Title: Entry Editor Plugin: Starburst-Blog

Entry Editor

Subject:

Message:

Avatar:

Categories:

Comma-separated list, e.g.: General, HTML, Perl, Web Design

Privacy:

Options:

Time Stamp:
/ / @ : :
mm/dd/yyyy @ hh:mm:ss

my $action = $query->{action} || 'index'; # Load the blog config. $root->{blogcfg} = &readConfig('blog.conf') unless exists $root->{blogcfg}; if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to access this page!\n\n" . ""; return 1; } # Are we authorized? my $level = &getBlogPermissions(); if ($level !~ /^(authors|publishers)$/i) { $root->{content} = "

Access Denied

\n\n" . "Only authors and publishers can access this page."; return 1; } if ($action eq 'index') { # Read the list of avatars. my @av = (); opendir (DIR, "$root->{conf}->{site}->{public}/avatars"); foreach my $img (sort(grep(/\.(png|jpg|jpeg|gif)$/i, readdir(DIR)))) { push (@av,""); } closedir (DIR); my $avList = join("\n",@av); $root->{content} =~ s~%avatars%~$avList~ig; my $id = $query->{id} || ''; if (length $id > 0) { if (&entryExists($id)) { my $info = &readEntry($id); if (!exists $root->{users}->{$info->{author}}) { &readUser($info->{author}); } # Allowed to edit this page? if ($root->{me} ne $info->{author}) { if ($level ne 'authors') { $root->{content} = "

Access Denied

\n\n" . "You are not allowed to edit this user's entry."; return 1; } } $root->{content} =~ s~%id%~$id~ig; $root->{content} =~ s~%(subject|body|categories|author)%~$info->{$1}~ig; $root->{content} =~ s~%curavatar%~$info->{avatar}~ig; $root->{content} =~ s~%curprivacy%~$info->{privacy}~ig; my ($sec,$min,$hour,$day,$mon,$year,$wday,$yday,$isdst) = localtime ($info->{time}); $mon++; # Use 1..12 $year += 1900; # Adjust the year $mon = '0' . $mon until length $mon == 2; $day = '0' . $day until length $day == 2; $hour = '0' . $hour until length $hour == 2; $min = '0' . $min until length $min == 2; $sec = '0' . $sec until length $sec == 2; $root->{content} =~ s~%mon%~$mon~ig; $root->{content} =~ s~%day%~$day~ig; $root->{content} =~ s~%year%~$year~ig; $root->{content} =~ s~%hour%~$hour~ig; $root->{content} =~ s~%min%~$min~ig; $root->{content} =~ s~%sec%~$sec~ig; $root->{content} =~ s~%autotime%~~ig; if ($info->{noemote}) { $root->{content} =~ s~%ckemoticons%~ checked~ig; } if ($info->{noreply}) { $root->{content} =~ s~%ckcomments%~ checked~ig; } $root->{content} =~ s~%(ckemoticons|ckcomments)%~~ig; } else { $root->{content} = "

Entry Not Found

\n\n" . "That entry doesn't exist."; } } else { # Posting a new entry. my $mon = time_format('mm{on}'); my $day = time_format('dd'); my $year = time_format('yyyy'); my $hour = time_format('hh'); my $min = time_format('mm{in}'); my $sec = time_format('ss'); $root->{content} =~ s~%(id|subject|body|time|ckemoticons|ckcomments)%~~ig; $root->{content} =~ s~%curavatar%~default.png~ig; $root->{content} =~ s~%curprivacy%~$root->{blogcfg}->{blog}->{defprivacy}~ig; $root->{content} =~ s~%categories%~$root->{blogcfg}->{blog}->{defcategory}~ig; $root->{content} =~ s~%author%~$root->{me}~ig; $root->{content} =~ s~%mon%~$mon~ig; $root->{content} =~ s~%day%~$day~ig; $root->{content} =~ s~%year%~$year~ig; $root->{content} =~ s~%hour%~$hour~ig; $root->{content} =~ s~%min%~$min~ig; $root->{content} =~ s~%sec%~$sec~ig; $root->{content} =~ s~%autotime%~ checked~ig; } } elsif ($action eq 'save') { # Publishing a blog entry. my $id = $query->{id} || ''; my $author = $query->{author} || $root->{me}; my $subject = $query->{subject} || ''; my $body = $query->{body} || ''; my $avatar = $query->{avatar} || 'default.png'; my $cat = $query->{categories} || $root->{blogcfg}->{blog}->{defcategory}; my $privacy = $query->{privacy} || $root->{blogcfg}->{blog}->{defprivacy}; my $emote = $query->{emoticons} || ''; # or hide my $reply = $query->{comments} || ''; # or hide my $month = $query->{month} || ''; my $day = $query->{day} || ''; my $year = $query->{year} || ''; my $hour = $query->{hour} || ''; my $min = $query->{min} || ''; my $sec = $query->{sec} || ''; # Validate the times. if ($month =~ /[^0-9]/ || ($month < 1 || $month > 12)) { $month = time_format('mm{on}'); } if ($day =~ /[^0-9]/ || ($day < 1 || $day > 31)) { $day = time_format('dd'); } if ($year =~ /[^0-9]/ || length $year != 4) { $year = time_format('yyyy'); } if ($hour =~ /[^0-9]/ || ($hour < 0 || $hour > 59)) { $hour = time_format('hh'); } if ($min =~ /[^0-9]/ || ($min < 0 || $min > 59)) { $min = time_format('mm{in}'); } if ($sec =~ /[^0-9]/ || ($sec < 0 || $sec > 59)) { $sec = time_format('ss'); } # Convert the times back into 'localtime'esque values. $month--; # 1..12 --> 0..11 $year -= 1900; # Reset the year -1900 # Calculate the epoch time. use Time::Local; my $stamp = Time::Local::timelocal ($sec,$min,$hour,$day,$month,$year); my @errors = (); # Editing an existing entry? if (&entryExists($id)) { my $info = &readEntry($id); if (!exists $root->{users}->{$info->{author}}) { &readUser($info->{author}); } # Allowed to edit this page? if ($root->{me} ne $info->{author}) { if ($level ne 'authors') { $root->{content} = "

Access Denied

\n\n" . "You are not allowed to edit this user's entry."; return 1; } } } else { # Generate a new ID. $id = &entryNewId(); } # Validate. if (length $body == 0) { push (@errors,"Your entry needs a body!"); } if (scalar(@errors)) { $root->{content} = "

Can't Post Entry!

\n\n" . "Your entry can't be published due to the following error(s):\n\n" . ""; } else { # Publish this entry. &writeEntry ($id, subject => $subject, author => $author, avatar => $avatar, categories => $cat, privacy => $privacy, noemote => ($emote eq 'hide' ? 1 : 0), noreply => ($reply eq 'hide' ? 1 : 0), time => $stamp, ip => $ENV{REMOTE_ADDR}, body => $body, ); &compileTags(); $root->{content} = "

Entry Posted

\n\n" . "The blog entry has been published. View " . "this entry."; } } elsif ($action eq 'delete') { my $id = $query->{id} || ''; if (&entryExists($id)) { my $info = &readEntry($id); if (!exists $root->{users}->{$info->{author}}) { &readUser($root->{users}->{$info->{author}}); } # Allowed to edit this page? if ($root->{me} ne $info->{author}) { if ($level ne 'authors') { $root->{content} = "

Access Denied

\n\n" . "You are not allowed to edit this user's entry."; return 1; } } my $verify = md5_hex ($info->{time}); $root->{content} = "

Delete Entry?

\n\n" . "Are you sure you want to delete this entry?

\n\n" . "[" . "Yes, Delete This]"; } else { $root->{content} = "

Missing Entry

\n\n" . "That entry doesn't exist."; } } elsif ($action eq 'unlink') { my $id = $query->{id} || ''; my $verify = $query->{verify}; if (&entryExists($id)) { my $info = &readEntry($id); if (!exists $root->{users}->{$info->{author}}) { &readUser($root->{users}->{$info->{author}}); } # Allowed to edit this page? if ($root->{me} ne $info->{author}) { if ($level ne 'authors') { $root->{content} = "

Access Denied

\n\n" . "You are not allowed to edit this user's entry."; return 1; } } my $hash = md5_hex ($info->{time}); if ($verify eq $hash) { &deleteEntry($id); &compileTags(); $root->{content} = "

Entry Deleted

\n\n" . "The entry has been deleted."; } else { $root->{content} = "

Verification Failed

\n\n" . "Please try again later."; } } else { $root->{content} = "

Missing Entry

\n\n" . "That entry doesn't exist."; } }