diff options
Diffstat (limited to 'mod/blog/actions')
| -rw-r--r-- | mod/blog/actions/blog/auto_save_revision.php | 4 | ||||
| -rw-r--r-- | mod/blog/actions/blog/delete.php | 2 | ||||
| -rw-r--r-- | mod/blog/actions/blog/save.php | 70 |
3 files changed, 45 insertions, 31 deletions
diff --git a/mod/blog/actions/blog/auto_save_revision.php b/mod/blog/actions/blog/auto_save_revision.php index 1acf3b31b..e33edfaab 100644 --- a/mod/blog/actions/blog/auto_save_revision.php +++ b/mod/blog/actions/blog/auto_save_revision.php @@ -7,7 +7,7 @@ $guid = get_input('guid'); $user = elgg_get_logged_in_user_entity(); -$title = get_input('title'); +$title = htmlspecialchars(get_input('title', '', false), ENT_QUOTES, 'UTF-8'); $description = get_input('description'); $excerpt = get_input('excerpt'); @@ -63,7 +63,7 @@ if ($title && $description) { if (!$auto_save) { $annotation_id = $blog->annotate('blog_auto_save', $description); } elseif ($auto_save instanceof ElggAnnotation && $auto_save->value != $description) { - $blog->clearAnnotations('blog_auto_save'); + $blog->deleteAnnotations('blog_auto_save'); $annotation_id = $blog->annotate('blog_auto_save', $description); } elseif ($auto_save instanceof ElggAnnotation && $auto_save->value == $description) { // this isn't an error because we have an up to date annotation. diff --git a/mod/blog/actions/blog/delete.php b/mod/blog/actions/blog/delete.php index 6028480ff..ca4eb8a7f 100644 --- a/mod/blog/actions/blog/delete.php +++ b/mod/blog/actions/blog/delete.php @@ -13,7 +13,7 @@ if (elgg_instanceof($blog, 'object', 'blog') && $blog->canEdit()) { if ($blog->delete()) { system_message(elgg_echo('blog:message:deleted_post')); if (elgg_instanceof($container, 'group')) { - forward("blog/group/$container->guid/owner"); + forward("blog/group/$container->guid/all"); } else { forward("blog/owner/$container->username"); } diff --git a/mod/blog/actions/blog/save.php b/mod/blog/actions/blog/save.php index c42845037..82a9e6c51 100644 --- a/mod/blog/actions/blog/save.php +++ b/mod/blog/actions/blog/save.php @@ -2,12 +2,21 @@ /** * Save blog entity * + * Can be called by clicking save button or preview button. If preview button, + * we automatically save as draft. The preview button is only available for + * non-published drafts. + * + * Drafts are saved with the access set to private. + * * @package Blog */ // start a new sticky form session in case of failure elgg_make_sticky_form('blog'); +// save or preview +$save = (bool)get_input('save'); + // store errors to pass along $error = FALSE; $error_forward_url = REFERER; @@ -54,7 +63,11 @@ $required = array('title', 'description'); // load from POST and do sanity and access checking foreach ($values as $name => $default) { - $value = get_input($name, $default); + if ($name === 'title') { + $value = htmlspecialchars(get_input('title', $default, false), ENT_QUOTES, 'UTF-8'); + } else { + $value = get_input($name, $default); + } if (in_array($name, $required) && empty($value)) { $error = elgg_echo("blog:error:missing:$name"); @@ -66,20 +79,13 @@ foreach ($values as $name => $default) { switch ($name) { case 'tags': - if ($value) { - $values[$name] = string_to_tag_array($value); - } else { - unset ($values[$name]); - } + $values[$name] = string_to_tag_array($value); break; case 'excerpt': if ($value) { - $value = elgg_get_excerpt($value); - } else { - $value = elgg_get_excerpt($values['description']); + $values[$name] = elgg_get_excerpt($value); } - $values[$name] = $value; break; case 'container_guid': @@ -95,24 +101,27 @@ foreach ($values as $name => $default) { } break; - // don't try to set the guid - case 'guid': - unset($values['guid']); - break; - default: $values[$name] = $value; break; } } +// if preview, force status to be draft +if ($save == false) { + $values['status'] = 'draft'; +} + +// if draft, set access to private and cache the future access +if ($values['status'] == 'draft') { + $values['future_access'] = $values['access_id']; + $values['access_id'] = ACCESS_PRIVATE; +} + // assign values to the entity, stopping on error. if (!$error) { foreach ($values as $name => $value) { - if (FALSE === ($blog->$name = $value)) { - $error = elgg_echo('blog:error:cannot_save' . "$name=$value"); - break; - } + $blog->$name = $value; } } @@ -123,10 +132,10 @@ if (!$error) { elgg_clear_sticky_form('blog'); // remove autosave draft if exists - $blog->clearAnnotations('blog_auto_save'); + $blog->deleteAnnotations('blog_auto_save'); // no longer a brand new post. - $blog->clearMetadata('new_post'); + $blog->deleteMetadata('new_post'); // if this was an edit, create a revision annotation if (!$new_post && $revision_text) { @@ -136,24 +145,29 @@ if (!$error) { system_message(elgg_echo('blog:message:saved')); $status = $blog->status; - $db_prefix = elgg_get_config('dbprefix'); // add to river if changing status or published, regardless of new post // because we remove it for drafts. if (($new_post || $old_status == 'draft') && $status == 'published') { - add_to_river('river/object/blog/create', 'create', elgg_get_logged_in_user_guid(), $blog->getGUID()); + add_to_river('river/object/blog/create', 'create', $blog->owner_guid, $blog->getGUID()); + // we only want notifications sent when post published + register_notification_object('object', 'blog', elgg_echo('blog:newpost')); + elgg_trigger_event('publish', 'object', $blog); + + // reset the creation time for posts that move from draft to published if ($guid) { $blog->time_created = time(); $blog->save(); } } elseif ($old_status == 'published' && $status == 'draft') { - $q = "DELETE FROM {$db_prefix}river - WHERE object_guid = $blog->guid AND action_type = 'create'"; - delete_data($q); + elgg_delete_river(array( + 'object_guid' => $blog->guid, + 'action_type' => 'create', + )); } - if ($blog->status == 'published') { + if ($blog->status == 'published' || $save == false) { forward($blog->getURL()); } else { forward("blog/edit/$blog->guid"); @@ -165,4 +179,4 @@ if (!$error) { } else { register_error($error); forward($error_forward_url); -}
\ No newline at end of file +} |