small fix and cleaning
[moodle.git] / blog / edit.php
CommitLineData
4a173181 1<?php //$Id$
2
3require_once('../config.php');
4include_once('lib.php');
5include_once('class.BlogInfo.php');
6require_login();
eccfc1ca 7
8$userid = optional_param('userid', 0, PARAM_INT);
9$courseid = optional_param('courseid', SITEID, PARAM_INT);
10$act = optional_param('act','',PARAM_ALPHA);
11
4a173181 12// detemine where the user is coming from in case we need to send them back there
13if (isset($_SERVER['HTTP_REFERER'])) {
14 $referrer = $_SERVER['HTTP_REFERER'];
15} else {
16 $referrer = $CFG->wwwroot;
17}
18
19//first verify that user is not a guest
20if (isguest()) {
7ffb7e9c 21 error(get_string('noguestpost', 'blog'), $referrer);
4a173181 22}
23
5c625033 24$userid = optional_param('userid', 0, PARAM_INT);
25$editid = optional_param('editid', 0, PARAM_INT);
4a173181 26
4a173181 27//check to see if there is a requested blog to edit
28if (!empty($userid) && $userid != 0) {
29 if (blog_isLoggedIn() && $userid == $USER->id ) {
30 ; // Daryl Hawes note: is this a placeholder for missing functionality?
31 }
32} else if ( blog_isLoggedIn() ) {
33 //the user is logged in and have not specified a blog - so they will be editing their own
34 $tempBlogInfo = blog_user_bloginfo();
35 $userid = $tempBlogInfo->userid;
36 unset($tempBlogInfo); //free memory from temp object - bloginfo will be created again in the included header
37} else {
38 error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
39}
40
41$pageNavigation = 'edit';
42
43include($CFG->dirroot .'/blog/header.php');
44
4a173181 45//print_object($PAGE->bloginfo); //debug
46
47//check if user is in blog's acl
48if ( !blog_user_has_rights($PAGE->bloginfo) ) {
49 if ($editid != '') {
50 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
51 if (! (isteacher($blogEntry->$entryCourseId)) ) {
52// error( get_string('notallowedtoedit'.' You do not teach in this course.', 'blog'), $CFG->wwwroot .'/login/index.php');
53 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
54 }
55 } else {
56 error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
57 }
58}
59
60//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
61
eccfc1ca 62if (isset($act) && ($act == 'del') && confirm_sesskey())
4a173181 63{
1a3f39f1 64 $postid = required_param('postid', PARAM_INT);
65 if (optional_param('confirm',0,PARAM_INT)) {
7ffb7e9c 66 do_delete($PAGE->bloginfo, $postid);
67 } else {
68 /// prints blog entry and what confirmation form
1a3f39f1 69 echo '<div align="center"><form method="GET" action="edit.php">';
70 echo '<input type="hidden" name="act" value="del" />';
71 echo '<input type="hidden" name="confirm" value="1" />';
72 echo '<input type="hidden" name="postid" value="'.$postid.'" />';
73 echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
74 print_string('blogdeleteconfirm', 'blog');
75
76 $post = get_record('post', 'id', $postid);
77 $entry = new BlogEntry($post);
78 blog_print_entry($entry);
79 echo '<br />';
80 echo '<input type="submit" value="'.get_string('delete').'" /> ';
81 echo ' <input type="button" value="'.get_string('cancel').'" onclick="javascript:history.go(-1)" />';
82 echo '</form></div>';
83 print_footer($course);
84 die;
7ffb7e9c 85 }
4a173181 86}
87if ($usehtmleditor = can_use_richtext_editor()) {
88 $defaultformat = FORMAT_HTML;
89 $onsubmit = '';
90} else {
91 $defaultformat = FORMAT_MOODLE;
92 $onsubmit = '';
93}
94
9154b440 95if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
4a173181 96 if (!empty($post->editform)) { //make sure we're processing the edit form here
3a90f389 97 //print_object($post); //debug
4a173181 98
99 ///these varaibles needs to be changed because of the javascript hack
100 ///post->courseid
101 ///post->groupid
102 $post->courseid = $post->realcourse; //might not need either, if javascript re-written
103 $post->groupid = $post->realgroup; //might not need
104 $courseid = $post->realcourse;
105 //end of yu's code
106
107 if (!$post->etitle or !$post->body) {
108 $post->error = get_string('emptymessage', 'forum');
109 }
110 if ($post->act == 'save') {
9154b440 111 do_save($post, $PAGE->bloginfo);
4a173181 112 } else if ($post->act == 'update') {
9154b440 113 do_update($post, $PAGE->bloginfo);
4a173181 114 } else if ($post->act == 'del') {
a488b932 115 $postid = required_param('postid', PARAM_INT);
4a173181 116 do_delete($PAGE->bloginfo, $postid);
117 }
118 }
119} else {
120
121 //no post data yet, so load up the post array with default information
122 $post->etitle = '';
123 $post->userid = $USER->id;
124 $post->body = '';
4a173181 125 $post->format = $defaultformat;
126 $post->categoryid = array(1);
127 $post->publishstate = 'draft';
128 $post->courseid = $courseid;
4a173181 129
130}
131
132if ($editid != '') { // User is editing a post
133 // ensure that editing is allowed first - admin users can edit any posts
1e1ba8c2 134
4a173181 135 $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
136
137 //using an unformatted entry body here so that extra formatting information is not stored in the db
138 $post->body = $blogEntry->get_unformatted_entry_body();
4a173181 139 $post->etitle = $blogEntry->entryTitle;
140 $post->postid = $editid;
141 $post->userid = $PAGE->bloginfo->userid;
142 $post->categoryid = $blogEntry->entryCategoryIds;
143 $post->format = $blogEntry->entryFormat;
144 $post->publishstate = $blogEntry->entryPublishState;
4a173181 145}
146
147if (isset($post->postid) && ($post->postid != -1) ) {
9154b440 148
149 $formHeading = get_string('updateentrywithid', 'blog');
150
4a173181 151} else {
152 $formHeading = get_string('addnewentry', 'blog');
153}
154
155if (isset($post->error)) {
156 notify($post->error);
157}
158
159print_simple_box_start("center");
160require('edit.html');
161print_simple_box_end();
162
163 // Janne comment: Let's move this in here
164 // so IE gets more time to load the
165 // Page.
166 if ($usehtmleditor) {
167 // Janne comment: there are two text fields in form
168 // so lets try to replace them both with
169 // HTMLArea editors
170 use_html_editor();
171 }
172
173include($CFG->dirroot .'/blog/footer.php');
174
175
176/***************************** edit.php functions ***************************/
177/*
178* do_delete
179* takes $bloginfo_arg argument as reference to a blogInfo object.
180* also takes the postid - the id of the entry to be removed
181*/
182function do_delete(&$bloginfo_arg, $postid) {
183 global $CFG;
184 // make sure this user is authorized to delete this entry.
185 // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
186 if ($bloginfo_arg->delete_blog_entry_by_id($postid)) {
187 //echo "bloginfo_arg:"; //debug
188 print_object($bloginfo_arg); //debug
189 //echo "pid to delete:".$postid; //debug
190 delete_records('blog_tag_instance', 'entryid', $postid);
191 print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';
192
193 //record a log message of this entry deletion
194 if ($site = get_site()) {
195 add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $bloginfo_arg->userid, 'deleted blog entry with entry id# '. $postid);
196 }
197 } else {
198 error(get_string('entryerrornotyours', 'blog'));
199 }
200
201 //comment out this redirect to debug the deletion of entries
202 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
203}
204
205/**
206* do_save
207*
208* @param object $post argument is a reference to the post object which is used to store information for the form
209* @param object $bloginfo_arg argument is reference to a blogInfo object.
210*/
9154b440 211function do_save(&$post, &$bloginfo_arg) {
4a173181 212 global $USER, $CFG;
213// echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
214// print_object($post); //debug
215
216 if ($post->body == '') {
217 $post->error = get_string('nomessagebodyerror', 'blog');
218 } else {
219
4a173181 220 // Insert the new blog entry.
b2cda3d1 221 $entryID = $bloginfo_arg->insert_blog_entry($post->etitle, $post->body, $USER->id, $post->format, $post->publishstate, $courseid, $groupid);
4a173181 222
223// print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
224// echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
2d642a13 225
5c625033 226 $otags = optional_param('otags','', PARAM_INT);
227 $ptags = optional_param('ptags','', PARAM_INT);
228
2d642a13 229
230 $tag = NULL;
231 $tag->entryid = $entryID;
976982d3 232 $tag->groupid = $post->groupid;
233 $tag->courseid = $post->courseid;
2d642a13 234 $tag->userid = $USER->id;
235 $tag->timemodified = time();
236
60534cfc 237 /// Add tags information
4a173181 238 foreach ($otags as $otag) {
4a173181 239 $tag->tagid = $otag;
4a173181 240 insert_record('blog_tag_instance',$tag);
241 }
242
243 foreach ($ptags as $ptag) {
4a173181 244 $tag->tagid = $ptag;
4a173181 245 insert_record('blog_tag_instance',$tag);
246 }
247
248 print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
249 //record a log message of this entry addition
250 if ($site = get_site()) {
251 add_to_log($site->id, 'blog', 'add', 'archive.php?userid='. $bloginfo_arg->userid .'&postid='. $entryID, 'created new blog entry with entry id# '. $entryID);
252 }
253 //to debug this save function comment out the following redirect code
9154b440 254 if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
4a173181 255 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
256 } else {
257 redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
258 }
259 }
260}
261
262/**
263 * @param . $post argument is a reference to the post object which is used to store information for the form
264 * @param . $bloginfo_arg argument is reference to a blogInfo object.
265 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
266 */
9154b440 267function do_update(&$post, &$bloginfo) {
4a173181 268
269 global $CFG, $USER;
270
4a173181 271 $blogentry = $bloginfo->get_blog_entry_by_id($post->postid);
272 echo "id id ".$post->postid;
273// print_object($blogentry); //debug
274
4a173181 275 $blogentry->set_body($post->body);
4a173181 276 $blogentry->set_format($post->format);
277 $blogentry->set_publishstate($post->publishstate); //we don't care about the return value here
4a173181 278
279 if ( !$error = $blogentry->save() ) {
4a173181 280 delete_records('blog_tag_instance', 'entryid', $blogentry->entryId);
281
5c625033 282 $otags = optional_param('otags','', PARAM_INT);
283 $ptags = optional_param('ptags','', PARAM_INT);
2d642a13 284
285 $tag = NULL;
286 $tag->entryid = $blogentry->entryId;
976982d3 287 $tag->groupid = $post->groupid;
288 $tag->courseid = $post->courseid;
2d642a13 289 $tag->userid = $USER->id;
290 $tag->timemodified = time();
976982d3 291
60534cfc 292 /// Add tags information
4a173181 293 foreach ($otags as $otag) {
4a173181 294 $tag->tagid = $otag;
4a173181 295 insert_record('blog_tag_instance',$tag);
296 }
297
298 foreach ($ptags as $ptag) {
4a173181 299 $tag->tagid = $ptag;
4a173181 300 insert_record('blog_tag_instance',$tag);
301 }
976982d3 302
4a173181 303 // only do pings if the entry is published to the world
304 // Daryl Hawes note - eventually should check if it's on the same server
305 // and if so allow pb/tb as well - especially now that moderation is in place
306 print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';
307
308 //record a log message of this entry update action
309 if ($site = get_site()) {
310 add_to_log($site->id, 'blog', 'update', 'archive.php?userid='. $bloginfo->userid .'&postid='. $post->postid, 'updated existing blog entry with entry id# '. $post->postid);
311 }
312
313 redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo->userid);
314 } else {
315// get_string('', 'blog') //Daryl Hawes note: localize this line
316 $post->error = 'There was an error updating this post in the database: '. $error;
317 }
318}
319?>