[moodle.git] / mod / forum / post.php

<?PHP // $Id$

//  Edit and save a new post to a discussion


    require("../../config.php");
    require("lib.php");

    if (isguest()) {
        error(get_string("noguestpost", "forum"), $HTTP_REFERER);
    }

    if (match_referer() && isset($HTTP_POST_VARS)) {    // form submitted
        $post = (object)$HTTP_POST_VARS;

        $post->subject = strip_tags($post->subject);  // Strip all tags
        $post->message = clean_text($post->message, $post->format);   // Clean up any bad tags

        $post->attachment = $HTTP_POST_FILES["attachment"];

        if (!$post->subject and !$post->message) {
            error(get_string("emptymessage", "forum"));
        }

        require_login();

        if ($post->edit) {           // Updating a post
            $post->id = $post->edit;
            if (forum_update_post($post)) {
                add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
                redirect(forum_go_back_to("discuss.php?d=$post->discussion"), get_string("postupdated", "forum"), 1);
            } else {
                error(get_string("couldnotupdate", "forum")); 
            }

        } else if ($post->discussion) { // Adding a new post to an existing discussion
            if ($post->id = forum_add_new_post($post)) {
                if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
                    forum_subscribe($USER->id, $post->forum);
                }

                add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
                redirect(forum_go_back_to("discuss.php?d=$post->discussion"), 
                         get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
            } else {
                error(get_string("couldnotadd", "forum")); 
            }
        } else {                     // Adding a new discussion
            $discussion = $post;
            $discussion->name  = $post->subject;
            $discussion->intro = $post->message;
            if ($discussion->id = forum_add_discussion($discussion)) {
                if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
                    forum_subscribe($USER->id, $post->forum);
                }
                add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
                redirect(forum_go_back_to("view.php?f=$post->forum"), 
                         get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
            } else {
                error(get_string("couldnotadd", "forum")); 
            }
        }
        die;
    }


    if (isset($forum)) {      // User is starting a new discussion in a forum

        $SESSION->fromurl = $HTTP_REFERER;
        save_session("SESSION");

        if (! $forum = get_record("forum", "id", $forum)) {
            error("The forum number was incorrect ($forum)");
        }
        if (! $course = get_record("course", "id", $forum->course)) {
            error("The course number was incorrect ($forum)");
        }

        if (! forum_user_can_post_discussion($forum)) {
            error("Sorry, but you can not post a new discussion in this forum.");
        }

        // Load up the $post variable.

        $post->course = $course->id;
        $post->forum  = $forum->id;
        $post->discussion = 0;           // ie discussion # not defined yet
        $post->parent = 0;
        $post->subject = "";
        $post->user = $USER->id;
        $post->message = "";

        forum_set_return();

    } else if (isset($reply)) {      // User is writing a new reply

        if (! $parent = forum_get_post_full($reply)) {
            error("Parent post ID was incorrect ($reply)");
        }
        if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
            error("This post is not part of a discussion! ($reply)");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (! $course = get_record("course", "id", $discussion->course)) {
            error("The course number was incorrect ($discussion->course)");
        }
        // Load up the $post variable.

        $post->course  = $course->id;
        $post->forum  = $forum->id;
        $post->discussion  = $parent->discussion;
        $post->parent = $parent->id;
        $post->subject = $parent->subject;
        $post->user = $USER->id;
        $post->message = "";

        $strre = get_string("re", "forum");
        if (!(substr($post->subject, 0, 3) == $strre)) {
            $post->subject = "$strre $post->subject";
        }

        forum_set_return();

    } else if (isset($edit)) {  // User is editing their own post

        if (! $post = forum_get_post_full($edit)) {
            error("Post ID was incorrect");
        }
        if ($post->user <> $USER->id) {
            error("You can't edit other people's posts!");
        }
        if ((time() - $post->created) > $CFG->maxeditingtime) {
            error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
        }
        if ($post->parent) {
            if (! $parent = forum_get_post_full($post->parent)) {
                error("Parent post ID was incorrect ($post->parent)");
            }
        }
        if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
            error("This post is not part of a discussion! ($reply)");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (! $course = get_record("course", "id", $discussion->course)) {
            error("The course number was incorrect ($discussion->course)");
        }

        // Load up the $post variable.

        $post->edit = $edit;

        $post->course  = $course->id;
        $post->forum  = $forum->id;

        forum_set_return();


    } else if (isset($delete)) {  // User is deleting a post

        if (! $post = forum_get_post_full($delete)) {
            error("Post ID was incorrect");
        }
        if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
            error("This post is not part of a discussion!");
        }
        if (! $forum = get_record("forum", "id", $discussion->forum)) {
            error("The forum number was incorrect ($discussion->forum)");
        }
        if (($post->user <> $USER->id) and !isteacher($forum->course)) {
            error("You can't delete other people's posts!");
        }

        if (isset($confirm)) {    // User has confirmed the delete

            if ($post->totalscore) {
                notice(get_string("couldnotdeleteratings", "forum"), 
                        forum_go_back_to("discuss.php?d=$post->discussion"));

            } else if (record_exists("forum_posts", "parent", $delete)) {
                error(get_string("couldnotdeletereplies", "forum"),
                        forum_go_back_to("discuss.php?id=$post->discussion"));

            } else {
                if (! $post->parent) {  // post is a discussion topic as well, so delete discussion
                    if ($forum->type == "single") {
                        notice("Sorry, but you are not allowed to delete that discussion!", 
                                forum_go_back_to("discuss.php?d=$post->discussion"));
                    }
                    forum_delete_discussion($discussion);

                    add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
                    redirect("view.php?f=$discussion->forum", 
                             get_string("deleteddiscussion", "forum"), 1);

                } else if (forum_delete_post($post)) {

                    add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
                    redirect(forum_go_back_to("discuss.php?d=$post->discussion"), 
                             get_string("deletedpost", "forum"), 1);
                } else {
                    error("An error occurred while deleting record $post->id");
                }
            }


        } else { // User just asked to delete something

            forum_set_return();

            print_header();
            notice_yesno(get_string("deletesure", "forum"), 
                         "post.php?delete=$delete&confirm=$delete",
                         $HTTP_REFERER);
                         
            echo "<CENTER><HR>";
            forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
        }

        die;


    } else {
        error("No operation specified");

    }


    // To get here they need to edit a post, and the $post 
    // variable will be loaded with all the particulars,
    // so bring up the form.

    // $course, $forum are defined.  $discussion is for edit and reply only.

    require_login($course->id);

    if ($post->discussion) {
        if (! $toppost = get_record_sql("SELECT * FROM forum_posts 
                                         WHERE discussion='$post->discussion' 
                                         AND parent = 0")) {
            error("Could not find top parent of post $post->id");
        }
    } else {
        $toppost->subject = get_string("yournewtopic", "forum");
    }

    if ($post->subject) {
        $formstart = "form.message";
    } else {
        $formstart = "form.subject";
    }

    if ($post->parent) {
        $navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> ".get_string("editing", "forum");
    } else {
        $navtail = "$toppost->subject";
    }

    $strforums = get_string("modulenameplural", "forum");

    if ($usehtmleditor = can_use_richtext_editor()) {
        $onsubmit = "onsubmit=\"copyrichtext(theform.message);\"";
    }

    $navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">$strforums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";

    if ($course->category) {
        print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
                 "<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
                  $navmiddle -> $navtail", "$forumstart");
    } else {
        print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
                 "$navmiddle -> $navtail", "");

    }

    echo "<CENTER>";
    if (isset($parent)) {
        forum_print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
        echo "<H2>".get_string("yourreply", "forum").":</H2>";
    } else {
        echo "<H2>".get_string("yournewtopic", "forum")."</H2>";
    }
    echo "</CENTER>";

    print_simple_box_start("center", "", "$THEME->cellheading");
    require("post.html");
    print_simple_box_end();

    print_footer($course);


?>
Commit	Line	Data
501cdbd8	1	<?PHP // $Id$
	2
	3	// Edit and save a new post to a discussion
	4
	5
	6	require("../../config.php");
	7	require("lib.php");
	8
	9	if (isguest()) {
cf38360f	10	error(get_string("noguestpost", "forum"), $HTTP_REFERER);
501cdbd8	11	}
	12
	13	if (match_referer() && isset($HTTP_POST_VARS)) { // form submitted
	14	$post = (object)$HTTP_POST_VARS;
	15
	16	$post->subject = strip_tags($post->subject); // Strip all tags
73bb0835	17	$post->message = clean_text($post->message, $post->format); // Clean up any bad tags
501cdbd8	18
7f6689e4	19	$post->attachment = $HTTP_POST_FILES["attachment"];
	20
	21	if (!$post->subject and !$post->message) {
cf38360f	22	error(get_string("emptymessage", "forum"));
7f6689e4	23	}
7f6689e4	24
501cdbd8	25	require_login();
	26
	27	if ($post->edit) { // Updating a post
	28	$post->id = $post->edit;
7f6689e4	29	if (forum_update_post($post)) {
501cdbd8	30	add_to_log($post->course, "forum", "update post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
cf38360f	31	redirect(forum_go_back_to("discuss.php?d=$post->discussion"), get_string("postupdated", "forum"), 1);
501cdbd8	32	} else {
cf38360f	33	error(get_string("couldnotupdate", "forum"));
501cdbd8	34	}
7f6689e4	35
501cdbd8	36	} else if ($post->discussion) { // Adding a new post to an existing discussion
11b0c469	37	if ($post->id = forum_add_new_post($post)) {
501cdbd8	38	if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
	39	forum_subscribe($USER->id, $post->forum);
	40	}
	41
	42	add_to_log($post->course, "forum", "add post", "discuss.php?d=$post->discussion&parent=$post->id", "$post->id");
11b0c469	43	redirect(forum_go_back_to("discuss.php?d=$post->discussion"),
cf38360f	44	get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
501cdbd8	45	} else {
cf38360f	46	error(get_string("couldnotadd", "forum"));
501cdbd8	47	}
	48	} else { // Adding a new discussion
	49	$discussion = $post;
	50	$discussion->name = $post->subject;
	51	$discussion->intro = $post->message;
	52	if ($discussion->id = forum_add_discussion($discussion)) {
	53	if ( ! forum_is_subscribed($USER->id, $post->forum) ) {
	54	forum_subscribe($USER->id, $post->forum);
	55	}
	56	add_to_log($post->course, "forum", "add discussion", "discuss.php?d=$discussion->id", "$discussion->id");
11b0c469	57	redirect(forum_go_back_to("view.php?f=$post->forum"),
cf38360f	58	get_string("postadded", "forum", format_time($CFG->maxeditingtime)), 3);
501cdbd8	59	} else {
cf38360f	60	error(get_string("couldnotadd", "forum"));
501cdbd8	61	}
	62	}
	63	die;
	64	}
	65
	66
	67
	68	if (isset($forum)) { // User is starting a new discussion in a forum
	69
	70	$SESSION->fromurl = $HTTP_REFERER;
8223d271	71	save_session("SESSION");
501cdbd8	72
	73	if (! $forum = get_record("forum", "id", $forum)) {
	74	error("The forum number was incorrect ($forum)");
	75	}
	76	if (! $course = get_record("course", "id", $forum->course)) {
	77	error("The course number was incorrect ($forum)");
	78	}
	79
11b0c469	80	if (! forum_user_can_post_discussion($forum)) {
501cdbd8	81	error("Sorry, but you can not post a new discussion in this forum.");
	82	}
	83
	84	// Load up the $post variable.
	85
	86	$post->course = $course->id;
	87	$post->forum = $forum->id;
	88	$post->discussion = 0; // ie discussion # not defined yet
	89	$post->parent = 0;
	90	$post->subject = "";
	91	$post->user = $USER->id;
	92	$post->message = "";
	93
11b0c469	94	forum_set_return();
11b0c469	95
501cdbd8	96	} else if (isset($reply)) { // User is writing a new reply
501cdbd8	97
11b0c469	98	if (! $parent = forum_get_post_full($reply)) {
501cdbd8	99	error("Parent post ID was incorrect ($reply)");
	100	}
	101	if (! $discussion = get_record("forum_discussions", "id", $parent->discussion)) {
	102	error("This post is not part of a discussion! ($reply)");
	103	}
	104	if (! $forum = get_record("forum", "id", $discussion->forum)) {
	105	error("The forum number was incorrect ($discussion->forum)");
	106	}
	107	if (! $course = get_record("course", "id", $discussion->course)) {
	108	error("The course number was incorrect ($discussion->course)");
	109	}
	110	// Load up the $post variable.
	111
	112	$post->course = $course->id;
	113	$post->forum = $forum->id;
	114	$post->discussion = $parent->discussion;
	115	$post->parent = $parent->id;
	116	$post->subject = $parent->subject;
	117	$post->user = $USER->id;
	118	$post->message = "";
	119
cf38360f	120	$strre = get_string("re", "forum");
	121	if (!(substr($post->subject, 0, 3) == $strre)) {
	122	$post->subject = "$strre $post->subject";
501cdbd8	123	}
501cdbd8	124
11b0c469	125	forum_set_return();
501cdbd8	126
	127	} else if (isset($edit)) { // User is editing their own post
	128
11b0c469	129	if (! $post = forum_get_post_full($edit)) {
501cdbd8	130	error("Post ID was incorrect");
	131	}
	132	if ($post->user <> $USER->id) {
	133	error("You can't edit other people's posts!");
	134	}
	135	if ((time() - $post->created) > $CFG->maxeditingtime) {
cf38360f	136	error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
501cdbd8	137	}
501cdbd8	138	if ($post->parent) {
11b0c469	139	if (! $parent = forum_get_post_full($post->parent)) {
501cdbd8	140	error("Parent post ID was incorrect ($post->parent)");
	141	}
	142	}
	143	if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
	144	error("This post is not part of a discussion! ($reply)");
	145	}
	146	if (! $forum = get_record("forum", "id", $discussion->forum)) {
	147	error("The forum number was incorrect ($discussion->forum)");
	148	}
	149	if (! $course = get_record("course", "id", $discussion->course)) {
	150	error("The course number was incorrect ($discussion->course)");
	151	}
	152
	153	// Load up the $post variable.
	154
	155	$post->edit = $edit;
	156
	157	$post->course = $course->id;
	158	$post->forum = $forum->id;
	159
11b0c469	160	forum_set_return();
501cdbd8	161
	162
	163	} else if (isset($delete)) { // User is deleting a post
	164
11b0c469	165	if (! $post = forum_get_post_full($delete)) {
501cdbd8	166	error("Post ID was incorrect");
501cdbd8	167	}
501cdbd8	168	if (! $discussion = get_record("forum_discussions", "id", $post->discussion)) {
	169	error("This post is not part of a discussion!");
	170	}
64eacd6f	171	if (! $forum = get_record("forum", "id", $discussion->forum)) {
	172	error("The forum number was incorrect ($discussion->forum)");
	173	}
	174	if (($post->user <> $USER->id) and !isteacher($forum->course)) {
	175	error("You can't delete other people's posts!");
	176	}
501cdbd8	177
	178	if (isset($confirm)) { // User has confirmed the delete
	179
	180	if ($post->totalscore) {
cf38360f	181	notice(get_string("couldnotdeleteratings", "forum"),
11b0c469	182	forum_go_back_to("discuss.php?d=$post->discussion"));
501cdbd8	183
501cdbd8	184	} else if (record_exists("forum_posts", "parent", $delete)) {
cf38360f	185	error(get_string("couldnotdeletereplies", "forum"),
11b0c469	186	forum_go_back_to("discuss.php?id=$post->discussion"));
501cdbd8	187
	188	} else {
	189	if (! $post->parent) { // post is a discussion topic as well, so delete discussion
64eacd6f	190	if ($forum->type == "single") {
	191	notice("Sorry, but you are not allowed to delete that discussion!",
	192	forum_go_back_to("discuss.php?d=$post->discussion"));
	193	}
501cdbd8	194	forum_delete_discussion($discussion);
	195
	196	add_to_log($discussion->course, "forum", "delete discussion", "view.php?id=$discussion->forum", "$post->id");
	197	redirect("view.php?f=$discussion->forum",
cf38360f	198	get_string("deleteddiscussion", "forum"), 1);
501cdbd8	199
7f6689e4	200	} else if (forum_delete_post($post)) {
501cdbd8	201
501cdbd8	202	add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id");
11b0c469	203	redirect(forum_go_back_to("discuss.php?d=$post->discussion"),
cf38360f	204	get_string("deletedpost", "forum"), 1);
501cdbd8	205	} else {
	206	error("An error occurred while deleting record $post->id");
	207	}
	208	}
	209
	210
	211	} else { // User just asked to delete something
	212
11b0c469	213	forum_set_return();
501cdbd8	214
501cdbd8	215	print_header();
cf38360f	216	notice_yesno(get_string("deletesure", "forum"),
501cdbd8	217	"post.php?delete=$delete&confirm=$delete",
	218	$HTTP_REFERER);
	219
	220	echo "<CENTER><HR>";
8aed46c7	221	forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
501cdbd8	222	}
	223
	224	die;
	225
	226
	227	} else {
	228	error("No operation specified");
	229
	230	}
	231
	232
	233	// To get here they need to edit a post, and the $post
	234	// variable will be loaded with all the particulars,
	235	// so bring up the form.
	236
	237	// $course, $forum are defined. $discussion is for edit and reply only.
	238
	239	require_login($course->id);
	240
	241	if ($post->discussion) {
	242	if (! $toppost = get_record_sql("SELECT * FROM forum_posts
	243	WHERE discussion='$post->discussion'
	244	AND parent = 0")) {
	245	error("Could not find top parent of post $post->id");
	246	}
	247	} else {
cf38360f	248	$toppost->subject = get_string("yournewtopic", "forum");
501cdbd8	249	}
	250
	251	if ($post->subject) {
	252	$formstart = "form.message";
	253	} else {
	254	$formstart = "form.subject";
	255	}
	256
	257	if ($post->parent) {
cf38360f	258	$navtail = "<A HREF=\"discuss.php?d=$discussion->id\">$toppost->subject</A> -> ".get_string("editing", "forum");
501cdbd8	259	} else {
	260	$navtail = "$toppost->subject";
	261	}
	262
cf38360f	263	$strforums = get_string("modulenameplural", "forum");
cf38360f	264
73bb0835	265	if ($usehtmleditor = can_use_richtext_editor()) {
	266	$onsubmit = "onsubmit=\"copyrichtext(theform.message);\"";
	267	}
	268
cf38360f	269	$navmiddle = "<A HREF=\"../forum/index.php?id=$course->id\">$strforums</A> -> <A HREF=\"view.php?f=$forum->id\">$forum->name</A>";
501cdbd8	270
	271	if ($course->category) {
	272	print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
	273	"<A HREF=../../course/view.php?id=$course->id>$course->shortname</A> ->
	274	$navmiddle -> $navtail", "$forumstart");
	275	} else {
	276	print_header("$course->shortname: $discussion->name: $toppost->subject", "$course->fullname",
	277	"$navmiddle -> $navtail", "");
	278
	279	}
	280
	281	echo "<CENTER>";
	282	if (isset($parent)) {
11b0c469	283	forum_print_post($parent, $course->id, $ownpost=false, $reply=false, $link=false);
cf38360f	284	echo "<H2>".get_string("yourreply", "forum").":</H2>";
501cdbd8	285	} else {
cf38360f	286	echo "<H2>".get_string("yournewtopic", "forum")."</H2>";
501cdbd8	287	}
	288	echo "</CENTER>";
	289
	290	print_simple_box_start("center", "", "$THEME->cellheading");
	291	require("post.html");
	292	print_simple_box_end();
	293
	294	print_footer($course);
	295
	296
	297	?>