set('isEdition', $isEdition); $theme->set('postId', $postId); $theme->set('pagination', ''); if (get_magic_quotes_gpc()) { foreach ($_GET as $k=>$get) { $_GET[$k]=stripslashes($get); } } $util_class = new util(); if ($user->isAuthenticated()) { if (isset($_GET["delete"])) { $tumble->deletePost($_GET['delete']); header("Location: index.php?deleted=true"); die(); } if (isset($_POST["btnAdd"])) { unset($_POST["btnAdd"]); $_POST['type'] = $util_class->type2Number($_POST['type']); if ($_POST["type"]=="2") { // is Photo type if (isset($_POST["url"]) && $_POST["url"]!="") { $photoName = $util_class->getFileName($_POST["url"]); if (!$tumble->savePhoto($_POST["url"])) { header("Location: ".$conf->urlSorbet."/admin/index.php?photo=false"); die(); } $_POST["url"] = "../uploads/".$util_class->sanitizeName($photoName); } if (move_uploaded_file($_FILES['photo']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']))) { $_POST["url"] = "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']); } unset($_POST["photo"]); unset($_POST["MAX_FILE_SIZE"]); } if ($_POST["type"]=="7") { // is MP3 type set_time_limit(300); if (isset($_POST["url"]) && $_POST["url"]!="") { $mp3Name = $util_class->getFileName($_POST["url"]); if (!$tumble->saveMP3($_POST["url"])) { header("Location: ".$conf->urlSorbet."/admin/index.php?mp3=false"); die(); } $_POST["url"] = $conf->urlSorbet."/uploads/".$mp3Name; } if (move_uploaded_file($_FILES['mp3']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['mp3']['name']))) { $_POST["url"] = $conf->urlSorbet."/uploads/".$util_class->sanitizeName($_FILES['mp3']['name']); } unset($_POST["mp3"]); unset($_POST["MAX_FILE_SIZE"]); } if (!get_magic_quotes_gpc()) { $_POST["title"] = addslashes($_POST["title"]); $_POST["description"] = addslashes($_POST["description"]); } /* $textile = new Textile(); $_POST["title"] = $textile->TextileThis(removeBadTags($_POST["title"],true)); $_POST["description"] = $textile->TextileThis(removeBadTags($_POST["description"])); */ $_POST["title"] = $util_class->removeBadTags($_POST["title"], true); $_POST["description"] = $util_class->removeBadTags($_POST["description"]); if (isset($_POST["id_post"]) and is_numeric($_POST["id_post"]) and $_POST["id_post"]>0) { $tumble->modifyPost($_POST, $_POST["id_post"]); } else { if ($tumble->addPost($_POST)) { header("Location: ".$conf->urlSorbet."/admin/index.php?added=true"); die(); } else { header("Location: ".$conf->urlSorbet."/admin/index.php?error=2&des=".$tumble->merror); die(); } } } else { if ($isEdition) { $post = $tumble->getPost($postId); } $admin_includes = ""; $trigger->call('admin_includes'); $theme->set('admin_includes', $admin_includes); $theme->set('version', $util_class->version()); $theme->set('conf', array( 'urlSorbet'=>$conf->urlSorbet, 'richText'=>$conf->richText )); $theme->set('new', isset($_GET['new'])?$_GET['new']:''); $theme->set('information', false); $theme->set('error', false); if ($conf->check_version) { $present = $util_class->version(); $lastest = "1.0";//$util_class->_file_get_contents(""); if ($present < $lastest) { $theme->set('information', __("A new version has been released and is ready for download.")); } } $actions = array( 'deleted'=>false, 'modified'=>false, 'added'=>false ); if (isset($_GET['deleted']) and $_GET['deleted']=='true') { $theme->set('exito', __("The post has been eliminated successfully.")); $actions['deleted'] = true; } if (isset($_GET["modified"]) and $_GET["modified"]==true) { $theme->set('exito', __("The post has been modified successfully.")); $actions['modified']=true; } if (isset($_GET["added"]) and $_GET["added"]==true) { $theme->set('exito', __("The post has been added successfully.")); $actions['added']=true; } $theme->set('action', $actions); if (isset($_GET["error"]) and $_GET["error"]==2) { $theme->set('error', __("Error on the database server:")." ".$_GET["des"]); } if (isset($_GET["mp3"]) and $_GET["mp3"]=='false') { $theme->set('error', __("Not an MP3 file or an upload problem.")); } if (isset($_GET["photo"]) and $_GET["photo"]=='false') { $theme->set('error', __("Not a photo file or an upload problem.")); } if ($isEdition) { switch ($post["type"]) { case "1": $_GET["new"] = "post"; break; case "2": $_GET["new"] = "photo"; break; case "3": $_GET["new"] = "quote"; break; case "4": $_GET["new"] = "url"; break; case "5": $_GET["new"] = "conversation"; break; case "6": $_GET["new"] = "video"; break; case "7": $_GET["new"] = "mp3"; break; } } $date = ($isEdition) ? strtotime($post["date"]) : time(); $title = ($isEdition) ? htmlspecialchars(stripslashes($post["title"])) : ""; $body = ($isEdition) ? stripslashes($post["description"]) : ""; $url = ($isEdition) ? $post["url"] : ""; if (!isset($_GET['new'])) { $_GET['new'] = 'post'; } $form = new themes; $form->set('date', $date); $form->set('id_user', $_SESSION['user_id']); $form->set('type', $_GET["new"]); $form->set('editBody', $body); switch ($_GET["new"]) { case "post": $form->set('editTitle', $title); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_post.htm')); break; case "photo": $url = str_replace("../", $conf->urlSorbet."/", $url); $form->set('editUrl', $url); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_photo.htm')); break; case "quote": $form->set('editTitle', $title); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_quote.htm')); break; case "url": $form->set('editTitle', $title); $form->set('editUrl', $url); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_link.htm')); break; case "conversation": $form->set('editTitle', $title); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_conversation.htm')); break; case "video": $form->set('editUrl', $url); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_video.htm')); break; case "mp3": $form->set('editUrl', $url); $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_mp3.htm')); break; } if (!$isEdition) { if (isset($_GET["page"])) { $page_num = $_GET["page"]; } else { $page_num = null; } $limit=$conf->postLimit; if (isset($page_num) && is_numeric($page_num) && $page_num>0) {// Is defined the page and is numeric? $from = (($page_num-1) * $limit); } else { $from = 0; } $rs = $tumble->getPosts($limit, $from); $theme->set('Posts_Number', $db->contarRegistros()); $rows = array(); if ($db->contarRegistros()>0) { while ($register = $rs->fetch()) { $row['postType'] = $util_class->type2Text($tumble->getType($register["id_post"])); $formatedDate = gmdate("M d", strtotime($register["date"]) + $util_class->transform_offset($conf->offsetTime)); $strEnd=($conf->urlFriendly) ? "/" : ""; $permalink = $conf->urlSorbet.($conf->urlFriendly?"/post/":"/index.php?post=").$register["id_post"].$strEnd; $register["title"] = stripslashes($register["title"]); $register["description"] = stripslashes($register["description"]); $row['Id_Post'] = $register["id_post"]; $row['Date_Added'] = $formatedDate; $row['Permalink'] = $permalink; switch ($tumble->getType($register["id_post"])) { case "1": $row['Title'] = $register["title"]; $row['Body'] = $register["description"]; break; case "2": $fileName = "../uploads/".$util_class->getFileName($register["url"]); $x = @getimagesize($fileName); if ($x[0] > 100) { $photoPath = $conf->urlSorbet."/classes/imgsize.php?w=100&img=".$register["url"]; } else { $photoPath = $register["url"]; } $effect = " href=\"".str_replace("../", $conf->urlSorbet."/", $register["url"])."\" rel=\"lightbox\""; $row['PhotoURL'] = $photoPath; $row['PhotoAlt'] = strip_tags($register["description"]); $row['Caption'] = $register["description"]; $row['Effect'] = $effect; break; case "3": $row['Quote'] = $register["description"]; $row['Source'] = $register["title"]; break; case "4": if ($conf->shorten_links) { $register["url"] = $util_class->_file_get_contents("http://api.abbrr.com/api.php?out=link&url=".$register["url"]); } $register["title"] = ($register["title"]=="")? $register["url"] : $register["title"]; $row['URL'] = $register["url"]; $row['Name'] = $register["title"]; $row['Description'] = $register["description"]; break; case "5": $row['Title'] = $register["title"]; $row['Conversation'] = $tumble->formatConversation($register["description"]); break; case "6": $row['Video'] = $tumble->getVideoPlayer($register["url"]); $row['Caption'] = $register["description"]; break; case "7": $row['Mp3'] = $tumble->getMp3Player($register["url"]); $row['Caption'] = $register["description"]; break; } $rows[] = $row; } $p = new pagination; $p->items($tumble->getPostsNumber()); $p->limit($limit); $p->currentPage(isset($page_num) ? $page_num : 1); $theme->set('pagination', $p->getPagination()); $theme->set('rows', $rows); } else { $theme->set('error', __("No posts in this tumblelog.")); } } $theme->display(Absolute_Path.'admin/themes/admin/index.htm'); } } else { header("Location: ".$conf->urlSorbet."/login.php"); }