1<?php
2/**
3 * @package tikiwiki
4 */
5// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
6//
7// All Rights Reserved. See copyright.txt for details and a complete list of authors.
8// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
9// $Id$
10
11$section = 'blogs';
12require_once('tiki-setup.php');
13$categlib = TikiLib::lib('categ');
14$bloglib = TikiLib::lib('blog');
15$editlib = TikiLib::lib('edit');
16
17$access->check_feature('feature_blogs');
18
19$blogId = isset($_REQUEST['blogId']) ? $_REQUEST['blogId'] : 0;
20
21// Now check which blogs the user has permission to post (if any)
22if ($tiki_p_blog_admin == 'y') {
23	$blogsd = $bloglib->list_blogs(0, -1, 'created_desc', '');
24	$blogs = $blogsd['data'];
25} else {
26	$blogs = $bloglib->list_blogs_user_can_post();
27}
28
29$smarty->assign_by_ref('blogs', $blogs);
30
31// If user doesn't have permission to post in any blog display error message
32if (count($blogs) == 0) {
33	$smarty->assign('msg', tra("It isn't possible to post in any blog.") . ' <a href="tiki-edit_blog.php" >' . tra("You may need to create a blog first.") . '</a>');
34	$smarty->display("error.tpl");
35	die;
36} elseif ($blogId == 0 && count($blogs) == 1) {
37	$blogId = $blogs[0]['blogId'];
38}
39
40if ($blogId > 0) {
41	$blog_data = $bloglib->get_blog($blogId);
42	$smarty->assign_by_ref('blog_data', $blog_data);
43}
44
45$postId = isset($_REQUEST["postId"]) ? $_REQUEST["postId"] : 0;
46
47if ($postId > 0) {
48	$data = $bloglib->get_post($_REQUEST["postId"]);
49
50	// If the blog is public and the user has posting permissions then he can edit
51	// If the user owns the weblog then he can edit
52	if (! $user || ($data["user"] != $user && $user != $blog_data["user"] && ! ($blog_data['public'] == 'y' && $tikilib->user_has_perm_on_object($user, $_REQUEST['blogId'], 'blog', 'tiki_p_blog_post')))) {
53		if ($tiki_p_blog_admin != 'y' && ! $tikilib->user_has_perm_on_object($user, $_REQUEST['blogId'], 'blog', 'tiki_p_blog_admin')) {
54			$smarty->assign('errortype', 401);
55			$smarty->assign('msg', tra("You do not have permission to edit this post"));
56			$smarty->display("error.tpl");
57			die;
58		}
59	}
60	if (isset($data['wysiwyg']) && ! isset($_POST['wysiwyg'])) {
61		$_POST['wysiwyg'] = $data['wysiwyg'];
62	}
63}
64
65$smarty->assign('blogId', $blogId);
66$smarty->assign('postId', $postId);
67
68//Use 12- or 24-hour clock for $publishDate time selector based on admin and user preferences
69$userprefslib = TikiLib::lib('userprefs');
70$smarty->assign('use_24hr_clock', $userprefslib->get_user_clock_pref($user));
71
72if (isset($_POST["publish_Hour"])) {
73	//Convert 12-hour clock hours to 24-hour scale to compute time
74	if (! empty($_POST['publish_Meridian'])) {
75		$_POST['publish_Hour'] = date('H', strtotime($_POST['publish_Hour'] . ':00 ' . $_POST['publish_Meridian']));
76	}
77	$publishDate = $tikilib->make_time($_POST["publish_Hour"], $_POST["publish_Minute"], 0, $_POST["publish_Month"], $_POST["publish_Day"], $_POST["publish_Year"]);
78} else {
79	$publishDate = $tikilib->now;
80}
81
82if ($prefs['feature_freetags'] == 'y') {
83	$freetaglib = TikiLib::lib('freetag');
84
85	if ($prefs['feature_multilingual'] == 'y') {
86		$languages = [];
87		$langLib = TikiLib::lib('language');
88		$languages = $langLib->list_languages();
89		$smarty->assign_by_ref('languages', $languages);
90		$smarty->assign('blog', 'y');
91	}
92}
93
94// Exit edit mode (without javascript)
95if (isset($_POST['cancel'])) {
96	header("location: tiki-view_blog.php?blogId=$blogId");
97}
98
99// Exit edit mode (with javascript)
100$smarty->assign('referer', ! empty($_POST['referer']) ? $_POST['referer'] : (empty($_SERVER['HTTP_REFERER']) ? 'tiki-view_blog.php?blogId=' . $blogId : $_SERVER['HTTP_REFERER']));
101
102if (isset($_REQUEST['remove_image']) && $access->checkCsrfForm(tra('Delete this item?'))) {
103	$bloglib->remove_post_image($_POST['remove_image']);
104}
105
106if ($prefs['feature_wysiwyg'] == 'y' && ($prefs['wysiwyg_default'] == 'y' && ! isset($_POST['wysiwyg'])) || (isset($_POST['wysiwyg']) && $_POST['wysiwyg'] == 'y')) {
107	$smarty->assign('wysiwyg', 'y');
108	$is_wysiwyg = true;
109} else {
110	$smarty->assign('wysiwyg', 'n');
111	$is_wysiwyg = false;
112}
113
114if ($postId > 0) {
115	if (empty($data["data"])) {
116		$data["data"] = '';
117	}
118
119	$smarty->assign('post_info', $data);
120	$smarty->assign('data', $data['data']);
121	$smarty->assign('parsed_data', TikiLib::lib('parser')->parse_data($data['data'], ['is_html' => $is_wysiwyg]));
122	$smarty->assign('blogpriv', $data['priv']);
123
124	$post_images = $bloglib->get_post_images($postId);
125	$smarty->assign_by_ref('post_images', $post_images);
126	$cat_type = 'blog post';
127	$cat_objid = $postId;
128
129	if (isset($_POST['lang'])) {
130		$cat_lang = $_POST['lang'];
131	}
132}
133include_once('freetag_list.php');
134
135$smarty->assign('preview', 'n');
136
137$blogpriv = 'n';
138$smarty->assign('blogpriv', 'n');
139
140if (isset($_POST["data"])) {
141	$edit_data = $_POST["data"];
142} else {
143	if (isset($data["data"])) {
144		$edit_data = $data["data"];
145	} else {
146		$edit_data = '';
147	}
148	if (isset($data["priv"])) {
149		$smarty->assign('blogpriv', $data["priv"]);
150		$blogpriv = $data["priv"];
151	}
152}
153
154// Handles switching editor modes
155if (isset($_POST['mode_normal']) && $_POST['mode_normal'] == 'y') {
156	// Parsing page data as first time seeing html page in normal editor
157	$smarty->assign('msg', "Parsing html to wiki");
158	$parsed = $editlib->parseToWiki($edit_data);
159	$smarty->assign('data', $parsed);
160} elseif (isset($_POST['mode_wysiwyg']) && $_POST['mode_wysiwyg'] == 'y') {
161	// Parsing page data as first time seeing wiki page in wysiwyg editor
162	$smarty->assign('msg', "Parsing wiki to html");
163	$parsed = $editlib->parseToWysiwyg($edit_data);
164	$smarty->assign('data', $parsed);
165}
166
167if (isset($_POST["blogpriv"]) && $_POST["blogpriv"] == 'on') {
168	$smarty->assign('blogpriv', 'y');
169	$blogpriv = 'y';
170}
171
172if (isset($_POST["preview"])) {
173	$post_info = [];
174	$parserlib = TikiLib::lib('parser');
175	$edit_data = $tikilib->convertAbsoluteLinksToRelative($edit_data);
176	$parsed_data = TikiLib::lib('parser')->parse_data($edit_data, ['is_html' => $is_wysiwyg]);
177	$smarty->assign('data', $edit_data);
178	$post_info['parsed_data'] = $parsed_data;
179
180	$post_info['title'] = $_POST['title'];
181	$post_info['excerpt'] = $_POST['excerpt'];
182	$post_info['user'] = isset($data) ? $data['user'] : $user;
183	$post_info['created'] = $publishDate;
184	$post_info['avatar'] = isset($data) ? $data['avatar'] : '';
185	$post_info['postId'] = $postId;
186
187	if ($prefs['feature_freetags'] == 'y' && isset($_POST['freetag_string'])) {
188		$tags = $freetaglib->dumb_parse_tags($_POST['freetag_string']);
189		$smarty->assign('tags', $tags);
190		$post_info['freetags'] = $tags;
191		$smarty->assign('taglist', $_POST["freetag_string"]);
192	}
193	$smarty->assign('post_info', $post_info);
194
195	$smarty->assign('preview', 'y');
196}
197
198if (isset($_POST['save']) && $prefs['feature_contribution'] == 'y' && $prefs['feature_contribution_mandatory_blog'] == 'y' && (empty($_POST['contributions']) || count($_POST['contributions']) <= 0)) {
199	$contribution_needed = true;
200	$smarty->assign('contribution_needed', 'y');
201} else {
202	$contribution_needed = false;
203}
204
205if (isset($_POST['save']) && ! $contribution_needed && $access->checkCsrf()) {
206	$imagegallib = TikiLib::lib('imagegal');
207	$smarty->assign('individual', 'n');
208
209	$edit_data = $imagegallib->capture_images($edit_data);
210	$edit_data = $tikilib->convertAbsoluteLinksToRelative($edit_data);
211
212	$title = isset($_POST['title']) ? $_POST['title'] : '';
213
214	if ($postId > 0) {
215		$bloglib->update_post($postId, $_POST["blogId"], $edit_data, $_POST['excerpt'], $data["user"], $title, isset($_POST['contributions']) ? $_POST['contributions'] : '', $blogpriv, $publishDate, $is_wysiwyg);
216	} else {
217		if ($blog_data['always_owner'] == 'y') {
218			$author = $blog_data['user'];
219		} else {
220			$author = $user;
221		}
222		$postId = $bloglib->blog_post($_POST["blogId"], $edit_data, $_POST['excerpt'], $author, $title, isset($_POST['contributions']) ? $_POST['contributions'] : '', $blogpriv, $publishDate, $is_wysiwyg);
223		$smarty->assign('postId', $postId);
224	}
225
226	if ($prefs['geo_locate_blogpost'] == 'y' && ! empty($_POST['geolocation'])) {
227		TikiLib::lib('geo')->set_coordinates('blog post', $postId, $_POST['geolocation']);
228	}
229
230	// TAG Stuff
231	$cat_type = 'blog post';
232	$cat_objid = $postId;
233	$cat_desc = TikiFilter::get('purifier')->filter(substr($edit_data, 0, 200));
234	$cat_name = $title;
235	$cat_href = "tiki-view_blog_post.php?postId=" . urlencode($postId);
236	$cat_lang = $_POST['lang'];
237	include_once("freetag_apply.php");
238	include_once("categorize.php");
239
240	require_once('tiki-sefurl.php');
241	$smarty->loadPlugin('smarty_modifier_sefurl');
242	$url = smarty_modifier_sefurl($postId, 'blogpost');
243	header("location: $url");
244	exit;
245}
246
247if ($contribution_needed) {
248	$smarty->assign('title', $_POST["title"]);
249	$smarty->assign('parsed_data', TikiLib::lib('parser')->parse_data($_POST['data'], ['is_html' => $is_wysiwyg]));
250	$smarty->assign('data', $_POST['data']);
251	if ($prefs['feature_freetags'] == 'y') {
252		$smarty->assign('taglist', $_POST["freetag_string"]);
253	}
254}
255
256$cat_type = 'blog post';
257$cat_objid = $postId;
258include_once("categorize_list.php");
259
260if ($prefs['geo_locate_blogpost'] == 'y') {
261	$smarty->assign('geolocation_string', TikiLib::lib('geo')->get_coordinates_string('blog post', $postId));
262}
263
264include_once('tiki-section_options.php');
265
266if ($prefs['feature_contribution'] == 'y') {
267	include_once('contribution.php');
268}
269
270// disallow robots to index page:
271$smarty->assign('metatag_robots', 'NOINDEX, NOFOLLOW');
272
273// Display the Index Template
274$smarty->assign('mid', 'tiki-blog_post.tpl');
275$smarty->display("tiki.tpl");
276