Further SQL cleanups
[moodle.git] / mod / forum / post.php
CommitLineData
501cdbd8 1<?PHP // $Id$
2
3// Edit and save a new post to a discussion
4
5
6 require("../../config.php");
7 require("lib.php");
8
9 if (isguest()) {
cf38360f 10 error(get_string("noguestpost", "forum"), $HTTP_REFERER);
501cdbd8 11 }
12
13 if (match_referer() && isset($HTTP_POST_VARS)) { // form submitted
14 $post = (object)$HTTP_POST_VARS;
15
16 $post->subject = strip_tags($post->subject); // Strip all tags
73bb0835 17 $post->message = clean_text($post->message, $post->format); // Clean up any bad tags
501cdbd8 18
7f6689e4 19 $post->attachment = $HTTP_POST_FILES["attachment"];
20
21 if (!$post->subject and !$post->message) {
cf38360f 22 error(get_string("emptymessage", "forum"));
7f6689e4 23 }
24
501cdbd8 25 require_login();
26
27 if ($post->edit) { // Updating a post
28 $post->id = $post->edit;
7f6689e4 29 if (forum_update_post($post)) {
501cdbd8 30 add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
cf38360f 31 redirect(forum_go_back_to("discuss.php?d=$post->discussion"), get_string("postupdated", "forum"), 1);
501cdbd8 32 } else {
cf38360f 33 error(get_string("couldnotupdate", "forum"));
501cdbd8 34 }
7f6689e4 35
501cdbd8 36 } else if ($post->discussion) { // Adding a new post to an existing discussion
11b0c469 37 if ($post->id = forum_add_new_post($post)) {
501cdbd8 38 if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
39 forum_subscribe($USER->id, $post->forum);
40 }
41
42 add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
11b0c469 43 redirect(forum_go_back_to("discuss.php?d=$post->discussion"),
1f48942e 44 get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 2);
501cdbd8 45 } else {
cf38360f 46 error(get_string("couldnotadd", "forum"));
501cdbd8 47 }
48 } else { // Adding a new discussion
49 $discussion = $post;
50 $discussion->name = $post->subject;
51 $discussion->intro = $post->message;
52 if ($discussion->id = forum_add_discussion($discussion)) {
53 if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
54 forum_subscribe($USER->id, $post->forum);
55 }
56 add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
11b0c469 57 redirect(forum_go_back_to("view.php?f=$post->forum"),
cf38360f 58 get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
501cdbd8 59 } else {
cf38360f 60 error(get_string("couldnotadd", "forum"));
501cdbd8 61 }
62 }
63 die;
64 }
65
213e8cc6 66 if ($usehtmleditor = can_use_richtext_editor()) {
67 $defaultformat = FORMAT_HTML;
68 $onsubmit = "onsubmit=\"copyrichtext(theform.message);\"";
69 } else {
70 $defaultformat = FORMAT_MOODLE;
71 }
501cdbd8 72
73
74 if (isset($forum)) { // User is starting a new discussion in a forum
75
76 $SESSION->fromurl = $HTTP_REFERER;
8223d271 77 save_session("SESSION");
501cdbd8 78
79 if (! $forum = get_record("forum", "id", $forum)) {
80 error("The forum number was incorrect ($forum)");
81 }
82 if (! $course = get_record("course", "id", $forum->course)) {
83 error("The course number was incorrect ($forum)");
84 }
85
11b0c469 86 if (! forum_user_can_post_discussion($forum)) {
501cdbd8 87 error("Sorry, but you can not post a new discussion in this forum.");
88 }
89
90 // Load up the $post variable.
91
92 $post->course = $course->id;
93 $post->forum = $forum->id;
94 $post->discussion = 0; // ie discussion # not defined yet
95 $post->parent = 0;
96 $post->subject = "";
97 $post->user = $USER->id;
98 $post->message = "";
213e8cc6 99 $post->format = $defaultformat;
501cdbd8 100
11b0c469 101 forum_set_return();
102
501cdbd8 103 } else if (isset($reply)) { // User is writing a new reply
104
11b0c469 105 if (! $parent = forum_get_post_full($reply)) {
501cdbd8 106 error("Parent post ID was incorrect ($reply)");
107 }
108 if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
109 error("This post is not part of a discussion! ($reply)");
110 }
111 if (! $forum = get_record("forum", "id", $discussion->forum)) {
112 error("The forum number was incorrect ($discussion->forum)");
113 }
114 if (! $course = get_record("course", "id", $discussion->course)) {
115 error("The course number was incorrect ($discussion->course)");
116 }
6c506ca7 117
118 if (! forum_user_can_post($forum)) {
119 error("Sorry, but you can not post in this forum.");
120 }
501cdbd8 121 // Load up the $post variable.
122
123 $post->course = $course->id;
124 $post->forum = $forum->id;
125 $post->discussion = $parent->discussion;
126 $post->parent = $parent->id;
127 $post->subject = $parent->subject;
128 $post->user = $USER->id;
129 $post->message = "";
213e8cc6 130 $post->format = $defaultformat;
501cdbd8 131
cf38360f 132 $strre = get_string("re", "forum");
133 if (!(substr($post->subject, 0, 3) == $strre)) {
134 $post->subject = "$strre $post->subject";
501cdbd8 135 }
136
11b0c469 137 forum_set_return();
501cdbd8 138
139 } else if (isset($edit)) { // User is editing their own post
140
11b0c469 141 if (! $post = forum_get_post_full($edit)) {
501cdbd8 142 error("Post ID was incorrect");
143 }
144 if ($post->user <> $USER->id) {
145 error("You can't edit other people's posts!");
146 }
147 if ((time() - $post->created) > $CFG->maxeditingtime) {
cf38360f 148 error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
501cdbd8 149 }
150 if ($post->parent) {
11b0c469 151 if (! $parent = forum_get_post_full($post->parent)) {
501cdbd8 152 error("Parent post ID was incorrect ($post->parent)");
153 }
154 }
155 if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
156 error("This post is not part of a discussion! ($reply)");
157 }
158 if (! $forum = get_record("forum", "id", $discussion->forum)) {
159 error("The forum number was incorrect ($discussion->forum)");
160 }
161 if (! $course = get_record("course", "id", $discussion->course)) {
162 error("The course number was incorrect ($discussion->course)");
163 }
164
165 // Load up the $post variable.
166
167 $post->edit = $edit;
168
169 $post->course = $course->id;
170 $post->forum = $forum->id;
171
11b0c469 172 forum_set_return();
501cdbd8 173
174
175 } else if (isset($delete)) { // User is deleting a post
176
11b0c469 177 if (! $post = forum_get_post_full($delete)) {
501cdbd8 178 error("Post ID was incorrect");
179 }
501cdbd8 180 if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
181 error("This post is not part of a discussion!");
182 }
64eacd6f 183 if (! $forum = get_record("forum", "id", $discussion->forum)) {
184 error("The forum number was incorrect ($discussion->forum)");
185 }
186 if (($post->user <> $USER->id) and !isteacher($forum->course)) {
187 error("You can't delete other people's posts!");
188 }
501cdbd8 189
190 if (isset($confirm)) { // User has confirmed the delete
191
192 if ($post->totalscore) {
cf38360f 193 notice(get_string("couldnotdeleteratings", "forum"),
11b0c469 194 forum_go_back_to("discuss.php?d=$post->discussion"));
501cdbd8 195
196 } else if (record_exists("forum_posts", "parent", $delete)) {
cf38360f 197 error(get_string("couldnotdeletereplies", "forum"),
11b0c469 198 forum_go_back_to("discuss.php?id=$post->discussion"));
501cdbd8 199
200 } else {
201 if (! $post->parent) { // post is a discussion topic as well, so delete discussion
64eacd6f 202 if ($forum->type == "single") {
203 notice("Sorry, but you are not allowed to delete that discussion!",
204 forum_go_back_to("discuss.php?d=$post->discussion"));
205 }
501cdbd8 206 forum_delete_discussion($discussion);
207
208 add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
209 redirect("view.php?f=$discussion->forum",
cf38360f 210 get_string("deleteddiscussion", "forum"), 1);
501cdbd8 211
7f6689e4 212 } else if (forum_delete_post($post)) {
501cdbd8 213
214 add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
11b0c469 215 redirect(forum_go_back_to("discuss.php?d=$post->discussion"),
cf38360f 216 get_string("deletedpost", "forum"), 1);
501cdbd8 217 } else {
218 error("An error occurred while deleting record $post->id");
219 }
220 }
221
222
223 } else { // User just asked to delete something
224
11b0c469 225 forum_set_return();
501cdbd8 226
227 print_header();
cf38360f 228 notice_yesno(get_string("deletesure", "forum"),
501cdbd8 229 "post.php?delete=$delete&confirm=$delete",
230 $HTTP_REFERER);
231
232 echo "<CENTER><HR>";
8aed46c7 233 forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
501cdbd8 234 }
235
236 die;
237
238
239 } else {
240 error("No operation specified");
241
242 }
243
244
245 // To get here they need to edit a post, and the $post
246 // variable will be loaded with all the particulars,
247 // so bring up the form.
248
249 // $course, $forum are defined. $discussion is for edit and reply only.
250
251 require_login($course->id);
252
dfc9ba9b 253
501cdbd8 254 if ($post->discussion) {
9fa49e22 255 if (! $toppost = get_record("forum_posts", "discussion", $post->discussion, "parent", 0)) {
501cdbd8 256 error("Could not find top parent of post $post->id");
257 }
258 } else {
cf38360f 259 $toppost->subject = get_string("yournewtopic", "forum");
501cdbd8 260 }
261
262 if ($post->subject) {
263 $formstart = "form.message";
264 } else {
265 $formstart = "form.subject";
266 }
267
268 if ($post->parent) {
cf38360f 269 $navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> ".get_string("editing", "forum");
501cdbd8 270 } else {
271 $navtail = "$toppost->subject";
272 }
273
cf38360f 274 $strforums = get_string("modulenameplural", "forum");
275
73bb0835 276
cf38360f 277 $navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">$strforums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";
501cdbd8 278
dfc9ba9b 279 $cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
280
501cdbd8 281 if ($course->category) {
282 print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
283 "<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
dfc9ba9b 284 $navmiddle -> $navtail", "$forumstart", "", true, "", navmenu($course, $cm));
501cdbd8 285 } else {
286 print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
287 "$navmiddle -> $navtail", "");
288
289 }
290
291 echo "<CENTER>";
292 if (isset($parent)) {
11b0c469 293 forum_print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
cf38360f 294 echo "<H2>".get_string("yourreply", "forum").":</H2>";
501cdbd8 295 } else {
cf38360f 296 echo "<H2>".get_string("yournewtopic", "forum")."</H2>";
501cdbd8 297 }
298 echo "</CENTER>";
299
300 print_simple_box_start("center", "", "$THEME->cellheading");
301 require("post.html");
302 print_simple_box_end();
303
304 print_footer($course);
305
306
307?>