Merged from 1.7.
[moodle.git] / blog / edit.php
CommitLineData
4a173181 1<?php //$Id$
2
3require_once('../config.php');
4include_once('lib.php');
eccfc1ca 5
e96f2a77 6$action = required_param('action', PARAM_ALPHA);
7$id = optional_param('id', 0, PARAM_INT);
8$confirm = optional_param('confirm', 0, PARAM_BOOL);
9$courseid = optional_param('courseid', 0, PARAM_INT); // needed for user tab - does nothing here
10
11require_login();
eccfc1ca 12
ab2f17b0 13if (empty($CFG->bloglevel)) {
14 error('Blogging is disabled!');
15}
16
e96f2a77 17if (isguest()) {
18 error(get_string('noguestpost', 'blog'));
4a173181 19}
20
e96f2a77 21$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
22if (!has_capability('moodle/blog:create', $sitecontext) and !has_capability('moodle/blog:manageentries', $sitecontext)) {
23 error('You can not post or edit blogs.');
4a173181 24}
25
bbbf2d40 26// Make sure that the person trying to edit have access right
e96f2a77 27if ($id) {
28 if (!$existing = get_record('post', 'id', $id)) {
29 error('Wrong blog post id');
4a173181 30 }
6524adcf 31
e96f2a77 32 if (!blog_user_can_edit_post($existing)) {
33 error(get_string('notallowedtoedit', 'blog'));
34 }
35 $userid = $existing->userid;
36 $returnurl = $CFG->wwwroot.'/blog/index.php?userid='.$existing->userid;
4a173181 37} else {
e96f2a77 38 if (!has_capability('moodle/blog:create', $sitecontext)) {
39 error(get_string('nopost', 'blog')); // manageentries is not enough for adding
40 }
41 $existing = false;
42 $userid = $USER->id;
43 $returnurl = 'index.php?userid='.$USER->id;
4a173181 44}
e96f2a77 45if (!empty($courseid)) {
46 $returnurl .= '&amp;courseid='.$courseid;
48e79fd1 47}
48
e96f2a77 49$errors = array();
50$post = new object(); // editing form data
48e79fd1 51
e96f2a77 52$usehtmleditor = can_use_richtext_editor();
53$strblogs = get_string('blogs','blog');
4a173181 54
4a173181 55
e96f2a77 56switch ($action) {
6524adcf 57
e96f2a77 58 case 'add':
59 if (data_submitted() and confirm_sesskey()) {
60 do_add($post, $errors);
61 if (empty($errors)) {
62 redirect($returnurl);
63 }
64 $post = stripslashes_safe($post); // no db access after this!!
65 // print form again
66 } else {
67 // prepare new empty form
68 $post->subject = '';
69 $post->summary = '';
70 $post->publishstate = 'draft';
71 $post->format = $usehtmleditor ? FORMAT_HTML : FORMAT_MOODLE;
48e79fd1 72
e96f2a77 73 }
74 $strformheading = get_string('addnewentry', 'blog');
75 break;
4a173181 76
e96f2a77 77 case 'edit':
78 if (!$existing) {
79 error('Incorrect blog post id');
80 }
81 if (data_submitted() and confirm_sesskey()) {
82 do_edit($post, $errors);
83 if (empty($errors)) {
84 redirect($returnurl);
85 }
86 $post = stripslashes_safe($post); // no db access after this!!
87 // print form again
88 } else {
89 $post->id = $existing->id;
90 $post->subject = $existing->subject;
91 $post->summary = $existing->summary;
92 $post->publishstate = $existing->publishstate;
93 $post->format = $existing->format;
94 }
95 $strformheading = get_string('updateentrywithid', 'blog');
96 break;
4a173181 97
e96f2a77 98 case 'delete':
99 if (!$existing) {
100 error('Incorrect blog post id');
4a173181 101 }
e96f2a77 102 if (data_submitted() and $confirm and confirm_sesskey()) {
103 do_delete($existing);
104 redirect($returnurl);
105 } else {
106 $optionsyes = array('id'=>$id, 'action'=>'delete', 'confirm'=>1, 'sesskey'=>sesskey(), 'courseid'=>$courseid);
107 $optionsno = array('userid'=>$existing->userid, 'courseid'=>$courseid);
108 print_header("$SITE->shortname: $strblogs", $SITE->fullname);
109 blog_print_entry($existing);
110 echo '<br />';
111 notice_yesno(get_string('blogdeleteconfirm', 'blog'), 'edit.php', 'index.php', $optionsyes, $optionsno, 'post', 'get');
112 print_footer();
113 die;
4a173181 114 }
e96f2a77 115 break;
4a173181 116
e96f2a77 117 default:
118 error('Unknown action!');
119 break;
4a173181 120}
121
e96f2a77 122// gui setup
4a173181 123
e96f2a77 124// done here in order to allow deleting of posts with wrong user id above
125if (!$user = get_record('user', 'id', $userid)) {
126 error('Incorrect user id');
4a173181 127}
128
e96f2a77 129print_header("$SITE->shortname: $strblogs", $SITE->fullname,
130 '<a href="'.$CFG->wwwroot.'/user/view.php?id='.$userid.'">'.fullname($user).'</a> ->
131 <a href="'.$CFG->wwwroot.'/blog/index.php?userid='.$userid.'">'.$strblogs.'</a> -> '.$strformheading,'','',true);
4a173181 132
e96f2a77 133echo '<br />';
134print_simple_box_start('center');
4a173181 135require('edit.html');
136print_simple_box_end();
137
e96f2a77 138if ($usehtmleditor) {
139 use_html_editor();
140}
141
142print_footer();
143
144die;
4a173181 145
146
147/***************************** edit.php functions ***************************/
148/*
e96f2a77 149* Delete blog post from database
4a173181 150*/
e96f2a77 151function do_delete($post) {
152 global $returnurl;
4a173181 153
e96f2a77 154 $status = delete_records('post', 'id', $post->id);
155 $status = delete_records('blog_tag_instance', 'entryid', $post->id) and $status;
9ffcd15f 156
e96f2a77 157 add_to_log(SITEID, 'blog', 'delete', 'index.php?userid='. $post->userid, 'deleted blog entry with entry id# '. $post->id);
158
159 if (!$status) {
160 error('Error occured while deleting post', $returnurl);
161 }
4a173181 162}
163
164/**
e96f2a77 165 * Write a new blog entry into database
166 */
167function do_add(&$post, &$errors) {
168 global $CFG, $USER, $returnurl;
4a173181 169
e96f2a77 170 $post->subject = required_param('subject', PARAM_MULTILANG);
171 $post->summary = required_param('summary', PARAM_RAW);
172 $post->format = required_param('format', PARAM_INT);
173 $post->publishstate = required_param('publishstate', PARAM_ALPHA);;
4a173181 174
e96f2a77 175 if ($post->summary == '<br />') {
176 $post->summary = '';
177 }
c2ee4e87 178
e96f2a77 179 if ($post->subject == '') {
180 $errors['subject'] = get_string('emptytitle', 'blog');
181 }
182 if ($post->summary == '') {
183 $errors['summary'] = get_string('emptybody', 'blog');
184 }
c2ee4e87 185
e96f2a77 186 if (!empty($errors)) {
187 return; // no saving
4a173181 188 }
e96f2a77 189
190 $post->module = 'blog';
191 $post->userid = $USER->id;
192 $post->lastmodified = time();
193 $post->created = time();
194
195
196 // Insert the new blog entry.
197 if ($id = insert_record('post', $post)) {
198 $post->id = $id;
199 add_tags_info($post->id);
200 add_to_log(SITEID, 'blog', 'add', 'index.php?userid='.$post->userid.'&postid='.$posz->id, $post->subject);
201
202 } else {
203 error('There was an error adding this post in the database', $returnurl);
204 }
205
4a173181 206}
207
208/**
209 * @param . $post argument is a reference to the post object which is used to store information for the form
210 * @param . $bloginfo_arg argument is reference to a blogInfo object.
211 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
212 */
e96f2a77 213function do_edit(&$post, &$errors) {
214
215 global $CFG, $USER, $returnurl;
216
217 $post->id = required_param('id', PARAM_INT);
218 $post->subject = required_param('subject', PARAM_MULTILANG);
219 $post->summary = required_param('summary', PARAM_RAW);
220 $post->format = required_param('format', PARAM_INT);
221 $post->publishstate = required_param('publishstate', PARAM_ALPHA);;
222
223 if ($post->summary == '<br />') {
224 $post->summary = '';
c2ee4e87 225 }
4a173181 226
e96f2a77 227 if ($post->subject == '') {
228 $errors['subject'] = get_string('emptytitle', 'blog');
229 }
230 if ($post->summary == '') {
231 $errors['summary'] = get_string('emptybody', 'blog');
232 }
233
234 if (!empty($errors)) {
235 return; // no saving
236 }
237
238 $post->lastmodified = time();
239
240 // update record
241 if (update_record('post', $post)) {
242 delete_records('blog_tag_instance', 'entryid', $post->id);
243 add_tags_info($post->id);
244 add_to_log(SITEID, 'blog', 'update', 'index.php?userid='.$post->userid.'&postid='.$post->id, $post->subject);
245
246 } else {
247 error('There was an error updating this post in the database', $returnurl);
248 }
249
250}
251
252function add_tags_info($postid) {
253 $post = get_record('post', 'id', $postid);
254
255 $tag = new object();
256 $tag->entryid = $post->id;
257 $tag->userid = $post->userid;
1ca20e02 258 $tag->timemodified = time();
259
260 /// Add tags information
261 if ($otags = optional_param('otags','', PARAM_INT)) {
262 foreach ($otags as $otag) {
263 $tag->tagid = $otag;
e96f2a77 264 insert_record('blog_tag_instance', $tag);
4a173181 265 }
e96f2a77 266 }
267
268 if ($ptags = optional_param('ptags','', PARAM_INT)) {
269 foreach ($ptags as $ptag) {
270 $tag->tagid = $ptag;
271 insert_record('blog_tag_instance', $tag);
4a173181 272 }
4a173181 273 }
274}
d7bf6d17 275?>