sibtracker/system/inc/addnews.php
2019-05-18 13:46:03 +08:00

398 lines
18 KiB
PHP
Raw Blame History

<?PHP
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {die( "Hacking attempt!" );}
if( ! $user_group[$member_id['user_group']]['admin_addnews'] ) {msg( "error", $lang['index_denied'], $lang['index_denied'] );}
if( $action == "addnews" ) {
echoheader( "addnews", $lang['addnews'] );
$id= "";
echo "
<SCRIPT LANGUAGE=\"JavaScript\">
function preview(){";
echo "if(document.addnews.short_story.value == '' || document.addnews.title.value == ''){ alert('$lang[addnews_alert]'); }
else{
dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
document.addnews.mod.value='preview';document.addnews.target='prv'
document.addnews.submit();dd.focus()
setTimeout(\"document.addnews.mod.value='addnews';document.addnews.target='_self'\",500)
}}
function auto_keywords ( key ){
var short_txt = document.getElementById('short_story').value;
var full_txt = document.getElementById('full_story').value;
ShowLoading('');
$.post(\"system/ajax/keywords.php\", { short_txt: short_txt, full_txt: full_txt, key: key }, function(data){
HideLoading('');
if (key == 1) { $('#autodescr').val(data); }
else { $('#keywords').val(data); }
});
return false;
}
function find_relates ( )
{
var title = document.getElementById('title').value;
ShowLoading('');
$.post('system/ajax/find_relates.php', { title: title }, function(data){
HideLoading('');
$('#related_news').html(data);
});
return false;
};
</SCRIPT>";
echo "<form method=post enctype=\"multipart/form-data\" name=\"addnews\" id=\"addnews\" onsubmit=\"if(document.addnews.title.value == '' || document.addnews.short_story.value == ''){DLEalert('$lang[addnews_alert]', '$lang[p_info]');return false}\" action=\"$PHP_SELF\">";
$categories_list = CategoryNewsSelection( 0, 0 );
if( $config['allow_multi_category'] ) $category_multiple = "class=\"cat_select\" multiple"; else $category_multiple = "";
echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="system/skins/calendar-blue.css" title="win2k-cold-1" />
<script type="text/javascript" src="system/skins/calendar.js"></script>
<script type="text/javascript" src="system/skins/tabs.js"></script>
<div id='loading-layer' style='display:none;font-family: Verdana;font-size: 11px;width:200px;height:50px;background:#FFF;padding:10px;text-align:center;border:1px solid #000'><div style='font-weight:bold' id='loading-layer-text'>{$lang['ajax_info']}</div><br /><img src='system/ajax/loading.gif' border='0' /></div>
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['addnews_news']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<div id="dle_tabView1">
<div class="dle_aTab" style="display:none;">
<table width="100%">
<tr>
<td width="140" height="29" style="padding-left:5px;">{$lang['addnews_title']}</td>
<td><input class="edit" type="text" size="55" name="title" id="title"> <input class="edit" type="button" onClick="find_relates(); return false;" style="width:160px;" value="{$lang['b_find_related']}"> <a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_title]}', this, event, '220px')">[?]</a><span id="related_news"></span></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['addnews_date']}</td>
<td><input type="text" name="newdate" id="f_date_c" size="20" class=edit>
<img src="system/skins/images/img.gif" align="absmiddle" id="f_trigger_c" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>&nbsp;<input type="checkbox" name="allow_date" value="yes" checked>&nbsp;{$lang['edit_jdate']}<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_calendar]}', this, event, '320px')">[?]</a>
<script type="text/javascript">
Calendar.setup({
inputField : "f_date_c", // id of the input field
ifFormat : "%Y-%m-%d %H:%M", // format of the input field
button : "f_trigger_c", // trigger for the calendar (button ID)
align : "Br", // alignment
timeFormat : "24",
showsTime : true,
singleClick : true
});
</script></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['addnews_cat']}</td>
<td><select name="category[]" id="category" onchange="onCategoryChange(this.value)" $category_multiple>
{$categories_list}
</select>
</td>
</tr>
</table>
<div class="hr_line"></div>
<table width="100%">
HTML;
include (SYSTEM_DIR . '/inc/include/inserttag.php');
echo <<<HTML
<tr>
<td height="29" width="140" style="padding-left:5px;">{$lang['addnews_short']}<br /><input class=bbcodes style="width: 30px;" onclick="document.addnews.short_story.rows += 5;" type=button value=" + ">&nbsp;&nbsp;<input class=bbcodes style="width: 30px;" onclick="document.addnews.short_story.rows -= 5;" type=button value=" - "></td>
<td>{$bb_code}<textarea rows="13" style="width:98%; padding:0px;" onclick="setFieldName(this.name)" name="short_story" id="short_story"></textarea>
</td></tr>
HTML;
echo <<<HTML
<tr>
<td height="29" style="padding-left:5px;">{$lang['addnews_full']}<br /><span class="navigation">({$lang['addnews_alt']})</span><br /><input class=bbcodes style="width: 30px;" onclick="document.addnews.full_story.rows += 5;" type=button value=" + ">&nbsp;&nbsp;<input class=bbcodes style="width: 30px;" onclick="document.addnews.full_story.rows -= 5;" type=button value=" - "></td>
<td><textarea rows="16" onclick="setFieldName(this.name)" name="full_story" id="full_story" style="width:98%;"></textarea>
</td></tr>
HTML;
include (SYSTEM_DIR . '/inc/newsimg/addimg.php');
if( $user_group[$member_id['user_group']]['allow_fixed']) $fix_input = "<input type=\"checkbox\" name=\"news_fixed\" value=\"1\"> $lang[addnews_fix]";
if( $user_group[$member_id['user_group']]['allow_main'] ) $main_input = "<input type=\"checkbox\" name=\"allow_main\" value=\"1\" checked> {$lang['addnews_main']}";
echo <<<HTML
<tr>
<td colspan="2"><div class="hr_line"></div></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['addnews_option']}</td>
<td><input type="checkbox" name="approve" value="1" checked> {$lang['addnews_mod']}<br /><br />
{$main_input}&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="checkbox" name="allow_comm" value="1" checked> {$lang['addnews_comm']}<br />
<input type="checkbox" name="allow_rating" value="1" checked> {$lang['addnews_allow_rate']}&nbsp;&nbsp;&nbsp;{$fix_input}
</td>
</tr>
</table>
</div>
HTML;
echo <<<HTML
<div class="dle_aTab" style="display:none;">
<table width="100%">
<tr>
<td width="140" style="padding:4px;">{$lang['v_ftitle']}</td>
<td ><input type="text" class="edit" name="vote_title" style="width:350px"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_ftitle]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['vote_title']}</td>
<td><input type="text" class="edit" name="frage" style="width:350px"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_vtitle]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:4px;">$lang[vote_body]<br /><span class="navigation">$lang[vote_str_1]</span></td>
<td><textarea rows="10" style="width:350px;" name="vote_body"></textarea>
</td>
</tr>
<tr>
<td style="padding:4px;">&nbsp;</td>
<td><input type="checkbox" name="allow_m_vote" value="1"> {$lang['v_multi']}</td>
</tr>
<tr>
<td colspan="2"><div class="hr_line"></div></td>
</tr>
</table>
<div class="navigation">{$lang['v_info']}</div>
</div>
<div class="dle_aTab" style="display:none;">
<table width="100%">
<tr>
<td width="140" height="29" style="padding-left:5px;">URL <20><><EFBFBD><EFBFBD><EFBFBD></td>
<td><input type="text" name="remote_addr" size="55" class="edit"></td>
</tr>
<tr>
<td width="140" height="29" style="padding-left:5px;">{$lang['addnews_url']}</td>
<td><input type="text" name="alt_name" size="55" class="edit"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_url]}', this, event, '300px')">[?]</a></td>
</tr>
<tr>
<td width="140" height="29" style="padding-left:5px;">{$lang['addnews_tags']}</td>
<td><input type="text" name="tags" size="55" class="edit"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_tags]}', this, event, '300px')">[?]</a></td>
</tr>
<tr>
<td colspan="2"><div class="hr_line"></div></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>{$lang['add_metatags']}<a href="#" class="hintanchor" onMouseover="showhint('{$lang['hint_metas']}', this, event, '220px')">[?]</a></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_title']}</td>
<td><input type="text" name="meta_title" style="width:388px;" class="edit"></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_descr']}</td>
<td><input type="text" name="descr" id="autodescr" style="width:388px;" class="edit"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_keys']}</td>
<td><textarea name="keywords" id='keywords' style="width:388px;height:70px;"></textarea><br />
<input onClick="auto_keywords(1)" type="button" class="buttons" value="{$lang['btn_descr']}" style="width:170px;">&nbsp;
<input onClick="auto_keywords(2)" type="button" class="buttons" value="{$lang['btn_keyword']}" style="width:210px;">
</td>
</tr>
</table>
</div>
<div class="dle_aTab" style="display:none;">
<table width="100%">
HTML;
if( $member_id['user_group'] < 3 ) {
foreach ( $user_group as $group ) {
if( $group['id'] > 1 ) {
echo <<<HTML
<tr>
<td width="150" style="padding:4px;">{$group['group_name']}</td>
<td><select name="group_extra[{$group['id']}]">
<option value="0">{$lang['ng_group']}</option>
<option value="1">{$lang['ng_read']}</option>
<option value="2">{$lang['ng_all']}</option>
<option value="3">{$lang['ng_denied']}</option>
</select></td>
</tr>
HTML;
}
}
} else {
echo <<<HTML
<tr>
<td style="padding:4px;"><br />{$lang['tabs_not']}</br /><br /></td>
</tr>
HTML;
}
echo <<<HTML
<tr>
<td colspan="2"><div class="hr_line"></div></td>
</tr>
</table>
<div class="navigation">{$lang['tabs_g_info']}</div>
</div>
</div>
HTML;
echo <<<HTML
<div style="padding-left:150px;padding-top:5px;padding-bottom:5px;">
<input type="submit" class="buttons" value="{$lang['btn_send']}" style="width:100px;">&nbsp;
<input onClick="preview()" type="button" class="buttons" value="{$lang['btn_preview']}" style="width:100px;">
<input type=hidden name=mod value=addnews>
<input type=hidden name=action value=doaddnews>
<input type="hidden" name="user_hash" value="$dle_login_hash" />
</div>
</td>
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
<script type="text/javascript">
initTabs('dle_tabView1',Array('{$lang['tabs_news']}','{$lang['tabs_vote']}','{$lang['tabs_extra']}','{$lang['tabs_perm']}'),0, '100%');
</script>
HTML;
echofooter();
} // ********************************************************************************
// Do add News
// ********************************************************************************
elseif( $action == "doaddnews" ) {
include_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
$allow_comm = isset( $_POST['allow_comm'] ) ? intval( $_POST['allow_comm'] ) : 0;
$allow_main = isset( $_POST['allow_main'] ) ? intval( $_POST['allow_main'] ) : 0;
$approve = isset( $_POST['approve'] ) ? intval( $_POST['approve'] ) : 0;
$allow_rating = isset( $_POST['allow_rating'] ) ? intval( $_POST['allow_rating'] ) : 0;
$news_fixed = isset( $_POST['news_fixed'] ) ? intval( $_POST['news_fixed'] ) : 0;
$category = $_POST['category'];
if( ! count( $category ) ) {
$category = array ();
$category[] = '0';
}
$category_list = array();
foreach ( $category as $value ) {$category_list[] = intval($value);}
$category_list = $db->safesql( implode( ',', $category ) );
$allow_list = explode( ',', $user_group[$member_id['user_group']]['cat_add'] );
foreach ( $category as $selected ) {
if( $allow_list[0] != "all" and ! in_array( $selected, $allow_list ) and $member_id['user_group'] != "1" ) $approve = 0;
}
if( !$user_group[$member_id['user_group']]['moderation'] ) $approve = 0;
$title = $parse->process( trim( strip_tags ($_POST['title']) ) );
$full_story = $parse->process( $_POST['full_story'] );
$short_story = $parse->process( $_POST['short_story'] );
$full_story = $db->safesql( $parse->BB_Parse( $full_story, false ) );
$short_story = $db->safesql( $parse->BB_Parse( $short_story, false ) );
if( $parse->not_allowed_text ) {
msg( "error", $lang['addnews_error'], $lang['news_err_39'], "javascript:history.go(-1)" );
}
$alt_name = $_POST['alt_name'];
$remote_addr = $_POST['remote_addr'];
if( trim( $alt_name ) == "" or ! $alt_name ) $alt_name = totranslit( stripslashes( $title ), true, false );
else $alt_name = totranslit( stripslashes( $alt_name ), true, false );
$title = $db->safesql( $title );
$metatags = create_metatags( $short_story . $full_story );
if( preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $_POST['tags'] ) ) $_POST['tags'] = "";
else $_POST['tags'] = $db->safesql( htmlspecialchars( strip_tags( stripslashes( trim( $_POST['tags'] ) ) ), ENT_QUOTES ) );
if ( $_POST['tags'] ) {
$temp_array = array();
$tags_array = array();
$temp_array = explode (",", $_POST['tags']);
if (count($temp_array)) {foreach ( $temp_array as $value ) {if( trim($value) ) $tags_array[] = trim( $value );}}
if ( count($tags_array) ) $_POST['tags'] = implode(", ", $tags_array); else $_POST['tags'] = "";
}
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if( trim( $_POST['vote_title'] != "" ) ) {
$add_vote = 1;
$vote_title = trim( $db->safesql( $parse->process( $_POST['vote_title'] ) ) );
$frage = trim( $db->safesql( $parse->process( $_POST['frage'] ) ) );
$vote_body = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['vote_body'] ), false ) );
$allow_m_vote = intval( $_POST['allow_m_vote'] );
} else $add_vote = 0;
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if( $member_id['user_group'] < 3 ) {
$group_regel = array ();
foreach ( $_POST['group_extra'] as $key => $value ) {if( $value ) $group_regel[] = intval( $key ) . ':' . intval( $value );}
if( count( $group_regel ) ) $group_regel = implode( "||", $group_regel );
else $group_regel = "";
} else $group_regel = '';
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
$added_time = time() + ($config['date_adjust'] * 60);
$newdate = $_POST['newdate'];
if( $_POST['allow_date'] != "yes" ) {
if( (($newsdate = strtotime( $newdate )) === - 1) or !$newsdate ) {msg( "error", $lang['addnews_error'], $lang['addnews_erdate'], "javascript:history.go(-1)" );
} else {$thistime = date( "Y-m-d H:i:s", $newsdate );}
if( ! intval( $config['no_date'] ) and $newsdate > $added_time ) {$thistime = date( "Y-m-d H:i:s", $added_time );}
} else $thistime = date( "Y-m-d H:i:s", $added_time );
////////////////////////////
if( trim( $title ) == "") {msg( "error", $lang['addnews_error'], $lang['addnews_alert'], "javascript:history.go(-1)" );}
if( strlen( $title ) > 255 ) {msg( "error", $lang['addnews_error'], $lang['addnews_error'], "javascript:history.go(-1)" );}
$db->query( "INSERT INTO " . PREFIX . "_post (date, autor, short_story, full_story, title, descr, keywords, category, alt_name, allow_comm, approve, allow_main, fixed, allow_rate, votes, access, remote_addr, tags, metatitle) values ('$thistime', '{$member_id['name']}', '$short_story', '$full_story', '$title', '{$metatags['description']}', '{$metatags['keywords']}', '$category_list', '$alt_name', '$allow_comm', '$approve', '$allow_main', '$news_fixed', '$allow_rating', '$add_vote', '$group_regel', '$remote_addr', '{$_POST['tags']}', '{$metatags['title']}')" );
$row = $db->insert_id();
include (system_DIR . '/inc/newsimg/doaddimg.php');
if( $add_vote ) {
$db->query( "INSERT INTO " . PREFIX . "_poll (news_id, title, frage, body, votes, multiple) VALUES('{$row}', '$vote_title', '$frage', '$vote_body', 0, '$allow_m_vote')" );
}
if( $_POST['tags'] != "" and $approve ) {
$tags = array ();
$_POST['tags'] = explode( ",", $_POST['tags'] );
foreach ( $_POST['tags'] as $value ) {$tags[] = "('" . $row . "', '" . trim( $value ) . "')";}
$tags = implode( ", ", $tags );
$db->query( "INSERT INTO " . PREFIX . "_tags (news_id, tag) VALUES " . $tags );
}
$db->query( "UPDATE " . PREFIX . "_images set news_id='{$row}' where author = '{$member_id['name']}' AND news_id = '0'" );
$db->query( "UPDATE " . PREFIX . "_torrents set news_id='{$row}' where author = '{$member_id['name']}' AND news_id = '0'" );
$db->query( "UPDATE " . PREFIX . "_files set news_id='{$row}' where author = '{$member_id['name']}' AND news_id = '0'" );
$db->query( "UPDATE " . USERPREFIX . "_users set news_num=news_num+1 where user_id='{$member_id['user_id']}'" );
$cache->clear();
msg( "info", $lang['addnews_ok'], $lang['addnews_ok_1'] . " \"" . stripslashes( stripslashes( $title ) ) . "\" " . $lang['addnews_ok_2'] );
}
?>