aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Editwebpage.php
diff options
context:
space:
mode:
authorAndrew Manning <tamanning@zoho.com>2016-04-20 21:05:01 -0400
committerAndrew Manning <tamanning@zoho.com>2016-04-20 21:05:01 -0400
commitb96eb1c8230ae2f5986d6f22934c606bbca9728e (patch)
treefecd2279927b61da28801094dc7d6b1cfa8d98fe /Zotlabs/Module/Editwebpage.php
parent7594796ee11c0b245d02d145868a13ac3d84ebfc (diff)
parent635580091a227529cb491e6441a5acbfff3177be (diff)
downloadvolse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.gz
volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.bz2
volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.zip
Merge branch 'dev' into toggle-context-help
Diffstat (limited to 'Zotlabs/Module/Editwebpage.php')
-rw-r--r--Zotlabs/Module/Editwebpage.php239
1 files changed, 239 insertions, 0 deletions
diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php
new file mode 100644
index 000000000..01d9e8aad
--- /dev/null
+++ b/Zotlabs/Module/Editwebpage.php
@@ -0,0 +1,239 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/identity.php');
+require_once('include/acl_selectors.php');
+
+
+class Editwebpage extends \Zotlabs\Web\Controller {
+
+ function init() {
+
+ if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ \App::$is_sys = true;
+ }
+ }
+
+ if(argc() > 1)
+ $which = argv(1);
+ else
+ return;
+
+ profile_load($a,$which);
+
+ }
+
+
+ function get() {
+
+ if(! \App::$profile) {
+ notice( t('Requested profile is not available.') . EOL );
+ \App::$error = 404;
+ return;
+ }
+
+ $which = argv(1);
+
+ $uid = local_channel();
+ $owner = 0;
+ $channel = null;
+ $observer = \App::get_observer();
+
+ $channel = \App::get_channel();
+
+ if(\App::$is_sys && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $uid = $owner = intval($sys['channel_id']);
+ $channel = $sys;
+ $observer = $sys;
+ }
+ }
+
+ if(! $owner) {
+ // Figure out who the page owner is.
+ $r = q("select channel_id from channel where channel_address = '%s'",
+ dbesc($which)
+ );
+ if($r) {
+ $owner = intval($r[0]['channel_id']);
+ }
+ }
+
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+ if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ $is_owner = (($uid && $uid == $owner) ? true : false);
+
+ $o = '';
+
+ // Figure out which post we're editing
+ $post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+
+
+ if(! $post_id) {
+ notice( t('Item not found') . EOL);
+ return;
+ }
+
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+ $perms = get_all_perms($owner,$ob_hash);
+
+ if(! $perms['write_pages']) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ // We've already figured out which item we want and whose copy we need,
+ // so we don't need anything fancy here
+
+ $sql_extra = item_permissions_sql($owner);
+
+ $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s $sql_extra LIMIT 1",
+ intval($post_id),
+ intval($owner)
+ );
+
+ if(! $itm) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ if(intval($itm[0]['item_obscured'])) {
+ $key = get_config('system','prvkey');
+ if($itm[0]['title'])
+ $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
+ if($itm[0]['body'])
+ $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
+ }
+
+ $item_id = q("select * from item_id where service = 'WEBPAGE' and iid = %d limit 1",
+ intval($itm[0]['id'])
+ );
+ if($item_id)
+ $page_title = $item_id[0]['sid'];
+
+ $plaintext = true;
+
+ $mimetype = $itm[0]['mimetype'];
+
+ if($mimetype === 'application/x-php') {
+ if((! $uid) || ($uid != $itm[0]['uid'])) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+ }
+
+ $mimeselect = '';
+
+ if($mimetype != 'text/bbcode')
+ $plaintext = true;
+
+ if(get_config('system','page_mimetype'))
+ $mimeselect = '<input type="hidden" name="mimetype" value="' . $mimetype . '" />';
+ else
+ $mimeselect = mimetype_select($itm[0]['uid'],$mimetype);
+
+ $layout = get_config('system','page_layout');
+ if($layout)
+ $layoutselect = '<input type="hidden" name="layout_mid" value="' . $layout . '" />';
+ else
+ $layoutselect = layout_select($itm[0]['uid'],$itm[0]['layout_mid']);
+
+ \App::$page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array(
+ '$baseurl' => z_root(),
+ '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
+ '$pretext' => '',
+ '$ispublic' => '&nbsp;', // t('Visible to <strong>everybody</strong>'),
+ '$geotag' => $geotag,
+ '$nickname' => $channel['channel_address'],
+ '$confirmdelete' => t('Delete webpage?'),
+ '$bbco_autocomplete'=> (($mimetype == 'text/bbcode') ? 'bbcode' : '')
+ ));
+
+ $tpl = get_markup_template("jot.tpl");
+
+ $jotplugins = '';
+ $jotnets = '';
+
+ call_hooks('jot_tool', $jotplugins);
+ call_hooks('jot_networks', $jotnets);
+
+ // FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD
+ // instead of loading a sensible page. So, send folk to the webpage list.
+
+ $rp = 'webpages/' . $which;
+
+ $editor = replace_macros($tpl,array(
+ '$return_path' => $rp,
+ '$webpage' => ITEM_TYPE_WEBPAGE,
+ '$placeholdpagetitle' => t('Page link title'),
+ '$pagetitle' => $page_title,
+ '$writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_storage'),
+ '$action' => 'item',
+ '$share' => t('Edit'),
+ '$bold' => t('Bold'),
+ '$italic' => t('Italic'),
+ '$underline' => t('Underline'),
+ '$quote' => t('Quote'),
+ '$code' => t('Code'),
+ '$upload' => t('Upload photo'),
+ '$attach' => t('Attach file'),
+ '$weblink' => t('Insert web link'),
+ '$youtube' => t('Insert YouTube video'),
+ '$video' => t('Insert Vorbis [.ogg] video'),
+ '$audio' => t('Insert Vorbis [.ogg] audio'),
+ '$setloc' => t('Set your location'),
+ '$noloc' => ((get_pconfig($uid, 'system', 'use_browser_location')) ? t('Clear browser location') : ''),
+ '$wait' => t('Please wait'),
+ '$permset' => t('Permission settings'),
+ '$ptyp' => $itm[0]['type'],
+ '$content' => undo_post_tagging($itm[0]['body']),
+ '$post_id' => $post_id,
+ '$baseurl' => z_root(),
+ '$defloc' => $itm[0]['location'],
+ '$visitor' => ($is_owner) ? true : false,
+ '$acl' => populate_acl($itm[0],false),
+ '$showacl' => ($is_owner) ? true : false,
+ '$public' => t('Public post'),
+ '$jotnets' => $jotnets,
+ '$mimeselect' => $mimeselect,
+ '$layoutselect' => $layoutselect,
+ '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+ '$placeholdertitle' => t('Title (optional)'),
+ '$category' => '',
+ '$placeholdercategory' => t('Categories (optional, comma-separated list)'),
+ '$emtitle' => t('Example: bob@example.com, mary@example.com'),
+ 'lockstate' => (((strlen($itm[0]['allow_cid'])) || (strlen($itm[0]['allow_gid'])) || (strlen($itm[0]['deny_cid'])) || (strlen($itm[0]['deny_gid']))) ? 'lock' : 'unlock'),
+ '$bang' => '',
+ '$profile_uid' => (intval($owner)),
+ '$preview' => t('Preview'),
+ '$jotplugins' => $jotplugins,
+ '$sourceapp' => \App::$sourcename,
+ '$defexpire' => '',
+ '$feature_expire' => false,
+ '$expires' => t('Set expiration date'),
+ '$bbcode' => (($mimetype == 'text/bbcode') ? true : false)
+ ));
+
+ $o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+ '$title' => t('Edit Webpage'),
+ '$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
+ '$editor' => $editor,
+ '$id' => $itm[0]['id']
+ ));
+
+ return $o;
+
+ }
+
+
+
+}