2003-05-22 08:12:53 -04:00
< ? php
$title = " Post / Edit " ;
/* <Edit> */
function add_magic_quotes ( $array ) {
2003-05-24 17:30:13 -04:00
foreach ( $array as $k => $v ) {
if ( is_array ( $v )) {
$array [ $k ] = add_magic_quotes ( $v );
} else {
$array [ $k ] = addslashes ( $v );
}
}
return $array ;
2003-05-22 08:12:53 -04:00
}
if ( ! get_magic_quotes_gpc ()) {
2003-05-24 17:30:13 -04:00
$HTTP_GET_VARS = add_magic_quotes ( $HTTP_GET_VARS );
$HTTP_POST_VARS = add_magic_quotes ( $HTTP_POST_VARS );
$HTTP_COOKIE_VARS = add_magic_quotes ( $HTTP_COOKIE_VARS );
2003-05-22 08:12:53 -04:00
}
$b2varstoreset = array ( 'action' , 'safe_mode' , 'withcomments' , 'c' , 'posts' , 'poststart' , 'postend' , 'content' , 'edited_post_title' , 'comment_error' , 'profile' , 'trackback_url' , 'excerpt' );
for ( $i = 0 ; $i < count ( $b2varstoreset ); $i += 1 ) {
2003-05-24 17:30:13 -04:00
$b2var = $b2varstoreset [ $i ];
if ( ! isset ( $$b2var )) {
if ( empty ( $HTTP_POST_VARS [ " $b2var " ])) {
if ( empty ( $HTTP_GET_VARS [ " $b2var " ])) {
$$b2var = '' ;
} else {
$$b2var = $HTTP_GET_VARS [ " $b2var " ];
}
} else {
$$b2var = $HTTP_POST_VARS [ " $b2var " ];
}
}
2003-05-22 08:12:53 -04:00
}
switch ( $action ) {
2003-05-24 17:30:13 -04:00
case 'post' :
$standalone = 1 ;
2003-06-01 10:49:30 -04:00
require_once ( 'b2header.php' );
2003-05-24 17:30:13 -04:00
$post_pingback = intval ( $HTTP_POST_VARS [ " post_pingback " ]);
$content = balanceTags ( $HTTP_POST_VARS [ " content " ]);
$content = format_to_post ( $content );
$excerpt = balanceTags ( $HTTP_POST_VARS [ " excerpt " ]);
$excerpt = format_to_post ( $excerpt );
$post_title = addslashes ( $HTTP_POST_VARS [ " post_title " ]);
$post_category = intval ( $HTTP_POST_VARS [ " post_category " ]);
2003-06-01 10:49:30 -04:00
$post_status = $HTTP_POST_VARS [ 'post_status' ];
$comment_status = $HTTP_POST_VARS [ 'comment_status' ];
$ping_status = $HTTP_POST_VARS [ 'ping_status' ];
$post_password = addslashes ( $HTTP_POST_VARS [ 'post_password' ]);
2003-05-24 17:30:13 -04:00
if ( $user_level == 0 )
die ( " Cheatin' uh ? " );
if (( $user_level > 4 ) && ( ! empty ( $HTTP_POST_VARS [ " edit_date " ]))) {
$aa = $HTTP_POST_VARS [ " aa " ];
$mm = $HTTP_POST_VARS [ " mm " ];
$jj = $HTTP_POST_VARS [ " jj " ];
$hh = $HTTP_POST_VARS [ " hh " ];
$mn = $HTTP_POST_VARS [ " mn " ];
$ss = $HTTP_POST_VARS [ " ss " ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$now = " $aa - $mm - $jj $hh : $mn : $ss " ;
} else {
$now = date ( " Y-m-d H:i:s " , ( time () + ( $time_difference * 3600 )));
}
2003-06-01 10:49:30 -04:00
$query = " INSERT INTO $tableposts (ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password) VALUES ('0',' $user_ID ',' $now ',' $content ',' $post_title ',' $post_category ',' $excerpt ', ' $post_status ', ' $comment_status ', ' $ping_status ', ' $post_password ') " ;
2003-06-01 07:52:47 -04:00
$result = $wpdb -> query ( $query );
2003-05-24 17:30:13 -04:00
2003-06-01 07:52:47 -04:00
$post_ID = $wpdb -> get_var ( " SELECT ID FROM $tableposts ORDER BY ID DESC LIMIT 1 " );
2003-05-24 17:30:13 -04:00
if ( isset ( $sleep_after_edit ) && $sleep_after_edit > 0 ) {
sleep ( $sleep_after_edit );
}
2003-06-06 19:21:45 -04:00
if ( $post_status == 'publish' ) {
pingWeblogs ( $blog_ID );
pingCafelog ( $cafelogID , $post_title , $post_ID );
pingBlogs ( $blog_ID );
if ( $post_pingback ) {
pingback ( $content , $post_ID );
}
2003-05-24 17:30:13 -04:00
2003-06-06 19:21:45 -04:00
if ( ! empty ( $HTTP_POST_VARS [ 'trackback_url' ])) {
$excerpt = ( strlen ( strip_tags ( $content )) > 255 ) ? substr ( strip_tags ( $content ), 0 , 252 ) . '...' : strip_tags ( $content );
$excerpt = stripslashes ( $excerpt );
$trackback_urls = explode ( ',' , $HTTP_POST_VARS [ 'trackback_url' ]);
foreach ( $trackback_urls as $tb_url ) {
$tb_url = trim ( $tb_url );
trackback ( $tb_url , stripslashes ( $post_title ), $excerpt , $post_ID );
}
2003-05-24 17:30:13 -04:00
}
2003-06-06 19:21:45 -04:00
} // end if publish
2003-05-24 17:30:13 -04:00
if ( ! empty ( $HTTP_POST_VARS [ " mode " ])) {
switch ( $HTTP_POST_VARS [ " mode " ]) {
case " bookmarklet " :
$location = " b2bookmarklet.php?a=b " ;
break ;
case " sidebar " :
$location = " b2sidebar.php?a=b " ;
break ;
default :
$location = " b2edit.php " ;
break ;
}
} else {
$location = " b2edit.php " ;
}
header ( " Location: $location " );
exit ();
break ;
case 'edit' :
$standalone = 0 ;
require_once ( 'b2header.php' );
2003-06-01 10:49:30 -04:00
2003-05-24 17:30:13 -04:00
$post = $HTTP_GET_VARS [ 'post' ];
if ( $user_level > 0 ) {
2003-06-01 10:49:30 -04:00
$postdata = get_postdata ( $post );
2003-05-24 17:30:13 -04:00
$authordata = get_userdata ( $postdata [ " Author_ID " ]);
2003-06-02 20:08:51 -04:00
if ( $user_level < $authordata -> user_level )
2003-05-24 17:30:13 -04:00
die ( 'You don’t have the right to edit <strong>' . $authordata [ 1 ] . '</strong>’s posts.' );
$content = $postdata [ 'Content' ];
$content = format_to_edit ( $content );
$excerpt = $postdata [ 'Excerpt' ];
$excerpt = format_to_edit ( $excerpt );
$edited_post_title = format_to_edit ( $postdata [ 'Title' ]);
2003-06-01 10:49:30 -04:00
$post_status = $postdata [ 'post_status' ];
$comment_status = $postdata [ 'comment_status' ];
$ping_status = $postdata [ 'ping_status' ];
$post_password = $postdata [ 'post_password' ];
2003-05-24 17:30:13 -04:00
include ( 'b2edit.form.php' );
} else {
?>
< p > Since you 're a newcomer, you' ll have to wait for an admin to raise your level to 1 ,
in order to be authorized to post .< br />
You can also < a href = " mailto:<?php echo $admin_email ?>?subject=b2-promotion " > e - mail the admin </ a >
to ask for a promotion .< br />
When you 're promoted, just reload this page and you' ll be able to blog . : )
</ p >
< ? php
}
break ;
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
case " editpost " :
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$standalone = 1 ;
require_once ( " ./b2header.php " );
if ( $user_level == 0 )
die ( " Cheatin' uh ? " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if ( ! isset ( $blog_ID )) {
$blog_ID = 1 ;
}
$post_ID = $HTTP_POST_VARS [ " post_ID " ];
$post_category = intval ( $HTTP_POST_VARS [ " post_category " ]);
$post_autobr = intval ( $HTTP_POST_VARS [ " post_autobr " ]);
$content = balanceTags ( $HTTP_POST_VARS [ " content " ]);
$content = format_to_post ( $content );
$excerpt = balanceTags ( $HTTP_POST_VARS [ " excerpt " ]);
$excerpt = format_to_post ( $excerpt );
$post_title = addslashes ( $HTTP_POST_VARS [ " post_title " ]);
2003-06-01 10:49:30 -04:00
$post_status = $HTTP_POST_VARS [ 'post_status' ];
2003-06-06 19:21:45 -04:00
$prev_status = $HTTP_POST_VARS [ 'prev_status' ];
2003-06-01 10:49:30 -04:00
$comment_status = $HTTP_POST_VARS [ 'comment_status' ];
$ping_status = $HTTP_POST_VARS [ 'ping_status' ];
$post_password = addslashes ( $HTTP_POST_VARS [ 'post_password' ]);
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if (( $user_level > 4 ) && ( ! empty ( $HTTP_POST_VARS [ " edit_date " ]))) {
$aa = $HTTP_POST_VARS [ " aa " ];
$mm = $HTTP_POST_VARS [ " mm " ];
$jj = $HTTP_POST_VARS [ " jj " ];
$hh = $HTTP_POST_VARS [ " hh " ];
$mn = $HTTP_POST_VARS [ " mn " ];
$ss = $HTTP_POST_VARS [ " ss " ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$datemodif = " , post_date= \" $aa - $mm - $jj $hh : $mn : $ss\ " " ;
} else {
2003-06-01 10:49:30 -04:00
$datemodif = '' ;
2003-05-24 17:30:13 -04:00
}
2003-05-22 08:12:53 -04:00
2003-06-01 10:49:30 -04:00
$query = " UPDATE $tableposts SET post_content=' $content ', post_excerpt=' $excerpt ', post_title=' $post_title ', post_category=' $post_category ' " . $datemodif . " , post_status=' $post_status ', comment_status=' $comment_status ', ping_status=' $ping_status ', post_password=' $post_password ' WHERE ID = $post_ID " ;
2003-06-01 07:52:47 -04:00
$result = $wpdb -> query ( $query );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if ( isset ( $sleep_after_edit ) && $sleep_after_edit > 0 ) {
sleep ( $sleep_after_edit );
}
2003-05-22 08:12:53 -04:00
2003-06-06 19:45:50 -04:00
// are we going from draft/private to publishd?
if ((( $prev_status == 'draft' ) || ( $prev_status == 'private' )) && ( $post_status == 'publish' )) {
2003-06-06 19:21:45 -04:00
pingWeblogs ( $blog_ID );
pingCafelog ( $cafelogID , $post_title , $post_ID );
pingBlogs ( $blog_ID );
if ( $post_pingback ) {
pingback ( $content , $post_ID );
}
if ( ! empty ( $HTTP_POST_VARS [ 'trackback_url' ])) {
$excerpt = ( strlen ( strip_tags ( $content )) > 255 ) ? substr ( strip_tags ( $content ), 0 , 252 ) . '...' : strip_tags ( $content );
$excerpt = stripslashes ( $excerpt );
$trackback_urls = explode ( ',' , $HTTP_POST_VARS [ 'trackback_url' ]);
foreach ( $trackback_urls as $tb_url ) {
$tb_url = trim ( $tb_url );
trackback ( $tb_url , stripslashes ( $post_title ), $excerpt , $post_ID );
}
}
} // end if publish
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$location = " Location: b2edit.php " ;
header ( $location );
break ;
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
case " delete " :
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$standalone = 1 ;
require_once ( " ./b2header.php " );
if ( $user_level == 0 )
die ( " Cheatin' uh ? " );
$post = $HTTP_GET_VARS [ 'post' ];
$postdata = get_postdata ( $post ) or die ( " Oops, no post with this ID. <a href= \" b2edit.php \" >Go back</a> ! " );
$authordata = get_userdata ( $postdata [ " Author_ID " ]);
2003-06-02 20:08:51 -04:00
if ( $user_level < $authordata -> user_level )
2003-05-24 17:30:13 -04:00
die ( " You don't have the right to delete <b> " . $authordata [ 1 ] . " </b>'s posts. " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$query = " DELETE FROM $tableposts WHERE ID= $post " ;
2003-06-01 07:52:47 -04:00
$result = $wpdb -> query ( $query );
2003-05-24 17:30:13 -04:00
if ( ! $result )
die ( " Error in deleting... contact the <a href= \" mailto: $admin_email\ " > webmaster </ a >... " );
2003-05-23 04:29:51 -04:00
2003-05-24 17:30:13 -04:00
$query = " DELETE FROM $tablecomments WHERE comment_post_ID= $post " ;
2003-06-01 07:52:47 -04:00
$result = $wpdb -> query ( $query );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if ( isset ( $sleep_after_edit ) && $sleep_after_edit > 0 ) {
sleep ( $sleep_after_edit );
}
2003-05-22 08:12:53 -04:00
2003-06-06 19:21:45 -04:00
//pingWeblogs($blog_ID);
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
header ( 'Location: b2edit.php' );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
break ;
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
case 'editcomment' :
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$standalone = 0 ;
require_once ( 'b2header.php' );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
get_currentuserinfo ();
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if ( $user_level == 0 ) {
die ( 'Cheatin’ uh?' );
}
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$comment = $HTTP_GET_VARS [ 'comment' ];
$commentdata = get_commentdata ( $comment , 1 ) or die ( 'Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!' );
$content = $commentdata [ 'comment_content' ];
$content = format_to_edit ( $content );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
include ( 'b2edit.form.php' );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
break ;
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
case " deletecomment " :
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$standalone = 1 ;
require_once ( " ./b2header.php " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if ( $user_level == 0 )
die ( " Cheatin' uh ? " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$comment = $HTTP_GET_VARS [ 'comment' ];
$p = $HTTP_GET_VARS [ 'p' ];
$commentdata = get_commentdata ( $comment ) or die ( " Oops, no comment with this ID. <a href= \" b2edit.php \" >Go back</a> ! " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$query = " DELETE FROM $tablecomments WHERE comment_ID= $comment " ;
2003-06-01 07:52:47 -04:00
$result = $wpdb -> query ( $query );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
header ( " Location: b2edit.php?p= $p &c=1#comments " ); //?a=dc");
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
break ;
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
case " editedcomment " :
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$standalone = 1 ;
require_once ( " ./b2header.php " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if ( $user_level == 0 )
die ( " Cheatin' uh ? " );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$comment_ID = $HTTP_POST_VARS [ 'comment_ID' ];
$comment_post_ID = $HTTP_POST_VARS [ 'comment_post_ID' ];
$newcomment_author = $HTTP_POST_VARS [ 'newcomment_author' ];
$newcomment_author_email = $HTTP_POST_VARS [ 'newcomment_author_email' ];
$newcomment_author_url = $HTTP_POST_VARS [ 'newcomment_author_url' ];
$newcomment_author = addslashes ( $newcomment_author );
$newcomment_author_email = addslashes ( $newcomment_author_email );
$newcomment_author_url = addslashes ( $newcomment_author_url );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
if (( $user_level > 4 ) && ( ! empty ( $HTTP_POST_VARS [ " edit_date " ]))) {
$aa = $HTTP_POST_VARS [ " aa " ];
$mm = $HTTP_POST_VARS [ " mm " ];
$jj = $HTTP_POST_VARS [ " jj " ];
$hh = $HTTP_POST_VARS [ " hh " ];
$mn = $HTTP_POST_VARS [ " mn " ];
$ss = $HTTP_POST_VARS [ " ss " ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$datemodif = " , comment_date= \" $aa - $mm - $jj $hh : $mn : $ss\ " " ;
} else {
$datemodif = " " ;
}
$content = balanceTags ( $content );
$content = format_to_post ( $content );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
$query = " UPDATE $tablecomments SET comment_content= \" $content\ " , comment_author = \ " $newcomment_author\ " , comment_author_email = \ " $newcomment_author_email\ " , comment_author_url = \ " $newcomment_author_url\ " " . $datemodif . " WHERE comment_ID = $comment_ID " ;
2003-06-01 07:52:47 -04:00
$result = $wpdb -> query ( $query );
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
header ( " Location: b2edit.php?p= $comment_post_ID &c=1#comments " ); //?a=ec");
break ;
default :
$standalone = 0 ;
require_once ( " ./b2header.php " );
if ( $user_level > 0 ) {
if (( ! $withcomments ) && ( ! $c )) {
2003-05-22 08:12:53 -04:00
2003-06-01 10:49:30 -04:00
$action = 'post' ;
get_currentuserinfo ();
$drafts = $wpdb -> get_results ( " SELECT ID, post_title FROM $tableposts WHERE post_status = 'draft' AND post_author = $user_ID " );
if ( $drafts ) {
?>
< div class = " wrap " >
< p >< strong > Your Drafts :</ strong >
< ? php
$i = 0 ;
foreach ( $drafts as $draft ) {
if ( 0 != $i ) echo ', ' ;
echo " <a href='b2edit.php?action=edit&post= $draft->ID ' title='Edit this draft'> $draft->post_title </a> " ;
++ $i ;
}
?> .</p>
</ div >
< ? php
}
2003-05-24 17:30:13 -04:00
include ( " b2edit.form.php " );
echo " <br /><br /> " ;
2003-05-22 08:12:53 -04:00
2003-05-24 17:30:13 -04:00
}
} else {
2003-06-01 10:49:30 -04:00
2003-05-24 17:30:13 -04:00
?>
2003-06-01 10:49:30 -04:00
< div class = " wrap " >
2003-05-24 17:30:13 -04:00
< p > Since you 're a newcomer, you' ll have to wait for an admin to raise your level to 1 , in order to be authorized to post .< br /> You can also < a href = " mailto:<?php echo $admin_email ?>?subject=b2-promotion " > e - mail the admin </ a > to ask for a promotion .< br /> When you 're promoted, just reload this page and you' ll be able to blog . : ) </ p >
2003-06-01 10:49:30 -04:00
</ div >
2003-05-24 17:30:13 -04:00
< ? php
2003-06-01 10:49:30 -04:00
2003-05-24 17:30:13 -04:00
}
include ( " b2edit.showposts.php " );
break ;
} // end switch
2003-05-22 08:12:53 -04:00
/* </Edit> */
include ( " b2footer.php " );
2003-05-24 17:30:13 -04:00
?>