blog (development code)
[moodle.git] / blog / edit.php
CommitLineData
4a173181 1<?php //$Id$
2
3require_once('../config.php');
4include_once('lib.php');
5include_once('class.BlogInfo.php');
6require_login();
7// detemine where the user is coming from in case we need to send them back there
8if (isset($_SERVER['HTTP_REFERER'])) {
9 $referrer = $_SERVER['HTTP_REFERER'];
10} else {
11 $referrer = $CFG->wwwroot;
12}
13
14//first verify that user is not a guest
15if (isguest()) {
16 error(get_string('noguestpost', 'forum'), $referrer);
17}
18
19optional_variable($userid, 0);
20optional_variable($editid, '');
21optional_variable($sendpingbacks, 0);
22optional_variable($sendtrackbacks, 0);
23
24global $USER, $CFG;
25
26//check to see if there is a requested blog to edit
27if (!empty($userid) && $userid != 0) {
28 if (blog_isLoggedIn() && $userid == $USER->id ) {
29 ; // Daryl Hawes note: is this a placeholder for missing functionality?
30 }
31} else if ( blog_isLoggedIn() ) {
32 //the user is logged in and have not specified a blog - so they will be editing their own
33 $tempBlogInfo = blog_user_bloginfo();
34 $userid = $tempBlogInfo->userid;
35 unset($tempBlogInfo); //free memory from temp object - bloginfo will be created again in the included header
36} else {
37 error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
38}
39
40$pageNavigation = 'edit';
41
42include($CFG->dirroot .'/blog/header.php');
43
44if (!empty($course)) {
45 $courseid = $course->id;
46} else if (!isadmin() && $CFG->blog_enable_moderation) {
47 // the user is not an admin, blog moderation is on and there is no course association
48 //Daryl Hawes note: possible bug here if editing a personal post that existed before blog moderation was enabled for the site.
49 error('Blog moderation is enabled. Your entries must be associated with a course.');
50}
51
52//print_object($PAGE->bloginfo); //debug
53
54//check if user is in blog's acl
55if ( !blog_user_has_rights($PAGE->bloginfo) ) {
56 if ($editid != '') {
57 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
58 if (! (isteacher($blogEntry->$entryCourseId)) ) {
59// error( get_string('notallowedtoedit'.' You do not teach in this course.', 'blog'), $CFG->wwwroot .'/login/index.php');
60 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
61 }
62 } else {
63 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
64 }
65}
66
67//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
68
69if (isset($act) && $act == 'del')
70{
71 require_variable($postid);
72 do_delete($PAGE->bloginfo, $postid);
73}
74if ($usehtmleditor = can_use_richtext_editor()) {
75 $defaultformat = FORMAT_HTML;
76 $onsubmit = '';
77} else {
78 $defaultformat = FORMAT_MOODLE;
79 $onsubmit = '';
80}
81
82if ($post = data_submitted( get_referer() ) ) {
83 if (!empty($post->editform)) { //make sure we're processing the edit form here
84 //print_object($post); //debug
85
86 ///these varaibles needs to be changed because of the javascript hack
87 ///post->courseid
88 ///post->groupid
89 $post->courseid = $post->realcourse; //might not need either, if javascript re-written
90 $post->groupid = $post->realgroup; //might not need
91 $courseid = $post->realcourse;
92 //end of yu's code
93
94 if (!$post->etitle or !$post->body) {
95 $post->error = get_string('emptymessage', 'forum');
96 }
97 if ($post->act == 'save') {
98 do_save($post, $PAGE->bloginfo, $sendpingbacks, $sendtrackbacks);
99 } else if ($post->act == 'update') {
100 do_update($post, $PAGE->bloginfo, $sendpingbacks, $sendtrackbacks);
101 } else if ($post->act == 'del') {
102 require_variable($postid);
103 do_delete($PAGE->bloginfo, $postid);
104 }
105 }
106} else {
107
108 //no post data yet, so load up the post array with default information
109 $post->etitle = '';
110 $post->userid = $USER->id;
111 $post->body = '';
112 $post->extendedbody = '';
113 $post->useextendedbody = $PAGE->bloginfo->get_blog_use_extended_body();
114 $post->format = $defaultformat;
115 $post->categoryid = array(1);
116 $post->publishstate = 'draft';
117 $post->courseid = $courseid;
118
119
120}
121
122if ($editid != '') { // User is editing a post
123 // ensure that editing is allowed first - admin users can edit any posts
124 if (!isadmin() && $CFG->blog_enable_moderation && $blogEntry->entryPublishState != 'draft') {
125 error('You are not allowed to modify a published entry. A teacher must first change this post back to draft status.'); //Daryl Hawes note: localize this line
126 }
127 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
128
129 //using an unformatted entry body here so that extra formatting information is not stored in the db
130 $post->body = $blogEntry->get_unformatted_entry_body();
131 $post->extendedbody = $blogEntry->get_unformatted_entry_extended_body();
132 $post->useextendedbody = $PAGE->bloginfo->get_blog_use_extended_body();
133 $post->etitle = $blogEntry->entryTitle;
134 $post->postid = $editid;
135 $post->userid = $PAGE->bloginfo->userid;
136 $post->categoryid = $blogEntry->entryCategoryIds;
137 $post->format = $blogEntry->entryFormat;
138 $post->publishstate = $blogEntry->entryPublishState;
139 $post->courseid = $blogEntry->entryCourseId;
140 $post->groupid = (int)$blogEntry->entryGroupId;
141}
142
143if (isset($post->postid) && ($post->postid != -1) ) {
144 $formHeading = get_string('updateentrywithid', 'blog') . $post->postid;
145} else {
146 $formHeading = get_string('addnewentry', 'blog');
147}
148
149if (isset($post->error)) {
150 notify($post->error);
151}
152
153print_simple_box_start("center");
154require('edit.html');
155print_simple_box_end();
156
157 // Janne comment: Let's move this in here
158 // so IE gets more time to load the
159 // Page.
160 if ($usehtmleditor) {
161 // Janne comment: there are two text fields in form
162 // so lets try to replace them both with
163 // HTMLArea editors
164 use_html_editor();
165 }
166
167include($CFG->dirroot .'/blog/footer.php');
168
169
170/***************************** edit.php functions ***************************/
171/*
172* do_delete
173* takes $bloginfo_arg argument as reference to a blogInfo object.
174* also takes the postid - the id of the entry to be removed
175*/
176function do_delete(&$bloginfo_arg, $postid) {
177 global $CFG;
178 // make sure this user is authorized to delete this entry.
179 // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
180 if ($bloginfo_arg->delete_blog_entry_by_id($postid)) {
181 //echo "bloginfo_arg:"; //debug
182 print_object($bloginfo_arg); //debug
183 //echo "pid to delete:".$postid; //debug
184 delete_records('blog_tag_instance', 'entryid', $postid);
185 print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';
186
187 //record a log message of this entry deletion
188 if ($site = get_site()) {
189 add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $bloginfo_arg->userid, 'deleted blog entry with entry id# '. $postid);
190 }
191 } else {
192 error(get_string('entryerrornotyours', 'blog'));
193 }
194
195 //comment out this redirect to debug the deletion of entries
196 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
197}
198
199/**
200* do_save
201*
202* @param object $post argument is a reference to the post object which is used to store information for the form
203* @param object $bloginfo_arg argument is reference to a blogInfo object.
204*/
205function do_save(&$post, &$bloginfo_arg, $sendpingbacks, $sendtrackbacks) {
206 global $USER, $CFG;
207// echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
208// print_object($post); //debug
209
210 if ($post->body == '') {
211 $post->error = get_string('nomessagebodyerror', 'blog');
212 } else {
213
214 //initialize courseid and groupid if specified
215 if (isset($post->courseid)) {
216 $courseid = $post->courseid;
217 } else {
218 $courseid = 1;
219 }
220 if (isset($post->groupid)) {
221 $groupid = $post->groupid;
222 } else {
223 $groupid = '';
224 }
225
226/*
227 //group pseudocode
228 if ($groupid != '') {
229 if (! ismember($post->groupid) ) {
230 error('You are not a member of the specified group. Group with id#('.$groupid.')'); //Daryl Hawes note: LOCALIZATION NEEDED FOR THIS LINE
231 }
232 }*/
233
234 // Insert the new blog entry.
235 $entryID = $bloginfo_arg->insert_blog_entry($post->etitle, $post->body, $post->extendedbody, $USER->id, $post->format, $post->publishstate, $courseid, $groupid);
236
237// print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
238// echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
239 $otags = optional_param('otags');
240 $ptags = optional_param('ptags');
241 // Add tags information
242 foreach ($otags as $otag) {
243 $tag->entryid = $entryID;
244 $tag->tagid = $otag;
245 $tag->groupid = $groupid;
246 $tag->courseid = $courseid;
247 $tag->userid = $USER->id;
248
249 insert_record('blog_tag_instance',$tag);
250 }
251
252 foreach ($ptags as $ptag) {
253 $tag->entryid = $entryID;
254 $tag->tagid = $ptag;
255 $tag->groupid = $groupid;
256 $tag->courseid = $courseid;
257 $tag->userid = $USER->id;
258
259 insert_record('blog_tag_instance',$tag);
260 }
261
262 print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
263 //record a log message of this entry addition
264 if ($site = get_site()) {
265 add_to_log($site->id, 'blog', 'add', 'archive.php?userid='. $bloginfo_arg->userid .'&postid='. $entryID, 'created new blog entry with entry id# '. $entryID);
266 }
267 //to debug this save function comment out the following redirect code
268 if ($courseid == 1 || $courseid == 0 || $courseid == '') {
269 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
270 } else {
271 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
272 }
273 }
274}
275
276/**
277 * @param . $post argument is a reference to the post object which is used to store information for the form
278 * @param . $bloginfo_arg argument is reference to a blogInfo object.
279 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
280 */
281function do_update(&$post, &$bloginfo, $sendpingbacks, $sendtrackbacks) {
282
283 global $CFG, $USER;
284
285 //initialize courseid and groupid if specified
286 if (isset($post->courseid)) {
287 $courseid = $post->courseid;
288 } else {
289 $courseid = 1;
290 }
291 if (isset($post->groupid)) {
292 $groupid = $post->groupid;
293 } else {
294 $groupid = '';
295 }
296
297/*
298 //pseudocode for handling groups
299 if ($groupid != '') {
300 if (! ismember($groupid) ) {
301 error('You are not a member of the specified group. Group with id#('. $groupid .')'); //Daryl Hawes note: LOCALIZATION NEEDED FOR THIS LINE
302 }
303 }*/
304
305 $blogentry = $bloginfo->get_blog_entry_by_id($post->postid);
306 echo "id id ".$post->postid;
307// print_object($blogentry); //debug
308
309 $blogentry->set_title($post->etitle);
310 $blogentry->set_body($post->body);
311 if (isset($post->extendedbody)) {
312 $blogentry->set_extendedbody($post->extendedbody);
313 }
314 $blogentry->set_format($post->format);
315 $blogentry->set_publishstate($post->publishstate); //we don't care about the return value here
316 $blogentry->set_courseid($courseid);
317 $blogentry->set_groupid($groupid);
318
319 if ( !$error = $blogentry->save() ) {
320// echo 'Debug: do_update in edit.php calling do_pings<br />'."\n"; //debug
321 delete_records('blog_tag_instance', 'entryid', $blogentry->entryId);
322
323 $otags = optional_param('otags');
324 $ptags = optional_param('ptags');
325 // Add tags information
326 foreach ($otags as $otag) {
327 $tag->entryid = $blogentry->entryId;
328 $tag->tagid = $otag;
329 $tag->groupid = $groupid;
330 $tag->courseid = $courseid;
331 $tag->userid = $USER->id;
332
333 insert_record('blog_tag_instance',$tag);
334 }
335
336 foreach ($ptags as $ptag) {
337 $tag->entryid = $blogentry->entryId;
338 $tag->tagid = $ptag;
339 $tag->groupid = $groupid;
340 $tag->courseid = $courseid;
341 $tag->userid = $USER->id;
342
343 insert_record('blog_tag_instance',$tag);
344 }
345 // only do pings if the entry is published to the world
346 // Daryl Hawes note - eventually should check if it's on the same server
347 // and if so allow pb/tb as well - especially now that moderation is in place
348 print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';
349
350 //record a log message of this entry update action
351 if ($site = get_site()) {
352 add_to_log($site->id, 'blog', 'update', 'archive.php?userid='. $bloginfo->userid .'&postid='. $post->postid, 'updated existing blog entry with entry id# '. $post->postid);
353 }
354
355 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo->userid);
356 } else {
357// get_string('', 'blog') //Daryl Hawes note: localize this line
358 $post->error = 'There was an error updating this post in the database: '. $error;
359 }
360}
361?>