Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

mod/blog/actions/blog/save.php (2 issues)

1
<?php
2
/**
3
 * Save blog entity
4
 *
5
 * Can be called by clicking save button or preview button. If preview button,
6
 * we automatically save as draft. The preview button is only available for
7
 * non-published drafts.
8
 *
9
 * Drafts are saved with the access set to private.
10
 *
11
 * @package Blog
12
 */
13
14
// start a new sticky form session in case of failure
15
elgg_make_sticky_form('blog');
16
17
// save or preview
18
$save = (bool) get_input('save');
19
20
$user = elgg_get_logged_in_user_entity();
21
22
// edit or create a new entity
23
$guid = (int) get_input('guid');
24
25
if ($guid) {
26
	$entity = get_entity($guid);
27
	if ($entity instanceof ElggBlog && $entity->canEdit()) {
28
		$blog = $entity;
29
	} else {
30
		return elgg_error_response(elgg_echo('blog:error:post_not_found'));
31
	}
32
33
	// save some data for revisions once we save the new edit
34
	$revision_text = $blog->description;
35
	$new_post = (bool) $blog->new_post;
36
} else {
37
	$blog = new \ElggBlog();
38
	$new_post = true;
39
}
40
41
// set the previous status for the hooks to update the time_created and river entries
42
$old_status = $blog->status;
43
44
// set defaults and required values.
45
$values = [
46
	'title' => '',
47
	'description' => '',
48
	'status' => 'draft',
49
	'access_id' => ACCESS_DEFAULT,
50
	'comments_on' => 'On',
51
	'excerpt' => '',
52
	'tags' => '',
53
	'container_guid' => (int) get_input('container_guid'),
54
];
55
56
// fail if a required entity isn't set
57
$required = ['title', 'description'];
58
59
// load from POST and do sanity and access checking
60
foreach ($values as $name => $default) {
61
	if ($name === 'title') {
62
		$value = elgg_get_title_input();
63
	} else {
64
		$value = get_input($name, $default);
65
	}
66
67
	if (in_array($name, $required) && empty($value)) {
68
		return elgg_error_response(elgg_echo("blog:error:missing:{$name}"));
69
	}
70
71
	switch ($name) {
72
		case 'tags':
73
			$values[$name] = string_to_tag_array($value);
74
			break;
75
76
		case 'excerpt':
77
			if ($value) {
78
				$values[$name] = elgg_get_excerpt($value);
79
			}
80
			break;
81
82
		case 'container_guid':
83
			// this can't be empty or saving the base entity fails
84
			if (!empty($value)) {
85
				$container = get_entity($value);
86
				if ($container && $container->canWriteToContainer(0, 'object', 'blog')) {
87
					$values[$name] = $value;
88
				} else {
89
					return elgg_error_response(elgg_echo('blog:error:cannot_write_to_container'));
90
				}
91
			} else {
92
				unset($values[$name]);
93
			}
94
			break;
95
96
		default:
97
			$values[$name] = $value;
98
			break;
99
	}
100
}
101
102
// if preview, force status to be draft
103
if ($save == false) {
0 ignored issues
show
Coding Style Best Practice introduced by Cash Costello
It seems like you are loosely comparing two booleans. Considering using the strict comparison === instead.

When comparing two booleans, it is generally considered safer to use the strict comparison operator.

Loading history...
104
	$values['status'] = 'draft';
105
}
106
107
// if draft, set access to private and cache the future access
108
if ($values['status'] == 'draft') {
109
	$values['future_access'] = $values['access_id'];
110
	$values['access_id'] = ACCESS_PRIVATE;
111
}
112
113
// assign values to the entity
114
foreach ($values as $name => $value) {
115
	$blog->$name = $value;
116
}
117
118
if (!$blog->save()) {
119
	return elgg_error_response(elgg_echo('blog:error:cannot_save'));
120
}
121
122
// remove sticky form entries
123
elgg_clear_sticky_form('blog');
124
125
// remove autosave draft if exists
126
$blog->deleteAnnotations('blog_auto_save');
127
128
// no longer a brand new post.
129
$blog->deleteMetadata('new_post');
130
131
// if this was an edit, create a revision annotation
132
if (!$new_post && $revision_text) {
133
	$blog->annotate('blog_revision', $revision_text);
134
}
135
136
$status = $blog->status;
137
138
// add to river if changing status or published, regardless of new post
139
// because we remove it for drafts.
140
if (($new_post || $old_status == 'draft') && $status == 'published') {
141
	elgg_create_river_item([
142
		'view' => 'river/object/blog/create',
143
		'action_type' => 'create',
144
		'subject_guid' => $blog->owner_guid,
145
		'object_guid' => $blog->getGUID(),
146
	]);
147
148
	elgg_trigger_event('publish', 'object', $blog);
149
150
	// reset the creation time for posts that move from draft to published
151
	if ($guid) {
152
		$blog->time_created = time();
153
		$blog->save();
154
	}
155
} elseif ($old_status == 'published' && $status == 'draft') {
156
	elgg_delete_river([
157
		'object_guid' => $blog->guid,
158
		'action_type' => 'create',
159
		'limit' => false,
160
	]);
161
}
162
163
if ($blog->status == 'published' || $save == false) {
0 ignored issues
show
Coding Style Best Practice introduced by Cash Costello
It seems like you are loosely comparing two booleans. Considering using the strict comparison === instead.

When comparing two booleans, it is generally considered safer to use the strict comparison operator.

Loading history...
164
	$forward_url = $blog->getURL();
165
} else {
166
	$forward_url = elgg_generate_url('edit:object:blog', [
167
		'guid' => $blog->guid,
168
	]);
169
}
170
171
return elgg_ok_response('', elgg_echo('blog:message:saved'), $forward_url);
172