Home Explore Help
Sign In
richard
/
sorbetcms
Watch 1
Star 0
Fork 1
Code Issues 0 Pull Requests 0 Commits 284 Releases 0 Wiki

A tumblelog CMS built on AJAX, PHP and MySQL.

Tree: 1b1990f42c
Branches Tags
sorbetcms/admin/index.php

index.php 15KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327 
  1. <?php

  2. if (!defined('entry')) {

  3.     define('entry', true);

  4. }

  5. /* ===========================

  6. 

  7.   gelato CMS - A PHP based tumblelog CMS

  8.   development version

  9.   http://www.gelatocms.com/

  10. 

  11.   gelato CMS is a free software licensed under the GPL 2.0

  12.   Copyright (C) 2007 by Pedro Santana <pecesama at gmail dot com>

  13. 

  14.   =========================== */

  15. ?>

  16. <?php

  17. require('../entry.php');

  18. 

  19. global $user, $conf, $tumble;

  20. #$template = new plantillas("admin");

  21. $theme = new themes;

  22. 

  23. $isEdition = (isset($_GET["edit"])) ? true : false;

  24. $postId = ($isEdition) ? $_GET["edit"] : null;

  25. 

  26. $theme->set('isEdition', $isEdition);

  27. $theme->set('postId', $postId);

  28. $theme->set('pagination', '');

  29. 

  30. if (get_magic_quotes_gpc()) {

  31.     foreach ($_GET as $k=>$get) {

  32.         $_GET[$k]=stripslashes($get);

  33.     }

  34. }

  35. $util_class = new util();

  36. if ($user->isAuthenticated()) {

  37.     if (isset($_GET["delete"])) {

  38.         $tumble->deletePost($_GET['delete']);

  39.         header("Location: index.php?deleted=true");

  40.         die();

  41.     }

  42. 

  43.     if (isset($_POST["btnAdd"])) {

  44.         unset($_POST["btnAdd"]);

  45.         $_POST['type'] = $util_class->type2Number($_POST['type']);

  46. 

  47.         if ($_POST["type"]=="2") { // is Photo type

  48.                         if (isset($_POST["url"]) && $_POST["url"]!="") {

  49.                             $photoName = $util_class->getFileName($_POST["url"]);

  50.                             if (!$tumble->savePhoto($_POST["url"])) {

  51.                                 header("Location: ".$conf->urlGelato."/admin/index.php?photo=false");

  52.                                 die();

  53.                             }

  54.                             $_POST["url"] = "../uploads/".$util_class->sanitizeName($photoName);

  55.                         }

  56. 

  57.             if (move_uploaded_file($_FILES['photo']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']))) {

  58.                 $_POST["url"] = "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']);

  59.             }

  60. 

  61.             unset($_POST["photo"]);

  62.             unset($_POST["MAX_FILE_SIZE"]);

  63.         }

  64. 

  65.         if ($_POST["type"]=="7") { // is MP3 type

  66.                         set_time_limit(300);

  67.             $mp3Name = $util_class->getFileName($_POST["url"]);

  68.             if (!$tumble->saveMP3($_POST["url"])) {

  69.                 header("Location: ".$conf->urlGelato."/admin/index.php?mp3=false");

  70.                 die();

  71.             }

  72.             if ($util_class->isMP3($remoteFileName)) {

  73.                 $_POST["url"] = $conf->urlGelato."/uploads/".$mp3Name;

  74.             }

  75.         }

  76. 

  77.         if (!get_magic_quotes_gpc()) {

  78.             $_POST["title"] = addslashes($_POST["title"]);

  79.             $_POST["description"] = addslashes($_POST["description"]);

  80.         }

  81. 

  82.                 /*

  83.                 $textile = new Textile();

  84. 

  85.                 $_POST["title"] = $textile->TextileThis(removeBadTags($_POST["title"],true));

  86.                 $_POST["description"] = $textile->TextileThis(removeBadTags($_POST["description"]));

  87.                 */

  88. 

  89.                 $_POST["title"] = $util_class->removeBadTags($_POST["title"], true);

  90.         $_POST["description"] = $util_class->removeBadTags($_POST["description"]);

  91. 

  92.         if (isset($_POST["id_post"]) and  is_numeric($_POST["id_post"]) and $_POST["id_post"]>0) {

  93.             $tumble->modifyPost($_POST, $_POST["id_post"]);

  94.         } else {

  95.             if ($tumble->addPost($_POST)) {

  96.                 header("Location: ".$conf->urlGelato."/admin/index.php?added=true");

  97.                 die();

  98.             } else {

  99.                 header("Location: ".$conf->urlGelato."/admin/index.php?error=2&des=".$tumble->merror);

  100.                 die();

  101.             }

  102.         }

  103.     } else {

  104.         if ($isEdition) {

  105.             $post = $tumble->getPost($postId);

  106.         }

  107.         $admin_includes = "";

  108.         $trigger->call('admin_includes');

  109.         $theme->set('admin_includes', $admin_includes);

  110.         

  111.         $theme->set('version', $util_class->version());

  112.         $theme->set('conf', array(

  113.                         'urlGelato'=>$conf->urlGelato,

  114.                         'richText'=>$conf->richText

  115.                 ));

  116.         $theme->set('new', isset($_GET['new'])?$_GET['new']:'');

  117.         $theme->set('information', false);

  118.         $theme->set('error', false);

  119. 

  120.         if ($conf->check_version) {

  121.             $present = $util_class->version();

  122.             $lastest = $util_class->_file_get_contents("http://www.gelatocms.com/vgel.txt");

  123.             if ($present < $lastest) {

  124.                 $theme->set('information', __("A new gelato version has been released and is ready <a href=\"http://www.gelatocms.com/\">for download</a>."));

  125.             }

  126.         }

  127. 

  128.         $actions = array(

  129.                         'deleted'=>false,

  130.                         'modified'=>false,

  131.                         'added'=>false

  132.                 );

  133. 

  134.         if (isset($_GET['deleted']) and $_GET['deleted']=='true') {

  135.             $theme->set('exito', __("The post has been eliminated successfully."));

  136.             $actions['deleted'] = true;

  137.         }

  138. 

  139.         if (isset($_GET["modified"]) and $_GET["modified"]==true) {

  140.             $theme->set('exito', __("The post has been modified successfully."));

  141.             $actions['modified']=true;

  142.         }

  143. 

  144.         if (isset($_GET["added"]) and $_GET["added"]==true) {

  145.             $theme->set('exito', __("The post has been added successfully."));

  146.             $actions['added']=true;

  147.         }

  148. 

  149.         $theme->set('action', $actions);

  150. 

  151.         if (isset($_GET["error"]) and $_GET["error"]==2) {

  152.             $theme->set('error', __("Error on the database server:")." </strong>".$_GET["des"]);

  153.         }

  154. 

  155.         if (isset($_GET["mp3"]) and $_GET["mp3"]=='false') {

  156.             $theme->set('error', __("Not an MP3 file or an upload problem."));

  157.         }

  158. 

  159.         if (isset($_GET["photo"]) and $_GET["photo"]=='false') {

  160.             $theme->set('error', __("Not a photo file or an upload problem."));

  161.         }

  162. 

  163.         if ($isEdition) {

  164.             switch ($post["type"]) {

  165.                                 case "1": $_GET["new"] = "post"; break;

  166.                                 case "2": $_GET["new"] = "photo"; break;

  167.                                 case "3": $_GET["new"] = "quote"; break;

  168.                                 case "4": $_GET["new"] = "url"; break;

  169.                                 case "5": $_GET["new"] = "conversation"; break;

  170.                                 case "6": $_GET["new"] = "video"; break;

  171.                                 case "7": $_GET["new"] = "mp3"; break;

  172.                         }

  173.         }

  174. 

  175.         $date = ($isEdition) ? strtotime($post["date"]) : time();

  176.         $title = ($isEdition) ? htmlspecialchars(stripslashes($post["title"])) : "";

  177.         $body = ($isEdition) ? stripslashes($post["description"]) : "";

  178.         $url = ($isEdition) ? $post["url"] : "";

  179. 

  180.         if (!isset($_GET['new'])) {

  181.             $_GET['new'] = 'post';

  182.         }

  183. 

  184.         $form = new themes;

  185.         $form->set('date', $date);

  186.         $form->set('id_user', $_SESSION['user_id']);

  187.         $form->set('type', $_GET["new"]);

  188.         $form->set('editBody', $body);

  189.         switch ($_GET["new"]) {

  190.                         case "post":

  191.                                 $form->set('editTitle', $title);

  192.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_post.htm'));

  193.                                 break;

  194.                         case "photo":

  195.                                 $url = str_replace("../", $conf->urlGelato."/", $url);

  196.                                 $form->set('editUrl', $url);

  197.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_photo.htm'));

  198.                                 break;

  199.                         case "quote":

  200.                                 $form->set('editTitle', $title);

  201.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_quote.htm'));

  202.                                 break;

  203.                         case "url":

  204.                                 $form->set('editTitle', $title);

  205.                                 $form->set('editUrl', $url);

  206.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_link.htm'));

  207.                                 break;

  208.                         case "conversation":

  209.                                 $form->set('editTitle', $title);

  210.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_conversation.htm'));

  211.                                 break;

  212.                         case "video":

  213.                                 $form->set('editUrl', $url);

  214.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_video.htm'));

  215.                                 break;

  216.                         case "mp3":

  217.                                 $form->set('editUrl', $url);

  218.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_mp3.htm'));

  219.                                 break;

  220.                         }

  221. 

  222. 

  223.         if (!$isEdition) {

  224.             if (isset($_GET["page"])) {

  225.                 $page_num = $_GET["page"];

  226.             } else {

  227.                 $page_num = null;

  228.             }

  229. 

  230.             $limit=$conf->postLimit;

  231. 

  232.             if (isset($page_num) && is_numeric($page_num) && $page_num>0) {// Is defined the page and is numeric?

  233.                                 $from = (($page_num-1) * $limit);

  234.             } else {

  235.                 $from = 0;

  236.             }

  237. 

  238.             $rs = $tumble->getPosts($limit, $from);

  239.             $theme->set('Posts_Number', $db->contarRegistros());

  240. 

  241.             $rows = array();

  242.             if ($db->contarRegistros()>0) {

  243.                 while ($register = mysql_fetch_array($rs)) {

  244.                     $row['postType'] = $util_class->type2Text($tumble->getType($register["id_post"]));

  245. 

  246.                     $formatedDate = gmdate("M d", strtotime($register["date"]) + $util_class->transform_offset($conf->offsetTime));

  247.                     $strEnd=($conf->urlFriendly) ? "/" : "";

  248.                     $permalink = $conf->urlGelato.($conf->urlFriendly?"/post/":"/index.php?post=").$register["id_post"].$strEnd;

  249. 

  250.                     $register["title"] = stripslashes($register["title"]);

  251.                     $register["description"] = stripslashes($register["description"]);

  252. 

  253.                     $row['Id_Post'] = $register["id_post"];

  254.                     $row['Date_Added'] = $formatedDate;

  255.                     $row['Permalink'] = $permalink;

  256. 

  257.                     switch ($tumble->getType($register["id_post"])) {

  258.                                                 case "1":

  259.                                                         $row['Title'] = $register["title"];

  260.                                                         $row['Body'] = $register["description"];

  261.                                                         break;

  262.                                                 case "2":

  263.                                                         $fileName = "../uploads/".$util_class->getFileName($register["url"]);

  264. 

  265.                                                         $x = @getimagesize($fileName);

  266.                                                         if ($x[0] > 100) {

  267.                                                             $photoPath = $conf->urlGelato."/classes/imgsize.php?w=100&img=".$register["url"];

  268.                                                         } else {

  269.                                                             $photoPath = $register["url"];

  270.                                                         }

  271. 

  272.                                                         $effect = " href=\"".str_replace("../", $conf->urlGelato."/", $register["url"])."\" rel=\"lightbox\"";

  273. 

  274.                                                         $row['PhotoURL'] = $photoPath;

  275.                                                         $row['PhotoAlt'] = strip_tags($register["description"]);

  276.                                                         $row['Caption'] = $register["description"];

  277.                                                         $row['Effect'] = $effect;

  278.                                                         break;

  279.                                                 case "3":

  280.                                                         $row['Quote'] = $register["description"];

  281.                                                         $row['Source'] = $register["title"];

  282.                                                         break;

  283.                                                 case "4":

  284.                                                         if ($conf->shorten_links) {

  285.                                                             $register["url"] = $util_class->_file_get_contents("http://api.abbrr.com/api.php?out=link&url=".$register["url"]);

  286.                                                         }

  287.                                                         $register["title"] = ($register["title"]=="")? $register["url"] : $register["title"];

  288. 

  289.                                                         $row['URL'] = $register["url"];

  290.                                                         $row['Name'] = $register["title"];

  291.                                                         $row['Description'] = $register["description"];

  292.                                                         break;

  293.                                                 case "5":

  294.                                                         $row['Title'] = $register["title"];

  295.                                                         $row['Conversation'] = $tumble->formatConversation($register["description"]);

  296.                                                 break;

  297.                                                         case "6":

  298.                                                         $row['Video'] = $tumble->getVideoPlayer($register["url"]);

  299.                                                         $row['Caption'] = $register["description"];

  300.                                                         break;

  301.                                                 case "7":

  302.                                                         $row['Mp3'] = $tumble->getMp3Player($register["url"]);

  303.                                                         $row['Caption'] = $register["description"];

  304.                                                         break;

  305.                                         }

  306. 

  307.                     $rows[] = $row;

  308.                 }

  309. 

  310.                 $p = new pagination;

  311.                 $p->items($tumble->getPostsNumber());

  312.                 $p->limit($limit);

  313.                 $p->currentPage(isset($page_num) ? $page_num : 1);

  314. 

  315.                 $theme->set('pagination', $p->getPagination());

  316.                 $theme->set('rows', $rows);

  317.             } else {

  318.                 $theme->set('error', __("No posts in this tumblelog."));

  319.             }

  320.         }

  321.         $theme->display(Absolute_Path.'admin/themes/admin/index.htm');

  322.     }

  323. } else {

  324.     header("Location: ".$conf->urlGelato."/login.php");

  325. }

  326. ?>