Location: PHPKode > projects > PSlash > pslash-0.70/html/submit.php
<?
###############################################################################
# Copyright (C) 2000  Derek Leung
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# You may modify your copy or copies of this Program or any portion of it,
# but you must cause the modified files to carry prominent notices stating 
# that you changed the files and the date of any change.  And you are required 
# to keep a copy of this License along with this Program.
#
# You are not required to accept this License, since you have not signed it. 
# However, nothing else grants you permission to modify or distribute this 
# Program or its derivative works. These actions are prohibited by law if 
# you do not accept this License. Therefore, by modifying or distributing 
# this Program (or any work based on this Program), you indicate your 
# acceptance of this License to do so, and all its terms and conditions 
# for copying, distributing or modifying this Program or works based on it.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
# See the GNU General Public License for more details.
# http://www.opensource.org/licenses/gpl-license.html
###############################################################################

require("mainfile.php"); 
global $config;

function defaultDisplay() {

// show the submit form
	global $myTopic,$header,$config;
	
	$userArray = getCookie($config[user_cookie_name]);
	// do we allow you to post?  did you login?
	if (sizeof($userArray) <=0 && $config[anon_users] == 0) {
		header("Location:user.php?mesg=You+have+to+login+first+before+you+can+post+news!");
		exit();
	}

	// anonymous user, set the vairable.
	if (sizeof($userArray) <= 0) {
		$userArray[userid] = 0;
		$userArray[username] = translate("Anonymous");
	}

	$ip = getenv("REMOTE_ADDR");
	$topics = getAvailTopics();
	
	// all topics closed for admin posting, kick you out.
	if (sizeof($topics) <= 0) {
		errorPage("You are not allowed to post new stoires",$myTopic);
	}

	// make the header and stuff
	$header[titlebar] = translate("Submit news");
	ps_header($header);
	echo "<h3>" . translate("Submitting news") . "</h3>";
	echo "<font color=red>".sprintf(translate("Your username (%s) and your IP address (%s) will be logged.  If you misbehave, you will be BANNED."),$userArray[username],$ip) . "</font>";
	echo "<p>\n";

	// we now make the form
	echo "<FORM action=\"submit.php\" method=post name=\"story\">\n";
		echo "<b>".translate("Your Name")."</b> ";
		if ($userArray[userid] != 0) {
			echo "<a href=\"user.php\">$userArray[username]</a> ";
		} else {
			echo translate("Anonymous"); 
		} 
		?>
	
		<P><B><?php echo translate("Subject"); ?></B></FONT>
		<small><?php echo translate("(Be Descriptive, Clear and Short)"); ?></small><BR>
		<INPUT TYPE="text" NAME="subject" SIZE=50><BR>
		<BR>
		<?
		// make the topic list that a user can post.
		$topics2 = getAvailTopics();
		$sTopics=sizeof($topics2);
		if ($sTopics>0) {
			echo "<p><b>".translate("Topic")."</b></font>";
			echo "<select name=topic>";
			for ($i = 0; $i < $sTopics; $i++) {
				echo "<option value=\"$topics2[$i]\">$topics2[$i]\n";
			}
			echo "</select>";
		}
		?>
		<P><B><?php echo translate("The Scoop"); ?></B></FONT>
		<small><?php echo translate("(HTML is fine, but double check those URLs and HTML tags!)"); ?></small><BR>
		<TEXTAREA wrap=virtual cols=60 rows=12 name=story></TEXTAREA><BR>
		<input type=hidden name=myTopic value=<?=$myTopic?>>
		<INPUT type=hidden name=op value="PreviewStory">
		<INPUT type=submit value="<?php echo translate("Preview News"); ?>">
		<small><?php echo translate("(You must preview once before you can submit)"); ?></small>
	</FORM>

	<?
	echo "<small>".translate("Allowed HTML").":<br>";
	while (list($key,)= each($config[AllowableHTML])) echo " &lt;".$key."&gt;";
	echo "</small>";
	ps_footer("");
}

function PreviewStory($address, $subject, $story, $topic) {

// preview before a user post the story
	global $myTopic,$header,$config;
	
	// just checking for empty input
	if(empty($subject) ) {
		errorPage("You need to type in a subject!",$myTopic);
	}
	if(empty($story) ) {
		errorPage("You need to type in the news!",$myTopic);
	}

	// all topic for admin posting only, kick you out
	$topics = getAvailTopics();
	if (sizeof($topics) == 0) {
		errorPage("You are not allowed to post new stoires",$myTopic);
	}

	$subject = check_html($subject,"nohtml");
	$story =  check_html($story);
	$subject2 = htmlspecialchars($subject);
	$userArray = getCookie($config[user_cookie_name]);

	$header[titlebar] = translate("Previewing your news");
	ps_header($header);

	// now we make the form
	echo "<p>";
	echo "<FORM action=\"submit.php\" method=post name=\"story\">";
		echo "<b>".translate("Your Name")."</b> ";
		if (sizeof($userArray) > 0) {
			echo "<a href=\"user.php\">$userArray[username]</a>";
		} else {
			echo translate("Anonymous");
		} 

		themearticle($userArray[username],"NOW",$subject, myNl2Br($story));
		echo "<hr>";

		?>
	
		<p><b><?php echo translate("Topic"); ?></b> 
		<select name=topic>
			<?	// make the topic list
				for ($i = 0; $i < sizeof($topics); $i++) {
					echo "<option value=\"$topics[$i]\" ";
					if ($topic == $topics[$i]) echo "selected";
					echo ">$topics[$i]\n";
				}
	
			?>
		</select>
		<p><b><?php echo translate("Subject"); ?></b><br>
		<INPUT TYPE="text" NAME="subject" SIZE=50 value="<?PHP echo"$subject2"; ?>">
		<P><B><?php echo translate("The Scoop"); ?></B>
		<small><?php echo translate("(HTML is fine, but double check those URLs and HTML tags!)"); ?></small><BR>
		<TEXTAREA wrap=virtual cols=60 rows=12 name=story><?PHP echo"$story"; ?></TEXTAREA><BR>
	
		<Select name="op">
			<option value="PreviewStory"><?php echo translate("Preview again"); ?></option>
			<option value="SubmitStory"><?php echo translate("Submit news"); ?></option>
		</select>
		<input type=hidden name=myTopic value=<?=$myTopic?>>
		<INPUT type=submit value="<?php echo translate("Go!"); ?>">
	</FORM>
	<?	
	echo "<small>".translate("Allowed HTML").":<br>";	
	while (list($key,)= each($config[AllowableHTML])) echo " &lt;".$key."&gt;";
	echo "</small>";
	ps_footer("");
}


function submitStory($address, $subject, $story, $topic) {

// function to sumbit the story.
	global $myTopic,$header,$config;

	// check if there is any empty input
	if(empty($subject) ) {
		errorPage("You need to type in a subject!",$myTopic);
	}
	if(empty($story) ) {		
		errorPage("You need to type in the news!",$myTopic);
	}

	
	$userArray = getCookie($config[user_cookie_name]);

	// do we allow you to post?  did you login?
	if (sizeof($userArray) <=0 && $config[anon_users] == 0) {
		header("Location:user.php?mesg=You+have+to+login+first+before+you+can+post+news!");
		exit();
	}

	if (sizeof($userArray) > 0 ) {
		$uid = $userArray[userid];
		$name = $userArray[username];
	} else {
		$uid = 0;
		$name = translate("Anonymous");
	}
	$name = fixquotes($name);

	$ip = getenv("REMOTE_ADDR");
	$topics = getAvailTopics();

	// check if you can post on this topic
	if (sizeof($topics) > 0) {
		if (!in_array($topic,$topics)) {			
			errorMsg("You can not post news in $topic section!",$myTopic);
		}
	} else {
		errorPage("You can not post news in $topic section!",$myTopic);
	}
	
	$subject = FixQuotes(check_html($subject, "nohtml"));
	$story = FixQuotes(check_html($story));
	
	// get the moderate level.
	$result = mysql_query("select moderate from ps_topics where topic='$topic'");
	list($moderate) = mysql_fetch_row($result);
	mysql_free_result($result);

	// get the user status from DB
	$result = mysql_query("select status from ps_users where uid=$uid");
	list($status) = mysql_fetch_row($result);
	mysql_free_result($result);
	$topicsRight = getTopicRights();

	switch($moderate) {
	case 1:
		# register user or Admin/Moderator post directly
		$result = mysql_query("select count(*) from ps_stories where title='$subject' and full_text='$story' and topic='$topic' limit 30");
		list($duplicate) = mysql_fetch_row($result);
		if (!$duplicate) {
			
			mysql_query("insert into ps_stories values (NULL, '$name', '$subject', now(), '$story', 0, '$topic','$ip')");
			$result = mysql_query("update ps_users set newsPostNum=newsPostNum+1 where uid=$uid");
		}
		break;
	case 2:
		# register user put into queue, moderator or admin post directly if they have proper topic priviledge, else, they still go to queue.
		if ($status == "member" || !in_array($topic,$topicsRight)) {
			$result = mysql_query("select count(*) from ps_queue where subject='$subject' and story='$story' limit 30");
			list($duplicate) = mysql_fetch_row($result);
			if (!$duplicate) {
				$extraMesg = translate("Your post will not show in main page until it is verified by a moderator.");
				mysql_query("insert into ps_queue values (NULL, '$uid', '$name', '$subject', '$story', now(), '$topic','$ip')");
			}
		} else {
			$result = mysql_query("select count(*) from ps_stories where title='$subject' and full_text='$story' and topic='$topic' limit 30");
			list($duplicate) = mysql_fetch_row($result);
			if (!$duplicate) {
				
				mysql_query("insert into ps_stories values (NULL, '$name', '$subject', now(), '$story', 0, '$topic','$ip')");
				$result = mysql_query("update ps_users set newsPostNum=newsPostNum+1 where uid=$uid");
			}
		}
			
		break;
	case 3:
		# only admin can post with proper topic priviledge
		if ($status == "Admin" && in_array($topic,$topicsRight)) {
			$result = mysql_query("select count(*) from ps_stories where title='$subject' and full_text='$story' and topic='$topic' limit 30");
			list($duplicate) = mysql_fetch_row($result);
			if (!$duplicate) {
				mysql_query("insert into ps_stories values (NULL, '$name', '$subject', now(), '$story', 0, '$topic','$ip')");
				$result = mysql_query("update ps_users set newsPostNum=newsPostNum+1 where uid=$uid");
			}
		}
		break;
	}


	if ($duplicate) {
		$header[titlebar] = translate("Duplicate news detected");
		errorPage("We can not post the same news twice!",$myTopic);
	}
	if ($userArray[status] == "Admin" || $userArray[status] == "Moderator") {
		$mesg= translate("The+news+is+submitted.") . " " . $extraMesg;
		header("Location: admin.php?mesg=$mesg");
	} else {
		ps_header("");
		echo "<h3>" . translate("News Submitted") . "</h3>";
		echo translate("Thanks for your submission.") . " " . $extraMesg;
		echo "<br><br>";
		ps_footer("");
		exit;
	}
	
	
}

###################################################


$myTopic = $config[def_theme];
switch($op)
{
	case "PreviewStory":

		PreviewStory($address, $subject, $story, $topic);
		break;



	case "SubmitStory":
		SubmitStory($address, $subject, $story, $topic);
		break;

	default:

		defaultDisplay();
		break;

}

?>
Return current item: PSlash