lib.contribute.document.php @ 2940

Revision 2940, 18.9 KB checked in by Moe, 13 years ago (diff)

Contribute 1.0-alpha31:

added IP address in notification email (closes #646)
switched to Dotclear 2.2 settings (closes #636)
switched to PHP 5.3 arguments (closes #636)

Line
1	<?php
2	# *** BEGIN LICENSE BLOCK ***
3	#
4	# This file is part of Contribute, a plugin for Dotclear 2
5	# Copyright (C) 2008,2009,2010 Moe (http://gniark.net/)
6	#
7	# Contribute is free software; you can redistribute it and/or
8	# modify it under the terms of the GNU General Public License v2.0
9	# as published by the Free Software Foundation.
10	#
11	# Contribute is distributed in the hope that it will be useful,
12	# but WITHOUT ANY WARRANTY; without even the implied warranty of
13	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	# GNU General Public License for more details.
15	#
16	# You should have received a copy of the GNU General Public License
17	# along with this program; if not, see <http://www.gnu.org/licenses/>.
18	#
19	# Icon (icon.png) is from Silk Icons :
20	# <http://www.famfamfam.com/lab/icons/silk/>
21	#
22	# *** END LICENSE BLOCK ***
23
24	if (!defined('DC_RC_PATH')) {return;}
25
26	/**
27	@ingroup Contribute
28	@brief Document
29	*/
30	class contributeDocument extends dcUrlHandlers
31	{
32	/**
33	serve the document
34	@param args <b>string</b> Argument
35	*/
36	public static function page($args)
37	{
38	# from /dotclear/inc/public/lib.urlhandlers.php
39	# Spam trap
40	if (!empty($_POST['f_mail']))
41	{
42	http::head(412,'Precondition Failed');
43	header('Content-Type: text/plain');
44	echo "So Long, and Thanks For All the Fish";
45	exit;
46	}
47	# /from /dotclear/inc/public/lib.urlhandlers.php
48
49	global $core;
50
51	$core->blog->settings->addNamespace('contribute');
52	$settings =& $core->blog->settings->contribute;
53
54	if (!$settings->contribute_active)
55	{
56	self::p404();
57	return;
58	}
59
60	$_ctx =& $GLOBALS['_ctx'];
61
62	$_ctx->contribute = new ArrayObject();
63	$_ctx->contribute->help = @base64_decode($settings->contribute_help);
64	$_ctx->contribute->message = '';
65	$_ctx->contribute->preview = false;
66	$_ctx->contribute->form = true;
67	$_ctx->contribute->choose_format = false;
68	# selected tags
69	$_ctx->contribute->selected_tags = array();
70
71	# Compatibility test
72	if (version_compare(DC_VERSION,'2.2-alpha1','>='))
73	{
74	$meta =& $core->meta;
75	} else {
76	# Metadata
77	if ($core->plugins->moduleExists('metadata'))
78	{
79	$meta = new dcMeta($core);
80	}
81	else
82	{
83	$meta = false;
84	}
85	}
86
87	# My Meta
88	if ($core->plugins->moduleExists('mymeta')
89	&& ($settings->contribute_allow_mymeta))
90	{
91	$mymeta_values = array();
92
93	$_ctx->contribute->mymeta = new myMeta($core);
94
95	if ($_ctx->contribute->mymeta->hasMeta())
96	{
97	$mymeta_values = @unserialize(@base64_decode(
98	$settings->contribute_mymeta_values));
99
100	if (!is_array($mymeta_values)) {$mymeta_values = array();}
101
102	$mymeta = array();
103	$mymeta_sections = array();
104
105	if (version_compare(DC_VERSION,'2.2-alpha1','>='))
106	{
107	foreach ($_ctx->contribute->mymeta->getAll() as $meta_tmp)
108	{
109	# ignore sections
110	if ($meta_tmp instanceof myMetaSection)
111	{
112	$mymeta[] = $meta_tmp->id;
113	$mymeta_sections[] = $meta_tmp->id;
114	}
115	elseif (((bool) $meta_tmp->enabled)
116	&& in_array($meta_tmp->id,$mymeta_values))
117	{
118	$mymeta[] = $meta_tmp->id;
119	}
120	}
121
122	unset($meta_tmp,$mymeta_values);
123	}
124	else
125	{
126	foreach ($_ctx->contribute->mymeta->getAll() as $k => $v)
127	{
128	if (((bool) $v->enabled) && in_array($k,$mymeta_values))
129	{
130	$mymeta[] = $k;
131	}
132	}
133
134	unset($mymeta_values);
135	}
136	}
137	else
138	{
139	$_ctx->contribute->mymeta = false;
140	}
141	}
142	else
143	{
144	$_ctx->contribute->mymeta = false;
145	}
146	# /My Meta
147
148	# name, mail and site of the contributor
149
150	$name = '';
151	$mail = '';
152	$site = '';
153
154	$_ctx->comment_preview = new ArrayObject();
155	$_ctx->comment_preview['name'] = '';
156	$_ctx->comment_preview['mail'] = '';
157	$_ctx->comment_preview['site'] = '';
158
159
160	# inspired by contactMe/_public.php
161	if ($args == 'sent')
162	{
163	$_ctx->contribute->message = 'sent';
164	$_ctx->contribute->preview = false;
165	$_ctx->contribute->form = false;
166	# avoid error with <tpl:ContributeIf format="xhtml">
167	$_ctx->posts = new ArrayObject();
168	$_ctx->posts->post_format = '';
169	}
170	else
171	{
172	try
173	{
174	# default post
175	$default_post = $settings->contribute_default_post;
176	if (is_int($default_post) && ($default_post > 0))
177	{
178	# get default post
179	$_ctx->posts = $core->auth->sudo(array($core->blog,'getPosts'),
180	array('post_id' => $default_post));
181
182	if ($_ctx->posts->isEmpty())
183	{
184	throw new Exception(__('No default post.'));
185	}
186
187	# modify $_ctx->posts for preview
188	$post =& $_ctx->posts;
189
190	# tags
191	# remove selected tags
192	$post_meta = unserialize($_ctx->posts->post_meta);
193
194	if (isset($post_meta['tag']) && !empty($post_meta['tag']))
195	{
196	foreach ($post_meta['tag'] as $k => $tag)
197	{
198	$_ctx->contribute->selected_tags[] = $tag;
199	}
200	}
201
202	# My Meta
203	$post->mymeta = array();
204
205	if ($_ctx->contribute->mymeta !== false)
206	{
207	foreach ($mymeta as $k => $v)
208	{
209	$post->mymeta[$v] = $meta->getMetaStr($post->post_meta,$v);
210	}
211	}
212	# /My Meta
213	}
214	# empty post
215	else
216	{
217	# create empty fields from default columns
218	$record = array();
219	$empty_post = $core->auth->sudo(array($core->blog,'getPosts'),
220	array('post_id' => -1));
221
222	$record[0] = array();
223
224	foreach ($empty_post->columns() as $k => $v)
225	{
226	$record[0][$v] = '';
227	}
228	$_ctx->posts = staticRecord::newFromArray($record);
229
230	unset($empty_post,$record);
231
232	$_ctx->posts->core = $core;
233	$_ctx->posts->extend('rsExtPost');
234
235	# --BEHAVIOR-- coreBlogGetPosts
236	$core->callBehavior('coreBlogGetPosts',$_ctx->posts);
237
238	# modify $_ctx->posts for preview
239	$post =& $_ctx->posts;
240
241	# My Meta
242	$post->mymeta = array();
243	# /My Meta
244
245	# formats
246	# default format setting
247	$post->post_format = $settings->contribute_format;
248
249	# contributor can choose the post format,
250	# it overrides the default format
251	if ($settings->contribute_format == '')
252
253	{
254	$_ctx->contribute->choose_format = true;
255
256	if ((isset($_POST['post_format']))
257	&& in_array($_POST['post_format'],$core->getFormaters()))
258	{
259	$post->post_format = $_POST['post_format'];
260	}
261	}
262	}
263
264	unset($default_post);
265
266	# formats
267	$formaters_combo = array();
268	# Formaters combo
269	foreach ($core->getFormaters() as $v)
270	{
271	$formaters_combo[] = array('format' => $v);
272	}
273	$_ctx->contribute->formaters =
274	staticRecord::newFromArray($formaters_combo);
275
276	unset($formaters_combo);
277
278	# current date
279	$post->post_dt = dt::str('%Y-%m-%d %T',null,
280	$settings->blog_timezone);
281	# remove URL
282	$post->post_url = '';
283
284	if (isset($_POST['post_title']))
285	{
286	$post->post_title = $_POST['post_title'];
287	}
288
289	# excerpt
290	if (($settings->contribute_allow_excerpt)
291	&& (isset($_POST['post_excerpt'])))
292	{
293	$post->post_excerpt = $_POST['post_excerpt'];
294	}
295	# content
296	if (isset($_POST['post_content']))
297	{
298	$post->post_content = $_POST['post_content'];
299	}
300
301	# avoid Notice: Indirect modification of overloaded property
302	# record::$post_excerpt has no effect in [this file]
303	# on line [...]
304
305	# filter to remove JavaScript
306	$post_excerpt = contribute::HTMLfilter($post->post_excerpt);
307	$post_excerpt_xhtml = contribute::HTMLfilter($post->post_excerpt_xhtml);
308	$post_content = contribute::HTMLfilter($post->post_content);
309	$post_content_xhtml = contribute::HTMLfilter($post->post_content_xhtml);
310
311	$core->blog->setPostContent(
312	'',$post->post_format,$settings->lang,
313	$post_excerpt,$post_excerpt_xhtml,
314	$post_content,$post_content_xhtml
315	);
316
317	$post->post_excerpt = $post_excerpt;
318	$post->post_excerpt_xhtml = $post_excerpt_xhtml;
319	$post->post_content = $post_content;
320	$post->post_content_xhtml = $post_content_xhtml;
321
322	unset($post_excerpt,$post_excerpt_xhtml,$post_content,
323	$post_content_xhtml);
324
325	if ($_ctx->contribute->choose_format
326	&& (isset($_POST['convert-xhtml']))
327	&& ($post->post_format != 'xhtml'))
328	{
329	$post->post_excerpt = $post->post_excerpt_xhtml;
330	$post->post_content = $post->post_content_xhtml;
331	$post->post_format = 'xhtml';
332	}
333
334	$_ctx->formaters = new ArrayObject;
335	$_ctx->formaters->format = $post->post_format;
336
337	# category
338	if (($settings->contribute_allow_category)
339	&& (isset($_POST['cat_id'])))
340	{
341	if (empty($_POST['cat_id']))
342	{
343	$post->cat_id = '';
344	$post->cat_title = '';
345	$post->cat_url = '';
346	}
347	# check category
348	elseif (($_POST['cat_id'] != '')
349	&& (!preg_match('/^[0-9]+$/',$_POST['cat_id'])))
350	{
351	throw new Exception(__('Invalid cat_id'));
352	}
353	else
354	{
355	$cat = $core->blog->getCategories(array(
356	'start' => $_POST['cat_id'],
357	'level' => 1,
358	'cat_id' => $_POST['cat_id']
359	));
360
361	while ($cat->fetch())
362	{
363	# set category
364	$post->cat_id = $cat->cat_id;
365	$post->cat_title = $cat->cat_title;
366	$post->cat_url = $cat->cat_url;
367	break;
368	}
369
370	unset($cat);
371	}
372	}
373	else
374	# no category
375	{
376	$post->cat_id = '';
377	$post->cat_title = '';
378	$post->cat_url = '';
379	}
380	# /category
381
382	if ($meta !== false)
383	{
384	# tags
385	if (($settings->contribute_allow_tags)
386	&& (isset($_POST['post_tags'])))
387	{
388	$post_meta = unserialize($_ctx->posts->post_meta);
389
390	# remove post tags
391	unset($post_meta['tag']);
392
393	# get all the existing tags
394	$available_tags = contribute::getTags();
395
396	# set post tags
397	# from /dotclear/plugins/metadata/_admin.php
398	foreach ($meta->splitMetaValues($_POST['post_tags'])
399	as $k => $tag)
400	{
401	# /from /dotclear/plugins/metadata/_admin.php
402	$tag = dcMeta::sanitizeMetaID($tag);
403
404	if ($settings->contribute_allow_new_tags)
405	{
406	$post_meta['tag'][] = $tag;
407	$_ctx->contribute->selected_tags[] = $tag;
408	}
409	else
410	{
411	# check that this tag already exists
412	if (in_array($tag,$available_tags))
413	{
414	$post_meta['tag'][] = $tag;
415	$_ctx->contribute->selected_tags[] = $tag;
416	}
417	}
418	}
419
420	unset($available_tags);
421
422	$_ctx->posts->post_meta = serialize($post_meta);
423	unset($post_meta);
424
425	}
426
427	# My Meta
428	if ($_ctx->contribute->mymeta !== false)
429	{
430	foreach ($mymeta as $k => $v)
431	{
432	# ignore sections
433	if (array_key_exists($k,$mymeta_sections)) {continue;}
434	$post->mymeta[$v] = (isset($_POST['mymeta_'.$v])
435	? $_POST['mymeta_'.$v] : '');
436	}
437	}
438	# /My Meta
439	}
440
441	# notes
442	if (($settings->contribute_allow_notes)
443	&& (isset($_POST['post_notes'])))
444	{
445	$post->post_notes = contribute::HTMLfilter($_POST['post_notes']);
446	}
447
448	# author
449	if (($meta !== false)
450	&& ($settings->contribute_allow_author))
451	{
452	$post_meta = unserialize($_ctx->posts->post_meta);
453
454	if (isset($_POST['c_name']) && (!empty($_POST['c_name'])))
455	{
456	$name = $_POST['c_name'];
457	$post_meta['contribute_author'][] = $name;
458	$_ctx->comment_preview['name'] = $name;
459	}
460	if (isset($_POST['c_mail']) && (!empty($_POST['c_mail'])))
461	{
462	$mail = $_POST['c_mail'];
463	$post_meta['contribute_mail'][] = $mail;
464	$_ctx->comment_preview['mail'] = $mail;
465	}
466	# inspired by dcBlog > getCommentCursor()
467	if (isset($_POST['c_site']) && (!empty($_POST['c_site'])))
468	{
469	$site = $_POST['c_site'];
470
471	if (!preg_match('\|^http(s?)://\|',$site))
472	{
473	$site = 'http://'.$site;
474	}
475	# /inspired by dcBlog > getCommentCursor()
476
477	$post_meta['contribute_site'][] = $site;
478	$_ctx->comment_preview['site'] = $site;
479	}
480
481	$_ctx->posts->post_meta = serialize($post_meta);
482	unset($post_meta);
483	}
484
485	# check some inputs
486	if ((isset($_POST['preview'])) \|\| (isset($_POST['add'])))
487	{
488	# these fields can't be empty
489	if (isset($_POST['post_content']) && empty($post->post_content))
490	{
491	throw new Exception(__('No entry content'));
492	} elseif (isset($_POST['post_title']) && empty($post->post_title))
493	{
494	throw new Exception(__('No entry title'));
495	}
496
497	# if name and email address are required
498	if (($settings->contribute_allow_author)
499	&& ($settings->contribute_require_name_email))
500	{
501	if (empty($name))
502	{
503	$_ctx->contribute->preview = false;
504	$_ctx->contribute->message = '';
505	throw new Exception(__('You must provide an author name'));
506	} elseif (!text::isEmail($mail))
507	{
508	$_ctx->contribute->preview = false;
509	$_ctx->contribute->message = '';
510	throw new Exception(
511	__('You must provide a valid email address.'));
512	}
513	}
514	}
515
516	if (isset($_POST['preview']))
517	{
518	$_ctx->contribute->preview = true;
519	$_ctx->contribute->message = 'preview';
520	}
521
522	if (isset($_POST) && empty($_POST))
523	{
524	$_ctx->contribute->preview = false;
525	$_ctx->contribute->message = '';
526	}
527
528	if (isset($_POST['add']))
529	{
530	# log in as the user
531	# usage OR contentadmin permission is needed
532	$core->auth->checkUser($settings->contribute_user);
533
534	if (!$core->auth->check('usage,contentadmin',$core->blog->id))
535	{
536	throw new Exception(
537	__('The user is not allowed to create an entry'));
538	}
539
540	$post_status = 0;
541
542	# antispam
543	if ($settings->contribute_enable_antispam
544	&& $core->plugins->moduleExists('antispam'))
545	{
546	$cur = $core->con->openCursor($core->prefix.'comment');
547
548	$cur->comment_trackback = 0;
549	$cur->comment_author = $name;
550	$cur->comment_email = $mail;
551	$cur->comment_site = $site;
552	$cur->comment_ip = http::realIP();
553	$cur->comment_content = $post->post_excerpt."\n".
554	$post->post_content;
555	$cur->post_id = $core->con->select(
556	'SELECT MAX(post_id) '.
557	'FROM '.$core->prefix.'post ')->f(0) + 1;
558	$cur->comment_status = 0;
559
560	$is_spam = contributeAntispam::isSpam($cur);
561
562	if ($is_spam === true)
563	{
564	$post_status = -2;
565
566	# if the auto deletion is enable, don't save the post and exit
567	# empty() doesn't work with $cur->comment_content
568	$comment_content = $cur->comment_content;
569	if (empty($comment_content))
570	{
571	http::redirect($core->blog->url.
572	$core->url->getBase('contribute').'/sent');
573	}
574	unset($comment_content,$cur);
575	}
576	}
577	# /antispam
578
579	$cur = $core->con->openCursor($core->prefix.'post');
580
581	$cur->user_id = $core->auth->userID();
582	$cur->cat_id = ((empty($post->cat_id)) ? NULL : $post->cat_id);
583	$cur->post_dt = $post->post_dt;
584	$cur->post_status = $post_status;
585	$cur->post_title = $post->post_title;
586	$cur->post_format = $post->post_format;
587	$cur->post_excerpt = $post->post_excerpt;
588	$cur->post_content = $post->post_content;
589	$cur->post_notes = $post->post_notes;
590	$cur->post_lang = $core->auth->getInfo('user_lang');
591	$cur->post_open_comment = (integer) $settings->allow_comments;
592	$cur->post_open_tb = (integer) $settings->allow_trackbacks;
593
594	unset($post_status);
595
596	# --BEHAVIOR-- publicBeforePostCreate
597	$core->callBehavior('publicBeforePostCreate',$cur);
598
599	$post_id = $core->blog->addPost($cur);
600
601	# l10n from $core->blog->addPost();
602	__('You are not allowed to create an entry');
603
604	# --BEHAVIOR-- publicAfterPostCreate
605	$core->callBehavior('publicAfterPostCreate',$cur,$post_id);
606
607	if ($meta !== false)
608	{
609	# inspired by planet/insert_feeds.php
610	if (!empty($name))
611	{
612	$meta->setPostMeta($post_id,'contribute_author',$name);
613	}
614	if (!empty($mail))
615	{
616	$meta->setPostMeta($post_id,'contribute_mail',$mail);
617	}
618	if (!empty($site))
619	{
620	$meta->setPostMeta($post_id,'contribute_site',$site);
621	}
622
623	# tags
624	$post_meta = unserialize($_ctx->posts->post_meta);
625	if (($settings->contribute_allow_tags)
626	&& (isset($post_meta['tag']))
627	&& (is_array($post_meta['tag'])))
628	{
629	foreach ($post_meta['tag'] as $k => $tag)
630	{
631	# from /dotclear/plugins/metadata/_admin.php
632	$meta->setPostMeta($post_id,'tag',$tag);
633	}
634
635	unset($post_meta);
636	}
637	# /tags
638
639	# My Meta
640	if ($_ctx->contribute->mymeta !== false)
641	{
642	foreach ($post->mymeta as $k => $v)
643	{
644	$meta->setPostMeta($post_id,$k,$v);
645	}
646	}
647	# /My Meta
648	}
649
650	# send email notification
651	if ($settings->contribute_email_notification)
652	{
653	$headers = array(
654	'From: '.'dotclear@'.$_SERVER['HTTP_HOST'],
655	'MIME-Version: 1.0',
656	'Content-Type: text/plain; charset=UTF-8;',
657	'X-Mailer: Dotclear'
658	);
659
660	$subject = sprintf(__('New post submitted on %s'),
661	$core->blog->name);
662
663	$content = sprintf(__('Title: %s'),$post->post_title);
664	$content .= "\n\n";
665
666	if (!empty($name))
667	{
668	$content .= sprintf(__('Author: %s'),$name);
669	$content .= "\n\n";
670	}
671
672	if (!empty($mail))
673	{
674	$headers[] = 'Reply-To: '.$mail;
675
676	$content .= sprintf(__('Email address: %s'),$mail);
677	$content .= "\n\n";
678	}
679
680	# IP address
681	$content .= sprintf(__('IP Address: %s'),http::realIP());
682	$content .= "\n\n";
683
684	$params = array();
685	$params['post_id'] = $post_id;
686
687	$post = $core->blog->getPosts($params);
688
689	$content .= sprintf(__('URL: %s'),$post->getURL());
690	unset($post);
691	$content .= "\n\n";
692
693	$content .= sprintf(__('Edit this entry: %s'),DC_ADMIN_URL.
694	((substr(DC_ADMIN_URL,-1) == '/') ? '' : '/').
695	'post.php?id='.$post_id.'&switchblog='.$core->blog->id);
696	$content .= "\n\n".
697	__('You must log in on the backend before clicking on this link to go directly to the post.');
698
699	foreach(explode(',',
700	$settings->contribute_email_notification)
701	as $to)
702	{
703	$to = trim($to);
704	if (text::isEmail($to))
705	{
706	# don't display errors
707	try {
708	# from /dotclear/admin/auth.php : mail::B64Header($subject)
709	mail::sendMail($to,mail::B64Header($subject),
710	wordwrap($content,70),$headers);
711	} catch (Exception $e) {}
712	}
713	}
714	}
715	# /send email notification
716
717	http::redirect($core->blog->url.
718	$core->url->getBase('contribute').'/sent');
719	}
720	}
721	catch (Exception $e)
722	{
723	$_ctx->form_error = $e->getMessage();
724	}
725	}
726
727	$core->tpl->setPath($core->tpl->getPath(),
728	dirname(__FILE__).'/../default-templates/');
729
730	self::serveDocument('contribute.html','text/html');
731	}
732	}
733
734	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: plugins/contribute/inc/lib.contribute.document.php @ 2940

Download in other formats:

Sites map