5 * Copyright 1999-2001 (c) VA Linux Systems
6 * The rest Copyright 2002-2004 (c) GForge Team
11 * This file is part of GForge.
13 * GForge is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
18 * GForge is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with GForge; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28 require_once('../../env.inc.php');
29 require_once('pre.php');
30 require_once('note.php');
31 require_once('news_admin_utils.php');
32 require_once('www/news/news_utils.php');
33 //common forum tools which are used during the creation/editing of news items
34 require_once('common/forum/Forum.class.php');
35 require_once('common/include/TextSanitizer.class.php'); // to make the HTML input by the user safe to store
37 $group_id = getIntFromRequest('group_id');
38 $post_changes = getStringFromRequest('post_changes');
39 $approve = getStringFromRequest('approve');
40 $status = getIntFromRequest('status');
41 $summary = getStringFromRequest('summary');
42 $details = getStringFromRequest('details');
43 $id = getIntFromRequest('id');
45 if ($group_id && $group_id != $sys_news_group && user_ismember($group_id,'A')) {
46 $status = getIntFromRequest('status');
47 $summary = getStringFromRequest('summary');
48 $details = getStringFromRequest('details');
52 Per-project admin pages.
54 Shows their own news items so they can edit/update.
56 If their news is on the homepage, and they edit, it is removed from
63 Update the db so the item shows on the home page
65 if ($status != 0 && $status != 4) {
66 //may have tampered with HTML to get their item on the home page
70 //foundry stuff - remove this news from the foundry so it has to be re-approved by the admin
71 db_query("DELETE FROM foundry_news WHERE news_id='$id'");
80 $sanitizer = new TextSanitizer();
81 $details = $sanitizer->SanitizeHtml($details);
82 $sql="UPDATE news_bytes SET is_approved='$status', summary='".htmlspecialchars($summary)."', ".
83 "details='".$details."' WHERE id='$id' AND group_id='$group_id'";
84 $result=db_query($sql);
86 if (!$result || db_affected_rows($result) < 1) {
87 $feedback .= _('Error On Update:');
89 $feedback .= _('NewsByte Updated.');
99 news_header(array('title'=>_('News admin')));
106 $sql="SELECT * FROM news_bytes WHERE id='$id' AND group_id='$group_id'";
107 $result=db_query($sql);
108 if (db_numrows($result) < 1) {
109 exit_error(_('Error'), _('NewsByte not found'));
112 $group =& group_get_object($group_id);
116 <h3>'.sprintf(_('Approve a NewsByte For Project: %1$s'), $group->getPublicName()).'</h3>
118 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
119 <input type="hidden" name="group_id" value="'.db_result($result,0,'group_id').'" />
120 <input type="hidden" name="id" value="'.db_result($result,0,'id').'" />';
122 $user =& user_get_object(db_result($result,0,'submitted_by'));
125 <strong>'._('Submitted by').':</strong> '.$user->getRealName().'<br />
126 <input type="hidden" name="approve" value="y" />
127 <input type="hidden" name="post_changes" value="y" />
129 <strong>'._('Status').':</strong><br />
130 <input type="radio" name="status" value="0" checked="checked" /> '._('Displayed').'<br />
131 <input type="radio" name="status" value="4" /> '._('Delete').'<br />
133 <strong>'._('Subject').':</strong><br />
134 <input type="text" name="summary" value="'.db_result($result,0,'summary').'" size="30" maxlength="60"><br />
135 <strong>'._('Details').':</strong>'.notepad_button('document.forms[1].details').'<br />';
137 $params['name'] = 'details';
138 $params['width'] = "600";
139 $params['height'] = "300";
140 $params['group'] = $group_id;
141 $params['body'] = db_result($result,0,'details');
142 plugin_hook("text_editor",$params);
143 if (!$GLOBALS['editor_was_set_up']) {
144 //if we don�t have any plugin for text editor, display a simple textarea edit box
145 echo '<textarea name="details" rows="5" cols="50" wrap="soft">'.db_result($result,0,'details').'</textarea><br />';
147 unset($GLOBALS['editor_was_set_up']);
150 <strong>'.sprintf(_('If this item is on the %1$s home page and you edit it, it will be removed from the home page.'), $GLOBALS['sys_name']).'</strong><br /></p>
151 <input type="submit" name="submit" value="'._('Submit').'" />
156 Show list of waiting news items
159 $sql="SELECT * FROM news_bytes WHERE is_approved <> 4 AND group_id='$group_id'";
160 $result=db_query($sql);
161 $rows=db_numrows($result);
162 $group =& group_get_object($group_id);
166 <h4>'._('No Queued Items Found').': '.$group->getPublicName().'</h4>';
169 <h4>'._('List of News Submitted for Project').': '.$group->getPublicName().'</h4>
171 for ($i=0; $i<$rows; $i++) {
173 <li><a href="'.$GLOBALS['sys_urlprefix'].'/news/admin/?approve=1&id='.db_result($result,$i,'id').'&group_id='.
174 db_result($result,$i,'group_id').'">'.
175 db_result($result,$i,'summary').'</a></li>';
181 news_footer(array());
183 } else if (user_ismember($sys_news_group,'A')) {
186 News uber-user admin pages
188 Show all waiting news items except those already rejected.
190 Admin members of $sys_news_group (news project) can edit/change/approve news items
197 Update the db so the item shows on the home page
199 $sanitizer = new TextSanitizer();
200 $details = $sanitizer->SanitizeHtml($details);
201 $sql="UPDATE news_bytes SET is_approved='1', post_date='".time()."', ".
202 "summary='".htmlspecialchars($summary)."', details='".$details."' WHERE id='$id'";
203 $result=db_query($sql);
204 if (!$result || db_affected_rows($result) < 1) {
205 $feedback .= _('Error On Update:');
207 $feedback .= _('NewsByte Updated.');
209 } else if ($status==2) {
211 Move msg to deleted status
213 $sql="UPDATE news_bytes SET is_approved='2' WHERE id='$id'";
214 $result=db_query($sql);
215 if (!$result || db_affected_rows($result) < 1) {
216 $feedback .= _('Error On Update:');
217 $feedback .= db_error();
219 $feedback .= _('NewsByte Deleted.');
228 } else if (getStringFromRequest('mass_reject')) {
230 Move msg to rejected status
232 $news_id = getArrayFromRequest('news_id');
233 $sql="UPDATE news_bytes "
234 ."SET is_approved='2' "
235 ."WHERE id IN ('".implode("','",$news_id)."')";
236 $result=db_query($sql);
237 if (!$result || db_affected_rows($result) < 1) {
238 $feedback .= _('Error On Update:');
239 $feedback .= db_error();
241 $feedback .= _('NewsBytes Rejected.');
246 news_header(array('title'=>_('News admin')));
253 $sql="SELECT groups.unix_group_name,news_bytes.* ".
254 "FROM news_bytes,groups WHERE id='$id' ".
255 "AND news_bytes.group_id=groups.group_id ";
256 $result=db_query($sql);
257 if (db_numrows($result) < 1) {
258 exit_error(_('Error'), _('NewsByte not found'));
261 $group =& group_get_object(db_result($result,0,'group_id'));
262 $user =& user_get_object(db_result($result,0,'submitted_by'));
265 <h3>'.sprintf(_('Approve a NewsByte For Project: %1$s'), $group->getPublicName()).'</h3>
267 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
268 <input type="hidden" name="for_group" value="'.db_result($result,0,'group_id').'" />
269 <input type="hidden" name="id" value="'.db_result($result,0,'id').'" />
270 <strong>'._('Submitted for group').':</strong> <a href="'.$GLOBALS['sys_urlprefix'].'/projects/'.strtolower(db_result($result,0,'unix_group_name')).'/">'.$group->getPublicName().'</a><br />
271 <strong>'._('Submitted by').':</strong> '.$user->getRealName().'<br />
272 <input type="hidden" name="approve" value="y" />
273 <input type="hidden" name="post_changes" value="y" />
274 <input type="radio" name="status" value="1" /> '._('Approve For Front Page').'<br />
275 <input type="radio" name="status" value="0" /> '._('Do Nothing').'<br />
276 <input type="radio" name="status" value="2" checked="checked" /> '._('Reject').'<br />
277 <strong>'._('Subject').':</strong><br />
278 <input type="text" name="summary" value="'.db_result($result,0,'summary').'" size="30" maxlength="60" /><br />
279 <strong>'._('Details').':</strong><br />';
281 $params['name'] = 'details';
282 $params['width'] = "600";
283 $params['height'] = "300";
284 $params['group'] = db_result($result,0,'group_id');
285 $params['body'] = db_result($result,0,'details');
286 plugin_hook("text_editor",$params);
287 if (!$GLOBALS['editor_was_set_up']) {
288 //if we don�t have any plugin for text editor, display a simple textarea edit box
289 echo '<textarea name="details" rows="5" cols="50" wrap="soft">'.db_result($result,0,'details').'</textarea><br />';
291 unset($GLOBALS['editor_was_set_up']);
295 <input type="submit" name="submit" value="'._('Submit').'" />
301 Show list of waiting news items
304 $old_date = time()-60*60*24*30;
306 SELECT groups.group_id,id,post_date,summary,
307 group_name,unix_group_name
308 FROM news_bytes,groups
310 AND news_bytes.group_id=groups.group_id
311 AND post_date > '$old_date'
312 AND groups.is_public=1
313 AND groups.status='A'
317 $old_date = time()-(60*60*24*7);
319 SELECT groups.group_id,id,post_date,summary,
320 group_name,unix_group_name
321 FROM news_bytes,groups
323 AND news_bytes.group_id=groups.group_id
324 AND post_date > '$old_date'
329 SELECT groups.group_id,id,post_date,summary,
330 group_name,unix_group_name
331 FROM news_bytes,groups
333 AND news_bytes.group_id=groups.group_id
334 AND post_date > '$old_date'
337 show_news_approve_form(
344 news_footer(array());
348 exit_error(_('Permission denied.'),sprintf(_('You have to be an admin on the project you are editing or a member of the %s News team.'), $GLOBALS['sys_name']));
354 // c-file-style: "bsd"