Changeset 2911:5434e75ad738 for admin
- Timestamp:
- 01/07/15 12:55:08 (11 years ago)
- Branch:
- twig
- Parents:
- 2715:a87ddf7dbfb5 (diff), 2910:69efb1571e90 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent. - Location:
- admin
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
admin/auth.php
r2852 r2911 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 14 14 15 15 # If we have a session cookie, go to index.php 16 if (isset($_SESSION['sess_user_id'])) 17 { 18 $core->adminurl->redirect('admin.home'); 16 if (isset($_SESSION['sess_user_id'])) { 17 http::redirect('index.php'); 19 18 } 20 19 … … 23 22 $dlang = http::getAcceptLanguage(); 24 23 $dlang = ($dlang == '' ? 'en' : $dlang); 25 if ($dlang != 'en' && preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$dlang)) 26 { 27 l10n::lang($dlang); 24 if ($dlang != 'en' && preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$dlang)) { 28 25 l10n::set(dirname(__FILE__).'/../locales/'.$dlang.'/main'); 29 26 } 30 31 $page_url = http::getHost().$_SERVER['REQUEST_URI'];32 33 $change_pwd = $core->auth->allowPassChange() && isset($_POST['new_pwd']) && isset($_POST['new_pwd_c']) && isset($_POST['login_data']);34 $login_data = !empty($_POST['login_data']) ? html::escapeHTML($_POST['login_data']) : null;35 $recover = $core->auth->allowPassChange() && !empty($_REQUEST['recover']);36 $safe_mode = !empty($_REQUEST['safe_mode']);37 $akey = $core->auth->allowPassChange() && !empty($_GET['akey']) ? $_GET['akey'] : null;38 $user_id = $user_pwd = $user_key = $user_email = null;39 $err = $msg = null;40 27 41 28 # Auto upgrade … … 44 31 try { 45 32 if (($changes = dotclearUpgrade($core)) !== false) { 46 $msg = __('Dotclear has been upgraded.').'<!-- '.$changes.' -->'; 47 } 48 } catch (Exception $e) { 49 $err = $e->getMessage(); 50 } 51 } 52 53 # If we have POST login informations, go throug auth process 54 if (!empty($_POST['user_id']) && !empty($_POST['user_pwd'])) 33 $_ctx->setAlert(__('Dotclear has been upgraded.').'<!-- '.$changes.' -->'); 34 } 35 } 36 catch (Exception $e) { 37 $_ctx->addError($e->getMessage()); 38 } 39 } 40 41 /** 42 Actions for authentication on admin pages 43 */ 44 class adminPageAuth 55 45 { 56 $user_id = !empty($_POST['user_id']) ? $_POST['user_id'] : null; 57 $user_pwd = !empty($_POST['user_pwd']) ? $_POST['user_pwd'] : null; 58 } 59 # If we have COOKIE login informations, go throug auth process 60 elseif (isset($_COOKIE['dc_admin']) && strlen($_COOKIE['dc_admin']) == 104) 61 { 46 # Send new password from recover email 47 public static function send($akey) 48 { 49 global $core, $_ctx; 50 51 $_ctx->akey = true; 52 53 try { 54 $recover_res = $core->auth->recoverUserPassword($akey); 55 56 $subject = mb_encode_mimeheader('DotClear '.__('Your new password'),'UTF-8','B'); 57 $message = 58 __('Username:').' '.$recover_res['user_id']."\n". 59 __('Password:').' '.$recover_res['new_pass']."\n\n". 60 preg_replace('/\?(.*)$/','',http::getHost().$_SERVER['REQUEST_URI']); 61 62 $headers[] = 'From: dotclear@'.$_SERVER['HTTP_HOST']; 63 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 64 65 mail::sendMail($recover_res['user_email'],$subject,$message,$headers); 66 $_ctx->setAlert(__('Your new password is in your mailbox.')); 67 } 68 catch (Exception $e) { 69 $_ctx->addError($e->getMessage()); 70 } 71 } 72 73 # Authentication process 74 public static function process($form,$user_id,$user_pwd,$user_key=null) 75 { 76 global $core, $_ctx; 77 78 # We check the user 79 $check_user = $core->auth->checkUser($user_id,$user_pwd,$user_key) === true; 80 81 $cookie_admin = http::browserUID(DC_MASTER_KEY.$user_id. 82 crypt::hmac(DC_MASTER_KEY,$user_pwd)).bin2hex(pack('a32',$user_id)); 83 84 if ($check_user && $core->auth->mustChangePassword()) 85 { 86 $form->login_data = join('/',array( 87 base64_encode($user_id), 88 $cookie_admin, 89 $form->user_remember == '' ? '0' : '1' 90 )); 91 92 if (!$core->auth->allowPassChange()) { 93 $_ctx->addError(__('You have to change your password before you can login.')); 94 } else { 95 $_ctx->addError(__('In order to login, you have to change your password now.')); 96 $_ctx->change_pwd = true; 97 } 98 } 99 elseif ($check_user && $form->safe_mode != '' && !$core->auth->isSuperAdmin()) 100 { 101 $_ctx->addError(__('Safe Mode can only be used for super administrators.')); 102 } 103 elseif ($check_user) 104 { 105 $core->session->start(); 106 $_SESSION['sess_user_id'] = $user_id; 107 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 108 109 if ($form->blog != '') { 110 $_SESSION['sess_blog_id'] = $form->blog; 111 } 112 113 if ($form->safe_mode != '' && $core->auth->isSuperAdmin()) { 114 $_SESSION['sess_safe_mode'] = true; 115 } 116 117 if ($form->user_remember != '') { 118 setcookie('dc_admin',$cookie_admin,strtotime('+15 days'),'','',DC_ADMIN_SSL); 119 } 120 121 http::redirect('index.php'); 122 } 123 else 124 { 125 if (isset($_COOKIE['dc_admin'])) { 126 unset($_COOKIE['dc_admin']); 127 setcookie('dc_admin',false,-600,'','',DC_ADMIN_SSL); 128 } 129 $_ctx->addError(__('Wrong username or password')); 130 } 131 } 132 133 # Login form action 134 public static function login($form) 135 { 136 global $_ctx; 137 138 if ($form->user_id != '' && $form->user_pwd != '') { 139 self::process($form,$form->user_id,$form->user_pwd); 140 } 141 142 # Send post values to form 143 $form->user_id = $form->user_id; 144 } 145 146 # Recover password form action 147 public static function recover($form) 148 { 149 global $core, $_ctx; 150 151 if ($form->user_id == '' || $form->user_email == '') { 152 return; 153 } 154 155 $user_id = $form->user_id; 156 $user_email = $form->user_email; 157 $page_url = http::getHost().$_SERVER['REQUEST_URI']; 158 159 try { 160 $recover_key = $core->auth->setRecoverKey($user_id,$user_email); 161 162 $subject = mail::B64Header('DotClear '.__('Password reset')); 163 $message = 164 __('Someone has requested to reset the password for the following site and username.')."\n\n". 165 $page_url."\n".__('Username:').' '.$user_id."\n\n". 166 __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.')."\n". 167 $page_url.'?akey='.$recover_key; 168 169 $headers[] = 'From: '.(defined('DC_ADMIN_MAILFROM') && DC_ADMIN_MAILFROM ? DC_ADMIN_MAILFROM : 'dotclear@local'); 170 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 171 172 mail::sendMail($user_email,$subject,$message,$headers); 173 $_ctx->setAlert(sprintf(__('The e-mail was sent successfully to %s.'),$user_email)); 174 } 175 catch (Exception $e) { 176 $_ctx->addError($e->getMessage()); 177 } 178 179 # Send post values to form 180 $form->user_id = $form->user_id; 181 $form->user_email = $form->user_email; 182 } 183 184 # Change password form action 185 public static function change($form) 186 { 187 global $core, $_ctx; 188 189 if ($form->login_data) { 190 return; 191 } 192 $_ctx->change_pwd = true; 193 194 $new_pwd = (string) $form->new_pwd; 195 $new_pwd_c = (string) $form->new_pwd_c; 196 197 try { 198 $tmp_data = explode('/',$form->login_data); 199 if (count($tmp_data) != 3) { 200 throw new Exception(); 201 } 202 $data = array( 203 'user_id'=>base64_decode($tmp_data[0]), 204 'cookie_admin'=>$tmp_data[1], 205 'user_remember'=>$tmp_data[2]=='1' 206 ); 207 if ($data['user_id'] === false) { 208 throw new Exception(); 209 } 210 211 # Check login informations 212 $check_user = false; 213 if (isset($data['cookie_admin']) && strlen($data['cookie_admin']) == 104) 214 { 215 $user_id = substr($data['cookie_admin'],40); 216 $user_id = @unpack('a32',@pack('H*',$user_id)); 217 if (is_array($user_id)) 218 { 219 $user_id = $user_id[1]; 220 $user_key = substr($data['cookie_admin'],0,40); 221 $check_user = $core->auth->checkUser($user_id,null,$user_key) === true; 222 } 223 } 224 225 if (!$core->auth->allowPassChange() || !$check_user) { 226 $_ctx->change_pwd = false; 227 throw new Exception(); 228 } 229 230 if ($new_pwd != $new_pwd_c) { 231 throw new Exception(__("Passwords don't match")); 232 } 233 234 if ($core->auth->checkUser($user_id,$new_pwd) === true) { 235 throw new Exception(__("You didn't change your password.")); 236 } 237 238 $cur = $core->con->openCursor($core->prefix.'user'); 239 $cur->user_change_pwd = 0; 240 $cur->user_pwd = $new_pwd; 241 $core->updUser($core->auth->userID(),$cur); 242 243 $core->session->start(); 244 $_SESSION['sess_user_id'] = $user_id; 245 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 246 247 if ($data['user_remember']) { 248 setcookie('dc_admin',$data['cookie_admin'],strtotime('+15 days'),'','',DC_ADMIN_SSL); 249 } 250 251 http::redirect('index.php'); 252 } 253 catch (Exception $e) { 254 $_ctx->addError($e->getMessage()); 255 } 256 257 # Send post values to form 258 $form->login_data = $form->login_data; 259 } 260 } 261 262 # Form fields 263 $form = new dcForm($core,'auth','auth.php'); 264 $form 265 ->addField( 266 new dcFieldText('user_id','',array( 267 "label" => __('Username:'), 268 "maxlength" => 32))) 269 ->addField( 270 new dcFieldPassword('user_pwd','',array( 271 "label" => __('Password:')))) 272 ->addField( 273 new dcFieldText('user_email','',array( 274 "label" => __('Email:')))) 275 ->addField( 276 new dcFieldPassword('new_pwd','',array( 277 "label" => __('New password:')))) 278 ->addField( 279 new dcFieldPassword('new_pwd_c','',array( 280 "label" => __('Confirm password:')))) 281 ->addField( 282 new dcFieldCheckbox ('user_remember',1,array( 283 "label" => __('Remember my ID on this computer')))) 284 ->addField( 285 new dcFieldSubmit('auth_login',__('log in'),array( 286 'action' => array('adminPageAuth','login')))) 287 ->addField( 288 new dcFieldSubmit('auth_recover',__('recover'),array( 289 'action' => array('adminPageAuth','recover')))) 290 ->addField( 291 new dcFieldSubmit('auth_change',__('change'),array( 292 'action' => array('adminPageAuth','change')))) 293 ->addField( 294 new dcFieldHidden ('safe_mode','0')) 295 ->addField( 296 new dcFieldHidden ('recover','0')) 297 ->addField( 298 new dcFieldHidden ('login_data','')) 299 ->addField( 300 new dcFieldHidden ('blog','')); 301 302 # Context variables 303 $_ctx->allow_pass_change = $core->auth->allowPassChange(); 304 $_ctx->change_pwd = $core->auth->allowPassChange() && $form->new_pwd != '' && $form->new_pwd_c != '' && $form->login_data != ''; 305 $_ctx->recover = $form->recover = $core->auth->allowPassChange() && !empty($_REQUEST['recover']); 306 $_ctx->setSafeMode(!empty($_REQUEST['safe_mode'])); 307 $form->safe_mode = !empty($_REQUEST['safe_mode']); 308 $_ctx->akey = false; 309 $_ctx->dlang = $dlang; 310 311 # If we have no POST login informations and have COOKIE login informations, go throug auth process 312 if ($form->user_id == '' && $form->user_pwd == '' 313 && isset($_COOKIE['dc_admin']) && strlen($_COOKIE['dc_admin']) == 104) { 314 62 315 # If we have a remember cookie, go through auth process with user_key 63 316 $user_id = substr($_COOKIE['dc_admin'],40); 64 317 $user_id = @unpack('a32',@pack('H*',$user_id)); 65 if (is_array($user_id))66 {318 319 if (is_array($user_id)) { 67 320 $user_id = $user_id[1]; 68 321 $user_key = substr($_COOKIE['dc_admin'],0,40); 69 $user_pwd = null; 70 } 71 else 72 { 73 $user_id = null; 74 } 75 } 76 77 # Recover password 78 if ($recover && !empty($_POST['user_id']) && !empty($_POST['user_email'])) 79 { 80 $user_id = !empty($_POST['user_id']) ? $_POST['user_id'] : null; 81 $user_email = !empty($_POST['user_email']) ? $_POST['user_email'] : ''; 82 try 83 { 84 $recover_key = $core->auth->setRecoverKey($user_id,$user_email); 85 86 $subject = mail::B64Header('DotClear '.__('Password reset')); 87 $message = 88 __('Someone has requested to reset the password for the following site and username.')."\n\n". 89 $page_url."\n".__('Username:').' '.$user_id."\n\n". 90 __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.')."\n". 91 $page_url.'?akey='.$recover_key; 92 93 $headers[] = 'From: '.(defined('DC_ADMIN_MAILFROM') && DC_ADMIN_MAILFROM ? DC_ADMIN_MAILFROM : 'dotclear@local'); 94 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 95 96 mail::sendMail($user_email,$subject,$message,$headers); 97 $msg = sprintf(__('The e-mail was sent successfully to %s.'),$user_email); 98 } 99 catch (Exception $e) 100 { 101 $err = $e->getMessage(); 102 } 103 } 104 # Send new password 105 elseif ($akey) 106 { 107 try 108 { 109 $recover_res = $core->auth->recoverUserPassword($akey); 110 111 $subject = mb_encode_mimeheader('DotClear '.__('Your new password'),'UTF-8','B'); 112 $message = 113 __('Username:').' '.$recover_res['user_id']."\n". 114 __('Password:').' '.$recover_res['new_pass']."\n\n". 115 preg_replace('/\?(.*)$/','',$page_url); 116 117 $headers[] = 'From: dotclear@'.$_SERVER['HTTP_HOST']; 118 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 119 120 mail::sendMail($recover_res['user_email'],$subject,$message,$headers); 121 $msg = __('Your new password is in your mailbox.'); 122 } 123 catch (Exception $e) 124 { 125 $err = $e->getMessage(); 126 } 127 } 128 # Change password and retry to log 129 elseif ($change_pwd) 130 { 131 try 132 { 133 $tmp_data = explode('/',$_POST['login_data']); 134 if (count($tmp_data) != 3) { 135 throw new Exception(); 136 } 137 $data = array( 138 'user_id'=>base64_decode($tmp_data[0]), 139 'cookie_admin'=>$tmp_data[1], 140 'user_remember'=>$tmp_data[2]=='1' 141 ); 142 if ($data['user_id'] === false) { 143 throw new Exception(); 144 } 145 146 # Check login informations 147 $check_user = false; 148 if (isset($data['cookie_admin']) && strlen($data['cookie_admin']) == 104) 149 { 150 $user_id = substr($data['cookie_admin'],40); 151 $user_id = @unpack('a32',@pack('H*',$user_id)); 152 if (is_array($user_id)) 153 { 154 $user_id = $user_id[1]; 155 $user_key = substr($data['cookie_admin'],0,40); 156 $check_user = $core->auth->checkUser($user_id,null,$user_key) === true; 157 } 158 } 159 160 if (!$core->auth->allowPassChange() || !$check_user) { 161 $change_pwd = false; 162 throw new Exception(); 163 } 164 165 if ($_POST['new_pwd'] != $_POST['new_pwd_c']) { 166 throw new Exception(__("Passwords don't match")); 167 } 168 169 if ($core->auth->checkUser($user_id,$_POST['new_pwd']) === true) { 170 throw new Exception(__("You didn't change your password.")); 171 } 172 173 $cur = $core->con->openCursor($core->prefix.'user'); 174 $cur->user_change_pwd = 0; 175 $cur->user_pwd = $_POST['new_pwd']; 176 $core->updUser($core->auth->userID(),$cur); 177 178 $core->session->start(); 179 $_SESSION['sess_user_id'] = $user_id; 180 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 181 182 if ($data['user_remember']) 183 { 184 setcookie('dc_admin',$data['cookie_admin'],strtotime('+15 days'),'','',DC_ADMIN_SSL); 185 } 186 187 $core->adminurl->redirect('admin.home'); 188 } 189 catch (Exception $e) 190 { 191 $err = $e->getMessage(); 192 } 193 } 194 # Try to log 195 elseif ($user_id !== null && ($user_pwd !== null || $user_key !== null)) 196 { 197 # We check the user 198 $check_user = $core->auth->checkUser($user_id,$user_pwd,$user_key,false) === true; 199 if ($check_user) { 200 $check_perms = $core->auth->findUserBlog() !== false; 201 } else { 202 $check_perms = false; 203 } 204 205 $cookie_admin = http::browserUID(DC_MASTER_KEY.$user_id. 206 crypt::hmac(DC_MASTER_KEY,$user_pwd)).bin2hex(pack('a32',$user_id)); 207 208 if ($check_perms && $core->auth->mustChangePassword()) 209 { 210 $login_data = join('/',array( 211 base64_encode($user_id), 212 $cookie_admin, 213 empty($_POST['user_remember'])?'0':'1' 214 )); 215 216 if (!$core->auth->allowPassChange()) { 217 $err = __('You have to change your password before you can login.'); 218 } else { 219 $err = __('In order to login, you have to change your password now.'); 220 $change_pwd = true; 221 } 222 } 223 elseif ($check_perms && !empty($_POST['safe_mode']) && !$core->auth->isSuperAdmin()) 224 { 225 $err = __('Safe Mode can only be used for super administrators.'); 226 } 227 elseif ($check_perms) 228 { 229 $core->session->start(); 230 $_SESSION['sess_user_id'] = $user_id; 231 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 232 233 if (!empty($_POST['blog'])) { 234 $_SESSION['sess_blog_id'] = $_POST['blog']; 235 } 236 237 if (!empty($_POST['safe_mode']) && $core->auth->isSuperAdmin()) { 238 $_SESSION['sess_safe_mode'] = true; 239 } 240 241 if (!empty($_POST['user_remember'])) { 242 setcookie('dc_admin',$cookie_admin,strtotime('+15 days'),'','',DC_ADMIN_SSL); 243 } 244 245 $core->adminurl->redirect('admin.home'); 246 } 247 else 248 { 249 if (isset($_COOKIE['dc_admin'])) { 250 unset($_COOKIE['dc_admin']); 251 setcookie('dc_admin',false,-600,'','',DC_ADMIN_SSL); 252 } 253 if ($check_user) { 254 $err = __('Insufficient permissions'); 255 } else { 256 $err = __('Wrong username or password'); 257 } 258 } 322 $user_pwd = ''; 323 324 adminPageAuth::process($form,$user_id,$user_pwd,$user_key); 325 } 326 } 327 # If we have an akey, go throug send password process 328 elseif ($core->auth->allowPassChange() && !empty($_GET['akey'])) { 329 adminPageAuth::send($_GET['akey']); 259 330 } 260 331 261 332 if (isset($_GET['user'])) { 262 $user_id = $_GET['user']; 263 } 264 265 header('Content-Type: text/html; charset=UTF-8'); 266 267 // Prevents Clickjacking as far as possible 268 header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+ 269 333 $form->user_id = $_GET['user']; 334 } 335 336 $form->setup(); 337 338 $core->tpl->display('auth.html.twig'); 270 339 ?> 271 <!DOCTYPE html>272 <html lang="<?php echo $dlang; ?>">273 <head>274 <meta charset="UTF-8" />275 <meta http-equiv="Content-Script-Type" content="text/javascript" />276 <meta http-equiv="Content-Style-Type" content="text/css" />277 <meta http-equiv="Content-Language" content="<?php echo $dlang; ?>" />278 <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />279 <meta name="GOOGLEBOT" content="NOSNIPPET" />280 <meta name="viewport" content="width=device-width, initial-scale=1.0" />281 <title><?php echo html::escapeHTML(DC_VENDOR_NAME); ?></title>282 <link rel="icon" type="image/png" href="images/favicon96-logout.png" />283 <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" />284 285 286 <?php287 echo dcPage::jsLoadIE7();288 echo dcPage::jsCommon();289 ?>290 291 <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />292 293 <?php294 # --BEHAVIOR-- loginPageHTMLHead295 $core->callBehavior('loginPageHTMLHead');296 ?>297 298 <script type="text/javascript">299 //<![CDATA[300 $(window).load(function() {301 var uid = $('input[name=user_id]');302 var upw = $('input[name=user_pwd]');303 uid.focus();304 305 if (upw.length == 0) { return; }306 307 uid.keypress(processKey);308 309 function processKey(evt) {310 if (evt.which == 13 && upw.val() == '') {311 upw.focus();312 return false;313 }314 return true;315 };316 $.cookie('dc_admin_test_cookie',true);317 if ($.cookie('dc_admin_test_cookie')) {318 $('#cookie_help').hide();319 $.cookie('dc_admin_test_cookie', '', {'expires': -1});320 } else {321 $('#cookie_help').show();322 }323 $('#issue #more').toggleWithLegend($('#issue').children().not('#more'));324 });325 //]]>326 </script>327 </head>328 329 <body id="dotclear-admin" class="auth">330 331 <form action="<?php echo $core->adminurl->get('admin.auth'); ?>" method="post" id="login-screen">332 <h1 role="banner"><?php echo html::escapeHTML(DC_VENDOR_NAME); ?></h1>333 334 <?php335 if ($err) {336 echo '<div class="error" role="alert">'.$err.'</div>';337 }338 if ($msg) {339 echo '<p class="success" role="alert">'.$msg.'</p>';340 }341 342 if ($akey)343 {344 echo '<p><a href="'.$core->adminurl->get('admin.auth').'">'.__('Back to login screen').'</a></p>';345 }346 elseif ($recover)347 {348 echo349 '<div class="fieldset" role="main"><h2>'.__('Request a new password').'</h2>'.350 '<p><label for="user_id">'.__('Username:').'</label> '.351 form::field(array('user_id','user_id'),20,32,html::escapeHTML($user_id)).'</p>'.352 353 '<p><label for="user_email">'.__('Email:').'</label> '.354 form::field(array('user_email','user_email'),20,255,html::escapeHTML($user_email)).'</p>'.355 356 '<p><input type="submit" value="'.__('recover').'" />'.357 form::hidden(array('recover'),1).'</p>'.358 '</div>'.359 360 '<div id="issue">'.361 '<p><a href="'.$core->adminurl->get('admin.auth').'">'.__('Back to login screen').'</a></p>'.362 '</div>';363 }364 elseif ($change_pwd)365 {366 echo367 '<div class="fieldset"><h2>'.__('Change your password').'</h2>'.368 '<p><label for="new_pwd">'.__('New password:').'</label> '.369 form::password(array('new_pwd','new_pwd'),20,255).'</p>'.370 371 '<p><label for="new_pwd_c">'.__('Confirm password:').'</label> '.372 form::password(array('new_pwd_c','new_pwd_c'),20,255).'</p>'.373 '</div>'.374 375 '<p><input type="submit" value="'.__('change').'" />'.376 form::hidden('login_data',$login_data).'</p>';377 }378 else379 {380 if (is_callable(array($core->auth,'authForm')))381 {382 echo $core->auth->authForm($user_id);383 }384 else385 {386 if ($safe_mode) {387 echo '<div class="fieldset" role="main">';388 echo '<h2>'.__('Safe mode login').'</h2>';389 echo390 '<p class="form-note">'.391 __('This mode allows you to login without activating any of your plugins. This may be useful to solve compatibility problems').' </p>'.392 '<p class="form-note">'.__('Disable or delete any plugin suspected to cause trouble, then log out and log back in normally.').393 '</p>';394 }395 else {396 echo '<div class="fieldset" role="main">';397 }398 399 echo400 '<p><label for="user_id">'.__('Username:').'</label> '.401 form::field(array('user_id','user_id'),20,32,html::escapeHTML($user_id)).'</p>'.402 403 '<p><label for="user_pwd">'.__('Password:').'</label> '.404 form::password(array('user_pwd','user_pwd'),20,255).'</p>'.405 406 '<p>'.407 form::checkbox(array('user_remember','user_remember'),1).408 '<label for="user_remember" class="classic">'.409 __('Remember my ID on this computer').'</label></p>'.410 411 '<p><input type="submit" value="'.__('log in').'" class="login" /></p>';412 413 if (!empty($_REQUEST['blog'])) {414 echo form::hidden('blog',html::escapeHTML($_REQUEST['blog']));415 }416 if($safe_mode) {417 echo418 form::hidden('safe_mode',1).419 '</div>';420 }421 else {422 echo '</div>';423 }424 echo425 '<p id="cookie_help" class="error">'.__('You must accept cookies in order to use the private area.').'</p>';426 427 echo '<div id="issue">';428 429 if ($safe_mode) {430 echo431 '<p><a href="'.$core->adminurl->get('admin.auth').'" id="normal_mode_link">'.__('Get back to normal authentication').'</a></p>';432 } else {433 echo '<p id="more"><strong>'.__('Connection issue?').'</strong></p>';434 if ($core->auth->allowPassChange()) {435 echo '<p><a href="'.$core->adminurl->get('admin.auth',array('recover' => 1)).'">'.__('I forgot my password').'</a></p>';436 }437 echo '<p><a href="'.$core->adminurl->get('admin.auth',array('safe_mode' => 1)).'" id="safe_mode_link">'.__('I want to log in in safe mode').'</a></p>';438 }439 440 echo '</div>';441 }442 }443 ?>444 </form>445 </body>446 </html> -
admin/index.php
r2854 r2911 15 15 exit; 16 16 } 17 if (!empty($_GET['tf'])) { 18 define('DC_CONTEXT_ADMIN',true); 19 require dirname(__FILE__).'/../inc/load_theme_file.php'; 20 exit; 21 } 17 22 18 23 require dirname(__FILE__).'/../inc/admin/prepend.php'; … … 21 26 try { 22 27 $core->setUserDefaultBlog($core->auth->userID(),$core->blog->id); 23 $core->adminurl->redirect("admin.home");28 http::redirect('index.php'); 24 29 } catch (Exception $e) { 25 30 $core->error->add($e->getMessage()); … … 36 41 setcookie('dc_admin',false,-600,'','',DC_ADMIN_SSL); 37 42 } 38 $core->adminurl->redirect("admin.auth");43 http::redirect('auth.php'); 39 44 exit; 40 45 } … … 43 48 $plugins_install = $core->plugins->installModules(); 44 49 50 # Send plugins install messages to templates 51 if (!empty($plugins_install['success'])) { 52 $_ctx->addMessagesList(__('Following plugins have been installed:'),$plugins_install['success']); 53 } 54 if (!empty($plugins_install['failure'])) { 55 $_ctx->addMessagesList(__('Following plugins have not been installed:'),$plugins_install['failure']); 56 } 57 58 # Send plugins errors messages to templates 59 $_ctx->modules_errors = $core->auth->isSuperAdmin() ? $core->plugins->getErrors() : array(); 60 61 # Send Dotclear updates notifications to tempaltes 62 $_ctx->updater = array(); 63 if ($core->auth->isSuperAdmin() && is_readable(DC_DIGESTS)) { 64 65 $updater = new dcUpdate(DC_UPDATE_URL,'dotclear',DC_UPDATE_VERSION,DC_TPL_CACHE.'/versions'); 66 $new_v = $updater->check(DC_VERSION); 67 $version_info = $new_v ? $updater->getInfoURL() : ''; 68 69 if ($updater->getNotify() && $new_v) { 70 $_ctx->updater = array( 71 'new_version' => $new_v, 72 'version_info' => $version_info 73 ); 74 } 75 } 76 45 77 # Check dashboard module prefs 46 78 $ws = $core->auth->user_prefs->addWorkspace('dashboard'); 79 80 # Doclinks prefs 47 81 if (!$core->auth->user_prefs->dashboard->prefExists('doclinks')) { 48 82 if (!$core->auth->user_prefs->dashboard->prefExists('doclinks',true)) { … … 51 85 $core->auth->user_prefs->dashboard->put('doclinks',true,'boolean'); 52 86 } 87 88 # Send doclinks to templates 89 $_ctx->dashboard_doclinks = array(); 90 if ($core->auth->user_prefs->dashboard->doclinks && !empty($__resources['doc'])) { 91 $_ctx->dashboard_doclinks = $__resources['doc']; 92 } 93 94 # Dcnews prefs 53 95 if (!$core->auth->user_prefs->dashboard->prefExists('dcnews')) { 54 96 if (!$core->auth->user_prefs->dashboard->prefExists('dcnews',true)) { … … 57 99 $core->auth->user_prefs->dashboard->put('dcnews',true,'boolean'); 58 100 } 101 102 # Send dcnews to templates 103 $_ctx->dashboard_dcnews = array(); 104 if ($core->auth->user_prefs->dashboard->dcnews && !empty($__resources['rss_news'])) { 105 try 106 { 107 $feed_reader = new feedReader; 108 $feed_reader->setCacheDir(DC_TPL_CACHE); 109 $feed_reader->setTimeout(2); 110 $feed_reader->setUserAgent('Dotclear - http://www.dotclear.org/'); 111 $feed = $feed_reader->parse($__resources['rss_news']); 112 if ($feed) { 113 $items = array(); 114 $i = 1; 115 foreach ($feed->items as $item) { 116 $items[] = array( 117 'title' => $item->title, 118 'link' => isset($item->link) ? $item->link : '', 119 'date' => dt::dt2str(__('%d %B %Y'),$item->pubdate,'Europe/Paris'), 120 'content' => html::clean($item->content) 121 ); 122 $i++; 123 if ($i > 3) { break; } 124 } 125 $_ctx->dashboard_dcnews = $items; 126 } 127 } 128 catch (Exception $e) {} 129 } 130 131 # Quick entry prefs 59 132 if (!$core->auth->user_prefs->dashboard->prefExists('quickentry')) { 60 133 if (!$core->auth->user_prefs->dashboard->prefExists('quickentry',true)) { 61 $core->auth->user_prefs->dashboard->put('quickentry',false,'boolean','',null,true); 62 } 63 $core->auth->user_prefs->dashboard->put('quickentry',false,'boolean'); 64 } 65 66 // Handle folded/unfolded sections in admin from user preferences 67 $ws = $core->auth->user_prefs->addWorkspace('toggles'); 68 if (!$core->auth->user_prefs->toggles->prefExists('unfolded_sections')) { 69 $core->auth->user_prefs->toggles->put('unfolded_sections','','string','Folded sections in admin',null,true); 70 } 71 134 $core->auth->user_prefs->dashboard->put('quickentry',true,'boolean','',null,true); 135 } 136 $core->auth->user_prefs->dashboard->put('quickentry',true,'boolean'); 137 } 138 139 # Send quick entry to templates 140 $_ctx->dashboard_quickentry = false; 141 if ($core->auth->user_prefs->dashboard->quickentry &&$core->auth->check('usage,contentadmin',$core->blog->id)) 142 { 143 $categories_combo = array(' ' => ''); 144 try { 145 $categories = $core->blog->getCategories(array('post_type'=>'post')); 146 while ($categories->fetch()) { 147 $categories_combo[$categories->cat_id] = 148 str_repeat(' ',$categories->level-1). 149 ($categories->level-1 == 0 ? '' : '• '). 150 html::escapeHTML($categories->cat_title); 151 } 152 } catch (Exception $e) { } 153 154 $form = new dcForm($core,array('quickentry','quick-entry'),'post.php'); 155 $form 156 ->addField( 157 new dcFieldText('post_title','', array( 158 'size' => 20, 159 'required' => true, 160 'label' => __('Title')))) 161 ->addField( 162 new dcFieldTextArea('post_content','', array( 163 'required' => true, 164 'label' => __("Content:")))) 165 ->addField( 166 new dcFieldCombo('cat_id','',$categories_combo,array( 167 "label" => __('Category:')))) 168 ->addField( 169 new dcFieldSubmit('save',__('Save'),array( 170 'action' => 'savePost'))) 171 ->addField( 172 new dcFieldHidden ('post_status',-2)) 173 ->addField( 174 new dcFieldHidden ('post_format',$core->auth->getOption('post_format'))) 175 ->addField( 176 new dcFieldHidden ('post_excerpt','')) 177 ->addField( 178 new dcFieldHidden ('post_lang',$core->auth->getInfo('user_lang'))) 179 ->addField( 180 new dcFieldHidden ('post_notes','')) 181 ; 182 if ($core->auth->check('publish',$core->blog->id)) { 183 $form->addField( 184 new dcFieldHidden ('save-publish',__('Save and publish'))); 185 } 186 187 $_ctx->dashboard_quickentry = true; 188 } 72 189 73 190 # Dashboard icons … … 76 193 $favs = $core->favs->getUserFavorites(); 77 194 $core->favs->appendDashboardIcons($__dashboard_icons); 195 78 196 79 197 # Check plugins and themes update from repository … … 101 219 102 220 $dashboardItem = 0; 221 103 222 104 223 if ($core->auth->user_prefs->dashboard->dcnews) { … … 168 287 $core->callBehavior('adminDashboardContents', $core, $__dashboard_contents); 169 288 170 # Editor stuff 171 $admin_post_behavior = ''; 172 if ($core->auth->user_prefs->dashboard->quickentry) { 173 if ($core->auth->check('usage,contentadmin',$core->blog->id)) 174 { 175 $post_format = $core->auth->getOption('post_format'); 176 $post_editor = $core->auth->getOption('editor'); 177 if ($post_editor && !empty($post_editor[$post_format])) { 178 // context is not post because of tags not available 179 $admin_post_behavior = $core->callBehavior('adminPostEditor', $post_editor[$post_format], 'quickentry', array('#post_content')); 180 } 181 } 182 } 183 184 /* DISPLAY 185 -------------------------------------------------------- */ 186 dcPage::open(__('Dashboard'), 187 dcPage::jsLoad('js/_index.js'). 188 $admin_post_behavior. 189 # --BEHAVIOR-- adminDashboardHeaders 190 $core->callBehavior('adminDashboardHeaders'), 191 dcPage::breadcrumb( 192 array( 193 __('Dashboard').' : '.html::escapeHTML($core->blog->name) => '' 194 ), 195 array('home_link' =>false) 196 ) 197 ); 198 199 # Dotclear updates notifications 200 if ($core->auth->isSuperAdmin() && is_readable(DC_DIGESTS)) 201 { 202 $updater = new dcUpdate(DC_UPDATE_URL,'dotclear',DC_UPDATE_VERSION,DC_TPL_CACHE.'/versions'); 203 $new_v = $updater->check(DC_VERSION); 204 $version_info = $new_v ? $updater->getInfoURL() : ''; 205 206 if ($updater->getNotify() && $new_v) { 207 echo 208 '<div class="dc-update"><h3>'.sprintf(__('Dotclear %s is available!'),$new_v).'</h3> '. 209 '<p><a class="button submit" href="'.$core->adminurl->get("admin.update").'">'.sprintf(__('Upgrade now'),$new_v).'</a> '. 210 '<a class="button" href="'.$core->adminurl->get("admin.update", array('hide_msg' => 1)).'">'.__('Remind me later').'</a>'. 211 ($version_info ? ' </p>'. 212 '<p class="updt-info"><a href="'.$version_info.'">'.__('Information about this version').'</a>' : '').'</p>'. 213 '</div>'; 214 } 215 } 216 217 if ($core->auth->getInfo('user_default_blog') != $core->blog->id && $core->auth->getBlogCount() > 1) { 218 echo 219 '<p><a href="'.$core->adminurl->get("admin.home",array('default_blog' => 1)).'" class="button">'.__('Make this blog my default blog').'</a></p>'; 220 } 221 289 # Blog status message 222 290 if ($core->blog->status == 0) { 223 echo '<p class="static-msg">'.__('This blog is offline').'.</p>';291 $_ctx->addMessageStatic(__('This blog is offline')); 224 292 } elseif ($core->blog->status == -1) { 225 echo '<p class="static-msg">'.__('This blog is removed').'.</p>'; 226 } 227 293 $_ctx->addMessageStatic(__('This blog is removed')); 294 } 295 296 # Config errors messages 228 297 if (!defined('DC_ADMIN_URL') || !DC_ADMIN_URL) { 229 echo 230 '<p class="static-msg">'. 231 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_URL'). 232 ' '.__('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.'). 233 '</p>'; 234 } 235 298 $_ctx->addMessageStatic( 299 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_URL').' '. 300 __('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.') 301 ); 302 } 236 303 if (!defined('DC_ADMIN_MAILFROM') || !DC_ADMIN_MAILFROM) { 237 echo 238 '<p class="static-msg">'. 239 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_MAILFROM'). 240 ' '.__('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.'). 241 '</p>'; 242 } 243 244 $err = array(); 245 246 # Check cache directory 247 if ( $core->auth->isSuperAdmin() ) { 248 if (!is_dir(DC_TPL_CACHE) || !is_writable(DC_TPL_CACHE)) { 249 $err[] = '<p>'.__("The cache directory does not exist or is not writable. You must create this directory with sufficient rights and affect this location to \"DC_TPL_CACHE\" in inc/config.php file.").'</p>'; 250 } 251 } else { 252 if (!is_dir(DC_TPL_CACHE) || !is_writable(DC_TPL_CACHE)) { 253 $err[] = '<p>'.__("The cache directory does not exist or is not writable. You should contact your administrator.").'</p>'; 254 } 255 } 256 257 # Check public directory 258 if ( $core->auth->isSuperAdmin() ) { 259 if (!is_dir($core->blog->public_path) || !is_writable($core->blog->public_path)) { 260 $err[] = '<p>'.__("There is no writable directory /public/ at the location set in about:config \"public_path\". You must create this directory with sufficient rights (or change this setting).").'</p>'; 261 } 262 } else { 263 if (!is_dir($core->blog->public_path) || !is_writable($core->blog->public_path)) { 264 $err[] = '<p>'.__("There is no writable root directory for the media manager. You should contact your administrator.").'</p>'; 265 } 266 } 267 268 # Error list 269 if (count($err) > 0) { 270 echo '<div class="error"><p><strong>'.__('Error:').'</strong></p>'. 271 '<ul><li>'.implode("</li><li>",$err).'</li></ul></div>'; 272 } 273 274 # Plugins install messages 275 if (!empty($plugins_install['success'])) 276 { 277 echo '<div class="success">'.__('Following plugins have been installed:').'<ul>'; 278 foreach ($plugins_install['success'] as $k => $v) { 279 echo '<li>'.$k.'</li>'; 280 } 281 echo '</ul></div>'; 282 } 283 if (!empty($plugins_install['failure'])) 284 { 285 echo '<div class="error">'.__('Following plugins have not been installed:').'<ul>'; 286 foreach ($plugins_install['failure'] as $k => $v) { 287 echo '<li>'.$k.' ('.$v.')</li>'; 288 } 289 echo '</ul></div>'; 290 } 291 # Errors modules notifications 292 if ($core->auth->isSuperAdmin()) 293 { 294 $list = $core->plugins->getErrors(); 295 if (!empty($list)) { 296 echo 297 '<div class="error" id="module-errors" class="error"><p>'.__('Errors have occured with following plugins:').'</p> '. 298 '<ul><li>'.implode("</li>\n<li>", $list).'</li></ul></div>'; 299 } 300 } 301 302 # Dashboard columns (processed first, as we need to know the result before displaying the icons.) 303 $dashboardItems = ''; 304 305 foreach ($__dashboard_items as $i) 306 { 307 if ($i->count() > 0) 308 { 309 $dashboardItems .= ''; 310 foreach ($i as $v) { 311 $dashboardItems .= $v; 312 } 313 $dashboardItems .= ''; 314 } 315 } 316 317 # Dashboard elements 318 echo '<div id="dashboard-main">'; 319 320 # Dashboard icons 321 echo '<div id="icons">'; 322 foreach ($__dashboard_icons as $i) 323 { 324 echo 325 '<p><a href="'.$i[1].'"><img src="'.dc_admin_icon_url($i[2]).'" alt="" />'. 326 '<br /><span>'.$i[0].'</span></a></p>'; 327 } 328 echo '</div>'; 329 330 if ($core->auth->user_prefs->dashboard->quickentry) { 331 if ($core->auth->check('usage,contentadmin',$core->blog->id)) 332 { 333 # Getting categories 334 $categories_combo = dcAdminCombos::getCategoriesCombo( 335 $core->blog->getCategories(array('post_type'=>'post')) 336 ); 337 338 echo 339 '<div id="quick">'. 340 '<h3>'.__('Quick entry').'</h3>'. 341 '<form id="quick-entry" action="'.$core->adminurl->get('admin.post').'" method="post" class="fieldset">'. 342 '<h4>'.__('New entry').'</h4>'. 343 '<p class="col"><label for="post_title" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Title:').'</label>'. 344 form::field('post_title',20,255,'','maximal'). 345 '</p>'. 346 '<p class="area"><label class="required" '. 347 'for="post_content"><abbr title="'.__('Required field').'">*</abbr> '.__('Content:').'</label> '. 348 form::textarea('post_content',50,10). 349 '</p>'. 350 '<p><label for="cat_id" class="classic">'.__('Category:').'</label> '. 351 form::combo('cat_id',$categories_combo).'</p>'. 352 ($core->auth->check('categories', $core->blog->id) 353 ? '<div>'. 354 '<p id="new_cat" class="q-cat">'.__('Add a new category').'</p>'. 355 '<p class="q-cat"><label for="new_cat_title">'.__('Title:').'</label> '. 356 form::field('new_cat_title',30,255,'','').'</p>'. 357 '<p class="q-cat"><label for="new_cat_parent">'.__('Parent:').'</label> '. 358 form::combo('new_cat_parent',$categories_combo,'',''). 359 '</p>'. 360 '<p class="form-note info clear">'.__('This category will be created when you will save your post.').'</p>'. 361 '</div>' 362 : ''). 363 '<p><input type="submit" value="'.__('Save').'" name="save" /> '. 364 ($core->auth->check('publish',$core->blog->id) 365 ? '<input type="hidden" value="'.__('Save and publish').'" name="save-publish" />' 366 : ''). 367 $core->formNonce(). 368 form::hidden('post_status',-2). 369 form::hidden('post_format',$core->auth->getOption('post_format')). 370 form::hidden('post_excerpt',''). 371 form::hidden('post_lang',$core->auth->getInfo('user_lang')). 372 form::hidden('post_notes',''). 373 '</p>'. 374 '</form>'. 375 '</div>'; 376 } 377 } 378 379 foreach ($__dashboard_contents as $i) 380 { 381 if ($i->count() > 0) 382 { 383 $dashboardContents .= ''; 384 foreach ($i as $v) { 385 $dashboardContents .= $v; 386 } 387 $dashboardContents .= ''; 388 } 389 } 390 391 if ($dashboardContents != '' || $dashboardItems != '') { 392 echo 393 '<div id="dashboard-boxes">'. 394 '<div class="db-items">'.$dashboardItems.$dashboardContents.'</div>'. 395 '</div>'; 396 } 397 398 echo '</div>'; #end dashboard-main 399 dcPage::helpBlock('core_dashboard'); 400 dcPage::close(); 304 $_ctx->addMessageStatic( 305 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_MAILFROM').' '. 306 __('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.') 307 ); 308 } 309 $_ctx->dashboard_icons = $__dashboard_icons; 310 //print_r($__dashboard_icons);exit; 311 $_ctx->setBreadCrumb(__('Dashboard').' : '.html::escapeHTML($core->blog->name), false); 312 $core->tpl->display('index.html.twig'); 313 ?> -
admin/post.php
r2907 r2911 15 15 dcPage::check('usage,contentadmin'); 16 16 17 $post_id = ''; 18 $cat_id = ''; 19 $post_dt = ''; 20 $post_format = $core->auth->getOption('post_format'); 21 $post_editor = $core->auth->getOption('editor'); 22 $post_password = ''; 23 $post_url = ''; 24 $post_lang = $core->auth->getInfo('user_lang'); 25 $post_title = ''; 26 $post_excerpt = ''; 27 $post_excerpt_xhtml = ''; 28 $post_content = ''; 29 $post_content_xhtml = ''; 30 $post_notes = ''; 31 $post_status = $core->auth->getInfo('user_post_status'); 32 $post_selected = false; 33 $post_open_comment = $core->blog->settings->system->allow_comments; 34 $post_open_tb = $core->blog->settings->system->allow_trackbacks; 17 class PostActions 18 { 19 public static function savePost($form) { 20 global $_ctx, $core; 21 if (!$form->can_edit_post) { 22 return; 23 } 24 try { 25 $form->check($_ctx); 26 $form->cat_id = (integer) $form->cat_id; 27 28 if (!empty($form->post_dt)) { 29 try 30 { 31 $post_dt = strtotime($form->post_dt); 32 if ($post_dt == false || $post_dt == -1) { 33 $bad_dt = true; 34 throw new Exception(__('Invalid publication date')); 35 } 36 $form->post_dt = date('Y-m-d H:i',$post_dt); 37 } 38 catch (Exception $e) 39 { 40 $core->error->add($e->getMessage()); 41 } 42 } 43 $post_excerpt = $form->post_excerpt; 44 $post_content = $form->post_content; 45 $post_excerpt_xhtml = ''; 46 $post_content_xhtml = ''; 47 $core->blog->setPostContent( 48 $form->id,$form->post_format,$form->post_lang, 49 $post_excerpt,$post_excerpt_xhtml,$post_content,$post_content_xhtml 50 ); 51 $form->post_excerpt = $post_excerpt; 52 $form->post_content = $post_content; 53 $form->post_excerpt_xhtml = $post_excerpt_xhtml; 54 $form->post_content_xhtml = $post_content_xhtml; 55 56 $cur = $core->con->openCursor($core->prefix.'post'); 57 58 $cur->post_title = $form->post_title; 59 $cur->cat_id = $form->cat_id ? $form->cat_id : null; 60 $cur->post_dt = $form->post_dt ? date('Y-m-d H:i:00',strtotime($form->post_dt)) : ''; 61 $cur->post_format = $form->post_format; 62 $cur->post_password = $form->post_password; 63 $cur->post_lang = $form->post_lang; 64 $cur->post_title = $form->post_title; 65 $cur->post_excerpt = $form->post_excerpt; 66 $cur->post_excerpt_xhtml = $form->post_excerpt_xhtml; 67 $cur->post_content = $form->post_content; 68 $cur->post_content_xhtml = $form->post_content_xhtml; 69 $cur->post_notes = $form->post_notes; 70 $cur->post_status = $form->post_status; 71 $cur->post_selected = (integer) $form->post_selected; 72 $cur->post_open_comment = (integer) $form->post_open_comment; 73 $cur->post_open_tb = (integer) $form->post_open_tb; 74 75 if (!empty($form->post_url)) { 76 $cur->post_url = $form->post_url; 77 } 78 79 # Update post 80 if ($form->id) 81 { 82 # --BEHAVIOR-- adminBeforePostUpdate 83 $core->callBehavior('adminBeforePostUpdate',$cur,$form->id); 84 85 $core->blog->updPost($form->id,$cur); 86 87 # --BEHAVIOR-- adminAfterPostUpdate 88 $core->callBehavior('adminAfterPostUpdate',$cur,$form->id); 89 http::redirect('post.php?id='.$form->id.'&upd=1'); 90 } 91 else 92 { 93 $cur->user_id = $core->auth->userID(); 94 # --BEHAVIOR-- adminBeforePostCreate 95 $core->callBehavior('adminBeforePostCreate',$cur); 96 97 $return_id = $core->blog->addPost($cur); 98 99 # --BEHAVIOR-- adminAfterPostCreate 100 $core->callBehavior('adminAfterPostCreate',$cur,$return_id); 101 102 http::redirect('post.php?id='.$return_id.'&crea=1'); 103 } 104 105 } catch (Exception $e) { 106 $_ctx->addError($e->getMessage()); 107 } 108 } 109 public static function deletePost($form) { 110 global $core,$_ctx; 111 if ($form->can_delete) { 112 try { 113 $post_id = $form->id; 114 $core->callBehavior('adminBeforePostDelete',$post_id); 115 $core->blog->delPost($post_id); 116 http::redirect('posts.php'); 117 exit; 118 } catch (Exception $e) { 119 $_ctx->addError($e->getMessage()); 120 } 121 } 122 } 123 } 35 124 36 125 $page_title = __('New entry'); 37 126 $post_id=''; 38 127 $can_view_page = true; 39 128 $can_edit_post = $core->auth->check('usage,contentadmin',$core->blog->id); … … 41 130 $can_delete = false; 42 131 43 $post_headlink = '<link rel="%s" title="%s" href="'.$core->adminurl->get('admin.post',array('id' => "%s"),'&',true).'" />'; 44 $post_link = '<a href="'.$core->adminurl->get('admin.post',array('id' => "%s"),'&',true).'" title="%s">%s</a>'; 132 $post_headlink = '<link rel="%s" title="%s" href="post.php?id=%s" />'; 133 $post_link = '<a href="post.php?id=%s" title="%s">%s</a>'; 134 45 135 $next_link = $prev_link = $next_headlink = $prev_headlink = null; 46 136 47 137 # If user can't publish 48 138 if (!$can_publish) { 49 $ post_status = -2;139 $form->post_status = -2; 50 140 } 51 141 52 142 # Getting categories 53 $categories_combo = dcAdminCombos::getCategoriesCombo( 54 $core->blog->getCategories(array('post_type'=>'post')) 55 ); 56 57 $status_combo = dcAdminCombos::getPostStatusesCombo(); 58 59 $img_status_pattern = '<img class="img_select_option" alt="%1$s" title="%1$s" src="images/%2$s" />'; 60 61 # Formats combo 62 $core_formaters = $core->getFormaters(); 63 $available_formats = array('' => ''); 64 foreach ($core_formaters as $editor => $formats) { 65 foreach ($formats as $format) { 66 $available_formats[$format] = $format; 67 } 143 $categories_combo = array(' ' => ''); 144 try { 145 $categories = $core->blog->getCategories(array('post_type'=>'post')); 146 while ($categories->fetch()) { 147 $categories_combo[$categories->cat_id] = 148 str_repeat(' ',$categories->level-1). 149 ($categories->level-1 == 0 ? '' : '• '). 150 html::escapeHTML($categories->cat_title); 151 } 152 } catch (Exception $e) { } 153 154 # Status combo 155 foreach ($core->blog->getAllPostStatus() as $k => $v) { 156 $status_combo[$k] = $v; 157 } 158 159 # Formaters combo 160 foreach ($core->getFormaters() as $v) { 161 $formaters_combo[$v] = $v; 68 162 } 69 163 70 164 # Languages combo 71 165 $rs = $core->blog->getLangs(array('order'=>'asc')); 72 $lang_combo = dcAdminCombos::getLangsCombo($rs,true); 73 74 # Validation flag 75 $bad_dt = false; 76 77 # Trackbacks 78 $TB = new dcTrackback($core); 79 $tb_urls = $tb_excerpt = ''; 80 166 $all_langs = l10n::getISOcodes(0,1); 167 $lang_combo = array('' => '', __('Most used') => array(), __('Available') => l10n::getISOcodes(0,1)); 168 while ($rs->fetch()) { 169 if (isset($all_langs[$rs->post_lang])) { 170 $lang_combo[__('Most used')][$rs->post_lang] = $all_langs[$rs->post_lang]; 171 unset($lang_combo[__('Available')][$rs->post_lang]); 172 } else { 173 $lang_combo[__('Most used')][$rs->post_lang] = $all_langs[$rs->post_lang]; 174 } 175 } 176 unset($all_langs); 177 unset($rs); 178 179 $form = new dcForm($core,'post','post.php'); 180 $form 181 ->addField( 182 new dcFieldText('post_title','', array( 183 'maxlength' => 255, 184 'required' => true, 185 'label' => __('Title:')))) 186 ->addField( 187 new dcFieldTextArea('post_excerpt','', array( 188 'cols' => 50, 189 'rows' => 5, 190 'label' => __("Excerpt:").'<span class="form-note">'. 191 __('Add an introduction to the post.').'</span>'))) 192 ->addField( 193 new dcFieldTextArea('post_content','', array( 194 'required' => true, 195 'label' => __("Content:")))) 196 ->addField( 197 new dcFieldTextArea('post_notes','', array( 198 'label' => __("Notes")))) 199 ->addField( 200 new dcFieldSubmit('save',__('Save'),array( 201 'action' => array('PostActions','savePost')))) 202 ->addField( 203 new dcFieldSubmit('delete',__('Delete'),array( 204 'action' => array('PostActions','deletePost')))) 205 ->addField( 206 new dcFieldCombo('post_status',$core->auth->getInfo('user_post_status'),$status_combo,array( 207 'disabled' => !$can_publish, 208 'label' => __('Entry status')))) 209 ->addField( 210 new dcFieldCombo('cat_id','',$categories_combo,array( 211 "label" => __('Category')))) 212 ->addField( 213 new dcFieldCombo('new_cat_parent','',$categories_combo,array( 214 "label" => __('Parent:')))) 215 ->addField( 216 new dcFieldText('new_cat_title','', array( 217 'maxlength' => 255, 218 'label' => __('Title')))) 219 220 ->addField( 221 new dcFieldText('post_dt','',array( 222 "label" => __('Publication date and hour')))) 223 ->addField( 224 new dcFieldCombo('post_format',$core->auth->getOption('post_format'),$formaters_combo,array( 225 "label" => __('Text formating')))) 226 ->addField( 227 new dcFieldCheckbox ('post_open_comment',$core->blog->settings->system->allow_comments,array( 228 "label" => __('Accept comments')))) 229 ->addField( 230 new dcFieldCheckbox ('post_open_tb',$core->blog->settings->system->allow_trackbacks,array( 231 "label" => __('Accept trackbacks')))) 232 ->addField( 233 new dcFieldCheckbox ('post_selected',array(1=>false),array( 234 "label" => __('Selected entry')))) 235 ->addField( 236 new dcFieldCombo ('post_lang',$core->auth->getInfo('user_lang'),$lang_combo, array( 237 "label" => __('Entry lang:')))) 238 ->addField( 239 new dcFieldText('post_password','',array( 240 "maxlength" => 32, 241 "label" => __('Entry password:')))) 242 ->addField( 243 new dcFieldText('post_url','',array( 244 "maxlength" => 255, 245 "label" => __('Basename:')))) 246 ->addField( 247 new dcFieldHidden ('id','')) 248 ; 81 249 # Get entry informations 82 if (!empty($_REQUEST['id'])) { 83 $page_title = __('Edit entry'); 84 250 if (!empty($_REQUEST['id'])) 251 { 85 252 $params['post_id'] = $_REQUEST['id']; 86 253 87 254 $post = $core->blog->getPosts($params); 88 89 if ($post->isEmpty()) { 255 256 if ($post->isEmpty()) 257 { 90 258 $core->error->add(__('This entry does not exist.')); 91 259 $can_view_page = false; 92 } else {93 $post_id = $post->post_id;94 $cat_id = $post->cat_id;95 $ post_dt = date('Y-m-d H:i',strtotime($post->post_dt));96 $ post_format = $post->post_format;97 $ post_password = $post->post_password;98 $ post_url = $post->post_url;99 $ post_lang = $post->post_lang;100 $ post_title = $post->post_title;101 $ post_excerpt = $post->post_excerpt;102 $ post_excerpt_xhtml = $post->post_excerpt_xhtml;103 $ post_content = $post->post_content;104 $ post_content_xhtml = $post->post_content_xhtml;105 $ post_notes = $post->post_notes;106 $ post_status = $post->post_status;107 $ post_selected = (boolean) $post->post_selected;108 $ post_open_comment = (boolean) $post->post_open_comment;109 $ post_open_tb = (boolean) $post->post_open_tb;110 111 $ can_edit_post = $post->isEditable();112 $ can_delete= $post->isDeletable();113 260 } 261 else 262 { 263 $form->id = $post_id = $post->post_id; 264 $form->cat_id = $post->cat_id; 265 $form->post_dt = date('Y-m-d H:i',strtotime($post->post_dt)); 266 $form->post_format = $post->post_format; 267 $form->post_password = $post->post_password; 268 $form->post_url = $post->post_url; 269 $form->post_lang = $post->post_lang; 270 $form->post_title = $post->post_title; 271 $form->post_excerpt = $post->post_excerpt; 272 $form->post_excerpt_xhtml = $post->post_excerpt_xhtml; 273 $form->post_content = $post->post_content; 274 $form->post_content_xhtml = $post->post_content_xhtml; 275 $form->post_notes = $post->post_notes; 276 $form->post_status = $post->post_status; 277 $form->post_selected = (boolean) $post->post_selected; 278 $form->post_open_comment = (boolean) $post->post_open_comment; 279 $form->post_open_tb = (boolean) $post->post_open_tb; 280 $form->can_edit_post = $post->isEditable(); 281 $form->can_delete= $post->isDeletable(); 114 282 $next_rs = $core->blog->getNextPost($post,1); 115 283 $prev_rs = $core->blog->getNextPost($post,-1); 116 284 117 285 if ($next_rs !== null) { 118 $next_link = sprintf($post_link,$next_rs->post_id, 119 html::escapeHTML($next_rs->post_title),__('Next entry').' »'); 120 $next_headlink = sprintf($post_headlink,'next', 121 html::escapeHTML($next_rs->post_title),$next_rs->post_id); 122 } 123 286 $_ctx->next_post = array('id' => $next_rs->post_id,'title' => $next_rs->post_title); 287 } 124 288 if ($prev_rs !== null) { 125 $prev_link = sprintf($post_link,$prev_rs->post_id, 126 html::escapeHTML($prev_rs->post_title),'« '.__('Previous entry')); 127 $prev_headlink = sprintf($post_headlink,'previous', 128 html::escapeHTML($prev_rs->post_title),$prev_rs->post_id); 129 } 130 131 try { 132 $core->media = new dcMedia($core); 133 } catch (Exception $e) { 134 $core->error->add($e->getMessage()); 135 } 136 137 # Sanitize trackbacks excerpt 138 $tb_excerpt = empty($_POST['tb_excerpt']) ? 139 $post_excerpt_xhtml.' '.$post_content_xhtml : 140 $_POST['tb_excerpt']; 141 $tb_excerpt = html::decodeEntities(html::clean($tb_excerpt)); 142 $tb_excerpt = text::cutString(html::escapeHTML($tb_excerpt), 255); 143 $tb_excerpt = preg_replace('/\s+/ms', ' ', $tb_excerpt); 144 } 145 } 146 if (isset($_REQUEST['section']) && $_REQUEST['section']=='trackbacks') { 147 $anchor = 'trackbacks'; 148 } else { 149 $anchor = 'comments'; 150 } 151 152 $comments_actions_page = new dcCommentsActionsPage($core,$core->adminurl->get('admin.post'),array('id' => $post_id, '_ANCHOR'=>$anchor,'section' => $anchor)); 153 154 if ($comments_actions_page->process()) { 155 return; 156 } 157 158 # Ping blogs 159 if (!empty($_POST['ping'])) 160 { 161 if (!empty($_POST['tb_urls']) && $post_id && $post_status == 1 && $can_edit_post) 162 { 163 $tb_urls = $_POST['tb_urls']; 164 $tb_urls = str_replace("\r", '', $tb_urls); 165 $tb_post_title = html::escapeHTML(trim(html::clean($post_title))); 166 $tb_post_url = $post->getURL(); 167 168 foreach (explode("\n", $tb_urls) as $tb_url) 169 { 170 try { 171 $TB->ping($tb_url, $post_id, $tb_post_title, $tb_excerpt, $tb_post_url); 172 } catch (Exception $e) { 173 $core->error->add($e->getMessage()); 174 } 175 } 176 177 if (!$core->error->flag()) { 178 dcPage::addSuccessNotice(__('All pings sent.')); 179 $core->adminurl->redirect( 180 'admin.post', 181 array('id' => $post_id, 'tb'=> '1') 182 ); 183 } 184 } 185 } 186 187 # Format excerpt and content 188 elseif (!empty($_POST) && $can_edit_post) { 189 $post_format = $_POST['post_format']; 190 $post_excerpt = $_POST['post_excerpt']; 191 $post_content = $_POST['post_content']; 192 193 $post_title = $_POST['post_title']; 194 195 $cat_id = (integer) $_POST['cat_id']; 196 197 if (isset($_POST['post_status'])) { 198 $post_status = (integer) $_POST['post_status']; 199 } 200 201 if (empty($_POST['post_dt'])) { 202 $post_dt = ''; 203 } else { 204 try 205 { 206 $post_dt = strtotime($_POST['post_dt']); 207 if ($post_dt == false || $post_dt == -1) { 208 $bad_dt = true; 209 throw new Exception(__('Invalid publication date')); 210 } 211 $post_dt = date('Y-m-d H:i',$post_dt); 212 } 213 catch (Exception $e) 214 { 215 $core->error->add($e->getMessage()); 216 } 217 } 218 219 $post_open_comment = !empty($_POST['post_open_comment']); 220 $post_open_tb = !empty($_POST['post_open_tb']); 221 $post_selected = !empty($_POST['post_selected']); 222 $post_lang = $_POST['post_lang']; 223 $post_password = !empty($_POST['post_password']) ? $_POST['post_password'] : null; 224 225 $post_notes = $_POST['post_notes']; 226 227 if (isset($_POST['post_url'])) { 228 $post_url = $_POST['post_url']; 229 } 230 231 $core->blog->setPostContent( 232 $post_id,$post_format,$post_lang, 233 $post_excerpt,$post_excerpt_xhtml,$post_content,$post_content_xhtml 234 ); 235 } 236 237 # Delete post 238 if (!empty($_POST['delete']) && $can_delete) 239 { 240 try { 241 # --BEHAVIOR-- adminBeforePostDelete 242 $core->callBehavior('adminBeforePostDelete',$post_id); 243 $core->blog->delPost($post_id); 244 $core->adminurl->redirect("admin.posts"); 245 } catch (Exception $e) { 246 $core->error->add($e->getMessage()); 247 } 248 } 249 250 # Create or update post 251 if (!empty($_POST) && !empty($_POST['save']) && $can_edit_post && !$bad_dt) 252 { 253 # Create category 254 if (!empty($_POST['new_cat_title']) && $core->auth->check('categories', $core->blog->id)) { 255 256 $cur_cat = $core->con->openCursor($core->prefix.'category'); 257 $cur_cat->cat_title = $_POST['new_cat_title']; 258 $cur_cat->cat_url = ''; 259 260 $parent_cat = !empty($_POST['new_cat_parent']) ? $_POST['new_cat_parent'] : ''; 261 262 # --BEHAVIOR-- adminBeforeCategoryCreate 263 $core->callBehavior('adminBeforeCategoryCreate', $cur_cat); 264 265 $cat_id = $core->blog->addCategory($cur_cat, (integer) $parent_cat); 266 267 # --BEHAVIOR-- adminAfterCategoryCreate 268 $core->callBehavior('adminAfterCategoryCreate', $cur_cat, $cat_id); 269 } 270 271 $cur = $core->con->openCursor($core->prefix.'post'); 272 273 $cur->post_title = $post_title; 274 $cur->cat_id = ($cat_id ? $cat_id : null); 275 $cur->post_dt = $post_dt ? date('Y-m-d H:i:00',strtotime($post_dt)) : ''; 276 $cur->post_format = $post_format; 277 $cur->post_password = $post_password; 278 $cur->post_lang = $post_lang; 279 $cur->post_title = $post_title; 280 $cur->post_excerpt = $post_excerpt; 281 $cur->post_excerpt_xhtml = $post_excerpt_xhtml; 282 $cur->post_content = $post_content; 283 $cur->post_content_xhtml = $post_content_xhtml; 284 $cur->post_notes = $post_notes; 285 $cur->post_status = $post_status; 286 $cur->post_selected = (integer) $post_selected; 287 $cur->post_open_comment = (integer) $post_open_comment; 288 $cur->post_open_tb = (integer) $post_open_tb; 289 290 if (isset($_POST['post_url'])) { 291 $cur->post_url = $post_url; 292 } 293 294 # Update post 295 if ($post_id) { 296 try { 297 # --BEHAVIOR-- adminBeforePostUpdate 298 $core->callBehavior('adminBeforePostUpdate',$cur,$post_id); 299 300 $core->blog->updPost($post_id,$cur); 301 302 # --BEHAVIOR-- adminAfterPostUpdate 303 $core->callBehavior('adminAfterPostUpdate',$cur,$post_id); 304 dcPage::addSuccessNotice (sprintf(__('The post "%s" has been successfully updated'),html::escapeHTML($cur->post_title))); 305 $core->adminurl->redirect( 306 'admin.post', 307 array('id' => $post_id) 308 ); 309 } catch (Exception $e) { 310 $core->error->add($e->getMessage()); 311 } 312 } else { 313 $cur->user_id = $core->auth->userID(); 314 315 try { 316 # --BEHAVIOR-- adminBeforePostCreate 317 $core->callBehavior('adminBeforePostCreate',$cur); 318 319 $return_id = $core->blog->addPost($cur); 320 321 # --BEHAVIOR-- adminAfterPostCreate 322 $core->callBehavior('adminAfterPostCreate',$cur,$return_id); 323 324 dcPage::addSuccessNotice(__('Entry has been successfully created.')); 325 $core->adminurl->redirect( 326 'admin.post', 327 array('id' => $return_id) 328 ); 329 } catch (Exception $e) { 330 $core->error->add($e->getMessage()); 331 } 332 } 333 } 334 335 # Getting categories 336 $categories_combo = dcAdminCombos::getCategoriesCombo( 337 $core->blog->getCategories(array('post_type'=>'post')) 338 ); 289 $_ctx->prev_post = array('id' => $prev_rs->post_id,'title' => $prev_rs->post_title); 290 } 291 $page_title = __('Edit entry'); 292 293 } 294 } 295 if ($post_id) { 296 $_ctx->post_id = $post->post_id; 297 298 $_ctx->preview_url = 299 $core->blog->url.$core->url->getURLFor('preview',$core->auth->userID().'/'. 300 http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->getInfo('user_pwd')). 301 '/'.$post->post_url); 302 303 304 $form_comment = new dcForm($core,'add-comment','comment.php'); 305 $form_comment 306 ->addField( 307 new dcFieldText('comment_author','', array( 308 'maxlength' => 255, 309 'required' => true, 310 'label' => __('Name:')))) 311 ->addField( 312 new dcFieldText('comment_email','', array( 313 'maxlength' => 255, 314 'required' => true, 315 'label' => __('Email:')))) 316 ->addField( 317 new dcFieldText('comment_site','', array( 318 'maxlength' => 255, 319 'label' => __('Web site:')))) 320 ->addField( 321 new dcFieldTextArea('comment_content','', array( 322 'required' => true, 323 'label' => __('Comment:')))) 324 ->addField( 325 new dcFieldHidden('post_id',$post_id)) 326 ->addField( 327 new dcFieldSubmit('add',__('Save'),array( 328 'action' => 'addComment'))) 329 ; 330 331 332 } 333 334 $form->setup(); 335 336 $sidebar_blocks = new ArrayObject(array( 337 'status-box' => array( 338 'title' => __('Status'), 339 'items' => array('post_status','post_dt','post_lang','post_format')), 340 'metas-box' => array( 341 'title' => __('Ordering'), 342 'items' => array('post_selected','cat_id')), 343 'options-box' => array( 344 'title' => __('Options'), 345 'items' => array('post_open_comment','post_open_tb','post_password','post_url')) 346 )); 347 348 $main_blocks = new ArrayObject(array( 349 "post_title","post_excerpt","post_content","post_notes" 350 )); 351 352 353 $_ctx->sidebar_blocks = $sidebar_blocks; 354 $_ctx->main_blocks = $main_blocks; 355 339 356 /* DISPLAY 340 357 -------------------------------------------------------- */ … … 346 363 $default_tab = 'comments'; 347 364 } 348 elseif (!empty($_GET['tb'])) { 349 $default_tab = 'trackbacks'; 350 } 351 352 if ($post_id) { 353 switch ($post_status) { 354 case 1: 355 $img_status = sprintf($img_status_pattern,__('Published'),'check-on.png'); 356 break; 357 case 0: 358 $img_status = sprintf($img_status_pattern,__('Unpublished'),'check-off.png'); 359 break; 360 case -1: 361 $img_status = sprintf($img_status_pattern,__('Scheduled'),'scheduled.png'); 362 break; 363 case -2: 364 $img_status = sprintf($img_status_pattern,__('Pending'),'check-wrn.png'); 365 break; 366 default: 367 $img_status = ''; 368 } 369 $edit_entry_str = __('“%s”'); 370 $page_title_edit = sprintf($edit_entry_str, html::escapeHTML($post_title)).' '.$img_status; 371 } else { 372 $img_status = ''; 373 } 374 375 376 $admin_post_behavior = ''; 377 if ($post_editor) { 378 $p_edit = $c_edit = ''; 379 if (!empty($post_editor[$post_format])) { 380 $p_edit = $post_editor[$post_format]; 381 } 382 if (!empty($post_editor['xhtml'])) { 383 $c_edit = $post_editor['xhtml']; 384 } 385 if ($p_edit == $c_edit) { 386 $admin_post_behavior .= $core->callBehavior('adminPostEditor', 387 $p_edit,'post',array('#post_excerpt','#post_content','#comment_content')); 388 } else { 389 $admin_post_behavior .= $core->callBehavior('adminPostEditor', 390 $p_edit,'post',array('#post_excerpt','#post_content')); 391 $admin_post_behavior .= $core->callBehavior('adminPostEditor', 392 $c_edit,'comment',array('#comment_content')); 393 } 394 } 395 396 dcPage::open($page_title.' - '.__('Entries'), 397 dcPage::jsDatePicker(). 398 dcPage::jsModal(). 399 dcPage::jsMetaEditor(). 400 $admin_post_behavior. 401 dcPage::jsLoad('js/_post.js'). 402 dcPage::jsConfirmClose('entry-form','comment-form'). 403 # --BEHAVIOR-- adminPostHeaders 404 $core->callBehavior('adminPostHeaders'). 405 dcPage::jsPageTabs($default_tab). 406 $next_headlink."\n".$prev_headlink, 407 dcPage::breadcrumb( 365 $page_title_edit = __('Edit entry'); 366 $_ctx 367 ->setBreadCrumb( 408 368 array( 409 369 html::escapeHTML($core->blog->name) => '', 410 __('Entries') => $core->adminurl->get("admin.posts"),370 __('Entries') => 'posts.php', 411 371 ($post_id ? $page_title_edit : $page_title) => '' 412 )) 413 , array( 414 'x-frame-allow' => $core->blog->url 415 ) 416 ); 372 )) 373 ->default_tab = $default_tab; 374 $_ctx->post_status = $form->post_status; 375 $_ctx->post_title = $form->post_title; 376 if ($form->post_status == 1) { 377 $_ctx->post_url = $post->getURL(); 378 } 417 379 418 380 if (!empty($_GET['upd'])) { 419 dcPage::success(__('Entry has been successfully updated.'));381 $_ctx->setAlert(__('Entry has been successfully updated.')); 420 382 } 421 383 elseif (!empty($_GET['crea'])) { 422 dcPage::success(__('Entry has been successfully created.'));384 $_ctx->setAlert(__('Entry has been successfully created.')); 423 385 } 424 386 elseif (!empty($_GET['attached'])) { 425 dcPage::success(__('File has been successfully attached.'));387 $_ctx->setAlert(__('File has been successfully attached.')); 426 388 } 427 389 elseif (!empty($_GET['rmattach'])) { 428 dcPage::success(__('Attachment has been successfully removed.')); 429 } 430 390 $_ctx->setAlert(__('Attachment has been successfully removed.')); 391 } 431 392 if (!empty($_GET['creaco'])) { 432 dcPage::success(__('Comment has been successfully created.')); 433 } 434 if (!empty($_GET['tbsent'])) { 435 dcPage::success(__('All pings sent.')); 436 } 437 438 # XHTML conversion 439 if (!empty($_GET['xconv'])) 440 { 441 $post_excerpt = $post_excerpt_xhtml; 442 $post_content = $post_content_xhtml; 443 $post_format = 'xhtml'; 444 445 dcPage::message(__('Don\'t forget to validate your XHTML conversion by saving your post.')); 446 } 447 448 if ($post_id && $post->post_status == 1) { 449 echo '<p><a class="onblog_link outgoing" href="'.$post->getURL().'" title="'.$post_title.'">'.__('Go to this entry on the site').' <img src="images/outgoing-blue.png" alt="" /></a></p>'; 450 } 451 if ($post_id) 452 { 453 echo '<p class="nav_prevnext">'; 454 if ($prev_link) { echo $prev_link; } 455 if ($next_link && $prev_link) { echo ' | '; } 456 if ($next_link) { echo $next_link; } 457 458 # --BEHAVIOR-- adminPostNavLinks 459 $core->callBehavior('adminPostNavLinks',isset($post) ? $post : null); 460 461 echo '</p>'; 462 } 463 464 # Exit if we cannot view page 465 if (!$can_view_page) { 466 dcPage::helpBlock('core_post'); 467 dcPage::close(); 468 exit; 469 } 470 /* Post form if we can edit post 471 -------------------------------------------------------- */ 472 if ($can_edit_post) { 473 $sidebar_items = new ArrayObject(array( 474 'status-box' => array( 475 'title' => __('Status'), 476 'items' => array( 477 'post_status' => 478 '<p class="entry-status"><label for="post_status">'.__('Entry status').' '.$img_status.'</label>'. 479 form::combo('post_status',$status_combo,$post_status,'maximal','',!$can_publish). 480 '</p>', 481 'post_dt' => 482 '<p><label for="post_dt">'.__('Publication date and hour').'</label>'. 483 form::field('post_dt',16,16,$post_dt,($bad_dt ? 'invalid' : '')). 484 '</p>', 485 'post_lang' => 486 '<p><label for="post_lang">'.__('Entry language').'</label>'. 487 form::combo('post_lang',$lang_combo,$post_lang). 488 '</p>', 489 'post_format' => 490 '<div>'. 491 '<h5 id="label_format"><label for="post_format" class="classic">'.__('Text formatting').'</label></h5>'. 492 '<p>'.form::combo('post_format',$available_formats,$post_format,'maximal').'</p>'. 493 '<p class="format_control control_no_xhtml">'. 494 '<a id="convert-xhtml" class="button'.($post_id && $post_format != 'wiki' ? ' hide' : '').'" href="'. 495 $core->adminurl->get('admin.post',array('id'=> $post_id,'xconv'=> '1')). 496 '">'. 497 __('Convert to XHTML').'</a></p></div>')), 498 'metas-box' => array( 499 'title' => __('Filing'), 500 'items' => array( 501 'post_selected' => 502 '<p><label for="post_selected" class="classic">'. 503 form::checkbox('post_selected',1,$post_selected).' '. 504 __('Selected entry').'</label></p>', 505 'cat_id' => 506 '<div>'. 507 '<h5 id="label_cat_id">'.__('Category').'</h5>'. 508 '<p><label for="cat_id">'.__('Category:').'</label>'. 509 form::combo('cat_id',$categories_combo,$cat_id,'maximal'). 510 '</p>'. 511 ($core->auth->check('categories', $core->blog->id) ? 512 '<div>'. 513 '<h5 id="create_cat">'.__('Add a new category').'</h5>'. 514 '<p><label for="new_cat_title">'.__('Title:').' '. 515 form::field('new_cat_title',30,255,'','maximal').'</label></p>'. 516 '<p><label for="new_cat_parent">'.__('Parent:').' '. 517 form::combo('new_cat_parent',$categories_combo,'','maximal'). 518 '</label></p>'. 519 '</div>' 520 : ''). 521 '</div>')), 522 'options-box' => array( 523 'title' => __('Options'), 524 'items' => array( 525 'post_open_comment_tb' => 526 '<div>'. 527 '<h5 id="label_comment_tb">'.__('Comments and trackbacks list').'</h5>'. 528 '<p><label for="post_open_comment" class="classic">'. 529 form::checkbox('post_open_comment',1,$post_open_comment).' '. 530 __('Accept comments').'</label></p>'. 531 ($core->blog->settings->system->allow_comments ? 532 (isContributionAllowed($post_id,strtotime($post_dt),true) ? 533 '' : 534 '<p class="form-note warn">'. 535 __('Warning: Comments are not more accepted for this entry.').'</p>') : 536 '<p class="form-note warn">'. 537 __('Comments are not accepted on this blog so far.').'</p>'). 538 '<p><label for="post_open_tb" class="classic">'. 539 form::checkbox('post_open_tb',1,$post_open_tb).' '. 540 __('Accept trackbacks').'</label></p>'. 541 ($core->blog->settings->system->allow_trackbacks ? 542 (isContributionAllowed($post_id,strtotime($post_dt),false) ? 543 '' : 544 '<p class="form-note warn">'. 545 __('Warning: Trackbacks are not more accepted for this entry.').'</p>') : 546 '<p class="form-note warn">'.__('Trackbacks are not accepted on this blog so far.').'</p>'). 547 '</div>', 548 'post_password' => 549 '<p><label for="post_password">'.__('Password').'</label>'. 550 form::field('post_password',10,32,html::escapeHTML($post_password),'maximal'). 551 '</p>', 552 'post_url' => 553 '<div class="lockable">'. 554 '<p><label for="post_url">'.__('Edit basename').'</label>'. 555 form::field('post_url',10,255,html::escapeHTML($post_url),'maximal'). 556 '</p>'. 557 '<p class="form-note warn">'. 558 __('Warning: If you set the URL manually, it may conflict with another entry.'). 559 '</p></div>' 560 )))); 561 562 $main_items = new ArrayObject(array( 563 "post_title" => 564 '<p class="col">'. 565 '<label class="required no-margin bold" for="post_title"><abbr title="'.__('Required field').'">*</abbr> '.__('Title:').'</label>'. 566 form::field('post_title',20,255,html::escapeHTML($post_title),'maximal'). 567 '</p>', 568 569 "post_excerpt" => 570 '<p class="area" id="excerpt-area"><label for="post_excerpt" class="bold">'.__('Excerpt:').' <span class="form-note">'. 571 __('Introduction to the post.').'</span></label> '. 572 form::textarea('post_excerpt',50,5,html::escapeHTML($post_excerpt)). 573 '</p>', 574 575 "post_content" => 576 '<p class="area" id="content-area"><label class="required bold" '. 577 'for="post_content"><abbr title="'.__('Required field').'">*</abbr> '.__('Content:').'</label> '. 578 form::textarea('post_content',50,$core->auth->getOption('edit_size'),html::escapeHTML($post_content)). 579 '</p>', 580 581 "post_notes" => 582 '<p class="area" id="notes-area"><label for="post_notes" class="bold">'.__('Personal notes:').' <span class="form-note">'. 583 __('Unpublished notes.').'</span></label>'. 584 form::textarea('post_notes',50,5,html::escapeHTML($post_notes)). 585 '</p>' 586 ) 587 ); 588 589 # --BEHAVIOR-- adminPostFormItems 590 $core->callBehavior('adminPostFormItems',$main_items,$sidebar_items, isset($post) ? $post : null); 591 592 echo '<div class="multi-part" title="'.($post_id ? __('Edit entry') : __('New entry')).'" id="edit-entry">'; 593 echo '<form action="'.$core->adminurl->get('admin.post').'" method="post" id="entry-form">'; 594 echo '<div id="entry-wrapper">'; 595 echo '<div id="entry-content"><div class="constrained">'; 596 597 echo '<h3 class="out-of-screen-if-js">'.__('Edit post').'</h3>'; 598 599 foreach ($main_items as $id => $item) { 600 echo $item; 601 } 602 603 # --BEHAVIOR-- adminPostForm (may be deprecated) 604 $core->callBehavior('adminPostForm',isset($post) ? $post : null); 605 606 echo 607 '<p class="border-top">'. 608 ($post_id ? form::hidden('id',$post_id) : ''). 609 '<input type="submit" value="'.__('Save').' (s)" '. 610 'accesskey="s" name="save" /> '; 611 if ($post_id) { 612 $preview_url = 613 $core->blog->url.$core->url->getURLFor('preview',$core->auth->userID().'/'. 614 http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->getInfo('user_pwd')). 615 '/'.$post->post_url); 616 echo '<a id="post-preview" href="'.$preview_url.'" class="button modal" accesskey="p">'.__('Preview').' (p)'.'</a> '; 617 } else { 618 echo 619 '<a id="post-cancel" href="'.$core->adminurl->get("admin.home").'" class="button" accesskey="c">'.__('Cancel').' (c)</a>'; 620 } 621 622 echo 623 ($can_delete ? '<input type="submit" class="delete" value="'.__('Delete').'" name="delete" />' : ''). 624 $core->formNonce(). 625 '</p>'; 626 627 echo '</div></div>'; // End #entry-content 628 echo '</div>'; // End #entry-wrapper 629 630 echo '<div id="entry-sidebar" role="complementary">'; 631 632 foreach ($sidebar_items as $id => $c) { 633 echo '<div id="'.$id.'" class="sb-box">'. 634 '<h4>'.$c['title'].'</h4>'; 635 foreach ($c['items'] as $e_name=>$e_content) { 636 echo $e_content; 637 } 638 echo '</div>'; 639 } 640 641 642 # --BEHAVIOR-- adminPostFormSidebar (may be deprecated) 643 $core->callBehavior('adminPostFormSidebar',isset($post) ? $post : null); 644 echo '</div>'; // End #entry-sidebar 645 646 echo '</form>'; 647 648 # --BEHAVIOR-- adminPostForm 649 $core->callBehavior('adminPostAfterForm',isset($post) ? $post : null); 650 651 echo '</div>'; 652 } 653 654 if ($post_id) 655 { 656 /* Comments 657 -------------------------------------------------------- */ 658 659 $params = array('post_id' => $post_id, 'order' => 'comment_dt ASC'); 660 661 $comments = $core->blog->getComments(array_merge($params,array('comment_trackback'=>0))); 662 663 echo 664 '<div id="comments" class="clear multi-part" title="'.__('Comments').'">'; 665 $combo_action = $comments_actions_page->getCombo(); 666 $has_action = !empty($combo_action) && !$comments->isEmpty(); 667 echo 668 '<p class="top-add"><a class="button add" href="#comment-form">'.__('Add a comment').'</a></p>'; 669 670 if ($has_action) { 671 echo '<form action="'.$core->adminurl->get('admin.post').'" id="form-comments" method="post">'; 672 } 673 674 echo '<h3>'.__('Comments').'</h3>'; 675 if (!$comments->isEmpty()) { 676 showComments($comments,$has_action); 677 } else { 678 echo '<p>'.__('No comments').'</p>'; 679 } 680 681 if ($has_action) { 682 echo 683 '<div class="two-cols">'. 684 '<p class="col checkboxes-helpers"></p>'. 685 686 '<p class="col right"><label for="action" class="classic">'.__('Selected comments action:').'</label> '. 687 form::combo('action',$combo_action). 688 form::hidden(array('section'),'comments'). 689 form::hidden(array('id'),$post_id). 690 $core->formNonce(). 691 '<input type="submit" value="'.__('ok').'" /></p>'. 692 '</div>'. 693 '</form>'; 694 } 695 /* Add a comment 696 -------------------------------------------------------- */ 697 698 echo 699 '<div class="fieldset clear">'. 700 '<h3>'.__('Add a comment').'</h3>'. 701 702 '<form action="'.$core->adminurl->get("admin.comment").'" method="post" id="comment-form">'. 703 '<div class="constrained">'. 704 '<p><label for="comment_author" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Name:').'</label>'. 705 form::field('comment_author',30,255,html::escapeHTML($core->auth->getInfo('user_cn'))). 706 '</p>'. 707 708 '<p><label for="comment_email">'.__('Email:').'</label>'. 709 form::field('comment_email',30,255,html::escapeHTML($core->auth->getInfo('user_email'))). 710 '</p>'. 711 712 '<p><label for="comment_site">'.__('Web site:').'</label>'. 713 form::field('comment_site',30,255,html::escapeHTML($core->auth->getInfo('user_url'))). 714 '</p>'. 715 716 '<p class="area"><label for="comment_content" class="required"><abbr title="'.__('Required field').'">*</abbr> '. 717 __('Comment:').'</label> '. 718 form::textarea('comment_content',50,8,html::escapeHTML('')). 719 '</p>'. 720 721 '<p>'. 722 form::hidden('post_id',$post_id). 723 $core->formNonce(). 724 '<input type="submit" name="add" value="'.__('Save').'" /></p>'. 725 '</div>'. #constrained 726 727 '</form>'. 728 '</div>'. #add comment 729 '</div>'; #comments 730 } 731 732 if ($post_id && $post_status == 1) 733 { 734 /* Trackbacks 735 -------------------------------------------------------- */ 736 737 $params = array('post_id' => $post_id, 'order' => 'comment_dt ASC'); 738 $trackbacks = $core->blog->getComments(array_merge($params, array('comment_trackback' => 1))); 739 740 # Actions combo box 741 $combo_action = $comments_actions_page->getCombo(); 742 $has_action = !empty($combo_action) && !$trackbacks->isEmpty(); 743 744 if (!empty($_GET['tb_auto'])) { 745 $tb_urls = implode("\n", $TB->discover($post_excerpt_xhtml.' '.$post_content_xhtml)); 746 } 747 748 # Display tab 749 echo 750 '<div id="trackbacks" class="clear multi-part" title="'.__('Trackbacks').'">'; 751 752 # tracbacks actions 753 if ($has_action) { 754 echo '<form action="'.$core->adminurl->get("admin.post").'" id="form-trackbacks" method="post">'; 755 } 756 757 echo '<h3>'.__('Trackbacks received').'</h3>'; 758 759 if (!$trackbacks->isEmpty()) { 760 showComments($trackbacks, $has_action, true); 761 } else { 762 echo '<p>'.__('No trackback').'</p>'; 763 } 764 765 if ($has_action) { 766 echo 767 '<div class="two-cols">'. 768 '<p class="col checkboxes-helpers"></p>'. 769 770 '<p class="col right"><label for="action" class="classic">'.__('Selected trackbacks action:').'</label> '. 771 form::combo('action', $combo_action). 772 form::hidden('id',$post_id). 773 form::hidden(array('section'),'trackbacks'). 774 $core->formNonce(). 775 '<input type="submit" value="'.__('ok').'" /></p>'. 776 '</div>'. 777 '</form>'; 778 } 779 780 /* Add trackbacks 781 -------------------------------------------------------- */ 782 if ($can_edit_post && $post->post_status) { 783 echo 784 '<div class="fieldset clear">'; 785 786 echo 787 '<h3>'.__('Ping blogs').'</h3>'. 788 '<form action="'.$core->adminurl->get("admin.post",array('id' => $post_id)).'" id="trackback-form" method="post">'. 789 '<p><label for="tb_urls" class="area">'.__('URLs to ping:').'</label>'. 790 form::textarea('tb_urls', 60, 5, $tb_urls). 791 '</p>'. 792 793 '<p><label for="tb_excerpt" class="area">'.__('Excerpt to send:').'</label>'. 794 form::textarea('tb_excerpt', 60, 5, $tb_excerpt).'</p>'. 795 796 '<p>'. 797 $core->formNonce(). 798 '<input type="submit" name="ping" value="'.__('Ping blogs').'" />'. 799 (empty($_GET['tb_auto']) ? 800 ' <a class="button" href="'. 801 $core->adminurl->get("admin.post",array('id'=> $post_id,'tb_auto' => 1,'tb' => 1)). 802 '">'.__('Auto discover ping URLs').'</a>' 803 : ''). 804 '</p>'. 805 '</form>'; 806 807 $pings = $TB->getPostPings($post_id); 808 809 if (!$pings->isEmpty()) 810 { 811 echo '<h3>'.__('Previously sent pings').'</h3>'; 812 813 echo '<ul class="nice">'; 814 while ($pings->fetch()) { 815 echo 816 '<li>'.dt::dt2str(__('%Y-%m-%d %H:%M'), $pings->ping_dt).' - '. 817 $pings->ping_url.'</li>'; 818 } 819 echo '</ul>'; 820 } 821 822 echo '</div>'; 823 } 824 825 echo '</div>'; #trackbacks 826 } 827 828 # Controls comments or trakbacks capabilities 829 function isContributionAllowed($id,$dt,$com=true) 830 { 831 global $core; 832 833 if (!$id) { 834 return true; 835 } 836 if ($com) { 837 if (($core->blog->settings->system->comments_ttl == 0) || 838 (time() - $core->blog->settings->system->comments_ttl*86400 < $dt)) { 839 return true; 840 } 841 } else { 842 if (($core->blog->settings->system->trackbacks_ttl == 0) || 843 (time() - $core->blog->settings->system->trackbacks_ttl*86400 < $dt)) { 844 return true; 845 } 846 } 847 return false; 848 } 849 850 # Show comments or trackbacks 851 function showComments($rs,$has_action,$tb=false) 852 { 853 global $core; 854 echo 855 '<div class="table-outer">'. 856 '<table class="comments-list"><tr>'. 857 '<th colspan="2" class="first">'.__('Author').'</th>'. 858 '<th>'.__('Date').'</th>'. 859 '<th class="nowrap">'.__('IP address').'</th>'. 860 '<th>'.__('Status').'</th>'. 861 '<th>'.__('Edit').'</th>'. 862 '</tr>'; 863 $comments = array(); 864 if (isset($_REQUEST['comments'])) { 865 foreach ($_REQUEST['comments'] as $v) { 866 $comments[(integer)$v]=true; 867 } 868 } 869 870 while($rs->fetch()) 871 { 872 $comment_url = $core->adminurl->get("admin.comment",array('id' => $rs->comment_id)); 873 874 $img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />'; 875 switch ($rs->comment_status) { 876 case 1: 877 $img_status = sprintf($img,__('Published'),'check-on.png'); 878 break; 879 case 0: 880 $img_status = sprintf($img,__('Unpublished'),'check-off.png'); 881 break; 882 case -1: 883 $img_status = sprintf($img,__('Pending'),'check-wrn.png'); 884 break; 885 case -2: 886 $img_status = sprintf($img,__('Junk'),'junk.png'); 887 break; 888 } 889 890 echo 891 '<tr class="line'.($rs->comment_status != 1 ? ' offline' : '').'"'. 892 ' id="c'.$rs->comment_id.'">'. 893 894 '<td class="nowrap">'. 895 ($has_action ? form::checkbox(array('comments[]'),$rs->comment_id,isset($comments[$rs->comment_id]),'','',0,'title="'.($tb ? __('select this trackback') : __('select this comment')).'"') : '').'</td>'. 896 '<td class="maximal">'.html::escapeHTML($rs->comment_author).'</td>'. 897 '<td class="nowrap">'.dt::dt2str(__('%Y-%m-%d %H:%M'),$rs->comment_dt).'</td>'. 898 '<td class="nowrap"><a href="'.$core->adminurl->get("admin.comments",array('ip' => $rs->comment_ip)).'">'.$rs->comment_ip.'</a></td>'. 899 '<td class="nowrap status">'.$img_status.'</td>'. 900 '<td class="nowrap status"><a href="'.$comment_url.'">'. 901 '<img src="images/edit-mini.png" alt="" title="'.__('Edit this comment').'" /> '.__('Edit').'</a></td>'. 902 903 '</tr>'; 904 } 905 906 echo '</table></div>'; 907 } 908 909 dcPage::helpBlock('core_post','core_trackbacks','core_wiki'); 910 dcPage::close(); 393 $_ctx->setAlert(__('Comment has been successfully created.')); 394 } 395 396 $core->tpl->display('post.html.twig'); 397 ?> -
admin/posts.php
r2720 r2911 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 12 12 13 13 require dirname(__FILE__).'/../inc/admin/prepend.php'; 14 14 global $_ctx; 15 15 dcPage::check('usage,contentadmin'); 16 16 … … 47 47 { 48 48 # Filter form we'll put in html_block 49 $users_combo = array_merge( 50 array('-' => ''), 51 dcAdminCombos::getUsersCombo($users) 49 $users_combo = $categories_combo = array(); 50 while ($users->fetch()) 51 { 52 $user_cn = dcUtils::getUserCN($users->user_id,$users->user_name, 53 $users->user_firstname,$users->user_displayname); 54 55 if ($user_cn != $users->user_id) { 56 $user_cn .= ' ('.$users->user_id.')'; 57 } 58 59 $users_combo[$user_cn] = $users->user_id; 60 } 61 62 63 # Getting categories 64 $categories_combo = array(); 65 try { 66 $categories = $core->blog->getCategories(array('post_type'=>'post')); 67 while ($categories->fetch()) { 68 $categories_combo[$categories->cat_id] = 69 str_repeat(' ',$categories->level-1). 70 ($categories->level-1 == 0 ? '' : '• '). 71 html::escapeHTML($categories->cat_title); 72 } 73 } catch (Exception $e) { } 74 $status_combo = array( 52 75 ); 76 foreach ($core->blog->getAllPostStatus() as $k => $v) { 77 $status_combo[(string) $k] = (string)$v; 78 } 79 80 $selected_combo = array( 81 '1' => __('is selected'), 82 '0' => __('is not selected') 83 ); 84 85 # Months array 86 while ($dates->fetch()) { 87 $dt_m_combo[$dates->year().$dates->month()] = dt::str('%B %Y',$dates->ts()); 88 } 89 90 while ($langs->fetch()) { 91 $lang_combo[$langs->post_lang] = $langs->post_lang; 92 } 93 } 94 $form = new dcForm($core,'post','post.php'); 53 95 54 $categories_combo = array_merge( 55 array( 56 new formSelectOption('-',''), 57 new formSelectOption(__('(No cat)'),'NULL')), 58 dcAdminCombos::getCategoriesCombo($categories,false) 96 97 # Actions combo box 98 $combo_action = array(); 99 if ($core->auth->check('publish,contentadmin',$core->blog->id)) 100 { 101 $combo_action[__('Status')] = array( 102 __('Publish') => 'publish', 103 __('Unpublish') => 'unpublish', 104 __('Schedule') => 'schedule', 105 __('Mark as pending') => 'pending' 59 106 ); 60 $categories_values = array(); 61 foreach ($categories_combo as $cat) { 62 if (isset($cat->value)) { 63 $categories_values[$cat->value]=true; 64 } 107 } 108 $combo_action[__('Mark')] = array( 109 __('Mark as selected') => 'selected', 110 __('Mark as unselected') => 'unselected' 111 ); 112 $combo_action[__('Change')] = array( 113 __('Change category') => 'category', 114 __('Change language') => 'lang'); 115 if ($core->auth->check('admin',$core->blog->id)) 116 { 117 $combo_action[__('Change')] = array_merge($combo_action[__('Change')], 118 array(__('Change author') => 'author')); 119 } 120 if ($core->auth->check('delete,contentadmin',$core->blog->id)) 121 { 122 $combo_action[__('Delete')] = array(__('Delete') => 'delete'); 123 } 124 125 # --BEHAVIOR-- adminPostsActionsCombo 126 $core->callBehavior('adminPostsActionsCombo',array(&$combo_action)); 127 128 129 130 class monthdcFilterCombo extends dcFilterCombo { 131 public function applyFilter($params) { 132 $month=$this->avalues['values'][0]; 133 $params['post_month'] = substr($month,4,2); 134 $params['post_year'] = substr($month,0,4); 135 } 136 } 137 138 class PostsFetcher extends dcListFetcher { 139 140 public function getEntries($params,$offset,$limit) { 141 $params['limit'] = array($offset,$limit); 142 return $this->core->blog->getPosts($params); 65 143 } 66 144 67 $status_combo = array_merge( 68 array('-' => ''), 69 dcAdminCombos::getPostStatusesCombo() 70 ); 71 72 $selected_combo = array( 73 '-' => '', 74 __('Selected') => '1', 75 __('Not selected') => '0' 76 ); 77 78 $attachment_combo = array( 79 '-' => '', 80 __('With attachments') => '1', 81 __('Without attachments') => '0' 82 ); 83 84 # Months array 85 $dt_m_combo = array_merge( 86 array('-' => ''), 87 dcAdminCombos::getDatesCombo($dates) 88 ); 89 90 $lang_combo = array_merge( 91 array('-' => ''), 92 dcAdminCombos::getLangsCombo($langs,false) 93 ); 94 95 $sortby_combo = array( 96 __('Date') => 'post_dt', 97 __('Title') => 'post_title', 98 __('Category') => 'cat_title', 99 __('Author') => 'user_id', 100 __('Status') => 'post_status', 101 __('Selected') => 'post_selected', 102 __('Number of comments') => 'nb_comment', 103 __('Number of trackbacks') => 'nb_trackback' 104 ); 105 106 $order_combo = array( 107 __('Descending') => 'desc', 108 __('Ascending') => 'asc' 109 ); 110 } 111 112 # Actions combo box 113 114 $posts_actions_page = new dcPostsActionsPage($core,$core->adminurl->get("admin.posts")); 115 116 if ($posts_actions_page->process()) { 117 return; 118 } 119 120 /* Get posts 121 -------------------------------------------------------- */ 122 $user_id = !empty($_GET['user_id']) ? $_GET['user_id'] : ''; 123 $cat_id = !empty($_GET['cat_id']) ? $_GET['cat_id'] : ''; 124 $status = isset($_GET['status']) ? $_GET['status'] : ''; 125 $selected = isset($_GET['selected']) ? $_GET['selected'] : ''; 126 $attachment = isset($_GET['attachment']) ? $_GET['attachment'] : ''; 127 $month = !empty($_GET['month']) ? $_GET['month'] : ''; 128 $lang = !empty($_GET['lang']) ? $_GET['lang'] : ''; 129 $sortby = !empty($_GET['sortby']) ? $_GET['sortby'] : 'post_dt'; 130 $order = !empty($_GET['order']) ? $_GET['order'] : 'desc'; 131 132 $show_filters = false; 133 134 $page = !empty($_GET['page']) ? max(1,(integer) $_GET['page']) : 1; 135 $nb_per_page = 30; 136 137 if (!empty($_GET['nb']) && (integer) $_GET['nb'] > 0) { 138 if ($nb_per_page != $_GET['nb']) { 139 $show_filters = true; 145 public function getEntriesCount($params) { 146 $count = $this->core->blog->getPosts($params,true); 147 return $count->f(0); 140 148 } 141 $nb_per_page = (integer) $_GET['nb'];142 }143 144 $params['limit'] = array((($page-1)*$nb_per_page),$nb_per_page);145 $params['no_content'] = true;146 147 # - User filter148 if ($user_id !== '' && in_array($user_id,$users_combo)) {149 $params['user_id'] = $user_id;150 $show_filters = true;151 } else {152 $user_id='';153 }154 155 # - Categories filter156 if ($cat_id !== '' && isset($categories_values[$cat_id])) {157 $params['cat_id'] = $cat_id;158 $show_filters = true;159 } else {160 $cat_id='';161 }162 163 # - Status filter164 if ($status !== '' && in_array($status,$status_combo)) {165 $params['post_status'] = $status;166 $show_filters = true;167 } else {168 $status='';169 }170 171 # - Selected filter172 if ($selected !== '' && in_array($selected,$selected_combo)) {173 $params['post_selected'] = $selected;174 $show_filters = true;175 } else {176 $selected='';177 }178 179 # - Selected filter180 if ($attachment !== '' && in_array($attachment,$attachment_combo)) {181 $params['media'] = $attachment;182 $params['link_type'] = 'attachment';183 $show_filters = true;184 } else {185 $attachment='';186 }187 188 # - Month filter189 if ($month !== '' && in_array($month,$dt_m_combo)) {190 $params['post_month'] = substr($month,4,2);191 $params['post_year'] = substr($month,0,4);192 $show_filters = true;193 } else {194 $month='';195 }196 197 # - Lang filter198 if ($lang !== '' && in_array($lang,$lang_combo)) {199 $params['post_lang'] = $lang;200 $show_filters = true;201 } else {202 $lang='';203 }204 205 # - Sortby and order filter206 if ($sortby !== '' && in_array($sortby,$sortby_combo)) {207 if ($order !== '' && in_array($order,$order_combo)) {208 $params['order'] = $sortby.' '.$order;209 } else {210 $order='desc';211 }212 213 if ($sortby != 'post_dt' || $order != 'desc') {214 $show_filters = true;215 }216 } else {217 $sortby='post_dt';218 $order='desc';219 }220 221 # Get posts222 try {223 $posts = $core->blog->getPosts($params);224 $counter = $core->blog->getPosts($params,true);225 $post_list = new adminPostList($core,$posts,$counter->f(0));226 } catch (Exception $e) {227 $core->error->add($e->getMessage());228 149 } 229 150 230 151 /* DISPLAY 231 152 -------------------------------------------------------- */ 153 $filterSet = new dcFilterSet($core,'fposts','posts.php'); 232 154 233 $form_filter_title = __('Show filters and display options'); 234 $starting_script = dcPage::jsLoad('js/_posts_list.js'); 235 $starting_script .= dcPage::jsLoad('js/filter-controls.js'); 236 $starting_script .= 237 '<script type="text/javascript">'."\n". 238 "//<![CDATA["."\n". 239 dcPage::jsVar('dotclear.msg.show_filters', $show_filters ? 'true':'false')."\n". 240 dcPage::jsVar('dotclear.msg.filter_posts_list',$form_filter_title)."\n". 241 dcPage::jsVar('dotclear.msg.cancel_the_filter',__('Cancel filters and display options'))."\n". 242 "//]]>". 243 "</script>"; 155 $filterSet 156 ->addFilter(new dcFilterRichCombo( 157 'users',__('Author'), __('Author'), 'user_id', $users_combo,array( 158 'multiple' => true))) 159 ->addFilter(new dcFilterRichCombo( 160 'category',__('Category'), __('Category'), 'cat_id', $categories_combo,array( 161 'multiple' => true))) 162 ->addFilter(new dcFilterRichCombo( 163 'post_status',__('Status'), __('Status'), 'post_status', $status_combo)) 164 ->addFilter(new dcFilterRichCombo( 165 'lang',__('Lang'), __('Lang'), 'post_lang', $lang_combo)) 166 ->addFilter(new dcFilterCombo( 167 'selected',__('Selected'), __('The post : '),'post_selected', $selected_combo)) 168 ->addFilter(new monthdcFilterCombo( 169 'month',__('Month'),__('Month'), 'post_month', $dt_m_combo,array('singleval' => 1))) 170 ->addFilter(new dcFilterText( 171 'search',__('Contains'),__('The entry contains'), 'search',20,255)); 244 172 245 dcPage::open(__('Entries'),$starting_script,246 dcPage::breadcrumb(247 array(248 html::escapeHTML($core->blog->name) => '',249 __('Entries') => ''250 ))251 );252 if (!empty($_GET['upd'])) {253 dcPage::success(__('Selected entries have been successfully updated.'));254 } elseif (!empty($_GET['del'])) {255 dcPage::success(__('Selected entries have been successfully deleted.'));256 }257 if (!$core->error->flag())258 {259 echo260 '<p class="top-add"><a class="button add" href="'.$core->adminurl->get("admin.post").'">'.__('New entry').'</a></p>'.261 '<form action="'.$core->adminurl->get("admin.posts").'" method="get" id="filters-form">'.262 '<h3 class="out-of-screen-if-js">'.$form_filter_title.'</h3>'.263 173 264 '<div class="table">'. 265 '<div class="cell">'. 266 '<h4>'.__('Filters').'</h4>'. 267 '<p><label for="user_id" class="ib">'.__('Author:').'</label> '. 268 form::combo('user_id',$users_combo,$user_id).'</p>'. 269 '<p><label for="cat_id" class="ib">'.__('Category:').'</label> '. 270 form::combo('cat_id',$categories_combo,$cat_id).'</p>'. 271 '<p><label for="status" class="ib">'.__('Status:').'</label> ' . 272 form::combo('status',$status_combo,$status).'</p> '. 273 '</div>'. 174 $lfetcher = new PostsFetcher($core); 175 $lposts = new dcItemList ($core,array('lposts','form-entries'),$lfetcher,'posts_actions.php'); 176 $lposts->setFilterSet($filterSet); 177 $lposts->addTemplate('posts_cols.html.twig'); 274 178 275 '<div class="cell filters-sibling-cell">'. 276 '<p><label for="selected" class="ib">'.__('Selected:').'</label> '. 277 form::combo('selected',$selected_combo,$selected).'</p>'. 278 '<p><label for="attachment" class="ib">'.__('Attachments:').'</label> '. 279 form::combo('attachment',$attachment_combo,$attachment).'</p>'. 280 '<p><label for="month" class="ib">'.__('Month:').'</label> '. 281 form::combo('month',$dt_m_combo,$month).'</p>'. 282 '<p><label for="lang" class="ib">'.__('Lang:').'</label> '. 283 form::combo('lang',$lang_combo,$lang).'</p> '. 284 '</div>'. 179 $lposts 180 ->addColumn(new dcColumn('title',__('Title'),'post_title')) 181 ->addColumn(new dcColumn('cat',__('Category'),'cat_title')) 182 ->addColumn(new dcColumn('date',__('Date'),'post_date')) 183 ->addColumn(new dcColumn('datetime',__('Date and Time'),'post_dt')) 184 ->addColumn(new dcColumn('author',__('Author'),'user_id')) 185 ->addColumn(new dcColumn('status',__('Status'),'post_status')); 285 186 286 '<div class="cell filters-options">'.287 '<h4>'.__('Display options').'</h4>'.288 '<p><label for="sortby" class="ib">'.__('Order by:').'</label> '.289 form::combo('sortby',$sortby_combo,$sortby).'</p>'.290 '<p><label for="order" class="ib">'.__('Sort:').'</label> '.291 form::combo('order',$order_combo,$order).'</p>'.292 '<p><span class="label ib">'.__('Show').'</span> <label for="nb" class="classic">'.293 form::field('nb',3,3,$nb_per_page).' '.294 __('entries per page').'</label></p>'.295 '</div>'.296 '</div>'.297 187 298 '<p><input type="submit" value="'.__('Apply filters and display options').'" />'. 299 '<br class="clear" /></p>'. //Opera sucks 300 '</form>'; 188 $lposts->setup(); 301 189 302 # Show posts 303 $post_list->display($page,$nb_per_page, 304 '<form action="'.$core->adminurl->get("admin.posts").'" method="post" id="form-entries">'. 190 $_ctx 191 ->setBreadCrumb(array(__('Entries') => 'posts.php')); 305 192 306 '%s'.307 193 308 '<div class="two-cols">'. 309 '<p class="col checkboxes-helpers"></p>'. 194 $core->tpl->display('posts.html.twig'); 310 195 311 '<p class="col right"><label for="action" class="classic">'.__('Selected entries action:').'</label> '.312 form::combo('action',$posts_actions_page->getCombo()).313 '<input type="submit" value="'.__('ok').'" /></p>'.314 form::hidden(array('user_id'),$user_id).315 form::hidden(array('cat_id'),$cat_id).316 form::hidden(array('status'),$status).317 form::hidden(array('selected'),$selected).318 form::hidden(array('attachment'),$attachment).319 form::hidden(array('month'),$month).320 form::hidden(array('lang'),$lang).321 form::hidden(array('sortby'),$sortby).322 form::hidden(array('order'),$order).323 form::hidden(array('page'),$page).324 form::hidden(array('nb'),$nb_per_page).325 $core->formNonce().326 '</div>'.327 '</form>',328 $show_filters329 );330 }331 196 332 dcPage::helpBlock('core_posts'); 333 dcPage::close(); 197 ?> -
admin/style/default.css
r2593 r2911 1262 1262 #footer a:hover span.tooltip { 1263 1263 padding: 10px 10px 0 40px; 1264 color: # d30e60;1264 color: #910ed3; 1265 1265 height: auto; 1266 1266 width: auto; … … 1867 1867 margin: 0; 1868 1868 padding: 0; 1869 } 1870 .media-item audio { 1871 width: 90%; 1872 margin-top: .5em; 1869 1873 } 1870 1874 a.media-icon {
Note: See TracChangeset
for help on using the changeset viewer.