3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4 * Copyright (C) 2002-2012 The Nucleus Group
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 * (see nucleus/documentation/index.html#license for more info)
13 * This script allows adding items to Nucleus through bookmarklets. The member must be logged in
14 * in order to use this.
16 * @license http://nucleuscms.org/license.txt GNU General Public License
17 * @copyright Copyright (C) 2002-2012 The Nucleus Group
18 * @version $Id: bookmarklet.php 1624 2012-01-09 11:36:20Z sakamocchi $
21 // bookmarklet is part of admin area (might need XML-RPC)
23 $CONF['UsingAdminArea'] = 1;
25 // include all classes and config data
26 include('../config.php');
28 $action = requestVar('action');
30 if ( $action == 'contextmenucode' )
32 bm_doContextMenuCode();
36 if ( !$member->isLoggedIn() )
38 bm_loginAndPassThrough();
42 // on successfull login
43 if ( ($action == 'login') && ($member->isLoggedIn()) )
45 $action = requestVar('nextaction');
52 sendContentType('text/html', 'bookmarklet-' . $action);
55 $action = strtolower($action);
56 $aActionsNotToCheck = array('login', 'add', 'edit');
58 if ( !in_array($action, $aActionsNotToCheck) )
60 if ( !$manager->checkTicket() )
62 bm_doError(_ERROR_BADTICKET);
66 // find out what to do
69 // adds the item for real
74 // shows the edit item form
79 // edits the item for real
84 // on login, 'action' gets changed to 'nextaction'
86 bm_doError('Something went wrong');
89 // shows the fill in form
96 function bm_doAddItem()
98 global $member, $manager, $CONF;
100 $manager->loadClass('ITEM');
101 $result = Item::createFromRequest();
103 if ( $result['status'] == 'error' )
105 bm_doError($result['message']);
108 $blogid = getBlogIDFromItemID($result['itemid']);
109 $blog =& $manager->getBlog($blogid);
111 if ( $result['status'] == 'newcategory' )
113 $message = 'Item was added, and a new category was created. <a href="index.php?action=categoryedit&blogid=' . $blogid . '&catid=' . $result['catid'] . '" onclick="if (event && event.preventDefault) event.preventDefault(); window.open(this.href); return false;" title="Opens in new window">Click here to edit the name and description of the category.</a>';
118 $message = _ITEM_ADDED;
122 bm_message(_ITEM_ADDED, _ITEM_ADDED, $message,$extrahead);
125 function bm_doEditItem()
127 global $member, $manager, $CONF;
129 $itemid = intRequestVar('itemid');
130 $catid = postVar('catid');
132 // only allow if user is allowed to alter item
133 if ( !$member->canUpdateItem($itemid, $catid) )
135 bm_doError(_ERROR_DISALLOWED);
138 $body = postVar('body');
139 $title = postVar('title');
140 $more = postVar('more');
141 $closed = intPostVar('closed');
142 $actiontype = postVar('actiontype');
143 $draftid = intPostVar('draftid');
145 // redirect to admin area on delete (has delete confirmation)
146 if ( $actiontype == 'delete' )
148 redirect('index.php?action=itemdelete&itemid=' . $itemid);
152 // create new category if needed (only on edit/changedate)
153 if ( strstr($catid,'newcat') )
156 list($blogid) = sscanf($catid, "newcat-%d");
159 $blog =& $manager->getBlog($blogid);
160 $catid = $blog->createNewCategory();
162 // show error when sth goes wrong
165 bm_doError('Could not create new category');
169 // only edit action is allowed for bookmarklet edit
170 switch ( $actiontype )
175 $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year') );
188 bm_doError('Something went wrong');
191 // update item for real
192 Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
196 Item::delete($draftid);
199 // show success message
200 if ( $catid != intPostVar('catid') )
202 bm_message(_ITEM_UPDATED, _ITEM_UPDATED, 'Item was added, and a new category was created. <a href="index.php?action=categoryedit&blogid=' . $blog->getID() . '&catid=' . $catid . '" onclick="if (event && event.preventDefault) event.preventDefault(); window.open(this.href); return false;" title="Opens in new window">Click here to edit the name and description of the category.</a>', '');
206 bm_message(_ITEM_UPDATED, _ITEM_UPDATED, _ITEM_UPDATED, '');
210 function bm_loginAndPassThrough()
212 $blogid = intRequestVar('blogid');
213 $log_text = requestVar('logtext');
214 $log_link = requestVar('loglink');
215 $log_linktitle = requestVar('loglinktitle');
217 echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
218 echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
220 echo "<title>Nucleus</title>\n";
226 echo '<h1>' . _LOGIN_PLEASE . "</h1>\n";
228 echo "<form method=\"post\" action=\"bookmarklet.php\">\n";
230 echo '<dt>' . _LOGINFORM_NAME . "</dt>\n";
231 echo "<dd><input type=\"text\" name=\"login\" value=\"\" /></dd>\n";
232 echo '<dt>' . _LOGINFORM_PWD . ":</dt>\n";
233 echo "<input type=\"password\" name=\"password\" value=\"\" /></dd>\n";
236 echo '<input type=\"hidden\" name="blogid" value="' . Entity::hsc($blogid). '" />' . "\n";
237 echo '<input type=\"hidden\" name="logtext" value="' . Entity::hsc($log_text) . '" />' . "\n";
238 echo '<input type=\"hidden\" name="loglink" value="' . Entity::hsc($log_link) . '" />' . "\n";
239 echo '<input type=\"hidden\" name="loglinktitle" value="' . Entity::hsc($log_linktitle) . '" />' . "\n";
240 echo '<button type="submit" name="action" value="login">' . _LOGIN . "</button>\n";
243 echo '<p><a href=\"bookmarklet.php\" onclick=\"window.close();\">' . _POPUP_CLOSE . "</a></p>\n";
249 function bm_doShowForm()
253 $blogid = intRequestVar('blogid');
254 $log_text = trim(requestVar('logtext'));
255 $log_link = requestVar('loglink');
256 $log_linktitle = requestVar('loglinktitle');
258 if ( !Blog::existsID($blogid) )
260 bm_doError(_ERROR_NOSUCHBLOG);
263 if ( !$member->isTeamMember($blogid) )
265 bm_doError(_ERROR_NOTONTEAM);
272 $logje .= '<blockquote><div>"' . Entity::hsc($log_text) . '"</div></blockquote>' . "\n";
275 if ( !$log_linktitle )
277 $log_linktitle = $log_link;
282 $logje .= '<a href="' . Entity::hsc($log_link) . '">' . Entity::hsc($log_linktitle) . '</a>';
285 $item['body'] = $logje;
286 $item['title'] = Entity::hsc($log_linktitle);
288 $factory = new PageFactory($blogid);
289 $factory->createAddForm('bookmarklet', $item);
293 function bm_doEditForm()
295 global $member, $manager;
297 $itemid = intRequestVar('itemid');
299 if ( !$manager->existsItem($itemid, 0, 0) )
301 bm_doError(_ERROR_NOSUCHITEM);
304 if ( !$member->canAlterItem($itemid) )
306 bm_doError(_ERROR_DISALLOWED);
309 $item =& $manager->getItem($itemid, 1, 1);
310 $blog =& $manager->getBlog(getBlogIDFromItemID($itemid) );
312 $manager->notify('PrepareItemForEdit', array('item' => &$item) );
314 if ( $blog->convertBreaks() )
316 $item['body'] = removeBreaks($item['body']);
317 $item['more'] = removeBreaks($item['more']);
320 $formfactory = new PageFactory($blog->getID() );
321 $formfactory->createEditForm('bookmarklet', $item);
325 function bm_doError($msg)
327 bm_message(_ERROR, _ERRORMSG, $msg);
331 function bm_message($title, $head, $msg, $extrahead = '')
333 echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
334 echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
336 echo "<title>{$title}</title>\n";
340 echo $extrahead . "\n";
343 echo "<h1>{$head}</h1>\n";
344 echo "<p>{$msg}</p>\n";
345 echo '<p><a href="bookmarklet.php" onclick="window.close();window.opener.location.reload();">' . _POPUP_CLOSE . "</a></p>\n";
353 echo '<link rel="stylesheet" type="text/css" href="styles/bookmarklet.css" />' . "\n";
354 echo '<link rel="stylesheet" type="text/css" href="styles/addedit.css" />' . "\n";
357 function bm_doContextMenuCode()
361 $blogid = (integer) intGetVar('blogid');
363 echo "<script type=\"text/javascript\" defer=\"defer\">\n";
364 echo " doc = external.menuArguments.document;\n";
365 echo " lt = escape(doc.selection.createRange().text);\n";
366 echo " loglink = escape(external.menuArguments.location.href);\n";
367 echo " loglinktitle = escape(doc.title);\n";
368 echo " wingm = window.open('{$CONF['AdminURL']}bookmarklet.php?blogid={$blogid}&logtext=' + lt + '&loglink=' + loglink + '&loglinktitle=' + loglinktitle, 'nucleusbm', 'scrollbars=yes,width=600,height=500,left=10,top=10,status=yes,resizable=yes')\n";
369 echo " wingm.focus()\n";