5 * Copyright 1999-2001 (c) VA Linux Systems
6 * Copyright 2002-2004 (c) GForge Team
7 * http://fusionforge.org/
9 * This file is part of FusionForge.
11 * FusionForge is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * FusionForge is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with FusionForge; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 require_once('../../env.inc.php');
27 require_once $gfcommon.'include/pre.php';
28 require_once $gfwww.'include/note.php';
29 require_once $gfwww.'news/admin/news_admin_utils.php';
30 require_once $gfwww.'news/news_utils.php';
31 //common forum tools which are used during the creation/editing of news items
32 require_once $gfcommon.'forum/Forum.class.php';
33 require_once $gfcommon.'include/TextSanitizer.class.php'; // to make the HTML input by the user safe to store
35 $group_id = getIntFromRequest('group_id');
36 $post_changes = getStringFromRequest('post_changes');
37 $approve = getStringFromRequest('approve');
38 $status = getIntFromRequest('status');
39 $summary = getStringFromRequest('summary');
40 $details = getStringFromRequest('details');
41 $id = getIntFromRequest('id');
43 $feedback = htmlspecialchars(getStringFromRequest('feedback'));
45 if ($group_id && $group_id != forge_get_config('news_group') && user_ismember($group_id,'A')) {
46 $status = getIntFromRequest('status');
47 $summary = getStringFromRequest('summary');
48 $details = getStringFromRequest('details');
52 Per-project admin pages.
54 Shows their own news items so they can edit/update.
56 If their news is on the homepage, and they edit, it is removed from
63 Update the db so the item shows on the home page
65 if ($status != 0 && $status != 4) {
66 //may have tampered with HTML to get their item on the home page
70 //foundry stuff - remove this news from the foundry so it has to be re-approved by the admin
71 db_query_params ('DELETE FROM foundry_news WHERE news_id=$1',
81 $sanitizer = new TextSanitizer();
82 $details = $sanitizer->SanitizeHtml($details);
83 $result = db_query_params("UPDATE news_bytes SET is_approved=$1, summary=$2,
84 details=$3 WHERE id=$4 AND group_id=$5", array($status, htmlspecialchars($summary), $details, $id, $group_id));
86 if (!$result || db_affected_rows($result) < 1) {
87 $error_msg .= _('Error On Update:');
88 $error_msg .= db_error();
90 $feedback .= _('NewsByte Updated.');
91 // No notification if news is deleted.
93 // send_news_notification_email($id);
103 news_header(array('title'=>_('News admin')));
110 $result=db_query_params("SELECT * FROM news_bytes WHERE id=$1 AND group_id=$2", array($id, $group_id));
111 if (db_numrows($result) < 1) {
112 exit_error(_('NewsByte not found'),'news');
115 $group =& group_get_object($group_id);
119 <h1>'.sprintf(_('Approve a NewsByte For Project: %1$s'), $group->getPublicName()).'</h1>
121 <form id="newsadminform" action="'.getStringFromServer('PHP_SELF').'" method="post">
122 <input type="hidden" name="group_id" value="'.db_result($result,0,'group_id').'" />
123 <input type="hidden" name="id" value="'.db_result($result,0,'id').'" />';
125 $user =& user_get_object(db_result($result,0,'submitted_by'));
128 <strong>'._('Submitted by').':</strong> '.$user->getRealName().'<br />
129 <input type="hidden" name="approve" value="y" />
130 <input type="hidden" name="post_changes" value="y" />
132 <strong>'._('Status').'</strong><br />
133 <input type="radio" name="status" value="0" checked="checked" /> '._('Displayed').'<br />
134 <input type="radio" name="status" value="4" /> '._('Delete').'<br />
136 <strong>'._('Subject').'</strong><br />
137 <input type="text" name="summary" value="'.db_result($result,0,'summary').'" size="30" maxlength="60" /><br />
138 <strong>'._('Details').'</strong>'.notepad_button('document.forms.newsadminform.details').'<br />';
140 $GLOBALS['editor_was_set_up']=false;
142 $params['name'] = 'details';
143 $params['width'] = "600";
144 $params['height'] = "300";
145 $params['group'] = $group_id;
146 $params['body'] = db_result($result,0,'details');
147 plugin_hook("text_editor",$params);
148 if (!$GLOBALS['editor_was_set_up']) {
149 //if we don't have any plugin for text editor, display a simple textarea edit box
150 echo '<textarea name="details" rows="5" cols="50">'.db_result($result,0,'details').'</textarea><br />';
152 unset($GLOBALS['editor_was_set_up']);
155 <strong>'.sprintf(_('If this item is on the %1$s home page and you edit it, it will be removed from the home page.'), forge_get_config ('forge_name')).'</strong><br /></p>
156 <input type="submit" name="submit" value="'._('Submit').'" />
161 Show list of waiting news items
164 $result=db_query_params("SELECT * FROM news_bytes WHERE is_approved <> 4 AND group_id=$1", array($group_id));
165 $rows=db_numrows($result);
166 $group =& group_get_object($group_id);
168 echo '<h1>'._('List of News Submitted for Project').': '.$group->getPublicName().'</h1>';
171 <div class="warning_msg">'._('No Queued Items Found').'</div>';
175 for ($i=0; $i<$rows; $i++) {
177 <li>'.util_make_link ('/news/admin/?approve=1&id='.db_result($result,$i,'id').'&group_id='.db_result($result,$i,'group_id'),db_result($result,$i,'summary')).'</li>';
183 news_footer(array());
185 } else if (forge_check_global_perm ('approve_news')) {
188 News uber-user admin pages
190 Show all waiting news items except those already rejected.
192 Admin members of forge_get_config('news_group') (news project) can edit/change/approve news items
199 Update the db so the item shows on the home page
201 $sanitizer = new TextSanitizer();
202 $details = $sanitizer->SanitizeHtml($details);
203 $result=db_query_params("UPDATE news_bytes SET is_approved='1', post_date=$1,
204 summary=$2, details=$3 WHERE id=$4", array(time(), htmlspecialchars($summary), $details, $id));
205 if (!$result || db_affected_rows($result) < 1) {
206 $error_msg .= _('Error On Update:');
208 $feedback .= _('NewsByte Updated.');
210 } else if ($status==2) {
212 Move msg to deleted status
214 $result=db_query_params("UPDATE news_bytes SET is_approved='2' WHERE id=$1", array($id));
215 if (!$result || db_affected_rows($result) < 1) {
216 $error_msg .= _('Error On Update:');
217 $error_msg .= db_error();
219 $feedback .= _('NewsByte Deleted.');
228 } else if (getStringFromRequest('mass_reject')) {
230 Move msg to rejected status
232 $news_id = getArrayFromRequest('news_id');
233 $result = db_query_params("UPDATE news_bytes
235 WHERE id = ANY($1)",array(db_int_array_to_any_clause($news_id)));
236 if (!$result || db_affected_rows($result) < 1) {
237 $error_msg .= _('Error On Update:');
238 $error_msg .= db_error();
240 $feedback .= _('NewsBytes Rejected.');
245 news_header(array('title'=>_('News admin')));
252 $result=db_query_params("SELECT groups.unix_group_name,groups.group_id,news_bytes.*
253 FROM news_bytes,groups WHERE id=$1
254 AND news_bytes.group_id=groups.group_id ", array($id));
255 if (db_numrows($result) < 1) {
256 exit_error(_('NewsByte not found'),'news');
258 if (db_result($result,0,'is_approved') == 4) {
259 exit_error(_('NewsByte deleted'),'news');
262 $group =& group_get_object(db_result($result,0,'group_id'));
263 $user =& user_get_object(db_result($result,0,'submitted_by'));
266 <h1>'.sprintf(_('Approve a NewsByte For Project: %1$s'), $group->getPublicName()).'</h1>
268 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
269 <input type="hidden" name="for_group" value="'.db_result($result,0,'group_id').'" />
270 <input type="hidden" name="id" value="'.db_result($result,0,'id').'" />
271 <strong>'._('Submitted for group').':</strong> '.
272 util_make_link_g (strtolower(db_result($result,0,'unix_group_name')),db_result($result,0,'group_id'),$group->getPublicName()).'<br />
273 <strong>'._('Submitted by').':</strong> '.$user->getRealName().'<br />
274 <input type="hidden" name="approve" value="y" />
275 <input type="hidden" name="post_changes" value="y" />
276 <input type="radio" name="status" value="1" /> '._('Approve For Front Page').'<br />
277 <input type="radio" name="status" value="0" /> '._('Do Nothing').'<br />
278 <input type="radio" name="status" value="2" checked="checked" /> '._('Reject').'<br />
279 <strong>'._('Subject').':</strong><br />
280 <input type="text" name="summary" value="'.db_result($result,0,'summary').'" size="30" maxlength="60" /><br />
281 <strong>'._('Details').':</strong><br />';
283 $GLOBALS['editor_was_set_up']=false;
285 $params['name'] = 'details';
286 $params['width'] = "600";
287 $params['height'] = "300";
288 $params['group'] = db_result($result,0,'group_id');
289 $params['body'] = db_result($result,0,'details');
290 plugin_hook("text_editor",$params);
291 if (!$GLOBALS['editor_was_set_up']) {
292 //if we don't have any plugin for text editor, display a simple textarea edit box
293 echo '<textarea name="details" rows="5" cols="50">'.db_result($result,0,'details').'</textarea><br />';
295 unset($GLOBALS['editor_was_set_up']);
299 <input type="submit" name="submit" value="'._('Submit').'" />
305 Show list of waiting news items
308 $old_date = time()-60*60*24*30;
309 $qpa_pending = db_construct_qpa (false, 'SELECT groups.group_id,id,post_date,summary,
310 group_name,unix_group_name
311 FROM news_bytes,groups
313 AND news_bytes.group_id=groups.group_id
315 AND groups.is_public=1
317 ORDER BY post_date', array ($old_date, 'A')) ;
319 $old_date = time()-(60*60*24*7);
320 $qpa_rejected = db_construct_qpa (false, 'SELECT groups.group_id,id,post_date,summary,
321 group_name,unix_group_name
322 FROM news_bytes,groups
324 AND news_bytes.group_id=groups.group_id
326 ORDER BY post_date', array ($old_date)) ;
328 $qpa_approved = db_construct_qpa (false, 'SELECT groups.group_id,id,post_date,summary,
329 group_name,unix_group_name
330 FROM news_bytes,groups
332 AND news_bytes.group_id=groups.group_id
334 ORDER BY post_date', array ($old_date)) ;
335 show_news_approve_form(
342 news_footer(array());
346 exit_error(sprintf(_('You have to be an admin on the project you are editing or a member of the %s News team.'), forge_get_config ('forge_name')),'news');
352 // c-file-style: "bsd"