Home Explore Help
Sign In
richard
/
sorbetcms
Watch 1
Star 0
Fork 1
Code Issues 0 Pull Requests 0 Commits 292 Releases 0 Wiki

A tumblelog CMS built on AJAX, PHP and MySQL.

Branch: master
Branches Tags
sorbetcms/admin/index.php

index.php 15KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324 
  1. <?php

  2. if (!defined('entry')) {

  3.     define('entry', true);

  4. }

  5. /* ===========================

  6. 

  7.   Sorbet CMS - A PHP based tumblelog CMS forked from Gelato CMS

  8. 

  9.   Sorbet CMS is a free software licensed under the GPL 3.0

  10. 

  11.   =========================== */

  12. ?>

  13. <?php

  14. require '../entry.php';

  15. 

  16. global $user, $conf, $tumble;

  17. #$template = new plantillas("admin");

  18. $theme = new themes;

  19. 

  20. $isEdition = (isset($_GET["edit"])) ? true : false;

  21. $postId = ($isEdition) ? $_GET["edit"] : null;

  22. 

  23. $theme->set('isEdition', $isEdition);

  24. $theme->set('postId', $postId);

  25. $theme->set('pagination', '');

  26. 

  27. if (get_magic_quotes_gpc()) {

  28.     foreach ($_GET as $k=>$get) {

  29.         $_GET[$k]=stripslashes($get);

  30.     }

  31. }

  32. $util_class = new util();

  33. if ($user->isAuthenticated()) {

  34.     if (isset($_GET["delete"])) {

  35.         $tumble->deletePost($_GET['delete']);

  36.         header("Location: index.php?deleted=true");

  37.         die();

  38.     }

  39. 

  40.     if (isset($_POST["btnAdd"])) {

  41.         unset($_POST["btnAdd"]);

  42.         $_POST['type'] = $util_class->type2Number($_POST['type']);

  43. 

  44.         if ($_POST["type"]=="2") { // is Photo type

  45.                         if (isset($_POST["url"]) && $_POST["url"]!="") {

  46.                             $photoName = $util_class->getFileName($_POST["url"]);

  47.                             if (!$tumble->savePhoto($_POST["url"])) {

  48.                                 header("Location: ".$conf->urlSorbet."/admin/index.php?photo=false");

  49.                                 die();

  50.                             }

  51.                             $_POST["url"] = "../uploads/".$util_class->sanitizeName($photoName);

  52.                         }

  53. 

  54.             if (move_uploaded_file($_FILES['photo']['tmp_name'], "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']))) {

  55.                 $_POST["url"] = "../uploads/".$util_class->sanitizeName($_FILES['photo']['name']);

  56.             }

  57. 

  58.             unset($_POST["photo"]);

  59.             unset($_POST["MAX_FILE_SIZE"]);

  60.         }

  61. 

  62.         if ($_POST["type"]=="7") { // is MP3 type

  63.                         set_time_limit(300);

  64.             $mp3Name = $util_class->getFileName($_POST["url"]);

  65.             if (!$tumble->saveMP3($_POST["url"])) {

  66.                 header("Location: ".$conf->urlSorbet."/admin/index.php?mp3=false");

  67.                 die();

  68.             }

  69.             if ($util_class->isMP3($remoteFileName)) {

  70.                 $_POST["url"] = $conf->urlSorbet."/uploads/".$mp3Name;

  71.             }

  72.         }

  73. 

  74.         if (!get_magic_quotes_gpc()) {

  75.             $_POST["title"] = addslashes($_POST["title"]);

  76.             $_POST["description"] = addslashes($_POST["description"]);

  77.         }

  78. 

  79.                 /*

  80.                 $textile = new Textile();

  81. 

  82.                 $_POST["title"] = $textile->TextileThis(removeBadTags($_POST["title"],true));

  83.                 $_POST["description"] = $textile->TextileThis(removeBadTags($_POST["description"]));

  84.                 */

  85. 

  86.                 $_POST["title"] = $util_class->removeBadTags($_POST["title"], true);

  87.         $_POST["description"] = $util_class->removeBadTags($_POST["description"]);

  88. 

  89.         if (isset($_POST["id_post"]) and  is_numeric($_POST["id_post"]) and $_POST["id_post"]>0) {

  90.             $tumble->modifyPost($_POST, $_POST["id_post"]);

  91.         } else {

  92.             if ($tumble->addPost($_POST)) {

  93.                 header("Location: ".$conf->urlSorbet."/admin/index.php?added=true");

  94.                 die();

  95.             } else {

  96.                 header("Location: ".$conf->urlSorbet."/admin/index.php?error=2&des=".$tumble->merror);

  97.                 die();

  98.             }

  99.         }

  100.     } else {

  101.         if ($isEdition) {

  102.             $post = $tumble->getPost($postId);

  103.         }

  104.         $admin_includes = "";

  105.         $trigger->call('admin_includes');

  106.         $theme->set('admin_includes', $admin_includes);

  107. 

  108.         $theme->set('version', $util_class->version());

  109.         $theme->set('conf', array(

  110.                         'urlSorbet'=>$conf->urlSorbet,

  111.                         'richText'=>$conf->richText

  112.                 ));

  113.         $theme->set('new', isset($_GET['new'])?$_GET['new']:'');

  114.         $theme->set('information', false);

  115.         $theme->set('error', false);

  116. 

  117.         if ($conf->check_version) {

  118.             $present = $util_class->version();

  119.             $lastest = "1.0";//$util_class->_file_get_contents("");

  120.             if ($present < $lastest) {

  121.                 $theme->set('information', __("A new version has been released and is ready for download."));

  122.             }

  123.         }

  124. 

  125.         $actions = array(

  126.                         'deleted'=>false,

  127.                         'modified'=>false,

  128.                         'added'=>false

  129.                 );

  130. 

  131.         if (isset($_GET['deleted']) and $_GET['deleted']=='true') {

  132.             $theme->set('exito', __("The post has been eliminated successfully."));

  133.             $actions['deleted'] = true;

  134.         }

  135. 

  136.         if (isset($_GET["modified"]) and $_GET["modified"]==true) {

  137.             $theme->set('exito', __("The post has been modified successfully."));

  138.             $actions['modified']=true;

  139.         }

  140. 

  141.         if (isset($_GET["added"]) and $_GET["added"]==true) {

  142.             $theme->set('exito', __("The post has been added successfully."));

  143.             $actions['added']=true;

  144.         }

  145. 

  146.         $theme->set('action', $actions);

  147. 

  148.         if (isset($_GET["error"]) and $_GET["error"]==2) {

  149.             $theme->set('error', __("Error on the database server:")." </strong>".$_GET["des"]);

  150.         }

  151. 

  152.         if (isset($_GET["mp3"]) and $_GET["mp3"]=='false') {

  153.             $theme->set('error', __("Not an MP3 file or an upload problem."));

  154.         }

  155. 

  156.         if (isset($_GET["photo"]) and $_GET["photo"]=='false') {

  157.             $theme->set('error', __("Not a photo file or an upload problem."));

  158.         }

  159. 

  160.         if ($isEdition) {

  161.             switch ($post["type"]) {

  162.                                 case "1": $_GET["new"] = "post"; break;

  163.                                 case "2": $_GET["new"] = "photo"; break;

  164.                                 case "3": $_GET["new"] = "quote"; break;

  165.                                 case "4": $_GET["new"] = "url"; break;

  166.                                 case "5": $_GET["new"] = "conversation"; break;

  167.                                 case "6": $_GET["new"] = "video"; break;

  168.                                 case "7": $_GET["new"] = "mp3"; break;

  169.                         }

  170.         }

  171. 

  172.         $date = ($isEdition) ? strtotime($post["date"]) : time();

  173.         $title = ($isEdition) ? htmlspecialchars(stripslashes($post["title"])) : "";

  174.         $body = ($isEdition) ? stripslashes($post["description"]) : "";

  175.         $url = ($isEdition) ? $post["url"] : "";

  176. 

  177.         if (!isset($_GET['new'])) {

  178.             $_GET['new'] = 'post';

  179.         }

  180. 

  181.         $form = new themes;

  182.         $form->set('date', $date);

  183.         $form->set('id_user', $_SESSION['user_id']);

  184.         $form->set('type', $_GET["new"]);

  185.         $form->set('editBody', $body);

  186.         switch ($_GET["new"]) {

  187.                         case "post":

  188.                                 $form->set('editTitle', $title);

  189.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_post.htm'));

  190.                                 break;

  191.                         case "photo":

  192.                                 $url = str_replace("../", $conf->urlSorbet."/", $url);

  193.                                 $form->set('editUrl', $url);

  194.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_photo.htm'));

  195.                                 break;

  196.                         case "quote":

  197.                                 $form->set('editTitle', $title);

  198.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_quote.htm'));

  199.                                 break;

  200.                         case "url":

  201.                                 $form->set('editTitle', $title);

  202.                                 $form->set('editUrl', $url);

  203.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_link.htm'));

  204.                                 break;

  205.                         case "conversation":

  206.                                 $form->set('editTitle', $title);

  207.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_conversation.htm'));

  208.                                 break;

  209.                         case "video":

  210.                                 $form->set('editUrl', $url);

  211.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_video.htm'));

  212.                                 break;

  213.                         case "mp3":

  214.                                 $form->set('editUrl', $url);

  215.                                 $theme->set('form', $form->fetch(Absolute_Path.'admin/themes/admin/template_add_mp3.htm'));

  216.                                 break;

  217.                         }

  218. 

  219. 

  220.         if (!$isEdition) {

  221.             if (isset($_GET["page"])) {

  222.                 $page_num = $_GET["page"];

  223.             } else {

  224.                 $page_num = null;

  225.             }

  226. 

  227.             $limit=$conf->postLimit;

  228. 

  229.             if (isset($page_num) && is_numeric($page_num) && $page_num>0) {// Is defined the page and is numeric?

  230.                                 $from = (($page_num-1) * $limit);

  231.             } else {

  232.                 $from = 0;

  233.             }

  234. 

  235.             $rs = $tumble->getPosts($limit, $from);

  236.             $theme->set('Posts_Number', $db->contarRegistros());

  237. 

  238.             $rows = array();

  239.             if ($db->contarRegistros()>0) {

  240.                 while ($register = $rs->fetch()) {

  241.                     $row['postType'] = $util_class->type2Text($tumble->getType($register["id_post"]));

  242. 

  243.                     $formatedDate = gmdate("M d", strtotime($register["date"]) + $util_class->transform_offset($conf->offsetTime));

  244.                     $strEnd=($conf->urlFriendly) ? "/" : "";

  245.                     $permalink = $conf->urlSorbet.($conf->urlFriendly?"/post/":"/index.php?post=").$register["id_post"].$strEnd;

  246. 

  247.                     $register["title"] = stripslashes($register["title"]);

  248.                     $register["description"] = stripslashes($register["description"]);

  249. 

  250.                     $row['Id_Post'] = $register["id_post"];

  251.                     $row['Date_Added'] = $formatedDate;

  252.                     $row['Permalink'] = $permalink;

  253. 

  254.                     switch ($tumble->getType($register["id_post"])) {

  255.                                                 case "1":

  256.                                                         $row['Title'] = $register["title"];

  257.                                                         $row['Body'] = $register["description"];

  258.                                                         break;

  259.                                                 case "2":

  260.                                                         $fileName = "../uploads/".$util_class->getFileName($register["url"]);

  261. 

  262.                                                         $x = @getimagesize($fileName);

  263.                                                         if ($x[0] > 100) {

  264.                                                             $photoPath = $conf->urlSorbet."/classes/imgsize.php?w=100&img=".$register["url"];

  265.                                                         } else {

  266.                                                             $photoPath = $register["url"];

  267.                                                         }

  268. 

  269.                                                         $effect = " href=\"".str_replace("../", $conf->urlSorbet."/", $register["url"])."\" rel=\"lightbox\"";

  270. 

  271.                                                         $row['PhotoURL'] = $photoPath;

  272.                                                         $row['PhotoAlt'] = strip_tags($register["description"]);

  273.                                                         $row['Caption'] = $register["description"];

  274.                                                         $row['Effect'] = $effect;

  275.                                                         break;

  276.                                                 case "3":

  277.                                                         $row['Quote'] = $register["description"];

  278.                                                         $row['Source'] = $register["title"];

  279.                                                         break;

  280.                                                 case "4":

  281.                                                         if ($conf->shorten_links) {

  282.                                                             $register["url"] = $util_class->_file_get_contents("http://api.abbrr.com/api.php?out=link&url=".$register["url"]);

  283.                                                         }

  284.                                                         $register["title"] = ($register["title"]=="")? $register["url"] : $register["title"];

  285. 

  286.                                                         $row['URL'] = $register["url"];

  287.                                                         $row['Name'] = $register["title"];

  288.                                                         $row['Description'] = $register["description"];

  289.                                                         break;

  290.                                                 case "5":

  291.                                                         $row['Title'] = $register["title"];

  292.                                                         $row['Conversation'] = $tumble->formatConversation($register["description"]);

  293.                                                 break;

  294.                                                         case "6":

  295.                                                         $row['Video'] = $tumble->getVideoPlayer($register["url"]);

  296.                                                         $row['Caption'] = $register["description"];

  297.                                                         break;

  298.                                                 case "7":

  299.                                                         $row['Mp3'] = $tumble->getMp3Player($register["url"]);

  300.                                                         $row['Caption'] = $register["description"];

  301.                                                         break;

  302.                                         }

  303. 

  304.                     $rows[] = $row;

  305.                 }

  306. 

  307.                 $p = new pagination;

  308.                 $p->items($tumble->getPostsNumber());

  309.                 $p->limit($limit);

  310.                 $p->currentPage(isset($page_num) ? $page_num : 1);

  311. 

  312.                 $theme->set('pagination', $p->getPagination());

  313.                 $theme->set('rows', $rows);

  314.             } else {

  315.                 $theme->set('error', __("No posts in this tumblelog."));

  316.             }

  317.         }

  318.         $theme->display(Absolute_Path.'admin/themes/admin/index.htm');

  319.     }

  320. } else {

  321.     header("Location: ".$conf->urlSorbet."/login.php");

  322. }

  323. ?>