Gazelle/sections/wiki/takeedit.php

75 lines
1.9 KiB
PHP
Raw Permalink Normal View History

2011-03-28 14:21:28 +00:00
<?
authorize();
2013-12-24 08:00:55 +00:00
if (!isset($_POST['id']) || !is_number($_POST['id'])) {
2013-04-20 08:01:01 +00:00
error(0);
}
2013-12-24 08:00:55 +00:00
$ArticleID = (int)$_POST['id'];
include(SERVER_ROOT.'/classes/validate.class.php');
$Val = new VALIDATE;
2013-11-05 08:01:12 +00:00
$Val->SetFields('title', '1', 'string', 'The title must be between 3 and 100 characters', array('maxlength' => 100, 'minlength' => 3));
2011-03-28 14:21:28 +00:00
$Err = $Val->ValidateForm($_POST);
2013-04-20 08:01:01 +00:00
if ($Err) {
2011-03-28 14:21:28 +00:00
error($Err);
}
2013-04-20 08:01:01 +00:00
$P = array();
$P = db_array($_POST);
2011-03-28 14:21:28 +00:00
2013-12-24 08:00:55 +00:00
$Article = Wiki::get_article($ArticleID);
list($OldRevision, $OldTitle, $OldBody, $CurRead, $CurEdit, $OldDate, $OldAuthor) = array_shift($Article);
2013-04-20 08:01:01 +00:00
if ($CurEdit > $LoggedUser['EffectiveClass']) {
error(403);
}
2011-03-28 14:21:28 +00:00
2013-04-20 08:01:01 +00:00
if (check_perms('admin_manage_wiki')) {
2011-03-28 14:21:28 +00:00
$Read=$_POST['minclassread'];
$Edit=$_POST['minclassedit'];
2013-04-20 08:01:01 +00:00
if (!is_number($Read)) {
error(0); //int?
}
if (!is_number($Edit)) {
error(0);
}
if ($Edit > $LoggedUser['EffectiveClass']) {
error('You can\'t restrict articles above your own level.');
}
if ($Edit < $Read) {
$Edit = $Read; //Human error fix.
}
2011-03-28 14:21:28 +00:00
}
2013-04-20 08:01:01 +00:00
$MyRevision = $_POST['revision'];
2013-12-24 08:00:55 +00:00
if ($MyRevision != $OldRevision) {
2013-04-20 08:01:01 +00:00
error('This article has already been modified from its original version.');
}
2011-03-28 14:21:28 +00:00
2013-12-24 08:00:55 +00:00
// Store previous revision
2013-11-05 08:01:12 +00:00
$DB->query("
INSERT INTO wiki_revisions
(ID, Revision, Title, Body, Date, Author)
VALUES
2013-12-24 08:00:55 +00:00
('".db_string($ArticleID)."', '".db_string($OldRevision)."', '".db_string($OldTitle)."', '".db_string($OldBody)."', '".db_string($OldDate)."', '".db_string($OldAuthor)."')");
// Update wiki entry
2013-11-05 08:01:12 +00:00
$SQL = "
UPDATE wiki_articles
SET
2013-12-24 08:00:55 +00:00
Revision = '".db_string($OldRevision + 1)."',
2013-11-05 08:01:12 +00:00
Title = '$P[title]',
Body = '$P[body]',";
2013-04-20 08:01:01 +00:00
if ($Read && $Edit) {
2013-11-05 08:01:12 +00:00
$SQL .= "
MinClassRead = '$Read',
MinClassEdit = '$Edit',";
2011-03-28 14:21:28 +00:00
}
2013-11-05 08:01:12 +00:00
$SQL .= "
Date = '".sqltime()."',
Author = '$LoggedUser[ID]'
WHERE ID = '$P[id]'";
2011-03-28 14:21:28 +00:00
$DB->query($SQL);
2013-12-24 08:00:55 +00:00
Wiki::flush_article($ArticleID);
2013-11-05 08:01:12 +00:00
header("Location: wiki.php?action=article&id=$ArticleID");