}
?>
-
<!-- the following form is based on moodle/mod/forum/post.html -->
<form name="entry" method="post" action="<?php echo $CFG->wwwroot;?>/blog/edit.php" id="entry" <?php echo $onsubmit; ?> enctype="multipart/form-data">
<td>
<b><?php print_string('otags','blog'); ?></b>
</td>
-
-
<td>
<b><?php print_string('ptags','blog'); ?></b>
</td>
</td>
<td align="left" colspan="2">
<?php
- if (isset($post->useextendedbody) && $post->useextendedbody) {
- print_string('entrybodydesc', 'blog');
- } else {
- print_string('entrybodyonlydesc', 'blog');
- }
+ print_string('entrybodyonlydesc', 'blog');
print '<br />'."\n";
// usage: print_textarea($usehtmleditor, $rows, $cols, $width, $height, $name, $value="", $courseid)
print_textarea($usehtmleditor, 6, 60, 600, 500, 'body', $post->body, $post->courseid); ?>
</td>
</tr>
-<?php
- if (isset($post->useextendedbody) && $post->useextendedbody) {
- print '<tr valign=top>'."\n";
- print '<td align=right><strong>'."\n";
- print_string('entryextendedbody', 'blog');
- print ':</strong></td>'. "\n";
- print '<td align=left colspan=2>'."\n";
- print_string('entryextendedbodydesc', 'blog');
- print '<br />'."\n";
- print_textarea($usehtmleditor, 25, 60, 600, 500, 'extendedbody', $post->extendedbody, $post->courseid);
- print '</td></tr>';
- } else {
- print '<input type="hidden" name="extendedbody" value="" />';
- }
-
-?>
<tr valign="top">
<td align="right"><strong><?php print_string('formattexttype'); ?>:</strong></td>
<td colspan="2">
<tr>
<td align="center" colspan="3">
<input type="hidden" name="editform" value="1" id="editform" />
- <input type="hidden" name="courseid" value="<?php p($post->courseid) ?>" id="courseid" />
- <input type="hidden" name="userid" value="<?php p($post->userid) ?>" id="userid" />
<input type="hidden" name="userid" value="<?php echo $userid; ?>" id="userid" />
<input type="hidden" name="tem" id="tem" />
<?php
//first verify that user is not a guest
if (isguest()) {
- error(get_string('noguestpost', 'forum'), $referrer);
+ error(get_string('noguestpost', 'blog'), $referrer);
}
$userid = optional_param('userid', 0, PARAM_INT);
$editid = optional_param('editid', 0, PARAM_INT);
-global $USER, $CFG;
-
//check to see if there is a requested blog to edit
if (!empty($userid) && $userid != 0) {
if (blog_isLoggedIn() && $userid == $USER->id ) {
//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////
-if (isset($act) && $act == 'del')
+if (isset($act) && $act == 'del' && confirm_sesskey())
{
- require_variable($postid);
- do_delete($PAGE->bloginfo, $postid);
+ if (optional_param($confirm,0,PARAM_INT)) {
+ require_variable($postid);
+ do_delete($PAGE->bloginfo, $postid);
+ } else {
+ /// prints blog entry and what confirmation form
+
+
+ }
}
if ($usehtmleditor = can_use_richtext_editor()) {
$defaultformat = FORMAT_HTML;
if (isset($USER->id)) {
if (($template['userid'] == $USER->id) or isteacher($course->id)) {
- echo '<a href="'.$CFG->wwwroot.'/blog/edit.php?editid='.$entryid.'">'.$stredit.'</a>';
+ echo '<a href="'.$CFG->wwwroot.'/blog/edit.php?editid='.$entryid.'&lsesskey='.sesskey().'">'.$stredit.'</a>';
}
if (($template['userid'] == $USER->id) or isteacher($course->id)) {
- echo '| <a href="'.$CFG->wwwroot.'/blog/edit.php?act=del&postid='.$entryid.'">'.$strdelete.'</a>';
+ echo '| <a href="'.$CFG->wwwroot.'/blog/edit.php?act=del&postid='.$entryid.'&lsesskey='.sesskey().'">'.$strdelete.'</a>';
}
}
<td><input type="text" size="32" maxlength="128" name="pagesize" value="<?php echo get_user_preferences('blogpagesize',8);?>" />
</td>
</tr>
-<?php if (!empty($CFG->allowblogthemes)) { ?>
-<tr valign="top">
- <td align="right"> <?php print_string("forcetheme") ?>: </td>
- <td>
- <?php
- $themes[''] = get_string("forceno");
- $themes += get_list_of_themes();
- choose_from_menu($themes, 'theme', $bloginfo->get_blog_theme(), "", "", "");
- ?>
- </td>
-</tr>
-<?php } ?>
<tr>
<td colspan="2" align="center">
<input type="submit" value="<?php print_string("savechanges") ?>" /></td>
projects / moodle.git / commitdiff