<?php //$Id$

require_once('../config.php');
include_once('lib.php');
include_once('class.BlogInfo.php');
require_login();
// detemine where the user is coming from in case we need to send them back there
if (isset($_SERVER['HTTP_REFERER'])) {
    $referrer = $_SERVER['HTTP_REFERER'];
} else {
    $referrer = $CFG->wwwroot;
}

//first verify that user is not a guest
if (isguest()) {
    error(get_string('noguestpost', 'blog'), $referrer);
}

$userid = optional_param('userid', 0, PARAM_INT);
$editid = optional_param('editid', 0, PARAM_INT);

//check to see if there is a requested blog to edit
if (!empty($userid) && $userid != 0) {
    if (blog_isLoggedIn() && $userid == $USER->id ) {
        ; // Daryl Hawes note: is this a placeholder for missing functionality?
    }
} else if ( blog_isLoggedIn() ) {
    //the user is logged in and have not specified a blog - so they will be editing their own
    $tempBlogInfo = blog_user_bloginfo();
    $userid = $tempBlogInfo->userid;
    unset($tempBlogInfo); //free memory from temp object - bloginfo will be created again in the included header
} else {
    error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
}

$pageNavigation = 'edit';

include($CFG->dirroot .'/blog/header.php');

//print_object($PAGE->bloginfo); //debug

//check if user is in blog's acl
if ( !blog_user_has_rights($PAGE->bloginfo) ) {
    if ($editid != '') {
        $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);
        if (! (isteacher($blogEntry->$entryCourseId)) ) {
//            error( get_string('notallowedtoedit'.' You do not teach in this course.', 'blog'), $CFG->wwwroot .'/login/index.php');
            error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
        }
    } else {
        error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
    }
}

//////////// SECURITY AND SETUP COMPLETE - NOW PAGE LOGIC ///////////////////

if (isset($act) && $act == 'del' && confirm_sesskey())
{
    $postid = required_param('postid', PARAM_INT);
    if (optional_param('confirm',0,PARAM_INT)) {
        do_delete($PAGE->bloginfo, $postid);
    } else {
    /// prints blog entry and what confirmation form
        echo '<div align="center"><form method="GET" action="edit.php">';
        echo '<input type="hidden" name="act" value="del" />';
        echo '<input type="hidden" name="confirm" value="1" />';
        echo '<input type="hidden" name="postid" value="'.$postid.'" />';
        echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
        print_string('blogdeleteconfirm', 'blog');
        
        $post = get_record('post', 'id', $postid);
        $entry = new BlogEntry($post);
        blog_print_entry($entry);
        echo '<br />';
        echo '<input type="submit" value="'.get_string('delete').'" /> ';
        echo ' <input type="button" value="'.get_string('cancel').'" onclick="javascript:history.go(-1)" />';
        echo '</form></div>';
        print_footer($course);
        die;
    }
}
if ($usehtmleditor = can_use_richtext_editor()) {
    $defaultformat = FORMAT_HTML;
    $onsubmit = '';
} else {
    $defaultformat = FORMAT_MOODLE;
    $onsubmit = '';
}

if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
    if (!empty($post->editform)) { //make sure we're processing the edit form here
        //print_object($post); //debug

        ///these varaibles needs to be changed because of the javascript hack
        ///post->courseid
        ///post->groupid
        $post->courseid = $post->realcourse;   //might not need either, if javascript re-written
        $post->groupid = $post->realgroup;   //might not need
        $courseid = $post->realcourse;
        //end of yu's code
        
        if (!$post->etitle or !$post->body) {
            $post->error = get_string('emptymessage', 'forum');
        }
        if ($post->act == 'save') {
            do_save($post, $PAGE->bloginfo);
        } else if ($post->act == 'update') {
            do_update($post, $PAGE->bloginfo);
        } else if ($post->act == 'del') {
            require_variable($postid);
            do_delete($PAGE->bloginfo, $postid);
        }
    }
} else {

    //no post data yet, so load up the post array with default information
    $post->etitle = '';
    $post->userid = $USER->id;
    $post->body = '';
    $post->format = $defaultformat;
    $post->categoryid = array(1);
    $post->publishstate = 'draft';
    $post->courseid  = $courseid;

}

if ($editid != '') {  // User is editing a post
    // ensure that editing is allowed first - admin users can edit any posts
    if (!isadmin() && $CFG->blog_enable_moderation && $blogEntry->entryPublishState != 'draft') {
        error('You are not allowed to modify a published entry. A teacher must first change this post back to draft status.'); //Daryl Hawes note: localize this line
    }
    $blogEntry = $PAGE->bloginfo->get_blog_entry_by_id($editid);

    //using an unformatted entry body here so that extra formatting information is not stored in the db
    $post->body = $blogEntry->get_unformatted_entry_body();
    $post->etitle = $blogEntry->entryTitle;    
    $post->postid = $editid;
    $post->userid = $PAGE->bloginfo->userid;
    $post->categoryid = $blogEntry->entryCategoryIds;
    $post->format = $blogEntry->entryFormat;
    $post->publishstate = $blogEntry->entryPublishState;
}

if (isset($post->postid) && ($post->postid != -1) ) {

    $formHeading = get_string('updateentrywithid', 'blog');

} else {
    $formHeading = get_string('addnewentry', 'blog');
}

if (isset($post->error)) {
    notify($post->error);
}

print_simple_box_start("center");
require('edit.html');
print_simple_box_end();

    // Janne comment: Let's move this in here
    // so IE gets more time to load the
    // Page.
    if ($usehtmleditor) {
        // Janne comment: there are two text fields in form
        // so lets try to replace them both with
        // HTMLArea editors
        use_html_editor();
    }

include($CFG->dirroot .'/blog/footer.php');


/*****************************   edit.php functions  ***************************/
/*
* do_delete
* takes $bloginfo_arg argument as reference to a blogInfo object.
* also takes the postid - the id of the entry to be removed
*/
function do_delete(&$bloginfo_arg, $postid) {
    global $CFG;
    // make sure this user is authorized to delete this entry.
    // cannot use $post->pid because it may not have been initialized yet. Also the pid may be in get format rather than post.
    if ($bloginfo_arg->delete_blog_entry_by_id($postid)) {
        //echo "bloginfo_arg:"; //debug
        print_object($bloginfo_arg); //debug
        //echo "pid to delete:".$postid; //debug
        delete_records('blog_tag_instance', 'entryid', $postid);
        print '<strong>'. get_string('entrydeleted', 'blog') .'</strong><p>';

        //record a log message of this entry deletion
        if ($site = get_site()) {
            add_to_log($site->id, 'blog', 'delete', 'index.php?userid='. $bloginfo_arg->userid, 'deleted blog entry with entry id# '. $postid);
        }
    } else {
        error(get_string('entryerrornotyours', 'blog'));
    }

    //comment out this redirect to debug the deletion of entries
    redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
}

/**
*  do_save
*
* @param object $post argument is a reference to the post object which is used to store information for the form
* @param object $bloginfo_arg argument is reference to a blogInfo object.
*/
function do_save(&$post, &$bloginfo_arg) {
    global $USER, $CFG;
//    echo 'Debug: Post object in do_save function of edit.php<br />'; //debug
//    print_object($post); //debug

    if ($post->body == '') {
        $post->error =  get_string('nomessagebodyerror', 'blog');
    } else {

        // Insert the new blog entry.
        $entryID = $bloginfo_arg->insert_blog_entry($post->etitle, $post->body, $USER->id, $post->format, $post->publishstate, $courseid, $groupid);

//        print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
//        echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
        $otags = optional_param('otags','', PARAM_INT);
        $ptags = optional_param('ptags','', PARAM_INT);

        /// Add tags information
        foreach ($otags as $otag) {
            $tag->entryid = $entryID;
            $tag->tagid = $otag;
            $tag->groupid = $groupid;
            $tag->courseid = $courseid;
            $tag->userid = $USER->id;

            insert_record('blog_tag_instance',$tag);
        }
        
        foreach ($ptags as $ptag) {
            $tag->entryid = $entryID;
            $tag->tagid = $ptag;
            $tag->groupid = $groupid;
            $tag->courseid = $courseid;
            $tag->userid = $USER->id;

            insert_record('blog_tag_instance',$tag);
        }

        print '<strong>'. get_string('entrysaved', 'blog') .'</strong><br />';
        //record a log message of this entry addition
        if ($site = get_site()) {
            add_to_log($site->id, 'blog', 'add', 'archive.php?userid='. $bloginfo_arg->userid .'&postid='. $entryID, 'created new blog entry with entry id# '. $entryID);
        }
        //to debug this save function comment out the following redirect code
        if ($courseid == SITEID || $courseid == 0 || $courseid == '') {
            redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo_arg->userid);
        } else {
            redirect($CFG->wwwroot .'/course/view.php?id='. $courseid);
        }
    }
}

/**
 * @param . $post argument is a reference to the post object which is used to store information for the form
 * @param . $bloginfo_arg argument is reference to a blogInfo object.
 * @todo complete documenting this function. enable trackback and pingback between entries on the same server
 */
function do_update(&$post, &$bloginfo) {

    global $CFG, $USER;
    
    $blogentry = $bloginfo->get_blog_entry_by_id($post->postid);
    echo "id id ".$post->postid;
//  print_object($blogentry);  //debug

    $blogentry->set_body($post->body);
    $blogentry->set_format($post->format);
    $blogentry->set_publishstate($post->publishstate); //we don't care about the return value here

    if ( !$error = $blogentry->save() ) {
//        echo 'Debug: do_update in edit.php calling do_pings<br />'."\n"; //debug
        delete_records('blog_tag_instance', 'entryid', $blogentry->entryId);

        $otags = optional_param('otags','', PARAM_INT);
        $ptags = optional_param('ptags','', PARAM_INT);
        /// Add tags information
        foreach ($otags as $otag) {
            $tag->entryid = $blogentry->entryId;
            $tag->tagid = $otag;
            $tag->groupid = $groupid;
            $tag->courseid = $courseid;
            $tag->userid = $USER->id;

            insert_record('blog_tag_instance',$tag);
        }

        foreach ($ptags as $ptag) {
            $tag->entryid = $blogentry->entryId;
            $tag->tagid = $ptag;
            $tag->groupid = $groupid;
            $tag->courseid = $courseid;
            $tag->userid = $USER->id;

            insert_record('blog_tag_instance',$tag);
        }
        // only do pings if the entry is published to the world
        // Daryl Hawes note - eventually should check if it's on the same server
        // and if so allow pb/tb as well - especially now that moderation is in place
        print '<strong>'. get_string('entryupdated', 'blog') .'</strong><p>';

        //record a log message of this entry update action
        if ($site = get_site()) {
            add_to_log($site->id, 'blog', 'update', 'archive.php?userid='. $bloginfo->userid .'&postid='. $post->postid, 'updated existing blog entry with entry id# '. $post->postid);
        }

        redirect($CFG->wwwroot .'/blog/index.php?userid='. $bloginfo->userid);
    } else {
//        get_string('', 'blog') //Daryl Hawes note: localize this line
        $post->error =  'There was an error updating this post in the database: '. $error;
    }
}
?>