501cdbd8 |
1 | <?PHP // $Id$ |
2 | |
3 | // Edit and save a new post to a discussion |
4 | |
5 | |
6 | require("../../config.php"); |
7 | require("lib.php"); |
8 | |
9 | if (isguest()) { |
10 | error("Guests are not allowed to post.", $HTTP_REFERER); |
11 | } |
12 | |
13 | if (match_referer() && isset($HTTP_POST_VARS)) { // form submitted |
14 | $post = (object)$HTTP_POST_VARS; |
15 | |
16 | $post->subject = strip_tags($post->subject); // Strip all tags |
17 | $post->message = cleantext($post->message); // Clean up any bad tags |
18 | |
19 | require_login(); |
20 | |
21 | if ($post->edit) { // Updating a post |
22 | $post->id = $post->edit; |
23 | if (update_post_in_database($post) ) { |
24 | add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id"); |
25 | redirect(go_back_to("discuss.php?d=$post->discussion"), "Your post was updated", 1); |
26 | } else { |
27 | error("Could not update your post due to an unknown error"); |
28 | } |
29 | } else if ($post->discussion) { // Adding a new post to an existing discussion |
30 | if ($post->id = add_new_post_to_database($post)) { |
31 | if ( ! forum_is_subscribed($USER->id, $post->forum) ) { |
32 | forum_subscribe($USER->id, $post->forum); |
33 | } |
34 | |
35 | add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id"); |
36 | redirect(go_back_to("discuss.php?d=$post->discussion"), |
37 | "Your post was successfully added.<P>You have ".format_time($CFG->maxeditingtime)." to edit it if you want to make any changes.", 3); |
38 | } else { |
39 | error("Could not add the post due to an unknown error"); |
40 | } |
41 | } else { // Adding a new discussion |
42 | $discussion = $post; |
43 | $discussion->name = $post->subject; |
44 | $discussion->intro = $post->message; |
45 | if ($discussion->id = forum_add_discussion($discussion)) { |
46 | if ( ! forum_is_subscribed($USER->id, $post->forum) ) { |
47 | forum_subscribe($USER->id, $post->forum); |
48 | } |
49 | add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id"); |
50 | redirect(go_back_to("view.php?f=$post->forum"), |
51 | "Your post was successfully added.<P>You have ".format_time($CFG->maxeditingtime)." to edit it if you want to make any changes.", 5); |
52 | } else { |
53 | error("Could not insert the new discussion."); |
54 | } |
55 | } |
56 | die; |
57 | } |
58 | |
59 | |
60 | |
61 | if (isset($forum)) { // User is starting a new discussion in a forum |
62 | |
63 | $SESSION->fromurl = $HTTP_REFERER; |
64 | |
65 | if (! $forum = get_record("forum", "id", $forum)) { |
66 | error("The forum number was incorrect ($forum)"); |
67 | } |
68 | if (! $course = get_record("course", "id", $forum->course)) { |
69 | error("The course number was incorrect ($forum)"); |
70 | } |
71 | |
72 | if (! user_can_post_discussion($forum)) { |
73 | error("Sorry, but you can not post a new discussion in this forum."); |
74 | } |
75 | |
76 | // Load up the $post variable. |
77 | |
78 | $post->course = $course->id; |
79 | $post->forum = $forum->id; |
80 | $post->discussion = 0; // ie discussion # not defined yet |
81 | $post->parent = 0; |
82 | $post->subject = ""; |
83 | $post->user = $USER->id; |
84 | $post->message = ""; |
85 | |
86 | set_fromdiscussion(); |
87 | |
88 | } else if (isset($reply)) { // User is writing a new reply |
89 | |
90 | if (! $parent = get_forum_post_full($reply)) { |
91 | error("Parent post ID was incorrect ($reply)"); |
92 | } |
93 | if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) { |
94 | error("This post is not part of a discussion! ($reply)"); |
95 | } |
96 | if (! $forum = get_record("forum", "id", $discussion->forum)) { |
97 | error("The forum number was incorrect ($discussion->forum)"); |
98 | } |
99 | if (! $course = get_record("course", "id", $discussion->course)) { |
100 | error("The course number was incorrect ($discussion->course)"); |
101 | } |
102 | // Load up the $post variable. |
103 | |
104 | $post->course = $course->id; |
105 | $post->forum = $forum->id; |
106 | $post->discussion = $parent->discussion; |
107 | $post->parent = $parent->id; |
108 | $post->subject = $parent->subject; |
109 | $post->user = $USER->id; |
110 | $post->message = ""; |
111 | |
112 | if (!(substr($post->subject, 0, 3) == "Re:")) { |
113 | $post->subject = "Re: ".$post->subject; |
114 | } |
115 | |
116 | set_fromdiscussion(); |
117 | |
118 | } else if (isset($edit)) { // User is editing their own post |
119 | |
120 | if (! $post = get_forum_post_full($edit)) { |
121 | error("Post ID was incorrect"); |
122 | } |
123 | if ($post->user <> $USER->id) { |
124 | error("You can't edit other people's posts!"); |
125 | } |
126 | if ((time() - $post->created) > $CFG->maxeditingtime) { |
127 | error("Sorry, but the maximum time for editing this post (".format_time($CFG->maxeditingtime).") has passed!"); |
128 | } |
129 | if ($post->parent) { |
130 | if (! $parent = get_forum_post_full($post->parent)) { |
131 | error("Parent post ID was incorrect ($post->parent)"); |
132 | } |
133 | } |
134 | if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) { |
135 | error("This post is not part of a discussion! ($reply)"); |
136 | } |
137 | if (! $forum = get_record("forum", "id", $discussion->forum)) { |
138 | error("The forum number was incorrect ($discussion->forum)"); |
139 | } |
140 | if (! $course = get_record("course", "id", $discussion->course)) { |
141 | error("The course number was incorrect ($discussion->course)"); |
142 | } |
143 | |
144 | // Load up the $post variable. |
145 | |
146 | $post->edit = $edit; |
147 | |
148 | $post->course = $course->id; |
149 | $post->forum = $forum->id; |
150 | |
151 | set_fromdiscussion(); |
152 | |
153 | |
154 | } else if (isset($delete)) { // User is deleting a post |
155 | |
156 | if (! $post = get_forum_post_full($delete)) { |
157 | error("Post ID was incorrect"); |
158 | } |
159 | if ($post->user <> $USER->id) { |
160 | error("You can't delete other people's posts!"); |
161 | } |
162 | if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) { |
163 | error("This post is not part of a discussion!"); |
164 | } |
165 | |
166 | if (isset($confirm)) { // User has confirmed the delete |
167 | |
168 | if ($post->totalscore) { |
169 | notice("Sorry, that cannot be deleted as people have already rated it", |
170 | go_back_to("discuss.php?d=$post->discussion")); |
171 | |
172 | } else if (record_exists("forum_posts", "parent", $delete)) { |
173 | error("Sorry, that cannot be deleted as people have |
174 | already responded to it", |
175 | go_back_to("discuss.php?id=$post->discussion")); |
176 | |
177 | } else { |
178 | if (! $post->parent) { // post is a discussion topic as well, so delete discussion |
179 | forum_delete_discussion($discussion); |
180 | |
181 | add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id"); |
182 | redirect("view.php?f=$discussion->forum", |
183 | "Your discussion topic was deleted", 1); |
184 | |
185 | } else if (delete_records("forum_posts", "id", $post->id)) { |
186 | |
187 | add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id"); |
188 | redirect(go_back_to("discuss.php?d=$post->discussion"), |
189 | "Your post was deleted", 1); |
190 | } else { |
191 | error("An error occurred while deleting record $post->id"); |
192 | } |
193 | } |
194 | |
195 | |
196 | } else { // User just asked to delete something |
197 | |
198 | set_fromdiscussion(); |
199 | |
200 | print_header(); |
201 | notice_yesno("Are you sure you want to delete this post?", |
202 | "post.php?delete=$delete&confirm=$delete", |
203 | $HTTP_REFERER); |
204 | |
205 | echo "<CENTER><HR>"; |
206 | print_post($post, 0, $ownpost=false, $reply=false, $link=false); |
207 | |
208 | } |
209 | |
210 | die; |
211 | |
212 | |
213 | } else { |
214 | error("No operation specified"); |
215 | |
216 | } |
217 | |
218 | |
219 | // To get here they need to edit a post, and the $post |
220 | // variable will be loaded with all the particulars, |
221 | // so bring up the form. |
222 | |
223 | // $course, $forum are defined. $discussion is for edit and reply only. |
224 | |
225 | require_login($course->id); |
226 | |
227 | if ($post->discussion) { |
228 | if (! $toppost = get_record_sql("SELECT * FROM forum_posts |
229 | WHERE discussion='$post->discussion' |
230 | AND parent = 0")) { |
231 | error("Could not find top parent of post $post->id"); |
232 | } |
233 | } else { |
234 | $toppost->subject = "New discussion topic"; |
235 | } |
236 | |
237 | if ($post->subject) { |
238 | $formstart = "form.message"; |
239 | } else { |
240 | $formstart = "form.subject"; |
241 | } |
242 | |
243 | if ($post->parent) { |
244 | $navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> Editing"; |
245 | } else { |
246 | $navtail = "$toppost->subject"; |
247 | } |
248 | |
249 | $navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">Forums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>"; |
250 | |
251 | if ($course->category) { |
252 | print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname", |
253 | "<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> -> |
254 | $navmiddle -> $navtail", "$forumstart"); |
255 | } else { |
256 | print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname", |
257 | "$navmiddle -> $navtail", ""); |
258 | |
259 | } |
260 | |
261 | echo "<CENTER>"; |
262 | if (isset($parent)) { |
263 | print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false); |
264 | echo "<H2>Your reply:</H2>"; |
265 | } else { |
266 | echo "<H2>Your new discussion topic:</H2>"; |
267 | } |
268 | echo "</CENTER>"; |
269 | |
270 | print_simple_box_start("center", "", "$THEME->cellheading"); |
271 | require("post.html"); |
272 | print_simple_box_end(); |
273 | |
274 | print_footer($course); |
275 | |
276 | |
277 | ?> |