chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing get_threads function

Browse Source
skala
Julio Montoya 13 years ago
parent b1f7da9cf1
commit 0efda85f7d
5 changed files with 201 additions and 177 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 88
      main/forum/forumfunction.inc.php
  2. 20
      main/forum/viewforum.php
  3. 19
      main/forum/viewthread.php
  4. 244
      main/forum/viewthread_flat.inc.php
  5. 7
      main/webservices/cm_webservice_forum.php

88
main/forum/forumfunction.inc.php
Unescape View File

@ -1354,6 +1354,32 @@ function get_forums($id='', $course_code = '') {
return $forum_list; return $forum_list;
} }
function get_last_post_by_thread($course_id, $thread_id, $forum_id, $show_visible = true) {
if (empty($thread_id) || empty($forum_id) || empty($course_id)) {
return false;
}
$thread_id = intval($thread_id);
$forum_id = intval($forum_id);
$course_id = intval($course_id);
$table_posts = Database :: get_course_table(TABLE_FORUM_POST);
$sql = "SELECT * FROM $table_posts
WHERE c_id = $course_id AND thread_id = $thread_id AND forum_id = $forum_id";
if ($show_visible == false) {
$sql .= " AND visible = 1 ";
}
$sql .= " ORDER BY post_id DESC LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result)) {
return Database::fetch_array($result,'ASSOC');
} else {
return false;
}
}
/** /**
* This function gets all the last post information of a certain forum * This function gets all the last post information of a certain forum
* *
@ -1372,8 +1398,6 @@ function get_last_post_information($forum_id, $show_invisibles = false, $course_
$course_id = intval($course_id); $course_id = intval($course_id);
} }
$table_forums = Database :: get_course_table(TABLE_FORUM);
$table_threads = Database :: get_course_table(TABLE_FORUM_THREAD);
$table_posts = Database :: get_course_table(TABLE_FORUM_POST); $table_posts = Database :: get_course_table(TABLE_FORUM_POST);
$table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY);
$table_users = Database :: get_main_table(TABLE_MAIN_USER); $table_users = Database :: get_main_table(TABLE_MAIN_USER);
@ -1436,8 +1460,7 @@ function get_threads($forum_id, $course_code = null) {
$course_id = $course_info['real_id']; $course_id = $course_info['real_id'];
$table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY);
$table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD);
$table_posts = Database :: get_course_table(TABLE_FORUM_POST);
$table_users = Database :: get_main_table(TABLE_MAIN_USER); $table_users = Database :: get_main_table(TABLE_MAIN_USER);
$thread_list = array(); $thread_list = array();
@ -1446,49 +1469,48 @@ function get_threads($forum_id, $course_code = null) {
// since we are merging these we would have the post.locked value but in fact we want the thread.locked value // since we are merging these we would have the post.locked value but in fact we want the thread.locked value
// This is why it is added to the end of the field selection // This is why it is added to the end of the field selection
$sql = "SELECT thread.*, item_properties.*, post.*, users.firstname, users.lastname, users.user_id, $sql = "SELECT thread.*,
last_poster_users.firstname as last_poster_firstname , last_poster_users.lastname as last_poster_lastname, last_poster_users.user_id as last_poster_user_id, thread.locked as locked item_properties.*,
users.firstname,
users.lastname,
users.user_id,
thread.locked as locked
FROM $table_threads thread FROM $table_threads thread
INNER JOIN $table_item_property item_properties INNER JOIN $table_item_property item_properties
ON thread.thread_id=item_properties.ref ON thread.thread_id=item_properties.ref AND
AND item_properties.visibility='1' item_properties.c_id = $course_id AND
AND item_properties.tool='".TABLE_FORUM_THREAD."' thread.c_id = $course_id AND
item_properties.tool='".TABLE_FORUM_THREAD."'
LEFT JOIN $table_users users LEFT JOIN $table_users users
ON thread.thread_poster_id=users.user_id ON thread.thread_poster_id=users.user_id
LEFT JOIN $table_posts post
ON thread.thread_last_post = post.post_id
LEFT JOIN $table_users last_poster_users
ON post.poster_id= last_poster_users.user_id
WHERE WHERE
post.c_id = $course_id AND item_properties.visibility='1' AND
item_properties.c_id = $course_id AND thread.forum_id='".Database::escape_string($forum_id)."'
thread.c_id = $course_id AND
thread.forum_id='".Database::escape_string($forum_id)."'
ORDER BY thread.thread_sticky DESC, thread.thread_date DESC"; ORDER BY thread.thread_sticky DESC, thread.thread_date DESC";
if (is_allowed_to_edit()) { if (is_allowed_to_edit()) {
// important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement
// because we also have thread.* in it. This is because thread has a field locked and post also has the same field // because we also have thread.* in it. This is because thread has a field locked and post also has the same field
// since we are merging these we would have the post.locked value but in fact we want the thread.locked value // since we are merging these we would have the post.locked value but in fact we want the thread.locked value
// This is why it is added to the end of the field selection // This is why it is added to the end of the field selection
$sql = "SELECT thread.*, item_properties.*, post.*, users.firstname, users.lastname, users.user_id, $sql = "SELECT thread.*,
last_poster_users.firstname as last_poster_firstname , last_poster_users.lastname as last_poster_lastname, last_poster_users.user_id as last_poster_user_id, thread.locked as locked item_properties.*,
users.firstname,
users.lastname,
users.user_id,
thread.locked as locked
FROM $table_threads thread FROM $table_threads thread
INNER JOIN $table_item_property item_properties INNER JOIN $table_item_property item_properties
ON thread.thread_id=item_properties.ref ON thread.thread_id=item_properties.ref AND
AND item_properties.visibility<>2 item_properties.c_id = $course_id AND
AND item_properties.tool='".TABLE_FORUM_THREAD."' thread.c_id = $course_id AND
item_properties.tool='".TABLE_FORUM_THREAD."'
LEFT JOIN $table_users users LEFT JOIN $table_users users
ON thread.thread_poster_id=users.user_id ON thread.thread_poster_id=users.user_id
LEFT JOIN $table_posts post
ON thread.thread_last_post = post.post_id
LEFT JOIN $table_users last_poster_users
ON post.poster_id= last_poster_users.user_id
WHERE WHERE
post.c_id = $course_id AND item_properties.visibility<>2 AND
item_properties.c_id = $course_id AND thread.forum_id='".Database::escape_string($forum_id)."'
thread.c_id = $course_id AND ORDER BY thread.thread_sticky DESC, thread.thread_date DESC";
thread.forum_id='".Database::escape_string($forum_id)."'
ORDER BY thread.thread_sticky DESC, thread.thread_date DESC";
} }
$result = Database::query($sql); $result = Database::query($sql);
while ($row = Database::fetch_array($result, 'ASSOC')) { while ($row = Database::fetch_array($result, 'ASSOC')) {

20
main/forum/viewforum.php
Unescape View File

@ -327,9 +327,7 @@ echo '<td>'.get_lang('Actions').'</td>';
echo '</tr>'; echo '</tr>';
// Getting al the threads // Getting al the threads
$threads = get_threads($my_forum); // Note: This has to be cleaned first. $threads = get_threads($my_forum); // Note: This has to be cleaned first
$whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null; $whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null;
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
@ -364,12 +362,22 @@ if (is_array($threads)) {
// display the author name // display the author name
$tab_poster_info = api_get_user_info($row['user_id']); $tab_poster_info = api_get_user_info($row['user_id']);
$poster_username = sprintf(get_lang('LoginX'), $tab_poster_info['username']); $poster_username = sprintf(get_lang('LoginX'), $tab_poster_info['username']);
if ($origin != 'learnpath') { if ($origin != 'learnpath') {
echo '<td>'.display_user_link($row['user_id'], api_get_person_name($row['firstname'], $row['lastname']), '', $poster_username).'</td>'; echo '<td>'.display_user_link($row['user_id'], api_get_person_name($row['firstname'], $row['lastname']), '', $poster_username).'</td>';
} else { } else {
echo '<td>'.Display::tag('span', api_get_person_name($row['firstname'], $row['lastname']), array("title"=>api_htmlentities($poster_username, ENT_QUOTES))).'</td>'; echo '<td>'.Display::tag('span', api_get_person_name($row['firstname'], $row['lastname']), array("title"=>api_htmlentities($poster_username, ENT_QUOTES))).'</td>';
} }
$last_post_info = get_last_post_by_thread($row['c_id'], $row['thread_id'], $row['forum_id'], is_allowed_to_edit());
$last_post = null;
if ($last_post_info) {
$poster_info = api_get_user_info($last_post_info['poster_id']);
$post_date = api_convert_and_format_date($last_post_info['post_date']);
$last_post = $post_date.' '.get_lang('By').' '.display_user_link($last_post_info['poster_id'], $poster_info['complete_name'], '', $poster_info['user_name']);
}
/*
if ($row['last_poster_user_id'] == '0') { if ($row['last_poster_user_id'] == '0') {
$name = $row['poster_name']; $name = $row['poster_name'];
$last_poster_username = ""; $last_poster_username = "";
@ -380,7 +388,7 @@ if (is_array($threads)) {
} }
// If the last post is invisible and it is not the teacher who is looking then we have to find the last visible post of the thread. // If the last post is invisible and it is not the teacher who is looking then we have to find the last visible post of the thread.
if (($row['visible'] == '1' OR api_is_allowed_to_edit(false, true)) && $origin != 'learnpath') { if (($row['visible'] == '1' OR api_is_allowed_to_edit(false, true)) && $origin != 'learnpath') {
$last_post = api_convert_and_format_date($row['thread_date']).' '.get_lang('By').' '.display_user_link($row['last_poster_user_id'], $name, '', $last_poster_username); $last_post = $post_date.' '.get_lang('By').' '.display_user_link($row['last_poster_user_id'], $name, '', $last_poster_username);
} elseif ($origin != 'learnpath') { } elseif ($origin != 'learnpath') {
$last_post_sql = "SELECT post.*, user.firstname, user.lastname, user.username FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' AND post.c_id=".api_get_course_int_id()." ORDER BY post_id DESC"; $last_post_sql = "SELECT post.*, user.firstname, user.lastname, user.username FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' AND post.c_id=".api_get_course_int_id()." ORDER BY post_id DESC";
$last_post_result = Database::query($last_post_sql); $last_post_result = Database::query($last_post_sql);
@ -395,7 +403,7 @@ if (is_array($threads)) {
$last_post_info_username = sprintf(get_lang('LoginX'), $last_post_row['username']); $last_post_info_username = sprintf(get_lang('LoginX'), $last_post_row['username']);
$name = api_get_person_name($last_post_row['firstname'], $last_post_row['lastname']); $name = api_get_person_name($last_post_row['firstname'], $last_post_row['lastname']);
$last_post = api_convert_and_format_date($last_post_row['post_date']).' '.get_lang('By').' '.Display::tag('span', $name, array("title"=>api_htmlentities($last_post_info_username, ENT_QUOTES))); $last_post = api_convert_and_format_date($last_post_row['post_date']).' '.get_lang('By').' '.Display::tag('span', $name, array("title"=>api_htmlentities($last_post_info_username, ENT_QUOTES)));
} }*/
echo '<td>'.$last_post.'</td>'; echo '<td>'.$last_post.'</td>';
echo '<td class="td_actions">'; echo '<td class="td_actions">';

19
main/forum/viewthread.php
Unescape View File

@ -38,6 +38,7 @@ if (isset($_GET['origin'])) {
// Note pcool: I tried to use only one sql statement (and function) for this, // Note pcool: I tried to use only one sql statement (and function) for this,
// but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table. // but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table.
$current_thread = get_thread_information($_GET['thread']); // Nnote: This has to be validated that it is an existing thread $current_thread = get_thread_information($_GET['thread']); // Nnote: This has to be validated that it is an existing thread
$current_forum = get_forum_information($current_thread['forum_id']); // Note: This has to be validated that it is an existing forum. $current_forum = get_forum_information($current_thread['forum_id']); // Note: This has to be validated that it is an existing forum.
$current_forum_category = get_forumcategory_information($current_forum['forum_category']); $current_forum_category = get_forumcategory_information($current_forum['forum_category']);
@ -65,9 +66,7 @@ if ($origin == 'group') {
$interbreadcrumb[] = array('url'=>'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;gidReq='.$session_toolgroup.'&amp;origin='.$origin.'&amp;search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum['forum_title'])); $interbreadcrumb[] = array('url'=>'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;gidReq='.$session_toolgroup.'&amp;origin='.$origin.'&amp;search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array('url'=>'viewthread.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;gradebook='.$gradebook.'&amp;thread='.Security::remove_XSS($_GET['thread']), 'name' => Security::remove_XSS($current_thread['thread_title'])); $interbreadcrumb[] = array('url'=>'viewthread.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;gradebook='.$gradebook.'&amp;thread='.Security::remove_XSS($_GET['thread']), 'name' => Security::remove_XSS($current_thread['thread_title']));
Display :: display_header(''); Display :: display_header('');
//api_display_tool_title($nameTools);
} else { } else {
$my_search = isset($_GET['search']) ? $_GET['search'] : ''; $my_search = isset($_GET['search']) ? $_GET['search'] : '';
if ($origin == 'learnpath') { if ($origin == 'learnpath') {
@ -80,8 +79,7 @@ if ($origin == 'group') {
$message = isset($message) ? $message : ''; $message = isset($message) ? $message : '';
// the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string // the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string
Display :: display_header(''); Display :: display_header('');
//api_display_tool_title($nameTools);
} }
} }
@ -90,7 +88,7 @@ if ($origin == 'group') {
// If the user is not a course administrator and the forum is hidden // If the user is not a course administrator and the forum is hidden
// then the user is not allowed here. // then the user is not allowed here.
if (!api_is_allowed_to_edit(false, true) AND ($current_forum['visibility'] == 0 OR $current_thread['visibility'] == 0)) { if (!api_is_allowed_to_edit(false, true) AND ($current_forum['visibility'] == 0 OR $current_thread['visibility'] == 0)) {
$forum_allow = forum_not_allowed_here(); $forum_allow = forum_not_allowed_here();
if ($forum_allow === false) { if ($forum_allow === false) {
exit; exit;
} }
@ -226,19 +224,18 @@ if ($my_message != 'PostDeletedSpecial') {
break; break;
} }
} }
switch ($viewmode) { switch ($viewmode) {
case 'flat': case 'flat':
include_once('viewthread_flat.inc.php'); include_once 'viewthread_flat.inc.php';
break; break;
case 'threaded': case 'threaded':
include_once('viewthread_threaded.inc.php'); include_once 'viewthread_threaded.inc.php';
break; break;
case 'nested': case 'nested':
include_once('viewthread_nested.inc.php'); include_once 'viewthread_nested.inc.php';
break; break;
default: default:
include_once('viewthread_flat.inc.php'); include_once 'viewthread_flat.inc.php';
break; break;
} }
} // if ($message != 'PostDeletedSpecial') // in this case the first and only post of the thread is removed. } // if ($message != 'PostDeletedSpecial') // in this case the first and only post of the thread is removed.

244
main/forum/viewthread_flat.inc.php
Unescape View File

@ -9,165 +9,165 @@
if ((isset($_GET['action']) && $_GET['action']=='delete_attach') && isset($_GET['id_attach'])) { if ((isset($_GET['action']) && $_GET['action']=='delete_attach') && isset($_GET['id_attach'])) {
delete_attachment(0,$_GET['id_attach']); delete_attachment(0,$_GET['id_attach']);
} }
if (isset($current_thread['thread_id'])){ if (isset($current_thread['thread_id'])){
$rows=get_posts($current_thread['thread_id']); $rows = get_posts($current_thread['thread_id']);
$increment=0; $increment=0;
$clean_forum_id = intval($_GET['forum']); $clean_forum_id = intval($_GET['forum']);
$clean_thread_id = intval($_GET['thread']); $clean_thread_id = intval($_GET['thread']);
$locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD); $locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD);
if (!empty($rows)) {
foreach ($rows as $row) {
echo '<table width="100%" class="forum_table" cellspacing="5" border="0">';
// the style depends on the status of the message: approved or not
if ($row['visible']=='0') {
$titleclass='forum_message_post_title_2_be_approved';
$messageclass='forum_message_post_text_2_be_approved';
$leftclass='forum_message_left_2_be_approved';
} else {
$titleclass='forum_message_post_title';
$messageclass='forum_message_post_text';
$leftclass='forum_message_left';
}
echo "<tr>";
echo "<td rowspan=\"3\" class=\"$leftclass\">";
foreach ($rows as $row) { if ($row['user_id']=='0') {
$name = prepare4display($row['poster_name']);
echo '<table width="100%" class="forum_table" cellspacing="5" border="0">'; } else {
// the style depends on the status of the message: approved or not $name = api_get_person_name($row['firstname'], $row['lastname']);
if ($row['visible']=='0') {
$titleclass='forum_message_post_title_2_be_approved';
$messageclass='forum_message_post_text_2_be_approved';
$leftclass='forum_message_left_2_be_approved';
} else {
$titleclass='forum_message_post_title';
$messageclass='forum_message_post_text';
$leftclass='forum_message_left';
}
echo "<tr>";
echo "<td rowspan=\"3\" class=\"$leftclass\">";
if ($row['user_id']=='0') {
$name = prepare4display($row['poster_name']);
} else {
$name = api_get_person_name($row['firstname'], $row['lastname']);
}
$username = sprintf(get_lang('LoginX'), $row['username']);
if ($origin!='learnpath') {
if (api_get_course_setting('allow_user_image_forum')) {
echo '<br />'.display_user_image($row['user_id'],$name).'<br />';
} }
echo display_user_link($row['user_id'], $name, '', $username).'<br />'; $username = sprintf(get_lang('LoginX'), $row['username']);
} else {
echo Display::tag('span', $name, array('title'=>api_htmlentities($username, ENT_QUOTES))).'<br />';
}
$group_id = api_get_group_id(); if ($origin!='learnpath') {
if (api_get_course_setting('allow_user_image_forum')) {
echo api_convert_and_format_date($row['post_date']).'<br /><br />'; echo '<br />'.display_user_image($row['user_id'],$name).'<br />';
// get attach id
$attachment_list=get_attachment($row['post_id']);
$id_attach = !empty($attachment_list)?$attachment_list['id']:'';
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if ( GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR ($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) {
if (api_is_allowed_to_session_edit(false,true)) {
if ($locked == false) {
echo "<a href=\"editpost.php?".api_get_cidreq()."&amp;gidReq=".Security::remove_XSS($_GET['gidReq'])."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;post=".$row['post_id']."&amp;origin=".$origin."&amp;edit=edition&amp;id_attach=".$id_attach."\">".Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
} }
echo display_user_link($row['user_id'], $name, '', $username).'<br />';
} else {
echo Display::tag('span', $name, array('title'=>api_htmlentities($username, ENT_QUOTES))).'<br />';
} }
}
if ($origin != 'learnpath') { $group_id = api_get_group_id();
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
if ($locked == false) { echo api_convert_and_format_date($row['post_date']).'<br /><br />';
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&amp;origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'),array(), ICON_SIZE_SMALL)."</a>"; // get attach id
$attachment_list=get_attachment($row['post_id']);
$id_attach = !empty($attachment_list)?$attachment_list['id']:'';
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if ( GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR ($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) {
if (api_is_allowed_to_session_edit(false,true)) {
if ($locked == false) {
echo "<a href=\"editpost.php?".api_get_cidreq()."&amp;gidReq=".Security::remove_XSS($_GET['gidReq'])."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;post=".$row['post_id']."&amp;origin=".$origin."&amp;edit=edition&amp;id_attach=".$id_attach."\">".Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
}
} }
} }
if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
display_visible_invisible_icon('post', $row['post_id'], $row['visible'],array('forum'=>$clean_forum_id,'thread'=>$clean_thread_id, 'origin'=>$origin )); if ($origin != 'learnpath') {
echo ""; if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
if ($increment>0) { if ($locked == false) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=move&amp;post=".$row['post_id']."&amp;origin=".$origin."\">".Display::return_icon('move.png',get_lang('MovePost'), array(), ICON_SIZE_SMALL)."</a>"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&amp;origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'),array(), ICON_SIZE_SMALL)."</a>";
}
}
if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
display_visible_invisible_icon('post', $row['post_id'], $row['visible'],array('forum'=>$clean_forum_id,'thread'=>$clean_thread_id, 'origin'=>$origin ));
echo "";
if ($increment>0) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=move&amp;post=".$row['post_id']."&amp;origin=".$origin."\">".Display::return_icon('move.png',get_lang('MovePost'), array(), ICON_SIZE_SMALL)."</a>";
}
} }
} }
}
$user_status = api_get_status_of_user_in_course($row['user_id'], api_get_course_id()); $user_status = api_get_status_of_user_in_course($row['user_id'], api_get_course_id());
$current_qualify_thread = show_qualify('1', $row['poster_id'],$_GET['thread']); $current_qualify_thread = show_qualify('1', $row['poster_id'],$_GET['thread']);
if (api_is_allowed_to_edit(null,true) && $origin != 'learnpath') { if (api_is_allowed_to_edit(null,true) && $origin != 'learnpath') {
$my_forum_id = $clean_forum_id; $my_forum_id = $clean_forum_id;
if (isset($_GET['gradebook'])) { if (isset($_GET['gradebook'])) {
$info_thread = get_thread_information($clean_thread_id); $info_thread = get_thread_information($clean_thread_id);
$my_forum_id = $info_thread['forum_id']; $my_forum_id = $info_thread['forum_id'];
} }
if ($increment > 0 && $locked == false) { if ($increment > 0 && $locked == false) {
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&amp;forum=".$my_forum_id."&amp;thread=".$clean_thread_id."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&amp;user_id=".$row['poster_id']."&amp;origin=".$origin."&amp;idtextqualify=".$current_qualify_thread."&amp;gradebook=".Security::remove_XSS($_GET['gradebook'])."\" >". echo "<a href=\"forumqualify.php?".api_get_cidreq()."&amp;forum=".$my_forum_id."&amp;thread=".$clean_thread_id."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&amp;user_id=".$row['poster_id']."&amp;origin=".$origin."&amp;idtextqualify=".$current_qualify_thread."&amp;gradebook=".Security::remove_XSS($_GET['gradebook'])."\" >".
Display::return_icon('quiz.gif',get_lang('Qualify'))."</a> "; Display::return_icon('quiz.gif',get_lang('Qualify'))."</a> ";
}
} }
}
if (($current_forum_category && $current_forum_category['locked']==0) AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) { if (($current_forum_category && $current_forum_category['locked']==0) AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) { if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) { if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$row['post_id'].'&amp;action=replymessage&amp;origin='.$origin.'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>"; echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$row['post_id'].'&amp;action=replymessage&amp;origin='.$origin.'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$row['post_id'].'&amp;action=quote&amp;origin='.$origin.'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>"; echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$row['post_id'].'&amp;action=quote&amp;origin='.$origin.'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
}
}
} else {
if ($current_forum_category && $current_forum_category['locked']==1) {
echo get_lang('ForumcategoryLocked').'<br />';
}
if ($current_forum['locked']==1) {
echo get_lang('ForumLocked').'<br />';
}
if ($current_thread['locked']==1) {
echo get_lang('ThreadLocked').'<br />';
} }
} }
} else { echo "</td>";
if ($current_forum_category && $current_forum_category['locked']==1) { // prepare the notification icon
echo get_lang('ForumcategoryLocked').'<br />'; if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) {
} $post_image=Display::return_icon('forumpostnew.gif');
if ($current_forum['locked']==1) { } else {
echo get_lang('ForumLocked').'<br />'; $post_image=Display::return_icon('forumpost.gif');
} }
if ($current_thread['locked']==1) { if ($row['post_notification']=='1' AND $row['poster_id']==$_user['user_id']) {
echo get_lang('ThreadLocked').'<br />'; $post_image.=Display::return_icon('forumnotification.gif',get_lang('YouWillBeNotified'));
} }
} // The post title
echo "</td>";
// prepare the notification icon
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) {
$post_image=Display::return_icon('forumpostnew.gif');
} else {
$post_image=Display::return_icon('forumpost.gif');
}
if ($row['post_notification']=='1' AND $row['poster_id']==$_user['user_id']) {
$post_image.=Display::return_icon('forumnotification.gif',get_lang('YouWillBeNotified'));
}
// The post title
echo "</tr>"; echo "</tr>";
// The post title // The post title
echo "<tr>"; echo "<tr>";
echo Display::tag('td', prepare4display($row['post_title']), array('class'=>'forum_message_post_title')); echo Display::tag('td', prepare4display($row['post_title']), array('class'=>'forum_message_post_title'));
echo "</tr>"; echo "</tr>";
// The post message // The post message
echo "<tr>"; echo "<tr>";
// see comments inside forumfunction.inc.php to lower filtering and allow more visual changes // see comments inside forumfunction.inc.php to lower filtering and allow more visual changes
echo "<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>"; echo "<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>";
echo "</tr>"; echo "</tr>";
// The check if there is an attachment // The check if there is an attachment
$attachment_list = get_attachment($row['post_id']); $attachment_list = get_attachment($row['post_id']);
if (!empty($attachment_list)) { if (!empty($attachment_list)) {
echo '<tr><td colspan="2" height="50%">'; echo '<tr><td colspan="2" height="50%">';
$realname=$attachment_list['path']; $realname=$attachment_list['path'];
$user_filename=$attachment_list['filename']; $user_filename=$attachment_list['filename'];
echo Display::return_icon('attachment.gif',get_lang('Attachment')); echo Display::return_icon('attachment.gif',get_lang('Attachment'));
echo '<a href="download.php?file='.$realname.'"> '.$user_filename.' </a>'; echo '<a href="download.php?file='.$realname.'"> '.$user_filename.' </a>';
if (($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) { if (($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) {
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;origin='.Security::remove_XSS($_GET['origin']).'&amp;action=delete_attach&amp;id_attach='.$attachment_list['id'].'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a><br />'; echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;origin='.Security::remove_XSS($_GET['origin']).'&amp;action=delete_attach&amp;id_attach='.$attachment_list['id'].'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a><br />';
}
echo '<span class="forum_attach_comment" >'.$attachment_list['comment'].'</span>';
echo '</td></tr>';
} }
echo '<span class="forum_attach_comment" >'.$attachment_list['comment'].'</span>';
echo '</td></tr>';
}
// The post has been displayed => it can be removed from the what's new array // The post has been displayed => it can be removed from the what's new array
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]); unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']]); unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]); unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']]); unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']]);
echo "</table>"; echo "</table>";
$increment++; $increment++;
}
} }
} }

7
main/webservices/cm_webservice_forum.php
Unescape View File

@ -61,11 +61,8 @@ class WSCMForum extends WSCM {
public function get_forum_threads_id($username, $password, $course_code, $forum_id) public function get_forum_threads_id($username, $password, $course_code, $forum_id)
{ {
if($this->verifyUserPass($username, $password) == "valid") if($this->verifyUserPass($username, $password) == "valid") {
{ $threads_info = get_threads($forum_id, $course_code);
$course_db = CourseManager::get_course_information($course_code);
$threads_info = get_threads($forum_id, $course_db['db_name']);
$threads_id = '#'; $threads_id = '#';
foreach ($threads_info as $thread) foreach ($threads_info as $thread)
{ {

Write Preview
Loading…
Cancel
Save