2016-04-19 03:38:38 +00:00
|
|
|
<?php
|
|
|
|
|
namespace Zotlabs\Module;
|
|
|
|
|
|
2016-05-22 23:54:30 +00:00
|
|
|
require_once('include/channel.php');
|
2016-04-19 03:38:38 +00:00
|
|
|
require_once('include/acl_selectors.php');
|
2016-05-09 09:56:42 +00:00
|
|
|
require_once('include/conversation.php');
|
2016-04-19 03:38:38 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class Editwebpage extends \Zotlabs\Web\Controller {
|
|
|
|
|
|
|
|
|
|
function init() {
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
|
|
|
|
|
$sys = get_sys_channel();
|
|
|
|
|
if($sys && intval($sys['channel_id'])) {
|
|
|
|
|
\App::$is_sys = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(argc() > 1)
|
|
|
|
|
$which = argv(1);
|
|
|
|
|
else
|
|
|
|
|
return;
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-06-27 05:13:59 +00:00
|
|
|
profile_load($which);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
|
|
|
|
function get() {
|
|
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(! \App::$profile) {
|
|
|
|
|
notice( t('Requested profile is not available.') . EOL );
|
|
|
|
|
\App::$error = 404;
|
|
|
|
|
return;
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$which = argv(1);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$uid = local_channel();
|
|
|
|
|
$owner = 0;
|
|
|
|
|
$channel = null;
|
|
|
|
|
$observer = \App::get_observer();
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$channel = \App::get_channel();
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(\App::$is_sys && is_site_admin()) {
|
|
|
|
|
$sys = get_sys_channel();
|
|
|
|
|
if($sys && intval($sys['channel_id'])) {
|
|
|
|
|
$uid = $owner = intval($sys['channel_id']);
|
|
|
|
|
$channel = $sys;
|
|
|
|
|
$observer = $sys;
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(! $owner) {
|
|
|
|
|
// Figure out who the page owner is.
|
|
|
|
|
$r = q("select channel_id from channel where channel_address = '%s'",
|
|
|
|
|
dbesc($which)
|
|
|
|
|
);
|
|
|
|
|
if($r) {
|
|
|
|
|
$owner = intval($r[0]['channel_id']);
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
|
|
|
|
|
notice( t('Permission denied.') . EOL);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$is_owner = (($uid && $uid == $owner) ? true : false);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$o = '';
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
// Figure out which post we're editing
|
|
|
|
|
$post_id = ((argc() > 2) ? intval(argv(2)) : 0);
|
|
|
|
|
|
|
|
|
|
if(! $post_id) {
|
|
|
|
|
notice( t('Item not found') . EOL);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$perms = get_all_perms($owner,$ob_hash);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if(! $perms['write_pages']) {
|
|
|
|
|
notice( t('Permission denied.') . EOL);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
// We've already figured out which item we want and whose copy we need,
|
|
|
|
|
// so we don't need anything fancy here
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$sql_extra = item_permissions_sql($owner);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-10-09 23:31:04 +00:00
|
|
|
$itm = q("SELECT * FROM item WHERE id = %d and uid = %s $sql_extra LIMIT 1",
|
2016-04-19 03:38:38 +00:00
|
|
|
intval($post_id),
|
|
|
|
|
intval($owner)
|
|
|
|
|
);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2017-04-21 03:19:15 +00:00
|
|
|
// don't allow web editing of potentially binary content (item_obscured = 1)
|
|
|
|
|
// @FIXME how do we do it instead?
|
|
|
|
|
|
|
|
|
|
if((! $itm) || intval($itm[0]['item_obscured'])) {
|
2016-04-19 03:38:38 +00:00
|
|
|
notice( t('Permission denied.') . EOL);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-06-14 02:58:24 +00:00
|
|
|
$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
|
2016-04-19 03:38:38 +00:00
|
|
|
intval($itm[0]['id'])
|
|
|
|
|
);
|
|
|
|
|
if($item_id)
|
2017-05-26 21:52:45 +00:00
|
|
|
$page_title = urldecode($item_id[0]['v']);
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$mimetype = $itm[0]['mimetype'];
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
if($mimetype === 'application/x-php') {
|
|
|
|
|
if((! $uid) || ($uid != $itm[0]['uid'])) {
|
|
|
|
|
notice( t('Permission denied.') . EOL);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-09 09:56:42 +00:00
|
|
|
$layout = $itm[0]['layout_mid'];
|
2017-03-18 23:41:43 +00:00
|
|
|
|
|
|
|
|
$content = $itm[0]['body'];
|
|
|
|
|
if($itm[0]['mimetype'] === 'text/markdown')
|
|
|
|
|
$content = \Zotlabs\Lib\MarkdownSoap::unescape($itm[0]['body']);
|
2016-04-19 03:38:38 +00:00
|
|
|
|
|
|
|
|
$rp = 'webpages/' . $which;
|
2016-05-09 09:56:42 +00:00
|
|
|
|
|
|
|
|
$x = array(
|
|
|
|
|
'nickname' => $channel['channel_address'],
|
|
|
|
|
'bbco_autocomplete'=> (($mimetype == 'text/bbcode') ? 'bbcode' : ''),
|
|
|
|
|
'return_path' => $rp,
|
|
|
|
|
'webpage' => ITEM_TYPE_WEBPAGE,
|
|
|
|
|
'ptlabel' => t('Page link'),
|
|
|
|
|
'pagetitle' => $page_title,
|
|
|
|
|
'writefiles' => (($mimetype == 'text/bbcode') ? perm_is_allowed($owner, get_observer_hash(), 'write_storage') : false),
|
|
|
|
|
'button' => t('Edit'),
|
|
|
|
|
'weblink' => (($mimetype == 'text/bbcode') ? t('Insert web link') : false),
|
|
|
|
|
'hide_location' => true,
|
|
|
|
|
'hide_voting' => true,
|
|
|
|
|
'ptyp' => $itm[0]['type'],
|
2017-03-18 23:41:43 +00:00
|
|
|
'body' => undo_post_tagging($content),
|
2016-05-09 09:56:42 +00:00
|
|
|
'post_id' => $post_id,
|
|
|
|
|
'visitor' => ($is_owner) ? true : false,
|
2016-07-12 04:46:16 +00:00
|
|
|
'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
|
2016-08-04 09:23:43 +00:00
|
|
|
'permissions' => $itm[0],
|
2016-05-09 09:56:42 +00:00
|
|
|
'showacl' => ($is_owner) ? true : false,
|
|
|
|
|
'mimetype' => $mimetype,
|
|
|
|
|
'mimeselect' => true,
|
|
|
|
|
'layout' => $layout,
|
|
|
|
|
'layoutselect' => true,
|
|
|
|
|
'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
|
2016-04-19 03:38:38 +00:00
|
|
|
'lockstate' => (((strlen($itm[0]['allow_cid'])) || (strlen($itm[0]['allow_gid'])) || (strlen($itm[0]['deny_cid'])) || (strlen($itm[0]['deny_gid']))) ? 'lock' : 'unlock'),
|
2016-05-09 09:56:42 +00:00
|
|
|
'profile_uid' => (intval($owner)),
|
|
|
|
|
'bbcode' => (($mimetype == 'text/bbcode') ? true : false)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$editor = status_editor($a, $x);
|
|
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
|
|
|
|
|
'$title' => t('Edit Webpage'),
|
|
|
|
|
'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
|
|
|
|
|
'$editor' => $editor,
|
2018-05-11 03:54:48 +00:00
|
|
|
'$cancel' => t('Cancel'),
|
2016-04-19 03:38:38 +00:00
|
|
|
'$id' => $itm[0]['id']
|
|
|
|
|
));
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
return $o;
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
}
|
2016-05-09 09:56:42 +00:00
|
|
|
|
2016-04-19 03:38:38 +00:00
|
|
|
}
|
