getId(), MSZ_PERM_NEWS_MANAGE_POSTS)) { echo render_error(403); return; } $postId = (int)filter_input(INPUT_GET, 'p', FILTER_SANITIZE_NUMBER_INT); if($postId > 0) try { $postInfo = NewsPost::byId($postId); Template::set('post_info', $postInfo); } catch(NewsPostNotFoundException $ex) { echo render_error(404); return; } $categories = NewsCategory::all(null, true); if(!empty($_POST['post']) && CSRF::validateRequest()) { if(!isset($postInfo)) { $postInfo = new NewsPost; $isNew = true; } $currentUserId = User::getCurrent()->getId(); $postInfo->setTitle( $_POST['post']['title']) ->setText($_POST['post']['text']) ->setCategoryId($_POST['post']['category']) ->setFeatured(!empty($_POST['post']['featured'])); if(!empty($isNew)) $postInfo->setUserId($currentUserId); $postInfo->save(); AuditLog::create( $_SERVER['REMOTE_ADDR'], empty($isNew) ? AuditLog::NEWS_POST_EDIT : AuditLog::NEWS_POST_CREATE, [$postInfo->getId()] ); if(!empty($isNew)) { if($postInfo->isFeatured()) { $twitter = $ctx->createTwitterClient(); if($twitter->hasAccessToken()) { $url = url('news-post', ['post' => $postInfo->getId()]); $twitter->sendTweet("News :: {$postInfo->getTitle()}\nhttps://{$_SERVER['HTTP_HOST']}{$url}"); } } header('Location: ' . url('manage-news-post', ['post' => $postInfo->getId()])); return; } } Template::render('manage.news.post', [ 'categories' => $categories, ]);