fix undefined variable $context on line 135
[moodle.git] / blog / edit.php
CommitLineData
4a173181 1<?php //$Id$
2
3require_once('../config.php');
4include_once('lib.php');
4a173181 5require_login();
eccfc1ca 6
eccfc1ca 7$courseid = optional_param('courseid', SITEID, PARAM_INT);
8$act = optional_param('act','',PARAM_ALPHA);
9
ab2f17b0 10if (empty($CFG->bloglevel)) {
11 error('Blogging is disabled!');
12}
13
4a173181 14// detemine where the user is coming from in case we need to send them back there
9ffcd15f 15if (!$referrer = optional_param('referrer','', PARAM_URL)) {
16 if (isset($_SERVER['HTTP_REFERER'])) {
17 $referrer = $_SERVER['HTTP_REFERER'];
18 } else {
19 $referrer = $CFG->wwwroot;
20 }
4a173181 21}
22
bbbf2d40 23
24$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
d7bf6d17 25if (!has_capability('moodle/blog:view', $context)) {
bbbf2d40 26 error(get_string('nopost', 'blog'), $referrer);
4a173181 27}
28
bbbf2d40 29
30// Make sure that the person trying to edit have access right
6524adcf 31if ($editid = optional_param('editid', 0, PARAM_INT)) {
32
33 $blogEntry = get_record('post', 'id', $editid);
34
0468976c 35 if (!blog_user_can_edit_post($blogEntry, $context)) {
bbbf2d40 36 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
4a173181 37 }
6524adcf 38}
39
bbbf2d40 40// Check to see if there is a requested blog to edit
6524adcf 41if (isloggedin() && !isguest()) {
48e79fd1 42 $userid = $USER->id;
4a173181 43} else {
44 error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
45}
46
bbbf2d40 47// If we are trying to delete an non-existing blog entry
48e79fd1 48if (isset($act) && ($act == 'del') && (empty($blogEntry))) {
49 error ('the entry you are trying to delete does not exist');
50}
51
52
4a173181 53$pageNavigation = 'edit';
4a173181 54include($CFG->dirroot .'/blog/header.php');
55
4a173181 56//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
57
eccfc1ca 58if (isset($act) && ($act == 'del') && confirm_sesskey())
4a173181 59{
c2ee4e87 60 $postid = required_param('editid', PARAM_INT);
1a3f39f1 61 if (optional_param('confirm',0,PARAM_INT)) {
d7bf6d17 62 do_delete($postid, $context);
7ffb7e9c 63 } else {
6524adcf 64
7ffb7e9c 65 /// prints blog entry and what confirmation form
1a3f39f1 66 echo '<div align="center"><form method="GET" action="edit.php">';
67 echo '<input type="hidden" name="act" value="del" />';
68 echo '<input type="hidden" name="confirm" value="1" />';
c2ee4e87 69 echo '<input type="hidden" name="editid" value="'.$postid.'" />';
1a3f39f1 70 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
6524adcf 71
1a3f39f1 72 print_string('blogdeleteconfirm', 'blog');
6524adcf 73 blog_print_entry($blogEntry);
74
1a3f39f1 75 echo '<br />';
76 echo '<input type="submit" value="'.get_string('delete').'" /> ';
77 echo ' <input type="button" value="'.get_string('cancel').'" onclick="javascript:history.go(-1)" />';
78 echo '</form></div>';
79 print_footer($course);
48e79fd1 80 exit;
7ffb7e9c 81 }
4a173181 82}
48e79fd1 83
4a173181 84if ($usehtmleditor = can_use_richtext_editor()) {
85 $defaultformat = FORMAT_HTML;
86 $onsubmit = '';
87} else {
88 $defaultformat = FORMAT_MOODLE;
89 $onsubmit = '';
90}
91
9154b440 92if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
4a173181 93 if (!empty($post->editform)) { //make sure we're processing the edit form here
3a90f389 94 //print_object($post); //debug
4a173181 95
4a173181 96 if (!$post->etitle or !$post->body) {
97 $post->error = get_string('emptymessage', 'forum');
98 }
99 if ($post->act == 'save') {
c2ee4e87 100 do_save($post);
4a173181 101 } else if ($post->act == 'update') {
c2ee4e87 102 do_update($post);
4a173181 103 } else if ($post->act == 'del') {
a488b932 104 $postid = required_param('postid', PARAM_INT);
d7bf6d17 105 do_delete($postid, $context);
4a173181 106 }
107 }
108} else {
109
110 //no post data yet, so load up the post array with default information
111 $post->etitle = '';
112 $post->userid = $USER->id;
113 $post->body = '';
4a173181 114 $post->format = $defaultformat;
4a173181 115 $post->publishstate = 'draft';
4a173181 116}
117
48e79fd1 118if ($editid) { // User is editing a post
4a173181 119 // ensure that editing is allowed first - admin users can edit any posts
1e1ba8c2 120
c2ee4e87 121 $blogEntry = get_record('post','id',$editid);
4a173181 122
123 //using an unformatted entry body here so that extra formatting information is not stored in the db
2f5196e7 124 $post->body = stripslashes_safe($blogEntry->summary);
d1748820 125 $post->etitle = stripslashes_safe($blogEntry->subject);
4a173181 126 $post->postid = $editid;
c2ee4e87 127 $post->userid = $blogEntry->userid;
128 $post->format = $blogEntry->format;
129 $post->publishstate = $blogEntry->publishstate;
4a173181 130}
131
132if (isset($post->postid) && ($post->postid != -1) ) {
9154b440 133 $formHeading = get_string('updateentrywithid', 'blog');
4a173181 134} else {
135 $formHeading = get_string('addnewentry', 'blog');
136}
137
138if (isset($post->error)) {
139 notify($post->error);
140}
141
142print_simple_box_start("center");
143require('edit.html');
144print_simple_box_end();
145
4a173181 146include($CFG->dirroot .'/blog/footer.php');
147
148
149/***************************** edit.php functions ***************************/
150/*
151* do_delete
152* takes $bloginfo_arg argument as reference to a blogInfo object.
153* also takes the postid - the id of the entry to be removed
154*/
d7bf6d17 155function do_delete($postid, $context) {
9ffcd15f 156 global $CFG, $USER, $referrer;
4a173181 157 // make sure this user is authorized to delete this entry.
158 // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
c2ee4e87 159 // check ownership
d7bf6d17 160 $blogEntry = get_record('post', 'id', $postid);
c2ee4e87 161
d7bf6d17 162 if (blog_user_can_edit_post($blogEntry, $context)) {
163 if (delete_records('post', 'id', $postid)) {
c2ee4e87 164 //echo "bloginfo_arg:"; //debug
165 //print_object($bloginfo_arg); //debug
166 //echo "pid to delete:".$postid; //debug
167 delete_records('blog_tag_instance', 'entryid', $postid);
168 print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';
169
170 //record a log message of this entry deletion
171 if ($site = get_site()) {
48e79fd1 172 add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $blogEntry->userid, 'deleted blog entry with entry id# '. $postid);
c2ee4e87 173 }
4a173181 174 }
c2ee4e87 175 }
176 else {
4a173181 177 error(get_string('entryerrornotyours', 'blog'));
178 }
179
180 //comment out this redirect to debug the deletion of entries
9ffcd15f 181
f4c85f46 182 redirect($CFG->wwwroot .'/blog/index.php?userid='. $blogEntry->userid);
4a173181 183}
184
185/**
186* do_save
187*
188* @param object $post argument is a reference to the post object which is used to store information for the form
189* @param object $bloginfo_arg argument is reference to a blogInfo object.
190*/
c2ee4e87 191function do_save($post) {
9ffcd15f 192 global $USER, $CFG, $referrer;
4a173181 193// echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
194// print_object($post); //debug
195
196 if ($post->body == '') {
197 $post->error = get_string('nomessagebodyerror', 'blog');
198 } else {
199
c2ee4e87 200 /// Write a blog entry into database
201 $blogEntry = new object;
202 $blogEntry->subject = addslashes($post->etitle);
203 $blogEntry->summary = addslashes($post->body);
204 $blogEntry->module = 'blog';
205 $blogEntry->userid = $USER->id;
206 $blogEntry->format = $post->format;
207 $blogEntry->publishstate = $post->publishstate;
208 $blogEntry->lastmodified = time();
209 $blogEntry->created = time();
210
4a173181 211 // Insert the new blog entry.
c2ee4e87 212 $entryID = insert_record('post',$blogEntry);
4a173181 213
214// print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
215// echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
c2ee4e87 216 if ($entryID) {
217
218 /// Creates a unique hash. I don't know what this is for (Yu)
219 $dataobject = new object;
220 $dataobject->uniquehash = md5($blogEntry->userid.$CFG->wwwroot.$entryID);
221 update_record('post', $dataobject);
222
223 /// Associate tags with entries
e315e16c 224
c2ee4e87 225 $tag = NULL;
226 $tag->entryid = $entryID;
227 $tag->userid = $USER->id;
228 $tag->timemodified = time();
229
230 /// Add tags information
e315e16c 231 if ($otags = optional_param('otags','', PARAM_INT)) {
232 foreach ($otags as $otag) {
233 $tag->tagid = $otag;
234 insert_record('blog_tag_instance',$tag);
235 }
c2ee4e87 236 }
237
e315e16c 238 if ($ptags = optional_param('ptags','', PARAM_INT)) {
239 foreach ($ptags as $ptag) {
240 $tag->tagid = $ptag;
241 insert_record('blog_tag_instance',$tag);
242 }
c2ee4e87 243 }
244
245 print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
4a173181 246 }
4a173181 247 //record a log message of this entry addition
248 if ($site = get_site()) {
14148bc2 249 add_to_log($site->id, 'blog', 'add', 'index.php?userid='. $blogEntry->userid .'&postid='. $entryID, $blogEntry->subject);
4a173181 250 }
9ffcd15f 251
252 redirect($referrer);
253 /*
4a173181 254 //to debug this save function comment out the following redirect code
9154b440 255 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
c2ee4e87 256 redirect($CFG->wwwroot .'/blog/index.php?userid='. $blogEntry->userid);
4a173181 257 } else {
258 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
9ffcd15f 259 }*/
4a173181 260 }
261}
262
263/**
264 * @param . $post argument is a reference to the post object which is used to store information for the form
265 * @param . $bloginfo_arg argument is reference to a blogInfo object.
266 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
267 */
c2ee4e87 268function do_update($post) {
269 // here post = data_submitted();
9ffcd15f 270 global $CFG, $USER, $referrer;
c2ee4e87 271 $blogEntry = get_record('post','id',$post->postid);
272// echo "id id ".$post->postid;
4a173181 273// print_object($blogentry); //debug
274
c2ee4e87 275 $blogEntry->subject = addslashes($post->etitle);
276 $blogEntry->summary = addslashes($post->body);
277 if ($blogEntry->summary == '<br />') {
278 $blogEntry->summary = '';
279 }
280 $blogEntry->format = $post->format;
281 $blogEntry->publishstate = $post->publishstate; //we don't care about the return value here
4a173181 282
c2ee4e87 283 if ( update_record('post',$blogEntry)) {
284 delete_records('blog_tag_instance', 'entryid', $blogEntry->id);
4a173181 285
2d642a13 286 $tag = NULL;
c2ee4e87 287 $tag->entryid = $blogEntry->id;
2d642a13 288 $tag->userid = $USER->id;
289 $tag->timemodified = time();
976982d3 290
60534cfc 291 /// Add tags information
9fad492e 292 if ($otags = optional_param('otags','', PARAM_INT)) {
293 foreach ($otags as $otag) {
294 $tag->tagid = $otag;
295 insert_record('blog_tag_instance',$tag);
296 }
4a173181 297 }
298
9fad492e 299 if ($ptags = optional_param('ptags','', PARAM_INT)) {
300 foreach ($ptags as $ptag) {
301 $tag->tagid = $ptag;
302 insert_record('blog_tag_instance',$tag);
303 }
4a173181 304 }
976982d3 305
4a173181 306 // only do pings if the entry is published to the world
307 // Daryl Hawes note - eventually should check if it's on the same server
308 // and if so allow pb/tb as well - especially now that moderation is in place
309 print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';
310
311 //record a log message of this entry update action
312 if ($site = get_site()) {
14148bc2 313 add_to_log($site->id, 'blog', 'update', 'index.php?userid='. $blogEntry->userid .'&postid='. $post->postid, $blogEntry->subject);
4a173181 314 }
9ffcd15f 315
316 redirect($referrer);
317 //to debug this save function comment out the following redirect code
318/*
319 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
320 redirect($CFG->wwwroot .'/blog/index.php?userid='. $blogEntry->userid);
321 } else {
322 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
323 }*/
4a173181 324 } else {
325// get_string('', 'blog') //Daryl Hawes note: localize this line
fea68f90 326 $post->error = 'There was an error updating this post in the database';
4a173181 327 }
328}
d7bf6d17 329?>