isLoggedIn() ) { bm_loginAndPassThrough($action); exit; } else if ( $action == 'login') { $action = requestVar('nextaction'); } $action = strtolower($action); if ( $action == 'contextmenucode' ) { bm_doContextMenuCode(); exit; } else if ( $action == '' ) { $action = 'add'; } // send HTTP 1.1 message header for Content-Type sendContentType('text/html', 'bookmarklet-' . $action); // check ticket $aActionsNotToCheck = array('login', 'add', 'edit'); if ( !in_array($action, $aActionsNotToCheck) ) { if ( !$manager->checkTicket() ) { bm_doError(_ERROR_BADTICKET); } } // find out what to do switch ( $action ) { // adds the item for real case 'additem': bm_doAddItem(); break; // shows the edit item form case 'edit': bm_doEditForm(); break; // edits the item for real case 'edititem': bm_doEditItem(); break; // on login, 'action' gets changed to 'nextaction' case 'login': bm_doError('Something went wrong'); break; // shows the fill in form case 'add': default: bm_doShowForm(); break; } function bm_doAddItem() { global $member, $manager, $CONF; $manager->loadClass('ITEM'); $result = Item::createFromRequest(); if ( $result['status'] == 'error' ) { bm_doError($result['message']); } $blogid = getBlogIDFromItemID($result['itemid']); $blog =& $manager->getBlog($blogid); if ( $result['status'] == 'newcategory' ) { $message = 'Item was added, and a new category was created. Click here to edit the name and description of the category.'; $extrahead = ''; } else { $message = _ITEM_ADDED; $extrahead = ''; } bm_message(_ITEM_ADDED, _ITEM_ADDED, $message,$extrahead); return; } function bm_doEditItem() { global $member, $manager, $CONF; $itemid = intRequestVar('itemid'); $catid = postVar('catid'); // only allow if user is allowed to alter item if ( !$member->canUpdateItem($itemid, $catid) ) { bm_doError(_ERROR_DISALLOWED); } $body = postVar('body'); $title = postVar('title'); $more = postVar('more'); $closed = intPostVar('closed'); $actiontype = postVar('actiontype'); $draftid = intPostVar('draftid'); // redirect to admin area on delete (has delete confirmation) if ( $actiontype == 'delete' ) { redirect('index.php?action=itemdelete&itemid=' . $itemid); exit; } // create new category if needed (only on edit/changedate) if ( i18n::strpos($catid,'newcat') === 0 ) { // get blogid list($blogid) = sscanf($catid, "newcat-%d"); // create $blog =& $manager->getBlog($blogid); $catid = $blog->createNewCategory(); // show error when sth goes wrong if ( !$catid ) { bm_doError('Could not create new category'); } } // only edit action is allowed for bookmarklet edit switch ( $actiontype ) { case 'changedate': $publish = 1; $wasdraft = 0; $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year') ); break; case 'edit': $publish = 1; $wasdraft = 0; $timestamp = 0; break; case 'backtodrafts': $publish = 0; $wasdraft = 0; $timestamp = 0; break; default: bm_doError('Something went wrong'); } // update item for real Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp); if ( $draftid > 0 ) { Item::delete($draftid); } // show success message if ( $catid != intPostVar('catid') ) { bm_message(_ITEM_UPDATED, _ITEM_UPDATED, 'Item was added, and a new category was created. Click here to edit the name and description of the category.', ''); } else { bm_message(_ITEM_UPDATED, _ITEM_UPDATED, _ITEM_UPDATED, ''); } return; } function bm_loginAndPassThrough($action='add') { $blogid = intRequestVar('blogid'); $itemid = intRequestVar('itemid'); $log_text = requestVar('logtext'); $log_link = requestVar('loglink'); $log_linktitle = requestVar('loglinktitle'); echo "\n"; echo "\n"; echo "\n"; echo "Nucleus CMS Bookmarklet\n"; bm_style(); echo "\n"; echo "\n"; echo '

' . _LOGIN_PLEASE . "

\n"; echo "\n"; echo '

' . _POPUP_CLOSE . "

\n"; echo "\n"; echo "\n"; return; } function bm_doShowForm() { global $manager, $member; $blogid = intRequestVar('blogid'); $log_text = trim(requestVar('logtext')); $log_link = requestVar('loglink'); $log_linktitle = requestVar('loglinktitle'); if ( !Blog::existsID($blogid) ) { bm_doError(_ERROR_NOSUCHBLOG); } else { $blog =& $manager->getBlog($blogid); } if ( !$member->isTeamMember($blogid) ) { bm_doError(_ERROR_NOTONTEAM); } $logje = ''; if ( $log_text ) { $logje .= '

"' . Entity::hsc($log_text) . '"

' . "\n"; } if ( !$log_linktitle ) { $log_linktitle = $log_link; } if ( $log_link ) { $logje .= '' . Entity::hsc($log_linktitle) . ''; } $variables = array(); $variables['body'] = $logje; $variables['title'] = Entity::hsc($log_linktitle); $handler = new PageFactory($blog); $handler->setVariables($variables); $contents = $handler->getTemplateFor('bookmarklet', 'add'); $manager->notify('PreAddItemForm', array('contents' => &$contents, 'blog' => &$blog)); $parser = new Parser($handler); $parser->parse($contents); return; } function bm_doEditForm() { global $member, $manager; $itemid = intRequestVar('itemid'); if ( !$manager->existsItem($itemid, 0, 0) ) { bm_doError(_ERROR_NOSUCHITEM); } if ( !$member->canAlterItem($itemid) ) { bm_doError(_ERROR_DISALLOWED); } $variables =& $manager->getItem($itemid, 1, 1); $blog =& $manager->getBlog(getBlogIDFromItemID($itemid) ); $manager->notify('PrepareItemForEdit', array('item' => &$variables) ); if ( $blog->convertBreaks() ) { $variables['body'] = removeBreaks($variables['body']); $variables['more'] = removeBreaks($variables['more']); } $handler = new PageFactory($blog); $handler->setVariables($variables); $contents = $handler->getTemplateFor('bookmarklet', 'edit'); $parser = new Parser($handler); $parser->parse($contents); return; } function bm_doError($msg) { bm_message(_ERROR, _ERRORMSG, $msg); die; } function bm_message($title, $head, $msg, $extrahead = '') { echo "\n"; echo "\n"; echo "\n"; echo "{$title}\n"; bm_style(); echo $extrahead . "\n"; echo "\n"; echo "\n"; echo "

{$head}

\n"; echo "

{$msg}

\n"; echo '

' . _POPUP_CLOSE . "

\n"; echo "\n"; echo "\n"; return; } function bm_style() { echo "\n"; echo "\n"; return; } function bm_doContextMenuCode($width=600, $height=500) { global $CONF; $blogid = (integer) intGetVar('blogid'); echo "\n"; }