1<?php
2# MantisBT - A PHP based bugtracking system
3
4# MantisBT is free software: you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by
6# the Free Software Foundation, either version 2 of the License, or
7# (at your option) any later version.
8#
9# MantisBT is distributed in the hope that it will be useful,
10# but WITHOUT ANY WARRANTY; without even the implied warranty of
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12# GNU General Public License for more details.
13#
14# You should have received a copy of the GNU General Public License
15# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * News Edit Page
19 * @package MantisBT
20 * @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
21 * @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net
22 * @link http://www.mantisbt.org
23 *
24 * @uses core.php
25 * @uses access_api.php
26 * @uses config_api.php
27 * @uses current_user_api.php
28 * @uses form_api.php
29 * @uses gpc_api.php
30 * @uses helper_api.php
31 * @uses html_api.php
32 * @uses lang_api.php
33 * @uses news_api.php
34 * @uses print_api.php
35 * @uses project_api.php
36 * @uses string_api.php
37 */
38
39require_once( 'core.php' );
40require_api( 'access_api.php' );
41require_api( 'config_api.php' );
42require_api( 'current_user_api.php' );
43require_api( 'form_api.php' );
44require_api( 'gpc_api.php' );
45require_api( 'helper_api.php' );
46require_api( 'html_api.php' );
47require_api( 'lang_api.php' );
48require_api( 'news_api.php' );
49require_api( 'print_api.php' );
50require_api( 'project_api.php' );
51require_api( 'string_api.php' );
52
53news_ensure_enabled();
54
55$f_news_id = gpc_get_int( 'news_id' );
56$f_action = gpc_get_string( 'action', '' );
57
58# If deleting item redirect to delete script
59if( 'delete' == $f_action ) {
60	form_security_validate( 'news_delete' );
61
62	$t_row = news_get_row( $f_news_id );
63
64	# This check is to allow deleting of news items that were left orphan due to bug #3723
65	if( project_exists( $t_row['project_id'] ) ) {
66		access_ensure_project_level( config_get( 'manage_news_threshold' ), $t_row['project_id'] );
67	}
68
69	helper_ensure_confirmed( lang_get( 'delete_news_sure_msg' ), lang_get( 'delete_news_item_button' ) );
70
71	news_delete( $f_news_id );
72
73	form_security_purge( 'news_delete' );
74
75	print_header_redirect( 'news_menu_page.php', true );
76}
77
78# Retrieve news item data and prefix with v_
79$t_row = news_get_row( $f_news_id );
80if( $t_row ) {
81	extract( $t_row, EXTR_PREFIX_ALL, 'v' );
82}
83
84access_ensure_project_level( config_get( 'manage_news_threshold' ), $v_project_id );
85
86$v_headline = string_attribute( $v_headline );
87$v_body 	= string_textarea( $v_body );
88
89layout_page_header( lang_get( 'edit_news_title' ) );
90
91layout_page_begin( 'main_page.php' );
92
93# Edit News Form BEGIN
94?>
95
96<div class="col-md-12 col-xs-12">
97<div class="space-10"></div>
98<div id="news-update-div" class="form-container">
99	<form id="news-update-form" method="post" action="news_update.php">
100		<div class="widget-box widget-color-blue2">
101			<div class="widget-header widget-header-small">
102				<h4 class="widget-title lighter">
103					<?php print_icon( 'fa-edit', 'ace-icon' ); ?>
104					<?php echo lang_get( 'edit_post' ) ?>
105				</h4>
106			</div>
107		<div class="widget-body">
108		<div class="widget-main no-padding">
109		<div class="table-responsive">
110		<table class="table table-bordered table-condensed table-striped">
111		<fieldset>
112			<?php echo form_security_field( 'news_update' ); ?>
113			<input type="hidden" name="news_id" value="<?php echo $v_id ?>" />
114			<tr>
115				<td class="category">
116					<span class="required">*</span> <?php echo lang_get( 'headline' ) ?>
117				</td>
118				<td>
119					<input type="text" id="news-update-headline" name="headline" class="input-sm" size="64" maxlength="64" value="<?php echo $v_headline ?>" required />
120				</td>
121			</tr>
122			<tr>
123				<td class="category">
124					<span class="required">*</span> <?php echo lang_get( 'body' ) ?>
125				</td>
126				<td>
127					<?php # Newline after opening textarea tag is intentional, see #25839 ?>
128					<textarea class="form-control" id="news-update-body" name="body" cols="60" rows="10" required>
129<?php echo $v_body ?>
130</textarea>
131				</td>
132			</tr>
133			<tr>
134				<td class="category">
135					<?php echo lang_get( 'post_to' ) ?>
136				</td>
137				<td>
138					<select name="project_id" class="input-sm"><?php
139						$t_sitewide = false;
140						if( current_user_is_administrator() ) {
141							$t_sitewide = true;
142						}
143						print_project_option_list( $v_project_id, $t_sitewide ); ?>
144					</select>
145				</td>
146			</tr>
147			<tr>
148				<td class="category">
149					<?php echo lang_get( 'announcement' ) ?> <span class="help-text"><?php echo lang_get( 'stays_on_top' ) ?></span>
150				</td>
151				<td>
152					<label>
153						<input type="checkbox" class="ace" id="news-update-announcement" name="announcement" <?php check_checked( (int)$v_announcement, 1 ); ?> />
154						<span class="lbl"></span>
155					</label>
156				</td>
157			</tr>
158			<tr>
159				<td class="category">
160					<?php echo lang_get( 'view_status' ) ?>
161				</td>
162				<td>
163					<select name="view_state" class="input-sm">
164						<?php print_enum_string_option_list( 'view_state', $v_view_state ) ?>
165					</select>
166				</td>
167			</tr>
168		</fieldset>
169		</table>
170		</div>
171		</div>
172			<div class="widget-toolbox padding-8 clearfix">
173				<span class="required pull-right"> * <?php echo lang_get( 'required' ); ?></span>
174				<input type="submit" class="btn btn-primary btn-white btn-round" value="<?php echo lang_get( 'update_news_button' ) ?>" />
175			</div>
176		</div>
177		</div>
178	</form>
179</div>
180</div>
181<?php
182# Edit News Form END
183
184layout_page_end();
185