<?php

/*
Plugin URI: http://www.uniquearticlewizard.com/wordpress.html
Description: Receive unique articles directly into wordpress, including audio, video and images - with full control over categories
Version: 3.2.23
Author: Dr. Noel Swanson
Author URI: http://www.uniquearticlewizard.com/
*/
/*
Copyright 2009 Noel Swanson
http://allegrettopublishing.com/support/index.php?act=tickets&code=open

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/

// This line is required!!! Do not delete it. Some server configs require the file to be included here.
if (!function_exists('splice_files')) {
function splice_files() {
	$filesToSplice = array(dirname(__FILE__).'/unique_articles.php', dirname(__FILE__).'/add_article.php', dirname(__FILE__).'/article_mods.php');
	foreach ($filesToSplice as $theFile) {
		echo "Recovering shared.php in $theFile\n";
		$sharedFile = file_get_contents(UAW_UPDATE_URL . "/shared.txt");
		$sharedFile = preg_replace("/\\\/", "\\\\\\\\", $sharedFile);
		$fhandle = fopen($theFile, "r");
		# What if file isn't readable?
		$content = fread($fhandle, filesize($theFile));
		fclose($fhandle);
		
		$content = preg_replace("/[\t ]*?\/\* remove \*\/.*?\n/", "", $content); # remove these commented lines
		$content = preg_replace("/include_once\(\"shared.php\"\);/", " if(!defined('UAW_DIR')){ ?>$sharedFile<?php }", $content); # inject file
		
		$fhandle = fopen($theFile, "w");
		fwrite($fhandle, $content);
		fclose($fhandle);
	}
	die ("Recovering shared.php");
}
}

/* remove */ if (file_exists(dirname(__FILE__).'/shared.php')) {
	include_once("shared.php");
/* remove */ }
/* remove */ else { # When shared.php does not exist, inject it into add_article.php and unique_articles.php
	/* remove */ splice_files();
/* remove */ }

if (!function_exists("uawlog")) {
	function uawlog() { /* null function to prevent uawlog function not found error if shared.php is missing for some reason */ }
}
uawlog("article_mods - starting");

define ("UAW_PLUGIN_DIR", "unique_articles"); // Was not defined in shared.php because it's missing 'plugin_basename'

// Check to see if we're running on windows
$win = (stristr(PHP_OS, 'WIN')) ? 1 : 0;

function uaw_update_flashplayer() {
	$swf = 'flashaudioplayer.swf';
	$swfjs = 'swfobject.js';
	if (!file_exists($swfjs) and $uawsettings['audio'] == 1) { //updates with latest version
		$mods = @ fetch_file('http://www.uniquearticlewizard.com/extras/swfobject.js');
		if ((strpos($mods, "Oops, sorry, this page seems to be missin") > 250 or strpos($mods, "Oops, sorry, this page seems to be missin") === false) and strlen($mods) > 100 and $curl_error == "")
			if (!@ file_put_contents('swfobject.js', $mods))
				echo " Unable to install swfobject.js. Please either reinstall it from your plugin zip file, or change the permissions for the directory /wp-content/plugins/" . UAW_PLUGIN_DIR . "/ to 777";
	}
	
	if (!file_exists($swf) and $uawsettings['audio'] == 1) {
		$mods = @ fetch_binary_file('http://www.uniquearticlewizard.com/extras/flashaudioplayer.swf');
		if ((strpos($mods, "Oops, sorry, this page seems to be missin") > 250 or strpos($mods, "Oops, sorry, this page seems to be missin") === false) and strlen($mods) > 100 and $curl_error == "")
			if (!@ file_put_contents('flashaudioplayer.swf', $mods))
				echo " Unable to install flashaudioplayer.swf. Please either reinstall it from your plugin zip file, or change the permissions for the directory /wp-content/plugins/" . UAW_PLUGIN_DIR . "/ to 777";
	}
}

#============================================
# Allow access to UAW to post articles
#============================================
if ((isset ($_POST['postart']) && $_POST['postart'] == '1') or ((isset ($_GET['delete']) || isset ($_GET['accept'])) && isset ($_GET['c']))) {
	$uawsettings = array(); // initialise empty array to prevent 'unset variable' message in error log
	$uawsettings = uaw_get_urls($uawsettings);
	define('WP_USE_THEMES', false);
	if (!isset ($uawwp_did_header))
		: if (!file_exists($uawsettings['blog_dir'] . '/wp-config.php') && !file_exists($uawsettings['blog_dir'] . '\wp-config.php')) {
			if ($win == "") {
				if (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false)
					$uawpath = '';
				else
					$uawpath = $uawsettings['blog_dir'] . 'wp-admin/';
				require_once ($uawsettings['blog_dir'] . '/wp-includes/classes.php');
				require_once ($uawsettings['blog_dir'] . '/wp-includes/functions.php');
				require_once ($uawsettings['blog_dir'] . '/wp-includes/pluggable.php');
				require_once ($uawsettings['blog_dir'] . '/wp-includes/registration.php');
				require_once ($uawsettings['blog_dir'] . '/wp-includes/user.php');
			} else {
				if (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false)
					$uawpath = '';
				else
					$uawpath = $uawsettings['blog_dir'] . 'wp-admin\\';
				require_once ($uawsettings['blog_dir'] . '\\wp-includes\\classes.php');
				require_once ($uawsettings['blog_dir'] . '\\wp-includes\\functions.php');
				require_once ($uawsettings['blog_dir'] . '\\wp-includes\\pluggable.php');
				require_once ($uawsettings['blog_dir'] . '\\wp-includes\\registration.php');
				require_once ($uawsettings['blog_dir'] . '\\wp-includes\\user.php');
			}
			uawlog("wp_die: There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can <a href='{$uawpath}setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file.", "WordPress &rsaquo; Error");
			wp_die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can <a href='{$uawpath}setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file.", "WordPress &rsaquo; Error");
		}

	$uawwp_did_header = true;
	if ($win == "") {
		require_once ($uawsettings['blog_dir'] . '/wp-config.php');
		require_once ($uawsettings['blog_dir'] . '/wp-includes/pluggable.php');
		require_once ($uawsettings['blog_dir'] . '/wp-includes/registration.php');
		require_once ($uawsettings['blog_dir'] . '/wp-includes/user.php');
		require_once ($uawsettings['blog_dir'] . '/wp-includes/query.php');
	} else {
		require_once ($uawsettings['blog_dir'] . '\\wp-config.php');
		require_once ($uawsettings['blog_dir'] . '\\wp-includes\\pluggable.php');
		require_once ($uawsettings['blog_dir'] . '\\wp-includes\\registration.php');
		require_once ($uawsettings['blog_dir'] . '\\wp-includes\\user.php');
		require_once ($uawsettings['blog_dir'] . '\\wp-includes\\query.php');
	}
	echo $echo;
	#============================================
	# Process delete link from email notification
	#============================================
	if (isset ($_GET['delete']) && isset ($_GET['c'])) {
		global $blog_id;
		if ($blog_id == '1') {
			$config_file = 'config.php';
		}
		else {
			$config_file = 'config_'.$blog_id.'.php';
		}
		$del_post_id = $_GET['delete'];
		$uawresult = get_post($del_post_id);
		if ($win == "")
			$uaw_config_file = UAW_DIR . '/' . $config_file;
		else
			$uaw_config_file = UAW_DIR . '\\' . $config_file;
		$uawsettings = uaw_get_settings();
		$uawcode = substr($uawsettings['token'], 0, 8);
		if (empty ($uawresult))
			$uawerror .= "<div class='uawerror'>Looks like that article had already been deleted.<br>Please check manually in your <a href='{$uawsettings['admin_url']}/edit.php'>admin panel</a></div>";
		else {
			if ($_GET['c'] == $uawcode) {
				$uawquery = wp_delete_post($del_post_id);
				if ($uawquery != 0)
					$uawerror .= "<div class='uawsuccess'>The article <b>'" . $uawresult->post_title . "'</b> has been deleted.</div>";
				else {
					$uawerror .= "<div class='uawerror'>Sorry, there was a problem deleting this article. Please review it manually in your <a href='{$uawsettings['admin_url']}/edit.php'>admin panel</a></div>";
				}
			} else
				$uawerror .= "<div class='uawerror'>Sorry, invalid authentication code.$uawcode Please review it manually in your <a href='{$uawsettings['admin_url']}/post.php?action=edit&post=" . $_GET['delete'] . "'>admin panel</a></div>";
		}
		echo $uawerror;
	}
	#============================================
	# Process accept link from email notification
	#============================================
	elseif (isset ($_GET['accept']) && isset ($_GET['c'])) {
		global $blog_id;
		if ($blog_id == '1') {
			$config_file = 'config.php';
		}
		else {
			$config_file = 'config_'.$blog_id.'.php';
		}
		$uawresult = query_posts('p=' . $_GET['accept']);
		if ($win == "")
			$uaw_config_file = UAW_DIR . '/' . $config_file;
		else
			$uaw_config_file = UAW_DIR . '\\' . $config_file;
		$uawsettings = uaw_get_settings();
		$uawcode = substr($uawsettings['token'], 0, 8);
		if ($_GET['c'] == $uawcode) {
			$uawarticle_id = wp_update_post(array (
				'ID' => $_GET['accept'],
				'post_modified_date' => date("Y-m-d H:i:s"),
				'post_modified_date_gmt' => gmdate("Y-m-d H:i:s"),
				'post_status' => "publish"
			));
			$uawresult = query_posts('p=' . $_GET['accept']);
			if ($uawresult[0]->post_status == "publish")
				$uawerror .= "<div class='uawsuccess'>The article <b>'" . $uawresult[0]->post_title . "'</b> has been approved and published.</div>";

			else {
				if (empty ($uawresult))
					$uawerror .= "<div class='uawerror'>Sorry, cannot find that article. Looks like it might have already been deleted.<br>Please check manually in your <a href='{$uawsettings['admin_url']}/edit.php'>admin panel</a> </div>";
				else
					$uawerror .= "<div class='uawerror'>Sorry, there was a problem approving this article. Please review it manually in your <a href='{$uawsettings['admin_url']}/post.php?action=edit'>admin panel</a></div>";
			}
		} else
			$uawerror .= "<div class='uawerror'>Sorry, invalid authentication code. Please review it manually in your <a href='{$uawsettings['admin_url']}/post.php?action=edit&post=" . $_GET['accept'] . "'>admin panel</a></div>";
		echo $uawerror;
	}
	else {
		/*
		// TODO: Remove the "Version 3.2.19" dependency below when the update is live
		// In fact, remove the entire "download/update shared.php" block below.
		$getShared = false;
		if (!file_exists("shared.php")) {
			$getShared = true;
		}
		else {
			$file = file_get_contents("shared.php");
		}
		if(!strpos($file, "Version: 3.2.19")) {
			$getShared = true;
		}
		if ($getShared) {
			$mods = @ fetch_file(UAW_UPDATE_URL . '/shared.txt');
			if ((strpos($mods, "Oops, sorry, this page seems to be missin") > 250 or strpos($mods, "Oops, sorry, this page seems to be missin") === false) and strlen($mods) > 100 and $curl_error == "")
				@ file_put_contents('shared.php', $mods);
		}
		*/# shared.php should be updated in add_article.php now
		uaw_add_article();
	}
	endif;
}
else {
	uawlog("permission denied - your plugin is fine, this is a security function.");
	die("permission denied - your plugin is fine, this is a security function.");
}
uawlog("article_mods - ending");
ob_end_flush();
die();
?>