104 lines
4.6 KiB
PHP
104 lines
4.6 KiB
PHP
<?php
|
|
require_once($_SERVER['DOCUMENT_ROOT'] . "/config.php");
|
|
|
|
if (!$_SESSION['superadmin']) { http_response_code(403); die('Доступ запрещён'); }
|
|
|
|
$post = clearInputData($_POST);
|
|
$id = isset($post['id']) ? (int)$post['id'] : 0;
|
|
|
|
// Сохраняем все введённые данные в сессии,
|
|
// чтобы при ошибке вернуть их в форму (иначе пользователь теряет введённый текст)
|
|
function saveFormDataAndRedirect($id, $errCode, $rawPost) {
|
|
$_SESSION['article_form_draft'] = array(
|
|
'title' => isset($rawPost['title']) ? $rawPost['title'] : '',
|
|
'page_title' => isset($rawPost['page_title']) ? $rawPost['page_title'] : '',
|
|
'description' => isset($rawPost['description']) ? $rawPost['description'] : '',
|
|
'slug' => isset($rawPost['slug']) ? $rawPost['slug'] : '',
|
|
'date_created' => isset($rawPost['date_created']) ? $rawPost['date_created'] : '',
|
|
'date_updated' => isset($rawPost['date_updated']) ? $rawPost['date_updated'] : '',
|
|
'reading_time' => isset($rawPost['reading_time']) ? $rawPost['reading_time'] : 5,
|
|
'sort_order' => isset($rawPost['sort_order']) ? $rawPost['sort_order'] : 0,
|
|
'published' => isset($rawPost['published']) ? 1 : 0,
|
|
'author_name' => isset($rawPost['author_name']) ? $rawPost['author_name'] : '',
|
|
'author_job' => isset($rawPost['author_job']) ? $rawPost['author_job'] : '',
|
|
'author_img' => isset($rawPost['author_img']) ? $rawPost['author_img'] : '',
|
|
'image' => isset($rawPost['image']) ? $rawPost['image'] : '',
|
|
'content' => isset($_POST['content']) ? $_POST['content'] : '',
|
|
);
|
|
$url = "/admin/article-edit.php" . ($id ? "?id=$id&" : "?") . "err=" . urlencode($errCode);
|
|
header("location:$url");
|
|
exit();
|
|
}
|
|
|
|
$slug = trim(Article::val($post, 'slug', ''));
|
|
$title = trim(Article::val($post, 'title', ''));
|
|
|
|
if (!$slug || !$title) {
|
|
saveFormDataAndRedirect($id, 'empty', $post);
|
|
}
|
|
|
|
$slug = preg_replace('/[^a-z0-9-]/', '', strtolower($slug));
|
|
$slug = trim($slug, '-');
|
|
|
|
if ($slug === '') {
|
|
saveFormDataAndRedirect($id, 'empty_slug', $post);
|
|
}
|
|
|
|
if (Article::slugExists($slug, $id)) {
|
|
saveFormDataAndRedirect($id, 'slug_exists', $post);
|
|
}
|
|
|
|
if (Article::isSlugConflictingWithFile($slug)) {
|
|
saveFormDataAndRedirect($id, 'slug_file_conflict', $post);
|
|
}
|
|
|
|
$imagePath = trim(Article::val($post, 'image', ''));
|
|
$maxImageSize = 5 * 1024 * 1024; // 5 MB
|
|
|
|
if (!empty($_FILES['image_file']['name']) && $_FILES['image_file']['error'] === UPLOAD_ERR_OK) {
|
|
if ($_FILES['image_file']['size'] > $maxImageSize) {
|
|
saveFormDataAndRedirect($id, 'image_too_large', $post);
|
|
}
|
|
$ext = strtolower(pathinfo($_FILES['image_file']['name'], PATHINFO_EXTENSION));
|
|
$imageInfo = @getimagesize($_FILES['image_file']['tmp_name']);
|
|
if (in_array($ext, array('jpg', 'jpeg', 'png', 'webp')) && $imageInfo !== false) {
|
|
$dir = $_SERVER['DOCUMENT_ROOT'] . '/images/articles/';
|
|
if (!is_dir($dir)) mkdir($dir, 0755, true);
|
|
$filename = 'art-' . ($id ? $id : 'new') . '-' . time() . '-' . mt_rand(1000, 9999) . '.' . $ext;
|
|
if (move_uploaded_file($_FILES['image_file']['tmp_name'], $dir . $filename)) {
|
|
$imagePath = '/images/articles/' . $filename;
|
|
}
|
|
}
|
|
}
|
|
|
|
$dateCreated = Article::val($post, 'date_created', '');
|
|
$dateUpdated = Article::val($post, 'date_updated', '');
|
|
|
|
$data = array(
|
|
'slug' => $slug,
|
|
'title' => $title,
|
|
'page_title' => trim(Article::val($post, 'page_title', '')),
|
|
'description' => trim(Article::val($post, 'description', '')),
|
|
'content' => isset($_POST['content']) ? $_POST['content'] : '',
|
|
'date_created' => $dateCreated ? $dateCreated : date('Y-m-d'),
|
|
'date_updated' => $dateUpdated ? $dateUpdated : date('Y-m-d'),
|
|
'reading_time' => max(1, (int)Article::val($post, 'reading_time', 5)),
|
|
'image' => $imagePath,
|
|
'author_name' => trim(Article::val($post, 'author_name', 'Станислав Дмитриев')),
|
|
'author_img' => trim(Article::val($post, 'author_img', '/images/articles/rukofodJW.png')),
|
|
'author_job' => trim(Article::val($post, 'author_job', 'руководитель JoyWork')),
|
|
'published' => isset($post['published']) ? 1 : 0,
|
|
'sort_order' => (int)Article::val($post, 'sort_order', 0),
|
|
);
|
|
|
|
if ($id > 0) {
|
|
Article::update($id, $data);
|
|
Article::regenerateSitemap();
|
|
header("location:/admin/article-edit.php?id=$id&saved=1");
|
|
} else {
|
|
$newId = Article::create($data);
|
|
Article::regenerateSitemap();
|
|
header("location:/admin/article-edit.php?id=$newId&saved=1");
|
|
}
|
|
exit();
|