123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331 |
- <?php
- if (!defined('entry')) {
- define('entry', true);
- }
- /* ===========================
-
- Sorbet CMS - A PHP based tumblelog CMS forked from Gelato CMS
-
- Sorbet CMS is a free software licensed under the GPL 3.0
-
- =========================== */
- ?>
- <?php
- require '../entry.php';
-
- global $user, $conf, $tumble;
- #$template = new plantillas("admin");
- $theme = new themes;
-
- $isEdition = (isset($_GET["edit"])) ? true : false;
- $postId = ($isEdition) ? $_GET["edit"] : null;
-
- $theme->set('isEdition', $isEdition);
- $theme->set('postId', $postId);
- $theme->set('pagination', '');
-
- if (get_magic_quotes_gpc()) {
- foreach ($_GET as $k=>$get) {
- $_GET[$k]=stripslashes($get);
- }
- }
- $util_class = new util();
- if ($user->isAuthenticated()) {
- if (isset($_GET["delete"])) {
- $tumble->deletePost($_GET['delete']);
- header("Location: index.php?deleted=true");
- die();
- }
-
- if (isset($_POST["btnAdd"])) {
- unset($_POST["btnAdd"]);
- $_POST['type'] = $util_class->type2Number($_POST['type']);
-
- if ($_POST["type"]=="2") { // is Photo type
- if (isset($_POST["url"]) && $_POST["url"]!="") {
- $photoName = $util_class->getFileName($_POST["url"]);
- if (!$tumble->savePhoto($_POST["url"])) {
- header("Location: ".$conf->urlSorbet."/admin/index.php?photo=false");
- die();
- }
- $_POST["url"] = "../uploads/".$util_class->sanitizeName($photoName);
- }
-
- if (move_uploaded_file($_FILES['photo']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']))) {
- $_POST["url"] = "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']);
- }
-
- unset($_POST["photo"]);
- unset($_POST["MAX_FILE_SIZE"]);
- }
-
- if ($_POST["type"]=="7") { // is MP3 type
- set_time_limit(300);
- if (isset($_POST["url"]) && $_POST["url"]!="") {
- $mp3Name = $util_class->getFileName($_POST["url"]);
- if (!$tumble->saveMP3($_POST["url"])) {
- header("Location: ".$conf->urlSorbet."/admin/index.php?mp3=false");
- die();
- }
- $_POST["url"] = $conf->urlSorbet."/uploads/".$mp3Name;
- }
-
- if (move_uploaded_file($_FILES['mp3']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['mp3']['name']))) {
- $_POST["url"] = $conf->urlSorbet."/uploads/".$util_class->sanitizeName($_FILES['mp3']['name']);
- }
-
- unset($_POST["mp3"]);
- unset($_POST["MAX_FILE_SIZE"]);
- }
-
- if (!get_magic_quotes_gpc()) {
- $_POST["title"] = addslashes($_POST["title"]);
- $_POST["description"] = addslashes($_POST["description"]);
- }
-
- /*
- $textile = new Textile();
-
- $_POST["title"] = $textile->TextileThis(removeBadTags($_POST["title"],true));
- $_POST["description"] = $textile->TextileThis(removeBadTags($_POST["description"]));
- */
-
- $_POST["title"] = $util_class->removeBadTags($_POST["title"], true);
- $_POST["description"] = $util_class->removeBadTags($_POST["description"]);
-
- if (isset($_POST["id_post"]) and is_numeric($_POST["id_post"]) and $_POST["id_post"]>0) {
- $tumble->modifyPost($_POST, $_POST["id_post"]);
- } else {
- if ($tumble->addPost($_POST)) {
- header("Location: ".$conf->urlSorbet."/admin/index.php?added=true");
- die();
- } else {
- header("Location: ".$conf->urlSorbet."/admin/index.php?error=2&des=".$tumble->merror);
- die();
- }
- }
- } else {
- if ($isEdition) {
- $post = $tumble->getPost($postId);
- }
- $admin_includes = "";
- $trigger->call('admin_includes');
- $theme->set('admin_includes', $admin_includes);
-
- $theme->set('version', $util_class->version());
- $theme->set('conf', array(
- 'urlSorbet'=>$conf->urlSorbet,
- 'richText'=>$conf->richText
- ));
- $theme->set('new', isset($_GET['new'])?$_GET['new']:'');
- $theme->set('information', false);
- $theme->set('error', false);
-
- if ($conf->check_version) {
- $present = $util_class->version();
- $lastest = "1.0";//$util_class->_file_get_contents("");
- if ($present < $lastest) {
- $theme->set('information', __("A new version has been released and is ready for download."));
- }
- }
-
- $actions = array(
- 'deleted'=>false,
- 'modified'=>false,
- 'added'=>false
- );
-
- if (isset($_GET['deleted']) and $_GET['deleted']=='true') {
- $theme->set('exito', __("The post has been eliminated successfully."));
- $actions['deleted'] = true;
- }
-
- if (isset($_GET["modified"]) and $_GET["modified"]==true) {
- $theme->set('exito', __("The post has been modified successfully."));
- $actions['modified']=true;
- }
-
- if (isset($_GET["added"]) and $_GET["added"]==true) {
- $theme->set('exito', __("The post has been added successfully."));
- $actions['added']=true;
- }
-
- $theme->set('action', $actions);
-
- if (isset($_GET["error"]) and $_GET["error"]==2) {
- $theme->set('error', __("Error on the database server:")." </strong>".$_GET["des"]);
- }
-
- if (isset($_GET["mp3"]) and $_GET["mp3"]=='false') {
- $theme->set('error', __("Not an MP3 file or an upload problem."));
- }
-
- if (isset($_GET["photo"]) and $_GET["photo"]=='false') {
- $theme->set('error', __("Not a photo file or an upload problem."));
- }
-
- if ($isEdition) {
- switch ($post["type"]) {
- case "1": $_GET["new"] = "post"; break;
- case "2": $_GET["new"] = "photo"; break;
- case "3": $_GET["new"] = "quote"; break;
- case "4": $_GET["new"] = "url"; break;
- case "5": $_GET["new"] = "conversation"; break;
- case "6": $_GET["new"] = "video"; break;
- case "7": $_GET["new"] = "mp3"; break;
- }
- }
-
- $date = ($isEdition) ? strtotime($post["date"]) : time();
- $title = ($isEdition) ? htmlspecialchars(stripslashes($post["title"])) : "";
- $body = ($isEdition) ? stripslashes($post["description"]) : "";
- $url = ($isEdition) ? $post["url"] : "";
-
- if (!isset($_GET['new'])) {
- $_GET['new'] = 'post';
- }
-
-
- $form = new themes;
- $form->set('date', $date);
- $form->set('id_user', $_SESSION['user_id']);
- $form->set('type', $_GET["new"]);
- $form->set('editBody', $body);
- switch ($_GET["new"]) {
- case "post":
- $form->set('editTitle', $title);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_post.htm'));
- break;
- case "photo":
- $url = str_replace("../", $conf->urlSorbet."/", $url);
- $form->set('editUrl', $url);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_photo.htm'));
- break;
- case "quote":
- $form->set('editTitle', $title);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_quote.htm'));
- break;
- case "url":
- $form->set('editTitle', $title);
- $form->set('editUrl', $url);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_link.htm'));
- break;
- case "conversation":
- $form->set('editTitle', $title);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_conversation.htm'));
- break;
- case "video":
- $form->set('editUrl', $url);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_video.htm'));
- break;
- case "mp3":
- $form->set('editUrl', $url);
- $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_mp3.htm'));
- break;
- }
-
-
- if (!$isEdition) {
- if (isset($_GET["page"])) {
- $page_num = $_GET["page"];
- } else {
- $page_num = null;
- }
-
- $limit=$conf->postLimit;
-
- if (isset($page_num) && is_numeric($page_num) && $page_num>0) {// Is defined the page and is numeric?
- $from = (($page_num-1) * $limit);
- } else {
- $from = 0;
- }
-
- $rs = $tumble->getPosts($limit, $from);
- $theme->set('Posts_Number', $db->contarRegistros());
-
- $rows = array();
- if ($db->contarRegistros()>0) {
- while ($register = $rs->fetch()) {
- $row['postType'] = $util_class->type2Text($tumble->getType($register["id_post"]));
-
- $formatedDate = gmdate("M d", strtotime($register["date"]) + $util_class->transform_offset($conf->offsetTime));
- $strEnd=($conf->urlFriendly) ? "/" : "";
- $permalink = $conf->urlSorbet.($conf->urlFriendly?"/post/":"/index.php?post=").$register["id_post"].$strEnd;
-
- $register["title"] = stripslashes($register["title"]);
- $register["description"] = stripslashes($register["description"]);
-
- $row['Id_Post'] = $register["id_post"];
- $row['Date_Added'] = $formatedDate;
- $row['Permalink'] = $permalink;
-
- switch ($tumble->getType($register["id_post"])) {
- case "1":
- $row['Title'] = $register["title"];
- $row['Body'] = $register["description"];
- break;
- case "2":
- $fileName = "../uploads/".$util_class->getFileName($register["url"]);
-
- $x = @getimagesize($fileName);
- if ($x[0] > 100) {
- $photoPath = $conf->urlSorbet."/classes/imgsize.php?w=100&img=".$register["url"];
- } else {
- $photoPath = $register["url"];
- }
-
- $effect = " href=\"".str_replace("../", $conf->urlSorbet."/", $register["url"])."\" rel=\"lightbox\"";
-
- $row['PhotoURL'] = $photoPath;
- $row['PhotoAlt'] = strip_tags($register["description"]);
- $row['Caption'] = $register["description"];
- $row['Effect'] = $effect;
- break;
- case "3":
- $row['Quote'] = $register["description"];
- $row['Source'] = $register["title"];
- break;
- case "4":
- if ($conf->shorten_links) {
- $register["url"] = $util_class->_file_get_contents("http://api.abbrr.com/api.php?out=link&url=".$register["url"]);
- }
- $register["title"] = ($register["title"]=="")? $register["url"] : $register["title"];
-
- $row['URL'] = $register["url"];
- $row['Name'] = $register["title"];
- $row['Description'] = $register["description"];
- break;
- case "5":
- $row['Title'] = $register["title"];
- $row['Conversation'] = $tumble->formatConversation($register["description"]);
- break;
- case "6":
- $row['Video'] = $tumble->getVideoPlayer($register["url"]);
- $row['Caption'] = $register["description"];
- break;
- case "7":
- $row['Mp3'] = $tumble->getMp3Player($register["url"]);
- $row['Caption'] = $register["description"];
- break;
- }
-
- $rows[] = $row;
- }
-
- $p = new pagination;
- $p->items($tumble->getPostsNumber());
- $p->limit($limit);
- $p->currentPage(isset($page_num) ? $page_num : 1);
-
- $theme->set('pagination', $p->getPagination());
- $theme->set('rows', $rows);
- } else {
- $theme->set('error', __("No posts in this tumblelog."));
- }
- }
- $theme->display(Absolute_Path.'admin/themes/admin/index.htm');
- }
- } else {
- header("Location: ".$conf->urlSorbet."/login.php");
- }
|