body<= qr/./); my $head = \$_[1]->{'head'}; my $bodyopts = \$_[1]->{'bodyopts'}; LJ::set_active_crumb('editentries'); my $remote = LJ::get_remote(); return "" unless $remote; if ($remote->underage) { return BML::redirect("$LJ::SITEROOT/agecheck/?s=1"); } my $mode = $GET{'mode'} || $POST{'mode'} || "init"; if ($GET{'itemid'} || $POST{'itemid'}) { $mode = "edit"; } my $ret; my $getextra = "?authas=$GET{'authas'}" if $GET{'authas'}; LJ::need_res('stc/entry.css', 'js/inputcomplete.js'); # are they asking to be authed as someone else? my $authas = $GET{'authas'} || $remote->{'user'}; my $u = LJ::get_authas_user($authas); return LJ::bad_input("You could not be authenticated as the specified user.") unless $u; return LJ::bad_input("You must be authenticated as a person.") unless $u->{'journaltype'} eq 'P'; # are we modify a community post? my $usejournal = $GET{'usejournal'} || $POST{'usejournal'} || $GET{'journal'}; undef $usejournal if $usejournal eq $u->{'user'}; # ignore if it's the user # extra get arguments my $getextra; $getextra .= "authas=$authas&" if $authas ne $u->{'user'}; $getextra .= "usejournal=$usejournal&" if $usejournal; chop $getextra; $getextra = "?$getextra" if $getextra; my $entry_chooser = sub { my $ret; my $ref = shift; my %opts = @_; my %res = %$ref; my $show_ad = $opts{show_ad} ? 1 : 0; $ret .= ""; my $ad = LJ::get_ads({ location => 'bml.editjournal', ljadwrapper => 1 }); if ($ad && $show_ad) { $ret .= ""; } $ret .= "
"; my %props = (); for (my $i=1; $i<=$res{'prop_count'}; $i++) { $props{$res{"prop_${i}_itemid"}}->{$res{"prop_${i}_name"}} = $res{"prop_${i}_value"}; } my $ev_count = $res{'events_count'}; for (my $i=1; $i<=$ev_count; $i++) { my $itemid = $res{"events_${i}_itemid"}; my $ditemid = $itemid * 256 + $res{"events_${i}_anum"}; $ret .= "
"; $ret .= "
\n"; $ret .= LJ::html_hidden('itemid',$ditemid,'mode',"edit"); $ret .= LJ::html_submit("itemid-$ditemid",'Edit this Entry'); $ret .= "
"; $ret .= "		"; $ret .= " "; $ret .= " (Posted by: " . LJ::ljuser($res{"events_${i}_poster"}) . ")" if $usejournal; ### security indicator my $sec = ' '; if ($res{"events_${i}_security"} eq "private") { $sec .= BML::fill_template("securityprivate"); } elsif ($res{"events_${i}_security"} eq "usemask") { if ($res{"events_${i}_allowmask"} == 0) { # custom security with no group -- essentially private $sec .= BML::fill_template("securityprivate"); } elsif ($res{"events_${i}_allowmask"} > 1) { # custom group $sec .= BML::fill_template("securitygroups"); } else { # friends only $sec .= BML::fill_template("securityprotected"); } } $ret .= $sec; if (my $subj = $res{"events_${i}_subject"}) { LJ::CleanHTML::clean_subject_all(\$subj); $ret .= " " . LJ::ehtml($subj) . ""; } $ret .= "
\n"; my $event = LJ::ehtml(LJ::durl($res{"events_${i}_event"})); $event =~ s!\n!
!g; $ret .= $event; $ret .= "
\n"; } $ret .= "		$ad
"; return $ret; }; if ($mode eq "edit") { # user object for community if we're modifying one my $usejournal_u; if ($usejournal) { $usejournal_u = LJ::load_user($usejournal); return LJ::bad_input("The community you selected does not exist.") unless $usejournal_u; } ### ### HAVE AN ITEMID TO EDIT ### if ($GET{'itemid'} || $POST{'itemid'}) { # the 'itemid' form element is really an 'itemid' my $ditemid = $GET{'itemid'} || $POST{'itemid'}; my $anum = $ditemid % 256; my $itemid = $ditemid >> 8; my $u_for_entry = $usejournal ? $usejournal_u : $u; my $entry_obj = LJ::Entry->new($u_for_entry, ditemid => $ditemid); # do getevents request my %res = (); LJ::do_request({ 'mode' => 'getevents', 'selecttype' => 'one', 'ver' => $LJ::PROTOCOL_VER, 'user' => $u->{'user'}, 'usejournal' => $usejournal, 'itemid' => $itemid }, \%res, { "noauth" => 1, 'u' => $u } ); # was there a protocol error? return "" unless $res{'success'} eq 'OK'; # does the requested entry exist? return "" unless $res{'events_count'} && $res{'events_1_anum'} == $anum; # are we authorized to edit other peoples' posts in this community? my $disabled_save = 0; my $disabled_delete = 0; my $disabled_spamdelete = 0; if ($usejournal && $res{'events_1_poster'} ne $u->{'user'}) { $disabled_delete = ! LJ::can_delete_journal_item($u, $usejournal_u); $disabled_save++; } $disabled_spamdelete = $disabled_delete || !$usejournal || ($res{'events_1_poster'} eq $u->{'user'}); # read-only posters and journals cannot be edited if (!$disabled_save && ($u->is_readonly || ($usejournal_u && $usejournal_u->is_readonly))) { $disabled_save++; } ### ### SAVE EDITS ### # are we spellchecking before we post? my $spellcheck_html; my $did_spellcheck; if ($LJ::SPELLER && $POST{'action:spellcheck'}) { $did_spellcheck++; my $s = new LJ::SpellCheck { 'spellcommand' => $LJ::SPELLER, 'color' => '', }; my $event = LJ::ehtml($POST{'event'}); $spellcheck_html = $s->check_html(\$event); $spellcheck_html = "" unless $spellcheck_html ne ""; } # they clicked the save or delete button if (!$spellcheck_html && ($POST{'action:save'} || $POST{'action:saveunsuspend'} || $POST{'action:delete'} || $POST{'action:deletespam'})) { return LJ::bad_input($ML{'error.invalidform'}) unless LJ::check_form_auth(); my %req = ( 'mode' => 'editevent', 'ver' => $LJ::PROTOCOL_VER, 'user' => $u->{'user'}, 'usejournal' => $usejournal, 'itemid' => $itemid, ); LJ::entry_form_decode(\%req, \%POST); # Delete $req{'event'} = '' if $POST{'action:delete'} || $POST{'action:deletespam'}; # mark as spam, if need be LJ::mark_entry_as_spam($usejournal_u, $itemid) if $POST{'action:deletespam'}; # if the action is to delete it, then let's note that if ($POST{'action:delete'} || $POST{'action:deletespam'}) { # now log the event created above ($usejournal ? $usejournal_u : $u)->log_event('delete_entry', { remote => $remote, actiontarget => $ditemid, method => 'web', }); } # do editevent request LJ::do_request(\%req, \%res, { 'noauth' => 1, 'u' => $u }); # check response unless ($res{'success'} eq "OK") { return "
  • $res{'errmsg'}
    • p?>"; } my $deleted = $req{event} ? 0 : 1; my $journalu = $usejournal ? $usejournal_u : $u; my $j_base = $journalu->journal_base; my $entry_url = LJ::item_link($journalu, $itemid, $res{anum}); my $result = ""; $result .= ""; my $ad = LJ::get_ads({ location => 'bml.editjournal', ljadwrapper => 1 }); if ($ad) { $result .= ""; } $result .= "
    "; if ($deleted) { $result .= ""; $result .= "" if $POST{'action:deletespam'}; my $deleted_extras = LJ::run_hook('entry_deleted_page_extras'); $result .= $deleted_extras if defined $deleted_extras; } else { $result .= ""; # open a request about the unsuspension if one doesn't already exist if ($POST{'action:saveunsuspend'} && !$entry_obj->prop("unsuspend_supportid") && $LJ::UNSUSPENSION_REQUEST_SPCATID) { my %req; $req{reqtype} = "user"; $req{requserid} = $remote->id; $req{uniq} = LJ::UniqCookie->current_uniq; $req{spcatid} = $LJ::UNSUSPENSION_REQUEST_SPCATID; $req{ignore_dup_check} = 1; # can't have dup checking in case a particular entry gets re-suspended after unsuspension $req{subject} = "Unsuspension Request from " . $remote->user; $req{body} = "The suspended entry at " . $entry_obj->url . " has been edited and the poster requests unsuspension."; my @errors; my $spid = LJ::Support::file_request(\@errors, \%req); if ($spid) { $entry_obj->set_prop( unsuspend_supportid => $spid ); my $url = "$LJ::SITEROOT/support/see_request.bml?id=$spid"; $result .= " "$url" }) . " p?>"; } } elsif ($POST{'action:save'} && $entry_obj->is_suspended && !$entry_obj->prop("unsuspend_supportid")) { $result .= " "href='$LJ::SITEROOT/abuse/report.bml'" }) . " p?>"; } } $result .= "
    $ML{'.success.fromhere'}
    "; $result .= "    		$ad
    "; return $result; } ### ### SHOW EDIT FORM ### my $auth = "

    "; $auth .= ""; $auth .= $usejournal ? LJ::ljuser($res{'events_1_poster'}) . " in community " . LJ::ljuser($usejournal) : LJ::ljuser($remote); $auth .= LJ::html_hidden("usejournal", $usejournal); $auth .= "

    "; my $username = $usejournal ? $usejournal : $remote->user; $auth .= ""; my ($year, $mon, $mday, $hour, $min) = split(/\D/, $res{"events_1_eventtime"}); my $datetime; my $date = LJ::html_datetime_decode({ 'name' => "date_ymd", }, \%POST); if ($date ne "0000-00-00 00:00:00") { my ($date, $time) = split( / /, $date); $datetime = "$date $POST{'hour'}:$POST{'min'}"; } else { $datetime = "$year-$mon-$mday $hour:$min"; } my $subject = $POST{'subject'} || $res{'events_1_subject'}; my $event = $POST{'event'} || $res{'events_1_event'}; my $curmask = $res{'events_1_allowmask'}; my $cursec = $res{'events_1_security'} || $POST{'security'}; if ($cursec eq 'usemask') { $cursec = $curmask == 1 ? "friends" : "custom"; } # start edit form my $ret; my $js; $ret .= ""; my $ad = LJ::get_ads({ location => 'bml.editjournal', ljadwrapper => 1 }); if ($ad) { $ret .= ""; } $ret .= "
    "; $ret .= "
    "; $ret .= LJ::form_auth(); $ret .= LJ::html_hidden('itemid', $ditemid,'mode','edit','edited',1) . "\n"; $event = LJ::durl($event); my $journalu = $usejournal ? LJ::load_user($usejournal) : $remote; LJ::EmbedModule->parse_module_embed($journalu, \$event, edit => 1); $event = LJ::eurl($event); my $suspend_msg = $entry_obj && $entry_obj->should_show_suspend_msg_to($remote) ? 1 : 0; my $entry = { 'mode' => "edit", 'auth_as_remote' => 1, 'subject' => $subject, 'event' => $event, 'datetime' => $datetime, 'usejournal' => $usejournal, 'security' => $cursec, 'security_mask' => $curmask, 'auth' => $auth, 'remote' => $remote, 'spellcheck_html' => $spellcheck_html, 'richtext' => $LJ::DISABLED{'richtext'} ? 0 : 1, 'mood' => $res{'events_1_'}, 'disabled_save' => $disabled_save, 'disabled_delete' => $disabled_delete, 'disabled_spamdelete' => $disabled_spamdelete, 'suspended' => $suspend_msg, 'unsuspend_supportid' => $suspend_msg ? $entry_obj->prop("unsuspend_supportid") : 0, }; for (my $i = 1; $i <= $res{'prop_count'}; $i++) { $entry->{"prop_" . $res{"prop_${i}_name"}} = $res{"prop_${i}_value"}; } # add property for current music button displaying if last.fm user specified $entry->{prop_last_fm_user} = $u_for_entry->prop('last_fm_user'); $entry->{prop_copyright} = $entry_obj->prop('copyright'); foreach ( keys %POST ) { $entry->{$_} = %POST->{$_}; } $entry->{'richtext_default'} = $entry->{"prop_used_rte"} ? 1 : 0, my $onload; $ret .= LJ::entry_form($entry, \$$head, \$onload); $ret .= "
    "; $ret .= "    		$ad
    "; my $qotd = LJ::QotD->get_single_question($entry->{prop_qotdid}); my $qotd_text = LJ::Widget::QotD->qotd_display_embed( questions => [ $qotd ] ); my $escaped_qotd_text = LJ::ejs($qotd_text); # javascript to initialize entry form since we've just called into entry_form # -- shove into \$head which is a reference into $_[1]->{head} and will # be placed in the correct BML head portion later # -- this is a hack, should be done by weblib and pushed into \$$head above # in a way which is compatible with both this page and update.bml $$head .= qq{ }; $ret .= q( ); $ret .= LJ::Widget::SettingProdDisplay->render; return $ret; } ### ### NO ITEMID - SELECT ENTRY TO EDIT ### ### already authenticated from above return BML::redirect("$LJ::SITEROOT/editjournal.bml") unless LJ::did_post(); my %res; my %req = ( 'mode' => 'getevents', 'ver' => $LJ::PROTOCOL_VER, 'user' => $u->{'user'}, 'usejournal' => $usejournal, 'truncate' => 300, 'noprops' => 1, ); # last 1 if ($POST{'selecttype'} eq "last") { $req{'selecttype'} = 'one'; $req{'itemid'} = -1; # last n } elsif ($POST{'selecttype'} eq 'lastn') { $req{'selecttype'} = 'lastn'; $req{'howmany'} = $POST{'howmany'}; # day } elsif ($POST{'selecttype'} eq 'day') { $req{'selecttype'} = 'day'; $req{$_} = $POST{$_} foreach qw(year month day); } # do getevents request LJ::do_request(\%req, \%res, { 'noauth' => 1, 'u' => $u }); # check response unless ($res{'success'} eq "OK") { return "\n" . "
    • p?>"; } # only one item returned? go directly to edit it if ($res{'events_count'} == 1) { my $ditemid = ($res{'events_1_itemid'} << 8) + $res{'events_1_anum'}; my $ditemid_get = $getextra ? "$getextra&itemid=$ditemid" : "?itemid=$ditemid"; return BML::redirect("$LJ::SITEROOT/editjournal.bml$ditemid_get"); } # how many results did we get? my $ev_count = $res{'events_count'}; unless ($ev_count) { if ($req{'selecttype'} eq 'lastn') { return "\n" . "\n"; } return "\n" . "\n"; } ### display results return $entry_chooser->(\%res, show_ad => 1); } elsif ($mode eq "init") { # no authentication needs to be done on this page, it's just a form anyway $ret .= "\n\n"; # use journal $ret .= "\n"; # submit button $ret .= "\n"; $ret .= "
    "; # user switcher $ret .= "
    \n"; $ret .= LJ::make_authas_select($remote, { 'authas' => $GET{'authas'}, 'type' => 'P' }); $ret .= "
    \n\n"; # header $ret .= " "href='$LJ::SITEROOT/editprivacy.bml'"}) . " p?>\n"; # edit form $ret .= "
    \n"; $ret .= LJ::html_hidden("mode","edit"); $ret .= "\n"; # view type $ret .= "
    $ML{'.viewwhat'}\n"; $ret .= LJ::html_check({ 'type' => 'radio', 'name' => 'selecttype', 'id' => 'selecttype-last', 'value' => 'last', 'selected' => 1 }); $ret .= "
    \n"; $ret .= LJ::html_check({ 'type' => 'radio', 'name' => 'selecttype', 'id' => 'selecttype-lastn', 'value' => 'lastn' }) . " "; $ret .= LJ::html_text({ 'name' => 'howmany', 'size' => '3', 'maxlength' => '2', 'value' => '20', 'onchange' => "checkRadioButton('selecttype-lastn');" }) . " "; $ret .= "
    \n"; $ret .= LJ::html_check({ 'type' => 'radio', 'name' => 'selecttype', 'id' => 'selecttype-day', 'value' => 'day' }); $ret .= ""; my @time = localtime(time); my $mday = sprintf("%02d", $time[3]); my $mon = sprintf("%02d", $time[4] + 1); my $year = $time[5] + 1900; $ret .= LJ::html_text({ 'name' => 'year', 'size' => '5', 'maxlength' => '4', 'value' => $year, 'onchange' => "checkRadioButton('selecttype-day');" }) . "-"; $ret .= LJ::html_text({ 'name' => 'month', 'size' => '3', 'maxlength' => '2', 'value' => $mon, 'onchange' => "checkRadioButton('selecttype-day');" }) . "-"; $ret .= LJ::html_text({ 'name' => 'day', 'size' => '3', 'maxlength' => '2', 'value' => $mday, 'onchange' => "checkRadioButton('selecttype-day');" }) . "\n"; $ret .= "
    $ML{'.in'}\n"; $ret .= LJ::html_text({ 'name' => 'usejournal', 'size' => '20', 'maxlength' => '15', 'value' => $GET{'usejournal'} }) . " "; $ret .= " (optional)
     " . LJ::html_submit(undef, $ML{'.btn.proceed'}) . "
    standout?>\n"; $ret .= "\n"; my %res; my %req = ( mode => 'getevents', ver => $LJ::PROTOCOL_VER, user => $u->user, usejournal => $usejournal, truncate => 300, noprops => 1, selecttype => 'lastn', howmany => 5, ); # do getevents request LJ::do_request(\%req, \%res, { noauth => 1, u => $u }); if ($res{success} eq "OK" && $res{events_count} > 0) { $ret .= $entry_chooser->(\%res); } my $ad = LJ::get_ads({ location => 'bml.editjournal', ljadwrapper => 1 }); if ($ad) { $ret .= "$ad"; } $ret .= ""; $ret .= LJ::Widget::SettingProdDisplay->render; return $ret; } } _code?> <=body bodyopts=>{'bodyopts'}; _code?> head<= {'head'}; _code?> <=head page?> post: htdocs/editjournal.bml link: htdocs/lostinfo.bml _c?>