\s
$)", "", $_POST['blog_blog'])), 'blog_extended' => addslash(preg_replace("(^\s
$)", "", $_POST['blog_extended'])), 'blog_keywords' => form_sanitizer($_POST['blog_keywords'], '', 'blog_keywords'), 'blog_datestamp' => form_sanitizer($_POST['blog_datestamp'], time(), 'blog_datestamp'), 'blog_start' => form_sanitizer($_POST['blog_start'], 0, 'blog_start'), 'blog_end' => form_sanitizer($_POST['blog_end'], 0, 'blog_end'), 'blog_visibility' => form_sanitizer($_POST['blog_visibility'], 0, 'blog_visibility'), 'blog_draft' => isset($_POST['blog_draft']) ? "1" : "0", 'blog_sticky' => isset($_POST['blog_sticky']) ? "1" : "0", 'blog_allow_comments' => 0, 'blog_allow_ratings' => 0, 'blog_language' => form_sanitizer($_POST['blog_language'], '', 'blog_language') ]; if (isset($_FILES['blog_image'])) { // when files is uploaded. $upload = form_sanitizer($_FILES['blog_image'], '', 'blog_image'); if (!empty($upload) && !$upload['error']) { $data['blog_image'] = $upload['image_name']; $data['blog_image_t1'] = $upload['thumb1_name']; $data['blog_image_t2'] = $upload['thumb2_name']; $data['blog_ialign'] = (isset($_POST['blog_ialign']) ? form_sanitizer($_POST['blog_ialign'], "pull-left", "blog_ialign") : "pull-left"); } } else { // when files not uploaded. but there should be exist check. $data['blog_image'] = (isset($_POST['blog_image']) ? $_POST['blog_image'] : ""); $data['blog_image_t1'] = (isset($_POST['blog_image_t1']) ? $_POST['blog_image_t1'] : ""); $data['blog_image_t2'] = (isset($_POST['blog_image_t2']) ? $_POST['blog_image_t2'] : ""); $data['blog_ialign'] = (isset($_POST['blog_ialign']) ? form_sanitizer($_POST['blog_ialign'], "pull-left", "blog_ialign") : "pull-left"); } if (fusion_get_settings('tinymce_enabled') != 1) { $data['blog_breaks'] = isset($_POST['line_breaks']) ? "y" : "n"; } else { $data['blog_breaks'] = "n"; } if ($data['blog_sticky'] == "1") { $result = dbquery("UPDATE ".DB_BLOG." SET blog_sticky='0' WHERE blog_sticky='1'"); } // reset other sticky // delete image if checkbox ticked if (isset($_POST['del_image'])) { if (!empty($data['blog_image']) && file_exists(IMAGES_B.$data['blog_image'])) { unlink(IMAGES_B.$data['blog_image']); } if (!empty($data['blog_image_t1']) && file_exists(IMAGES_B_T.$data['blog_image_t1'])) { unlink(IMAGES_B_T.$data['blog_image_t1']); } if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T.$data['blog_image_t2'])) { unlink(IMAGES_B_T.$data['blog_image_t2']); } $data['blog_image'] = ""; $data['blog_image_t1'] = ""; $data['blog_image_t2'] = ""; } if (defender::safe()) { dbquery_insert(DB_BLOG, $data, "save"); $result = dbquery("DELETE FROM ".DB_SUBMISSIONS." WHERE submit_id='".$_GET['submit_id']."'"); if ($data['blog_draft']) { addNotice("success", $locale['blog_0147']); } else { addNotice("success", $locale['blog_0146']); } redirect(clean_request("", ["submit_id"], FALSE)); } } else { redirect(clean_request("", ["submit_id"], FALSE)); } } else if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) { $result = dbquery(" SELECT ts.submit_datestamp, ts.submit_criteria FROM ".DB_SUBMISSIONS." ts WHERE submit_type='b' and submit_id='".intval($_GET['submit_id'])."' "); if (dbrows($result) > 0) { $data = dbarray($result); $submit_criteria = unserialize($data['submit_criteria']); if (!empty($submit_criteria['blog_image']) && file_exists(IMAGES_B.$submit_criteria['blog_image'])) { unlink(IMAGES_B.$submit_criteria['blog_image']); } if (!empty($submit_criteria['blog_image_t1']) && file_exists(IMAGES_B_T.$submit_criteria['blog_image_t1'])) { unlink(IMAGES_B_T.$submit_criteria['blog_image_t1']); } if (!empty($submit_criteria['blog_image_t2']) && file_exists(IMAGES_B_T.$submit_criteria['blog_image_t2'])) { unlink(IMAGES_B_T.$submit_criteria['blog_image_t2']); } $result = dbquery("DELETE FROM ".DB_SUBMISSIONS." WHERE submit_id='".intval($_GET['submit_id'])."'"); addNotice("success", $locale['blog_0145']); } redirect(clean_request("", ["submit_id"], FALSE)); } else { $result = dbquery("SELECT ts.submit_datestamp, ts.submit_criteria, tu.user_id, tu.user_name, tu.user_avatar, tu.user_status FROM ".DB_SUBMISSIONS." ts LEFT JOIN ".DB_USERS." tu ON ts.submit_user=tu.user_id WHERE submit_type='b' order by submit_datestamp desc"); if (dbrows($result) > 0) { $data = dbarray($result); $submit_criteria = unserialize($data['submit_criteria']); $callback_data = [ "blog_start" => $data['submit_datestamp'], "blog_datestamp" => $data['submit_datestamp'], "blog_keywords" => $submit_criteria['blog_keywords'], "blog_visibility" => 0, "blog_image" => $submit_criteria['blog_image'], "blog_image_t1" => $submit_criteria['blog_image_t1'], "blog_image_t2" => $submit_criteria['blog_image_t2'], "blog_ialign" => $submit_criteria['blog_ialign'], "blog_end" => "", "blog_draft" => 0, "blog_sticky" => 0, "blog_language" => $submit_criteria['blog_language'], "blog_subject" => $submit_criteria['blog_subject'], "blog_cat" => $submit_criteria['blog_cat'], "blog_blog" => phpentities(stripslashes($submit_criteria['blog_blog'])), "blog_extended" => phpentities(stripslashes($submit_criteria['blog_body'])), "blog_breaks" => fusion_get_settings("tinyce_enabled") ? TRUE : FALSE, ]; add_to_title($locale['global_200'].$locale['global_201'].$callback_data['blog_subject']."?"); if (isset($_POST['preview'])) { $blog_blog = ""; if ($_POST['blog_blog']) { $blog_blog = phpentities(stripslash($_POST['blog_blog'])); $blog_blog = str_replace("src='".str_replace("../", "", IMAGES_B), "src='".IMAGES_B, stripslash($_POST['blog_blog'])); } $blog_extended = ""; if ($_POST['blog_extended']) { $blog_extended = phpentities(stripslash($_POST['blog_extended'])); $blog_extended = str_replace("src='".str_replace("../", "", IMAGES_B), "src='".IMAGES_B, stripslash($_POST['blog_extended'])); } $callback_data = [ "blog_subject" => form_sanitizer($_POST['blog_subject'], '', 'blog_subject'), "blog_cat" => isnum($_POST['blog_cat']) ? $_POST['blog_cat'] : 0, "blog_language" => form_sanitizer($_POST['blog_language'], '', 'blog_language'), "blog_blog" => form_sanitizer($blog_blog, "", "blog_blog"), "blog_extended" => form_sanitizer($blog_extended, "", "blog_extended"), "blog_keywords" => form_sanitizer($_POST['blog_keywords'], '', 'blog_keywords'), "blog_start" => (isset($_POST['blog_start']) && $_POST['blog_start']) ? $_POST['blog_start'] : '', "blog_end" => (isset($_POST['blog_end']) && $_POST['blog_end']) ? $_POST['blog_end'] : '', "blog_visibility" => isnum($_POST['blog_visibility']) ? $_POST['blog_visibility'] : "0", "blog_draft" => isset($_POST['blog_draft']) ? TRUE : FALSE, "blog_sticky" => isset($_POST['blog_sticky']) ? TRUE : FALSE, "blog_datestamp" => $callback_data['blog_datestamp'], // pull from db. "blog_ialign" => isset($_POST['blog_ialign']) ? $_POST['blog_ialign'] : '', "blog_image" => isset($_POST['blog_image']) ? $_POST['blog_image'] : '', "blog_image_t1" => isset($_POST['blog_image_t1']) ? $_POST['blog_image_t1'] : "", "blog_image_t2" => isset($_POST['blog_image_t2']) ? $_POST['blog_image_t2'] : "", ]; $callback_data['blog_breaks'] = ""; if (isset($_POST['blog_breaks'])) { $callback_data['blog_breaks'] = TRUE; $callback_data['blog_blog'] = nl2br($callback_data['blog_blog']); if ($callback_data['blog_extended']) { $callback_data['blog_extended'] = nl2br($callback_data['blog_extended']); } } if (defender::safe()) { echo openmodal('blog_preview', $locale['blog_0141']); echo "| ".$locale['blog_0144']." | \n"; echo "".$locale['blog_0136']." | \n"; echo "".$locale['blog_0142']." | \n"; echo "".$locale['blog_0143']." | \n"; echo "".$locale['global_057']." | \n"; echo "
|---|---|---|---|---|
| ".$data['submit_id']." | \n"; echo "".$submit_criteria['blog_subject']." | \n"; echo "".display_avatar($data, '20px', '', TRUE, 'img-rounded m-r-5').profile_link($data['user_id'], $data['user_name'], $data['user_status'])." | \n"; echo "".timer($data['submit_datestamp'])." | \n"; echo "".$locale['blog_0131']." | \n"; echo "