| [ Index ] |
PHP Cross Reference of e107 v1 |
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 + ----------------------------------------------------------------------------+ 4 | e107 website system 5 | 6 | Steve Dunstan 2001-2002 7 | Copyright (C) 2008-2010 e107 Inc (e107.org) 8 | 9 | 10 | Released under the terms and conditions of the 11 | GNU General Public License (http://gnu.org). 12 | 13 | $URL: https://e107.svn.sourceforge.net/svnroot/e107/trunk/e107_0.7/submitnews.php $ 14 | $Revision: 12027 $ 15 | $Id: submitnews.php 12027 2011-01-05 09:38:55Z e107coders $ 16 | $Author: e107coders $ 17 +----------------------------------------------------------------------------+ 18 */ 19 20 // Experimental e-token 21 if(!empty($_POST) && !isset($_POST['e-token'])) 22 { 23 // set e-token so it can be processed by class2 24 $_POST['e-token'] = ''; 25 } 26 27 require_once ("class2.php"); 28 $e_wysiwyg = varsettrue($pref['subnews_htmlarea']) ? "submitnews_item" : ""; 29 require_once(HEADERF); 30 31 if (!isset($pref['subnews_class'])) 32 { 33 $pref['subnews_class'] = e_UC_MEMBER; 34 } 35 36 if (!check_class($pref['subnews_class'])) 37 { 38 $ns->tablerender(NWSLAN_12, NWSLAN_11); 39 require_once(FOOTERF); 40 exit; 41 } 42 43 44 $newsCat = array(); 45 if($sql->db_Select('news_category')) 46 { 47 while($row = $sql->db_Fetch()) 48 { 49 $newsCat[$row['category_id']] = $row['category_name']; 50 } 51 } 52 53 54 if (isset($_POST['submitnews_submit']) && $_POST['submitnews_title'] && $_POST['submitnews_item']) 55 { 56 $ip = $e107->getip(); 57 $fp = new floodprotect; 58 if ($fp->flood("submitnews", "submitnews_datestamp") == FALSE) 59 { 60 header("location:".e_BASE."index.php"); 61 exit; 62 } 63 64 $submitnews_user = (USER ? USERNAME : trim($tp->toDB($_POST['submitnews_name']))); 65 $submitnews_email = (USER ? USEREMAIL : trim(check_email($tp->toDB($_POST['submitnews_email'])))); 66 $submitnews_title = $tp->toDB($_POST['submitnews_title']); 67 $submitnews_item = $tp->toDB($_POST['submitnews_item']); 68 $submitnews_item = str_replace("src="e107_images", "src="".SITEURL."e107_images", $submitnews_item); 69 $submitnews_file = ""; 70 $submitnews_error = FALSE; 71 if (!$submitnews_user || !$submitnews_email) 72 { 73 $message = SUBNEWSLAN_7; 74 $submitnews_error = TRUE; 75 } 76 77 // ==== Process File Upload ==== 78 if (FILE_UPLOADS && $_FILES['file_userfile'] && varsettrue($pref['subnews_attach']) && varsettrue($pref['upload_enabled']) && check_class($pref['upload_class'])) 79 { 80 require_once(e_HANDLER.'upload_handler.php'); 81 $uploaded = process_uploaded_files(e_IMAGE . 'newspost_images/', FALSE, array('file_mask' => 'jpg,gif,png', 'max_file_count' => 1)); 82 83 /* 84 if ($filename && $fileext != "jpg" && $fileext != "gif" && $fileext != "png") 85 { 86 $message = SUBNEWSLAN_3; 87 $submitnews_error = TRUE; 88 } 89 90 if (!$pref['upload_maxfilesize']) 91 { 92 $pref['upload_maxfilesize'] = ini_get('upload_max_filesize') * 1048576; 93 } 94 95 if ($filesize > $pref['upload_maxfilesize']) 96 { 97 $message = SUBNEWSLAN_4; 98 $submitnews_error = TRUE; 99 } 100 */ 101 if (($uploaded === FALSE) || !is_array($uploaded)) 102 { // Non-specific error 103 $submitnews_error = TRUE; 104 $message = SUBNEWSLAN_8; 105 } 106 elseif (varset($uploaded[0]['error'],0) != 0) 107 { 108 $submitnews_error = TRUE; 109 $message = handle_upload_messages($uploaded); 110 } 111 else 112 { 113 if (isset($uploaded[0]['name']) && isset($uploaded[0]['type']) && isset($uploaded[0]['size'])) 114 { 115 $filename = $uploaded[0]['name']; 116 $filetype = $uploaded[0]['type']; 117 $filesize = $uploaded[0]['size']; 118 $fileext = substr(strrchr($filename, "."), 1); 119 $today = getdate(); 120 $submitnews_file = USERID."_".$today[0]."_".str_replace(" ", "_", substr($submitnews_title, 0, 6)).".".$fileext; 121 if (is_numeric($pref['subnews_resize']) && ($pref['subnews_resize'] > 30) && ($pref['subnews_resize'] < 5000)) 122 { 123 require_once(e_HANDLER.'resize_handler.php'); 124 125 if (!resize_image(e_IMAGE.'newspost_images/'.$filename, e_IMAGE.'newspost_images/'.$submitnews_file, $pref['subnews_resize'])) 126 { 127 rename(e_IMAGE.'newspost_images/'.$filename, e_IMAGE.'newspost_images/'.$submitnews_file); 128 } 129 } 130 elseif ($filename) 131 { 132 rename(e_IMAGE.'newspost_images/'.$filename, e_IMAGE.'newspost_images/'.$submitnews_file); 133 } 134 } 135 } 136 137 if ($filename && !file_exists(e_IMAGE."newspost_images/".$submitnews_file)) 138 { 139 $submitnews_file = ""; 140 } 141 } 142 143 if ($submitnews_error === FALSE) 144 { 145 $id = $sql->db_Insert("submitnews", "0, '$submitnews_user', '$submitnews_email', '$submitnews_title', '".intval($_POST['cat_id'])."', '$submitnews_item', '".time()."', '$ip', '0', '$submitnews_file' "); 146 $edata_sn = array("user" => $submitnews_user, "email" => $submitnews_email,"itemid"=>$id, "itemtitle" => $submitnews_title, "catid" => intval($_POST['cat_id']),"catname" => $newsCat[$_POST['cat_id']], "item" => $submitnews_item, "image" => $submitnews_file, "ip" => $ip); 147 $e_event->trigger("subnews", $edata_sn); 148 $ns->tablerender(LAN_133, "<div class='submitnews-submitted' style='text-align:center'>".LAN_134."</div>"); 149 require_once(FOOTERF); 150 exit; 151 } 152 else 153 { 154 require_once(e_HANDLER."message_handler.php"); 155 message_handler("P_ALERT", $message); 156 } 157 } 158 159 if (!defined("USER_WIDTH")) { define("USER_WIDTH","width:95%"); } 160 161 $text = " 162 <div style='text-align:center'> 163 <form id='dataform' method='post' action='".e_SELF."' enctype='multipart/form-data' onsubmit='return frmVerify()'> 164 <table style='".USER_WIDTH."' class='fborder'>"; 165 166 if (!empty($pref['news_subheader'])) 167 { 168 $text .= " 169 <tr> 170 <td colspan='2' class='forumheader3'>".$tp->toHTML($pref['news_subheader'], TRUE, "TITLE")."<br /></td> 171 </tr>"; 172 } 173 174 if (!USER) 175 { 176 $text .= " 177 <tr> 178 <td style='width:20%' class='forumheader3'>".LAN_7."</td> 179 <td style='width:80%' class='forumheader3'> 180 <input class='tbox' type='text' name='submitnews_name' size='60' value='".$tp->toHTML($submitnews_user,FALSE,'USER_TITLE')."' maxlength='100' /> 181 </td> 182 </tr> 183 <tr> 184 <td style='width:20%' class='forumheader3'>".LAN_112."</td> 185 <td style='width:80%' class='forumheader3'> 186 <input class='tbox' type='text' name='submitnews_email' size='60' value='".$tp->toHTML($submitnews_email, FALSE, 'LINKTEXT')."' maxlength='100' /> 187 </td> 188 </tr>"; 189 } 190 191 $text .= " 192 <tr> 193 <td style='width:20%' class='forumheader3'>".NWSLAN_6.": </td> 194 <td style='width:80%' class='forumheader3'>"; 195 196 if (!count($newsCat)) 197 { 198 $text .= NWSLAN_10; 199 } 200 else 201 { 202 $text .= " 203 <select name='cat_id' class='tbox'> 204 <option value=''> </option>\n"; 205 foreach($newsCat as $cat_id=>$cat_name) 206 // while (list($cat_id, $cat_name, $cat_icon) = $sql->db_Fetch()) 207 { 208 $sel = (varset($_POST['cat_id'],'') == $cat_id) ? "selected='selected'" : ""; 209 $text .= "<option value='{$cat_id}' {$sel}>".$tp->toHTML($cat_name, FALSE, "defs")."</option>"; 210 } 211 $text .= "</select>"; 212 } 213 214 $text .= " 215 </td> 216 </tr> 217 <tr> 218 <td style='width:20%' class='forumheader3'>".LAN_62."</td> 219 <td style='width:80%' class='forumheader3'> 220 <input class='tbox' type='text' id='submitnews_title' name='submitnews_title' size='60' value='".$tp->toHTML($_POST['submitnews_title'],TRUE,'USER_TITLE')."' maxlength='200' style='width:90%' /> 221 </td> 222 </tr>"; 223 224 if (e_WYSIWYG) 225 { 226 $insertjs = "rows='25'"; 227 } 228 else 229 { 230 require_once(e_HANDLER."ren_help.php"); 231 $insertjs = "rows='15' onselect='storeCaret(this);' onclick='storeCaret(this);' onkeyup='storeCaret(this);'"; 232 } 233 234 $text .= " 235 <tr> 236 <td style='width:20%' class='forumheader3'>".LAN_135."</td> 237 <td style='width:80%' class='forumheader3'> 238 <textarea class='tbox' id='submitnews_item' name='submitnews_item' cols='80' style='max-width:95%' {$insertjs}>".$tp->toHTML($_POST['submitnews_item'],TRUE,'USER_BODY')."</textarea><br />"; 239 240 if (!e_WYSIWYG) 241 { 242 $text .= display_help("helpb","submitnews"); 243 } 244 245 $text .= " 246 </td> 247 </tr>"; 248 249 if ($pref['subnews_attach'] && $pref['upload_enabled'] && check_class($pref['upload_class']) && FILE_UPLOADS) 250 { 251 $text .= " 252 <tr> 253 <td style='width:20%' class='forumheader3'>".SUBNEWSLAN_5."<br /><span class='smalltext'>".SUBNEWSLAN_6."</span></td> 254 <td style='width:80%' class='forumheader3'> 255 <input class='tbox' type='file' name='file_userfile[]' style='width:90%' /> 256 </td> 257 </tr>"; 258 } 259 260 $text .= " 261 <tr> 262 <td colspan='2' style='text-align:center' class='forumheader'> 263 <input class='button' type='submit' name='submitnews_submit' value='".LAN_136."' /> 264 <input type='hidden' name='e-token' value='".e_TOKEN."' /> 265 </td> 266 </tr> 267 </table> 268 </form> 269 </div>"; 270 271 $ns->tablerender(LAN_136, $text); 272 require_once(FOOTERF); 273 274 function headerjs() 275 { 276 $adder = ""; 277 if (e_WYSIWYG) $adder = 'tinyMCE.triggerSave();'; 278 $script = " 279 <script type=\"text/javascript\"> 280 function frmVerify() 281 { 282 {$adder} 283 if(document.getElementById('submitnews_title').value == \"\") 284 { 285 alert('".SUBNEWSLAN_1."'); 286 return false; 287 } 288 289 if(document.getElementById('submitnews_item').value == \"\") 290 { 291 alert('".SUBNEWSLAN_2."'); 292 return false; 293 } 294 } 295 </script>"; 296 return $script; 297 } 298 299 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Mar 12 16:28:38 2012 | Cross Reference PHPXref |