<?php
if (!defined('entry')) {
define('entry', true);
}
/* ===========================
gelato CMS - A PHP based tumblelog CMS
development version
http://www.gelatocms.com/
gelato CMS is a free software licensed under the GPL 2.0
Copyright (C) 2007 by Pedro Santana <pecesama at gmail dot com>
=========================== */
?>
<?php
require('../entry.php');
global $user, $conf, $tumble;
#$template = new plantillas("admin");
$theme = new themes;
$isEdition = (isset($_GET["edit"])) ? true : false;
$postId = ($isEdition) ? $_GET["edit"] : null;
$theme->set('isEdition', $isEdition);
$theme->set('postId', $postId);
$theme->set('pagination', '');
if (get_magic_quotes_gpc()) {
foreach ($_GET as $k=>$get) {
$_GET[$k]=stripslashes($get);
}
}
$util_class = new util();
if ($user->isAuthenticated()) {
if (isset($_GET["delete"])) {
$tumble->deletePost($_GET['delete']);
header("Location: index.php?deleted=true");
die();
}
if (isset($_POST["btnAdd"])) {
unset($_POST["btnAdd"]);
$_POST['type'] = $util_class->type2Number($_POST['type']);
if ($_POST["type"]=="2") { // is Photo type
if (isset($_POST["url"]) && $_POST["url"]!="") {
$photoName = $util_class->getFileName($_POST["url"]);
if (!$tumble->savePhoto($_POST["url"])) {
header("Location: ".$conf->urlGelato."/admin/index.php?photo=false");
die();
}
$_POST["url"] = "../uploads/".$util_class->sanitizeName($photoName);
}
if (move_uploaded_file($_FILES['photo']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']))) {
$_POST["url"] = "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']);
}
unset($_POST["photo"]);
unset($_POST["MAX_FILE_SIZE"]);
}
if ($_POST["type"]=="7") { // is MP3 type
set_time_limit(300);
$mp3Name = $util_class->getFileName($_POST["url"]);
if (!$tumble->saveMP3($_POST["url"])) {
header("Location: ".$conf->urlGelato."/admin/index.php?mp3=false");
die();
}
if ($util_class->isMP3($remoteFileName)) {
$_POST["url"] = $conf->urlGelato."/uploads/".$mp3Name;
}
}
if (!get_magic_quotes_gpc()) {
$_POST["title"] = addslashes($_POST["title"]);
$_POST["description"] = addslashes($_POST["description"]);
}
/*
$textile = new Textile();
$_POST["title"] = $textile->TextileThis(removeBadTags($_POST["title"],true));
$_POST["description"] = $textile->TextileThis(removeBadTags($_POST["description"]));
*/
$_POST["title"] = $util_class->removeBadTags($_POST["title"], true);
$_POST["description"] = $util_class->removeBadTags($_POST["description"]);
if (isset($_POST["id_post"]) and is_numeric($_POST["id_post"]) and $_POST["id_post"]>0) {
$tumble->modifyPost($_POST, $_POST["id_post"]);
} else {
if ($tumble->addPost($_POST)) {
header("Location: ".$conf->urlGelato."/admin/index.php?added=true");
die();
} else {
header("Location: ".$conf->urlGelato."/admin/index.php?error=2&des=".$tumble->merror);
die();
}
}
} else {
if ($isEdition) {
$post = $tumble->getPost($postId);
}
$admin_includes = "";
$trigger->call('admin_includes');
$theme->set('admin_includes', $admin_includes);
$theme->set('version', $util_class->version());
$theme->set('conf', array(
'urlGelato'=>$conf->urlGelato,
'richText'=>$conf->richText
));
$theme->set('new', isset($_GET['new'])?$_GET['new']:'');
$theme->set('information', false);
$theme->set('error', false);
if ($conf->check_version) {
$present = $util_class->version();
$lastest = $util_class->_file_get_contents("http://www.gelatocms.com/vgel.txt");
if ($present < $lastest) {
$theme->set('information', __("A new gelato version has been released and is ready <a href=\"http://www.gelatocms.com/\">for download</a>."));
}
}
$actions = array(
'deleted'=>false,
'modified'=>false,
'added'=>false
);
if (isset($_GET['deleted']) and $_GET['deleted']=='true') {
$theme->set('exito', __("The post has been eliminated successfully."));
$actions['deleted'] = true;
}
if (isset($_GET["modified"]) and $_GET["modified"]==true) {
$theme->set('exito', __("The post has been modified successfully."));
$actions['modified']=true;
}
if (isset($_GET["added"]) and $_GET["added"]==true) {
$theme->set('exito', __("The post has been added successfully."));
$actions['added']=true;
}
$theme->set('action', $actions);
if (isset($_GET["error"]) and $_GET["error"]==2) {
$theme->set('error', __("Error on the database server:")." </strong>".$_GET["des"]);
}
if (isset($_GET["mp3"]) and $_GET["mp3"]=='false') {
$theme->set('error', __("Not an MP3 file or an upload problem."));
}
if (isset($_GET["photo"]) and $_GET["photo"]=='false') {
$theme->set('error', __("Not a photo file or an upload problem."));
}
if ($isEdition) {
switch ($post["type"]) {
case "1": $_GET["new"] = "post"; break;
case "2": $_GET["new"] = "photo"; break;
case "3": $_GET["new"] = "quote"; break;
case "4": $_GET["new"] = "url"; break;
case "5": $_GET["new"] = "conversation"; break;
case "6": $_GET["new"] = "video"; break;
case "7": $_GET["new"] = "mp3"; break;
}
}
$date = ($isEdition) ? strtotime($post["date"]) : time();
$title = ($isEdition) ? htmlspecialchars(stripslashes($post["title"])) : "";
$body = ($isEdition) ? stripslashes($post["description"]) : "";
$url = ($isEdition) ? $post["url"] : "";
if (!isset($_GET['new'])) {
$_GET['new'] = 'post';
}
$form = new themes;
$form->set('date', $date);
$form->set('id_user', $_SESSION['user_id']);
$form->set('type', $_GET["new"]);
$form->set('editBody', $body);
switch ($_GET["new"]) {
case "post":
$form->set('editTitle', $title);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_post.htm'));
break;
case "photo":
$url = str_replace("../", $conf->urlGelato."/", $url);
$form->set('editUrl', $url);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_photo.htm'));
break;
case "quote":
$form->set('editTitle', $title);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_quote.htm'));
break;
case "url":
$form->set('editTitle', $title);
$form->set('editUrl', $url);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_link.htm'));
break;
case "conversation":
$form->set('editTitle', $title);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_conversation.htm'));
break;
case "video":
$form->set('editUrl', $url);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_video.htm'));
break;
case "mp3":
$form->set('editUrl', $url);
$theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_mp3.htm'));
break;
}
if (!$isEdition) {
if (isset($_GET["page"])) {
$page_num = $_GET["page"];
} else {
$page_num = null;
}
$limit=$conf->postLimit;
if (isset($page_num) && is_numeric($page_num) && $page_num>0) {// Is defined the page and is numeric?
$from = (($page_num-1) * $limit);
} else {
$from = 0;
}
$rs = $tumble->getPosts($limit, $from);
$theme->set('Posts_Number', $db->contarRegistros());
$rows = array();
if ($db->contarRegistros()>0) {
while ($register = $rs->fetch()) {
$row['postType'] = $util_class->type2Text($tumble->getType($register["id_post"]));
$formatedDate = gmdate("M d", strtotime($register["date"]) + $util_class->transform_offset($conf->offsetTime));
$strEnd=($conf->urlFriendly) ? "/" : "";
$permalink = $conf->urlGelato.($conf->urlFriendly?"/post/":"/index.php?post=").$register["id_post"].$strEnd;
$register["title"] = stripslashes($register["title"]);
$register["description"] = stripslashes($register["description"]);
$row['Id_Post'] = $register["id_post"];
$row['Date_Added'] = $formatedDate;
$row['Permalink'] = $permalink;
switch ($tumble->getType($register["id_post"])) {
case "1":
$row['Title'] = $register["title"];
$row['Body'] = $register["description"];
break;
case "2":
$fileName = "../uploads/".$util_class->getFileName($register["url"]);
$x = @getimagesize($fileName);
if ($x[0] > 100) {
$photoPath = $conf->urlGelato."/classes/imgsize.php?w=100&img=".$register["url"];
} else {
$photoPath = $register["url"];
}
$effect = " href=\"".str_replace("../", $conf->urlGelato."/", $register["url"])."\" rel=\"lightbox\"";
$row['PhotoURL'] = $photoPath;
$row['PhotoAlt'] = strip_tags($register["description"]);
$row['Caption'] = $register["description"];
$row['Effect'] = $effect;
break;
case "3":
$row['Quote'] = $register["description"];
$row['Source'] = $register["title"];
break;
case "4":
if ($conf->shorten_links) {
$register["url"] = $util_class->_file_get_contents("http://api.abbrr.com/api.php?out=link&url=".$register["url"]);
}
$register["title"] = ($register["title"]=="")? $register["url"] : $register["title"];
$row['URL'] = $register["url"];
$row['Name'] = $register["title"];
$row['Description'] = $register["description"];
break;
case "5":
$row['Title'] = $register["title"];
$row['Conversation'] = $tumble->formatConversation($register["description"]);
break;
case "6":
$row['Video'] = $tumble->getVideoPlayer($register["url"]);
$row['Caption'] = $register["description"];
break;
case "7":
$row['Mp3'] = $tumble->getMp3Player($register["url"]);
$row['Caption'] = $register["description"];
break;
}
$rows[] = $row;
}
$p = new pagination;
$p->items($tumble->getPostsNumber());
$p->limit($limit);
$p->currentPage(isset($page_num) ? $page_num : 1);
$theme->set('pagination', $p->getPagination());
$theme->set('rows', $rows);
} else {
$theme->set('error', __("No posts in this tumblelog."));
}
}
$theme->display(Absolute_Path.'admin/themes/admin/index.htm');
}
} else {
header("Location: ".$conf->urlGelato."/login.php");
}
?>