fc1518e2d4bf248f88bf593ecaa7ff3faeb9b47b
[atutor.git] / docs / mods / _standard / blogs / edit_post.php
1 <?php\r
2 /****************************************************************/\r
3 /* ATutor                                                                                                               */\r
4 /****************************************************************/\r
5 /* Copyright (c) 2002-2010                                      */\r
6 /* Inclusive Design Institute                                   */\r
7 /* http://atutor.ca                                                                                             */\r
8 /*                                                              */\r
9 /* This program is free software. You can redistribute it and/or*/\r
10 /* modify it under the terms of the GNU General Public License  */\r
11 /* as published by the Free Software Foundation.                                */\r
12 /****************************************************************/\r
13 // $Id$\r
14 define('AT_INCLUDE_PATH', '../../../include/');\r
15 require (AT_INCLUDE_PATH.'vitals.inc.php');\r
16 \r
17 // authenticate ot+oid ....\r
18 $owner_type = abs($_REQUEST['ot']);\r
19 $owner_id = abs($_REQUEST['oid']);\r
20 if (!($owner_status = blogs_authenticate($owner_type, $owner_id)) || !query_bit($owner_status, BLOGS_AUTH_WRITE)) {\r
21         $msg->addError('ACCESS_DENIED');\r
22         header('Location: index.php');\r
23         exit;\r
24 }\r
25 \r
26 if (isset($_POST['cancel'])) {\r
27         $msg->addFeedback('CANCELLED');\r
28         header('Location: '.url_rewrite('mods/_standard/blogs/view.php?ot='.BLOGS_GROUP.SEP.'oid='.$_POST['oid'], AT_PRETTY_URL_IS_HEADER));\r
29         exit;\r
30 } else if (isset($_POST['submit'])) {\r
31         $_POST['title'] = $addslashes(trim($_POST['title']));\r
32         $_POST['body']  = $addslashes(trim($_POST['body']));\r
33         $id = abs($_POST['id']);\r
34 \r
35         if ($_POST['body'] == '') {\r
36                 $msg->addError(array('EMPTY_FIELDS', _AT('body')));\r
37         }\r
38 \r
39         if (!$msg->containsErrors()) {\r
40                 $_POST['private'] = abs($_POST['private']);\r
41                 $sql = "UPDATE ".TABLE_PREFIX."blog_posts SET private=$_POST[private], title='$_POST[title]', body='$_POST[body]', date=date WHERE owner_type=".BLOGS_GROUP." AND owner_id=$_REQUEST[oid] AND post_id=$id";\r
42                 mysql_query($sql, $db);\r
43 \r
44                 $msg->addFeedback('POST_ADDED_SUCCESSFULLY');\r
45 \r
46                 header('Location: '.url_rewrite('mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_POST['oid'].SEP.'id='.$id, AT_PRETTY_URL_IS_HEADER));\r
47                 exit;\r
48         }\r
49 }\r
50 \r
51 $id = abs($_REQUEST['id']);\r
52 $sql = "SELECT private, title, body FROM ".TABLE_PREFIX."blog_posts WHERE owner_type=".BLOGS_GROUP." AND owner_id=$_REQUEST[oid] AND post_id=$id";\r
53 $result = mysql_query($sql, $db);\r
54 $post_row = mysql_fetch_assoc($result);\r
55 \r
56 $_pages['mods/_standard/blogs/edit_post.php']['parent']    = 'mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id'];\r
57 $_pages['mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']] = $_pages['mods/_standard/blogs/post.php'];\r
58 $_pages['mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']]['children'] = array('mods/_standard/blogs/edit_post.php', 'mods/_standard/blogs/delete_post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']);\r
59 \r
60 $_pages['mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']]['parent'] = 'mods/_standard/blogs/view.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'];\r
61 $_pages['mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']]['title'] = $post_row['title'];\r
62 $_pages['mods/_standard/blogs/post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']]['children'] = array('mods/_standard/blogs/edit_post.php', 'mods/_standard/blogs/delete_post.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid'].SEP.'id='.$_REQUEST['id']);\r
63 \r
64 $_pages['mods/_standard/blogs/view.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid']]['title'] = blogs_get_blog_name(BLOGS_GROUP, $_REQUEST['oid']);\r
65 $_pages['mods/_standard/blogs/view.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid']]['parent']    = 'mods/_standard/blogs/index.php';\r
66 $_pages['mods/_standard/blogs/view.php?ot='.BLOGS_GROUP.SEP.'oid='.$_REQUEST['oid']]['children']  = array('mods/_standard/blogs/add_post.php');\r
67 \r
68 \r
69 $onload = 'document.form.title.focus();';\r
70 require (AT_INCLUDE_PATH.'header.inc.php');\r
71 \r
72 ?>\r
73 \r
74 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="form">\r
75 <input type="hidden" name="ot" value="<?php echo BLOGS_GROUP; ?>" />\r
76 <input type="hidden" name="oid" value="<?php echo abs($_REQUEST['oid']); ?>" />\r
77 <input type="hidden" name="id" value="<?php echo $id; ?>" />\r
78 <div class="input-form">\r
79         <div class="row">\r
80                 <label for="title"><?php echo _AT('title'); ?></label><br />\r
81                 <input type="text" name="title" id="title" value="<?php echo AT_print($post_row['title'], 'input.text'); ?>" size="50" />\r
82         </div>\r
83         <div class="row">\r
84                 <span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="body"><?php echo _AT('body'); ?></label><br />\r
85                 <textarea name="body" id="body" cols="40" rows="10"><?php echo AT_print($post_row['body'], 'input.text'); ?></textarea>\r
86         </div>\r
87 \r
88         <div class="row">       \r
89                 <a href="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES); ?>#jumpcodes" title="<?php echo _AT('jump_codes'); ?>"><img src="images/clr.gif" height="1" width="1" alt="<?php echo _AT('jump_codes'); ?>" border="0" /></a><?php require(AT_INCLUDE_PATH.'html/code_picker.inc.php'); ?>\r
90 \r
91                 <a name="jumpcodes"></a>\r
92         </div>\r
93 \r
94         <div class="row">\r
95                 <input type="checkbox" name="private" value="1" id="private" <?php if ($post_row['private']) { echo 'checked="checked"'; } ?> /><label for="private"><?php echo _AT('private'); ?></label>\r
96         </div>\r
97 \r
98         <div class="row buttons">\r
99                 <input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" /> <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" /> \r
100         </div>\r
101 </div>\r
102 </form>\r
103 \r
104 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>