Convert the text cache to use a blob, so that there are no character set
[moodle.git] / blog / edit.php
CommitLineData
4a173181 1<?php //$Id$
2
3require_once('../config.php');
4include_once('lib.php');
5include_once('class.BlogInfo.php');
6require_login();
7// detemine where the user is coming from in case we need to send them back there
8if (isset($_SERVER['HTTP_REFERER'])) {
9 $referrer = $_SERVER['HTTP_REFERER'];
10} else {
11 $referrer = $CFG->wwwroot;
12}
13
14//first verify that user is not a guest
15if (isguest()) {
7ffb7e9c 16 error(get_string('noguestpost', 'blog'), $referrer);
4a173181 17}
18
5c625033 19$userid = optional_param('userid', 0, PARAM_INT);
20$editid = optional_param('editid', 0, PARAM_INT);
4a173181 21
4a173181 22//check to see if there is a requested blog to edit
23if (!empty($userid) && $userid != 0) {
24 if (blog_isLoggedIn() && $userid == $USER->id ) {
25 ; // Daryl Hawes note: is this a placeholder for missing functionality?
26 }
27} else if ( blog_isLoggedIn() ) {
28 //the user is logged in and have not specified a blog - so they will be editing their own
29 $tempBlogInfo = blog_user_bloginfo();
30 $userid = $tempBlogInfo->userid;
31 unset($tempBlogInfo); //free memory from temp object - bloginfo will be created again in the included header
32} else {
33 error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
34}
35
36$pageNavigation = 'edit';
37
38include($CFG->dirroot .'/blog/header.php');
39
4a173181 40//print_object($PAGE->bloginfo); //debug
41
42//check if user is in blog's acl
43if ( !blog_user_has_rights($PAGE->bloginfo) ) {
44 if ($editid != '') {
45 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
46 if (! (isteacher($blogEntry->$entryCourseId)) ) {
47// error( get_string('notallowedtoedit'.' You do not teach in this course.', 'blog'), $CFG->wwwroot .'/login/index.php');
48 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
49 }
50 } else {
51 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
52 }
53}
54
55//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
56
7ffb7e9c 57if (isset($act) && $act == 'del' && confirm_sesskey())
4a173181 58{
1a3f39f1 59 $postid = required_param('postid', PARAM_INT);
60 if (optional_param('confirm',0,PARAM_INT)) {
7ffb7e9c 61 do_delete($PAGE->bloginfo, $postid);
62 } else {
63 /// prints blog entry and what confirmation form
1a3f39f1 64 echo '<div align="center"><form method="GET" action="edit.php">';
65 echo '<input type="hidden" name="act" value="del" />';
66 echo '<input type="hidden" name="confirm" value="1" />';
67 echo '<input type="hidden" name="postid" value="'.$postid.'" />';
68 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
69 print_string('blogdeleteconfirm', 'blog');
70
71 $post = get_record('post', 'id', $postid);
72 $entry = new BlogEntry($post);
73 blog_print_entry($entry);
74 echo '<br />';
75 echo '<input type="submit" value="'.get_string('delete').'" /> ';
76 echo ' <input type="button" value="'.get_string('cancel').'" onclick="javascript:history.go(-1)" />';
77 echo '</form></div>';
78 print_footer($course);
79 die;
7ffb7e9c 80 }
4a173181 81}
82if ($usehtmleditor = can_use_richtext_editor()) {
83 $defaultformat = FORMAT_HTML;
84 $onsubmit = '';
85} else {
86 $defaultformat = FORMAT_MOODLE;
87 $onsubmit = '';
88}
89
9154b440 90if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
4a173181 91 if (!empty($post->editform)) { //make sure we're processing the edit form here
3a90f389 92 //print_object($post); //debug
4a173181 93
94 ///these varaibles needs to be changed because of the javascript hack
95 ///post->courseid
96 ///post->groupid
97 $post->courseid = $post->realcourse; //might not need either, if javascript re-written
98 $post->groupid = $post->realgroup; //might not need
99 $courseid = $post->realcourse;
100 //end of yu's code
101
102 if (!$post->etitle or !$post->body) {
103 $post->error = get_string('emptymessage', 'forum');
104 }
105 if ($post->act == 'save') {
9154b440 106 do_save($post, $PAGE->bloginfo);
4a173181 107 } else if ($post->act == 'update') {
9154b440 108 do_update($post, $PAGE->bloginfo);
4a173181 109 } else if ($post->act == 'del') {
a488b932 110 $postid = required_param('postid', PARAM_INT);
4a173181 111 do_delete($PAGE->bloginfo, $postid);
112 }
113 }
114} else {
115
116 //no post data yet, so load up the post array with default information
117 $post->etitle = '';
118 $post->userid = $USER->id;
119 $post->body = '';
4a173181 120 $post->format = $defaultformat;
121 $post->categoryid = array(1);
122 $post->publishstate = 'draft';
123 $post->courseid = $courseid;
4a173181 124
125}
126
127if ($editid != '') { // User is editing a post
128 // ensure that editing is allowed first - admin users can edit any posts
1e1ba8c2 129
4a173181 130 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
131
132 //using an unformatted entry body here so that extra formatting information is not stored in the db
133 $post->body = $blogEntry->get_unformatted_entry_body();
4a173181 134 $post->etitle = $blogEntry->entryTitle;
135 $post->postid = $editid;
136 $post->userid = $PAGE->bloginfo->userid;
137 $post->categoryid = $blogEntry->entryCategoryIds;
138 $post->format = $blogEntry->entryFormat;
139 $post->publishstate = $blogEntry->entryPublishState;
4a173181 140}
141
142if (isset($post->postid) && ($post->postid != -1) ) {
9154b440 143
144 $formHeading = get_string('updateentrywithid', 'blog');
145
4a173181 146} else {
147 $formHeading = get_string('addnewentry', 'blog');
148}
149
150if (isset($post->error)) {
151 notify($post->error);
152}
153
154print_simple_box_start("center");
155require('edit.html');
156print_simple_box_end();
157
158 // Janne comment: Let's move this in here
159 // so IE gets more time to load the
160 // Page.
161 if ($usehtmleditor) {
162 // Janne comment: there are two text fields in form
163 // so lets try to replace them both with
164 // HTMLArea editors
165 use_html_editor();
166 }
167
168include($CFG->dirroot .'/blog/footer.php');
169
170
171/***************************** edit.php functions ***************************/
172/*
173* do_delete
174* takes $bloginfo_arg argument as reference to a blogInfo object.
175* also takes the postid - the id of the entry to be removed
176*/
177function do_delete(&$bloginfo_arg, $postid) {
178 global $CFG;
179 // make sure this user is authorized to delete this entry.
180 // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
181 if ($bloginfo_arg->delete_blog_entry_by_id($postid)) {
182 //echo "bloginfo_arg:"; //debug
183 print_object($bloginfo_arg); //debug
184 //echo "pid to delete:".$postid; //debug
185 delete_records('blog_tag_instance', 'entryid', $postid);
186 print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';
187
188 //record a log message of this entry deletion
189 if ($site = get_site()) {
190 add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $bloginfo_arg->userid, 'deleted blog entry with entry id# '. $postid);
191 }
192 } else {
193 error(get_string('entryerrornotyours', 'blog'));
194 }
195
196 //comment out this redirect to debug the deletion of entries
197 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
198}
199
200/**
201* do_save
202*
203* @param object $post argument is a reference to the post object which is used to store information for the form
204* @param object $bloginfo_arg argument is reference to a blogInfo object.
205*/
9154b440 206function do_save(&$post, &$bloginfo_arg) {
4a173181 207 global $USER, $CFG;
208// echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
209// print_object($post); //debug
210
211 if ($post->body == '') {
212 $post->error = get_string('nomessagebodyerror', 'blog');
213 } else {
214
4a173181 215 // Insert the new blog entry.
b2cda3d1 216 $entryID = $bloginfo_arg->insert_blog_entry($post->etitle, $post->body, $USER->id, $post->format, $post->publishstate, $courseid, $groupid);
4a173181 217
218// print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
219// echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
2d642a13 220
5c625033 221 $otags = optional_param('otags','', PARAM_INT);
222 $ptags = optional_param('ptags','', PARAM_INT);
223
2d642a13 224
225 $tag = NULL;
226 $tag->entryid = $entryID;
976982d3 227 $tag->groupid = $post->groupid;
228 $tag->courseid = $post->courseid;
2d642a13 229 $tag->userid = $USER->id;
230 $tag->timemodified = time();
231
60534cfc 232 /// Add tags information
4a173181 233 foreach ($otags as $otag) {
4a173181 234 $tag->tagid = $otag;
4a173181 235 insert_record('blog_tag_instance',$tag);
236 }
237
238 foreach ($ptags as $ptag) {
4a173181 239 $tag->tagid = $ptag;
4a173181 240 insert_record('blog_tag_instance',$tag);
241 }
242
243 print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
244 //record a log message of this entry addition
245 if ($site = get_site()) {
246 add_to_log($site->id, 'blog', 'add', 'archive.php?userid='. $bloginfo_arg->userid .'&postid='. $entryID, 'created new blog entry with entry id# '. $entryID);
247 }
248 //to debug this save function comment out the following redirect code
9154b440 249 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
4a173181 250 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
251 } else {
252 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
253 }
254 }
255}
256
257/**
258 * @param . $post argument is a reference to the post object which is used to store information for the form
259 * @param . $bloginfo_arg argument is reference to a blogInfo object.
260 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
261 */
9154b440 262function do_update(&$post, &$bloginfo) {
4a173181 263
264 global $CFG, $USER;
265
4a173181 266 $blogentry = $bloginfo->get_blog_entry_by_id($post->postid);
267 echo "id id ".$post->postid;
268// print_object($blogentry); //debug
269
4a173181 270 $blogentry->set_body($post->body);
4a173181 271 $blogentry->set_format($post->format);
272 $blogentry->set_publishstate($post->publishstate); //we don't care about the return value here
4a173181 273
274 if ( !$error = $blogentry->save() ) {
4a173181 275 delete_records('blog_tag_instance', 'entryid', $blogentry->entryId);
276
5c625033 277 $otags = optional_param('otags','', PARAM_INT);
278 $ptags = optional_param('ptags','', PARAM_INT);
2d642a13 279
280 $tag = NULL;
281 $tag->entryid = $blogentry->entryId;
976982d3 282 $tag->groupid = $post->groupid;
283 $tag->courseid = $post->courseid;
2d642a13 284 $tag->userid = $USER->id;
285 $tag->timemodified = time();
976982d3 286
60534cfc 287 /// Add tags information
4a173181 288 foreach ($otags as $otag) {
4a173181 289 $tag->tagid = $otag;
4a173181 290 insert_record('blog_tag_instance',$tag);
291 }
292
293 foreach ($ptags as $ptag) {
4a173181 294 $tag->tagid = $ptag;
4a173181 295 insert_record('blog_tag_instance',$tag);
296 }
976982d3 297
4a173181 298 // only do pings if the entry is published to the world
299 // Daryl Hawes note - eventually should check if it's on the same server
300 // and if so allow pb/tb as well - especially now that moderation is in place
301 print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';
302
303 //record a log message of this entry update action
304 if ($site = get_site()) {
305 add_to_log($site->id, 'blog', 'update', 'archive.php?userid='. $bloginfo->userid .'&postid='. $post->postid, 'updated existing blog entry with entry id# '. $post->postid);
306 }
307
308 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo->userid);
309 } else {
310// get_string('', 'blog') //Daryl Hawes note: localize this line
311 $post->error = 'There was an error updating this post in the database: '. $error;
312 }
313}
314?>