- * Method for inserting an open posting into the Database and delivering
- * the postingDone Page
- */
-
- public void insposting(HttpServletRequest aRequest, HttpServletResponse aResponse) throws
- ServletModuleExc, ServletModuleUserExc, ServletModuleFailure {
- if (MirGlobal.abuse().getOpenPostingDisabled()) {
- openPostingDisabled(aRequest, aResponse);
-
- return;
- }
-
- try {
- HTTPParsedRequest parsedRequest = new HTTPParsedRequest(
- aRequest,
- configuration.getString("Mir.DefaultEncoding"),
- configuration.getInt("MaxMediaUploadSize")*1024,
- configuration.getString("TempDir"));
-
- Map mergeData = new HashMap();
-
- HttpSession session = aRequest.getSession(false);
- String sessionPasswd = (String) session.getAttribute("passwd");
- if (sessionPasswd != null) {
- String passwd = (String) parsedRequest.getParameter("passwd");
-
- if (passwd == null || passwd.length() == 0) {
- throw new ServletModuleUserExc("posting.error.missingpassword", new String[] {});
- }
- if (!sessionPasswd.equals(passwd)) {
- throw new ServletModuleUserExc("posting.error.invalidpassword", new String[] {});
- }
- session.invalidate();
- }
-
- if ((((String) parsedRequest.getParameter("title")).length() == 0) ||
- (((String) parsedRequest.getParameter("description")).length() == 0) ||
- (((String) parsedRequest.getParameter("content_data")).length() == 0))
- throw new ServletModuleUserExc("posting.error.missingfield", new String[] {});
-
- List mediaList = new Vector();
- Iterator i = parsedRequest.getFiles().iterator();
-
- while (i.hasNext()) {
- UploadedFile file = new mir.session.CommonsUploadedFileAdapter((FileItem) i.next());
- Map mediaValues = new HashMap();
-
- String suffix = file.getFieldName().substring(5); // media${m}
- logger.debug("media_title" + suffix);
- String title = parsedRequest.getParameter("media_title" + suffix);
-
- mediaValues.put("title", StringUtil.removeHTMLTags(title));
- mediaValues.put("creator", StringUtil.removeHTMLTags(parsedRequest.getParameter("creator")));
- mediaValues.put("to_publisher", "0");
- mediaValues.put("is_published", "1");
- mediaValues.put("to_media_folder", "7");
-
- mediaList.add(MediaUploadProcessor.processMediaUpload(file, mediaValues));
- }
-
- Map withValues = new HashMap();
- i = DatabaseContent.getInstance().getFields().iterator();
- while (i.hasNext()) {
- String field = (String) i.next();
- String value = parsedRequest.getParameter(field);
- if (value!=null)
- withValues.put(field, value);
- }
-
-
- for (i = withValues.keySet().iterator(); i.hasNext(); ) {
- String k = (String) i.next();
- String v = (String) withValues.get(k);
-
- if (k.equals("content_data")) {
- //this doesn't quite work yet, so for now, all html goes
- //withValues.put(k,StringUtil.approveHTMLTags(v));
- withValues.put(k, StringUtil.deleteForbiddenTags(v));
- }
- else if (k.equals("description")) {
- String tmp = StringUtil.deleteForbiddenTags(v);
- withValues.put(k, StringUtil.deleteHTMLTableTags(tmp));
- }
- else {
- withValues.put(k, StringUtil.removeHTMLTags(v));
- }
- }
-
- withValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar()));
- withValues.put("publish_path",
- StringUtil.webdbDate2path( (String) withValues.get("date")));
- withValues.put("is_produced", "0");
- withValues.put("is_published", "1");
- if (directOp.equals("yes"))
- withValues.put("to_article_type", "1");
-
- withValues.put("to_publisher", "1");
-
- // inserting content into database
- String cid = contentModule.add(withValues);
- logger.debug("id: " + cid);
- //insert was not successfull
- if (cid == null) {
- deliver(aRequest, aResponse, mergeData, null, postingFormDupeTemplate);
- return;
- }
-
- List topics = parsedRequest.getParameterList("to_topic");
- if (topics.size() > 0) {
- try {
- DatabaseContentToTopics.getInstance().setTopics(cid, topics);
- }
- catch (Throwable e) {
- logger.error("setting content_x_topic failed");
- contentModule.deleteById(cid);
- throw new ServletModuleFailure(
- "smod - openindy :: insposting: setting content_x_topic failed: " +
- e.toString(), e);
- }
- }
-
- i = mediaList.iterator();
- while (i.hasNext()) {
- Entity mediaEnt = (Entity) i.next();
- DatabaseContentToMedia.getInstance().addMedia(cid, mediaEnt.getId());
- }
-
- EntityContent article = (EntityContent) contentModule.getById(cid);
- try {
- MirGlobal.abuse().checkArticle(
- article, new HTTPAdapters.HTTPRequestAdapter(aRequest), aResponse);
- MirGlobal.localizer().openPostings().afterContentPosting(article);
- }
- catch (Throwable t) {
- logger.error("Error while post-processing article: " + t.getMessage());
- }
- deliver(aRequest, aResponse, mergeData, null, postingFormDoneTemplate);
- }
- catch (Throwable e) {
- e.printStackTrace(logger.asPrintWriter(LoggerWrapper.DEBUG_MESSAGE));
- Throwable cause = ExceptionFunctions.traceCauseException(e);
-
- if (cause instanceof ModuleMediaType.UnsupportedMimeTypeExc) {
- throw new ServletModuleUserExc("media.unsupportedformat", new String[] {});
- }
- throw new ServletModuleFailure(e);
- }
- }
-
- /**
- * Due to a serious shortcoming of Tomcat 3.3, an extra sessionid parameter is
- * generated into open session urls. Tomcat 3.3 makes it impossible to
- * distinguish between sessions that are identified using a url and those
- * that are identified using cookies: if both a sessionid cookie and a sessionid
- * url are available, tomcat 3.3 pretends the url wasn't there...
- */
- private static final String SESSION_REQUEST_KEY="sessionid";
-
- /**