[moodle.git] / mod / forum / post.php

<?PHP // $Id$

//  Edit and save a new post to a discussion


    require("../../config.php");
    require("lib.php");

    if (isguest()) {
        error("Guests are not allowed to post.", $HTTP_REFERER);
    }

    if (match_referer() && isset($HTTP_POST_VARS)) {    // form submitted
        $post = (object)$HTTP_POST_VARS;

        $post->subject = strip_tags($post->subject);  // Strip all tags
        $post->message = cleantext($post->message);   // Clean up any bad tags

        require_login();

        if ($post->edit) {           // Updating a post
            $post->id = $post->edit;
            if (update_post_in_database($post) ) {
                add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
                redirect(go_back_to("discuss.php?d=$post->discussion"), "Your post was updated", 1);
            } else {
                error("Could not update your post due to an unknown error"); 
            }
        } else if ($post->discussion) { // Adding a new post to an existing discussion
            if ($post->id = add_new_post_to_database($post)) {
                if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
                    forum_subscribe($USER->id, $post->forum);
                }

                add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
                redirect(go_back_to("discuss.php?d=$post->discussion"), 
                         "Your post was successfully added.<P>You have ".format_time($CFG->maxeditingtime)." to edit it if you want to make any changes.", 3);
            } else {
                error("Could not add the post due to an unknown error"); 
            }
        } else {                     // Adding a new discussion
            $discussion = $post;
            $discussion->name  = $post->subject;
            $discussion->intro = $post->message;
            if ($discussion->id = forum_add_discussion($discussion)) {
                if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
                    forum_subscribe($USER->id, $post->forum);
                }
                add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
                redirect(go_back_to("view.php?f=$post->forum"), 
                         "Your post was successfully added.<P>You have ".format_time($CFG->maxeditingtime)." to edit it if you want to make any changes.", 5);
            } else {
                error("Could not insert the new discussion.");
            }
        }
        die;
    }


    if (isset($forum)) {      // User is starting a new discussion in a forum

        $SESSION->fromurl = $HTTP_REFERER;

        if (! $forum = get_record("forum", "id", $forum)) {
            error("The forum number was incorrect ($forum)");
        }
        if (! $course = get_record("course", "id", $forum->course)) {
            error("The course number was incorrect ($forum)");
        }

        if (! user_can_post_discussion($forum)) {
            error("Sorry, but you can not post a new discussion in this forum.");
        }

        // Load up the $post variable.

        $post->course = $course->id;
        $post->forum  = $forum->id;
        $post->discussion = 0;           // ie discussion # not defined yet
        $post->parent = 0;
        $post->subject = "";
        $post->user = $USER->id;
        $post->message = "";

        set_fromdiscussion();
    
    } else if (isset($reply)) {      // User is writing a new reply

        if (! $parent = get_forum_post_full($reply)) {
            error("Parent post ID was incorrect ($reply)");
        }
        if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
            error("This post is not part of a discussion! ($reply)");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (! $course = get_record("course", "id", $discussion->course)) {
            error("The course number was incorrect ($discussion->course)");
        }
        // Load up the $post variable.

        $post->course  = $course->id;
        $post->forum  = $forum->id;
        $post->discussion  = $parent->discussion;
        $post->parent = $parent->id;
        $post->subject = $parent->subject;
        $post->user = $USER->id;
        $post->message = "";

        if (!(substr($post->subject, 0, 3) == "Re:")) {
            $post->subject = "Re: ".$post->subject;
        }

        set_fromdiscussion();

    } else if (isset($edit)) {  // User is editing their own post

        if (! $post = get_forum_post_full($edit)) {
            error("Post ID was incorrect");
        }
        if ($post->user <> $USER->id) {
            error("You can't edit other people's posts!");
        }
        if ((time() - $post->created) > $CFG->maxeditingtime) {
            error("Sorry, but the maximum time for editing this post (".format_time($CFG->maxeditingtime).") has passed!");
        }
        if ($post->parent) {
            if (! $parent = get_forum_post_full($post->parent)) {
                error("Parent post ID was incorrect ($post->parent)");
            }
        }
        if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
            error("This post is not part of a discussion! ($reply)");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (! $course = get_record("course", "id", $discussion->course)) {
            error("The course number was incorrect ($discussion->course)");
        }

        // Load up the $post variable.

        $post->edit = $edit;

        $post->course  = $course->id;
        $post->forum  = $forum->id;

        set_fromdiscussion();


    } else if (isset($delete)) {  // User is deleting a post

        if (! $post = get_forum_post_full($delete)) {
            error("Post ID was incorrect");
        }
        if ($post->user <> $USER->id) {
            error("You can't delete other people's posts!");
        }
        if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
            error("This post is not part of a discussion!");
        }

        if (isset($confirm)) {    // User has confirmed the delete

            if ($post->totalscore) {
                notice("Sorry, that cannot be deleted as people have already rated it", 
                        go_back_to("discuss.php?d=$post->discussion"));

            } else if (record_exists("forum_posts", "parent", $delete)) {
                error("Sorry, that cannot be deleted as people have 
                        already responded to it", 
                        go_back_to("discuss.php?id=$post->discussion"));

            } else {
                if (! $post->parent) {  // post is a discussion topic as well, so delete discussion
                    forum_delete_discussion($discussion);

                    add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
                    redirect("view.php?f=$discussion->forum", 
                             "Your discussion topic was deleted", 1);

                } else if (delete_records("forum_posts", "id", $post->id)) {

                    add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
                    redirect(go_back_to("discuss.php?d=$post->discussion"), 
                             "Your post was deleted", 1);
                } else {
                    error("An error occurred while deleting record $post->id");
                }
            }


        } else { // User just asked to delete something

            set_fromdiscussion();

            print_header();
            notice_yesno("Are you sure you want to delete this post?", 
                         "post.php?delete=$delete&confirm=$delete",
                         $HTTP_REFERER);
                         
            echo "<CENTER><HR>";
            print_post($post, 0, $ownpost=false, $reply=false, $link=false);

        }

        die;


    } else {
        error("No operation specified");

    }


    // To get here they need to edit a post, and the $post 
    // variable will be loaded with all the particulars,
    // so bring up the form.

    // $course, $forum are defined.  $discussion is for edit and reply only.

    require_login($course->id);

    if ($post->discussion) {
        if (! $toppost = get_record_sql("SELECT * FROM forum_posts 
                                         WHERE discussion='$post->discussion' 
                                         AND parent = 0")) {
            error("Could not find top parent of post $post->id");
        }
    } else {
        $toppost->subject = "New discussion topic";
    }

    if ($post->subject) {
        $formstart = "form.message";
    } else {
        $formstart = "form.subject";
    }

    if ($post->parent) {
        $navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> Editing";
    } else {
        $navtail = "$toppost->subject";
    }

    $navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">Forums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";

    if ($course->category) {
        print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
                 "<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
                  $navmiddle -> $navtail", "$forumstart");
    } else {
        print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
                 "$navmiddle -> $navtail", "");

    }

    echo "<CENTER>";
    if (isset($parent)) {
        print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
        echo "<H2>Your reply:</H2>";
    } else {
        echo "<H2>Your new discussion topic:</H2>";
    }
    echo "</CENTER>";

    print_simple_box_start("center", "", "$THEME->cellheading");
    require("post.html");
    print_simple_box_end();

    print_footer($course);


?>
Commit	Line	Data
501cdbd8	1	<?PHP // $Id$
	2
	3	// Edit and save a new post to a discussion
	4
	5
	6	require("../../config.php");
	7	require("lib.php");
	8
	9	if (isguest()) {
	10	error("Guests are not allowed to post.", $HTTP_REFERER);
	11	}
	12
	13	if (match_referer() && isset($HTTP_POST_VARS)) { // form submitted
	14	$post = (object)$HTTP_POST_VARS;
	15
	16	$post->subject = strip_tags($post->subject); // Strip all tags
	17	$post->message = cleantext($post->message); // Clean up any bad tags
	18
	19	require_login();
	20
	21	if ($post->edit) { // Updating a post
	22	$post->id = $post->edit;
	23	if (update_post_in_database($post) ) {
	24	add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
	25	redirect(go_back_to("discuss.php?d=$post->discussion"), "Your post was updated", 1);
	26	} else {
	27	error("Could not update your post due to an unknown error");
	28	}
	29	} else if ($post->discussion) { // Adding a new post to an existing discussion
	30	if ($post->id = add_new_post_to_database($post)) {
	31	if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
	32	forum_subscribe($USER->id, $post->forum);
	33	}
	34
	35	add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
	36	redirect(go_back_to("discuss.php?d=$post->discussion"),
	37	"Your post was successfully added.<P>You have ".format_time($CFG->maxeditingtime)." to edit it if you want to make any changes.", 3);
	38	} else {
	39	error("Could not add the post due to an unknown error");
	40	}
	41	} else { // Adding a new discussion
	42	$discussion = $post;
	43	$discussion->name = $post->subject;
	44	$discussion->intro = $post->message;
	45	if ($discussion->id = forum_add_discussion($discussion)) {
	46	if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
	47	forum_subscribe($USER->id, $post->forum);
	48	}
	49	add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
	50	redirect(go_back_to("view.php?f=$post->forum"),
	51	"Your post was successfully added.<P>You have ".format_time($CFG->maxeditingtime)." to edit it if you want to make any changes.", 5);
	52	} else {
	53	error("Could not insert the new discussion.");
	54	}
	55	}
	56	die;
	57	}
	58
	59
	60
	61	if (isset($forum)) { // User is starting a new discussion in a forum
	62
	63	$SESSION->fromurl = $HTTP_REFERER;
	64
65	if (! $forum = get_record("forum", "id", $forum)) {
66	error("The forum number was incorrect ($forum)");
67	}
68	if (! $course = get_record("course", "id", $forum->course)) {
69	error("The course number was incorrect ($forum)");
70	}
71
72	if (! user_can_post_discussion($forum)) {
73	error("Sorry, but you can not post a new discussion in this forum.");
74	}
75
76	// Load up the $post variable.
77
78	$post->course = $course->id;
79	$post->forum = $forum->id;
80	$post->discussion = 0; // ie discussion # not defined yet
81	$post->parent = 0;
82	$post->subject = "";
83	$post->user = $USER->id;
84	$post->message = "";
85
86	set_fromdiscussion();
87
88	} else if (isset($reply)) { // User is writing a new reply
89
90	if (! $parent = get_forum_post_full($reply)) {
91	error("Parent post ID was incorrect ($reply)");
92	}
93	if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
94	error("This post is not part of a discussion! ($reply)");
95	}
96	if (! $forum = get_record("forum", "id", $discussion->forum)) {
97	error("The forum number was incorrect ($discussion->forum)");
98	}
99	if (! $course = get_record("course", "id", $discussion->course)) {
100	error("The course number was incorrect ($discussion->course)");
101	}
102	// Load up the $post variable.
103
104	$post->course = $course->id;
105	$post->forum = $forum->id;
106	$post->discussion = $parent->discussion;
107	$post->parent = $parent->id;
108	$post->subject = $parent->subject;
109	$post->user = $USER->id;
110	$post->message = "";
111
112	if (!(substr($post->subject, 0, 3) == "Re:")) {
113	$post->subject = "Re: ".$post->subject;
114	}
115
116	set_fromdiscussion();
117
118	} else if (isset($edit)) { // User is editing their own post
119
120	if (! $post = get_forum_post_full($edit)) {
121	error("Post ID was incorrect");
122	}
123	if ($post->user <> $USER->id) {
124	error("You can't edit other people's posts!");
125	}
126	if ((time() - $post->created) > $CFG->maxeditingtime) {
127	error("Sorry, but the maximum time for editing this post (".format_time($CFG->maxeditingtime).") has passed!");
128	}
129	if ($post->parent) {
130	if (! $parent = get_forum_post_full($post->parent)) {
131	error("Parent post ID was incorrect ($post->parent)");
132	}
133	}
134	if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
135	error("This post is not part of a discussion! ($reply)");
136	}
137	if (! $forum = get_record("forum", "id", $discussion->forum)) {
138	error("The forum number was incorrect ($discussion->forum)");
139	}
140	if (! $course = get_record("course", "id", $discussion->course)) {
141	error("The course number was incorrect ($discussion->course)");
142	}
143
144	// Load up the $post variable.
145
146	$post->edit = $edit;
147
148	$post->course = $course->id;
149	$post->forum = $forum->id;
150
151	set_fromdiscussion();
152
153
154	} else if (isset($delete)) { // User is deleting a post
155
156	if (! $post = get_forum_post_full($delete)) {
157	error("Post ID was incorrect");
158	}
159	if ($post->user <> $USER->id) {
160	error("You can't delete other people's posts!");
161	}
162	if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
163	error("This post is not part of a discussion!");
164	}
165
166	if (isset($confirm)) { // User has confirmed the delete
167
168	if ($post->totalscore) {
169	notice("Sorry, that cannot be deleted as people have already rated it",
170	go_back_to("discuss.php?d=$post->discussion"));
171
172	} else if (record_exists("forum_posts", "parent", $delete)) {
173	error("Sorry, that cannot be deleted as people have
174	already responded to it",
175	go_back_to("discuss.php?id=$post->discussion"));
176
177	} else {
178	if (! $post->parent) { // post is a discussion topic as well, so delete discussion
179	forum_delete_discussion($discussion);
180
181	add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
182	redirect("view.php?f=$discussion->forum",
183	"Your discussion topic was deleted", 1);
184
185	} else if (delete_records("forum_posts", "id", $post->id)) {
186
187	add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
188	redirect(go_back_to("discuss.php?d=$post->discussion"),
189	"Your post was deleted", 1);
190	} else {
191	error("An error occurred while deleting record $post->id");
192	}
193	}
194
195
196	} else { // User just asked to delete something
197
198	set_fromdiscussion();
199
200	print_header();
201	notice_yesno("Are you sure you want to delete this post?",
202	"post.php?delete=$delete&confirm=$delete",
203	$HTTP_REFERER);
204
205	echo "<CENTER><HR>";
206	print_post($post, 0, $ownpost=false, $reply=false, $link=false);
207
208	}
209
210	die;
211
212
213	} else {
214	error("No operation specified");
215
216	}
217
218
219	// To get here they need to edit a post, and the $post
220	// variable will be loaded with all the particulars,
221	// so bring up the form.
222
223	// $course, $forum are defined. $discussion is for edit and reply only.
224
225	require_login($course->id);
226
227	if ($post->discussion) {
228	if (! $toppost = get_record_sql("SELECT * FROM forum_posts
229	WHERE discussion='$post->discussion'
230	AND parent = 0")) {
231	error("Could not find top parent of post $post->id");
232	}
233	} else {
234	$toppost->subject = "New discussion topic";
235	}
236
237	if ($post->subject) {
238	$formstart = "form.message";
239	} else {
240	$formstart = "form.subject";
241	}
242
243	if ($post->parent) {
244	$navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> Editing";
245	} else {
246	$navtail = "$toppost->subject";
247	}
248
249	$navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">Forums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";
250
251	if ($course->category) {
252	print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
253	"<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
254	$navmiddle -> $navtail", "$forumstart");
255	} else {
256	print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
257	"$navmiddle -> $navtail", "");
258
259	}
260
261	echo "<CENTER>";
262	if (isset($parent)) {
263	print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
264	echo "<H2>Your reply:</H2>";
265	} else {
266	echo "<H2>Your new discussion topic:</H2>";
267	}
268	echo "</CENTER>";
269
270	print_simple_box_start("center", "", "$THEME->cellheading");
271	require("post.html");
272	print_simple_box_end();
273
274	print_footer($course);
275
276
277	?>