-
Notifications
You must be signed in to change notification settings - Fork 3
/
create-page.php
119 lines (103 loc) · 4.08 KB
/
create-page.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?php
include_once(__DIR__ . '/inc/init.php');
if (fRequest::isPost()) {
fAuthorization::requireLoggedIn();
try {
$slug = wiki_slugify(fRequest::get('slug'));
$page_title = trim(fRequest::get('title'));
$page_path = '/' . wiki_slugify(trim(fRequest::get('path')));
if (strstr($page_path, '..') || strstr($page_path, '//')) {
throw new fValidationException('There cannot be .. or // in the path');
}
if ($page_path!='/') {
$parent_path = Page::parentPage($page_path);
try {
$parent = new Page(array('path' => $parent_path));
} catch (fNotFoundException $e) {
throw new fValidationException('Please create the parent page first');
}
$user_name = wiki_get_current_user();
if (!$parent->isPermitted($user_name, 'create')) {
throw new fValidationException('You are not permitted to create pages here!');
}
}
$body = fRequest::get('body');
$page_theme = fRequest::get('theme');
$group_bits = array_sum(fRequest::get('group_bits', 'integer[]'));
$other_bits = array_sum(fRequest::get('other_bits', 'integer[]'));
$summary = trim(fRequest::get('summary'));
$groupid = fRequest::get('group');
if (empty($page_title)) {
throw new fValidationException('Title cannot be blank.');
}
if ($group_bits < 0 or $group_bits > 7) {
throw new fValidationException('Invalid group permission bits.');
}
if ($other_bits < 0 or $other_bits > 7) {
throw new fValidationException('Invalid other permission bits.');
}
$theme = new Theme(array('name' => $page_theme));
$submit = fRequest::get('submit');
if ($submit == 'Save page') {
try {
$db->query('BEGIN');
$page = new Page();
$page->setPath($page_path);
$page->setOwnerName(wiki_get_current_user());
$page->setGroupId($groupid);
$page->setPermission($group_bits . $other_bits);
$page->setType(Page::NORMAL);
$page->setCreatedAt(now());
$page->store();
$revision = new Revision();
$revision->setPageId($page->getId());
$revision->setTitle($page_title);
$revision->setBody($body);
$revision->setThemeId($theme->getId());
$revision->setIsMinorEdit(false);
$revision->setEditorName(wiki_get_current_user());
$revision->setCommitMessage($summary);
$revision->setCreatedAt(now());
$revision->store();
$db->query('COMMIT');
fURL::redirect(SITE_BASE . $page->getPath());
} catch (fException $e) {
$db->query('ROLLBACK');
throw $e;
}
} else if ($submit == 'Show preview') {
try {
$db->query('BEGIN');
wiki_clear_previous_previews($db, $page_path, wiki_get_current_user());
$preview = new Preview();
$preview->setPath($page_path);
$preview->setOwnerName(wiki_get_current_user());
$preview->setGroupId($groupid);
$preview->setPermission($group_bits . $other_bits);
$preview->setTitle($page_title);
$preview->setBody($body);
$preview->setThemeId($theme->getId());
$preview->setCreatedAt(now());
$preview->store();
$db->query('COMMIT');
$preview_message = $lang['preview created successfully'] . ' <a target="_blank" href="' . wiki_show_preview_path($preview->getId()) . '">Click here</a>';
fMessaging::create('success', 'new page', $preview_message);
$title = $lang['New Page'];
$theme_path = wiki_theme_path(DEFAULT_THEME);
include wiki_theme(DEFAULT_THEME, 'new-page');
} catch (fException $e) {
$db->query('ROLLBACK');
throw $e;
}
} else {
throw new fValidationException('Invalid submit action.');
}
} catch (fException $e) {
fMessaging::create('failure', 'new page', $e->getMessage());
$title = $lang['New Page'];
$theme_path = wiki_theme_path(DEFAULT_THEME);
include wiki_theme(DEFAULT_THEME, 'new-page');
}
} else {
fURL::redirect(wiki_new_page_path());
}