}
$summary = getStringFromRequest('summary');
-$details = getStringFromRequest('details');
+$details = getHtmlTextFromRequest('details');
+
if (session_loggedin()) {
- if (!user_ismember($group_id,'A')) {
+ if (!forge_check_perm('project_admin', $group_id)) {
exit_permission_denied(_('You cannot submit news for a project unless you are an admin on that project'),'home');
}
//check to make sure both fields are there
if ($summary && $details) {
- if (getStringFromRequest('_details_content_type') == 'html') {
- $details = TextSanitizer::purify($details);
- } else {
- $details = htmlspecialchars($details);
- }
-
/*
create a new discussion forum without a default msg
if one isn't already there
*/
-
+
db_begin();
$f = new Forum($group, false, false, true);
if (!$f->create(preg_replace('/[^_\.0-9a-z-]/','-', strtolower($summary)),$details,1,'',0,0)) {
}
$group->normalizeAllRoles();
$new_id=$f->getID();
- $sql='INSERT INTO news_bytes (group_id,submitted_by,is_approved,post_date,forum_id,summary,details)
+ $sql='INSERT INTO news_bytes (group_id,submitted_by,is_approved,post_date,forum_id,summary,details)
VALUES ($1, $2, $3, $4, $5, $6, $7)';
$result=db_query_params($sql,
- array($group_id, user_getid(), 0, time(), $new_id, htmlspecialchars($summary), $details));
+ array($group_id, user_getid(), 0, time(), $new_id, htmlspecialchars($summary), $details));
if (!$result) {
db_rollback();
form_release_key(getStringFromRequest('form_key'));
}
}
- //news must now be submitted from a project page -
+ //news must now be submitted from a project page -
if (!$group_id) {
exit_no_group();
echo '
<p>
- '. sprintf(_('You can post news about your project if you are an admin on your project. You may also post "help wanted" notes if your project needs help.</p><p>All posts <b>for your project</b> will appear instantly on your project summary page. Posts that are of special interest to the community will have to be approved by a member of the %1$s news team before they will appear on the %1$s home page.</p><p>You may include URLs, but not HTML in your submissions.</p><p>URLs that start with http:// are made clickable.'), forge_get_config ('forge_name')) .'</p>' . $jsfunc .
+ '. sprintf(_('You can post news about your project if you are an admin on your project. You may also post "help wanted" notes if your project needs help.</p><p>All posts <b>for your project</b> will appear instantly on your project summary page. Posts that are of special interest to the community will have to be approved by a member of the %1$s news team before they will appear on the %1$s home page.</p><p>You may include URLs, but not HTML in your submissions.</p><p>URLs that start with http:// are made clickable.'), forge_get_config ('forge_name')) .'</p>' . $jsfunc .
'
<form id="newssubmitform" action="'.getStringFromServer('PHP_SELF').'" method="post">
<input type="hidden" name="group_id" value="'.$group_id.'" />
<p><strong>'._('For project').' '.$group->getPublicName().'</strong></p>
<p>
<strong>'._('Subject').':</strong>'.utils_requiredField().'<br />
- <input type="text" name="summary" value="'.$summary.'" size="60" maxlength="60" /></p>
+ <input required="required" type="text" name="summary" value="'.$summary.'" size="60" maxlength="60" /></p>
<p>
<strong>'._('Details').':</strong>'.notepad_button('document.forms.newssubmitform.details').utils_requiredField().'</p>';
-
- $GLOBALS['editor_was_set_up']=false;
+
$params = array() ;
$params['name'] = 'details';
$params['width'] = "800";
$params['height'] = "500";
$params['body'] = $details;
$params['group'] = $group_id;
- plugin_hook("text_editor",$params);
- if (!$GLOBALS['editor_was_set_up']) {
- //if we don't have any plugin for text editor, display a simple textarea edit box
- echo '<textarea name="details" rows="5" cols="50">'.$details.'</textarea><br />';
- }
- unset($GLOBALS['editor_was_set_up']);
+ $params['content'] = '<textarea name="details" rows="5" cols="50">'.$details.'</textarea>';
+ plugin_hook_by_reference("text_editor",$params);
+
+ echo $params['content'].'<br />';
echo '<div><input type="submit" name="submit" value="'._('Submit').'" />
</div></form>';
projects / fusionforge / fusionforge.git / blobdiff