// // This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License. // // To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/1.0/ // // or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. // // Francais (brouillon): http://creativecommons.org/projects/international/fr/translated-license // ////////////////////////////////////////////////////////////////////////////////////////////////////// // Gestion des écrits // v0.3.1 class ecrits { var $syntaxes = array( "wiki" => array("name" => "Wiki", "file" => "wiki"), "html" => array("name" => "HTML", "file" => ""), "textile"=> array("name" => "Textile","file" => "textile"), "bbcode"=> array("name" => "BBCode", "file" => "bbcode"), "spip" => array("name" => "SPIP", "file" => "spip"), "magique"=> array("name" => "Universelle", "file" => "universelle")); var $err = array( "stop" => "oui", "log" => "oui", "debug" => "oui"); var $chemin = "../datas/"; var $baseDir = "../"; var $fuseaux = array( "Heure du serveur (Paris, Madrid)" => "serv", "UTC-11" => "-11", "UTC-10 (HST, Hawaiian Standard Time)" => "-10", "UTC-9h30" => "-9.5", "UTC-9 (AKST - Alaska Standard Time)" => "-9", "UTC-8 (PST - Pacific Standard Time)" => "-8", "UTC-7 (MST - Mountain Standard Time)" => "-7", "UTC-6 (CST - Central Standard Time)" => "-6", "UTC-5 (EST - Eastern Standard Time)" => "-5", "UTC-4 (AST - Atlantic Standard Time)" => "-4", "UTC-3h30" => "-3.5", "UTC-3" => "-3", "UTC-2" => "-2", "UTC-1" => "-1", "UTC/GMT (WET - Western European Time)" => "0", "UTC+1 (CET - Central European Time)" => "+1", "UTC+2 (EET - Eastern European Time)" => "+2", "UTC+3" => "+3", "UTC+3h30 (Iran)" => "+3.5", "UTC+4" => "+4", "UTC+4h30 (Afghanistan)" => "+4.5", "UTC+5" => "+5", "UTC+5h30 (Inde)" => "+5.5", "UTC+5h45 (Népal)" => "+5.75", "UTC+6" => "+6", "UTC+6h30" => "+6.5", "UTC+7" => "+7", "UTC+8 (AWST - Australian Western Standard Time)" => "+8", "UTC+9" => "+9", "UTC+9h30 (ACST - Australian Central Standard Time)" => "+9.5", "UTC+10 (AEST - Australian Eastern Standard Time)" => "+10", "UTC+10h30" => "+10.5", "UTC+11" => "+11", "UTC+11h30"=>"+11.5", "UTC+12"=>"+12", "UTC+12h45" => "+12.75", "UTC+13" => "+13", "UTC+14"=>"+14"); // Gestion des erreurs function _err($err,$debug="") { // Si le debug est activé if($this->err['debug'] == "oui" && !empty($debug)) $err.= "\n// DEBUG //\n".$debug; // Si on log les erreurs if($this->err['log'] == "oui") $this->erreurs[] = $err; // Si on s'arrête sur les erreurs if($this->err['stop'] == "oui") { echo "

".htmlentities(stripslashes($err))."

"; exit; } $this->erreur = $err; return FALSE; } function customHtml($journal,$texte) { // Images $GLOBALS['jpath'] = '/datas/documents/'.$journal.'/images/'; $texte = ereg_replace("<(image(-gauche|-droite)?|miniature)>","<\\1>",$texte); $texte = ereg_replace("</>","",$texte); function getImageHtml($m) { global $jpath; #die('arg'); switch($m[1]) { case 'image-gauche': return '

'; case 'image-droite': return '

'; case 'image': return '

'; } } $texte = ereg_replace("([^<]+)",'

',$texte); $texte = preg_replace_callback('/<(image|miniature|image-droite|image-gauche)>([^<]+)<\/>/', 'getImageHtml', $texte); // Liens journaux $texte = ereg_replace("([^<]*)",'\\2',$texte); $texte = ereg_replace("<lien ecrit=\"([0-9]+)\">","",$texte); while(ereg('([^<]*)',$texte,$out)) { $id = $out[1]; $lien = $out[2]; $res = mysql_query("SELECT uri,titre FROM ecrits WHERE id='{$id}'"); list($uri,$titre) = mysql_fetch_row($res); mysql_free_result($res); $url = id2url($journal).$uri; if(empty($lien) || ($lien == $id)) $lien = htmlentities(stripslashes($titre)); $texte = str_replace($out[0],''.$lien.'',$texte); } return $texte; } function do_html($journal,$syntaxe,$texte) { if(!array_key_exists($syntaxe,$this->syntaxes)) return $texte; $file = $this->syntaxes[$syntaxe]['file']; if(!empty($file)) { include_once($this->baseDir."classes/format/".$file.".php"); $texte = $syntaxe($texte); } $texte = $this->customHtml($journal,stripslashes($texte)); return $texte; } // Recherche une expression dans toutes les cellules d'un array function search_array($needle, $array) { foreach ($array as $value) { if(@stristr($value, $needle)) return $value; } } // Renvoie un timestamp de la date // Si pas de date fournie, renvoie le timestamp de la date de maintenant avec la différence de fuseau horaire // Cf. array $fuseaux function fuseau($fuseau="serv",$date=array()) { $fuseaux = $this->fuseaux; if(count($date) < 1) { if($fuseau == "serv") $time = time(); else { $time = mktime(gmdate("H"),gmdate("i"),0,gmdate("m"),gmdate("d"),gmdate("Y")); $fuzo = $this->search_array($fuseau,array_flip($fuseaux)); if($fuzo) { if(substr($fuseaux[$fuzo],0,1) == "-") $time -= substr($fuseaux[$fuzo],1)*3600; elseif(substr($fuseaux[$fuzo],0,1) == "+") $time += substr($fuseaux[$fuzo],1)*3600; } } } else { $time = mktime($date[heure],$date[minute],0,$date[mois],$date[jour],$date[annee]); } return $time; } function kill_word($texte) { $unicode = array("–" => "-", "—" => "-", "‘" => "'", "’" => "'", "…" => "...", "“" => "\"", "”" => "\"", " "=>" ", "<"=>"<", ">"=>">","œ"=>"oe","…"=>"..."); $texte = strtr($texte,$unicode); return trim($texte); } function getUri($journal,$id,$name,$date) { $name = strtr($name,array("à"=>"a","é"=>"e","è"=>"e","ç"=>"c","ù"=>"u","ê"=>"e","û"=>"u","ô"=>"o")); $name = ereg_replace("[^a-zA-Z0-9_ -]","",$name); $name = ereg_replace("(^[^a-zA-Z0-9]|[^a-zA-Z0-9]$)","",$name); if(strlen($name) > 32) { $name = substr($name,0,32); $name = substr($name,0,strrpos($name," ")); } $name = explode(" ",$name); foreach($name as $k=>$v) { $name[$k] = strtolower(trim($v)); if(empty($name[$k])) unset($name[$k]); } $name = implode("-",$name); if(empty($name)) $uri = date("Y/m/d-Hi",$date).date("s"); else { $uri = date("Y/m/d-",$date).$name; $res = mysql_query('SELECT id FROM ecrits WHERE journal="'.$journal.'" AND uri="'.$uri.'"'); if($res) list($id2) = mysql_fetch_row($res); if($res && $id2 && ($id2 != $id)) $uri = date("Y/m/d-Hi",$date).date("s"); mysql_free_result($res); } return $uri; } function secure_php($texte) { $texte = strtr($texte,array(""< ?","?>"=>"? >",'<%'=>"< %",'%>'=>"% >","x-http"=>"(x)-http")); $texte = eregi_replace("language=[\"']php[43]?","language='péhachepé",$texte); return $texte; } function errorClean($journal,$id,$texte,$error) { mysql_unbuffered_query('DELETE FROM ecrits WHERE id="'.$id.'"'); mysql_unbuffered_query('DELETE FROM ecrits_textes WHERE id="'.$id.'"'); mysql_unbuffered_query('DELETE FROM ecrits_html WHERE id="'.$id.'"'); echo "

Erreur

Une erreur est survenue pendant l'enregistrement de l'écrit.

Erreur renvoyée: ".$error."

Veuillez envoyer cette page à l'administrateur du site!

Votre écrit a été placé dans la sauvegarde de sécurité.

"; $this->do_rescue($journal,$texte); exit; } // Nouvel écrit // $statut = ENUM("normal","prive","haut","page") function ajout($journal,$rec) { // On vérifie que les champs demandés sont remplis if(empty($journal)) return $this->_err("Journal non spécifié."); elseif(empty($rec['titre'])) return $this->_err("Aucun titre n'a été donné."); elseif(empty($rec['texte'])) return $this->_err("Aucun texte n'a été entré."); elseif(!in_array($rec['statut'],array("normal","prive","haut","page"))) return $this->_err("Ce statut n'existe pas"); if(empty($fuseau)) $fuseau = "serv"; $texte = $this->kill_word($rec['texte']); $date = $this->fuseau($rec['fuseau']); $ip = getenv("REMOTE_ADDR"); $mois = date("Ym",$date); $uri = $this->getUri($journal,'',$rec['titre'],$date); $syntaxe = $rec['syntaxe']; $valide = $rec['valide']; $statut = $rec['statut']; $titre = $rec['titre']; if(!array_key_exists($syntaxe,$this->syntaxes)) $syntaxe = "wiki"; if($valide != "oui") $valide = "non"; $requete = 'INSERT INTO ecrits SET titre="'.$titre.'", date="'.$date.'", ' .'ip="'.$ip.'", journal="'.$journal.'", statut="'.$statut.'", mois="'.$mois.'", uri="'.$uri.'", ' .'valide="'.$valide.'", syntaxe="'.$syntaxe.'"'; $resultat = mysql_unbuffered_query($requete); if($resultat == FALSE) return $this->_err("Problème technique.",mysql_error()); $id = mysql_insert_id(); $texte = $this->secure_php($texte); $requete = 'INSERT INTO ecrits_textes SET id="'.$id.'", texte="'.addslashes(stripslashes($texte)).'"'; mysql_unbuffered_query($requete) or $this->errorClean($journal,$id,$texte,mysql_error()); $texte_html = $this->do_html($journal,$syntaxe,$texte); $requete = 'INSERT INTO ecrits_html SET id="'.$id.'", texte="'.addslashes(stripslashes($texte_html)).'"'; mysql_unbuffered_query($requete) or $this->errorClean($journal,$id,$texte,mysql_error()); mysql_unbuffered_query("UPDATE journaux SET dernier='".time()."' WHERE id='{$journal}'"); if($valide == "oui" && ($statut == "normal" || $statut == "haut")) { $this->envoi_suivimail($journal,array("titre"=>$titre,"texte"=>$texte,"date"=>$date,"id"=>$id, "uri"=>$uri)); $this->supprimer_cache_rss($journal); $this->supprimer_cache($journal,$id); } return $id; } function envoi_suivimail($journal,$datas) { $res = mysql_query("SELECT suivimail,titre FROM journaux WHERE id='{$journal}'"); if(!$res) return $this->_err("Problème technique.",mysql_error()); $rec = mysql_fetch_row($res); mysql_free_result($res); if($rec[0] == "oui") { $jtitre = eregi_replace("[^a-z0-9@éèàôûêù _-]","",$rec[1]); $res = mysql_query("SELECT m.email FROM membres AS m, abonnements AS a WHERE a.journal='{$journal}' AND a.membre=m.id AND a.bymail='oui'"); if(mysql_num_rows($res) > 0) { while($rec = mysql_fetch_row($res)) $mails[] = $rec[0]; mysql_free_result($res); $headers = 'From: "'.$jtitre.'" <'.$GLOBALS['cfg']['robot_mail'].">\n". 'Reply-To: '.$GLOBALS['cfg']['robot_mail']."\n". 'Return-Path: '.$GLOBALS['cfg']['robot_mail']."\n". 'Bcc: <'.implode(">, <",$mails).">\n"; "X-Mailer: PHP/Lencrier 1.2\nX-From-Website: ".$GLOBALS['cfg']['url']."\n"; $texte = "CECI EST UN MESSAGE AUTOMATIQUE, MERCI DE NE PAS Y REPONDRE\n". "-----------------------------------------------------------\n\n". "Il y a un nouvel écrit dans le journal: ".$jtitre."\n".stripslashes($datas['titre'])."\n". "(Le ".gmdate("d/m/Y à H:i",$datas['date']).")\n\n".id2url($journal).$datas['uri']."\n\n". wordwrap(strip_tags(stripslashes($datas['texte'])))."\n\n--\n Le robot du site ;o)\n"; mail('"'.$jtitre.'" <'.$GLOBALS['cfg']['robot_mail'].'>','[Nouvel ecrit] '.stripslashes($datas['titre']),$texte,$headers); } } return TRUE; } // Retourne la liste des mois contenant des écrits dans un journal // $journal = ID du journal function liste_mois($journal) { $requete = "SELECT mois FROM ecrits WHERE journal=\"{$journal}\" GROUP BY mois ORDER BY mois"; $res = mysql_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); while($r = mysql_fetch_row($res)) $liste[] = $r[0]; @mysql_free_result($res); return $liste; } // Retourne la liste des écrits d'un mois // Si $textes = TRUE alors récupère aussi le contenu des écrits function liste($journal,$mois,$textes=FALSE,$public=FALSE) { $requete = 'SELECT * FROM ecrits '. 'WHERE mois="'.$mois.'" AND journal="'.$journal.'"'.($public ? ' AND e.statut IN ("normal","haut","page")' : '').' ORDER BY date'; if($textes) $requete = 'SELECT e.*,t.*,h.texte AS texte_html FROM ecrits AS e, ecrits_textes AS t, ecrits_html AS h '. 'WHERE e.mois="'.$mois.'" AND e.journal="'.$journal.'"'.($public ? ' AND e.statut IN ("normal","haut","page")' : '').' AND e.id=t.id AND t.id=h.id ORDER BY e.date'; $res = mysql_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); if(mysql_num_rows($res) < 1) return "NOK"; while($rec = mysql_fetch_assoc($res)) { $l[] = $rec; } @mysql_free_result($res); return $l; } // Renvoie un écrit function lire($journal,$ecrit) { $requete = 'SELECT e.*,t.texte,h.texte AS texte_html FROM ecrits AS e, ecrits_textes AS t, ecrits_html AS h '. 'WHERE e.id="'.$ecrit.'" AND e.journal="'.$journal.'" AND e.id = t.id AND h.id = e.id'; $res = mysql_query($requete); if(!$res) return $this->_err("Problème technique.",$requete."\n".mysql_error()); if(mysql_num_rows($res) < 1) return $this->_err("Cet écrit n'existe pas ou n'appartient pas à ce journal."); $rec = mysql_fetch_assoc($res); mysql_free_result($res); return $rec; } // Modifier // $journal = INT id journal // $statut = ENUM("normal","prive","haut","page") function modifier($journal,$ecrit,$rec) { // On vérifie que les champs demandés sont remplis if(empty($journal)) return $this->_err("Journal non spécifié."); elseif(empty($rec['titre'])) return $this->_err("Aucun titre n'a été donné."); elseif(empty($rec['texte'])) return $this->_err("Aucun texte n'a été entré."); elseif(!in_array($rec['statut'],array("normal","prive","haut","page"))) return $this->_err("Ce statut n'existe pas"); $texte = $this->kill_word($rec['texte']); $titre = $rec['titre']; $date = $rec['date']; $syntaxe = $rec['syntaxe']; $statut = $rec['statut']; $valide = $rec['valide']; $mois = date("Ym",$date); if(!empty($date)) $req_date = ", mois=\"{$mois}\", date=\"{$date}\""; if($valide != "oui") $valide = "non"; if(!array_key_exists($syntaxe,$this->syntaxes)) $syntaxe = "wiki"; $requete = "UPDATE ecrits SET titre=\"{$titre}\", ip=\"{$ip}\", statut=\"{$statut}\", ". 'syntaxe="'.$syntaxe.'", valide="'.$valide.'"'.$req_date." WHERE id=\"{$ecrit}\" AND journal=\"$journal\""; $resultat = mysql_unbuffered_query($requete); if($resultat == FALSE) return $this->_err("Problème technique.",mysql_error()); $id = $ecrit; $texte = $this->secure_php($texte); $requete = 'UPDATE ecrits_textes SET texte="'.addslashes(stripslashes($texte)).'" WHERE id="'.$id.'"'; mysql_unbuffered_query($requete) or $this->errorClean($journal,$id,$texte,mysql_error()); $texte_html = $this->do_html($journal,$syntaxe,$texte); $requete = 'UPDATE ecrits_html SET texte="'.addslashes(stripslashes($texte_html)).'" WHERE id="'.$id.'"'; mysql_unbuffered_query($requete) or $this->errorClean($journal,$id,$texte,mysql_error()); $this->supprimer_cache($journal,$ecrit); return TRUE; } function supprimer($journal,$ecrit) { if(is_array($ecrit)) { foreach($ecrit as $id) { $this->supprimer_cache($journal,$id); #echo $id; exit; $req = 'DELETE FROM ecrits WHERE id="'.$id.'" AND journal="'.$journal.'"'; $res = mysql_unbuffered_query($req); if(!$res) return $this->_err("Problème technique.",mysql_error()); mysql_unbuffered_query('DELETE FROM ecrits_textes WHERE id="'.$id.'"'); mysql_unbuffered_query('DELETE FROM ecrits_html WHERE id="'.$id.'"'); } } else { $this->supprimer_cache($journal,$ecrit); $req = 'DELETE FROM ecrits WHERE id="'.$ecrit.'" AND journal="'.$journal.'"'; $res = mysql_unbuffered_query($req); if(!$res) return $this->_err("Problème technique.",mysql_error()); mysql_unbuffered_query('DELETE FROM ecrits_textes WHERE id="'.$ecrit.'"'); mysql_unbuffered_query('DELETE FROM ecrits_html WHERE id="'.$ecrit.'"'); } $this->supprimer_cache_rss($journal); return TRUE; } function supprimer_cache($journal,$ecrit) { $req = 'SELECT uri,date FROM ecrits WHERE id="'.$ecrit.'" AND journal="'.$journal.'"'; $res = mysql_query($req); list($uri,$date) = mysql_fetch_row($res); $month = $this->chemin.'cache/'.$journal.'/'.date('Y_m',$date); if(file_exists($month)) if(!@unlink($month)) return FALSE; $un = $this->chemin.'cache/'.$journal.'/'.str_replace("/","_",$uri); if(file_exists($un)) if(!@unlink($un)) return FALSE; return TRUE; } function supprimer_cache_rss($journal) { $cacheRSS = $this->chemin.'cache/'.$journal.'/backend'; if(file_exists($cacheRSS)) if(!@unlink($cacheRSS)) return FALSE; if(file_exists($this->chemin.'cache/'.$journal.'/accueil')) @unlink($this->chemin.'cache/'.$journal.'/accueil'); return TRUE; } function do_rescue($journal,$texte) { $fp = @fopen($this->chemin."documents/{$journal}/rescue.txt","w"); if(!$fp) return $this->_err("Impossible d'effectuer la sauvegarde de sécurité."); fputs($fp,stripslashes($texte)); fclose($fp); return TRUE; } function exist_rescue($journal) { if(file_exists($this->chemin."documents/{$journal}/rescue.txt")) return filemtime($this->chemin."documents/{$journal}/rescue.txt"); return FALSE; } function lire_rescue($journal) { $f = @file($this->chemin."documents/{$journal}/rescue.txt"); if(!$f) return $this->_err("Impossible d'effectuer la sauvegarde de sécurité."); $f = implode("",$f); return $f; } function suppr_rescue($journal) { if(!@unlink($this->chemin."documents/{$journal}/rescue.txt")) return $this->_err("Impossible de supprimer la sauvegarde."); return TRUE; } function getFromUri($journal,$uri) { $res = mysql_query('SELECT id FROM ecrits WHERE journal="'.$journal.'" AND uri="'.$uri.'"'); if(!$res) return FALSE; list($id) = mysql_fetch_row($res); $rec = $this->lire($journal,$id); return $rec; } function get_id($rec,$journal) { if(is_numeric($rec[3])) { $requete = "id='{$rec[3]}' AND mois='{$rec[0]}{$rec[1]}'"; } elseif(ereg("^([0-9]{2})h([0-9]{2})$",$rec[3],$out)) { $debut = mktime($out[1],$out[2],0,$rec[1],$rec[2],$rec[0]); $fin = $debut + 60; $requete = "date >= '{$debut}' AND date <= '{$fin}' AND mois='{$rec[0]}{$rec[1]}'"; } else { $debut = mktime(0,0,0,$rec[1],$rec[2],$rec[0]); $fin = $debut + ((3600 * 24) - 1); $requete = "mois='{$rec[0]}{$rec[1]}' AND name='{$rec[3]}' AND date >= '{$debut}' AND date <= '{$fin}'"; } $requete = "SELECT id FROM ecrits WHERE journal='{$journal}' AND ".$requete; $res = mysql_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); $rec = mysql_fetch_row($res); $id = $rec[0]; if(empty($id)) return FALSE; return $id; } // Récupère la liste des derniers écrits d'un journal // $limite = nombre d'écrits à afficher (max. 50) // Si $textes = TRUE récupère aussi le contenu des écrits function liste_derniers($journal,$limite="",$textes=FALSE) { if(empty($limite)) $limite = 10; $requete = 'SELECT * FROM ecrits WHERE journal="'.$journal.'" ORDER BY date DESC LIMIT 0,'.$limite; if($textes) $requete = 'SELECT * FROM ecrits AS e, ecrits_textes AS t WHERE e.journal="'.$journal.'" AND e.id=t.id ORDER BY e.date DESC LIMIT 0,'.$limite; $res = mysql_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); if(mysql_num_rows($res) < 1) return FALSE; while($rec = mysql_fetch_assoc($res)) { $l[] = $rec; } @mysql_free_result($res); return $l; } function get_url($journal,$ecrit,$date,$name="") { if(!empty($name)) $last = $name; else $last = $ecrit; $url = str_replace("[ID]",$journal,$GLOBALS['cfg']['url_tpl']).date("Y/m/d/",$date).$last; return $url; } function chercher_journal($journal,$chercher,$from,$to,$texte=FALSE) { if($texte) $requete = 'SELECT * FROM ecrits AS e, ecrits_textes AS t WHERE e.journal="'.$journal.'" '. 'AND e.mois >= "'.$from.'" AND e.mois <= "'.$to.'" '. 'AND ((e.titre LIKE "%'.$chercher.'%") OR (t.texte LIKE "%'.$chercher.'%")) '. 'AND e.id = t.id ORDER BY e.date DESC'; else $requete = 'SELECT * FROM ecrits AS e, ecrits_textes AS t WHERE e.journal="'.$journal.'" '. 'AND e.mois >= "'.$from.'" AND e.mois <= "'.$to.'" '. 'AND e.titre LIKE "%'.$chercher.'%" '. 'AND e.id = t.id ORDER BY e.date DESC'; $result = mysql_query($requete) or die(mysql_error()); $out = array(); while($rec = mysql_fetch_assoc($result)) { $id = $rec['id']; $out[$id] = $rec; } return $out; } function valider($journal,$ecrit) { mysql_unbuffered_query('UPDATE ecrits SET valide="oui" WHERE id="'.$ecrit.'" AND journal="'.$journal.'"'); $datas = $this->lire($journal,$ecrit); if($datas['statut'] == "normal" || $datats['statut'] == "haut") $this->envoi_suivimail($journal,$datas); $this->supprimer_cache_rss($journal); $this->supprimer_cache($journal,$ecrit); } function liste_suivants($journal,$date,$nb=5) { $res = mysql_query('SELECT * FROM ecrits WHERE journal="'.$journal.'" AND date > '.$date.' ORDER BY date ASC LIMIT 0,'.$nb); $out = array(); if(!$res) return $out; while($rec = mysql_fetch_assoc($res)) { $out[] = $rec; } mysql_free_result($res); return $out; } function liste_precedents($journal,$date,$nb=5) { $res = mysql_query('SELECT * FROM ecrits WHERE journal="'.$journal.'" AND date < '.$date.' ORDER BY date DESC LIMIT 0,'.$nb); $out = array(); if(!$res) return $out; while($rec = mysql_fetch_assoc($res)) { $out[] = $rec; } mysql_free_result($res); return $out; } } ?>