Strona główna Odkrywaj Pomoc
Zaloguj się
richard
/
sorbetcms
Obserwuj 1
Polub 0
Forkuj 1
Kod Problemy 0 Oczekujące zmiany 0 Commity 300 Wydania 0 Wiki

A tumblelog CMS built on AJAX, PHP and MySQL.

Drzewo: 4c2350f740
Gałęzie Tagi
sorbetcms/admin/index.php

index.php 15KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331 
  1. <?php

  2. if (!defined('entry')) {

  3.     define('entry', true);

  4. }

  5. /* ===========================

  6. 

  7.   Sorbet CMS - A PHP based tumblelog CMS forked from Gelato CMS

  8. 

  9.   Sorbet CMS is a free software licensed under the GPL 3.0

  10. 

  11.   =========================== */

  12. ?>

  13. <?php

  14. require '../entry.php';

  15. 

  16. global $user, $conf, $tumble;

  17. #$template = new plantillas("admin");

  18. $theme = new themes;

  19. 

  20. $isEdition = (isset($_GET["edit"])) ? true : false;

  21. $postId = ($isEdition) ? $_GET["edit"] : null;

  22. 

  23. $theme->set('isEdition', $isEdition);

  24. $theme->set('postId', $postId);

  25. $theme->set('pagination', '');

  26. 

  27. if (get_magic_quotes_gpc()) {

  28.     foreach ($_GET as $k=>$get) {

  29.         $_GET[$k]=stripslashes($get);

  30.     }

  31. }

  32. $util_class = new util();

  33. if ($user->isAuthenticated()) {

  34.     if (isset($_GET["delete"])) {

  35.         $tumble->deletePost($_GET['delete']);

  36.         header("Location: index.php?deleted=true");

  37.         die();

  38.     }

  39. 

  40.     if (isset($_POST["btnAdd"])) {

  41.         unset($_POST["btnAdd"]);

  42.         $_POST['type'] = $util_class->type2Number($_POST['type']);

  43. 

  44.         if ($_POST["type"]=="2") { // is Photo type

  45.                         if (isset($_POST["url"]) && $_POST["url"]!="") {

  46.                             $photoName = $util_class->getFileName($_POST["url"]);

  47.                             if (!$tumble->savePhoto($_POST["url"])) {

  48.                                 header("Location: ".$conf->urlSorbet."/admin/index.php?photo=false");

  49.                                 die();

  50.                             }

  51.                             $_POST["url"] = "../uploads/".$util_class->sanitizeName($photoName);

  52.                         }

  53. 

  54.             if (move_uploaded_file($_FILES['photo']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']))) {

  55.                 $_POST["url"] = "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']);

  56.             }

  57. 

  58.             unset($_POST["photo"]);

  59.             unset($_POST["MAX_FILE_SIZE"]);

  60.         }

  61. 

  62.         if ($_POST["type"]=="7") { // is MP3 type

  63.                             set_time_limit(300);

  64.                         if (isset($_POST["url"]) && $_POST["url"]!="") {

  65.                             $mp3Name = $util_class->getFileName($_POST["url"]);

  66.                             if (!$tumble->saveMP3($_POST["url"])) {

  67.                                 header("Location: ".$conf->urlSorbet."/admin/index.php?mp3=false");

  68.                                 die();

  69.                             }

  70.                             $_POST["url"] = $conf->urlSorbet."/uploads/".$mp3Name;

  71.                         }

  72. 

  73.             if (move_uploaded_file($_FILES['mp3']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['mp3']['name']))) {

  74.                 $_POST["url"] = $conf->urlSorbet."/uploads/".$util_class->sanitizeName($_FILES['mp3']['name']);

  75.             }

  76. 

  77.             unset($_POST["mp3"]);

  78.             unset($_POST["MAX_FILE_SIZE"]);

  79.         }

  80. 

  81.         if (!get_magic_quotes_gpc()) {

  82.             $_POST["title"] = addslashes($_POST["title"]);

  83.             $_POST["description"] = addslashes($_POST["description"]);

  84.         }

  85. 

  86.                 /*

  87.                 $textile = new Textile();

  88. 

  89.                 $_POST["title"] = $textile->TextileThis(removeBadTags($_POST["title"],true));

  90.                 $_POST["description"] = $textile->TextileThis(removeBadTags($_POST["description"]));

  91.                 */

  92. 

  93.                 $_POST["title"] = $util_class->removeBadTags($_POST["title"], true);

  94.         $_POST["description"] = $util_class->removeBadTags($_POST["description"]);

  95. 

  96.         if (isset($_POST["id_post"]) and  is_numeric($_POST["id_post"]) and $_POST["id_post"]>0) {

  97.             $tumble->modifyPost($_POST, $_POST["id_post"]);

  98.         } else {

  99.             if ($tumble->addPost($_POST)) {

  100.                 header("Location: ".$conf->urlSorbet."/admin/index.php?added=true");

  101.                 die();

  102.             } else {

  103.                 header("Location: ".$conf->urlSorbet."/admin/index.php?error=2&des=".$tumble->merror);

  104.                 die();

  105.             }

  106.         }

  107.     } else {

  108.         if ($isEdition) {

  109.             $post = $tumble->getPost($postId);

  110.         }

  111.         $admin_includes = "";

  112.         $trigger->call('admin_includes');

  113.         $theme->set('admin_includes', $admin_includes);

  114. 

  115.         $theme->set('version', $util_class->version());

  116.         $theme->set('conf', array(

  117.                         'urlSorbet'=>$conf->urlSorbet,

  118.                         'richText'=>$conf->richText

  119.                 ));

  120.         $theme->set('new', isset($_GET['new'])?$_GET['new']:'');

  121.         $theme->set('information', false);

  122.         $theme->set('error', false);

  123. 

  124.         if ($conf->check_version) {

  125.             $present = $util_class->version();

  126.             $lastest = "1.0";//$util_class->_file_get_contents("");

  127.             if ($present < $lastest) {

  128.                 $theme->set('information', __("A new version has been released and is ready for download."));

  129.             }

  130.         }

  131. 

  132.         $actions = array(

  133.                         'deleted'=>false,

  134.                         'modified'=>false,

  135.                         'added'=>false

  136.                 );

  137. 

  138.         if (isset($_GET['deleted']) and $_GET['deleted']=='true') {

  139.             $theme->set('exito', __("The post has been eliminated successfully."));

  140.             $actions['deleted'] = true;

  141.         }

  142. 

  143.         if (isset($_GET["modified"]) and $_GET["modified"]==true) {

  144.             $theme->set('exito', __("The post has been modified successfully."));

  145.             $actions['modified']=true;

  146.         }

  147. 

  148.         if (isset($_GET["added"]) and $_GET["added"]==true) {

  149.             $theme->set('exito', __("The post has been added successfully."));

  150.             $actions['added']=true;

  151.         }

  152. 

  153.         $theme->set('action', $actions);

  154. 

  155.         if (isset($_GET["error"]) and $_GET["error"]==2) {

  156.             $theme->set('error', __("Error on the database server:")." </strong>".$_GET["des"]);

  157.         }

  158. 

  159.         if (isset($_GET["mp3"]) and $_GET["mp3"]=='false') {

  160.             $theme->set('error', __("Not an MP3 file or an upload problem."));

  161.         }

  162. 

  163.         if (isset($_GET["photo"]) and $_GET["photo"]=='false') {

  164.             $theme->set('error', __("Not a photo file or an upload problem."));

  165.         }

  166. 

  167.         if ($isEdition) {

  168.             switch ($post["type"]) {

  169.                                 case "1": $_GET["new"] = "post"; break;

  170.                                 case "2": $_GET["new"] = "photo"; break;

  171.                                 case "3": $_GET["new"] = "quote"; break;

  172.                                 case "4": $_GET["new"] = "url"; break;

  173.                                 case "5": $_GET["new"] = "conversation"; break;

  174.                                 case "6": $_GET["new"] = "video"; break;

  175.                                 case "7": $_GET["new"] = "mp3"; break;

  176.                         }

  177.         }

  178. 

  179.         $date = ($isEdition) ? strtotime($post["date"]) : time();

  180.         $title = ($isEdition) ? htmlspecialchars(stripslashes($post["title"])) : "";

  181.         $body = ($isEdition) ? stripslashes($post["description"]) : "";

  182.         $url = ($isEdition) ? $post["url"] : "";

  183. 

  184.         if (!isset($_GET['new'])) {

  185.             $_GET['new'] = 'post';

  186.         }

  187. 

  188. 

  189.         $form = new themes;

  190.         $form->set('date', $date);

  191.         $form->set('id_user', $_SESSION['user_id']);

  192.         $form->set('type', $_GET["new"]);

  193.         $form->set('editBody', $body);

  194.         switch ($_GET["new"]) {

  195.                         case "post":

  196.                                 $form->set('editTitle', $title);

  197.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_post.htm'));

  198.                                 break;

  199.                         case "photo":

  200.                                 $url = str_replace("../", $conf->urlSorbet."/", $url);

  201.                                 $form->set('editUrl', $url);

  202.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_photo.htm'));

  203.                                 break;

  204.                         case "quote":

  205.                                 $form->set('editTitle', $title);

  206.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_quote.htm'));

  207.                                 break;

  208.                         case "url":

  209.                                 $form->set('editTitle', $title);

  210.                                 $form->set('editUrl', $url);

  211.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_link.htm'));

  212.                                 break;

  213.                         case "conversation":

  214.                                 $form->set('editTitle', $title);

  215.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_conversation.htm'));

  216.                                 break;

  217.                         case "video":

  218.                                 $form->set('editUrl', $url);

  219.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_video.htm'));

  220.                                 break;

  221.                         case "mp3":

  222.                                 $form->set('editUrl', $url);

  223.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_mp3.htm'));

  224.                                 break;

  225.                         }

  226. 

  227. 

  228.         if (!$isEdition) {

  229.             if (isset($_GET["page"])) {

  230.                 $page_num = $_GET["page"];

  231.             } else {

  232.                 $page_num = null;

  233.             }

  234. 

  235.             $limit=$conf->postLimit;

  236. 

  237.             if (isset($page_num) && is_numeric($page_num) && $page_num>0) {// Is defined the page and is numeric?

  238.                                 $from = (($page_num-1) * $limit);

  239.             } else {

  240.                 $from = 0;

  241.             }

  242. 

  243.             $rs = $tumble->getPosts($limit, $from);

  244.             $theme->set('Posts_Number', $db->contarRegistros());

  245. 

  246.             $rows = array();

  247.             if ($db->contarRegistros()>0) {

  248.                 while ($register = $rs->fetch()) {

  249.                     $row['postType'] = $util_class->type2Text($tumble->getType($register["id_post"]));

  250. 

  251.                     $formatedDate = gmdate("M d", strtotime($register["date"]) + $util_class->transform_offset($conf->offsetTime));

  252.                     $strEnd=($conf->urlFriendly) ? "/" : "";

  253.                     $permalink = $conf->urlSorbet.($conf->urlFriendly?"/post/":"/index.php?post=").$register["id_post"].$strEnd;

  254. 

  255.                     $register["title"] = stripslashes($register["title"]);

  256.                     $register["description"] = stripslashes($register["description"]);

  257. 

  258.                     $row['Id_Post'] = $register["id_post"];

  259.                     $row['Date_Added'] = $formatedDate;

  260.                     $row['Permalink'] = $permalink;

  261. 

  262.                     switch ($tumble->getType($register["id_post"])) {

  263.                                                 case "1":

  264.                                                         $row['Title'] = $register["title"];

  265.                                                         $row['Body'] = $register["description"];

  266.                                                         break;

  267.                                                 case "2":

  268.                                                         $fileName = "../uploads/".$util_class->getFileName($register["url"]);

  269. 

  270.                                                         $x = @getimagesize($fileName);

  271.                                                         if ($x[0] > 100) {

  272.                                                             $photoPath = $conf->urlSorbet."/classes/imgsize.php?w=100&img=".$register["url"];

  273.                                                         } else {

  274.                                                             $photoPath = $register["url"];

  275.                                                         }

  276. 

  277.                                                         $effect = " href=\"".str_replace("../", $conf->urlSorbet."/", $register["url"])."\" rel=\"lightbox\"";

  278. 

  279.                                                         $row['PhotoURL'] = $photoPath;

  280.                                                         $row['PhotoAlt'] = strip_tags($register["description"]);

  281.                                                         $row['Caption'] = $register["description"];

  282.                                                         $row['Effect'] = $effect;

  283.                                                         break;

  284.                                                 case "3":

  285.                                                         $row['Quote'] = $register["description"];

  286.                                                         $row['Source'] = $register["title"];

  287.                                                         break;

  288.                                                 case "4":

  289.                                                         if ($conf->shorten_links) {

  290.                                                             $register["url"] = $util_class->_file_get_contents("http://api.abbrr.com/api.php?out=link&url=".$register["url"]);

  291.                                                         }

  292.                                                         $register["title"] = ($register["title"]=="")? $register["url"] : $register["title"];

  293. 

  294.                                                         $row['URL'] = $register["url"];

  295.                                                         $row['Name'] = $register["title"];

  296.                                                         $row['Description'] = $register["description"];

  297.                                                         break;

  298.                                                 case "5":

  299.                                                         $row['Title'] = $register["title"];

  300.                                                         $row['Conversation'] = $tumble->formatConversation($register["description"]);

  301.                                                 break;

  302.                                                         case "6":

  303.                                                         $row['Video'] = $tumble->getVideoPlayer($register["url"]);

  304.                                                         $row['Caption'] = $register["description"];

  305.                                                         break;

  306.                                                 case "7":

  307.                                                         $row['Mp3'] = $tumble->getMp3Player($register["url"]);

  308.                                                         $row['Caption'] = $register["description"];

  309.                                                         break;

  310.                                         }

  311. 

  312.                     $rows[] = $row;

  313.                 }

  314. 

  315.                 $p = new pagination;

  316.                 $p->items($tumble->getPostsNumber());

  317.                 $p->limit($limit);

  318.                 $p->currentPage(isset($page_num) ? $page_num : 1);

  319. 

  320.                 $theme->set('pagination', $p->getPagination());

  321.                 $theme->set('rows', $rows);

  322.             } else {

  323.                 $theme->set('error', __("No posts in this tumblelog."));

  324.             }

  325.         }

  326.         $theme->display(Absolute_Path.'admin/themes/admin/index.htm');

  327.     }

  328. } else {

  329.     header("Location: ".$conf->urlSorbet."/login.php");

  330. }