bludit/bl-kernel/admin/controllers/edit-content.php

74 lines
2.4 KiB
PHP
Raw Normal View History

2015-05-05 03:00:01 +02:00
<?php defined('BLUDIT') or die('Bludit CMS.');
2016-01-08 00:43:09 +01:00
// ============================================================================
// Check role
// ============================================================================
2018-07-28 18:33:37 +02:00
if (!checkRole(array('admin','editor'), false)) {
2018-07-17 23:58:01 +02:00
try {
$pageKey = isset($_POST['key']) ? $_POST['key'] : $layout['parameters'];
2018-08-02 17:06:53 +02:00
$page = new Page($pageKey);
2018-07-17 23:58:01 +02:00
} catch (Exception $e) {
Alert::set($L->g('You do not have sufficient permissions'));
2018-07-17 23:58:01 +02:00
Redirect::page('dashboard');
}
if ($page->username()!==$login->username()) {
// Add to syslog
$syslog->add(array(
'dictionaryKey'=>'access-denied',
'notes'=>$login->username()
2018-05-20 21:48:43 +02:00
));
2018-07-17 23:58:01 +02:00
Alert::set($L->g('You do not have sufficient permissions'));
2018-05-20 21:48:43 +02:00
Redirect::page('dashboard');
}
}
2015-05-05 03:00:01 +02:00
// ============================================================================
// Functions
// ============================================================================
2015-08-03 02:49:12 +02:00
// ============================================================================
// Main before POST
// ============================================================================
2015-05-05 03:00:01 +02:00
// ============================================================================
// POST Method
// ============================================================================
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
2018-07-17 23:58:01 +02:00
if ($_POST['type']==='delete') {
2018-07-10 18:37:46 +02:00
if (deletePage($_POST['key'])) {
Alert::set( $L->g('The changes have been saved') );
2017-06-23 00:41:00 +02:00
}
2018-07-10 18:37:46 +02:00
} else {
// If the checkbox is not selected the form doesn't send the field
$_POST['noindex'] = isset($_POST['noindex'])?true:false;
$_POST['nofollow'] = isset($_POST['nofollow'])?true:false;
$_POST['noarchive'] = isset($_POST['noarchive'])?true:false;
2017-06-23 00:41:00 +02:00
$key = editPage($_POST);
2018-07-10 18:37:46 +02:00
if ($key!==false) {
Alert::set( $L->g('The changes have been saved') );
2017-10-02 22:42:18 +02:00
Redirect::page('edit-content/'.$key);
2017-06-23 00:41:00 +02:00
}
2015-05-05 03:00:01 +02:00
}
2017-06-23 00:41:00 +02:00
2017-10-02 22:42:18 +02:00
Redirect::page('content');
2015-05-05 03:00:01 +02:00
}
// ============================================================================
2015-08-03 02:49:12 +02:00
// Main after POST
2015-05-05 03:00:01 +02:00
// ============================================================================
try {
$pageKey = $layout['parameters'];
2018-08-02 17:06:53 +02:00
$page = new Page($pageKey);
$uuid = $page->uuid();
} catch (Exception $e) {
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to get the page: '.$pageKey, LOG_TYPE_ERROR);
2017-10-02 22:42:18 +02:00
Redirect::page('content');
2015-05-05 03:00:01 +02:00
}
// Title of the page
$layout['title'] .= ' - '.$L->g('Edit content').' - '.$page->title();