[moodle.git] / mod / forum / post.php

<?PHP // $Id$

//  Edit and save a new post to a discussion


    require("../../config.php");
    require("lib.php");

    if (isguest()) {
        error(get_string("noguestpost", "forum"), $HTTP_REFERER);
    }

    if (match_referer() && isset($HTTP_POST_VARS)) {    // form submitted
        $post = (object)$HTTP_POST_VARS;

        $post->subject = strip_tags($post->subject);  // Strip all tags
        $post->message = clean_text($post->message, $post->format);   // Clean up any bad tags

        $post->attachment = $HTTP_POST_FILES["attachment"];

        if (!$post->subject and !$post->message) {
            error(get_string("emptymessage", "forum"));
        }

        require_login();

        if ($post->edit) {           // Updating a post
            $post->id = $post->edit;
            if (forum_update_post($post)) {
                add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
                redirect(forum_go_back_to("discuss.php?d=$post->discussion"), get_string("postupdated", "forum"), 1);
            } else {
                error(get_string("couldnotupdate", "forum")); 
            }

        } else if ($post->discussion) { // Adding a new post to an existing discussion
            if ($post->id = forum_add_new_post($post)) {
                if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
                    forum_subscribe($USER->id, $post->forum);
                }

                add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
                redirect(forum_go_back_to("discuss.php?d=$post->discussion"), 
                         get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 2);
            } else {
                error(get_string("couldnotadd", "forum")); 
            }
        } else {                     // Adding a new discussion
            $discussion = $post;
            $discussion->name  = $post->subject;
            $discussion->intro = $post->message;
            if ($discussion->id = forum_add_discussion($discussion)) {
                if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
                    forum_subscribe($USER->id, $post->forum);
                }
                add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
                redirect(forum_go_back_to("view.php?f=$post->forum"), 
                         get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
            } else {
                error(get_string("couldnotadd", "forum")); 
            }
        }
        die;
    }

    if ($usehtmleditor = can_use_richtext_editor()) {
        $defaultformat = FORMAT_HTML;
        $onsubmit = "onsubmit=\"copyrichtext(theform.message);\"";
    } else {
        $defaultformat = FORMAT_MOODLE;
    }


    if (isset($forum)) {      // User is starting a new discussion in a forum

        $SESSION->fromurl = $HTTP_REFERER;
        save_session("SESSION");

        if (! $forum = get_record("forum", "id", $forum)) {
            error("The forum number was incorrect ($forum)");
        }
        if (! $course = get_record("course", "id", $forum->course)) {
            error("The course number was incorrect ($forum)");
        }

        if (! forum_user_can_post_discussion($forum)) {
            error("Sorry, but you can not post a new discussion in this forum.");
        }

        // Load up the $post variable.

        $post->course = $course->id;
        $post->forum  = $forum->id;
        $post->discussion = 0;           // ie discussion # not defined yet
        $post->parent = 0;
        $post->subject = "";
        $post->userid = $USER->id;
        $post->message = "";
        $post->format = $defaultformat;

        forum_set_return();

    } else if (isset($reply)) {      // User is writing a new reply

        if (! $parent = forum_get_post_full($reply)) {
            error("Parent post ID was incorrect ($reply)");
        }
        if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
            error("This post is not part of a discussion! ($reply)");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (! $course = get_record("course", "id", $discussion->course)) {
            error("The course number was incorrect ($discussion->course)");
        }

        if (! forum_user_can_post($forum)) {
            error("Sorry, but you can not post in this forum.");
        }
        // Load up the $post variable.

        $post->course  = $course->id;
        $post->forum  = $forum->id;
        $post->discussion  = $parent->discussion;
        $post->parent = $parent->id;
        $post->subject = $parent->subject;
        $post->userid = $USER->id;
        $post->message = "";
        $post->format = $defaultformat;

        $strre = get_string("re", "forum");
        if (!(substr($post->subject, 0, 3) == $strre)) {
            $post->subject = "$strre $post->subject";
        }

        forum_set_return();

    } else if (isset($edit)) {  // User is editing their own post

        if (! $post = forum_get_post_full($edit)) {
            error("Post ID was incorrect");
        }
        if ($post->userid <> $USER->id) {
            error("You can't edit other people's posts!");
        }
        if ((time() - $post->created) > $CFG->maxeditingtime) {
            error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
        }
        if ($post->parent) {
            if (! $parent = forum_get_post_full($post->parent)) {
                error("Parent post ID was incorrect ($post->parent)");
            }
        }
        if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
            error("This post is not part of a discussion! ($reply)");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (! $course = get_record("course", "id", $discussion->course)) {
            error("The course number was incorrect ($discussion->course)");
        }

        // Load up the $post variable.

        $post->edit = $edit;

        $post->course  = $course->id;
        $post->forum  = $forum->id;

        forum_set_return();


    } else if (isset($delete)) {  // User is deleting a post

        if (! $post = forum_get_post_full($delete)) {
            error("Post ID was incorrect");
        }
        if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
            error("This post is not part of a discussion!");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (($post->userid <> $USER->id) and !isteacher($forum->course)) {
            error("You can't delete other people's posts!");
        }

        if (isset($confirm)) {    // User has confirmed the delete

            if ($post->totalscore) {
                notice(get_string("couldnotdeleteratings", "forum"), 
                        forum_go_back_to("discuss.php?d=$post->discussion"));

            } else if (record_exists("forum_posts", "parent", $delete)) {
                error(get_string("couldnotdeletereplies", "forum"),
                        forum_go_back_to("discuss.php?id=$post->discussion"));

            } else {
                if (! $post->parent) {  // post is a discussion topic as well, so delete discussion
                    if ($forum->type == "single") {
                        notice("Sorry, but you are not allowed to delete that discussion!", 
                                forum_go_back_to("discuss.php?d=$post->discussion"));
                    }
                    forum_delete_discussion($discussion);

                    add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
                    redirect("view.php?f=$discussion->forum", 
                             get_string("deleteddiscussion", "forum"), 1);

                } else if (forum_delete_post($post)) {

                    add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
                    redirect(forum_go_back_to("discuss.php?d=$post->discussion"), 
                             get_string("deletedpost", "forum"), 1);
                } else {
                    error("An error occurred while deleting record $post->id");
                }
            }


        } else { // User just asked to delete something

            forum_set_return();

            print_header();
            notice_yesno(get_string("deletesure", "forum"), 
                         "post.php?delete=$delete&confirm=$delete",
                         $HTTP_REFERER);
                         
            echo "<CENTER><HR>";
            forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
        }

        die;


    } else {
        error("No operation specified");

    }


    // To get here they need to edit a post, and the $post 
    // variable will be loaded with all the particulars,
    // so bring up the form.

    // $course, $forum are defined.  $discussion is for edit and reply only.

    require_login($course->id);


    if ($post->discussion) {
        if (! $toppost = get_record("forum_posts", "discussion", $post->discussion, "parent", 0)) {
            error("Could not find top parent of post $post->id");
        }
    } else {
        $toppost->subject = get_string("yournewtopic", "forum");
    }

    if ($post->subject) {
        $formstart = "form.message";
    } else {
        $formstart = "form.subject";
    }

    if ($post->parent) {
        $navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> ".get_string("editing", "forum");
    } else {
        $navtail = "$toppost->subject";
    }

    $strforums = get_string("modulenameplural", "forum");


    $navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">$strforums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";

    $cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);

    if ($course->category) {
        print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
                 "<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
                  $navmiddle -> $navtail", "$forumstart", "", true, "", navmenu($course, $cm));
    } else {
        print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
                 "$navmiddle -> $navtail", "");

    }

    echo "<CENTER>";
    if (isset($parent)) {
        forum_print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
        echo "<H2>".get_string("yourreply", "forum").":</H2>";
    } else {
        echo "<H2>".get_string("yournewtopic", "forum")."</H2>";
    }
    echo "</CENTER>";

    print_simple_box_start("center", "", "$THEME->cellheading");
    require("post.html");
    print_simple_box_end();

    print_footer($course);


?>
Commit	Line	Data
501cdbd8	1	<?PHP // $Id$
	2
	3	// Edit and save a new post to a discussion
	4
	5
	6	require("../../config.php");
	7	require("lib.php");
	8
	9	if (isguest()) {
cf38360f	10	error(get_string("noguestpost", "forum"), $HTTP_REFERER);
501cdbd8	11	}
	12
	13	if (match_referer() && isset($HTTP_POST_VARS)) { // form submitted
	14	$post = (object)$HTTP_POST_VARS;
	15
	16	$post->subject = strip_tags($post->subject); // Strip all tags
73bb0835	17	$post->message = clean_text($post->message, $post->format); // Clean up any bad tags
501cdbd8	18
7f6689e4	19	$post->attachment = $HTTP_POST_FILES["attachment"];
	20
	21	if (!$post->subject and !$post->message) {
cf38360f	22	error(get_string("emptymessage", "forum"));
7f6689e4	23	}
7f6689e4	24
501cdbd8	25	require_login();
	26
	27	if ($post->edit) { // Updating a post
	28	$post->id = $post->edit;
7f6689e4	29	if (forum_update_post($post)) {
501cdbd8	30	add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
cf38360f	31	redirect(forum_go_back_to("discuss.php?d=$post->discussion"), get_string("postupdated", "forum"), 1);
501cdbd8	32	} else {
cf38360f	33	error(get_string("couldnotupdate", "forum"));
501cdbd8	34	}
7f6689e4	35
501cdbd8	36	} else if ($post->discussion) { // Adding a new post to an existing discussion
11b0c469	37	if ($post->id = forum_add_new_post($post)) {
501cdbd8	38	if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
	39	forum_subscribe($USER->id, $post->forum);
	40	}
	41
	42	add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
11b0c469	43	redirect(forum_go_back_to("discuss.php?d=$post->discussion"),
1f48942e	44	get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 2);
501cdbd8	45	} else {
cf38360f	46	error(get_string("couldnotadd", "forum"));
501cdbd8	47	}
	48	} else { // Adding a new discussion
	49	$discussion = $post;
	50	$discussion->name = $post->subject;
	51	$discussion->intro = $post->message;
	52	if ($discussion->id = forum_add_discussion($discussion)) {
	53	if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
	54	forum_subscribe($USER->id, $post->forum);
	55	}
	56	add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
11b0c469	57	redirect(forum_go_back_to("view.php?f=$post->forum"),
cf38360f	58	get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
501cdbd8	59	} else {
cf38360f	60	error(get_string("couldnotadd", "forum"));
501cdbd8	61	}
	62	}
	63	die;
	64	}
	65
213e8cc6	66	if ($usehtmleditor = can_use_richtext_editor()) {
	67	$defaultformat = FORMAT_HTML;
	68	$onsubmit = "onsubmit=\"copyrichtext(theform.message);\"";
	69	} else {
	70	$defaultformat = FORMAT_MOODLE;
	71	}
501cdbd8	72
	73
	74	if (isset($forum)) { // User is starting a new discussion in a forum
	75
	76	$SESSION->fromurl = $HTTP_REFERER;
8223d271	77	save_session("SESSION");
501cdbd8	78
	79	if (! $forum = get_record("forum", "id", $forum)) {
	80	error("The forum number was incorrect ($forum)");
	81	}
	82	if (! $course = get_record("course", "id", $forum->course)) {
	83	error("The course number was incorrect ($forum)");
	84	}
	85
11b0c469	86	if (! forum_user_can_post_discussion($forum)) {
501cdbd8	87	error("Sorry, but you can not post a new discussion in this forum.");
	88	}
	89
	90	// Load up the $post variable.
	91
	92	$post->course = $course->id;
	93	$post->forum = $forum->id;
	94	$post->discussion = 0; // ie discussion # not defined yet
	95	$post->parent = 0;
	96	$post->subject = "";
ebc3bd2b	97	$post->userid = $USER->id;
501cdbd8	98	$post->message = "";
213e8cc6	99	$post->format = $defaultformat;
501cdbd8	100
11b0c469	101	forum_set_return();
11b0c469	102
501cdbd8	103	} else if (isset($reply)) { // User is writing a new reply
501cdbd8	104
11b0c469	105	if (! $parent = forum_get_post_full($reply)) {
501cdbd8	106	error("Parent post ID was incorrect ($reply)");
	107	}
	108	if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
	109	error("This post is not part of a discussion! ($reply)");
	110	}
	111	if (! $forum = get_record("forum", "id", $discussion->forum)) {
	112	error("The forum number was incorrect ($discussion->forum)");
	113	}
	114	if (! $course = get_record("course", "id", $discussion->course)) {
	115	error("The course number was incorrect ($discussion->course)");
	116	}
6c506ca7	117
	118	if (! forum_user_can_post($forum)) {
	119	error("Sorry, but you can not post in this forum.");
	120	}
501cdbd8	121	// Load up the $post variable.
	122
	123	$post->course = $course->id;
	124	$post->forum = $forum->id;
	125	$post->discussion = $parent->discussion;
	126	$post->parent = $parent->id;
	127	$post->subject = $parent->subject;
ebc3bd2b	128	$post->userid = $USER->id;
501cdbd8	129	$post->message = "";
213e8cc6	130	$post->format = $defaultformat;
501cdbd8	131
cf38360f	132	$strre = get_string("re", "forum");
	133	if (!(substr($post->subject, 0, 3) == $strre)) {
	134	$post->subject = "$strre $post->subject";
501cdbd8	135	}
501cdbd8	136
11b0c469	137	forum_set_return();
501cdbd8	138
	139	} else if (isset($edit)) { // User is editing their own post
	140
11b0c469	141	if (! $post = forum_get_post_full($edit)) {
501cdbd8	142	error("Post ID was incorrect");
501cdbd8	143	}
ebc3bd2b	144	if ($post->userid <> $USER->id) {
501cdbd8	145	error("You can't edit other people's posts!");
	146	}
	147	if ((time() - $post->created) > $CFG->maxeditingtime) {
cf38360f	148	error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
501cdbd8	149	}
501cdbd8	150	if ($post->parent) {
11b0c469	151	if (! $parent = forum_get_post_full($post->parent)) {
501cdbd8	152	error("Parent post ID was incorrect ($post->parent)");
	153	}
	154	}
	155	if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
	156	error("This post is not part of a discussion! ($reply)");
	157	}
	158	if (! $forum = get_record("forum", "id", $discussion->forum)) {
	159	error("The forum number was incorrect ($discussion->forum)");
	160	}
	161	if (! $course = get_record("course", "id", $discussion->course)) {
	162	error("The course number was incorrect ($discussion->course)");
	163	}
	164
	165	// Load up the $post variable.
	166
	167	$post->edit = $edit;
	168
	169	$post->course = $course->id;
	170	$post->forum = $forum->id;
	171
11b0c469	172	forum_set_return();
501cdbd8	173
	174
	175	} else if (isset($delete)) { // User is deleting a post
	176
11b0c469	177	if (! $post = forum_get_post_full($delete)) {
501cdbd8	178	error("Post ID was incorrect");
501cdbd8	179	}
501cdbd8	180	if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
	181	error("This post is not part of a discussion!");
	182	}
64eacd6f	183	if (! $forum = get_record("forum", "id", $discussion->forum)) {
	184	error("The forum number was incorrect ($discussion->forum)");
	185	}
ebc3bd2b	186	if (($post->userid <> $USER->id) and !isteacher($forum->course)) {
64eacd6f	187	error("You can't delete other people's posts!");
64eacd6f	188	}
501cdbd8	189
	190	if (isset($confirm)) { // User has confirmed the delete
	191
	192	if ($post->totalscore) {
cf38360f	193	notice(get_string("couldnotdeleteratings", "forum"),
11b0c469	194	forum_go_back_to("discuss.php?d=$post->discussion"));
501cdbd8	195
501cdbd8	196	} else if (record_exists("forum_posts", "parent", $delete)) {
cf38360f	197	error(get_string("couldnotdeletereplies", "forum"),
11b0c469	198	forum_go_back_to("discuss.php?id=$post->discussion"));
501cdbd8	199
	200	} else {
	201	if (! $post->parent) { // post is a discussion topic as well, so delete discussion
64eacd6f	202	if ($forum->type == "single") {
	203	notice("Sorry, but you are not allowed to delete that discussion!",
	204	forum_go_back_to("discuss.php?d=$post->discussion"));
	205	}
501cdbd8	206	forum_delete_discussion($discussion);
	207
	208	add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
	209	redirect("view.php?f=$discussion->forum",
cf38360f	210	get_string("deleteddiscussion", "forum"), 1);
501cdbd8	211
7f6689e4	212	} else if (forum_delete_post($post)) {
501cdbd8	213
501cdbd8	214	add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
11b0c469	215	redirect(forum_go_back_to("discuss.php?d=$post->discussion"),
cf38360f	216	get_string("deletedpost", "forum"), 1);
501cdbd8	217	} else {
	218	error("An error occurred while deleting record $post->id");
	219	}
	220	}
	221
	222
	223	} else { // User just asked to delete something
	224
11b0c469	225	forum_set_return();
501cdbd8	226
501cdbd8	227	print_header();
cf38360f	228	notice_yesno(get_string("deletesure", "forum"),
501cdbd8	229	"post.php?delete=$delete&confirm=$delete",
	230	$HTTP_REFERER);
	231
	232	echo "<CENTER><HR>";
8aed46c7	233	forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
501cdbd8	234	}
	235
	236	die;
	237
	238
	239	} else {
	240	error("No operation specified");
	241
	242	}
	243
	244
	245	// To get here they need to edit a post, and the $post
	246	// variable will be loaded with all the particulars,
	247	// so bring up the form.
	248
	249	// $course, $forum are defined. $discussion is for edit and reply only.
	250
	251	require_login($course->id);
	252
dfc9ba9b	253
501cdbd8	254	if ($post->discussion) {
9fa49e22	255	if (! $toppost = get_record("forum_posts", "discussion", $post->discussion, "parent", 0)) {
501cdbd8	256	error("Could not find top parent of post $post->id");
	257	}
	258	} else {
cf38360f	259	$toppost->subject = get_string("yournewtopic", "forum");
501cdbd8	260	}
	261
	262	if ($post->subject) {
	263	$formstart = "form.message";
	264	} else {
	265	$formstart = "form.subject";
	266	}
	267
	268	if ($post->parent) {
cf38360f	269	$navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> ".get_string("editing", "forum");
501cdbd8	270	} else {
	271	$navtail = "$toppost->subject";
	272	}
	273
cf38360f	274	$strforums = get_string("modulenameplural", "forum");
cf38360f	275
73bb0835	276
cf38360f	277	$navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">$strforums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";
501cdbd8	278
dfc9ba9b	279	$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
dfc9ba9b	280
501cdbd8	281	if ($course->category) {
	282	print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
	283	"<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
dfc9ba9b	284	$navmiddle -> $navtail", "$forumstart", "", true, "", navmenu($course, $cm));
501cdbd8	285	} else {
	286	print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
	287	"$navmiddle -> $navtail", "");
	288
	289	}
	290
	291	echo "<CENTER>";
	292	if (isset($parent)) {
11b0c469	293	forum_print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
cf38360f	294	echo "<H2>".get_string("yourreply", "forum").":</H2>";
501cdbd8	295	} else {
cf38360f	296	echo "<H2>".get_string("yournewtopic", "forum")."</H2>";
501cdbd8	297	}
	298	echo "</CENTER>";
	299
	300	print_simple_box_start("center", "", "$THEME->cellheading");
	301	require("post.html");
	302	print_simple_box_end();
	303
	304	print_footer($course);
	305
	306
	307	?>