Context Navigation

story.php @ 10242

Revision 10242, 9.8 KB checked in by Alexander Trofimov, 3 years ago (diff)
dolphin 6.1.5, initial commit

Line
1	<?
2
3	/***************************************************************************
4	* Dolphin Smart Community Builder
5	* -----------------
6	* begin : Mon Mar 23 2006
7	* copyright : (C) 2006 BoonEx Group
8	* website : http://www.boonex.com/
9	* This file is part of Dolphin - Smart Community Builder
10	*
11	* Dolphin is free software. This work is licensed under a Creative Commons Attribution 3.0 License.
12	* http://creativecommons.org/licenses/by/3.0/
13	*
14	* Dolphin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
15	* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
16	* See the Creative Commons Attribution 3.0 License for more details.
17	* You should have received a copy of the Creative Commons Attribution 3.0 License along with Dolphin,
18	* see license.txt file; if not, write to marketing@boonex.com
19	***************************************************************************/
20
21	require_once( 'inc/header.inc.php' );
22	require_once( BX_DIRECTORY_PATH_INC . 'design.inc.php' );
23	require_once( BX_DIRECTORY_PATH_INC . 'profiles.inc.php' );
24	require_once( BX_DIRECTORY_PATH_INC . 'utils.inc.php' );
25
26	// --------------- page variables and login
27
28	$_page['name_index'] = 20;
29	$_page['css_name'] = 'story.css';
30	$_page['extra_js'] = $oTemplConfig -> sTinyMceEditorCompactJS;
31
32	$ADMIN = member_auth( 1, false );
33	$logged['admin'] = $ADMIN;
34	if ( !$ADMIN )
35	$logged['member'] = member_auth();
36
37	$member['ID'] = (int)$_COOKIE['memberID'];
38	$member['Password'] = $_COOKIE['memberPassword'];
39
40	$_page['header'] = _t( "_COMPOSE_STORY_H" );
41	$_page['header_text'] = _t( "_COMPOSE_STORY_H1" );
42	//$_page['header_text'] = ('g4' != $tmpl) ? _t( "_COMPOSE_STORY_H1" ) : "<img src=\"{$site['images']}feedback.gif\">";
43
44
45	// this is dynamic page - send headers to do not cache this page
46	send_headers_page_changed();
47
48	// --------------- page components
49
50	$_ni = $_page['name_index'];
51	$_page_cont[$_ni]['page_main_code'] = PageCompPageMainCode();
52
53	// --------------- [END] page components
54
55	PageCode();
56
57	// --------------- page components functions
58
59	/**
60	* page code function
61	*/
62	function PageCompPageMainCode()
63	{
64	global $site;
65	global $tmpl;
66	global $ADMIN;
67	global $max_l;
68	global $max_h;
69	global $short_date_format;
70
71	$max_l = getParam( "max_story_text" );
72	$max_h = getParam( "max_story_header" );
73
74	ob_start();
75
76	if ( !$max_l ) $max_l = 4096;
77	if ( !$max_h ) $max_h = 32;
78	$action_result = "";
79
80	if ( $_POST['action'] == 'new' )
81	{
82	if ( strlen($_POST['header']) )
83	{
84	if ( MemberAddStory() )
85	$action_result .= _t( "_STORY_ADDED" );
86	else
87	$action_result .= _t_err( "_STORY_ADDED_FAILED" );
88	}
89	else
90	$action_result .= _t_err( "_STORY_EMPTY_HEADER" );
91	}
92
93	if ( $_POST['action'] == 'edit' && ((int)$_POST['edit_id'] != 0) )
94	{
95	if ( strlen($_POST['header']) )
96	{
97	if ( MemberEditStory() )
98	$action_result .= _t( "_STORY_UPDATED" );
99	else
100	$action_result .= _t_err( "_STORY_UPDATED_FAILED" );
101	}
102	else
103	$action_result .= _t_err( "_STORY_EMPTY_HEADER" );
104	}
105
106	if ( $_POST['do_delete'] and $_POST['select_story'] and is_array($_POST['select_story']) )
107	{
108	$sqlAdd = $ADMIN ? '' : "AND `Sender`=" . (int)$_COOKIE['memberID'];
109
110	foreach( $_POST['select_story'] as $iStoryID )
111	{
112	$iStoryID = (int)$iStoryID;
113	if( !$iStoryID )
114	continue;
115
116	$sQuery = "DELETE FROM `Stories` WHERE `ID`=$iStoryID $sqlAdd";
117	db_res( $sQuery );
118	}
119	}
120
121	if ( $ADMIN and $_POST['do_activate'] and $_POST['select_story'] and is_array($_POST['select_story']) )
122	{
123	foreach( $_POST['select_story'] as $iStoryID )
124	{
125	$iStoryID = (int)$iStoryID;
126	if( !$iStoryID )
127	continue;
128
129	$sQuery = "UPDATE `Stories` SET `active`='on' WHERE `ID`=$iStoryID";
130	db_res( $sQuery );
131	}
132	}
133
134	if ( $ADMIN and $_POST['do_deactivate'] and $_POST['select_story'] and is_array($_POST['select_story']) )
135	{
136	foreach( $_POST['select_story'] as $iStoryID )
137	{
138	$iStoryID = (int)$iStoryID;
139	if( !$iStoryID )
140	continue;
141
142	$sQuery = "UPDATE `Stories` SET `active`='' WHERE `ID`=$iStoryID";
143	db_res( $sQuery );
144	}
145	}
146
147
148
149
150
151	if ( !$ADMIN )
152	echo "<table width=\"100%\" cellpadding=4 cellspacing=4><td align=center class=text2>\n";
153	else
154	echo "<div style=\"padding: 10px 10px 10px 10px;\">";
155
156	if ( strlen($action_result) )
157	echo "<br /><center><div>{$action_result}</div></center><br />\n";
158
159	echo MemberPrintStories();
160
161	if ( !$ADMIN \|\| ((int)$_GET['edit_id']) != 0 )
162	{
163	if ( (int)$_GET['edit_id'] != 0 )
164	$story_arr = db_arr( "SELECT * FROM `Stories` WHERE `ID` = ". (int)$_GET['edit_id'] );
165
166	$actions = '';
167	if ( (int)$_GET['edit_id'] )
168	{
169	$actions .= '<input type="hidden" name="action" value="edit" />';
170	$actions .= '<input type="hidden" name="sender" value="' . $story_arr['Sender'] . '" />';
171	$actions .= '<input type="hidden" name="edit_id" value="' . $story_arr['ID'] . '" />';
172	$actions .= '<input class="no" type="submit" value="'._t('_Update story').'" />';
173	}
174	else
175	{
176	$actions .= '<input type="hidden" name="action" value="new" />';
177	$actions .= '<input class="no" type="submit" value="'._t( "_Add story" ) .'" />';
178	}
179
180
181	$aReplace = array();
182
183	$aReplace['icons'] = $site['icons'];
184	$aReplace['header_l'] = _t( "_Header" );
185	$aReplace['text_l'] = _t( "_Text" );
186
187	$aReplace['form_action'] = $_SERVER['PHP_SELF'];
188	$aReplace['story_header'] = htmlspecialchars( $story_arr['Header'] );
189	$aReplace['story_text'] = htmlspecialchars( $story_arr['Text'] );
190
191	$aReplace['actions'] = $actions;
192
193
194	$sForm = file_get_contents( BX_DIRECTORY_PATH_ROOT . "templates/tmpl_{$tmpl}/story_edit.html" );
195	foreach( $aReplace as $key => $val )
196	$sForm = str_replace( "__{$key}__", $val, $sForm );
197
198	echo $sForm;
199	}
200
201	if ( !$ADMIN )
202	echo "</td></table>\n";
203	else
204	echo "</div>\n";
205
206	$ret = ob_get_clean();
207
208	return $ret;
209	}
210
211	/**
212	* Print Stories
213	*/
214	function MemberPrintStories()
215	{
216	global $member;
217	global $ADMIN;
218
219	$php_date_format = getParam( 'php_date_format' );
220
221	if ( $ADMIN )
222	$res = db_res( "SELECT `ID`, UNIX_TIMESTAMP( `Date` ) AS `Date`, `Sender`, `Header`, `Text`, `active` FROM `Stories` ORDER BY `Date` DESC" );
223	else
224	$res = db_res( "SELECT `ID`, UNIX_TIMESTAMP( `Date` ) AS `Date`, `Sender`, `Header`, `Text`, `active` FROM `Stories` WHERE `Sender` = {$member['ID']} ORDER BY `Date` DESC" );
225
226	if ( $ADMIN && !mysql_num_rows($res) )
227	return MsgBox( _t( '_No stories available' ) );
228
229	ob_start();
230
231	?>
232	<form method="post" action="<?= $_SERVER['PHP_SELF'] ?>">
233	<table class="stories_list">
234	<tr>
235	<th><?= _t( '_Select' ) ?></th>
236	<th><?= _t( '_Status' ) ?></th>
237	<th><?= _t( '_Date' ) ?></th>
238	<th><?= _t( '_Title' ) ?></th>
239	</tr>
240	<?
241
242	$story_line_class = 'odd';
243
244	while ( $story_arr = mysql_fetch_array($res) )
245	{
246	$story_status = _t( $story_arr['active'] ? '_active_story' : '_not_active_story' );
247	$story_status_class = $story_arr['active'] ? 'status_active' : 'status_inactive';
248	$story_header = process_line_output( $story_arr['Header'] );
249
250	?>
251	<tr class="line_<?= $story_line_class ?>">
252	<td>
253	<input type="checkbox" name="select_story[]" value="<?= $story_arr['ID'] ?>" />
254	</td>
255	<td class="<?= $story_status_class ?>">
256	<?= $story_status ?>
257	</td>
258	<td><?= date( $php_date_format, $story_arr['Date'] ) ?></td>
259	<td>
260	<b><a href="story_view.php?ID=<?= $story_arr['ID'] ?>"><?= $story_header ?></a></b>
261	(<a href="story.php?edit_id=<?= $story_arr['ID'] ?>&sender=<?= $story_arr['Sender'] ?>"><?= _t('_Edit') ?></a>)
262	</td>
263	</tr>
264	<?
265
266	$story_line_class = $story_line_class == 'odd' ? 'even' : 'odd';
267	}
268	?>
269	<tr>
270	<td colspan="4">
271	<?
272	if( $ADMIN )
273	{
274	?>
275	<input type="submit" name="do_activate" value="Make active" />
276	<input type="submit" name="do_deactivate" value="Make inactive" />
277
278	<?
279	}
280	?>
281	<input type="submit" name="do_delete" value="<?= _t( '_Delete' ) ?>" onclick="return confirm( '<?= _t('_Are you sure') ?>?' );" />
282	</td>
283	</tr>
284	</table>
285	</form>
286	<!-- <a href="story.php?action=delete&delete_id=<?= $story_arr['ID'] ?>&sender=<?= $story_arr['Sender'] ?>"><?= _t('_Delete') ?></a> -->
287	<?
288
289	return ob_get_clean();
290	}
291
292	/**
293	* Add story
294	*/
295	function MemberAddStory()
296	{
297	global $max_l;
298	global $max_h;
299	global $member;
300	global $ADMIN;
301
302	if ( $ADMIN )
303	return 0;
304
305	$story_text = strlen( $_POST['text'] ) > $max_l ? "LEFT ( '". addslashes(clear_xss( process_pass_data($_POST['text']) )) ."', $max_l )" : "'". addslashes(clear_xss( process_pass_data($_POST['text'] ))) ."'";
306	$story_header = strlen( $_POST['header'] ) > $max_h ? "LEFT ( '". process_db_input( $_POST['header'] ) ."', $max_h )" : "'". process_db_input( $_POST['header'] ). "'";
307	$story_sender = (int)$member['ID'];
308	$sQuery = "
309	INSERT INTO `Stories`
310	SET `Date` = NOW(),
311	`Sender` = '$story_sender',
312	`Header` = $story_header,
313	`Text` = $story_text
314	";
315	$res = db_res( $sQuery );
316
317	return $res;
318	}
319
320	/**
321	* Cange story
322	*/
323	function MemberEditStory()
324	{
325	global $max_l;
326	global $max_h;
327	global $member;
328	global $ADMIN;
329
330	$story_id = (int)$_POST['edit_id'];
331	$story_text = strlen( $_POST['text'] ) > $max_l ? "LEFT ( '". addslashes(clear_xss( process_pass_data($_POST['text'] ))) ."', $max_l )" : "'". addslashes(clear_xss( process_pass_data($_POST['text'] ))) ."'";
332	$story_header = strlen( $_POST['header'] ) > $max_h ? "LEFT ( '". process_db_input( $_POST['header'] ) ."', $max_h )" : "'". process_db_input( $_POST['header'] ). "'";
333	$story_sender = ( $ADMIN ? (int)$_POST['sender'] : $member['ID'] );
334	$story_active_add = ( $ADMIN ? '' : ", `active`=''" ); //if admin logged, don't update status. if member - set inactive
335
336	$sQuery = "UPDATE `Stories` SET `Date` = NOW(), `Header` = $story_header, `Text` = $story_text $story_active_add WHERE `ID` = $story_id AND `Sender` = $story_sender";
337	$res = db_res( $sQuery );
338
339	return $res;
340	}
341
342	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: tags/6.1/story.php @ 10242

Download in other formats: