Changeset 3730:5c45a5df9a59 for plugins/pages/_public.php
- Timestamp:
- 03/08/18 17:58:39 (7 years ago)
- Branch:
- default
- File:
-
- 1 edited
-
plugins/pages/_public.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
plugins/pages/_public.php
r3043 r3730 10 10 # 11 11 # -- END LICENSE BLOCK ----------------------------------------- 12 if (!defined('DC_RC_PATH')) { return;}13 14 $core->addBehavior('coreBlogBeforeGetPosts', array('publicPages','coreBlogBeforeGetPosts'));12 if (!defined('DC_RC_PATH')) {return;} 13 14 $core->addBehavior('coreBlogBeforeGetPosts', array('publicPages', 'coreBlogBeforeGetPosts')); 15 15 16 16 # Localized string we find in template … … 18 18 __('This page\'s comments feed'); 19 19 20 require dirname(__FILE__) .'/_widgets.php';20 require dirname(__FILE__) . '/_widgets.php'; 21 21 22 22 class publicPages 23 23 { 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 $params['post_type'] = array('post','page');42 43 44 24 public static function coreBlogBeforeGetPosts($params) 25 { 26 global $core; 27 28 if ($core->url->type == 'search') { 29 // Add page post type for searching 30 if (isset($params['post_type'])) { 31 if (!is_array($params['post_type'])) { 32 // Convert it in array 33 $params['post_type'] = array($params['post_type']); 34 } 35 if (!in_array('page', $params['post_type'])) { 36 // Add page post type 37 $params['post_type'][] = 'page'; 38 } 39 } else { 40 // Dont miss default post type (aka post) 41 $params['post_type'] = array('post', 'page'); 42 } 43 } 44 } 45 45 } 46 46 47 47 class urlPages extends dcUrlHandlers 48 48 { 49 public static function pages($args) 50 { 51 if ($args == '') { 52 # No page was specified. 53 self::p404(); 54 } 55 else 56 { 57 $_ctx =& $GLOBALS['_ctx']; 58 $core =& $GLOBALS['core']; 59 60 $core->blog->withoutPassword(false); 61 62 $params = new ArrayObject(array( 63 'post_type' => 'page', 64 'post_url' => $args)); 65 66 $core->callBehavior('publicPagesBeforeGetPosts',$params,$args); 67 68 $_ctx->posts = $core->blog->getPosts($params); 69 70 $_ctx->comment_preview = new ArrayObject(); 71 $_ctx->comment_preview['content'] = ''; 72 $_ctx->comment_preview['rawcontent'] = ''; 73 $_ctx->comment_preview['name'] = ''; 74 $_ctx->comment_preview['mail'] = ''; 75 $_ctx->comment_preview['site'] = ''; 76 $_ctx->comment_preview['preview'] = false; 77 $_ctx->comment_preview['remember'] = false; 78 79 $core->blog->withoutPassword(true); 80 81 82 if ($_ctx->posts->isEmpty()) 83 { 84 # The specified page does not exist. 85 self::p404(); 86 } 87 else 88 { 89 $post_id = $_ctx->posts->post_id; 90 $post_password = $_ctx->posts->post_password; 91 92 # Password protected entry 93 if ($post_password != '' && !$_ctx->preview) 94 { 95 # Get passwords cookie 96 if (isset($_COOKIE['dc_passwd'])) { 97 $pwd_cookie = json_decode($_COOKIE['dc_passwd']); 98 if ($pwd_cookie === NULL) { 99 $pwd_cookie = array(); 100 } else { 101 $pwd_cookie = (array) $pwd_cookie; 102 } 103 } else { 104 $pwd_cookie = array(); 105 } 106 107 # Check for match 108 # Note: We must prefix post_id key with '#'' in pwd_cookie array in order to avoid integer conversion 109 # because MyArray["12345"] is treated as MyArray[12345] 110 if ((!empty($_POST['password']) && $_POST['password'] == $post_password) 111 || (isset($pwd_cookie['#'.$post_id]) && $pwd_cookie['#'.$post_id] == $post_password)) 112 { 113 $pwd_cookie['#'.$post_id] = $post_password; 114 setcookie('dc_passwd',json_encode($pwd_cookie),0,'/'); 115 } 116 else 117 { 118 self::serveDocument('password-form.html','text/html',false); 119 return; 120 } 121 } 122 123 $post_comment = 124 isset($_POST['c_name']) && isset($_POST['c_mail']) && 125 isset($_POST['c_site']) && isset($_POST['c_content']) && 126 $_ctx->posts->commentsActive(); 127 128 # Posting a comment 129 if ($post_comment) 130 { 131 # Spam trap 132 if (!empty($_POST['f_mail'])) { 133 http::head(412,'Precondition Failed'); 134 header('Content-Type: text/plain'); 135 echo "So Long, and Thanks For All the Fish"; 136 # Exits immediately the application to preserve the server. 137 exit; 138 } 139 140 $name = $_POST['c_name']; 141 $mail = $_POST['c_mail']; 142 $site = $_POST['c_site']; 143 $content = $_POST['c_content']; 144 $preview = !empty($_POST['preview']); 145 146 if ($content != '') 147 { 148 # --BEHAVIOR-- publicBeforeCommentTransform 149 $buffer = $core->callBehavior('publicBeforeCommentTransform',$content); 150 if ($buffer != '') { 151 $content = $buffer; 152 } else { 153 if ($core->blog->settings->system->wiki_comments) { 154 $core->initWikiComment(); 155 } else { 156 $core->initWikiSimpleComment(); 157 } 158 $content = $core->wikiTransform($content); 159 } 160 $content = $core->HTMLfilter($content); 161 } 162 163 $_ctx->comment_preview['content'] = $content; 164 $_ctx->comment_preview['rawcontent'] = $_POST['c_content']; 165 $_ctx->comment_preview['name'] = $name; 166 $_ctx->comment_preview['mail'] = $mail; 167 $_ctx->comment_preview['site'] = $site; 168 169 if ($preview) 170 { 171 # --BEHAVIOR-- publicBeforeCommentPreview 172 $core->callBehavior('publicBeforeCommentPreview',$_ctx->comment_preview); 173 174 $_ctx->comment_preview['preview'] = true; 175 } 176 else 177 { 178 # Post the comment 179 $cur = $core->con->openCursor($core->prefix.'comment'); 180 $cur->comment_author = $name; 181 $cur->comment_site = html::clean($site); 182 $cur->comment_email = html::clean($mail); 183 $cur->comment_content = $content; 184 $cur->post_id = $_ctx->posts->post_id; 185 $cur->comment_status = $core->blog->settings->system->comments_pub ? 1 : -1; 186 $cur->comment_ip = http::realIP(); 187 188 $redir = $_ctx->posts->getURL(); 189 $redir .= $core->blog->settings->system->url_scan == 'query_string' ? '&' : '?'; 190 191 try 192 { 193 if (!text::isEmail($cur->comment_email)) { 194 throw new Exception(__('You must provide a valid email address.')); 195 } 196 197 # --BEHAVIOR-- publicBeforeCommentCreate 198 $core->callBehavior('publicBeforeCommentCreate',$cur); 199 if ($cur->post_id) { 200 $comment_id = $core->blog->addComment($cur); 201 202 # --BEHAVIOR-- publicAfterCommentCreate 203 $core->callBehavior('publicAfterCommentCreate',$cur,$comment_id); 204 } 205 206 if ($cur->comment_status == 1) { 207 $redir_arg = 'pub=1'; 208 } else { 209 $redir_arg = 'pub=0'; 210 } 211 212 header('Location: '.$redir.$redir_arg); 213 } 214 catch (Exception $e) 215 { 216 $_ctx->form_error = $e->getMessage(); 217 $_ctx->form_error; 218 } 219 } 220 } 221 222 # The entry 223 if ($_ctx->posts->trackbacksActive()) { 224 header('X-Pingback: '.$core->blog->url.$core->url->getURLFor("xmlrpc",$core->blog->id)); 225 } 226 227 $tplset = $core->themes->moduleInfo($core->blog->settings->system->theme,'tplset'); 228 if (!empty($tplset) && is_dir(dirname(__FILE__).'/default-templates/'.$tplset)) { 229 $core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__).'/default-templates/'.$tplset); 230 } else { 231 $core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__).'/default-templates/'.DC_DEFAULT_TPLSET); 232 } 233 self::serveDocument('page.html'); 234 } 235 } 236 } 237 238 public static function pagespreview($args) 239 { 240 $core = $GLOBALS['core']; 241 $_ctx = $GLOBALS['_ctx']; 242 243 if (!preg_match('#^(.+?)/([0-9a-z]{40})/(.+?)$#',$args,$m)) { 244 # The specified Preview URL is malformed. 245 self::p404(); 246 } 247 else 248 { 249 $user_id = $m[1]; 250 $user_key = $m[2]; 251 $post_url = $m[3]; 252 if (!$core->auth->checkUser($user_id,null,$user_key)) { 253 # The user has no access to the entry. 254 self::p404(); 255 } 256 else 257 { 258 $_ctx->preview = true; 259 if (defined ("DC_ADMIN_URL")) { 260 $_ctx->xframeoption=DC_ADMIN_URL; 261 } 262 263 self::pages($post_url); 264 } 265 } 266 } 49 public static function pages($args) 50 { 51 if ($args == '') { 52 # No page was specified. 53 self::p404(); 54 } else { 55 $_ctx = &$GLOBALS['_ctx']; 56 $core = &$GLOBALS['core']; 57 58 $core->blog->withoutPassword(false); 59 60 $params = new ArrayObject(array( 61 'post_type' => 'page', 62 'post_url' => $args)); 63 64 $core->callBehavior('publicPagesBeforeGetPosts', $params, $args); 65 66 $_ctx->posts = $core->blog->getPosts($params); 67 68 $_ctx->comment_preview = new ArrayObject(); 69 $_ctx->comment_preview['content'] = ''; 70 $_ctx->comment_preview['rawcontent'] = ''; 71 $_ctx->comment_preview['name'] = ''; 72 $_ctx->comment_preview['mail'] = ''; 73 $_ctx->comment_preview['site'] = ''; 74 $_ctx->comment_preview['preview'] = false; 75 $_ctx->comment_preview['remember'] = false; 76 77 $core->blog->withoutPassword(true); 78 79 if ($_ctx->posts->isEmpty()) { 80 # The specified page does not exist. 81 self::p404(); 82 } else { 83 $post_id = $_ctx->posts->post_id; 84 $post_password = $_ctx->posts->post_password; 85 86 # Password protected entry 87 if ($post_password != '' && !$_ctx->preview) { 88 # Get passwords cookie 89 if (isset($_COOKIE['dc_passwd'])) { 90 $pwd_cookie = json_decode($_COOKIE['dc_passwd']); 91 if ($pwd_cookie === null) { 92 $pwd_cookie = array(); 93 } else { 94 $pwd_cookie = (array) $pwd_cookie; 95 } 96 } else { 97 $pwd_cookie = array(); 98 } 99 100 # Check for match 101 # Note: We must prefix post_id key with '#'' in pwd_cookie array in order to avoid integer conversion 102 # because MyArray["12345"] is treated as MyArray[12345] 103 if ((!empty($_POST['password']) && $_POST['password'] == $post_password) 104 || (isset($pwd_cookie['#' . $post_id]) && $pwd_cookie['#' . $post_id] == $post_password)) { 105 $pwd_cookie['#' . $post_id] = $post_password; 106 setcookie('dc_passwd', json_encode($pwd_cookie), 0, '/'); 107 } else { 108 self::serveDocument('password-form.html', 'text/html', false); 109 return; 110 } 111 } 112 113 $post_comment = 114 isset($_POST['c_name']) && isset($_POST['c_mail']) && 115 isset($_POST['c_site']) && isset($_POST['c_content']) && 116 $_ctx->posts->commentsActive(); 117 118 # Posting a comment 119 if ($post_comment) { 120 # Spam trap 121 if (!empty($_POST['f_mail'])) { 122 http::head(412, 'Precondition Failed'); 123 header('Content-Type: text/plain'); 124 echo "So Long, and Thanks For All the Fish"; 125 # Exits immediately the application to preserve the server. 126 exit; 127 } 128 129 $name = $_POST['c_name']; 130 $mail = $_POST['c_mail']; 131 $site = $_POST['c_site']; 132 $content = $_POST['c_content']; 133 $preview = !empty($_POST['preview']); 134 135 if ($content != '') { 136 # --BEHAVIOR-- publicBeforeCommentTransform 137 $buffer = $core->callBehavior('publicBeforeCommentTransform', $content); 138 if ($buffer != '') { 139 $content = $buffer; 140 } else { 141 if ($core->blog->settings->system->wiki_comments) { 142 $core->initWikiComment(); 143 } else { 144 $core->initWikiSimpleComment(); 145 } 146 $content = $core->wikiTransform($content); 147 } 148 $content = $core->HTMLfilter($content); 149 } 150 151 $_ctx->comment_preview['content'] = $content; 152 $_ctx->comment_preview['rawcontent'] = $_POST['c_content']; 153 $_ctx->comment_preview['name'] = $name; 154 $_ctx->comment_preview['mail'] = $mail; 155 $_ctx->comment_preview['site'] = $site; 156 157 if ($preview) { 158 # --BEHAVIOR-- publicBeforeCommentPreview 159 $core->callBehavior('publicBeforeCommentPreview', $_ctx->comment_preview); 160 161 $_ctx->comment_preview['preview'] = true; 162 } else { 163 # Post the comment 164 $cur = $core->con->openCursor($core->prefix . 'comment'); 165 $cur->comment_author = $name; 166 $cur->comment_site = html::clean($site); 167 $cur->comment_email = html::clean($mail); 168 $cur->comment_content = $content; 169 $cur->post_id = $_ctx->posts->post_id; 170 $cur->comment_status = $core->blog->settings->system->comments_pub ? 1 : -1; 171 $cur->comment_ip = http::realIP(); 172 173 $redir = $_ctx->posts->getURL(); 174 $redir .= $core->blog->settings->system->url_scan == 'query_string' ? '&' : '?'; 175 176 try 177 { 178 if (!text::isEmail($cur->comment_email)) { 179 throw new Exception(__('You must provide a valid email address.')); 180 } 181 182 # --BEHAVIOR-- publicBeforeCommentCreate 183 $core->callBehavior('publicBeforeCommentCreate', $cur); 184 if ($cur->post_id) { 185 $comment_id = $core->blog->addComment($cur); 186 187 # --BEHAVIOR-- publicAfterCommentCreate 188 $core->callBehavior('publicAfterCommentCreate', $cur, $comment_id); 189 } 190 191 if ($cur->comment_status == 1) { 192 $redir_arg = 'pub=1'; 193 } else { 194 $redir_arg = 'pub=0'; 195 } 196 197 header('Location: ' . $redir . $redir_arg); 198 } catch (Exception $e) { 199 $_ctx->form_error = $e->getMessage(); 200 $_ctx->form_error; 201 } 202 } 203 } 204 205 # The entry 206 if ($_ctx->posts->trackbacksActive()) { 207 header('X-Pingback: ' . $core->blog->url . $core->url->getURLFor("xmlrpc", $core->blog->id)); 208 } 209 210 $tplset = $core->themes->moduleInfo($core->blog->settings->system->theme, 'tplset'); 211 if (!empty($tplset) && is_dir(dirname(__FILE__) . '/default-templates/' . $tplset)) { 212 $core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__) . '/default-templates/' . $tplset); 213 } else { 214 $core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__) . '/default-templates/' . DC_DEFAULT_TPLSET); 215 } 216 self::serveDocument('page.html'); 217 } 218 } 219 } 220 221 public static function pagespreview($args) 222 { 223 $core = $GLOBALS['core']; 224 $_ctx = $GLOBALS['_ctx']; 225 226 if (!preg_match('#^(.+?)/([0-9a-z]{40})/(.+?)$#', $args, $m)) { 227 # The specified Preview URL is malformed. 228 self::p404(); 229 } else { 230 $user_id = $m[1]; 231 $user_key = $m[2]; 232 $post_url = $m[3]; 233 if (!$core->auth->checkUser($user_id, null, $user_key)) { 234 # The user has no access to the entry. 235 self::p404(); 236 } else { 237 $_ctx->preview = true; 238 if (defined("DC_ADMIN_URL")) { 239 $_ctx->xframeoption = DC_ADMIN_URL; 240 } 241 242 self::pages($post_url); 243 } 244 } 245 } 267 246 } 268 247 269 248 class tplPages 270 249 { 271 # Widget function 272 public static function pagesWidget($w) 273 { 274 global $core, $_ctx; 275 276 if ($w->offline) 277 return; 278 279 if (($w->homeonly == 1 && $core->url->type != 'default') || 280 ($w->homeonly == 2 && $core->url->type == 'default')) { 281 return; 282 } 283 284 $params['post_type'] = 'page'; 285 $params['limit'] = abs((integer) $w->limit); 286 $params['no_content'] = true; 287 $params['post_selected'] = false; 288 289 $sort = $w->sortby; 290 if (!in_array($sort,array('post_title','post_position','post_dt'))) { 291 $sort = 'post_title'; 292 } 293 294 $order = $w->orderby; 295 if ($order != 'asc') { 296 $order = 'desc'; 297 } 298 $params['order'] = $sort.' '.$order; 299 300 $rs = $core->blog->getPosts($params); 301 302 if ($rs->isEmpty()) { 303 return; 304 } 305 306 $res = ($w->title ? $w->renderTitle(html::escapeHTML($w->title)) : '').'<ul>'; 307 308 while ($rs->fetch()) { 309 $class = ''; 310 if (($core->url->type == 'pages' && $_ctx->posts instanceof record && $_ctx->posts->post_id == $rs->post_id)) { 311 $class = ' class="page-current"'; 312 } 313 $res .= '<li'.$class.'><a href="'.$rs->getURL().'">'. 314 html::escapeHTML($rs->post_title).'</a></li>'; 315 } 316 317 $res .= '</ul>'; 318 319 return $w->renderDiv($w->content_only,'pages '.$w->class,'',$res); 320 } 250 # Widget function 251 public static function pagesWidget($w) 252 { 253 global $core, $_ctx; 254 255 if ($w->offline) { 256 return; 257 } 258 259 if (($w->homeonly == 1 && $core->url->type != 'default') || 260 ($w->homeonly == 2 && $core->url->type == 'default')) { 261 return; 262 } 263 264 $params['post_type'] = 'page'; 265 $params['limit'] = abs((integer) $w->limit); 266 $params['no_content'] = true; 267 $params['post_selected'] = false; 268 269 $sort = $w->sortby; 270 if (!in_array($sort, array('post_title', 'post_position', 'post_dt'))) { 271 $sort = 'post_title'; 272 } 273 274 $order = $w->orderby; 275 if ($order != 'asc') { 276 $order = 'desc'; 277 } 278 $params['order'] = $sort . ' ' . $order; 279 280 $rs = $core->blog->getPosts($params); 281 282 if ($rs->isEmpty()) { 283 return; 284 } 285 286 $res = ($w->title ? $w->renderTitle(html::escapeHTML($w->title)) : '') . '<ul>'; 287 288 while ($rs->fetch()) { 289 $class = ''; 290 if (($core->url->type == 'pages' && $_ctx->posts instanceof record && $_ctx->posts->post_id == $rs->post_id)) { 291 $class = ' class="page-current"'; 292 } 293 $res .= '<li' . $class . '><a href="' . $rs->getURL() . '">' . 294 html::escapeHTML($rs->post_title) . '</a></li>'; 295 } 296 297 $res .= '</ul>'; 298 299 return $w->renderDiv($w->content_only, 'pages ' . $w->class, '', $res); 300 } 321 301 }
Note: See TracChangeset
for help on using the changeset viewer.