Changed optional_variables()s and required_variable()s to more secure alternatives.
[moodle.git] / mod / forum / discuss.php
CommitLineData
41905731 1<?php // $Id$
501cdbd8 2
3// Displays a post, and all the posts below it.
4// If no post is given, displays all posts in a discussion
5
b0e3a925 6 require_once("../../config.php");
7 require_once("lib.php");
501cdbd8 8
9 require_variable($d); // Discussion ID
10 optional_variable($parent); // If set, then display this post and all children.
11 optional_variable($mode); // If set, changes the layout of the thread
1fc49f00 12 optional_variable($move); // If set, moves this discussion to another forum
f37da850 13 optional_variable($mark); // Used for tracking read posts if user initiated.
14 optional_variable($postid); // Used for tracking read posts if user initiated.
501cdbd8 15
16 if (! $discussion = get_record("forum_discussions", "id", $d)) {
94361e02 17 error("Discussion ID was incorrect or no longer exists");
501cdbd8 18 }
19
20 if (! $course = get_record("course", "id", $discussion->course)) {
21 error("Course ID is incorrect - discussion is faulty");
22 }
23
68258534 24 if (! $forum = get_record("forum", "id", $discussion->forum)) {
25 notify("Bad forum ID stored in this discussion");
26 }
27
28 if ($forum->type == "teacher") {
29 require_login($course->id);
30
31 if (!isteacher($course->id)) {
32 error("You must be a $course->teacher to view this forum");
33 }
34
35 } else {
36 if (! $cm = get_coursemodule_from_instance("forum", $discussion->forum, $course->id)) {
37 error("Course Module ID was incorrect");
38 }
39 require_course_login($course, false, $cm);
68ddf8bc 40 }
41
1fc49f00 42
8f0cd6ef 43 if (!empty($move)) {
1fc49f00 44 if (!isteacher($course->id)) {
45 error("Only teachers can do that!");
46 }
47 if ($forum = get_record("forum", "id", $move)) {
cc2b7ea5 48 if (!forum_move_attachments($discussion, $move)) {
49 notify("Errors occurred while moving attachment directories - check your file permissions");
50 }
1fc49f00 51 set_field("forum_discussions", "forum", $forum->id, "id", $discussion->id);
52 $discussion->forum = $forum->id;
69d79bc3 53 if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
54 add_to_log($course->id, "forum", "move discussion", "discuss.php?d=$discussion->id", "$discussion->id",
55 $cm->id);
56 } else {
57 add_to_log($course->id, "forum", "move discussion", "discuss.php?d=$discussion->id", "$discussion->id");
58 }
8de14dc7 59 $discussionmoved = true;
1fc49f00 60 } else {
61 error("You can't move to that forum - it doesn't exist!");
62 }
63 }
64
fce9c67b 65
1fc49f00 66 $logparameters = "d=$discussion->id";
67 if ($parent) {
839f2456 68 $logparameters .= "&amp;parent=$parent";
501cdbd8 69 }
69d79bc3 70
71 if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
72 add_to_log($course->id, "forum", "view discussion", "discuss.php?$logparameters", "$discussion->id", $cm->id);
73 } else {
74 add_to_log($course->id, "forum", "view discussion", "discuss.php?$logparameters", "$discussion->id");
75 }
501cdbd8 76
77 unset($SESSION->fromdiscussion);
78
279826e2 79 if ($mode) {
acb50c1b 80 if (isguest()) {
81 $USER->preference['forum_displaymode'] = $mode; // don't save it in database
82 } else {
83 set_user_preference('forum_displaymode', $mode);
84 }
279826e2 85 }
501cdbd8 86
acb50c1b 87 $displaymode = get_user_preferences('forum_displaymode', $CFG->forum_displaymode);
501cdbd8 88
e92ea3d8 89 if ($parent) {
279826e2 90 if (abs($displaymode) == 1) { // If flat AND parent, then force nested display this time
e92ea3d8 91 $displaymode = 3;
92 }
93 } else {
501cdbd8 94 $parent = $discussion->firstpost;
c78ac798 95 $navtail = format_string($discussion->name);
501cdbd8 96 }
97
11b0c469 98 if (! $post = forum_get_post_full($parent)) {
501cdbd8 99 error("Discussion no longer exists", "$CFG->wwwroot/mod/forum/view.php?f=$forum->id");
100 }
101
eaf50aef 102 if (forum_tp_can_track_forums($forum) && forum_tp_is_tracked($forum) &&
103 $CFG->forum_usermarksread) {
f37da850 104 if ($mark == 'read') {
105 forum_tp_add_read_record($USER->id, $postid, $discussion->id, $forum->id);
106 } else if ($mark == 'unread') {
107 forum_tp_delete_read_records($USER->id, $postid);
108 }
109 }
110
61e96406 111 if (empty($navtail)) {
c78ac798 112 $navtail = "<a href=\"discuss.php?d=$discussion->id\">".format_string($discussion->name,true)."</a> -> ".format_string($post->subject);
501cdbd8 113 }
114
3849dae8 115 $navmiddle = "<a href=\"../forum/index.php?id=$course->id\">".get_string("forums", "forum")."</a> -> <a href=\"../forum/view.php?f=$forum->id\">".format_string($forum->name,true)."</a>";
501cdbd8 116
6f1cc8d6 117 $searchform = forum_search_form($course);
97485d07 118
501cdbd8 119 if ($course->category) {
c78ac798 120 print_header("$course->shortname: ".format_string($discussion->name), "$course->fullname",
72b4e283 121 "<a href=\"../../course/view.php?id=$course->id\">$course->shortname</a> ->
8f0cd6ef 122 $navmiddle -> $navtail", "", "", true, $searchform, navmenu($course, $cm));
501cdbd8 123 } else {
c78ac798 124 print_header("$course->shortname: ".format_string($discussion->name), "$course->fullname",
8f0cd6ef 125 "$navmiddle -> $navtail", "", "", true, $searchform, navmenu($course, $cm));
501cdbd8 126 }
127
c6d691dc 128
9197e147 129/// Check to see if groups are being used in this forum
130/// If so, make sure the current person is allowed to see this discussion
c6d691dc 131/// Also, if we know they should be able to reply, then explicitly set $canreply
132
133 $canreply = NULL; /// No override one way or the other
9197e147 134
52b201ee 135 if ($forum->type == "teacher") {
136 $groupmode = NOGROUPS;
137 } else {
138 $groupmode = groupmode($course, $cm);
139 }
9197e147 140
c6d691dc 141 if ($groupmode and !isteacheredit($course->id)) { // Groups must be kept separate
af3014b4 142 $mygroupid = mygroupid($course->id);
143
c6d691dc 144 if ($groupmode == SEPARATEGROUPS) {
145 require_login();
146
af3014b4 147 if ((empty($mygroupid) and $discussion->groupid == -1) || ($mygroupid == $discussion->groupid)) {
c6d691dc 148 $canreply = true;
2862b309 149 } elseif ($discussion->groupid == -1) {
150 $canreply = false;
c6d691dc 151 } else {
152 print_heading("Sorry, you can't see this discussion because you are not in this group");
cd8d4471 153 print_footer($course);
c6d691dc 154 die;
155 }
156
157 } else if ($groupmode == VISIBLEGROUPS) {
af3014b4 158 $canreply = ((empty($mygroupid) and $discussion->groupid == -1) || ($mygroupid == $discussion->groupid));
9197e147 159 }
160 }
161
162
c6d691dc 163/// Print the controls across the top
164
d5bbc556 165 echo '<table width="100%"><tr><td width="33%">';
c6d691dc 166
167 if ($groupmode == VISIBLEGROUPS or ($groupmode and isteacheredit($course->id))) {
d5bbc556 168 if ($groups = get_records_menu('groups', 'courseid', $course->id, 'name ASC', 'id,name')) {
839f2456 169 print_group_menu($groups, $groupmode, $discussion->groupid, "view.php?id=$cm->id&amp;group=");
c6d691dc 170 }
171 }
172
173 echo "</td><td width=\"33%\">";
ec9c0d44 174 forum_print_mode_form($discussion->id, $displaymode);
c6d691dc 175
02ebf404 176 echo "</td><td width=\"33%\">";
768f90f6 177 if (isteacher($course->id) && $forum->type != "teacher") { // Popup menu to move discussions to other forums
cccb016a 178 if ($forums = get_all_instances_in_course("forum", $course)) {
fcc69042 179 if ($course->format == 'weeks') {
180 $strsection = get_string("week");
181 } else {
182 $strsection = get_string("topic");
183 }
184 $section = -1;
1fc49f00 185 foreach ($forums as $courseforum) {
fcc69042 186 if (!empty($courseforum->section) and $section != $courseforum->section) {
187 $forummenu[] = "-------------- $strsection $courseforum->section --------------";
188 }
189 $section = $courseforum->section;
1fc49f00 190 if ($courseforum->id != $forum->id) {
839f2456 191 $url = "discuss.php?d=$discussion->id&amp;move=$courseforum->id";
3849dae8 192 $forummenu[$url] = format_string($courseforum->name,true);
1fc49f00 193 }
194 }
195 if (!empty($forummenu)) {
196 echo "<div align=\"right\">";
8f0cd6ef 197 echo popup_form("$CFG->wwwroot/mod/forum/", $forummenu, "forummenu", "",
1fc49f00 198 get_string("movethisdiscussionto", "forum"), "", "", true);
199 echo "</div>";
200 }
201 }
202 }
02ebf404 203 echo "</td></tr></table>";
1fc49f00 204
8de14dc7 205 if (isset($discussionmoved)) {
3849dae8 206 notify(get_string("discussionmoved", "forum", format_string($forum->name,true)));
8de14dc7 207 }
208
c6d691dc 209
210/// Print the actual discussion
211
212 forum_print_discussion($course, $forum, $discussion, $post, $displaymode, $canreply);
213
501cdbd8 214 print_footer($course);
215
216?>