public function form_publish_success(FormUI $form)
{
$user = User::identify();
// Get the Post object from the hidden 'post' control on the form
/** @var Post $post */
$post = $form->post->value;
// Do some permission checks
// @todo REFACTOR: These probably don't work and should be refactored to use validators on the form fields instead
// sorry, we just don't allow changing posts you don't have rights to
if ($post->id != 0 && !ACL::access_check($post->get_access(), 'edit')) {
Session::error(_t('You don\'t have permission to edit that post'));
$this->get_blank();
}
// sorry, we just don't allow changing content types to types you don't have rights to
$type = 'post_' . Post::type_name($form->content_type->value);
if ($form->content_type->value != $post->content_type && ($user->cannot($type) || !$user->can_any(array('own_posts' => 'edit', 'post_any' => 'edit', $type => 'edit')))) {
Session::error(_t('You don\'t have permission to change to that content type'));
// @todo This isn't ideal at all, since it loses all of the changes...
Utils::redirect(URL::get('display_publish', $post, false));
exit;
}
// If we're creating a new post...
if ($post->id == 0) {
// check the user can create new posts of the set type.
$type = 'post_' . Post::type_name($form->content_type->value);
if (ACL::user_cannot($user, $type) || !ACL::user_can($user, 'post_any', 'create') && !ACL::user_can($user, $type, 'create')) {
Session::error(_t('You don\'t have permission to create posts of that type'));
Utils::redirect(URL::get('display_publish', $post, false));
exit;
}
// Only the original author is associated with a new post
$post->user_id = $user->id;
} else {
// check the user can create new posts of the set type.
$type = 'post_' . Post::type_name($form->content_type->value);
if (!ACL::access_check($post->get_access(), 'edit')) {
Session::error(_t('You don\'t have permission to edit posts of that type'));
Utils::redirect(URL::get('display_publish', $post, false));
exit;
}
// Verify that the post hasn't already been updated since the form was loaded
if ($post->modified != $form->modified->value) {
Session::notice(_t('The post %1$s was updated since you made changes. Please review those changes before overwriting them.', array(sprintf('<a href="%1$s">\'%2$s\'</a>', $post->permalink, Utils::htmlspecialchars($post->title)))));
Utils::redirect(URL::get('display_publish', $post, false));
exit;
}
// Prevent a published post from having its slug zeroed
if ($form->newslug->value == '' && $post->status == Post::status('published')) {
Session::notice(_t('A post slug cannot be empty. Keeping old slug.'));
$form->newslug->value = $form->slug->value;
}
}
// sometimes we want to overwrite the published date with the current date, if:
// 1) the post was not previously published
// 2) the post is now supposed to be published
// 3) the user has not entered a specific publish date already -- that is, the one on the form that was submitted is the same as the currently saved one
// AND
// 4) the published date is NOT in the future -- if it were, we would reset the date on scheduled posts if we edit them again before they are published
if ($post->status != Post::status('published') && $form->status->value == Post::status('published') && ($post->pubdate == DateTime::create($form->pubdate->value) && $post->pubdate <= DateTime::create())) {
$post->pubdate = DateTime::create();
} else {
$post->pubdate = DateTime::create($form->pubdate->value);
}
// Minor updates are when the user has checked the minor update box and the post isn't in draft or new
$minor = $form->minor_edit->value && $post->status != Post::status('draft') && $post->id != 0;
// Don't try to update form values that have been removed by plugins,
// look for these fields before committing their values to the post
$expected = array('title' => 'title', 'tags' => 'tags', 'content' => 'content', 'slug' => 'newslug', 'content_type' => 'content_type', 'status' => 'status');
foreach ($expected as $field => $control) {
if (isset($form->{$field})) {
$post->{$field} = $form->{$control}->value;
}
}
// This seems cheesy
$post->info->comments_disabled = !$form->comments_enabled->value;
// This plugin hook allows changes to be made to the post object prior to its save to the database
Plugins::act('publish_post', $post, $form);
// Insert or Update
if ($post->id == 0) {
$post->insert();
} else {
$post->update($minor);
}
// Calling $form->save() calls ->save() on any controls that might have been added to the form by plugins
$form->save();
$permalink = $post->status != Post::status('published') ? $post->permalink . '?preview=1' : $post->permalink;
$postname = sprintf('<a href="%1$s">\'%2$s\'</a>', $permalink, Utils::htmlspecialchars($post->title));
$status = Post::status_name($post->status);
Session::notice(_t('The post !postname has been saved as !status.', array('!postname' => $postname, '!status' => $status)));
Utils::redirect(URL::get('display_publish', $post, false));
}