#!/usr/bin/perl # MimerDesk # Web based groupware and eLearning environment # www.mimerdesk.org # # Copyright (C) 2001 Ionstream Ltd. # www.ionstream.fi # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the Free # Software Foundation; either version 2 of the License, or (at your option) # any later version. # # This program is distributed with a hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #$Id: md_news_add.html,v 1.19 2002/06/06 14:58:02 inf Exp $ ####################################################### # # # MimerDesk: Home - MimerDesk news # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # (c) Ionstream Oy 1999 - 2001 # # # # Programmed by: Hannes Muurinen # # # ####################################################### # Begin ################################## use strict; use vars qw ($APPLICATION $ACTIVEGRP $USER $UID $IP $LAST_ACT $FORWARDED $trans $TIME_USED $IDLE $form $ref $sth %month_names $htmlcolors $admin_status $GROUPACTIVOR $MD_NEWS $MD_NEWS_COMMENT $edit_on ); use lib::MimerDesk; use CGI::Carp "fatalsToBrowser"; use Mail::Sendmail; $APPLICATION = 'Home - News'; $MD_NEWS = 'md_news'; #database tables $MD_NEWS_COMMENT = 'md_news_comment'; # Ohjelma ################################## read_config('../config/mimerdesk.cfg'); $htmlcolors = initialize('colors'); $form = decode_multipart(); $form->{'ID'} =~ tr/0-9//cd; $form->{'auth'} =~ tr/0-9a-z//cd; ($USER, $IP, $LAST_ACT, $FORWARDED, $TIME_USED, $IDLE, $ACTIVEGRP) = authenticate($form->{'ID'}, $form->{'auth'}, $form->{'changeGroup'}); #get the user id (has to be done this way until the authenticate function is modified to return also UID) lock_tables('READ', 'users'); ($ref) = db_select('UID','users',"nimi = '$USER'"); $UID = $ref->{'UID'}; db_end(); unlock_tables(); $trans = lib::MimerDesk->new_gettext(program => 'md_news_add',language => $config{'language'}); if ($form->{'grouptool'} =~ /^\d+$/) { lock_tables('READ', 'groupusers'); db_list("SELECT RIGHTS,USER FROM groupusers where USER = '$USER' and GID = '$form->{'grouptool'}'"); while (my $ref = $sth->fetchrow_hashref()) { $admin_status = $ref->{'RIGHTS'}; $GROUPACTIVOR = $ref->{'USER'}; } db_end(); unlock_tables(); if (!$GROUPACTIVOR) { $form->{'grouptool'} = ''; lock_tables('READ', 'users'); db_list("SELECT flags FROM users where nimi = '$USER'"); while (my $ref = $sth->fetchrow_hashref()) {$admin_status = $ref->{'flags'};} db_end(); unlock_tables(); # the db tables aren't set to group tables => the global admin can't access the group news if not group member.. should this be changed? } else { $MD_NEWS = "$form->{'grouptool'}_$MD_NEWS"; $MD_NEWS_COMMENT = "$form->{'grouptool'}_$MD_NEWS_COMMENT"; } } else { lock_tables('READ', 'users'); db_list("SELECT flags FROM users where nimi = '$USER'"); while (my $ref = $sth->fetchrow_hashref()) {$admin_status = $ref->{'flags'};} db_end(); unlock_tables(); $form->{'grouptool'} = ''; } $edit_on = 1 if $admin_status =~ /N0/; # If the user isn't permitted to use this tool (there shouldn't even be a link to this page if this is the case.. the uri has been edited manually): if(!$edit_on) { write_log("$USER tried to access the news adding page (GroupID='$form->{'grouptool'}') without sufficient permissions!", 'warning'); redirect("md_news.html?ID=$form->{'ID'}&auth=$form->{'auth'}&grouptool=$form->{'grouptool'}"); exit; } if($GROUPACTIVOR) {$APPLICATION = $trans->gettext("Group - News");} else {$APPLICATION = $trans->gettext("Home - News");} %month_names = ( '01' => $trans->gettext("January"), '02' => $trans->gettext("February"), '03' => $trans->gettext("March"), '04' => $trans->gettext("April"), '05' => $trans->gettext("May"), '06' => $trans->gettext("June"), '07' => $trans->gettext("July"), '08' => $trans->gettext("August"), '09' => $trans->gettext("September"), '10' => $trans->gettext("October"), '11' => $trans->gettext("November"), '12' => $trans->gettext("December") ); #$form->{'grouptool'} ? $dir = $form->{'grouptool'} : $dir = 'public'; # Identify the page to display my ($shown_text, $text_class); if($form->{'remove_news'} && $form->{'newsID'}) { remove_news($form->{'newsID'}); redirect("md_news.html?ID=$form->{'ID'}&auth=$form->{'auth'}&grouptool=$form->{'grouptool'}&year=$form->{'oldyear'}&month=$form->{'oldmonth'}"); exit; } elsif($form->{'post'}) { my($new_newsID); if($form->{'newsID'}) {($shown_text, $text_class, $new_newsID) = modify_news();} else {($shown_text, $text_class, $new_newsID) = add_news();} if(!$shown_text) # if no error message is returned, the adding/modifying was successful { redirect("md_news.html?ID=$form->{'ID'}&auth=$form->{'auth'}&grouptool=$form->{'grouptool'}&newsID=$new_newsID"); exit; } } elsif($form->{'newsID'}) {($shown_text, $text_class) = fetch_news($form->{'newsID'});} # update the form, if we are modifying old document print_template("$config{'theme'}_md_news_add", $shown_text, $text_class); ################################################################################# # send_monitor_mail - sends email message to news monitorers # #-------------------------------------------------------------------------------# # send_monitor_mail($groupID,$epoch,$authorID,$subject,$message,$category) # # # # Sends the news article to the news monitorers of group $groupID via e-mail. # # # # Usage: # # send_monitor_mail($groupID,$epoch,$authorID,$subject,$message,$category) # # # ################################################################################# # # # (cut&pasted from boards.html and then modified and tweaked) # # # ################################################################################# sub send_monitor_mail { my (%mail,@monitors,$author,$news_board_name,$ref,%monitorer_email,%monitorer_name); my ($groupID,$epoch,$authorID,$subject,$message,$category) = @_; $message = itag_remover($message); my $posted = utc_epoch2date_string($epoch, '%w %d %sm %y %h:%m'); lock_tables('READ','users','md_news_monitor','groups'); ($ref) = db_select('info','users',"UID = '$authorID'"); $author = $ref->{'info'}; if($groupID) { ($ref) = db_select('GRPNAME','groups',"GID = '$groupID'"); $news_board_name = "$ref->{'GRPNAME'} - News"; } else { $news_board_name = 'Public news'; } ($ref) = db_select('monitorers','md_news_monitor',"GID = '$groupID'"); @monitors = split /,/, $ref->{'monitorers'}; db_end(); # get the emails and names of the monitorers db_list("select email,info,UID from users where UID in ($ref->{'monitorers'})"); while (my $ref = $sth->fetchrow_hashref()) { $monitorer_email{$ref->{'UID'}} = $ref->{'email'}; $monitorer_name{$ref->{'UID'}} = $ref->{'info'}; } db_end(); foreach (@monitors) { next if $monitorer_email{$_} !~ /\@.+\..+/; $Mail::Sendmail::mailcfg{'retries'} = 0; $mail{'From'} = "MimerDesk <$config{'monitor_mail'}>"; $mail{'To'} = "$monitorer_name{$_} <$monitorer_email{$_}>"; my $server = $config{'mail_server'}; $mail{'Smtp'} = $server if $server; $mail{'subject'} = "[$news_board_name] - $subject"; $mail{'message'} = "Read and comment this article at:\n$config{'loc_server'}$config{'bin_dir'}/index.html\n\n"; $mail{'message'} .= "Date: $posted\nAuthor: $author\nCategory: $category\nSubject: $subject\n\n$message\n\n"; $mail{'message'} .= "_________________________________________________________________________\n"; $mail{'message'} .= "You are receiving this e-mail because you have turned news monitoring on.\n"; $mail{'message'} .= "To stop monitoring news, login to MimerDesk and select Stop monitoring\non the news board.\n"; if (sendmail(%mail)) {} else {write_log("Error sending message (news monitoring): $Mail::Sendmail::error", 'error');} } unlock_tables(); } ################################################################################# # add_news - adds the article to the database # #-------------------------------------------------------------------------------# # add_news() # # # # All the arguments are read from the form. # # Returns error/success message and it's text class. Added article ID number is # # also returned. # # # # Usage: # # ($message, $message_class, $news_ID) = add_news() # # # ################################################################################# sub add_news { my($error_message,$ref,$epoch,%db, $added_ID); $error_message .= $trans->gettext("There's no headline!") .tag('br') if(!$form->{'subject'}); $error_message .= $trans->gettext("There's no news text!") .tag('br') if(!$form->{'message'}); $error_message .= $trans->gettext("There's no summary!") .tag('br') if(!$form->{'s_message'}); return($error_message,'error','') if $error_message; $epoch = time(); $form->{'category'} = $form->{'newcategory'} if $form->{'newcategory'}; ($epoch, $form->{'newsID'}, $form->{'message'}, $form->{'s_message'}, $form->{'category'}, $form->{'subject'},$UID) = prepare_fordb($epoch, $form->{'newsID'}, $form->{'message'}, $form->{'s_message'}, $form->{'category'}, $form->{'subject'},$UID); lock_tables('WRITE', $MD_NEWS); %db = ( senderID => $UID, epoch => $epoch, headline => $form->{'subject'}, summary => $form->{'s_message'}, article => $form->{'message'}, category => $form->{'category'} ); db_insert($MD_NEWS,\%db); $added_ID = get_lastid(); db_end(); unlock_tables(); send_monitor_mail($form->{'grouptool'},$epoch,$UID,$form->{'subject'},$form->{'message'},$form->{'category'}); return ('', '', $added_ID); } ################################################################################# # modify_news - modifies pre-existing article in the database # #-------------------------------------------------------------------------------# # modify_news() # # # # All the arguments are read from the form. # # Returns error/success message and it's text class. Article ID number is # # also returned. # # # # Usage: # # ($message, $message_class, $news_ID) = modify_news() # # # ################################################################################# sub modify_news { my($error_message,$ref,%db); $error_message .= $trans->gettext("There's no headline!") .tag('br') if(!$form->{'subject'}); $error_message .= $trans->gettext("There's no news text!") .tag('br') if(!$form->{'message'}); $error_message .= $trans->gettext("There's no summary!") .tag('br') if(!$form->{'s_message'}); return($error_message,'error','') if $error_message; $form->{'category'} = $form->{'newcategory'} if $form->{'newcategory'}; ($form->{'newsID'}, $form->{'message'}, $form->{'s_message'}, $form->{'category'}, $form->{'subject'},$UID) = prepare_fordb($form->{'newsID'}, $form->{'message'}, $form->{'s_message'}, $form->{'category'}, $form->{'subject'},$UID); lock_tables('WRITE', $MD_NEWS); %db = ( senderID => $UID, headline => $form->{'subject'}, summary => $form->{'s_message'}, article => $form->{'message'}, category => $form->{'category'} ); db_update($MD_NEWS,\%db, "IDnumber = '$form->{'newsID'}'"); db_end(); unlock_tables(); return ('', '', $form->{'newsID'}); } ################################################################################# # remove_news - removes pre-existing article from the database # #-------------------------------------------------------------------------------# # remove_news($newsID) # # # # Removes the article with ID $newsID and comments related to it. # # # # Usage: # # remove_news($newsID) # # # ################################################################################# sub remove_news { my $newsID = shift; ($newsID) = prepare_fordb($newsID); lock_tables('WRITE', $MD_NEWS, $MD_NEWS_COMMENT); db_delete($MD_NEWS, "IDnumber = '$newsID'"); db_delete($MD_NEWS_COMMENT, "newsID = '$newsID'"); db_end(); unlock_tables(); } ################################################################################# # fetch_news - fetches pre-existing article from the database # #-------------------------------------------------------------------------------# # fetch_news($newsID) # # # # Fetches article form the database and updates the form. # # Returns error message and it's text class. # # # # Usage: # # ($message, $message_class) = fetch_news($form->{'newsID'}) # # # ################################################################################# sub fetch_news { my($error_message, $msg_class, $test_value); my $newsID = shift; ($newsID) = prepare_fordb($newsID); lock_tables('READ', $MD_NEWS); db_list("SELECT * FROM $MD_NEWS where IDnumber = '$newsID'"); while (my $ref = $sth->fetchrow_hashref()) { $form->{'subject'} = $ref->{'headline'} if !$form->{'subject'}; $form->{'category'} = $ref->{'category'} if !$form->{'category'}; $form->{'subject'} = $ref->{'headline'} if !$form->{'subject'}; $form->{'message'} = $ref->{'article'} if !$form->{'message'}; $form->{'s_message'} = $ref->{'summary'} if !$form->{'s_message'}; $form->{'epoch'} = $ref->{'epoch'}; $test_value = $ref->{'IDnumber'}; } db_end(); unlock_tables(); if(!$test_value) { $error_message = $trans->gettext('Invalid message ID given!'); $msg_class = 'error'; $form->{'newsID'} = ''; } return ($error_message, $msg_class); } ############################### # Lue template ja tulosta se # ############################### sub print_template { my ($fulltemplate,$message_html); my $locat = qq[$config{'loc_server'}$config{'bin_dir'}/md_news_add.html?ID=$form->{'ID'}&auth=$form->{'auth'}&grouptool=$form->{'grouptool'}]; my ($template, $shown_text, $text_class) = @_; $message_html = tagged('div', {align => 'center', class => $text_class, content => $shown_text}) if $shown_text; print_header('pragma'); $ref = get_template('maintemplate',$template); $ref->{'maintemplate'} =~ s/<>/$ref->{$template}/m; $fulltemplate = $ref->{'maintemplate'}; $ref = get_template('js_doClock', 'js_help', 'js_gotosite'); my $stuff = join "", ($ref->{'js_doClock'},$ref->{'js_help'},$ref->{'js_gotosite'}); $fulltemplate =~ s/<>/$stuff/ms; if($GROUPACTIVOR) { $fulltemplate = create_buttons($fulltemplate, 'Group', 'News', $form); lock_tables('READ', 'groups'); my ($ref) = db_select('GRPNAME,GID','groups',"GID = '$form->{'grouptool'}'"); $stuff = tagged('b', {content => '/'}) . tagged('a', {href => "group.html?ID=$form->{'ID'}&auth=$form->{'auth'}&changeGroup=$ref->{'GID'}", onMouseOver => 'doClock(); return true', class => 'content', content => $ref->{'GRPNAME'}}); db_end(); unlock_tables(); $fulltemplate =~ s/<>/$stuff/m; } else { $fulltemplate = create_buttons($fulltemplate, 'Home', 'News', $form); $fulltemplate =~ s/<>//m; } $fulltemplate =~ s/<>/minea/gm; $fulltemplate =~ s/<>/MimerDesk\: $APPLICATION/ms; $fulltemplate =~ s/<>/$form->{'grouptool'}/msg; $fulltemplate =~ s/<>/$form->{'newsID'}/mg; $fulltemplate =~ s/<>/$message_html/m; my @dropitems = (''); my %dropvalues = ('' => $trans->gettext('[ Select pre-existing category ]')); db_list("SELECT DISTINCT category FROM $MD_NEWS order by category"); while (my $ref = $sth->fetchrow_hashref()) { if($ref->{'category'} ne '') { push @dropitems, $ref->{'category'}; $dropvalues{$ref->{'category'}} = $ref->{'category'}; } } db_end(); my %dropargs = (name => 'category', order => \@dropitems, 'values'=> \%dropvalues, default => $form->{'category'} ); $stuff = dropdownmenu(%dropargs); $fulltemplate =~ s/<>/$stuff/m; $fulltemplate =~ s/<>/$form->{'newcategory'}/m; my ($deletebutton); if($form->{'newsID'}) { $stuff = startrow() . column(class => 'content', width => '21%', bgcolor => '#CEDFE8', align => 'right', content => tagged('div', {align => 'left', content => '  '.$trans->gettext('Posting date')})) . column(class => 'content', width => '79%', bgcolor => '#FFFFFF', content => utc_epoch2date_string($form->{'epoch'}, '%w %d %sm %y %h:%m')) . endrow(); $deletebutton = ' '. picbutton(form => 'form1', name => 'remove_news', image => 'remove.gif', alt => $trans->gettext('Remove article')); } else { $stuff = ''; $deletebutton = ''; } $fulltemplate =~ s/<>/$stuff/m; $fulltemplate =~ s/<>/$deletebutton/m; $fulltemplate =~ s/<>/$form->{'subject'}/m; $fulltemplate =~ s/<>/$form->{'s_message'}/m; $fulltemplate =~ s/<>/$form->{'message'}/m; $fulltemplate =~ s/<>/$form->{'oldmonth'}/mgs; $fulltemplate =~ s/<>/$form->{'oldyear'}/mgs; $fulltemplate = replace_tags($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}, $TIME_USED); $fulltemplate = add_popups($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}); print $fulltemplate; db_end('disconnect'); exit; }