OSI-Certified logo

Source code of file create.php
from the Content Management module for Phprojekt.

<?php
// Content Management System module for PHProjekt (CMS4P).
// Copyright 2002-2005 by Mario A. Valdez-Ramirez
// http://www.mariovaldez.net/

// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, 
// Boston, MA 02111-1307, USA.

// You can contact Mario A. Valdez-Ramirez by email 
// at mario@mariovaldez.org or paper mail at 
// Olmos 809, San Nicolas, NL. 66495, Mexico.

//session_start();
$path_pre="../";
include_once (
$path_pre "cm/cm_anon.inc.php");
$include_path $path_pre "lib/lib.inc.php";
include_once 
$include_path;
include_once (
$path_pre "cm/cm_lib.inc.php");
fcm_load_secdb ($cm_security);
echo 
$cm_html_header;


function 
cm_createdform () {
  global 
$cm_text$cm_docpath$cm_enable_htmledit$cm_enable_visedit;
  global 
$cm_title$cm_directory$cm_path$cm_keywords$cm_abstract$cm_content$cm_uowner$cm_gviewer;
  global 
$cm_enable_rating$cm_enable_comments$cm_logo$cm_short_title$cm_enable_html$cm_enable_priority$cm_enable_contentless;
  global 
$user_kurz$user_group$timezone$groups$cm_langua;
  if (!
$cm_path)
  {
    
$cm_path "/";
  }
  
$cm_pub_date fcm_curdate_string ();
  echo 
"<form class=\"cms\" action=\"create.php\" method=\"post\" id=\"cm_editingform\">";
  echo 
"<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr><td class=\"create1border\"><table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\"><tr><td class=\"create1body\">\n";
  
$cm_authornames fcm_user_names ($user_kurz);
  echo 
"<span class=\"inputname\">{$cm_text["author"]}:</span> <span class=\"pseudoinput\">" fcm_htmlentity ($cm_authornames[1] . " " $cm_authornames[2]) . "</span>&nbsp;
  <span class=\"inputname\">
{$cm_text["creation"]}:</span> <span class=\"pseudoinput\">$cm_pub_date</span>
  <input type=\"hidden\" name=\"cm_pub_date\" value=\"
$cm_pub_date\"><br>
  <input type=\"hidden\" name=\"cm_uauthor\" value=\"
$user_kurz\">
  <span class=\"inputname\">
{$cm_text["owner"]}:</span>";
  if (!
$cm_uowner) { $cm_uowner $user_kurz; }
  echo 
"<select class=\"cms\" name='cm_uowner'>";
  
$result3 db_query("select kurz, vorname, nachname from " CM_PP_PREFIX "users order by upper(nachname)") or db_die();
  while (
$row3 db_fetch_row($result3)) {
    echo 
"<option class=\"cms\" value='$row3[0]'";
    if (
$cm_uowner == $row3[0]) { echo " selected"; }
    echo 
">" fcm_htmlentity ($row3[2] . ", " $row3[1]) . "\n";
  }
  echo 
"</select>&nbsp;";
  echo 
"<span class=\"inputname\">{$cm_text["visibleto"]}:</span>";
  
//$cm_defgroup = fcm_default_group ();
  
$cm_defgroup fcm_get_viewergroup ($cm_path);
  if (!
$cm_gviewer) { $cm_gviewer $cm_defgroup[0]; }
  echo 
"<select class=\"cms\" name='cm_gviewer'>";
  echo 
"<option class=\"cms\" value=''>\n";
  if (
$groups) {
    
$result3 db_query("select kurz, name from " CM_PP_PREFIX "gruppen order by upper(name)") or db_die();
    while (
$row3 db_fetch_row($result3)) {
      echo 
"<option class=\"cms\" value='$row3[0]'";
      if (
$cm_gviewer == $row3[0]) { echo " selected"; }
      echo 
">" fcm_htmlentity ($row3[1]) . "\n";
    }
  }
  echo 
"</select><br>";
  echo 
"<input class=\"cms\" type=\"checkbox\" name=\"cm_enable_rating\" value=\"1\"";
  if (
$cm_enable_rating) { echo "checked";}
  echo 
">&nbsp;<span class=\"inputname\">{$cm_text["enablerating"]}</span>&nbsp;";
  echo 
"<input class=\"cms\" type=\"checkbox\" name=\"cm_enable_comments\" value=\"1\"";
  if (
$cm_enable_comments) { echo "checked";}
  echo 
">&nbsp;<span class=\"inputname\">{$cm_text["enablecomments"]}</span>&nbsp;";
  if (
$cm_enable_htmledit) {
    echo 
"<input class=\"cms\" type=\"checkbox\" name=\"cm_enable_html\" value=\"1\"";
    if (
$cm_enable_html) { echo "checked";}
    echo 
">&nbsp;<span class=\"inputname\">{$cm_text["enablehtml"]}</span>";
  }
  else {
    echo 
"<input type=\"hidden\" name=\"cm_enable_html\" value=\"0\">";
  }

  echo 
"<br><input class=\"cms\" type=\"checkbox\" name=\"cm_enable_contentless\" value=\"1\"";
  if (
$cm_enable_contentless) { echo "checked";}
  echo 
">&nbsp;<span class=\"inputname\">{$cm_text["enablecontentless"]}</span>&nbsp;";
  echo 
"<input class=\"cms\" type=\"checkbox\" name=\"cm_enable_priority\" value=\"1\"";
  if (
$cm_enable_priority) { echo "checked";}
  echo 
">&nbsp;<span class=\"inputname\">{$cm_text["enablepriority"]}</span>&nbsp;";

  echo 
"<br><span class=\"inputname\">{$cm_text["shorttitle"]}:</span>
  <input class=\"cms\" type=\"text\" name=\"cm_short_title\" size=\"20\" maxlength=\"20\" value=\"
$cm_short_title\">";
  echo 
"</td></tr></table></td></tr></table>\n";
  echo 
"<br>
  <span class=\"inputname\">
{$cm_text["title"]}:</span><br>
  <input class=\"cms\" type=\"text\" name=\"cm_title\" size=\"80\" maxlength=\"255\" value=\"
$cm_title\"><br>
  <span class=\"inputname\">
{$cm_text["directory"]}:</span><br>
  <span class=\"pseudoinput\">
$cm_path</span>";
  if (
$cm_path <> "/") { echo "/"; }
  echo 
"<input class=\"cms\" type=\"text\" name=\"cm_directory\" size=\"20\" maxlength=\"255\" value=\"$cm_directory\"><br>";
  echo 
"<span class=\"inputname\">{$cm_text["logoimage"]}:</span><br>
  <input class=\"cms\" type=\"text\" name=\"cm_logo\" size=\"40\" maxlength=\"255\" value=\"
$cm_logo\"><br>";
  echo 
"<input type=\"hidden\" name=\"cm_path\" value=\"$cm_path\"><br>
  <span class=\"inputname\">
{$cm_text["keywords"]}:</span><br>
  <textarea class=\"cms\" cols=\"100\" rows=\"2\" name=\"cm_keywords\">
$cm_keywords</textarea><br>
  <span class=\"inputname\">
{$cm_text["summary"]}:</span><br>
  <textarea class=\"cms\" cols=\"100\" rows=\"2\" name=\"cm_abstract\">
$cm_abstract</textarea><br>
  <span class=\"inputname\">
{$cm_text["content"]}:</span><br>
  <span class=\"pseudoinput\">
{$cm_text["dontusehtml"]} <a class=\"cms\" href=\"$cm_docpath/$cm_langua.edithelp.php\" target=\"_blank\">{$cm_text["awmvariant"]}</a>.</span>\n";

  
fcm_call_htmleditor ("create.php", ($cm_enable_htmledit && $cm_enable_visedit), false);

  echo
"<br>
  <textarea class=\"cms\" cols=\"100\" rows=\"20\" name=\"cm_content\" id=\"cm_content\">
$cm_content</textarea><br>
  <input class=\"cms\" type=\"submit\" name=\"cm_create\" value=\"
{$cm_text["createdoc"]}\">
  <input class=\"cms\" type=\"submit\" name=\"cm_preview\" value=\"
{$cm_text["preview"]}\">
  </form>\n
  "
;
}


//$cm_directory = utf8_decode ($cm_directory);
$cm_directory fcm_remove_accents ($cm_directory);
$cm_directory str_replace (" ""_"$cm_directory);
$cm_directory ereg_replace("[^[:alnum:]_]"""$cm_directory);
$cm_directory strtolower ($cm_directory);
$cm_fullpath $cm_path "/" $cm_directory;
$cm_fullpath str_replace ("//""/"$cm_fullpath);
$cm_fullpath strtolower ($cm_fullpath);
$cm_fullpath substr ($cm_fullpath0255);
$cm_directory substr ($cm_fullpath, (strrpos ($cm_fullpath"/") + 1), strlen ($cm_fullpath));



if ((
strlen ($cm_fullpath) > 1) && (substr ($cm_fullpath, -1) ==   "/")) {
  
$cm_fp substr ($cm_fullpath0, -1);
}
else {
  
$cm_fp $cm_fullpath;
}
$result1 db_query("select cmdb_title, cmdb_directory, cmdb_content, cmdb_type from " CM_DB_PREFIX "content3 where cmdb_directory like '$cm_fp' and cmdb_type like '%" CM_HITTYPE_PAGE "%'") or db_die();
$row1 db_fetch_row($result1);
if (((
$cm_fullpath == "/") || ($row1[1] <> "")) && (($cm_create) || ($cm_preview))) {
  if (
fcm_check_constraints (CM_SEC_CREATE$user_kurz$cm_path)) {
    
$cm_validops fcm_check_validops ($user_kurz$cm_path);
    
fcm_title_nav2 ($cm_pathfalsefalsefalse$cm_validops[CM_SEC_DISPLA], falsefalsefcm_user_is_superuser($user_kurz), false);
    
fcm_message ($cm_text["direxist_tryagain"], CM_MSGSTYLE_ERROR);
//    if (get_magic_quotes_gpc ()) {
      
$cm_short_title stripslashes ($cm_short_title);
      
$cm_title stripslashes ($cm_title);
      
$cm_keywords stripslashes ($cm_keywords);
      
$cm_abstract stripslashes ($cm_abstract);
      
$cm_content stripslashes ($cm_content);
      
$cm_logo stripslashes ($cm_logo);
//    }
    
$cm_logo ereg_replace("[^[:alnum:]_\.-]"""$cm_logo);
    
cm_createdform ();
    
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when creating page. Dir already exist.");
  }
  else {
    
fcm_title_nav2 (""falsefalsefalsefalsefalsefalsefalse);
    
fcm_message ($cm_text["needaccess2create"], CM_MSGSTYLE_WARNING);
    
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when creating page. Not enough permissions.");
  }
}
else {
  if (
fcm_check_constraints (CM_SEC_CREATE$user_kurz$cm_path)) {
    if (!
$cm_create) {
      
$cm_validops fcm_check_validops ($user_kurz$cm_path);
      
fcm_title_nav2 ($cm_pathfalsefalsefalse$cm_validops[CM_SEC_DISPLA], falsefalsefcm_user_is_superuser($user_kurz), false);
//      if (get_magic_quotes_gpc ()) {
        
$cm_short_title stripslashes ($cm_short_title);
        
$cm_title stripslashes ($cm_title);
        
$cm_keywords stripslashes ($cm_keywords);
        
$cm_abstract stripslashes ($cm_abstract);
        
$cm_content stripslashes ($cm_content);
        
$cm_logo stripslashes ($cm_logo);
//      }
      
$cm_logo ereg_replace("[^[:alnum:]_\.-]"""$cm_logo);
      
cm_createdform ();
      
$cm_enable_html abs ($cm_enable_html);
      echo 
"<p>&nbsp;</p><TABLE BORDER=\"1\" CELLPADDING=\"5\" CELLSPACING=\"0\"><TR><TD class=\"previewcontent\">";
      if (
abs ($cm_enable_contentless) != 1) {
        if (
$cm_enable_html) {
          if (
$cm_enable_htmledit) {
            echo 
fcm_process_markup (fcm_secure_html (fcm_decode_htmlfull ($cm_content)), $cm_fullpathtrue);
          }
          else {
            echo 
fcm_process_markup (fcm_htmlentity (fcm_decode_html ($cm_content)), $cm_pathfalse);
          }
        }
        else {
          echo 
fcm_process_markup (fcm_htmlentity ($cm_content), $cm_fullpathfalse);
        }
      }
      echo 
"</TD></TR></TABLE>";
    }
    else {
      if (@
mkdir ($cm_mainroot $cm_fullpath0777)) {
        
$cm_pppos strrpos ($cm_fullpath"/");
        if (
$cm_pppos == 0) {
          
$cm_parentpath "/";
        }
        else {
          
$cm_parentpath substr ($cm_fullpath0$cm_pppos);
        }
        
$cm_enable_rating abs ($cm_enable_rating);
        
$cm_enable_comments abs ($cm_enable_comments);
        
$cm_enable_html abs ($cm_enable_html);
        if (
abs ($cm_enable_contentless) == 1) {
          
$cm_enable_contentless CM_HITTYPE_CONTENTLESS;
        }
        else {
          
$cm_enable_contentless "";
        };
        if (
abs ($cm_enable_priority) == 1) {
          
$cm_enable_priority CM_HITTYPE_ANNOUNCE;
        }
        else {
          
$cm_enable_priority "";
        };
        
$cm_logo ereg_replace("[^[:alnum:]_\.-]"""$cm_logo);
        if (
$cm_short_title) {
          
$cm_short_title fcm_truncate_string (fcm_htmlentity ($cm_short_title), 20);
        }
        if (
$cm_title) {
          
$cm_title fcm_truncate_string (fcm_htmlentity ($cm_title), 255);
        }
        else {
          
$cm_title fcm_truncate_string (fcm_unspecialchars ($cm_text["untitled"]), 255);
        }
        
$cm_keywords fcm_htmlentity ($cm_keywords);
        
$cm_abstract fcm_htmlentity ($cm_abstract);
        if (
$cm_content) {
          if ((
$cm_enable_html) && ($cm_enable_htmledit)) {
            
$cm_content fcm_recode_URIs ($cm_content$cm_path" href=\\\"");
            
$cm_content fcm_recode_URIs ($cm_content$cm_path" src=\\\"");
            
$cm_content fcm_htmlentity (fcm_recode_html ($cm_content));
          }
          else {
            
$cm_content fcm_htmlentity ($cm_content);
          }
        }
        else {
          
$cm_content fcm_htmlentity (CM_DEFAULT_MARKUP);
        }
        
$cm_pub_date fcm_curdate_string ();
        
$result2 db_query("insert into " CM_DB_PREFIX "content3 values($dbIDnull,'" CM_HITTYPE_PAGE $cm_enable_contentless $cm_enable_priority "','$cm_fullpath','$cm_parentpath','$cm_title','$user_kurz',null,'$cm_uowner',null,null,'$cm_gviewer',null,null,'$cm_pub_date','$cm_pub_date','$cm_keywords','$cm_abstract','$cm_content',$cm_enable_rating,$cm_enable_comments,'$cm_short_title','$cm_logo',1,'', $cm_enable_html)") or db_die();
        
$cm_validops fcm_check_validops ($user_kurz$cm_fullpath);
        
fcm_title_nav2 ($cm_fullpath$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], falsefalsefcm_user_is_superuser($user_kurz), false);
        
fcm_message ("{$cm_text["doccreatedin"]} $cm_fullpath."CM_MSGSTYLE_INFORMATION);
        
fcm_add_logentry (""$user_kurzCM_APPLOG_ADD_PAGE"Creating page $cm_fullpath.");
      }
      else {
        
$cm_validops fcm_check_validops ($user_kurz$cm_path);
        
fcm_title_nav2 ($cm_path$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], falsefalsefcm_user_is_superuser($user_kurz), false);
        
fcm_message ($cm_text["errorcreatingdir"], CM_MSGSTYLE_ERROR);
        
cm_createdform ();
        
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when creating page. Error creating dir.");        
      }
    }
  }
  else {
    
fcm_title_nav2 (""falsefalsefalsefalsefalsefalsefalse);
    
fcm_message ($cm_text["needaccess2create"], CM_MSGSTYLE_WARNING);
    
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when creating page. Not enough permissions.");
  }
}


echo 
$cm_html_footer;
?>

 
 
NA fum/lmd: 2004.09.16
Copyright ©1994-2018 by Mario A. Valdez-Ramírez.
no siga este enlace / do not follow this link