search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Automatic installer.php lang files by installer_builder (20070202)
[moodle.git] / blog / edit.php
blob105da2831c222874e8a112633a9b5ae1ba872739
1 <?php //$Id$
2
3 require_once('../config.php');
4 include_once('lib.php');
5 require_login();
6
7 $courseid = optional_param('courseid', SITEID, PARAM_INT);
8 $act = optional_param('act','',PARAM_ALPHA);
9
10 // detemine where the user is coming from in case we need to send them back there
11 if (!$referrer = optional_param('referrer','', PARAM_URL)) {
12 if (isset($_SERVER['HTTP_REFERER'])) {
13 $referrer = $_SERVER['HTTP_REFERER'];
14 } else {
15 $referrer = $CFG->wwwroot;
16 }
17 }
18
19 //first verify that user is not a guest
20 if (isguest()) {
21 error(get_string('noguestpost', 'blog'), $referrer);
22 }
23
24 // make sure that the person trying to edit have access right
25 if ($editid = optional_param('editid', 0, PARAM_INT)) {
26
27 $blogEntry = get_record('post', 'id', $editid);
28
29 if (!blog_user_can_edit_post($blogEntry)) {
30 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
31 }
32 }
33
34 //check to see if there is a requested blog to edit
35 if (isloggedin() && !isguest()) {
36 $userid = $USER->id;
37 } else {
38 error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
39 }
40
41 // if we are trying to delete an non-existing blog entry
42 if (isset($act) && ($act == 'del') && (empty($blogEntry))) {
43 error ('the entry you are trying to delete does not exist');
44 }
45
46
47 $pageNavigation = 'edit';
48 include($CFG->dirroot .'/blog/header.php');
49
50 //////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
51
52 if (isset($act) && ($act == 'del') && confirm_sesskey())
53 {
54 $postid = required_param('editid', PARAM_INT);
55 if (optional_param('confirm',0,PARAM_INT)) {
56 do_delete($postid);
57 } else {
58
59 /// prints blog entry and what confirmation form
60 echo '<div align="center"><form method="GET" action="edit.php">';
61 echo '<input type="hidden" name="act" value="del" />';
62 echo '<input type="hidden" name="confirm" value="1" />';
63 echo '<input type="hidden" name="editid" value="'.$postid.'" />';
64 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
65
66 print_string('blogdeleteconfirm', 'blog');
67 blog_print_entry($blogEntry);
68
69 echo '<br />';
70 echo '<input type="submit" value="'.get_string('delete').'" /> ';
71 echo ' <input type="button" value="'.get_string('cancel').'" onclick="javascript:history.go(-1)" />';
72 echo '</form></div>';
73 print_footer($course);
74 exit;
75 }
76 }
77
78 if ($usehtmleditor = can_use_richtext_editor()) {
79 $defaultformat = FORMAT_HTML;
80 $onsubmit = '';
81 } else {
82 $defaultformat = FORMAT_MOODLE;
83 $onsubmit = '';
84 }
85
86 if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
87 if (!empty($post->editform)) { //make sure we're processing the edit form here
88 //print_object($post); //debug
89
90 if (!$post->etitle or !$post->body) {
91 $post->error = get_string('emptymessage', 'forum');
92 }
93 if ($post->act == 'save') {
94 do_save($post);
95 } else if ($post->act == 'update') {
96 do_update($post);
97 } else if ($post->act == 'del') {
98 $postid = required_param('postid', PARAM_INT);
99 do_delete($postid);
100 }
101 }
102 } else {
103
104 //no post data yet, so load up the post array with default information
105 $post->etitle = '';
106 $post->userid = $USER->id;
107 $post->body = '';
108 $post->format = $defaultformat;
109 $post->publishstate = 'draft';
110 }
111
112 if ($editid) { // User is editing a post
113 // ensure that editing is allowed first - admin users can edit any posts
114
115 $blogEntry = get_record('post','id',$editid);
116
117 //using an unformatted entry body here so that extra formatting information is not stored in the db
118 $post->body = $blogEntry->summary;
119 $post->etitle = $blogEntry->subject;
120 $post->postid = $editid;
121 $post->userid = $blogEntry->userid;
122 $post->format = $blogEntry->format;
123 $post->publishstate = $blogEntry->publishstate;
124 }
125
126 if (isset($post->postid) && ($post->postid != -1) ) {
127 $formHeading = get_string('updateentrywithid', 'blog');
128 } else {
129 $formHeading = get_string('addnewentry', 'blog');
130 }
131
132 if (isset($post->error)) {
133 notify($post->error);
134 }
135
136 print_simple_box_start("center");
137 require('edit.html');
138 print_simple_box_end();
139
140 include($CFG->dirroot .'/blog/footer.php');
141
142
143 /***************************** edit.php functions ***************************/
144 /*
145 * do_delete
146 * takes $bloginfo_arg argument as reference to a blogInfo object.
147 * also takes the postid - the id of the entry to be removed
148 */
149 function do_delete($postid) {
150 global $CFG, $USER, $referrer;
151 // make sure this user is authorized to delete this entry.
152 // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
153 // check ownership
154 $blogEntry = get_record('post','id',$postid);
155
156 if (blog_user_can_edit_post($blogEntry)) {
157
158 if (delete_records('post','id',$postid)) {
159 //echo "bloginfo_arg:"; //debug
160 //print_object($bloginfo_arg); //debug
161 //echo "pid to delete:".$postid; //debug
162 delete_records('blog_tag_instance', 'entryid', $postid);
163 print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';
164
165 //record a log message of this entry deletion
166 if ($site = get_site()) {
167 add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $blogEntry->userid, 'deleted blog entry with entry id# '. $postid);
168 }
169 }
170 }
171 else {
172 error(get_string('entryerrornotyours', 'blog'));
173 }
174
175 //comment out this redirect to debug the deletion of entries
176
177 redirect($CFG->wwwroot .'/blog/index.php?userid='. $blogEntry->userid);
178 }
179
180 /**
181 * do_save
182 *
183 * @param object $post argument is a reference to the post object which is used to store information for the form
184 * @param object $bloginfo_arg argument is reference to a blogInfo object.
185 */
186 function do_save($post) {
187 global $USER, $CFG, $referrer;
188 // echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
189 // print_object($post); //debug
190
191 if ($post->body == '') {
192 $post->error = get_string('nomessagebodyerror', 'blog');
193 } else {
194
195 /// Write a blog entry into database
196 $blogEntry = new object;
197 $blogEntry->subject = $post->etitle;
198 $blogEntry->summary = $post->body;
199 $blogEntry->module = 'blog';
200 $blogEntry->userid = $USER->id;
201 $blogEntry->format = $post->format;
202 $blogEntry->publishstate = $post->publishstate;
203 $blogEntry->lastmodified = time();
204 $blogEntry->created = time();
205
206 // Insert the new blog entry.
207 $entryID = insert_record('post',$blogEntry);
208
209 // print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
210 // echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
211 if ($entryID) {
212
213 /// Creates a unique hash. I don't know what this is for (Yu)
214 $dataobject = new object;
215 $dataobject->uniquehash = md5($blogEntry->userid.$CFG->wwwroot.$entryID);
216 update_record('post', $dataobject);
217
218 /// Associate tags with entries
219
220 $tag = NULL;
221 $tag->entryid = $entryID;
222 $tag->userid = $USER->id;
223 $tag->timemodified = time();
224
225 /// Add tags information
226 if ($otags = optional_param('otags','', PARAM_INT)) {
227 foreach ($otags as $otag) {
228 $tag->tagid = $otag;
229 insert_record('blog_tag_instance',$tag);
230 }
231 }
232
233 if ($ptags = optional_param('ptags','', PARAM_INT)) {
234 foreach ($ptags as $ptag) {
235 $tag->tagid = $ptag;
236 insert_record('blog_tag_instance',$tag);
237 }
238 }
239
240 print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
241 }
242 //record a log message of this entry addition
243 if ($site = get_site()) {
244 add_to_log($site->id, 'blog', 'add', 'index.php?userid='. $blogEntry->userid .'&postid='. $entryID, $blogEntry->subject);
245 }
246
247 redirect($referrer);
248 /*
249 //to debug this save function comment out the following redirect code
250 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
251 redirect($CFG->wwwroot .'/blog/index.php?userid='. $blogEntry->userid);
252 } else {
253 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
254 }*/
255 }
256 }
257
258 /**
259 * @param . $post argument is a reference to the post object which is used to store information for the form
260 * @param . $bloginfo_arg argument is reference to a blogInfo object.
261 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
262 */
263 function do_update($post) {
264 // here post = data_submitted();
265 global $CFG, $USER, $referrer;
266 $blogEntry = get_record('post','id',$post->postid);
267 // echo "id id ".$post->postid;
268 // print_object($blogentry); //debug
269
270 $blogEntry->subject = $post->etitle;
271 $blogEntry->summary = $post->body;
272 if ($blogEntry->summary == '<br />') {
273 $blogEntry->summary = '';
274 }
275 $blogEntry->format = $post->format;
276 $blogEntry->publishstate = $post->publishstate; //we don't care about the return value here
277
278 if ( update_record('post',$blogEntry)) {
279 delete_records('blog_tag_instance', 'entryid', $blogEntry->id);
280
281 $tag = NULL;
282 $tag->entryid = $blogEntry->id;
283 $tag->userid = $USER->id;
284 $tag->timemodified = time();
285
286 /// Add tags information
287 if ($otags = optional_param('otags','', PARAM_INT)) {
288 foreach ($otags as $otag) {
289 $tag->tagid = $otag;
290 insert_record('blog_tag_instance',$tag);
291 }
292 }
293
294 if ($ptags = optional_param('ptags','', PARAM_INT)) {
295 foreach ($ptags as $ptag) {
296 $tag->tagid = $ptag;
297 insert_record('blog_tag_instance',$tag);
298 }
299 }
300
301 // only do pings if the entry is published to the world
302 // Daryl Hawes note - eventually should check if it's on the same server
303 // and if so allow pb/tb as well - especially now that moderation is in place
304 print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';
305
306 //record a log message of this entry update action
307 if ($site = get_site()) {
308 add_to_log($site->id, 'blog', 'update', 'index.php?userid='. $blogEntry->userid .'&postid='. $post->postid, $blogEntry->subject);
309 }
310
311 redirect($referrer);
312 //to debug this save function comment out the following redirect code
313 /*
314 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
315 redirect($CFG->wwwroot .'/blog/index.php?userid='. $blogEntry->userid);
316 } else {
317 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
318 }*/
319 } else {
320 // get_string('', 'blog') //Daryl Hawes note: localize this line
321 $post->error = 'There was an error updating this post in the database';
322 }
323 }
324 ?>
Read-only mirror of the Moodle CVS