more cleaning
[moodle.git] / blog / edit.php
CommitLineData
4a173181 1<?php //$Id$
2
3require_once('../config.php');
4include_once('lib.php');
5include_once('class.BlogInfo.php');
6require_login();
7// detemine where the user is coming from in case we need to send them back there
8if (isset($_SERVER['HTTP_REFERER'])) {
9 $referrer = $_SERVER['HTTP_REFERER'];
10} else {
11 $referrer = $CFG->wwwroot;
12}
13
14//first verify that user is not a guest
15if (isguest()) {
7ffb7e9c 16 error(get_string('noguestpost', 'blog'), $referrer);
4a173181 17}
18
5c625033 19$userid = optional_param('userid', 0, PARAM_INT);
20$editid = optional_param('editid', 0, PARAM_INT);
4a173181 21
4a173181 22//check to see if there is a requested blog to edit
23if (!empty($userid) && $userid != 0) {
24 if (blog_isLoggedIn() && $userid == $USER->id ) {
25 ; // Daryl Hawes note: is this a placeholder for missing functionality?
26 }
27} else if ( blog_isLoggedIn() ) {
28 //the user is logged in and have not specified a blog - so they will be editing their own
29 $tempBlogInfo = blog_user_bloginfo();
30 $userid = $tempBlogInfo->userid;
31 unset($tempBlogInfo); //free memory from temp object - bloginfo will be created again in the included header
32} else {
33 error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
34}
35
36$pageNavigation = 'edit';
37
38include($CFG->dirroot .'/blog/header.php');
39
4a173181 40//print_object($PAGE->bloginfo); //debug
41
42//check if user is in blog's acl
43if ( !blog_user_has_rights($PAGE->bloginfo) ) {
44 if ($editid != '') {
45 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
46 if (! (isteacher($blogEntry->$entryCourseId)) ) {
47// error( get_string('notallowedtoedit'.' You do not teach in this course.', 'blog'), $CFG->wwwroot .'/login/index.php');
48 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
49 }
50 } else {
51 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
52 }
53}
54
55//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
56
7ffb7e9c 57if (isset($act) && $act == 'del' && confirm_sesskey())
4a173181 58{
7ffb7e9c 59 if (optional_param($confirm,0,PARAM_INT)) {
60 require_variable($postid);
61 do_delete($PAGE->bloginfo, $postid);
62 } else {
63 /// prints blog entry and what confirmation form
64
65
66 }
4a173181 67}
68if ($usehtmleditor = can_use_richtext_editor()) {
69 $defaultformat = FORMAT_HTML;
70 $onsubmit = '';
71} else {
72 $defaultformat = FORMAT_MOODLE;
73 $onsubmit = '';
74}
75
9154b440 76if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
4a173181 77 if (!empty($post->editform)) { //make sure we're processing the edit form here
3a90f389 78 //print_object($post); //debug
4a173181 79
80 ///these varaibles needs to be changed because of the javascript hack
81 ///post->courseid
82 ///post->groupid
83 $post->courseid = $post->realcourse; //might not need either, if javascript re-written
84 $post->groupid = $post->realgroup; //might not need
85 $courseid = $post->realcourse;
86 //end of yu's code
87
88 if (!$post->etitle or !$post->body) {
89 $post->error = get_string('emptymessage', 'forum');
90 }
91 if ($post->act == 'save') {
9154b440 92 do_save($post, $PAGE->bloginfo);
4a173181 93 } else if ($post->act == 'update') {
9154b440 94 do_update($post, $PAGE->bloginfo);
4a173181 95 } else if ($post->act == 'del') {
96 require_variable($postid);
97 do_delete($PAGE->bloginfo, $postid);
98 }
99 }
100} else {
101
102 //no post data yet, so load up the post array with default information
103 $post->etitle = '';
104 $post->userid = $USER->id;
105 $post->body = '';
106 $post->extendedbody = '';
107 $post->useextendedbody = $PAGE->bloginfo->get_blog_use_extended_body();
108 $post->format = $defaultformat;
109 $post->categoryid = array(1);
110 $post->publishstate = 'draft';
111 $post->courseid = $courseid;
112
113
114}
115
116if ($editid != '') { // User is editing a post
117 // ensure that editing is allowed first - admin users can edit any posts
118 if (!isadmin() && $CFG->blog_enable_moderation && $blogEntry->entryPublishState != 'draft') {
119 error('You are not allowed to modify a published entry. A teacher must first change this post back to draft status.'); //Daryl Hawes note: localize this line
120 }
121 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
122
123 //using an unformatted entry body here so that extra formatting information is not stored in the db
124 $post->body = $blogEntry->get_unformatted_entry_body();
125 $post->extendedbody = $blogEntry->get_unformatted_entry_extended_body();
126 $post->useextendedbody = $PAGE->bloginfo->get_blog_use_extended_body();
127 $post->etitle = $blogEntry->entryTitle;
128 $post->postid = $editid;
129 $post->userid = $PAGE->bloginfo->userid;
130 $post->categoryid = $blogEntry->entryCategoryIds;
131 $post->format = $blogEntry->entryFormat;
132 $post->publishstate = $blogEntry->entryPublishState;
133 $post->courseid = $blogEntry->entryCourseId;
134 $post->groupid = (int)$blogEntry->entryGroupId;
135}
136
137if (isset($post->postid) && ($post->postid != -1) ) {
9154b440 138
139 $formHeading = get_string('updateentrywithid', 'blog');
140
4a173181 141} else {
142 $formHeading = get_string('addnewentry', 'blog');
143}
144
145if (isset($post->error)) {
146 notify($post->error);
147}
148
149print_simple_box_start("center");
150require('edit.html');
151print_simple_box_end();
152
153 // Janne comment: Let's move this in here
154 // so IE gets more time to load the
155 // Page.
156 if ($usehtmleditor) {
157 // Janne comment: there are two text fields in form
158 // so lets try to replace them both with
159 // HTMLArea editors
160 use_html_editor();
161 }
162
163include($CFG->dirroot .'/blog/footer.php');
164
165
166/***************************** edit.php functions ***************************/
167/*
168* do_delete
169* takes $bloginfo_arg argument as reference to a blogInfo object.
170* also takes the postid - the id of the entry to be removed
171*/
172function do_delete(&$bloginfo_arg, $postid) {
173 global $CFG;
174 // make sure this user is authorized to delete this entry.
175 // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
176 if ($bloginfo_arg->delete_blog_entry_by_id($postid)) {
177 //echo "bloginfo_arg:"; //debug
178 print_object($bloginfo_arg); //debug
179 //echo "pid to delete:".$postid; //debug
180 delete_records('blog_tag_instance', 'entryid', $postid);
181 print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';
182
183 //record a log message of this entry deletion
184 if ($site = get_site()) {
185 add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $bloginfo_arg->userid, 'deleted blog entry with entry id# '. $postid);
186 }
187 } else {
188 error(get_string('entryerrornotyours', 'blog'));
189 }
190
191 //comment out this redirect to debug the deletion of entries
192 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
193}
194
195/**
196* do_save
197*
198* @param object $post argument is a reference to the post object which is used to store information for the form
199* @param object $bloginfo_arg argument is reference to a blogInfo object.
200*/
9154b440 201function do_save(&$post, &$bloginfo_arg) {
4a173181 202 global $USER, $CFG;
203// echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
204// print_object($post); //debug
205
206 if ($post->body == '') {
207 $post->error = get_string('nomessagebodyerror', 'blog');
208 } else {
209
210 //initialize courseid and groupid if specified
211 if (isset($post->courseid)) {
212 $courseid = $post->courseid;
213 } else {
214 $courseid = 1;
215 }
216 if (isset($post->groupid)) {
217 $groupid = $post->groupid;
218 } else {
219 $groupid = '';
220 }
221
222/*
223 //group pseudocode
224 if ($groupid != '') {
225 if (! ismember($post->groupid) ) {
226 error('You are not a member of the specified group. Group with id#('.$groupid.')'); //Daryl Hawes note: LOCALIZATION NEEDED FOR THIS LINE
227 }
228 }*/
229
230 // Insert the new blog entry.
231 $entryID = $bloginfo_arg->insert_blog_entry($post->etitle, $post->body, $post->extendedbody, $USER->id, $post->format, $post->publishstate, $courseid, $groupid);
232
233// print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
234// echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
5c625033 235 $otags = optional_param('otags','', PARAM_INT);
236 $ptags = optional_param('ptags','', PARAM_INT);
237
4a173181 238 // Add tags information
239 foreach ($otags as $otag) {
240 $tag->entryid = $entryID;
241 $tag->tagid = $otag;
242 $tag->groupid = $groupid;
243 $tag->courseid = $courseid;
244 $tag->userid = $USER->id;
245
246 insert_record('blog_tag_instance',$tag);
247 }
248
249 foreach ($ptags as $ptag) {
250 $tag->entryid = $entryID;
251 $tag->tagid = $ptag;
252 $tag->groupid = $groupid;
253 $tag->courseid = $courseid;
254 $tag->userid = $USER->id;
255
256 insert_record('blog_tag_instance',$tag);
257 }
258
259 print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
260 //record a log message of this entry addition
261 if ($site = get_site()) {
262 add_to_log($site->id, 'blog', 'add', 'archive.php?userid='. $bloginfo_arg->userid .'&postid='. $entryID, 'created new blog entry with entry id# '. $entryID);
263 }
264 //to debug this save function comment out the following redirect code
9154b440 265 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
4a173181 266 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
267 } else {
268 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
269 }
270 }
271}
272
273/**
274 * @param . $post argument is a reference to the post object which is used to store information for the form
275 * @param . $bloginfo_arg argument is reference to a blogInfo object.
276 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
277 */
9154b440 278function do_update(&$post, &$bloginfo) {
4a173181 279
280 global $CFG, $USER;
281
282 //initialize courseid and groupid if specified
283 if (isset($post->courseid)) {
284 $courseid = $post->courseid;
285 } else {
286 $courseid = 1;
287 }
288 if (isset($post->groupid)) {
289 $groupid = $post->groupid;
290 } else {
291 $groupid = '';
292 }
293
294/*
295 //pseudocode for handling groups
296 if ($groupid != '') {
297 if (! ismember($groupid) ) {
298 error('You are not a member of the specified group. Group with id#('. $groupid .')'); //Daryl Hawes note: LOCALIZATION NEEDED FOR THIS LINE
299 }
300 }*/
301
302 $blogentry = $bloginfo->get_blog_entry_by_id($post->postid);
303 echo "id id ".$post->postid;
304// print_object($blogentry); //debug
305
306 $blogentry->set_title($post->etitle);
307 $blogentry->set_body($post->body);
308 if (isset($post->extendedbody)) {
309 $blogentry->set_extendedbody($post->extendedbody);
310 }
311 $blogentry->set_format($post->format);
312 $blogentry->set_publishstate($post->publishstate); //we don't care about the return value here
4a173181 313
314 if ( !$error = $blogentry->save() ) {
315// echo 'Debug: do_update in edit.php calling do_pings<br />'."\n"; //debug
316 delete_records('blog_tag_instance', 'entryid', $blogentry->entryId);
317
5c625033 318 $otags = optional_param('otags','', PARAM_INT);
319 $ptags = optional_param('ptags','', PARAM_INT);
4a173181 320 // Add tags information
321 foreach ($otags as $otag) {
322 $tag->entryid = $blogentry->entryId;
323 $tag->tagid = $otag;
324 $tag->groupid = $groupid;
325 $tag->courseid = $courseid;
326 $tag->userid = $USER->id;
327
328 insert_record('blog_tag_instance',$tag);
329 }
330
331 foreach ($ptags as $ptag) {
332 $tag->entryid = $blogentry->entryId;
333 $tag->tagid = $ptag;
334 $tag->groupid = $groupid;
335 $tag->courseid = $courseid;
336 $tag->userid = $USER->id;
337
338 insert_record('blog_tag_instance',$tag);
339 }
340 // only do pings if the entry is published to the world
341 // Daryl Hawes note - eventually should check if it's on the same server
342 // and if so allow pb/tb as well - especially now that moderation is in place
343 print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';
344
345 //record a log message of this entry update action
346 if ($site = get_site()) {
347 add_to_log($site->id, 'blog', 'update', 'archive.php?userid='. $bloginfo->userid .'&postid='. $post->postid, 'updated existing blog entry with entry id# '. $post->postid);
348 }
349
350 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo->userid);
351 } else {
352// get_string('', 'blog') //Daryl Hawes note: localize this line
353 $post->error = 'There was an error updating this post in the database: '. $error;
354 }
355}
356?>