid,1,1);
$title = htmlspecialchars(strip_tags($item['title']));
$body = strip_tags($item['body']);
$body = htmlspecialchars(shorten($body,300,'...'));
-
+
$this->pagehead();
?>
-
+
-
+
""
-
+
- pagefoot();
}
-
+
+ /**
+ * @todo document this
+ */
function action_itemdeleteconfirm() {
global $member;
-
+
$itemid = intRequestVar('itemid');
-
+
// only allow if user is allowed to alter item
$member->canAlterItem($itemid) or $this->disallow();
// get blogid first
$blogid = getBlogIdFromItemId($itemid);
-
+
// delete item (note: some checks will be performed twice)
$this->deleteOneItem($itemid);
-
+
$this->action_itemlist($blogid);
}
-
- // deletes one item and returns error if something goes wrong
+
+ /**
+ * Deletes one item and returns error if something goes wrong
+ * @param int $itemid
+ */
function deleteOneItem($itemid) {
global $member, $manager;
-
+
// only allow if user is allowed to alter item (also checks if itemid exists)
if (!$member->canAlterItem($itemid))
return _ERROR_DISALLOWED;
-
+
+ // need to get blogid before the item is deleted
+ $blogid = getBlogIDFromItemId($itemid);
+
$manager->loadClass('ITEM');
ITEM::delete($itemid);
+
+ // update blog's futureposted
+ $this->updateFuturePosted($blogid);
+ }
+
+ /**
+ * Update a blog's future posted flag
+ * @param int $blogid
+ */
+ function updateFuturePosted($blogid) {
+ global $manager;
+
+ $blog =& $manager->getBlog($blogid);
+ $currenttime = $blog->getCorrectTime(time());
+ $result = sql_query("SELECT * FROM ".sql_table('item').
+ " WHERE iblog='".$blogid."' AND iposted=0 AND itime>".mysqldate($currenttime));
+ if (sql_num_rows($result) > 0) {
+ $blog->setFuturePost();
+ }
+ else {
+ $blog->clearFuturePost();
+ }
}
+ /**
+ * @todo document this
+ */
function action_itemmove() {
global $member, $manager;
-
- $itemid = intRequestVar('itemid');
-
+
+ $itemid = intRequestVar('itemid');
+
// only allow if user is allowed to alter item
$member->canAlterItem($itemid) or $this->disallow();
$item =& $manager->getItem($itemid,1,1);
-
+
$this->pagehead();
?>
- pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemmoveto() {
global $member, $manager;
-
+
$itemid = intRequestVar('itemid');
$catid = requestVar('catid');
-
- // create new category if needed
+
+ // create new category if needed
if (strstr($catid,'newcat')) {
- // get blogid
+ // get blogid
list($blogid) = sscanf($catid,'newcat-%d');
-
+
// create
$blog =& $manager->getBlog($blogid);
$catid = $blog->createNewCategory();
// show error when sth goes wrong
- if (!$catid)
+ if (!$catid)
$this->doError(_ERROR_CATCREATEFAIL);
- }
-
+ }
+
// only allow if user is allowed to alter item
$member->canUpdateItem($itemid, $catid) or $this->disallow();
- ITEM::move($itemid, $catid);
-
+ $old_blogid = getBlogIDFromItemId($itemid);
+
+ ITEM::move($itemid, $catid);
+
+ // set the futurePosted flag on the blog
+ $this->updateFuturePosted(getBlogIDFromItemId($itemid));
+
+ // reset the futurePosted in case the item is moved from one blog to another
+ $this->updateFuturePosted($old_blogid);
+
if ($catid != intRequestVar('catid'))
$this->action_categoryedit($catid, $blog->getID());
else
- $this->action_itemlist(getBlogIDFromCatID($catid));
+ $this->action_itemlist(getBlogIDFromCatID($catid));
}
-
+
/**
- * Moves one item to a given category (category existance should be checked by caller)
- * errors are returned
- */
+ * Moves one item to a given category (category existance should be checked by caller)
+ * errors are returned
+ * @param int $itemid
+ * @param int $destCatid category ID to which the item will be moved
+ */
function moveOneItem($itemid, $destCatid) {
global $member;
-
+
// only allow if user is allowed to move item
if (!$member->canUpdateItem($itemid, $destCatid))
return _ERROR_DISALLOWED;
@@ -1219,129 +1433,131 @@ class ADMIN {
}
/**
- * Adds a item to the chosen blog
- */
+ * Adds a item to the chosen blog
+ */
function action_additem() {
global $member, $manager, $CONF;
-
+
$manager->loadClass('ITEM');
$result = ITEM::createFromRequest();
-
+
if ($result['status'] == 'error')
$this->error($result['message']);
-
+
$blogid = getBlogIDFromItemID($result['itemid']);
$blog =& $manager->getBlog($blogid);
-
- if ($result['status'] == 'newcategory')
- $this->action_categoryedit(
- $result['catid'],
- $blogid,
- $blog->pingUserland() ? $CONF['AdminURL'] . 'index.php?action=sendping&blogid=' . intval($blogid) : ''
- );
- elseif ((postVar('actiontype') == 'addnow') && $blog->pingUserland())
- $this->action_sendping($blogid);
- else
- $this->action_itemlist($blogid);
+ $btimestamp = $blog->getCorrectTime();
+ $item = $manager->getItem(intval($result['itemid']), 1, 1);
+ if (!$item['draft'] && postVar('dosendping') && $item['timestamp'] <= $btimestamp) {
+ $nextAction = 'sendping';
+ } else {
+ $nextAction = 'itemlist';
+ }
+ if ($result['status'] == 'newcategory') {
+ $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=' . $nextAction . '&blogid=' . intval($blogid));
+ $this->action_categoryedit($result['catid'], $blogid, $distURI);
+ } else {
+ $methodName = 'action_' . $nextAction;
+ call_user_func(array(&$this, $methodName), $blogid);
+ }
}
-
+
/**
- * Shows a window that says we're about to ping weblogs.com.
- * immediately refresh to the real pinging page, which will
- * show an error, or redirect to the blog.
- *
- * @param $blogid ID of blog for which ping needs to be sent out
- */
+ * Shows a window that says we're about to ping.
+ * immediately refresh to the real pinging page, which will
+ * show an error, or redirect to the blog.
+ *
+ * @param int $blogid ID of blog for which ping needs to be sent out
+ */
function action_sendping($blogid = -1) {
- global $member;
-
+ global $member, $manager;
+
if ($blogid == -1)
$blogid = intRequestVar('blogid');
-
+
$member->isLoggedIn() or $this->disallow();
-
- $this->pagehead('');
- ?>
-
Site Updated, Now pinging weblogs.com
-
- Pinging weblogs.com! This can a while...
-
- When the ping is complete (and successfull), your weblog will show up in the weblogs.com updates list.
-
-
-
- If you aren't automatically passed through, try again
+ $rawPingUrl = $manager->addTicketToUrl('index.php?action=rawping&blogid=' . intval($blogid));
+
+ $this->pagehead('');
+ echo _UPDATEDPING_MESSAGE;
+ ?>
+
- pagefoot();
+ pagefoot();
}
-
- // ping to Weblogs.com
- // sends the real ping (can take up to 10 seconds!)
+
+ /**
+ * Sends the real ping (can take up to 10 seconds!)
+ */
function action_rawping() {
global $manager;
// TODO: checks?
-
+
$blogid = intRequestVar('blogid');
$blog =& $manager->getBlog($blogid);
-
- $result = $blog->sendUserlandPing();
-
+
$this->pagehead();
-
+
?>
-
-
Ping Results
-
-
The following message was returned by weblogs.com: