diff --git a/ecrire/action/dater.php b/ecrire/action/dater.php
index 7db5d4379b1b47ac337ee2dac0c4d311c74c8644..02f3156f3cb7609e49f10b33849c1e07b357f645 100644
--- a/ecrire/action/dater.php
+++ b/ecrire/action/dater.php
@@ -20,7 +20,7 @@ function action_dater_dist() {
$arg = _request('arg');
- if (!preg_match(",^\W*(\d+)$,", $arg, $r)) {
+ if (!preg_match(",^\W*(\d+)\W(\w*)$,", $arg, $r)) {
spip_log("action_dater_dist $arg pas compris");
}
else action_dater_post($r);
@@ -30,11 +30,13 @@ function action_dater_dist() {
function action_dater_post($r)
{
include_spip('inc/date');
- if (!isset($_REQUEST['avec_redac']))
+ if (!isset($_REQUEST['avec_redac'])) {
- spip_query("UPDATE spip_articles SET date='" . format_mysql_date(_request('annee'), _request('mois'), _request('jour'), _request('heure'), _request('minute')) ."' WHERE id_article=$r[1]");
-
- else {
+ $date = format_mysql_date(_request('annee'), _request('mois'), _request('jour'), _request('heure'), _request('minute'));
+ if ($r[2] == 'article')
+ spip_query("UPDATE spip_articles SET date=" . _q($date) . " WHERE id_article=$r[1]");
+ else action_dater_breve_syndic($r[1], $r[2]);
+ } else {
if (_request('avec_redac') == 'non')
$annee_redac = $mois_redac = $jour_redac = $heure_redac = $minute_redac = 0;
else {
@@ -54,4 +56,20 @@ function action_dater_post($r)
include_spip('inc/rubriques');
calculer_rubriques();
}
+
+function action_dater_breve_syndic($id, $type)
+{
+ if (_request('jour')) {
+ $annee = _request('annee');
+ $mois = _request('mois');
+ $jour = _request('jour');
+ if ($annee == "0000") $mois = "00";
+ if ($mois == "00") $jour = "00";
+ if ($type == 'breve')
+ spip_query("UPDATE spip_breves SET date_heure=" . _q("$annee-$mois-$jour") . " WHERE id_breve=$id");
+ else spip_query("UPDATE spip_syndic SET date=" . _q("$annee-$mois-$jour") . " WHERE id_syndic=$id");
+ include_spip('inc/rubriques');
+ calculer_rubriques();
+ }
+}
?>
diff --git a/ecrire/exec/articles.php b/ecrire/exec/articles.php
index 1c7e920cf171061d0b4e80366de5966843e0dd22..d41f63edb2bd43f344be7c74c4b4399c3359632e 100644
--- a/ecrire/exec/articles.php
+++ b/ecrire/exec/articles.php
@@ -132,7 +132,7 @@ function articles_affiche($id_article, $row, $cherche_auteur, $ids, $cherche_mot
. "\n<div> </div>"
. "\n<div class='serif' align='$spip_lang_left'>"
- . $dater($id_article, $flag_editable, $statut_article, $date, $date_redac)
+ . $dater($id_article, $flag_editable, $statut_article, 'article', 'articles', $date, $date_redac)
. $editer_auteurs($id_article, $flag_editable, $cherche_auteur, $ids)
diff --git a/ecrire/exec/breves_voir.php b/ecrire/exec/breves_voir.php
index 73e74184ed107fae1a3bcdd8a3e9fdebffc4c478..bbc711e36b8d56d7be16fa4d95e6a1d0e8519707 100644
--- a/ecrire/exec/breves_voir.php
+++ b/ecrire/exec/breves_voir.php
@@ -14,17 +14,15 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
include_spip('inc/presentation');
include_spip('inc/actions');
-include_spip('inc/date');
include_spip('base/abstract_sql');
include_spip("inc/indexation");
// http://doc.spip.org/@afficher_breves_voir
-function afficher_breves_voir($id_breve, $changer_lang, $cherche_mot, $select_groupe)
+function afficher_breves_voir($id_breve, $cherche_mot, $select_groupe)
{
global $champs_extra, $options, $connect_statut, $les_notes,$spip_display;
$result = spip_query("SELECT * FROM spip_breves WHERE id_breve='$id_breve'");
-
if ($row = spip_fetch_array($result)) {
$id_breve=$row['id_breve'];
$date_heure=$row['date_heure'];
@@ -36,7 +34,8 @@ function afficher_breves_voir($id_breve, $changer_lang, $cherche_mot, $select_gr
$lien_url=$row['lien_url'];
$statut=$row['statut'];
$id_rubrique=$row['id_rubrique'];
- }
+ } else
+ die ('breve inexistante');
$flag_editable = (($connect_statut == '0minirezo' AND acces_rubrique($id_rubrique)) OR $statut == 'prop');
@@ -138,18 +137,10 @@ function afficher_breves_voir($id_breve, $changer_lang, $cherche_mot, $select_gr
if ($flag_editable AND ($options == 'avancees' OR $statut == 'publie')) {
if ($statut == 'publie') {
- echo "<p>";
-
- if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})", $date_heure, $regs)) {
- $mois = $regs[2];
- $jour = $regs[3];
- $annee = $regs[1];
- }
- echo "</p>";
debut_cadre_enfonce();
- echo afficher_formulaire_date("breves_voir", "id_breve=$id_breve&options=$options",
- _T('texte_date_publication_article'), $jour, $mois, $annee);
+ $dater = charger_fonction('dater', 'inc');
+ echo $dater($id_breve, $flag_editable, $statut, 'breve', 'breves_voir', $date_heure);
fin_cadre_enfonce();
}
else {
@@ -249,25 +240,8 @@ function afficher_breves_voir($id_breve, $changer_lang, $cherche_mot, $select_gr
// http://doc.spip.org/@exec_breves_voir_dist
function exec_breves_voir_dist()
{
- global $connect_statut;
-
- $id_breve = intval(_request('id_breve'));
+ afficher_breves_voir(intval(_request('id_breve')), _request('cherche_mot'), _request('select_groupe'));
+}
- if ($row = spip_fetch_array(spip_query("SELECT id_rubrique FROM spip_breves WHERE id_breve=$id_breve")))
- $id_rubrique = $row['id_rubrique'];
- else
- die ('breve inexistante');
- // TODO: passer ce qui reste de l'update dans action/editer_breve.php
- if (_request('jour') AND $connect_statut == '0minirezo') {
- $annee = _request('annee');
- $mois = _request('mois');
- $jour = _request('jour');
- if ($annee == "0000") $mois = "00";
- if ($mois == "00") $jour = "00";
- spip_query("UPDATE spip_breves SET date_heure='$annee-$mois-$jour' WHERE id_breve=$id_breve");
- }
-
- afficher_breves_voir($id_breve, _request('changer_lang'), _request('cherche_mot'), _request('select_groupe'));
-}
?>
diff --git a/ecrire/exec/dater.php b/ecrire/exec/dater.php
index 2bef05b76110cf4858d6f495a0a0b5be57b50d27..ead932d94a618cb48f8a7891de43dbcceee27c66 100644
--- a/ecrire/exec/dater.php
+++ b/ecrire/exec/dater.php
@@ -15,22 +15,28 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
// http://doc.spip.org/@exec_dater_dist
function exec_dater_dist()
{
- global $id_article;
- $id_article = intval($id_article);
+ $type = _request('type');
+ if (!preg_match('/^\w+$/',$type)) // securite
+ die('XSS');
- if (!acces_article($id_article)) {
- spip_log("Tentative d'intrusion de " . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec']);
+ $id = intval(_request('id'));
+
+ if (($GLOBALS['auteur_session']['statut'] != '0minirezo')
+ OR ($type == 'article' AND !acces_article($id))) {
+ spip_log("Tentative d'intrusion du " . $GLOBALS['auteur_session']['statut'] . ' ' . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec'] . " sur $type $id.");
include_spip('inc/minipres');
minipres(_T('info_acces_interdit'));
}
- $row = spip_fetch_array(spip_query("SELECT * FROM spip_articles WHERE id_article=$id_article"));
+ $table = ($type=='syndic') ? 'syndic' : ($type . 's');
+ $row = spip_fetch_array(spip_query("SELECT * FROM spip_$type WHERE id_$type=$id"));
- $statut_article = $row['statut'];
- $date = $row["date"];
+ $statut = $row['statut'];
+ $date = $row[($type!='breve')?"date":"date_heure"];
$date_redac = $row["date_redac"];
+ $script = ($type=='article')? 'articles' : ($type == 'breve' ? 'breves_voir' : 'sites');
$dater = charger_fonction('dater', 'inc');
- ajax_retour($dater($id_article, 'ajax', $statut_article, $date, $date_redac));
+ ajax_retour($dater($id, 'ajax', $statut, $type, $script, $date, $date_redac));
}
?>
diff --git a/ecrire/exec/sites.php b/ecrire/exec/sites.php
index c7c48400812b65b4b30f41e6bef0db1c35aaa588..778af87f7d6a54990e44fc5390ccf3eeb66ce232 100644
--- a/ecrire/exec/sites.php
+++ b/ecrire/exec/sites.php
@@ -149,8 +149,8 @@ debut_gauche();
debut_boite_info();
echo "<center>";
- echo "<font face='Verdana,Arial,Sans,sans-serif' size=1><b>"._T('titre_site_numero')."</b></font>";
- echo "<br><font face='Verdana,Arial,Sans,sans-serif' size=6><b>$id_syndic</b></font>\n";
+ echo "<font face='Verdana,Arial,Sans,sans-serif' size='1'><b>"._T('titre_site_numero')."</b></font>";
+ echo "<br /><font face='Verdana,Arial,Sans,sans-serif' size='6'><b>$id_syndic</b></font>\n";
echo "</center>";
@@ -160,7 +160,7 @@ debut_boite_info();
fin_boite_info();
-echo "<p><center>";
+echo "<br /><center>";
icone (_T('icone_voir_sites_references'), generer_url_ecrire("sites_tous",""), "site-24.gif","rien.gif");
echo "</center>";
@@ -192,8 +192,8 @@ else if ($statut == 'refuse') {
$logo_statut = "puce-rouge.gif";
}
-echo "\n<table cellpadding=0 cellspacing=0 border=0 width='100%'>";
-echo "<tr width='100%'><td width='100%' valign='top'>";
+echo "\n<table cellpadding='0' cellspacing='0' border='0' width='100%'>";
+echo "<tr><td width='100%' valign='top'>";
gros_titre($nom_site, $logo_statut);
$url_affichee = $url_site;
@@ -203,7 +203,7 @@ echo "<a href='$url_site'><b>$url_affichee</b></a>";
if (strlen($descriptif) > 1) {
echo "<p><div align='left' style='padding: 5px; border: 1px dashed #aaaaaa; background-color: #e4e4e4;'>";
- echo "<font size=2 face='Verdana,Arial,Sans,sans-serif'>";
+ echo "<font size='2' face='Verdana,Arial,Sans,sans-serif'>";
echo "<b>"._T('info_descriptif')."</b> ";
echo propre($descriptif);
echo " ";
@@ -218,28 +218,20 @@ if ($flag_editable) {
icone(_T('icone_modifier_site'), generer_url_ecrire('sites_edit',"id_syndic=$id_syndic"), "site-24.gif", "edit.gif");
echo "</td>";
}
-echo "</tr></table>\n";
+echo "</tr></table><br />\n";
if ($flag_editable AND ($options == 'avancees' OR $statut == 'publie')) {
if ($statut == 'publie') {
- echo "<p>";
-
- if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})", $date_heure, $regs)) {
- $mois = $regs[2];
- $jour = $regs[3];
- $annee = $regs[1];
- }
-
debut_cadre_enfonce();
- echo afficher_formulaire_date("sites", "id_syndic=$id_syndic", _T('info_date_referencement'), $jour, $mois, $annee);
+ $dater = charger_fonction('dater', 'inc');
+ echo $dater($id_syndic, $flag_editable, $statut, 'syndic', 'sites', $date_heure);
fin_cadre_enfonce();
}
else {
- echo "<BR><FONT FACE='Verdana,Arial,Sans,sans-serif' SIZE=3>"._T('info_site_propose')." <B>".affdate($date_heure)." </B></FONT><P>";
+ echo "<br />\n<font face='Verdana,Arial,Sans,sans-serif' SIZE='3'>"._T('info_site_propose')." <b>".affdate($date_heure)." </b></font>";
}
}
- echo "\n";
$editer_mot = charger_fonction('editer_mot', 'inc');
echo $editer_mot('syndic', $id_syndic, $cherche_mot, $select_groupe, $flag_editable);
diff --git a/ecrire/inc/date.php b/ecrire/inc/date.php
index 3cf43b61402e5a687740ed5c8aa7bae45db18803..323ae7b2cd38be97920e70d9998d47ccc81163c3 100644
--- a/ecrire/inc/date.php
+++ b/ecrire/inc/date.php
@@ -108,27 +108,4 @@ function afficher_jour_mois_annee_h_m($date, $heures, $minutes, $suffixe='')
"<input type='text' class='fondl verdana1' name='minutes$suffixe' value=\"$minutes\" size='3'/>";
}
-// http://doc.spip.org/@afficher_formulaire_date
-function afficher_formulaire_date($script, $args, $texte, $jour, $mois, $annee)
-{
- global $couleur_foncee;
- return generer_url_post_ecrire($script, $args)
- . "<table cellpadding='5' cellspacing='0' border='0' width='100%' background='"
- . _DIR_IMG_PACK
- . "rien.gif'>"
- . "<tr><td bgcolor='$couleur_foncee' colspan='2'><font size='2' color='#ffffff'><b>"
- ._T('texte_date_publication_article')
- . "</b></font></tr>"
- . "<tr><td align='center'>"
- . afficher_jour($jour, "name='jour' size='1' class='fondl'", true)
- . afficher_mois($mois, "name='mois' size='1' class='fondl'", true)
- . afficher_annee($annee, "name='annee' size='1' class='fondl'",1996)
- . "</td><td align='right'>"
- . "<input type='submit' name='Changer' class='fondo' value='"
- . _T('bouton_changer')
- . "'>"
- . "</td></tr></table>"
- . "</form>";
-}
-
?>
diff --git a/ecrire/inc/dater.php b/ecrire/inc/dater.php
index f6987239c3077986cd2f4f76e10dd684e544f6a7..e858bd9eed57caea9260d6eea9118b4b05b1b327 100644
--- a/ecrire/inc/dater.php
+++ b/ecrire/inc/dater.php
@@ -18,32 +18,34 @@ include_spip('inc/actions');
include_spip('inc/date');
// http://doc.spip.org/@inc_dater_dist
-function inc_dater_dist($id_article, $flag, $statut_article, $date, $date_redac)
+function inc_dater_dist($id, $flag, $statut, $type, $script, $date, $date_redac='')
{
global $spip_lang_left, $spip_lang_right, $options;
- if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2})", $date_redac, $regs)) {
+ if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})( ([0-9]{2}):([0-9]{2}))?", $date_redac, $regs)) {
$annee_redac = $regs[1];
$mois_redac = $regs[2];
$jour_redac = $regs[3];
- $heure_redac = $regs[4];
- $minute_redac = $regs[5];
+ $heure_redac = $regs[5];
+ $minute_redac = $regs[6];
if ($annee_redac > 4000) $annee_redac -= 9000;
}
- if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2})", $date, $regs)) {
+ if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})( ([0-9]{2}):([0-9]{2}))?", $date, $regs)) {
$annee = $regs[1];
$mois = $regs[2];
$jour = $regs[3];
- $heure = $regs[4];
- $minute = $regs[5];
+ $heure = $regs[5];
+ $minute = $regs[6];
}
if ($flag AND $options == 'avancees') {
- if ($statut_article == 'publie') {
+ if ($statut == 'publie') {
+
+ $js = "size='1' class='fondl'
+onchange=\"findObj_forcer('valider_date').style.visibility='visible';\"";
- $js = "onchange=\"findObj_forcer('valider_date').style.visibility='visible';\"";
$invite = "<b><span class='verdana1'>"
. _T('texte_date_publication_article')
. '</span> '
@@ -52,12 +54,14 @@ function inc_dater_dist($id_article, $flag, $statut_article, $date, $date_redac)
. aide('artdate');
$masque = "<div style='margin: 5px; margin-$spip_lang_left: 20px;'>"
- . afficher_jour($jour, "name='jour' size='1' class='fondl' $js", true)
- . afficher_mois($mois, "name='mois' size='1' class='fondl' $js", true)
- . afficher_annee($annee, "name='annee' size='1' class='fondl' $js")
- . ' - '
- . afficher_heure($heure, "name='heure' size='1' class='fondl' $js")
- . afficher_minute($minute, "name='minute' size='1' class='fondl' $js")
+ . afficher_jour($jour, "name='jour' $js", true)
+ . afficher_mois($mois, "name='mois' $js", true)
+ . afficher_annee($annee, "name='annee' $js")
+ . (($type != 'article')
+ ? ''
+ : (' - '
+ . afficher_heure($heure, "name='heure' $js")
+ . afficher_minute($minute, "name='minute' $js")))
. "<span class='visible_au_chargement' id='valider_date'>"
. " \n<input type='submit' class='fondo' value='"
. _T('bouton_changer')."' />"
@@ -66,10 +70,11 @@ function inc_dater_dist($id_article, $flag, $statut_article, $date, $date_redac)
$bloc = block_parfois_visible('datepub', $invite, $masque, 'text-align: left');
$res = ajax_action_auteur("dater",
- $id_article,
- 'articles',
- "id_article=$id_article",
- $bloc);
+ "$id/$type",
+ $script,
+ "id_$type=$id",
+ $bloc,
+ "&id=$id&type=$type");
} else {
$res = "\n<div><b> <span class='verdana1'>"
@@ -78,9 +83,10 @@ function inc_dater_dist($id_article, $flag, $statut_article, $date, $date_redac)
. majuscules(affdate($date))."</b>".aide('artdate')."</div>";
}
- $possedeDateRedac= ($annee_redac.'-'.$mois_redac.'-'.$jour_redac != '0000-00-00');
- if (($options == 'avancees' AND $GLOBALS['meta']["articles_redac"] != 'non')
- OR $possedeDateRedac) {
+ $possedeDateRedac= ($annee_redac OR $mois_redac OR ($jour_redac != '0000-00-00'));
+ if (($type == 'article')
+ AND (($options == 'avancees' AND $GLOBALS['meta']["articles_redac"] != 'non')
+ OR $possedeDateRedac)) {
if ($possedeDateRedac)
$date_affichee = majuscules(affdate($date_redac))
# ." " ._T('date_fmt_heures_minutes', array('h' =>$heure_redac, 'm'=>$minute_redac))
@@ -132,15 +138,16 @@ function inc_dater_dist($id_article, $flag, $statut_article, $date, $date_redac)
$bloc = block_parfois_visible('dateredac', $invite, $masque, 'text-align: left');
$res .= ajax_action_auteur("dater",
- $id_article,
- 'articles',
- "id_article=$id_article",
- $bloc);
+ "$id/$type",
+ $script,
+ "id_$type=$id",
+ $bloc,
+ "&id=$id&type=$type");
}
} else {
$res = "<div style='text-align:center;'><b> <span class='verdana1'>"
- . (($statut_article == 'publie')
+ . (($statut == 'publie')
? _T('texte_date_publication_article')
: _T('texte_date_creation_article'))
. "</span> "
@@ -160,7 +167,7 @@ function inc_dater_dist($id_article, $flag, $statut_article, $date, $date_redac)
$res = debut_cadre_couleur('',true) . $res . fin_cadre_couleur(true);
- return ajax_action_greffe("dater-$id_article", $res);
+ return ajax_action_greffe("dater-$id", $res);
}
?>
diff --git a/ecrire/inc/texte.php b/ecrire/inc/texte.php
index 6f9772cb8555d43a4b78d0856beacccbd242d444..911731d275af77245b9c9d2216edc6336b3ff049 100644
--- a/ecrire/inc/texte.php
+++ b/ecrire/inc/texte.php
@@ -786,7 +786,7 @@ function calculer_url_site($id, $texte='')
{
# attention dans le cas des sites le lien pointe non pas sur
# la page locale du site, mais directement sur le site lui-meme
- $row = @spip_fetch_array(spip_query("SELECT nom_site,url_site,lang FROM spip_syndic WHERE id_syndic=$id"));
+ $row = @spip_fetch_array(spip_query("SELECT nom_site,url_site FROM spip_syndic WHERE id_syndic=$id"));
if ($row) {
$lien = $row['url_site'];
if ($texte=='')
diff --git a/ecrire/inc/vieilles_defs.php b/ecrire/inc/vieilles_defs.php
index 5cff4c0637e087ff5fc05f71883afc08a04193e5..f6817b725df7f623fa3518db78258614f4fbaa17 100644
--- a/ecrire/inc/vieilles_defs.php
+++ b/ecrire/inc/vieilles_defs.php
@@ -161,4 +161,28 @@ function extraire_lien ($regs) {
$ref = "<a href=\"$lien\" class=\"$class\">$texte</a>";
return array($ref, $lien, $texte);
}
+
+// Prendre la fonction inc_dater_dist, qui fait du Ajax.
+// http://doc.spip.org/@afficher_formulaire_date
+function afficher_formulaire_date($script, $args, $texte, $jour, $mois, $annee)
+{
+ global $couleur_foncee;
+ return generer_url_post_ecrire($script, $args)
+ . "<table cellpadding='5' cellspacing='0' border='0' width='100%' background='"
+ . _DIR_IMG_PACK
+ . "rien.gif'>"
+ . "<tr><td bgcolor='$couleur_foncee' colspan='2'><font size='2' color='#ffffff'><b>"
+ ._T('texte_date_publication_article')
+ . "</b></font></tr>"
+ . "<tr><td align='center'>"
+ . afficher_jour($jour, "name='jour' size='1' class='fondl'", true)
+ . afficher_mois($mois, "name='mois' size='1' class='fondl'", true)
+ . afficher_annee($annee, "name='annee' size='1' class='fondl'",1996)
+ . "</td><td align='right'>"
+ . "<input type='submit' name='Changer' class='fondo' value='"
+ . _T('bouton_changer')
+ . "'>"
+ . "</td></tr></table>"
+ . "</form>";
+}
?>
\ No newline at end of file