source: admin/post.php @ 2907:d5da0414c363

Visit:

Revision 2907:d5da0414c363, 28.1 KB checked in by Dsls, 11 years ago (diff)
added x-frame-options customizable for dcPage::open, fixes #2049

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2014 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__).'/../inc/admin/prepend.php';
14
15	dcPage::check('usage,contentadmin');
16
17	$post_id = '';
18	$cat_id = '';
19	$post_dt = '';
20	$post_format = $core->auth->getOption('post_format');
21	$post_editor = $core->auth->getOption('editor');
22	$post_password = '';
23	$post_url = '';
24	$post_lang = $core->auth->getInfo('user_lang');
25	$post_title = '';
26	$post_excerpt = '';
27	$post_excerpt_xhtml = '';
28	$post_content = '';
29	$post_content_xhtml = '';
30	$post_notes = '';
31	$post_status = $core->auth->getInfo('user_post_status');
32	$post_selected = false;
33	$post_open_comment = $core->blog->settings->system->allow_comments;
34	$post_open_tb = $core->blog->settings->system->allow_trackbacks;
35
36	$page_title = __('New entry');
37
38	$can_view_page = true;
39	$can_edit_post = $core->auth->check('usage,contentadmin',$core->blog->id);
40	$can_publish = $core->auth->check('publish,contentadmin',$core->blog->id);
41	$can_delete = false;
42
43	$post_headlink = '<link rel="%s" title="%s" href="'.$core->adminurl->get('admin.post',array('id' => "%s"),'&',true).'" />';
44	$post_link = '<a href="'.$core->adminurl->get('admin.post',array('id' => "%s"),'&',true).'" title="%s">%s</a>';
45	$next_link = $prev_link = $next_headlink = $prev_headlink = null;
46
47	# If user can't publish
48	if (!$can_publish) {
49	$post_status = -2;
50	}
51
52	# Getting categories
53	$categories_combo = dcAdminCombos::getCategoriesCombo(
54	$core->blog->getCategories(array('post_type'=>'post'))
55	);
56
57	$status_combo = dcAdminCombos::getPostStatusesCombo();
58
59	$img_status_pattern = '<img class="img_select_option" alt="%1$s" title="%1$s" src="images/%2$s" />';
60
61	# Formats combo
62	$core_formaters = $core->getFormaters();
63	$available_formats = array('' => '');
64	foreach ($core_formaters as $editor => $formats) {
65	foreach ($formats as $format) {
66	$available_formats[$format] = $format;
67	}
68	}
69
70	# Languages combo
71	$rs = $core->blog->getLangs(array('order'=>'asc'));
72	$lang_combo = dcAdminCombos::getLangsCombo($rs,true);
73
74	# Validation flag
75	$bad_dt = false;
76
77	# Trackbacks
78	$TB = new dcTrackback($core);
79	$tb_urls = $tb_excerpt = '';
80
81	# Get entry informations
82	if (!empty($_REQUEST['id'])) {
83	$page_title = __('Edit entry');
84
85	$params['post_id'] = $_REQUEST['id'];
86
87	$post = $core->blog->getPosts($params);
88
89	if ($post->isEmpty()) {
90	$core->error->add(__('This entry does not exist.'));
91	$can_view_page = false;
92	} else {
93	$post_id = $post->post_id;
94	$cat_id = $post->cat_id;
95	$post_dt = date('Y-m-d H:i',strtotime($post->post_dt));
96	$post_format = $post->post_format;
97	$post_password = $post->post_password;
98	$post_url = $post->post_url;
99	$post_lang = $post->post_lang;
100	$post_title = $post->post_title;
101	$post_excerpt = $post->post_excerpt;
102	$post_excerpt_xhtml = $post->post_excerpt_xhtml;
103	$post_content = $post->post_content;
104	$post_content_xhtml = $post->post_content_xhtml;
105	$post_notes = $post->post_notes;
106	$post_status = $post->post_status;
107	$post_selected = (boolean) $post->post_selected;
108	$post_open_comment = (boolean) $post->post_open_comment;
109	$post_open_tb = (boolean) $post->post_open_tb;
110
111	$can_edit_post = $post->isEditable();
112	$can_delete= $post->isDeletable();
113
114	$next_rs = $core->blog->getNextPost($post,1);
115	$prev_rs = $core->blog->getNextPost($post,-1);
116
117	if ($next_rs !== null) {
118	$next_link = sprintf($post_link,$next_rs->post_id,
119	html::escapeHTML($next_rs->post_title),__('Next entry').' »');
120	$next_headlink = sprintf($post_headlink,'next',
121	html::escapeHTML($next_rs->post_title),$next_rs->post_id);
122	}
123
124	if ($prev_rs !== null) {
125	$prev_link = sprintf($post_link,$prev_rs->post_id,
126	html::escapeHTML($prev_rs->post_title),'« '.__('Previous entry'));
127	$prev_headlink = sprintf($post_headlink,'previous',
128	html::escapeHTML($prev_rs->post_title),$prev_rs->post_id);
129	}
130
131	try {
132	$core->media = new dcMedia($core);
133	} catch (Exception $e) {
134	$core->error->add($e->getMessage());
135	}
136
137	# Sanitize trackbacks excerpt
138	$tb_excerpt = empty($_POST['tb_excerpt']) ?
139	$post_excerpt_xhtml.' '.$post_content_xhtml :
140	$_POST['tb_excerpt'];
141	$tb_excerpt = html::decodeEntities(html::clean($tb_excerpt));
142	$tb_excerpt = text::cutString(html::escapeHTML($tb_excerpt), 255);
143	$tb_excerpt = preg_replace('/\s+/ms', ' ', $tb_excerpt);
144	}
145	}
146	if (isset($_REQUEST['section']) && $_REQUEST['section']=='trackbacks') {
147	$anchor = 'trackbacks';
148	} else {
149	$anchor = 'comments';
150	}
151
152	$comments_actions_page = new dcCommentsActionsPage($core,$core->adminurl->get('admin.post'),array('id' => $post_id, '_ANCHOR'=>$anchor,'section' => $anchor));
153
154	if ($comments_actions_page->process()) {
155	return;
156	}
157
158	# Ping blogs
159	if (!empty($_POST['ping']))
160	{
161	if (!empty($_POST['tb_urls']) && $post_id && $post_status == 1 && $can_edit_post)
162	{
163	$tb_urls = $_POST['tb_urls'];
164	$tb_urls = str_replace("\r", '', $tb_urls);
165	$tb_post_title = html::escapeHTML(trim(html::clean($post_title)));
166	$tb_post_url = $post->getURL();
167
168	foreach (explode("\n", $tb_urls) as $tb_url)
169	{
170	try {
171	$TB->ping($tb_url, $post_id, $tb_post_title, $tb_excerpt, $tb_post_url);
172	} catch (Exception $e) {
173	$core->error->add($e->getMessage());
174	}
175	}
176
177	if (!$core->error->flag()) {
178	dcPage::addSuccessNotice(__('All pings sent.'));
179	$core->adminurl->redirect(
180	'admin.post',
181	array('id' => $post_id, 'tb'=> '1')
182	);
183	}
184	}
185	}
186
187	# Format excerpt and content
188	elseif (!empty($_POST) && $can_edit_post) {
189	$post_format = $_POST['post_format'];
190	$post_excerpt = $_POST['post_excerpt'];
191	$post_content = $_POST['post_content'];
192
193	$post_title = $_POST['post_title'];
194
195	$cat_id = (integer) $_POST['cat_id'];
196
197	if (isset($_POST['post_status'])) {
198	$post_status = (integer) $_POST['post_status'];
199	}
200
201	if (empty($_POST['post_dt'])) {
202	$post_dt = '';
203	} else {
204	try
205	{
206	$post_dt = strtotime($_POST['post_dt']);
207	if ($post_dt == false \|\| $post_dt == -1) {
208	$bad_dt = true;
209	throw new Exception(__('Invalid publication date'));
210	}
211	$post_dt = date('Y-m-d H:i',$post_dt);
212	}
213	catch (Exception $e)
214	{
215	$core->error->add($e->getMessage());
216	}
217	}
218
219	$post_open_comment = !empty($_POST['post_open_comment']);
220	$post_open_tb = !empty($_POST['post_open_tb']);
221	$post_selected = !empty($_POST['post_selected']);
222	$post_lang = $_POST['post_lang'];
223	$post_password = !empty($_POST['post_password']) ? $_POST['post_password'] : null;
224
225	$post_notes = $_POST['post_notes'];
226
227	if (isset($_POST['post_url'])) {
228	$post_url = $_POST['post_url'];
229	}
230
231	$core->blog->setPostContent(
232	$post_id,$post_format,$post_lang,
233	$post_excerpt,$post_excerpt_xhtml,$post_content,$post_content_xhtml
234	);
235	}
236
237	# Delete post
238	if (!empty($_POST['delete']) && $can_delete)
239	{
240	try {
241	# --BEHAVIOR-- adminBeforePostDelete
242	$core->callBehavior('adminBeforePostDelete',$post_id);
243	$core->blog->delPost($post_id);
244	$core->adminurl->redirect("admin.posts");
245	} catch (Exception $e) {
246	$core->error->add($e->getMessage());
247	}
248	}
249
250	# Create or update post
251	if (!empty($_POST) && !empty($_POST['save']) && $can_edit_post && !$bad_dt)
252	{
253	# Create category
254	if (!empty($_POST['new_cat_title']) && $core->auth->check('categories', $core->blog->id)) {
255
256	$cur_cat = $core->con->openCursor($core->prefix.'category');
257	$cur_cat->cat_title = $_POST['new_cat_title'];
258	$cur_cat->cat_url = '';
259
260	$parent_cat = !empty($_POST['new_cat_parent']) ? $_POST['new_cat_parent'] : '';
261
262	# --BEHAVIOR-- adminBeforeCategoryCreate
263	$core->callBehavior('adminBeforeCategoryCreate', $cur_cat);
264
265	$cat_id = $core->blog->addCategory($cur_cat, (integer) $parent_cat);
266
267	# --BEHAVIOR-- adminAfterCategoryCreate
268	$core->callBehavior('adminAfterCategoryCreate', $cur_cat, $cat_id);
269	}
270
271	$cur = $core->con->openCursor($core->prefix.'post');
272
273	$cur->post_title = $post_title;
274	$cur->cat_id = ($cat_id ? $cat_id : null);
275	$cur->post_dt = $post_dt ? date('Y-m-d H:i:00',strtotime($post_dt)) : '';
276	$cur->post_format = $post_format;
277	$cur->post_password = $post_password;
278	$cur->post_lang = $post_lang;
279	$cur->post_title = $post_title;
280	$cur->post_excerpt = $post_excerpt;
281	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
282	$cur->post_content = $post_content;
283	$cur->post_content_xhtml = $post_content_xhtml;
284	$cur->post_notes = $post_notes;
285	$cur->post_status = $post_status;
286	$cur->post_selected = (integer) $post_selected;
287	$cur->post_open_comment = (integer) $post_open_comment;
288	$cur->post_open_tb = (integer) $post_open_tb;
289
290	if (isset($_POST['post_url'])) {
291	$cur->post_url = $post_url;
292	}
293
294	# Update post
295	if ($post_id) {
296	try {
297	# --BEHAVIOR-- adminBeforePostUpdate
298	$core->callBehavior('adminBeforePostUpdate',$cur,$post_id);
299
300	$core->blog->updPost($post_id,$cur);
301
302	# --BEHAVIOR-- adminAfterPostUpdate
303	$core->callBehavior('adminAfterPostUpdate',$cur,$post_id);
304	dcPage::addSuccessNotice (sprintf(__('The post "%s" has been successfully updated'),html::escapeHTML($cur->post_title)));
305	$core->adminurl->redirect(
306	'admin.post',
307	array('id' => $post_id)
308	);
309	} catch (Exception $e) {
310	$core->error->add($e->getMessage());
311	}
312	} else {
313	$cur->user_id = $core->auth->userID();
314
315	try {
316	# --BEHAVIOR-- adminBeforePostCreate
317	$core->callBehavior('adminBeforePostCreate',$cur);
318
319	$return_id = $core->blog->addPost($cur);
320
321	# --BEHAVIOR-- adminAfterPostCreate
322	$core->callBehavior('adminAfterPostCreate',$cur,$return_id);
323
324	dcPage::addSuccessNotice(__('Entry has been successfully created.'));
325	$core->adminurl->redirect(
326	'admin.post',
327	array('id' => $return_id)
328	);
329	} catch (Exception $e) {
330	$core->error->add($e->getMessage());
331	}
332	}
333	}
334
335	# Getting categories
336	$categories_combo = dcAdminCombos::getCategoriesCombo(
337	$core->blog->getCategories(array('post_type'=>'post'))
338	);
339	/* DISPLAY
340	-------------------------------------------------------- */
341	$default_tab = 'edit-entry';
342	if (!$can_edit_post) {
343	$default_tab = '';
344	}
345	if (!empty($_GET['co'])) {
346	$default_tab = 'comments';
347	}
348	elseif (!empty($_GET['tb'])) {
349	$default_tab = 'trackbacks';
350	}
351
352	if ($post_id) {
353	switch ($post_status) {
354	case 1:
355	$img_status = sprintf($img_status_pattern,__('Published'),'check-on.png');
356	break;
357	case 0:
358	$img_status = sprintf($img_status_pattern,__('Unpublished'),'check-off.png');
359	break;
360	case -1:
361	$img_status = sprintf($img_status_pattern,__('Scheduled'),'scheduled.png');
362	break;
363	case -2:
364	$img_status = sprintf($img_status_pattern,__('Pending'),'check-wrn.png');
365	break;
366	default:
367	$img_status = '';
368	}
369	$edit_entry_str = __('“%s”');
370	$page_title_edit = sprintf($edit_entry_str, html::escapeHTML($post_title)).' '.$img_status;
371	} else {
372	$img_status = '';
373	}
374
375
376	$admin_post_behavior = '';
377	if ($post_editor) {
378	$p_edit = $c_edit = '';
379	if (!empty($post_editor[$post_format])) {
380	$p_edit = $post_editor[$post_format];
381	}
382	if (!empty($post_editor['xhtml'])) {
383	$c_edit = $post_editor['xhtml'];
384	}
385	if ($p_edit == $c_edit) {
386	$admin_post_behavior .= $core->callBehavior('adminPostEditor',
387	$p_edit,'post',array('#post_excerpt','#post_content','#comment_content'));
388	} else {
389	$admin_post_behavior .= $core->callBehavior('adminPostEditor',
390	$p_edit,'post',array('#post_excerpt','#post_content'));
391	$admin_post_behavior .= $core->callBehavior('adminPostEditor',
392	$c_edit,'comment',array('#comment_content'));
393	}
394	}
395
396	dcPage::open($page_title.' - '.__('Entries'),
397	dcPage::jsDatePicker().
398	dcPage::jsModal().
399	dcPage::jsMetaEditor().
400	$admin_post_behavior.
401	dcPage::jsLoad('js/_post.js').
402	dcPage::jsConfirmClose('entry-form','comment-form').
403	# --BEHAVIOR-- adminPostHeaders
404	$core->callBehavior('adminPostHeaders').
405	dcPage::jsPageTabs($default_tab).
406	$next_headlink."\n".$prev_headlink,
407	dcPage::breadcrumb(
408	array(
409	html::escapeHTML($core->blog->name) => '',
410	__('Entries') => $core->adminurl->get("admin.posts"),
411	($post_id ? $page_title_edit : $page_title) => ''
412	))
413	, array(
414	'x-frame-allow' => $core->blog->url
415	)
416	);
417
418	if (!empty($_GET['upd'])) {
419	dcPage::success(__('Entry has been successfully updated.'));
420	}
421	elseif (!empty($_GET['crea'])) {
422	dcPage::success(__('Entry has been successfully created.'));
423	}
424	elseif (!empty($_GET['attached'])) {
425	dcPage::success(__('File has been successfully attached.'));
426	}
427	elseif (!empty($_GET['rmattach'])) {
428	dcPage::success(__('Attachment has been successfully removed.'));
429	}
430
431	if (!empty($_GET['creaco'])) {
432	dcPage::success(__('Comment has been successfully created.'));
433	}
434	if (!empty($_GET['tbsent'])) {
435	dcPage::success(__('All pings sent.'));
436	}
437
438	# XHTML conversion
439	if (!empty($_GET['xconv']))
440	{
441	$post_excerpt = $post_excerpt_xhtml;
442	$post_content = $post_content_xhtml;
443	$post_format = 'xhtml';
444
445	dcPage::message(__('Don\'t forget to validate your XHTML conversion by saving your post.'));
446	}
447
448	if ($post_id && $post->post_status == 1) {
449	echo '<p><a class="onblog_link outgoing" href="'.$post->getURL().'" title="'.$post_title.'">'.__('Go to this entry on the site').' <img src="images/outgoing-blue.png" alt="" /></a></p>';
450	}
451	if ($post_id)
452	{
453	echo '<p class="nav_prevnext">';
454	if ($prev_link) { echo $prev_link; }
455	if ($next_link && $prev_link) { echo ' \| '; }
456	if ($next_link) { echo $next_link; }
457
458	# --BEHAVIOR-- adminPostNavLinks
459	$core->callBehavior('adminPostNavLinks',isset($post) ? $post : null);
460
461	echo '</p>';
462	}
463
464	# Exit if we cannot view page
465	if (!$can_view_page) {
466	dcPage::helpBlock('core_post');
467	dcPage::close();
468	exit;
469	}
470	/* Post form if we can edit post
471	-------------------------------------------------------- */
472	if ($can_edit_post) {
473	$sidebar_items = new ArrayObject(array(
474	'status-box' => array(
475	'title' => __('Status'),
476	'items' => array(
477	'post_status' =>
478	'<p class="entry-status"><label for="post_status">'.__('Entry status').' '.$img_status.'</label>'.
479	form::combo('post_status',$status_combo,$post_status,'maximal','',!$can_publish).
480	'</p>',
481	'post_dt' =>
482	'<p><label for="post_dt">'.__('Publication date and hour').'</label>'.
483	form::field('post_dt',16,16,$post_dt,($bad_dt ? 'invalid' : '')).
484	'</p>',
485	'post_lang' =>
486	'<p><label for="post_lang">'.__('Entry language').'</label>'.
487	form::combo('post_lang',$lang_combo,$post_lang).
488	'</p>',
489	'post_format' =>
490	'<div>'.
491	'<h5 id="label_format"><label for="post_format" class="classic">'.__('Text formatting').'</label></h5>'.
492	'<p>'.form::combo('post_format',$available_formats,$post_format,'maximal').'</p>'.
493	'<p class="format_control control_no_xhtml">'.
494	'<a id="convert-xhtml" class="button'.($post_id && $post_format != 'wiki' ? ' hide' : '').'" href="'.
495	$core->adminurl->get('admin.post',array('id'=> $post_id,'xconv'=> '1')).
496	'">'.
497	__('Convert to XHTML').'</a></p></div>')),
498	'metas-box' => array(
499	'title' => __('Filing'),
500	'items' => array(
501	'post_selected' =>
502	'<p><label for="post_selected" class="classic">'.
503	form::checkbox('post_selected',1,$post_selected).' '.
504	__('Selected entry').'</label></p>',
505	'cat_id' =>
506	'<div>'.
507	'<h5 id="label_cat_id">'.__('Category').'</h5>'.
508	'<p><label for="cat_id">'.__('Category:').'</label>'.
509	form::combo('cat_id',$categories_combo,$cat_id,'maximal').
510	'</p>'.
511	($core->auth->check('categories', $core->blog->id) ?
512	'<div>'.
513	'<h5 id="create_cat">'.__('Add a new category').'</h5>'.
514	'<p><label for="new_cat_title">'.__('Title:').' '.
515	form::field('new_cat_title',30,255,'','maximal').'</label></p>'.
516	'<p><label for="new_cat_parent">'.__('Parent:').' '.
517	form::combo('new_cat_parent',$categories_combo,'','maximal').
518	'</label></p>'.
519	'</div>'
520	: '').
521	'</div>')),
522	'options-box' => array(
523	'title' => __('Options'),
524	'items' => array(
525	'post_open_comment_tb' =>
526	'<div>'.
527	'<h5 id="label_comment_tb">'.__('Comments and trackbacks list').'</h5>'.
528	'<p><label for="post_open_comment" class="classic">'.
529	form::checkbox('post_open_comment',1,$post_open_comment).' '.
530	__('Accept comments').'</label></p>'.
531	($core->blog->settings->system->allow_comments ?
532	(isContributionAllowed($post_id,strtotime($post_dt),true) ?
533	'' :
534	'<p class="form-note warn">'.
535	__('Warning: Comments are not more accepted for this entry.').'</p>') :
536	'<p class="form-note warn">'.
537	__('Comments are not accepted on this blog so far.').'</p>').
538	'<p><label for="post_open_tb" class="classic">'.
539	form::checkbox('post_open_tb',1,$post_open_tb).' '.
540	__('Accept trackbacks').'</label></p>'.
541	($core->blog->settings->system->allow_trackbacks ?
542	(isContributionAllowed($post_id,strtotime($post_dt),false) ?
543	'' :
544	'<p class="form-note warn">'.
545	__('Warning: Trackbacks are not more accepted for this entry.').'</p>') :
546	'<p class="form-note warn">'.__('Trackbacks are not accepted on this blog so far.').'</p>').
547	'</div>',
548	'post_password' =>
549	'<p><label for="post_password">'.__('Password').'</label>'.
550	form::field('post_password',10,32,html::escapeHTML($post_password),'maximal').
551	'</p>',
552	'post_url' =>
553	'<div class="lockable">'.
554	'<p><label for="post_url">'.__('Edit basename').'</label>'.
555	form::field('post_url',10,255,html::escapeHTML($post_url),'maximal').
556	'</p>'.
557	'<p class="form-note warn">'.
558	__('Warning: If you set the URL manually, it may conflict with another entry.').
559	'</p></div>'
560	))));
561
562	$main_items = new ArrayObject(array(
563	"post_title" =>
564	'<p class="col">'.
565	'<label class="required no-margin bold" for="post_title"><abbr title="'.__('Required field').'">*</abbr> '.__('Title:').'</label>'.
566	form::field('post_title',20,255,html::escapeHTML($post_title),'maximal').
567	'</p>',
568
569	"post_excerpt" =>
570	'<p class="area" id="excerpt-area"><label for="post_excerpt" class="bold">'.__('Excerpt:').' <span class="form-note">'.
571	__('Introduction to the post.').'</span></label> '.
572	form::textarea('post_excerpt',50,5,html::escapeHTML($post_excerpt)).
573	'</p>',
574
575	"post_content" =>
576	'<p class="area" id="content-area"><label class="required bold" '.
577	'for="post_content"><abbr title="'.__('Required field').'">*</abbr> '.__('Content:').'</label> '.
578	form::textarea('post_content',50,$core->auth->getOption('edit_size'),html::escapeHTML($post_content)).
579	'</p>',
580
581	"post_notes" =>
582	'<p class="area" id="notes-area"><label for="post_notes" class="bold">'.__('Personal notes:').' <span class="form-note">'.
583	__('Unpublished notes.').'</span></label>'.
584	form::textarea('post_notes',50,5,html::escapeHTML($post_notes)).
585	'</p>'
586	)
587	);
588
589	# --BEHAVIOR-- adminPostFormItems
590	$core->callBehavior('adminPostFormItems',$main_items,$sidebar_items, isset($post) ? $post : null);
591
592	echo '<div class="multi-part" title="'.($post_id ? __('Edit entry') : __('New entry')).'" id="edit-entry">';
593	echo '<form action="'.$core->adminurl->get('admin.post').'" method="post" id="entry-form">';
594	echo '<div id="entry-wrapper">';
595	echo '<div id="entry-content"><div class="constrained">';
596
597	echo '<h3 class="out-of-screen-if-js">'.__('Edit post').'</h3>';
598
599	foreach ($main_items as $id => $item) {
600	echo $item;
601	}
602
603	# --BEHAVIOR-- adminPostForm (may be deprecated)
604	$core->callBehavior('adminPostForm',isset($post) ? $post : null);
605
606	echo
607	'<p class="border-top">'.
608	($post_id ? form::hidden('id',$post_id) : '').
609	'<input type="submit" value="'.__('Save').' (s)" '.
610	'accesskey="s" name="save" /> ';
611	if ($post_id) {
612	$preview_url =
613	$core->blog->url.$core->url->getURLFor('preview',$core->auth->userID().'/'.
614	http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->getInfo('user_pwd')).
615	'/'.$post->post_url);
616	echo '<a id="post-preview" href="'.$preview_url.'" class="button modal" accesskey="p">'.__('Preview').' (p)'.'</a> ';
617	} else {
618	echo
619	'<a id="post-cancel" href="'.$core->adminurl->get("admin.home").'" class="button" accesskey="c">'.__('Cancel').' (c)</a>';
620	}
621
622	echo
623	($can_delete ? '<input type="submit" class="delete" value="'.__('Delete').'" name="delete" />' : '').
624	$core->formNonce().
625	'</p>';
626
627	echo '</div></div>'; // End #entry-content
628	echo '</div>'; // End #entry-wrapper
629
630	echo '<div id="entry-sidebar" role="complementary">';
631
632	foreach ($sidebar_items as $id => $c) {
633	echo '<div id="'.$id.'" class="sb-box">'.
634	'<h4>'.$c['title'].'</h4>';
635	foreach ($c['items'] as $e_name=>$e_content) {
636	echo $e_content;
637	}
638	echo '</div>';
639	}
640
641
642	# --BEHAVIOR-- adminPostFormSidebar (may be deprecated)
643	$core->callBehavior('adminPostFormSidebar',isset($post) ? $post : null);
644	echo '</div>'; // End #entry-sidebar
645
646	echo '</form>';
647
648	# --BEHAVIOR-- adminPostForm
649	$core->callBehavior('adminPostAfterForm',isset($post) ? $post : null);
650
651	echo '</div>';
652	}
653
654	if ($post_id)
655	{
656	/* Comments
657	-------------------------------------------------------- */
658
659	$params = array('post_id' => $post_id, 'order' => 'comment_dt ASC');
660
661	$comments = $core->blog->getComments(array_merge($params,array('comment_trackback'=>0)));
662
663	echo
664	'<div id="comments" class="clear multi-part" title="'.__('Comments').'">';
665	$combo_action = $comments_actions_page->getCombo();
666	$has_action = !empty($combo_action) && !$comments->isEmpty();
667	echo
668	'<p class="top-add"><a class="button add" href="#comment-form">'.__('Add a comment').'</a></p>';
669
670	if ($has_action) {
671	echo '<form action="'.$core->adminurl->get('admin.post').'" id="form-comments" method="post">';
672	}
673
674	echo '<h3>'.__('Comments').'</h3>';
675	if (!$comments->isEmpty()) {
676	showComments($comments,$has_action);
677	} else {
678	echo '<p>'.__('No comments').'</p>';
679	}
680
681	if ($has_action) {
682	echo
683	'<div class="two-cols">'.
684	'<p class="col checkboxes-helpers"></p>'.
685
686	'<p class="col right"><label for="action" class="classic">'.__('Selected comments action:').'</label> '.
687	form::combo('action',$combo_action).
688	form::hidden(array('section'),'comments').
689	form::hidden(array('id'),$post_id).
690	$core->formNonce().
691	'<input type="submit" value="'.__('ok').'" /></p>'.
692	'</div>'.
693	'</form>';
694	}
695	/* Add a comment
696	-------------------------------------------------------- */
697
698	echo
699	'<div class="fieldset clear">'.
700	'<h3>'.__('Add a comment').'</h3>'.
701
702	'<form action="'.$core->adminurl->get("admin.comment").'" method="post" id="comment-form">'.
703	'<div class="constrained">'.
704	'<p><label for="comment_author" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Name:').'</label>'.
705	form::field('comment_author',30,255,html::escapeHTML($core->auth->getInfo('user_cn'))).
706	'</p>'.
707
708	'<p><label for="comment_email">'.__('Email:').'</label>'.
709	form::field('comment_email',30,255,html::escapeHTML($core->auth->getInfo('user_email'))).
710	'</p>'.
711
712	'<p><label for="comment_site">'.__('Web site:').'</label>'.
713	form::field('comment_site',30,255,html::escapeHTML($core->auth->getInfo('user_url'))).
714	'</p>'.
715
716	'<p class="area"><label for="comment_content" class="required"><abbr title="'.__('Required field').'">*</abbr> '.
717	__('Comment:').'</label> '.
718	form::textarea('comment_content',50,8,html::escapeHTML('')).
719	'</p>'.
720
721	'<p>'.
722	form::hidden('post_id',$post_id).
723	$core->formNonce().
724	'<input type="submit" name="add" value="'.__('Save').'" /></p>'.
725	'</div>'. #constrained
726
727	'</form>'.
728	'</div>'. #add comment
729	'</div>'; #comments
730	}
731
732	if ($post_id && $post_status == 1)
733	{
734	/* Trackbacks
735	-------------------------------------------------------- */
736
737	$params = array('post_id' => $post_id, 'order' => 'comment_dt ASC');
738	$trackbacks = $core->blog->getComments(array_merge($params, array('comment_trackback' => 1)));
739
740	# Actions combo box
741	$combo_action = $comments_actions_page->getCombo();
742	$has_action = !empty($combo_action) && !$trackbacks->isEmpty();
743
744	if (!empty($_GET['tb_auto'])) {
745	$tb_urls = implode("\n", $TB->discover($post_excerpt_xhtml.' '.$post_content_xhtml));
746	}
747
748	# Display tab
749	echo
750	'<div id="trackbacks" class="clear multi-part" title="'.__('Trackbacks').'">';
751
752	# tracbacks actions
753	if ($has_action) {
754	echo '<form action="'.$core->adminurl->get("admin.post").'" id="form-trackbacks" method="post">';
755	}
756
757	echo '<h3>'.__('Trackbacks received').'</h3>';
758
759	if (!$trackbacks->isEmpty()) {
760	showComments($trackbacks, $has_action, true);
761	} else {
762	echo '<p>'.__('No trackback').'</p>';
763	}
764
765	if ($has_action) {
766	echo
767	'<div class="two-cols">'.
768	'<p class="col checkboxes-helpers"></p>'.
769
770	'<p class="col right"><label for="action" class="classic">'.__('Selected trackbacks action:').'</label> '.
771	form::combo('action', $combo_action).
772	form::hidden('id',$post_id).
773	form::hidden(array('section'),'trackbacks').
774	$core->formNonce().
775	'<input type="submit" value="'.__('ok').'" /></p>'.
776	'</div>'.
777	'</form>';
778	}
779
780	/* Add trackbacks
781	-------------------------------------------------------- */
782	if ($can_edit_post && $post->post_status) {
783	echo
784	'<div class="fieldset clear">';
785
786	echo
787	'<h3>'.__('Ping blogs').'</h3>'.
788	'<form action="'.$core->adminurl->get("admin.post",array('id' => $post_id)).'" id="trackback-form" method="post">'.
789	'<p><label for="tb_urls" class="area">'.__('URLs to ping:').'</label>'.
790	form::textarea('tb_urls', 60, 5, $tb_urls).
791	'</p>'.
792
793	'<p><label for="tb_excerpt" class="area">'.__('Excerpt to send:').'</label>'.
794	form::textarea('tb_excerpt', 60, 5, $tb_excerpt).'</p>'.
795
796	'<p>'.
797	$core->formNonce().
798	'<input type="submit" name="ping" value="'.__('Ping blogs').'" />'.
799	(empty($_GET['tb_auto']) ?
800	'  <a class="button" href="'.
801	$core->adminurl->get("admin.post",array('id'=> $post_id,'tb_auto' => 1,'tb' => 1)).
802	'">'.__('Auto discover ping URLs').'</a>'
803	: '').
804	'</p>'.
805	'</form>';
806
807	$pings = $TB->getPostPings($post_id);
808
809	if (!$pings->isEmpty())
810	{
811	echo '<h3>'.__('Previously sent pings').'</h3>';
812
813	echo '<ul class="nice">';
814	while ($pings->fetch()) {
815	echo
816	'<li>'.dt::dt2str(__('%Y-%m-%d %H:%M'), $pings->ping_dt).' - '.
817	$pings->ping_url.'</li>';
818	}
819	echo '</ul>';
820	}
821
822	echo '</div>';
823	}
824
825	echo '</div>'; #trackbacks
826	}
827
828	# Controls comments or trakbacks capabilities
829	function isContributionAllowed($id,$dt,$com=true)
830	{
831	global $core;
832
833	if (!$id) {
834	return true;
835	}
836	if ($com) {
837	if (($core->blog->settings->system->comments_ttl == 0) \|\|
838	(time() - $core->blog->settings->system->comments_ttl*86400 < $dt)) {
839	return true;
840	}
841	} else {
842	if (($core->blog->settings->system->trackbacks_ttl == 0) \|\|
843	(time() - $core->blog->settings->system->trackbacks_ttl*86400 < $dt)) {
844	return true;
845	}
846	}
847	return false;
848	}
849
850	# Show comments or trackbacks
851	function showComments($rs,$has_action,$tb=false)
852	{
853	global $core;
854	echo
855	'<div class="table-outer">'.
856	'<table class="comments-list"><tr>'.
857	'<th colspan="2" class="first">'.__('Author').'</th>'.
858	'<th>'.__('Date').'</th>'.
859	'<th class="nowrap">'.__('IP address').'</th>'.
860	'<th>'.__('Status').'</th>'.
861	'<th>'.__('Edit').'</th>'.
862	'</tr>';
863	$comments = array();
864	if (isset($_REQUEST['comments'])) {
865	foreach ($_REQUEST['comments'] as $v) {
866	$comments[(integer)$v]=true;
867	}
868	}
869
870	while($rs->fetch())
871	{
872	$comment_url = $core->adminurl->get("admin.comment",array('id' => $rs->comment_id));
873
874	$img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />';
875	switch ($rs->comment_status) {
876	case 1:
877	$img_status = sprintf($img,__('Published'),'check-on.png');
878	break;
879	case 0:
880	$img_status = sprintf($img,__('Unpublished'),'check-off.png');
881	break;
882	case -1:
883	$img_status = sprintf($img,__('Pending'),'check-wrn.png');
884	break;
885	case -2:
886	$img_status = sprintf($img,__('Junk'),'junk.png');
887	break;
888	}
889
890	echo
891	'<tr class="line'.($rs->comment_status != 1 ? ' offline' : '').'"'.
892	' id="c'.$rs->comment_id.'">'.
893
894	'<td class="nowrap">'.
895	($has_action ? form::checkbox(array('comments[]'),$rs->comment_id,isset($comments[$rs->comment_id]),'','',0,'title="'.($tb ? __('select this trackback') : __('select this comment')).'"') : '').'</td>'.
896	'<td class="maximal">'.html::escapeHTML($rs->comment_author).'</td>'.
897	'<td class="nowrap">'.dt::dt2str(__('%Y-%m-%d %H:%M'),$rs->comment_dt).'</td>'.
898	'<td class="nowrap"><a href="'.$core->adminurl->get("admin.comments",array('ip' => $rs->comment_ip)).'">'.$rs->comment_ip.'</a></td>'.
899	'<td class="nowrap status">'.$img_status.'</td>'.
900	'<td class="nowrap status"><a href="'.$comment_url.'">'.
901	'<img src="images/edit-mini.png" alt="" title="'.__('Edit this comment').'" /> '.__('Edit').'</a></td>'.
902
903	'</tr>';
904	}
905
906	echo '</table></div>';
907	}
908
909	dcPage::helpBlock('core_post','core_trackbacks','core_wiki');
910	dcPage::close();

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/post.php @ 2907:d5da0414c363

Download in other formats:

Sites map