joepie91
/
anonnews2
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
rewrite
tiles
develop
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8f6ab87194'
${ noResults }
anonnews2/public_html/module.press.add.php

253 lines
11 KiB
PHP
Raw Blame History

<?php
if(!isset($_ANONNEWS)) { die(); } /* Protect from direct requests */
/* This module allows a user to submit a new press release. */
if(check_banlist() == false)
{
if(empty($var_id))
{
// Stage 0: The page with guidelines.
?>
<h2>Read these guidelines. Not reading them may get you banned.</h2>
<p><strong>While no censorship based on opinion, views, etc. takes place on AnonNews, there are several guidelines in place to keep content on the site relevant.</strong>
Read these guidelines completely before submitting a press release. Not reading them may get you banned.</p>
<p><strong>This is not a forum.</strong> Opinion posts, questions to anons, and other similar things do not belong here. <a href="/forum">Use the forum.</a></p>
<p><strong>AnonNews is about Anonymous.</strong> While you may think your local political party, a phone tapping scandal, or anything else is important, this is not the place for personal army requests.
If you wish to discuss a topic that may be of interest to other anons, you can do so on the <a href="/forum">forum</a>. If it's not a press release or manifesto from Anonymous, it doesn't belong here - period.</p>
<p><strong>Format your press releases properly.</strong> Press releases and manifestos are expected to be readable and in proper formatting. While we certainly don't expect perfect grammar, a press
release that uses an abbreviation every other word or contains excessive 'leetspeak' is not going to be accepted. If your press release is in bright pink with images of red flowers on the side, it will
probably not be accepted either.</p>
<p><strong>No copypasting.</strong> This section is intended for those that wish to submit a press release about an operation they are involved with (not necessarily being part of staff). Don't copypaste
news articles or press releases from others that you have nothing to do with. Submitting it for someone else who is involved with an operation, is of course not an issue at all.</p>
<p><strong>You are not the leader of Anonymous. Noone is.</strong> Don't try to imply that <em>all</em> of Anonymous agrees with something or condemns it - your press release will be rejected. Unless you
have talked through your press release with literally every single anon out there, you cannot speak for all of them. Making a generic 'from Anonymous' statement is fine, as long as you don't try to say that
'person X and operation Y were not Anonymous' or try to impose alleged 'universal values or ideologies' onto Anonymous - they simply do not exist.</p>
<p><strong>On the IP retention policy: we normally do not store IP addresses of anyone submitting content to AnonNews (feel free to use TOR or a proxy to be completely sure). If you hit a spam filter,
however (there is almost zero chance for a false positive), your IP may be recorded and banned. If an IP is incorrectly recorded (a false positive) it will be reviewed and removed from the log within 24 hours, without exception.</strong></p>
<p><form method="GET" action="/press/add/form/">
If you have read the guidelines, <button name="submit" type="submit">click here to submit your press release.</button>
</form></p>
<?php
}
else
{
if($var_id == "form")
{
// Stage 1: Entering the actual press release information.
?>
<h2>Submit a press release</h2>
<form enctype="multipart/form-data" method="POST" action="/press/add/submit/" class="submission">
<input type="hidden" name="js_enabled" value="false" id="input_js_enabled">
<script type="text/javascript">
$(function(){
$('#input_js_enabled').val("true");
$('#notice_javascript').css({'display':'none'});
});
</script>
<h4>Press release title</h4>
<input type="text" name="title">
<h4>Press release text</h4>
<div class="form-notice" id="notice_javascript">
To make use of the WYSIWYG editor, Javascript is required. If Javascript is turned off, you can make use of HTML instead - line breaks will automatically be inserted.
</div>
<textarea name="body"></textarea>
<script type="text/javascript" src="/tiny_mce/tiny_mce.js"></script>
<script type="text/javascript">
tinyMCE.init({
// General options
mode : "textareas",
theme : "advanced",
plugins : "safari,spellchecker,pagebreak,style,layer,table,save,advhr,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template",
// Theme options
theme_advanced_buttons1 : "spellchecker,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,|,fontselect,fontsizeselect",
theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,search,replace,|,bullist,numlist,|,undo,redo,|,link,unlink,|,insertdate,inserttime,preview,|,forecolor,backcolor",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true,
// Office example CSS
content_css : "css/office.css",
});
</script>
<h4>Upload an image (optional)</h4>
<div class="form-notice">
Allowed: PNG, GIF, JPG. Maximum filesize: 20MB. <strong>If possible, please use PNG instead of JPG for better image quality.</strong>
</div>
<input type="hidden" name="MAX_FILE_SIZE" value="20000000">
<input name="file" type="file" class="upload">
<h4>Tags (optional)</h4>
<div class="form-notice">
Enter comma-separated tags here, that indicate what the article is about. This will make it easier to find on the site.
</div>
<input type="text" name="tags" id="input_tags" value="">
<h4>Press Release Language</h4>
<select name="language">
<?php
foreach($languages as $iso => $lang)
{
echo("<option value=\"{$iso}\">{$lang}</option>");
}
?>
</select>
<h4>Complete the CAPTCHA</h4>
<?php echo(template_captcha()); ?>
<div class="submit">
<button type="submit" name="submit" onclick="$('#submit_loader').css({'display':'block'}); $(this).css({'display':'none'}); return true;">Submit press release &gt;&gt;</button>
</div>
<div class="submit-loader" id="submit_loader">
<img src="http://tahoe-gateway.cryto.net:3719/download/VVJJOkNISzpuMzRqdGlhb3gycGxxbnZjZm5hM3k1NzdyYTpsbDRvNzc1Z2FsYjVmdzVqd3Q2ems0aGQ0bGd2ZXMzZHl1YXRkZHVwa2p0YXFnbmdtMmlxOjM6NjoxMDgxOQ==/loader-wide.gif"><br>
<strong>Submitting press release... (this may take a while!)</strong>
</div>
</form>
<?php
}
elseif($var_id == "submit")
{
// Stage 2: Processing the upload and press release.
$recaptcha = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if($recaptcha->is_valid)
{
$error = false;
if(isset($_FILES['file']) && $_FILES['file']['error'] == 0)
{
$file_uploaded = true;
if(ends_with($_FILES['file']['name'], ".jpg") || ends_with($_FILES['file']['name'], ".jpeg") || ends_with($_FILES['file']['name'], ".png") || ends_with($_FILES['file']['name'], ".gif"))
{
if($_FILES['file']['size'] <= 20000000)
{
$upload_result = curl_put("{$tahoe_server}/uri", $_FILES['file']['tmp_name']);
if($upload_result !== false)
{
$upload_b64 = urlsafe_b64encode($upload_result);
$upload_url = "/download/$upload_b64/{$_FILES['file']['name']}";
}
}
else
{
$error = true;
$var_code = ANONNEWS_ERROR_TOO_LARGE; // Upload filesize error
require("module.error.php");
}
}
else
{
$error = true;
$var_code = ANONNEWS_ERROR_INCORRECT_FORMAT; // Upload file format error
require("module.error.php");
}
}
elseif(isset($_FILES['file']) && $_FILES['file']['error'] == 4)
{
// No file was uploaded.
$file_uploaded = false;
}
else
{
$error = true;
$var_code = ANONNEWS_ERROR_UPLOAD_ERR; // Generic upload error
require("module.error.php");
}
if($error === false)
{
// Either no file was uploaded or the file was successfully uploaded, continue...
if(!empty($_POST['title']))
{
if(!empty($_POST['body']))
{
if($file_uploaded === false)
{
$upload_url = "";
}
$body = $_POST['body'];
if($_POST['js_enabled'] === "false")
{
$body = nl2br($body, false);
}
$body = mysql_real_escape_string(str_replace("javascript:", "",strip_tags_attributes($body,
"<a><b><i><u><span><div><p><br><hr><font><ul><li><ol><dt><dd><h1><h2><h3><h4><h5><h6><h7><del><map><area><strong><em><big><small><sub><sup><ins><pre><blockquote><cite><q><center><marquee><table><tr><td><th>",
"href,src,alt,class,style,align,valign,color,face,size,width,height,shape,coords,target,border,cellpadding,cellspacing,colspan,rowspan")));
$title = mysql_real_escape_string($_POST['title']);
$language = mysql_real_escape_string($_POST['language']);
$query = "INSERT INTO press (`Name`, `Body`, `CommentCount`, `Deleted`, `Approved`, `Attachment`, `Upvotes`, `Mod`, `ExternalAttachment`, `Language`, `Posted`)
VALUES ('{$title}', '{$body}', '0', '0', '0', '{$upload_url}', '0', '', '1', '{$language}', CURRENT_TIMESTAMP)";
if(mysql_query($query))
{
$insert_id = mysql_insert_id();
if(!empty($_POST['tags']))
{
// tags were entered.
$tags = $_POST['tags'];
$tags_list = explode(",", $tags);
foreach($tags_list as $tag)
{
$tag = mysql_real_escape_string(trim(clean_tag($tag)));
if(!empty($tag))
{
$query = "INSERT INTO tags (`Table`, `ItemId`, `TagName`) VALUES ('press', '{$insert_id}', '$tag')";
mysql_query($query);
}
}
}
echo("<p><strong>Your press release was successfully submitted.</strong> It will have to be approved before it appears on the front page.</p>
<p><a href=\"/\" class=\"page-button\">&lt;&lt; back to front page</a></p>");
}
else
{
echo(mysql_error());
$var_code = ANONNEWS_ERROR_DATABASE_ERROR; // Generic upload error
require("module.error.php");
}
}
else
{
$var_code = ANONNEWS_ERROR_EMPTY_BODY; // Empty body
require("module.error.php");
}
}
else
{
$var_code = ANONNEWS_ERROR_EMPTY_TITLE; // Empty title
require("module.error.php");
}
}
}
else
{
$var_code = ANONNEWS_ERROR_INCORRECT_CAPTCHA;
require("module.error.php");
}
}
else
{
$var_code = ANONNEWS_ERROR_NOT_FOUND;
require("module.error.php");
}
}
}
else
{
$var_code = ANONNEWS_ERROR_BANNED; // Banned from submission.
require("module.error.php");
}
?>
Reference in New Issue View Git Blame Copy Permalink