chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Forum peer scoring see #7668 (partial)

Browse Source 
Add db change thread_peer_qualify.
Gradebook result missing.
1.10.x
Julio Montoya 10 years ago
parent 2d7aaae28a
commit 7c769e079b
18 changed files with 1445 additions and 850 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 37
      main/forum/editpost.php
  2. 38
      main/forum/forumbody.inc.php
  3. 430
      main/forum/forumfunction.inc.php
  4. 288
      main/forum/forumqualify.php
  5. 337
      main/forum/index.php
  6. 30
      main/forum/newthread.php
  7. 10
      main/forum/reply.php
  8. 13
      main/forum/viewforum.php
  9. 60
      main/forum/viewpost.inc.php
  10. 65
      main/forum/viewthread.php
  11. 101
      main/forum/viewthread_flat.inc.php
  12. 129
      main/forum/viewthread_nested.inc.php
  13. 170
      main/forum/viewthread_threaded.inc.php
  14. 4
      main/inc/lib/groupmanager.lib.php
  15. 4
      main/inc/lib/hook/HookAdminBlock.php
  16. 2
      src/Chamilo/CoreBundle/Migrations/Schema/V110/Version110.php
  17. 34
      src/Chamilo/CourseBundle/Entity/CForumThread.php
  18. 543
      tests/main/forum/forumfunction.inc.test.php

37
main/forum/editpost.php
Unescape View File

@ -116,8 +116,8 @@ if ($origin == 'learnpath') {
// The only exception is the course manager
// I have split this is several pieces for clarity.
//if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility'] == 0 OR $current_forum['visibility'] == 0) OR ($current_forum_category['locked'] <> 0 OR $current_forum['locked'] <> 0 OR $current_thread['locked'] <> 0))) {
if (!api_is_allowed_to_edit(null, true) AND
(($current_forum_category && $current_forum_category['visibility'] == 0) OR
if (!api_is_allowed_to_edit(null, true) &&
(($current_forum_category && $current_forum_category['visibility'] == 0) ||
$current_forum['visibility'] == 0)
) {
$forum_allow = forum_not_allowed_here();
@ -126,10 +126,10 @@ if (!api_is_allowed_to_edit(null, true) AND
}
}
if (!api_is_allowed_to_edit(null, true) AND
if (!api_is_allowed_to_edit(null, true) &&
(
($current_forum_category && $current_forum_category['locked'] <> 0 ) OR
$current_forum['locked'] <> 0 OR
($current_forum_category && $current_forum_category['locked'] <> 0 ) ||
$current_forum['locked'] <> 0 ||
$current_thread['locked'] <> 0
)
) {
@ -139,7 +139,7 @@ if (!api_is_allowed_to_edit(null, true) AND
}
}
if (!$_user['user_id'] AND $current_forum['allow_anonymous'] == 0) {
if (!$_user['user_id'] && $current_forum['allow_anonymous'] == 0) {
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
exit;
@ -147,7 +147,10 @@ if (!$_user['user_id'] AND $current_forum['allow_anonymous'] == 0) {
}
$group_id = api_get_group_id();
if (!api_is_allowed_to_edit(null, true) AND $current_forum['allow_edit'] == 0 && !GroupManager::is_tutor_of_group(api_get_user_id(), $group_id)) {
if (!api_is_allowed_to_edit(null, true) &&
$current_forum['allow_edit'] == 0 &&
!GroupManager::is_tutor_of_group(api_get_user_id(), $group_id)
) {
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
exit;
@ -170,12 +173,10 @@ if ($origin != 'learnpath') {
/* Display Forum Category and the Forum information */
/*New display forum div*/
echo '<div class="row">';
echo '<div class="span12">';
echo '<div class="forum_title">';
echo '<h1><a href="viewforum.php?&amp;origin='.$origin.'&amp;forum='.$current_forum['forum_id'].'" '.class_visible_invisible($current_forum['visibility']).'>'.prepare4display($current_forum['forum_title']).'</a></h1>';
echo '<p class="forum_description">'.prepare4display($current_forum['forum_comment']).'</p>';
echo '</div></div></div>';
echo '</div>';
/* End new display forum */
// Set forum attachment data into $_SESSION
@ -184,9 +185,7 @@ getAttachedFiles(
$current_thread['thread_id'],
$current_post['post_id']
);
// The form for the reply
echo '<div class="row">';
echo '<div class="span12">';
$values = show_edit_post_form(
$forum_setting,
$current_post,
@ -194,7 +193,6 @@ $values = show_edit_post_form(
$current_forum,
isset($_SESSION['formelements']) ? $_SESSION['formelements'] : ''
);
echo '</div></div>';
if (!empty($values) and isset($_POST['SubmitPost'])) {
store_edit_post($values);
@ -207,8 +205,15 @@ if (!empty($values) and isset($_POST['SubmitPost'])) {
$weight_calification = $values['weight_calification'];
$description = '';
$session_id = api_get_session_id();
$link_info = GradebookUtils::is_resource_in_course_gradebook(api_get_course_id(), 5, $id, $session_id);
$link_info = GradebookUtils::is_resource_in_course_gradebook(
api_get_course_id(),
5,
$id,
$session_id
);
$link_id = $link_info['id'];
if (!$link_info) {
GradebookUtils::add_resource_to_course_gradebook(
$values['category_id'],
@ -228,14 +233,12 @@ if (!empty($values) and isset($_POST['SubmitPost'])) {
}
} else {
// Only show Forum attachment ajax form when do not pass form submit
echo '<div class="row"><div class="span12">';
$attachmentAjaxForm = getAttachmentAjaxForm(
$current_forum['forum_id'],
$current_thread['thread_id'],
$current_post['post_id']
);
echo $attachmentAjaxForm;
echo '</div></div>';
}
// Footer

38
main/forum/forumbody.inc.php
Unescape View File

@ -1,18 +1,19 @@
<?php
/* For licensing terms, see /license.txt */
$current_thread = get_thread_information($_GET['thread']);
$my_cid_req = Security::remove_XSS($_GET['cidReq']);
$my_forum = Security::remove_XSS($_GET['forum']);
$my_thread = Security::remove_XSS($_GET['thread']);
$my_user_id = Security::remove_XSS($_GET['user_id']);
$user = Security::remove_XSS($_GET['user']);
$my_idtextqualify = isset($_REQUEST['idtextqualify']) ? Security::remove_XSS($_REQUEST['idtextqualify']) : $qualify;
$my_gradebook = Security::remove_XSS($_GET['gradebook']);
$to_origin = Security::remove_XSS($_GET['origin']);
$current_thread = get_thread_information($_GET['thread']);
$my_cid_req = Security::remove_XSS($_GET['cidReq']);
$my_forum = Security::remove_XSS($_GET['forum']);
$my_thread = Security::remove_XSS($_GET['thread']);
$my_user_id = Security::remove_XSS($_GET['user_id']);
$user = Security::remove_XSS($_GET['user']);
$my_idtextqualify = isset($_REQUEST['idtextqualify']) ? Security::remove_XSS($_REQUEST['idtextqualify']) : $qualify;
$my_gradebook = Security::remove_XSS($_GET['gradebook']);
$to_origin = Security::remove_XSS($_GET['origin']);
$output = <<<EOF
<div class="forum-body-form">
<table class="data_table">
<table class="table">
<form id="forum-thread-qualify" name="forum-thread-qualify" action="forumqualify.php">
<input type="hidden" name="cidReq" value="{$my_cid_req}">
<input type="hidden" name="forum" value="{$my_forum}">
@ -24,7 +25,7 @@ $output = <<<EOF
<tr>
EOF;
$output .= '
$output .= '
<td width="40%" class="forum-thread-header">'.get_lang('Thread').'&nbsp;:</td >
<td width="60%" class="forum-thread-body">
<div align="left">'.$current_thread['thread_title'].'</div>
@ -37,20 +38,19 @@ $output .= '
<div align="left">'.$result['user_course'].'</div>
</td>
</tr>
<tr>
<td width="40%" class="forum-thread-header">'.get_lang('PostsNumber').'&nbsp;:</td >
<td width="60%" class="forum-thread-body">
<div align="left">'.$result['post'].'</div>
</td>
</tr>
<tr>
<tr>
<td width="40%" class="forum-thread-header">'.get_lang('NumberOfPostsForThisUser').'&nbsp;:</td >
<td width="60%" class="forum-thread-body">
<div align="left">'.$result['user_post'].'</div>
</td>
</tr>
<tr>
<tr>
<td width="40%" class="forum-thread-header">'.get_lang('AveragePostPerUser').'&nbsp;:</td >
<td width="60%" class="forum-thread-body">
<div align="left">'.round($result['user_post']/$result['post'],2).'</div>
@ -64,9 +64,15 @@ $output .= '
</tr>
<tr>
<td width="40%"></td>
<td width="60%"><div align="left"><button type="button" class="save" id="idbutton_qualify" name="idbutton_qualify" value="'.get_lang('QualifyThisThread').'" onclick="javascript:if(document.getElementById(\'idtextqualify\').value>=0){if(confirm(\''.get_lang('ConfirmUserQualification').'\')){document.getElementById(\'forum-thread-qualify\').submit();}else{return false;};}else{alert(\''.get_lang('InsertQualificationCorrespondingToMaxScore').'\')};" >'.get_lang('QualifyThisThread').'</button></div></td>
<td width="60%">
<div align="left">
<button type="button" class="save" id="idbutton_qualify" name="idbutton_qualify" value="'.get_lang('QualifyThisThread').'" onclick="javascript:if(document.getElementById(\'idtextqualify\').value>=0){if(confirm(\''.get_lang('ConfirmUserQualification').'\')){document.getElementById(\'forum-thread-qualify\').submit();}else{return false;};}else{alert(\''.get_lang('InsertQualificationCorrespondingToMaxScore').'\')};" >
'.get_lang('QualifyThisThread').'
</button>
</div>
</td>
</tr>
</form>
</table>
</div>';
echo $output;
echo $output;

430
main/forum/forumfunction.inc.php
Unescape View File

@ -160,13 +160,13 @@ function handle_forum_and_forumcategories($lp_id = null)
$list_threads = get_threads($id_forum);
for ($i = 0; $i < count($list_threads); $i++) {
delete_forum_forumcategory_thread('thread', $list_threads[$i]['thread_id']);
deleteForumCategoryThread('thread', $list_threads[$i]['thread_id']);
$link_info = GradebookUtils::is_resource_in_course_gradebook(api_get_course_id(), 5, intval($list_threads[$i]['thread_id']), api_get_session_id());
if ($link_info !== false) {
GradebookUtils::remove_resource_from_course_gradebook($link_info['id']);
}
}
$return_message = delete_forum_forumcategory_thread($get_content, $get_id);
$return_message = deleteForumCategoryThread($get_content, $get_id);
Display::display_confirmation_message($return_message, false);
}
@ -190,9 +190,9 @@ function handle_forum_and_forumcategories($lp_id = null)
/**
* This function displays the form that is used to add a forum category.
*
* @param array $inputvalues (deprecated, set to null when calling)
* @param int $lp_id Learning path ID
* @return void HTML
* @param array $inputvalues (deprecated, set to null when calling)
* @param int $lp_id Learning path ID
*
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @author Juan Carlos Raña Trabado (return to lp_id)
* @version may 2011, Chamilo 1.8.8
@ -209,9 +209,13 @@ function show_add_forumcategory_form($inputvalues = array(), $lp_id)
// Setting the form elements.
$form->addElement('header', '', get_lang('AddForumCategory'));
$form->addElement('text', 'forum_category_title', get_lang('Title'), array('autofocus'));
$form->addElement('html_editor', 'forum_category_comment', get_lang('Description'), null, array('ToolbarSet' => 'Forum', 'Width' => '98%', 'Height' => '200'));
//$form->applyFilter('forum_category_comment', 'html_filter');
$form->addElement(
'html_editor',
'forum_category_comment',
get_lang('Description'),
null,
array('ToolbarSet' => 'Forum', 'Width' => '98%', 'Height' => '200')
);
$form->addButtonCreate(get_lang('CreateCategory'), 'SubmitForumCategory');
// Setting the rules.
@ -275,7 +279,13 @@ function show_add_forum_form($inputvalues = array(), $lp_id)
$form->addElement('text', 'forum_title', get_lang('Title'), array('autofocus'));
// The comment of the forum.
$form->addElement('html_editor', 'forum_comment', get_lang('Description'), null, array('ToolbarSet' => 'Forum', 'Width' => '98%', 'Height' => '200'));
$form->addElement(
'html_editor',
'forum_comment',
get_lang('Description'),
null,
array('ToolbarSet' => 'Forum', 'Width' => '98%', 'Height' => '200')
);
// Dropdown list: Forum categories
$forum_categories = get_forum_categories();
@ -701,7 +711,6 @@ function store_forum($values, $courseInfo = array(), $returnId = false)
$new_file_name = isset($new_file_name) ? $new_file_name : '';
$sql_image = "'".$new_file_name."', ";
}
$b = isset($values['forum_comment']) ? $values['forum_comment'] : null;
$sql = "INSERT INTO ".$table_forums." (c_id, forum_title, forum_image, forum_comment, forum_category, allow_anonymous, allow_edit, approval_direct_post, allow_attachments, allow_new_threads, default_view, forum_of_group, forum_group_public_private, forum_order, session_id)
VALUES (
@ -773,7 +782,7 @@ function store_forum($values, $courseInfo = array(), $returnId = false)
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @version february 2006, dokeos 1.8
*/
function delete_forum_forumcategory_thread($content, $id)
function deleteForumCategoryThread($content, $id)
{
$_course = api_get_course_info();
$table_forums = Database::get_course_table(TABLE_FORUM);
@ -783,7 +792,8 @@ function delete_forum_forumcategory_thread($content, $id)
$id = intval($id);
// Delete all attachment file about this tread id.
$sql = "SELECT post_id FROM $table_forums_post WHERE c_id = $course_id AND thread_id = '".$id."' ";
$sql = "SELECT post_id FROM $table_forums_post
WHERE c_id = $course_id AND thread_id = '".$id."' ";
$res = Database::query($sql);
while ($poster_id = Database::fetch_row($res)) {
delete_attachment($poster_id[0]);
@ -1867,12 +1877,13 @@ function get_posts($thread_id)
ORDER BY posts.post_id ASC";
}
$result = Database::query($sql);
$post_list = array();
while ($row = Database::fetch_array($result)) {
$post_list[] = $row;
$posts = array();
while ($row = Database::fetch_array($result, 'ASSOC')) {
$posts[] = $row;
}
return $post_list;
return $posts;
}
/**
@ -1915,13 +1926,14 @@ function get_thread_information($thread_id)
$table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY);
$table_threads = Database :: get_course_table(TABLE_FORUM_THREAD);
$course_id = api_get_course_int_id();
$thread_id = intval($thread_id);
$sql = "SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties
WHERE
item_properties.tool= '".TOOL_FORUM_THREAD."' AND
item_properties.c_id = $course_id AND
item_properties.ref = ".intval($thread_id)." AND
threads.thread_id = ".intval($thread_id)." AND
item_properties.ref = ".$thread_id." AND
threads.thread_id = ".$thread_id." AND
threads.c_id = $course_id
";
$result = Database::query($sql);
@ -2260,7 +2272,7 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
$clean_post_title = Database::escape_string(stripslashes($values['post_title']));
// We first store an entry in the forum_thread table because the thread_id is used in the forum_post table.
$sql = "INSERT INTO $table_threads (c_id, thread_title, forum_id, thread_poster_id, thread_poster_name, thread_date, thread_sticky,thread_title_qualify,thread_qualify_max,thread_weight,session_id)
$sql = "INSERT INTO $table_threads (c_id, thread_title, forum_id, thread_poster_id, thread_poster_name, thread_date, thread_sticky,thread_title_qualify,thread_qualify_max,thread_weight,thread_peer_qualify, session_id)
VALUES (
".$course_id.",
'".$clean_post_title."',
@ -2272,13 +2284,16 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
"'".Database::escape_string(stripslashes($values['calification_notebook_title']))."',".
"'".Database::escape_string($values['numeric_calification'])."',".
"'".Database::escape_string($values['weight_calification'])."',".
"'".intval($values['thread_peer_qualify'])."',".
"'".api_get_session_id()."')";
Database::query($sql);
$last_thread_id = Database::insert_id();
// Add option gradebook qualify.
if (isset($values['thread_qualify_gradebook']) && 1 == $values['thread_qualify_gradebook']) {
if (isset($values['thread_qualify_gradebook']) &&
1 == $values['thread_qualify_gradebook']
) {
// Add function gradebook.
$resourcetype = 5;
$resourceid = $last_thread_id;
@ -2314,9 +2329,12 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
api_get_user_id()
);
// If the forum properties tell that the posts have to be approved we have to put the whole thread invisible,
// because otherwise the students will see the thread and not the post in the thread.
// We also have to change $visible because the post itself has to be visible in this case (otherwise the teacher would have
// If the forum properties tell that the posts have to be approved
// we have to put the whole thread invisible,
// because otherwise the students will see the thread and not the post
// in the thread.
// We also have to change $visible because the post itself has to be
// visible in this case (otherwise the teacher would have
// to make the thread visible AND the post.
// Default behaviour
api_set_default_visibility(
@ -2436,7 +2454,9 @@ function store_thread($current_forum, $values, $courseInfo = array(), $showMessa
/**
* This function displays the form that is used to add a post. This can be a new thread or a reply.
* @param $action is the parameter that determines if we are
* @param array $current_forum
* @param array $forum_setting
* @param string $action is the parameter that determines if we are
* 1. newthread: adding a new thread (both empty) => No I-frame
* 2. replythread: Replying to a thread ($action = replythread) => I-frame with the complete thread (if enabled)
* 3. replymessage: Replying to a message ($action =replymessage) => I-frame with the complete thread (if enabled) (I first thought to put and I-frame with the message only)
@ -2474,7 +2494,21 @@ function show_add_post_form($current_forum, $forum_setting, $action = '', $id =
}
$form->addElement('text', 'post_title', get_lang('Title'));
$form->addHtmlEditor('post_text', get_lang('Text'), true, api_is_allowed_to_edit(null, true) ? array('ToolbarSet' => 'Forum', 'Width' => '100%', 'Height' => '300') : array('ToolbarSet' => 'ForumStudent', 'Width' => '100%', 'Height' => '300', 'UserStatus' => 'student'));
$form->addHtmlEditor(
'post_text',
get_lang('Text'),
true,
api_is_allowed_to_edit(null, true) ? array(
'ToolbarSet' => 'Forum',
'Width' => '100%',
'Height' => '300',
) : array(
'ToolbarSet' => 'ForumStudent',
'Width' => '100%',
'Height' => '300',
'UserStatus' => 'student',
)
);
$form->addRule('post_text', get_lang('ThisFieldIsRequired'), 'required');
$iframe = null;
@ -2515,6 +2549,11 @@ function show_add_post_form($current_forum, $forum_setting, $action = '', $id =
);
$form->applyFilter('weight_calification', 'html_filter');
$group = array();
$group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('Yes'), 1);
$group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('No'), 0);
$form->addGroup($group, '', get_lang('StudentsCanQualifyPeer'), ' ');
$form->addElement('html', '</div>');
}
@ -2548,8 +2587,12 @@ function show_add_post_form($current_forum, $forum_setting, $action = '', $id =
$defaults['post_text'] = prepare4display($form_values['post_text']);
$defaults['post_notification'] = strval(intval($form_values['post_notification']));
$defaults['thread_sticky'] = strval(intval($form_values['thread_sticky']));
$defaults['thread_peer_qualify'] = intval($form_values['thread_peer_qualify']);
} else {
$defaults['thread_peer_qualify'] = 0;
}
// If we are quoting a message we have to retrieve the information of the post we are quoting so that
// we can add this as default to the textarea.
@ -2566,6 +2609,7 @@ function show_add_post_form($current_forum, $forum_setting, $action = '', $id =
$defaults['post_text'] = '<div>&nbsp;</div><div style="margin: 5px;"><div style="font-size: 90%; font-style: italic;">'.get_lang('Quoting').' '.api_get_person_name($values['firstname'], $values['lastname']).':</div><div style="color: #006600; font-size: 90%; font-style: italic; background-color: #FAFAFA; border: #D1D7DC 1px solid; padding: 3px;">'.prepare4display($values['post_text']).'</div></div><div>&nbsp;</div><div>&nbsp;</div>';
}
}
$form->setDefaults(isset($defaults) ? $defaults : null);
// The course admin can make a thread sticky (=appears with special icon and always on top).
@ -2611,57 +2655,85 @@ function show_add_post_form($current_forum, $forum_setting, $action = '', $id =
}
/**
* @param integer contains the information of user id
* @param integer contains the information of thread id
* @param integer contains the information of thread qualify
* @param integer contains the information of user id of qualifier
* @param integer contains the information of time
* @param integer contains the information of session id
* @param array $threadInfo
* @param integer $user_id
* @param integer $thread_id
* @param integer $thread_qualify
* @param integer $qualify_user_id information of user id of qualifier
* @param integer $qualify_time
* @param integer $session_id
* @return Array() optional
* @author Isaac Flores <isaac.flores@dokeos.com>, U.N.A.S University
* @version October 2008, dokeos 1.8.6
*/
function store_theme_qualify($user_id, $thread_id, $thread_qualify = 0, $qualify_user_id = 0, $qualify_time, $session_id = null)
{
function saveThreadScore(
$threadInfo,
$user_id,
$thread_id,
$thread_qualify = 0,
$qualify_user_id = 0,
$qualify_time,
$session_id = 0
) {
$table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY);
$table_threads = Database::get_course_table(TABLE_FORUM_THREAD);
$course_id = api_get_course_int_id();
$session_id = intval($session_id);
if ($user_id == strval(intval($user_id)) &&
$thread_id == strval(intval($thread_id)) &&
$thread_qualify == strval(floatval($thread_qualify))
) {
// Testing
$sql_string = "SELECT thread_qualify_max FROM ".$table_threads."
WHERE c_id = $course_id AND thread_id=".$thread_id.";";
$res_string = Database::query($sql_string);
$sql = "SELECT thread_qualify_max FROM $table_threads
WHERE c_id = $course_id AND thread_id=".$thread_id;
$res_string = Database::query($sql);
$row_string = Database::fetch_array($res_string);
if ($thread_qualify <= $row_string[0]) {
$sql1 = "SELECT COUNT(*) FROM ".$table_threads_qualify."
WHERE c_id = $course_id AND user_id=".$user_id." and thread_id=".$thread_id.";";
$res1 = Database::query($sql1);
$row = Database::fetch_array($res1);
if ($threadInfo['thread_peer_qualify'] == 0) {
$sql = "SELECT COUNT(*) FROM $table_threads_qualify
WHERE
c_id = $course_id AND
user_id = $user_id AND
thread_id = ".$thread_id;
} else {
$currentUserId = api_get_user_id();
$sql = "SELECT COUNT(*) FROM $table_threads_qualify
WHERE
c_id = $course_id AND
qualify_user_id = $currentUserId AND
thread_id = ".$thread_id;
}
$result = Database::query($sql);
$row = Database::fetch_array($result);
if ($row[0] == 0) {
$sql = "INSERT INTO $table_threads_qualify (c_id, user_id, thread_id,qualify,qualify_user_id,qualify_time,session_id)
VALUES (".$course_id.", '".$user_id."','".$thread_id."',".(float) $thread_qualify.", '".$qualify_user_id."','".$qualify_time."','".$session_id."')";
$res = Database::query($sql);
VALUES (".$course_id.", '".$user_id."','".$thread_id."',".(float)$thread_qualify.", '".$qualify_user_id."','".$qualify_time."','".$session_id."')";
Database::query($sql);
$insertId = Database::insert_id();
$sql = "UPDATE $table_threads_qualify SET id = iid WHERE iid = $insertId";
Database::query($sql);
if ($insertId) {
$sql = "UPDATE $table_threads_qualify SET id = iid WHERE iid = $insertId";
Database::query($sql);
}
return $res;
return 'insert';
} else {
$sql1 = "SELECT qualify FROM ".$table_threads_qualify." WHERE c_id = $course_id AND user_id=".$user_id." and thread_id=".$thread_id.";";
$rs = Database::query($sql1);
$row = Database::fetch_array($rs);
$row[1] = "update";
return $row;
$sql = "SELECT qualify FROM ".$table_threads_qualify."
WHERE
c_id = $course_id AND
user_id = ".$user_id." AND
thread_id = ".$thread_id;
$rs = Database::query($sql);
Database::fetch_array($rs);
return 'update';
}
} else {
return null;
}
@ -2670,11 +2742,9 @@ function store_theme_qualify($user_id, $thread_id, $thread_qualify = 0, $qualify
/**
* This function shows qualify.
* @param string contains the information of option to run
* @param string contains the information the current course id
* @param integer contains the information the current forum id
* @param integer contains the information the current user id
* @param integer contains the information the current thread id
* @param string $option contains the information of option to run
* @param integer $user_id contains the information the current user id
* @param integer $thread_id contains the information the current thread id
* @return integer qualify
* <code> $option=1 obtained the qualification of the current thread</code>
* @author Isaac Flores <isaac.flores@dokeos.com>, U.N.A.S University
@ -2693,25 +2763,36 @@ function show_qualify($option, $user_id, $thread_id)
return false;
}
$sql = '';
switch ($option) {
case 1:
$sql = "SELECT qualify FROM ".$table_threads_qualify." WHERE c_id = $course_id AND user_id=".$user_id." and thread_id=".$thread_id;
$sql = "SELECT qualify FROM $table_threads_qualify
WHERE
c_id = $course_id AND
user_id=".$user_id." AND
thread_id=".$thread_id;
break;
case 2:
$sql = "SELECT thread_qualify_max FROM ".$table_threads." WHERE c_id = $course_id AND thread_id=".$thread_id.";";
$sql = "SELECT thread_qualify_max FROM $table_threads
WHERE c_id = $course_id AND thread_id=".$thread_id;
break;
}
$rs = Database::query($sql);
$row = Database::fetch_array($rs);
return $row[0];
if (!empty($sql)) {
$rs = Database::query($sql);
$row = Database::fetch_array($rs);
return $row[0];
}
return array();
}
/**
* This function gets qualify historical.
* @param integer contains the information the current user id
* @param integer contains the information the current thread id
* @param boolean contains the information of option to run
* @param integer $user_id contains the information the current user id
* @param integer $thread_id contains the information the current thread id
* @param boolean $opt contains the information of option to run
* @return array()
* @author Christian Fasanando <christian.fasanando@dokeos.com>,
* @author Isaac Flores <isaac.flores@dokeos.com>,
@ -2721,23 +2802,30 @@ function get_historical_qualify($user_id, $thread_id, $opt)
{
$table_threads_qualify_log = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY_LOG);
$course_id = api_get_course_int_id();
$my_qualify_log = array();
if ($opt == 'false') {
$sql = "SELECT * FROM ".$table_threads_qualify_log."
WHERE c_id = $course_id AND thread_id='".Database::escape_string($thread_id)."' and user_id='".Database::escape_string($user_id)."'
WHERE
c_id = $course_id AND
thread_id='".Database::escape_string($thread_id)."' AND
user_id='".Database::escape_string($user_id)."'
ORDER BY qualify_time";
} else {
$sql = "SELECT * FROM ".$table_threads_qualify_log."
WHERE c_id = $course_id AND thread_id='".Database::escape_string($thread_id)."' and user_id='".Database::escape_string($user_id)."'
WHERE
c_id = $course_id AND
thread_id='".Database::escape_string($thread_id)."' AND
user_id='".Database::escape_string($user_id)."'
ORDER BY qualify_time DESC";
}
$rs = Database::query($sql);
$log = array();
while ($row = Database::fetch_array($rs, 'ASSOC')) {
$my_qualify_log[] = $row;
$log[] = $row;
}
return $my_qualify_log;
return $log;
}
/**
@ -2753,9 +2841,9 @@ function get_historical_qualify($user_id, $thread_id, $opt)
* @author Isaac Flores <isaac.flores@dokeos.com>, U.N.A.S University
* @version October 2008, dokeos 1.8.6
*/
function store_qualify_historical(
function saveThreadScoreHistory(
$option,
$couser_id,
$course_id,
$forum_id,
$user_id,
$thread_id,
@ -2764,17 +2852,18 @@ function store_qualify_historical(
) {
$table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY);
$table_threads = Database::get_course_table(TABLE_FORUM_THREAD);
$table_threads_qualify_log = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY_LOG);
$current_date = date('Y-m-d H:i:s');
$course_id = api_get_course_int_id();
$course_id = intval($course_id);
if ($user_id == strval(intval($user_id)) && $thread_id == strval(intval($thread_id)) && $option == 1) {
if ($user_id == strval(intval($user_id)) &&
$thread_id == strval(intval($thread_id)) && $option == 1
) {
// Extract information of thread_qualify.
$sql = "SELECT qualify,qualify_time
FROM ".$table_threads_qualify."
$sql = "SELECT qualify, qualify_time
FROM $table_threads_qualify
WHERE c_id = $course_id AND user_id=".$user_id." and thread_id=".$thread_id.";";
$rs = Database::query($sql);
$row = Database::fetch_array($rs);
@ -2791,7 +2880,7 @@ function store_qualify_historical(
// Update
$sql2 = "UPDATE ".$table_threads_qualify."
SET qualify=".$current_qualify.",qualify_time='".$current_date."'
WHERE c_id = $course_id AND user_id=".$user_id." and thread_id=".$thread_id.";";
WHERE c_id = $course_id AND user_id=".$user_id." AND thread_id=".$thread_id.";";
Database::query($sql2);
}
}
@ -2809,8 +2898,11 @@ function current_qualify_of_thread($thread_id, $session_id)
$table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY);
$course_id = api_get_course_int_id();
$session_id = intval($session_id);
$res = Database::query("SELECT qualify FROM $table_threads_qualify WHERE c_id = $course_id AND thread_id = $thread_id AND session_id = $session_id");
$sql = "SELECT qualify FROM $table_threads_qualify
WHERE c_id = $course_id AND thread_id = $thread_id AND session_id = $session_id";
$res = Database::query($sql);
$row = Database::fetch_array($res, 'ASSOC');
return $row['qualify'];
@ -2856,34 +2948,55 @@ function store_reply($current_forum, $values)
'".Database::escape_string($visible)."')";
Database::query($sql);
$new_post_id = Database::insert_id();
$values['new_post_id'] = $new_post_id;
$message = get_lang('ReplyAdded');
if ($new_post_id) {
if (!empty($_POST['file_ids']) && is_array($_POST['file_ids'])) {
foreach ($_POST['file_ids'] as $key => $id) {
editAttachedFile(array('comment' => $_POST['file_comments'][$key], 'post_id' => $new_post_id), $id);
$sql = "UPDATE $table_posts SET post_id = iid WHERE iid = $new_post_id";
Database::query($sql);
$values['new_post_id'] = $new_post_id;
$message = get_lang('ReplyAdded');
if (!empty($_POST['file_ids']) && is_array($_POST['file_ids'])) {
foreach ($_POST['file_ids'] as $key => $id) {
editAttachedFile(
array(
'comment' => $_POST['file_comments'][$key],
'post_id' => $new_post_id
),
$id
);
}
}
}
// Update the thread.
update_thread($values['thread_id'], $new_post_id, $post_date);
// Update the thread.
update_thread($values['thread_id'], $new_post_id, $post_date);
// Update the forum.
api_item_property_update($_course, TOOL_FORUM, $values['forum_id'], 'NewMessageInForum', api_get_user_id());
// Update the forum.
api_item_property_update(
$_course,
TOOL_FORUM,
$values['forum_id'],
'NewMessageInForum',
api_get_user_id()
);
if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) {
$message .= '<br />'.get_lang('MessageHasToBeApproved').'<br />';
}
//$message .= '<br />'.get_lang('ReturnTo').' <a href="viewforum.php?'.api_get_cidreq().'&amp;forum='.$values['forum_id'].'&amp;gidReq='.$_SESSION['toolgroup'].'&amp;origin='.$origin.'">'.get_lang('Forum').'</a><br />';
//$message .= get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&amp;forum='.$values['forum_id'].'&amp;thread='.$values['thread_id'].'&amp;gidReq='.$_SESSION['toolgroup'].'&amp;origin='.$origin.'&amp;gradebook='.$gradebook.'">'.get_lang('Message').'</a>';
if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(
null,
true
)
) {
$message .= '<br />'.get_lang(
'MessageHasToBeApproved'
).'<br />';
}
// Setting the notification correctly.
$my_post_notification = isset($values['post_notification']) ? $values['post_notification'] : null;
if ($my_post_notification == 1) {
set_notification('thread', $values['thread_id'], true);
}
// Setting the notification correctly.
$my_post_notification = isset($values['post_notification']) ? $values['post_notification'] : null;
if ($my_post_notification == 1) {
set_notification('thread', $values['thread_id'], true);
}
send_notification_mails($values['thread_id'], $values);
send_notification_mails($values['thread_id'], $values);
}
Session::erase('formelements');
Session::erase('origin');
@ -2977,25 +3090,55 @@ function show_edit_post_form($forum_setting, $current_post, $current_thread, $cu
$form->addElement('html', '<div id="options_field" style="display:none">');
}
//Loading gradebook select
// Loading gradebook select
GradebookUtils::load_gradebook_select_in_tool($form);
$form->addElement('text', 'numeric_calification', get_lang('QualificationNumeric'), array('value' => $current_thread['thread_qualify_max'], 'style' => 'width:40px'));
$form->addElement(
'text',
'numeric_calification',
get_lang('QualificationNumeric'),
array(
'value' => $current_thread['thread_qualify_max'],
'style' => 'width:40px',
)
);
$form->applyFilter('numeric_calification', 'html_filter');
$form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'), array('value' => $current_thread['thread_title_qualify']));
$form->addElement(
'text',
'calification_notebook_title',
get_lang('TitleColumnGradebook'),
array('value' => $current_thread['thread_title_qualify'])
);
$form->applyFilter('calification_notebook_title', 'html_filter');
$form->addElement('text', 'weight_calification', array(get_lang('QualifyWeight'), null, ''), array('value' => $current_thread['thread_weight'], 'style' => 'width:40px'));
$form->addElement(
'text',
'weight_calification',
array(get_lang('QualifyWeight'), null, ''),
array(
'value' => $current_thread['thread_weight'],
'style' => 'width:40px',
)
);
$form->applyFilter('weight_calification', 'html_filter');
$group = array();
$group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('Yes'), 1);
$group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('No'), 0);
$form->addGroup($group, '', get_lang('StudentsCanQualifyPeer'), ' ');
$form->addElement('html', '</div>');
}
if ($forum_setting['allow_post_notification']) {
$form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail').' ('.$current_post['email'].')');
}
if ($forum_setting['allow_sticky'] && api_is_allowed_to_edit(null, true) && $current_post['post_parent_id'] == 0) { // The sticky checkbox only appears when it is the first post of a thread.
if ($forum_setting['allow_sticky'] &&
api_is_allowed_to_edit(null, true) &&
$current_post['post_parent_id'] == 0
) {
// The sticky checkbox only appears when it is the first post of a thread.
$form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost'));
if ($current_thread['thread_sticky'] == 1) {
$defaults['thread_sticky'] = true;
@ -3023,6 +3166,8 @@ function show_edit_post_form($forum_setting, $current_post, $current_thread, $cu
$defaults['thread_sticky'] = Security::remove_XSS($form_values['thread_sticky']);
}
$defaults['thread_peer_qualify'] = intval($current_thread['thread_peer_qualify']);
$form->setDefaults($defaults);
// The course admin can make a thread sticky (=appears with special icon and always on top).
@ -3033,7 +3178,9 @@ function show_edit_post_form($forum_setting, $current_post, $current_thread, $cu
if ($form->validate()) {
$values = $form->exportValues();
if ($values['thread_qualify_gradebook'] == '1' && empty($values['weight_calification'])) {
if ($values['thread_qualify_gradebook'] == '1' &&
empty($values['weight_calification'])
) {
Display::display_error_message(get_lang('YouMustAssignWeightOfQualification').'&nbsp;<a href="javascript:window.back()">'.get_lang('Back').'</a>', false);
return false;
}
@ -3059,13 +3206,14 @@ function show_edit_post_form($forum_setting, $current_post, $current_thread, $cu
*/
function store_edit_post($values)
{
$table_threads = Database :: get_course_table(TABLE_FORUM_THREAD);
$threadTable = Database :: get_course_table(TABLE_FORUM_THREAD);
$table_posts = Database :: get_course_table(TABLE_FORUM_POST);
$gradebook = Security::remove_XSS($_GET['gradebook']);
$course_id = api_get_course_int_id();
//check if this post is the first of the thread
// First we check if the change affects the thread and if so we commit the changes (sticky and post_title=thread_title are relevant).
// First we check if the change affects the thread and if so we commit
// the changes (sticky and post_title=thread_title are relevant).
$posts = get_posts($values['thread_id']);
$first_post = null;
@ -3074,24 +3222,25 @@ function store_edit_post($values)
}
if (!empty($first_post) && $first_post['post_id'] == $values['post_id']) {
//if (array_key_exists('is_first_post_of_thread', $values) AND $values['is_first_post_of_thread'] == '1') {
$sql = "UPDATE $table_threads SET
thread_title ='".Database::escape_string($values['post_title'])."',
thread_sticky ='".Database::escape_string(isset($values['thread_sticky']) ? $values['thread_sticky'] : null)."',".
"thread_title_qualify ='".Database::escape_string($values['calification_notebook_title'])."',".
"thread_qualify_max ='".Database::escape_string($values['numeric_calification'])."',".
"thread_weight ='".Database::escape_string($values['weight_calification'])."'".
" WHERE c_id = $course_id AND thread_id='".intval($values['thread_id'])."'";
$params = [
'thread_title' => $values['post_title'],
'thread_sticky' => isset($values['thread_sticky']) ? $values['thread_sticky'] : null,
'thread_title_qualify' => $values['calification_notebook_title'],
'thread_qualify_max' => $values['numeric_calification'],
'thread_weight' => $values['weight_calification'],
'thread_peer_qualify' => $values['thread_peer_qualify']
];
$where = ['c_id = ? AND thread_id = ?' => [$course_id, $values['thread_id']]];
Database::query($sql);
Database::update($threadTable, $params, $where);
}
// Update the post_title and the post_text.
$sql = "UPDATE $table_posts SET
post_title ='".Database::escape_string($values['post_title'])."',
post_text ='".Database::escape_string($values['post_text'])."',
post_notification ='".Database::escape_string(isset($values['post_notification']) ? $values['post_notification'] : null)."'
WHERE c_id = $course_id AND post_id = '".intval($values['post_id'])."'";
post_title ='".Database::escape_string($values['post_title'])."',
post_text ='".Database::escape_string($values['post_text'])."',
post_notification ='".Database::escape_string(isset($values['post_notification']) ? $values['post_notification'] : null)."'
WHERE c_id = $course_id AND post_id = '".intval($values['post_id'])."'";
Database::query($sql);
@ -3383,8 +3532,8 @@ function get_post_topics_of_forum($forum_id)
/**
* This function approves a post = change
*
* @param $post_id the id of the post that will be deleted
* @param $action make the post visible or invisible
* @param int $post_id the id of the post that will be deleted
* @param string $action make the post visible or invisible
* @return string language variable
*
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
@ -3398,14 +3547,17 @@ function approve_post($post_id, $action)
if ($action == 'invisible') {
$visibility_value = 0;
}
if ($action == 'visible') {
$visibility_value = 1;
handle_mail_cue('post', $post_id);
}
$sql = "UPDATE $table_posts SET visible='".Database::escape_string($visibility_value)."'
$sql = "UPDATE $table_posts SET
visible='".Database::escape_string($visibility_value)."'
WHERE c_id = $course_id AND post_id='".Database::escape_string($post_id)."'";
$return = Database::query($sql);
if ($return) {
return 'PostVisibilityChanged';
}
@ -4645,10 +4797,10 @@ function count_number_of_post_for_user_thread($thread_id, $user_id)
*/
function count_number_of_user_in_course($course_id)
{
$table_course_rel_user = Database::get_main_table('course_rel_user');
$table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sql = "SELECT * FROM $table_course_rel_user
WHERE course_code ='".Database::escape_string($course_id)."' ";
$sql = "SELECT * FROM $table
WHERE c_id ='".intval($course_id)."' ";
$result = Database::query($sql);
return count(Database::store_result($result));
@ -4656,9 +4808,9 @@ function count_number_of_user_in_course($course_id)
/**
* This function retrieves information of statistical
* @param int Thread ID
* @param int User ID
* @param int Course ID
* @param int $thread_id
* @param int $user_id
* @param int $course_id
* @return array the information of statistical
* @author Jhon Hinojosa <jhon.hinojosa@dokeos.com>,
* @version octubre 2008, dokeos 1.8
@ -4888,9 +5040,11 @@ function getForumCreatedByUser($user_id, $courseId, $sessionId)
}
/**
* This function builds an array of all the posts in a given thread where the key of the array is the post_id
* It also adds an element children to the array which itself is an array that contains all the id's of the first-level children
* @return an array containing all the information on the posts of a thread
* This function builds an array of all the posts in a given thread
* where the key of the array is the post_id
* It also adds an element children to the array which itself is an array
* that contains all the id's of the first-level children
* @return array $rows containing all the information on the posts of a thread
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
*/
function calculate_children($rows)
@ -4903,14 +5057,20 @@ function calculate_children($rows)
}
$rows = $rows_with_children;
_phorum_recursive_sort($rows, $sorted_rows);
forumRecursiveSort($rows, $sorted_rows);
unset($sorted_rows[0]);
}
return $sorted_rows;
}
function _phorum_recursive_sort($rows, &$threads, $seed = 0, $indent = 0)
/**
* @param $rows
* @param $threads
* @param int $seed
* @param int $indent
*/
function forumRecursiveSort($rows, &$threads, $seed = 0, $indent = 0)
{
if ($seed > 0) {
$threads[$rows[$seed]['post_id']] = $rows[$seed];
@ -4920,7 +5080,7 @@ function _phorum_recursive_sort($rows, &$threads, $seed = 0, $indent = 0)
if (isset($rows[$seed]['children'])) {
foreach ($rows[$seed]['children'] as $child) {
_phorum_recursive_sort($rows, $threads, $child, $indent);
forumRecursiveSort($rows, $threads, $child, $indent);
}
}
}

288
main/forum/forumqualify.php
Unescape View File

@ -12,37 +12,48 @@ require_once 'forumfunction.inc.php';
$nameTools = get_lang('ToolForum');
$this_section = SECTION_COURSES;
$allowed_to_edit = api_is_allowed_to_edit(null,true);
if (!$allowed_to_edit) {
api_not_allowed(true);
}
$message = '';
//are we in a lp ?
$origin = '';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
$origin = Security::remove_XSS($_GET['origin']);
}
$currentUserId = api_get_user_id();
$user_id = isset($_GET['user_id']) ? intval($_GET['user_id']) : null;
api_block_course_item_locked_by_gradebook($_GET['thread'], LINK_FORUM_THREAD);
$nameTools = get_lang('ToolForum');
$allowed_to_edit = api_is_allowed_to_edit(null, true);
$current_thread = get_thread_information($_GET['thread']);
$current_forum = get_forum_information($current_thread['forum_id']);
$allowToQualify = false;
if ($allowed_to_edit) {
$allowToQualify = true;
} else {
$allowToQualify = $current_thread['thread_peer_qualify'] == 1 && $current_forum['visibility'] == 1 && $user_id != $currentUserId;
}
if (!$allowToQualify) {
api_not_allowed(true);
}
/* Including necessary files */
$htmlHeadXtra[] = '<script type="text/javascript" language="javascript">
$(document).ready(function(){ $(\'.hide-me\').slideUp() });
function hidecontent(content){ $(content).slideToggle(\'normal\'); }
$htmlHeadXtra[] = '<script>
$(document).ready(function(){
$(\'.hide-me\').slideUp()
});
function hidecontent(content){
$(content).slideToggle(\'normal\');
}
</script>';
/* MAIN DISPLAY SECTION */
/*
Retrieving forum and forum categorie information
*/
// we are getting all the information about the current forum and forum category.
// note pcool: I tried to use only one sql statement (and function) for this
// but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table
$current_thread=get_thread_information($_GET['thread']); // note: this has to be validated that it is an existing thread
$current_forum=get_forum_information($current_thread['forum_id']); // note: this has to be validated that it is an existing forum.
$current_forum_category=get_forumcategory_information($current_forum['forum_category']);
$group_id = api_get_group_id();
$current_forum_category = get_forumcategory_information(
$current_forum['forum_category']
);
$groupId = api_get_group_id();
/*
Header and Breadcrumbs
@ -53,40 +64,57 @@ if (isset($_SESSION['gradebook'])){
if (!empty($gradebook) && $gradebook=='view') {
$interbreadcrumb[]= array (
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
);
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
);
}
if ($origin=='learnpath') {
if ($origin == 'learnpath') {
Display::display_reduced_header();
} else {
if (!empty($group_id)) {
$group_properties = GroupManager :: get_group_properties($_clean['toolgroup']);
if (!empty($groupId)) {
$group_properties = GroupManager :: get_group_properties($groupId);
$interbreadcrumb[] = array ("url" => "../group/group.php", "name" => get_lang('Groups'));
$interbreadcrumb[] = array ("url"=>"../group/group_space.php?gidReq=".$group_id, "name"=> get_lang('GroupSpace').' ('.$group_properties['name'].')');
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;origin=".$origin."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title']));
if ($message<>'PostDeletedSpecial') {
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;gradebook=".$gradebook."&amp;thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title']));
$interbreadcrumb[] = array ("url"=>"../group/group_space.php?".api_get_cidreq(), "name"=> get_lang('GroupSpace').' ('.$group_properties['name'].')');
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&origin=".$origin."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title']));
if ($message <> 'PostDeletedSpecial') {
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&gradebook=".$gradebook."&thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title']));
}
$interbreadcrumb[]=array("url" => "#","name" => get_lang('QualifyThread'));
$interbreadcrumb[] = array(
"url" => "#",
"name" => get_lang('QualifyThread'),
);
// the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string
Display :: display_header('');
api_display_tool_title($nameTools);
} else {
$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
$interbreadcrumb[]=array("url" => "index.php?gradebook=$gradebook&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;origin=".$origin."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title']));
$search = isset($_GET['search']) ? Security::remove_XSS(urlencode($_GET['search'])) : '';
$info_thread = get_thread_information($_GET['thread']);
$interbreadcrumb[] = array(
"url" => "index.php?".api_get_cidreq()."&search=".$search,
"name" => $nameTools);
$interbreadcrumb[] = array(
"url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&search=".$search,
"name" => prepare4display($current_forum_category['cat_title'])
);
$interbreadcrumb[] = array(
"url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&origin=".$origin."&search=".$search,
"name" => prepare4display($current_forum['forum_title'])
);
if ($message<>'PostDeletedSpecial') {
if ($message <> 'PostDeletedSpecial') {
if (isset($_GET['gradebook']) and $_GET['gradebook']=='view') {
$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".$info_thread['forum_id']."&amp;gradebook=".$gradebook."&amp;thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title']));
$interbreadcrumb[] = array(
"url" => "viewthread.php?".api_get_cidreq()."&forum=".$info_thread['forum_id']."&thread=".Security::remove_XSS($_GET['thread']),
"name" => prepare4display($current_thread['thread_title'])
);
} else {
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;gradebook=".$gradebook."&amp;thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title']));
$interbreadcrumb[] = array(
"url" => "viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&thread=".Security::remove_XSS($_GET['thread']),
"name" => prepare4display($current_thread['thread_title'])
);
}
}
// the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string
@ -95,26 +123,23 @@ if ($origin=='learnpath') {
}
}
/* Is the user allowed here? */
// if the user is not a course administrator and the forum is hidden
// then the user is not allowed here.
if (!api_is_allowed_to_edit(false,true) AND ($current_forum['visibility']==0 OR $current_thread['visibility']==0)) {
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
exit;
}
}
/*
Actions
*/
if ($_GET['action']=='delete' && isset($_GET['content']) && isset($_GET['id']) && api_is_allowed_to_edit(false,true)) {
$action = isset($_GET['action']) ? $_GET['action'] : '';
if ($action =='delete' &&
isset($_GET['content']) &&
isset($_GET['id']) && api_is_allowed_to_edit(false,true)
) {
$message = delete_post($_GET['id']);
}
if (($_GET['action']=='invisible' || $_GET['action']=='visible') && isset($_GET['id']) && api_is_allowed_to_edit(false,true)) {
$message = approve_post($_GET['id'],$_GET['action']);
if (($action == 'invisible' || $action == 'visible') &&
isset($_GET['id']) && api_is_allowed_to_edit(false, true)
) {
$message = approve_post($_GET['id'], $action);
}
if ($_GET['action']=='move' and isset($_GET['post'])) {
if ($action == 'move' && isset($_GET['post'])) {
$message = move_post_form();
}
@ -125,24 +150,34 @@ if (!empty($message)) {
Display :: display_confirmation_message(get_lang($message));
}
if ($message<>'PostDeletedSpecial') {
if ($message <> 'PostDeletedSpecial') {
// in this case the first and only post of the thread is removed
// this increases the number of times the thread has been viewed
increase_thread_view($_GET['thread']);
/*
Action Links
*/
// the reply to thread link should only appear when the forum_category is not locked AND the forum is not locked AND the thread is not locked.
// the reply to thread link should only appear when the forum_category is
// not locked AND the forum is not locked AND the thread is not locked.
// if one of the three levels is locked then the link should not be displayed
if (($current_forum_category && $current_forum_category['locked']==0) AND $current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)) {
if (($current_forum_category && $current_forum_category['locked'] == 0) &&
$current_forum['locked']==0 &&
$current_thread['locked']==0 || api_is_allowed_to_edit(false,true)
) {
// The link should only appear when the user is logged in or when anonymous posts are allowed.
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
//reply link
/*echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;action=replythread&amp;origin='.$origin.'">'.get_lang('ReplyToThread').'</a>';*/
if ($_user['user_id'] ||
($current_forum['allow_anonymous']==1 && !$_user['user_id'])
) {
//new thread link
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if (api_is_allowed_to_edit(false,true) ||
($current_forum['allow_new_threads'] == 1 && isset($_user['user_id'])) ||
($current_forum['allow_new_threads'] == 1 &&
!isset($_user['user_id']) &&
$current_forum['allow_anonymous'] == 1)
) {
if ($current_forum['locked'] <> 1 &&
$current_forum['locked'] <> 1
) {
echo '&nbsp;&nbsp;';
} else {
echo get_lang('ForumLocked');
@ -150,22 +185,24 @@ if ($message<>'PostDeletedSpecial') {
}
}
}
// note: this is to prevent that some browsers display the links over the table (FF does it but Opera doesn't)
// note: this is to prevent that some browsers display the links over
// the table (FF does it but Opera doesn't)
echo '&nbsp;';
/*
Display Forum Category and the Forum information
*/
if (!$_SESSION['view']) {
$viewmode=$current_forum['default_view'];
if (!isset($_SESSION['view'])) {
$viewmode = $current_forum['default_view'];
} else {
$viewmode=$_SESSION['view'];
$viewmode = $_SESSION['view'];
}
$viewmode_whitelist=array('flat', 'threaded', 'nested');
if (isset($_GET['view']) and in_array($_GET['view'],$viewmode_whitelist)) {
$viewmode=Database::escape_string($_GET['view']);
$_SESSION['view']=$viewmode;
$whiteList = array('flat', 'threaded', 'nested');
if (isset($_GET['view']) && in_array($_GET['view'], $whiteList)) {
$viewmode = Database::escape_string($_GET['view']);
$_SESSION['view'] = $viewmode;
}
if (empty($viewmode)) {
$viewmode = 'flat';
@ -177,7 +214,7 @@ if ($message<>'PostDeletedSpecial') {
// we are getting all the information about the current forum and forum category.
// note pcool: I tried to use only one sql statement (and function) for this
// but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table
echo "<table class=\"data_table\">";
echo "<table class=\"table\">";
// the thread
echo "<tr><th style=\"padding-left:5px;\" align=\"left\" colspan=\"6\">";
@ -190,77 +227,102 @@ if ($message<>'PostDeletedSpecial') {
echo prepare4display($current_forum['forum_title']).'<br />';
echo "</th>";
echo "</tr>";
echo '<span>'.prepare4display($current_thread['thread_comment']).'</span>';
if (isset($current_thread['thread_comment'])) {
echo '<span>'.prepare4display($current_thread['thread_comment']).'</span>';
}
echo "</table>";
include_once 'viewpost.inc.php';
} // if ($message<>'PostDeletedSpecial') // in this case the first and only post of the thread is removed
if ($allowed_to_edit) {
$current_thread=get_thread_information($_GET['thread']);
$threadid=$current_thread['thread_id'];
//show current qualify in my form
$qualify=current_qualify_of_thread($threadid, api_get_session_id());
//show max qualify in my form
$max_qualify=show_qualify('2',$user_id,$threadid);
if ($allowToQualify) {
$current_thread = get_thread_information($_GET['thread']);
$threadId = $current_thread['thread_id'];
// Show current qualify in my form
$qualify = current_qualify_of_thread($threadId, api_get_session_id());
// Show max qualify in my form
$max_qualify = show_qualify('2', $user_id, $threadId);
require_once 'forumbody.inc.php';
$value_return = store_theme_qualify($user_id,$threadid,$_REQUEST['idtextqualify'],api_get_user_id(),date("Y-m-d H:i:s"),api_get_session_id());
$url='cidReq='.Security::remove_XSS($_GET['cidReq']).'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.Security::remove_XSS($_GET['post']).'&amp;origin='.$origin.'&amp;user_id='.Security::remove_XSS($_GET['user_id']);
$current_qualify_thread=show_qualify('1',$user_id,$threadid);
if ($value_return[0]!=$_REQUEST['idtextqualify'] && $value_return[1]=='update') {
store_qualify_historical('1','',$_GET['forum'],$user_id,$threadid,$_REQUEST['idtextqualify'],api_get_user_id());
$saveResult = saveThreadScore(
$current_thread,
$user_id,
$threadId,
$_REQUEST['idtextqualify'],
api_get_user_id(),
date("Y-m-d H:i:s"),
api_get_session_id()
);
$current_qualify_thread = show_qualify('1', $user_id, $threadId);
if ($saveResult == 'update') {
saveThreadScoreHistory(
'1',
api_get_course_int_id(),
$_GET['forum'],
$user_id,
$threadId,
$_REQUEST['idtextqualify'],
api_get_user_id()
);
}
if (!empty($_REQUEST['idtextqualify']) && $_REQUEST['idtextqualify'] > $max_qualify) {
$return_message = get_lang('QualificationCanNotBeGreaterThanMaxScore');
Display :: display_error_message($return_message,false);
Display:: display_error_message(
get_lang('QualificationCanNotBeGreaterThanMaxScore'),
false
);
}
// show qualifications history
$qualify_historic = get_historical_qualify($user_id, $threadid, $_GET['type']);
$type = isset($_GET['type']) ? $_GET['type'] : '';
$qualify_historic = get_historical_qualify($user_id, $threadId, $type);
$counter = count($qualify_historic);
$act_qualify = $_REQUEST['idtextqualify'];
if ($counter>0) {
if ($counter > 0) {
if (isset($_GET['gradebook'])){
$view_gradebook='&amp;gradebook=view';
$view_gradebook='&gradebook=view';
}
echo '<h4>'.get_lang('QualificationChangesHistory').'</h4>';
if ($_GET['type'] == 'false') {
$buttons = '<a class="btn btn-default" href="forumqualify.php?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;origin='.$origin.'&amp;thread='.$threadid.'&amp;user='.Security::remove_XSS($_GET['user']).'&amp;user_id='.Security::remove_XSS($_GET['user_id']).'&amp;type=true&amp;idtextqualify='.$act_qualify.$view_gradebook.'#history">'.
get_lang('MoreRecent').'</a> <a class="btn disabled" >'.get_lang('Older').'</a>';
if (isset($_GET['type']) && $_GET['type'] == 'false') {
$buttons = '<a class="btn btn-default" href="forumqualify.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&origin='.$origin.'&thread='.$threadId.'&user='.Security::remove_XSS($_GET['user']).'&user_id='.Security::remove_XSS($_GET['user_id']).'&type=true&idtextqualify='.$act_qualify.$view_gradebook.'#history">'.
get_lang('MoreRecent').'</a> <a class="btn btn-default disabled" >'.get_lang('Older').'</a>';
} else {
$buttons = '<a class="btn disabled">'.get_lang('MoreRecent').'</a>
<a class="btn btn-default" href="forumqualify.php?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;origin='.$origin.'&amp;thread='.$threadid.'&amp;user='.Security::remove_XSS($_GET['user']).'&amp;user_id='.Security::remove_XSS($_GET['user_id']).'&amp;type=false&amp;idtextqualify='.$act_qualify.$view_gradebook.'#history">'.
$buttons = '<a class="btn btn-default">'.get_lang('MoreRecent').'</a>
<a class="btn btn-default" href="forumqualify.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&origin='.$origin.'&thread='.$threadId.'&user='.Security::remove_XSS($_GET['user']).'&user_id='.Security::remove_XSS($_GET['user_id']).'&type=false&idtextqualify='.$act_qualify.$view_gradebook.'#history">'.
get_lang('Older').'</a>';
}
$table_list.= '<br /><div class="btn-group">'.$buttons.'</div>';
$table_list.= '<br /><table class="data_table">';
$table_list.= '<tr>';
$table_list.= '<th width="50%">'.get_lang('WhoChanged').'</th>';
$table_list.= '<th width="10%">'.get_lang('NoteChanged').'</th>';
$table_list.= '<th width="40%">'.get_lang('DateChanged').'</th>';
$table_list.= '</tr>';
for ($i=0;$i<count($qualify_historic);$i++) {
$my_user_info=api_get_user_info($qualify_historic[$i]['qualify_user_id']);
$name = api_get_person_name($my_user_info['firstName'], $my_user_info['lastName']);
$table_list.= '<tr class="'.$class.'"><td>'.$name.'</td>';
$table_list.= '<td>'.$qualify_historic[$i]['qualify'].'</td>';
$table_list.= '<td>'.api_convert_and_format_date($qualify_historic[$i]['qualify_time'], DATE_TIME_FORMAT_LONG).'</td></tr>';
$table_list = '<br /><div class="btn-group">'.$buttons.'</div>';
$table_list .= '<br /><table class="data_table">';
$table_list .= '<tr>';
$table_list .= '<th width="50%">'.get_lang('WhoChanged').'</th>';
$table_list .= '<th width="10%">'.get_lang('NoteChanged').'</th>';
$table_list .= '<th width="40%">'.get_lang('DateChanged').'</th>';
$table_list .= '</tr>';
for ($i = 0; $i < count($qualify_historic); $i++) {
$my_user_info = api_get_user_info(
$qualify_historic[$i]['qualify_user_id']
);
$name = api_get_person_name(
$my_user_info['firstName'],
$my_user_info['lastName']
);
$table_list .= '<tr><td>'.$name.'</td>';
$table_list .= '<td>'.$qualify_historic[$i]['qualify'].'</td>';
$table_list .= '<td>'.api_convert_and_format_date(
$qualify_historic[$i]['qualify_time'],
DATE_TIME_FORMAT_LONG
).'</td></tr>';
}
$table_list.= '</table>';
echo $table_list;
} else {
//echo get_lang('NotChanged');
}
} else {
api_not_allowed();
}
/* FOOTER */
if ($origin!='learnpath') {
Display :: display_footer();
}

337
main/forum/index.php
Unescape View File

@ -22,7 +22,7 @@
* @package chamilo.forum
*/
use \ChamiloSession as Session;
use ChamiloSession as Session;
// Including the global initialization file.
require_once '../inc/global.inc.php';
@ -48,6 +48,7 @@ api_protect_course_script(true);
$nameTools = get_lang('Forums');
$_course = api_get_course_info();
$sessionId = api_get_session_id();
$_user = api_get_user_info();
// Including necessary files.
require_once 'forumconfig.inc.php';
@ -62,13 +63,15 @@ if (!empty($_GET['gradebook']) && $_GET['gradebook'] == 'view') {
}
if (!empty($gradebook) && $gradebook == 'view') {
$interbreadcrumb[] = array (
'url' => '../gradebook/' . $_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook')
$interbreadcrumb[] = array(
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook'),
);
}
$search_forum = isset($_GET['search']) ? Security::remove_XSS($_GET['search']) : '';
$search_forum = isset($_GET['search']) ? Security::remove_XSS(
$_GET['search']
) : '';
/* ACTIONS */
@ -77,18 +80,33 @@ $actions = isset($_GET['action']) ? $_GET['action'] : '';
if ($actions == 'add') {
switch ($_GET['content']) {
case 'forum':
$interbreadcrumb[] = array('url' => 'index.php?search='.$search_forum.'&'.api_get_cidreq(), 'name' => get_lang('Forum'));
$interbreadcrumb[] = array('url' =>'#', 'name' => get_lang('AddForum'));
$interbreadcrumb[] = array(
'url' => 'index.php?search='.$search_forum.'&'.api_get_cidreq(),
'name' => get_lang('Forum'),
);
$interbreadcrumb[] = array(
'url' => '#',
'name' => get_lang('AddForum'),
);
break;
case 'forumcategory':
$interbreadcrumb[] = array('url' =>'index.php?search='.$search_forum.'&'.api_get_cidreq(), 'name' => get_lang('Forum'));
$interbreadcrumb[] = array('url' =>'#', 'name' => get_lang('AddForumCategory'));
$interbreadcrumb[] = array(
'url' => 'index.php?search='.$search_forum.'&'.api_get_cidreq(),
'name' => get_lang('Forum'),
);
$interbreadcrumb[] = array(
'url' => '#',
'name' => get_lang('AddForumCategory'),
);
break;
default:
break;
}
} else {
$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('ForumCategories'));
$interbreadcrumb[] = array(
'url' => '#',
'name' => get_lang('ForumCategories'),
);
}
Display::display_header('');
@ -101,17 +119,19 @@ $form_count = 0;
if (api_is_allowed_to_edit(false, true)) {
//if is called from a learning path lp_id
$lp_id = isset($_REQUEST['lp_id']) ? Security::remove_XSS($_REQUEST['lp_id']): null;
$lp_id = isset($_REQUEST['lp_id']) ? intval($_REQUEST['lp_id']) : null;
handle_forum_and_forumcategories($lp_id);
}
// Notification
if ($actions == 'notify' && isset($_GET['content']) && isset($_GET['id'])) {
if (api_get_session_id() != 0 && api_is_allowed_to_session_edit(false, true) == false) {
if (api_get_session_id() != 0 &&
api_is_allowed_to_session_edit(false, true) == false
) {
api_not_allowed();
}
$return_message = set_notification($_GET['content'], $_GET['id']);
Display :: display_confirmation_message($return_message, false);
Display:: display_confirmation_message($return_message, false);
}
get_whats_new();
@ -124,8 +144,8 @@ Event::event_access_tool(TOOL_FORUM);
/*
RETRIEVING ALL THE FORUM CATEGORIES AND FORUMS
note: we do this here just after het handling of the actions to be sure that we already incorporate the
latest changes
note: we do this here just after het handling of the actions to be
sure that we already incorporate the latest changes
*/
// Step 1: We store all the forum categories in an array $forum_categories.
@ -133,7 +153,7 @@ $forumCategories = get_forum_categories();
// Step 2: We find all the forums (only the visible ones if it is a student).
// display group forum in general forum tool depending to configuration option
$forum_list = get_forums('', '', apiGetDisplayGroupsForumInGeneralTool());
$forum_list = get_forums('', '', apiGetDisplayGroupsForumInGeneralTool());
$user_id = api_get_user_id();
/* RETRIEVING ALL GROUPS AND THOSE OF THE USER */
@ -142,7 +162,8 @@ $user_id = api_get_user_id();
$groups_of_user = array();
$groups_of_user = GroupManager::get_group_ids($_course['real_id'], $user_id);
// All groups in the course (and sorting them as the id of the group = the key of the array).
// All groups in the course (and sorting them as the
// id of the group = the key of the array).
if (!api_is_anonymous()) {
$all_groups = GroupManager::get_group_list();
if (is_array($all_groups)) {
@ -163,20 +184,38 @@ if (isset($_SESSION['_gid'])) {
echo '<div class="actions">';
//if is called from learning path
if (!empty($_GET['lp_id']) || !empty($_POST['lp_id'])){
echo "<a href=\"../newscorm/lp_controller.php?".api_get_cidreq()."&gradebook=&action=add_item&type=step&lp_id=".$lp_id."#resource_tab-5\">".
Display::return_icon('back.png', get_lang("BackTo").' '.get_lang("LearningPaths"),'',ICON_SIZE_MEDIUM)."</a>";
if (!empty($_GET['lp_id']) || !empty($_POST['lp_id'])) {
echo "<a href=\"../newscorm/lp_controller.php?".api_get_cidreq(
)."&gradebook=&action=add_item&type=step&lp_id=".$lp_id."#resource_tab-5\">".
Display::return_icon(
'back.png',
get_lang("BackTo").' '.get_lang("LearningPaths"),
'',
ICON_SIZE_MEDIUM
)."</a>";
}
if (!empty($forum_list)) {
echo search_link();
}
if (api_is_allowed_to_edit(false, true)) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=add&content=forumcategory&lp_id='.$lp_id.'"> '.
Display::return_icon('new_folder.png', get_lang('AddForumCategory'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=add&content=forumcategory&lp_id='.$lp_id.'"> '.
Display::return_icon(
'new_folder.png',
get_lang('AddForumCategory'),
'',
ICON_SIZE_MEDIUM
).'</a>';
if (is_array($forumCategories) and !empty($forumCategories)) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=add&content=forum&lp_id='.$lp_id.'"> '.
Display::return_icon('new_forum.png', get_lang('AddForum'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=add&content=forum&lp_id='.$lp_id.'"> '.
Display::return_icon(
'new_forum.png',
get_lang('AddForum'),
'',
ICON_SIZE_MEDIUM
).'</a>';
}
}
@ -185,13 +224,15 @@ echo '</div>';
// Fixes error if there forums with no category.
$forumsInNoCategory = get_forums_in_category(0);
if (!empty($forumsInNoCategory)) {
$forumCategories = array_merge($forumCategories, array(
$forumCategories = array_merge(
$forumCategories,
array(
array(
'cat_id' => 0,
'session_id' => 0,
'visibility' => 1,
'cat_comment' => null
)
'cat_comment' => null,
),
)
);
}
@ -203,10 +244,15 @@ if (is_array($forumCategories)) {
// The forums in this category.
$forumsInCategory = get_forums_in_category($forumCategory['cat_id']);
// Validation when belongs to a session.
$session_img = api_get_session_image($forumCategory['session_id'], $_user['status']);
$session_img = api_get_session_image(
$forumCategory['session_id'],
$_user['status']
);
if (empty($sessionId) && !empty($forumCategory['session_name'])) {
$session_displayed = ' ('.Security::remove_XSS($forumCategory['session_name']).')';
$session_displayed = ' ('.Security::remove_XSS(
$forumCategory['session_name']
).')';
} else {
$session_displayed = '';
}
@ -218,21 +264,68 @@ if (is_array($forumCategories)) {
echo '<table class="forum_table">';
echo '<thead>';
echo '<tr><th class="forum_head" colspan="5">';
echo '<a href="viewforumcategory.php?'.api_get_cidreq().'&forumcategory='.intval($forumCategory['cat_id']).'" '.class_visible_invisible($forumCategory['visibility']).'>'.
echo '<a href="viewforumcategory.php?'.api_get_cidreq(
).'&forumcategory='.intval(
$forumCategory['cat_id']
).'" '.class_visible_invisible($forumCategory['visibility']).'>'.
prepare4display($forumCategory['cat_title']).$session_displayed.
'</a>'. $session_img .'<br />';
if ($forumCategory['cat_comment'] != '' && trim($forumCategory['cat_comment']) != '&nbsp;') {
echo '<span class="forum_description">'.prepare4display($forumCategory['cat_comment']).'</span>';
'</a>'.$session_img.'<br />';
if ($forumCategory['cat_comment'] != '' && trim(
$forumCategory['cat_comment']
) != '&nbsp;'
) {
echo '<span class="forum_description">'.prepare4display(
$forumCategory['cat_comment']
).'</span>';
}
echo '</th>';
echo '<th style="vertical-align: top;" align="center" >';
if (!empty($forumCategory['cat_id'])) {
if (api_is_allowed_to_edit(false, true) && !($forumCategory['session_id'] == 0 && intval($sessionId) != 0)) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=edit&content=forumcategory&id='.intval($forumCategory['cat_id']).'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=delete&content=forumcategory&id='.intval($forumCategory['cat_id'])."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeleteForumCategory'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
display_visible_invisible_icon('forumcategory', strval(intval($forumCategory['cat_id'])), strval(intval($forumCategory['visibility'])));
display_lock_unlock_icon('forumcategory', strval(intval($forumCategory['cat_id'])), strval(intval($forumCategory['locked'])));
display_up_down_icon('forumcategory', strval(intval($forumCategory['cat_id'])), $forumCategories);
if (api_is_allowed_to_edit(
false,
true
) && !($forumCategory['session_id'] == 0 && intval(
$sessionId
) != 0)
) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=edit&content=forumcategory&id='.intval(
$forumCategory['cat_id']
).'">'.Display::return_icon(
'edit.png',
get_lang('Edit'),
array(),
ICON_SIZE_SMALL
).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=delete&content=forumcategory&id='.intval(
$forumCategory['cat_id']
)."\" onclick=\"javascript:if(!confirm('".addslashes(
api_htmlentities(
get_lang('DeleteForumCategory'),
ENT_QUOTES
)
)."')) return false;\">".Display::return_icon(
'delete.png',
get_lang('Delete'),
array(),
ICON_SIZE_SMALL
).'</a>';
display_visible_invisible_icon(
'forumcategory',
strval(intval($forumCategory['cat_id'])),
strval(intval($forumCategory['visibility']))
);
display_lock_unlock_icon(
'forumcategory',
strval(intval($forumCategory['cat_id'])),
strval(intval($forumCategory['locked']))
);
display_up_down_icon(
'forumcategory',
strval(intval($forumCategory['cat_id'])),
$forumCategories
);
}
}
echo '</th>';
@ -271,7 +364,8 @@ if (is_array($forumCategories)) {
}
}
// Note: This can be speed up if we transform the $forum_list to an array that uses the forum_category as the key.
// Note: This can be speed up if we transform the $forum_list
// to an array that uses the forum_category as the key.
if (isset($forum['forum_category']) &&
$forum['forum_category'] == $forumCategory['cat_id']
) {
@ -284,7 +378,8 @@ if (is_array($forumCategories)) {
$show_forum = true;
} else {
// you are not a teacher
// it is not a group forum => show forum (invisible forums are already left out see get_forums function)
// it is not a group forum => show forum
// (invisible forums are already left out see get_forums function)
if ($forum['forum_of_group'] == '0') {
$show_forum = true;
} else {
@ -304,7 +399,10 @@ if (is_array($forumCategories)) {
// Showing the image
if (!empty($forum['forum_image'])) {
$image_path = api_get_path(WEB_COURSE_PATH).api_get_course_path().'/upload/forum/images/'.$forum['forum_image'];
$image_path = api_get_path(
WEB_COURSE_PATH
).api_get_course_path(
).'/upload/forum/images/'.$forum['forum_image'];
$image_size = api_getimagesize($image_path);
$img_attributes = '';
@ -316,7 +414,7 @@ if (is_array($forumCategories)) {
} else {
$td_width = $image_size['width'];
}
$forum_image = "<img src=\"$image_path\" $img_attributes>";
$forum_image = "<img src=\"$image_path\" $img_attributes>";
} else {
$forum_image = '';
$td_width = 20;
@ -326,14 +424,28 @@ if (is_array($forumCategories)) {
} else {
echo '<td width="20px">';
if ($forum['forum_of_group'] !== '0') {
if (is_array($mywhatsnew_post_info) && !empty($mywhatsnew_post_info)) {
echo Display::return_icon('forumgroupnew.gif');
if (is_array(
$mywhatsnew_post_info
) && !empty($mywhatsnew_post_info)
) {
echo Display::return_icon(
'forumgroupnew.gif'
);
} else {
echo Display::return_icon('forumgroup.gif', get_lang('GroupForum'));
echo Display::return_icon(
'forumgroup.gif',
get_lang('GroupForum')
);
}
} else {
if (is_array($mywhatsnew_post_info) && !empty($mywhatsnew_post_info)) {
echo Display::return_icon('forum.gif', get_lang('Forum'));
if (is_array(
$mywhatsnew_post_info
) && !empty($mywhatsnew_post_info)
) {
echo Display::return_icon(
'forum.gif',
get_lang('Forum')
);
} else {
echo Display::return_icon('forum.gif');
}
@ -343,13 +455,23 @@ if (is_array($forumCategories)) {
echo '</td>';
// Validation when belongs to a session
$session_img = api_get_session_image($forum['session_id'], $_user['status']);
$session_img = api_get_session_image(
$forum['session_id'],
$_user['status']
);
if ($forum['forum_of_group'] != '0') {
$my_all_groups_forum_name = isset($all_groups[$forum['forum_of_group']]['name']) ? $all_groups[$forum['forum_of_group']]['name'] : null;
$my_all_groups_forum_id = isset($all_groups[$forum['forum_of_group']]['id']) ? $all_groups[$forum['forum_of_group']]['id'] : null;
$group_title = api_substr($my_all_groups_forum_name, 0, 30);
$forum_title_group_addition = ' (<a href="../group/group_space.php?'.api_get_cidreq().'&gidReq='.$forum['forum_of_group'].'" class="forum_group_link">'.get_lang('GoTo').' '.$group_title.'</a>)' . $session_img;
$group_title = api_substr(
$my_all_groups_forum_name,
0,
30
);
$forum_title_group_addition = ' (<a href="../group/group_space.php?'.api_get_cidreq(
).'&gidReq='.$forum['forum_of_group'].'" class="forum_group_link">'.get_lang(
'GoTo'
).' '.$group_title.'</a>)'.$session_img;
} else {
$forum_title_group_addition = '';
}
@ -361,12 +483,21 @@ if (is_array($forumCategories)) {
}
$forum['forum_of_group'] == 0 ? $groupid = '' : $groupid = $forum['forum_of_group'];
echo '<td><a href="viewforum.php?'.api_get_cidreq().'&gidReq='.intval($groupid).'&forum='.intval($forum['forum_id']).'" '.class_visible_invisible(strval(intval($forum['visibility']))).'>';
echo '<td><a href="viewforum.php?'.api_get_cidreq(
).'&gidReq='.intval($groupid).'&forum='.intval(
$forum['forum_id']
).'" '.class_visible_invisible(
strval(intval($forum['visibility']))
).'>';
// Forum title
echo prepare4display($forum['forum_title']).$session_displayed.'</a>'.$forum_title_group_addition.'<br />';
echo prepare4display(
$forum['forum_title']
).$session_displayed.'</a>'.$forum_title_group_addition.'<br />';
echo '<span class="forum_description">'.prepare4display($forum['forum_comment']).'</span>';
echo '<span class="forum_description">'.prepare4display(
$forum['forum_comment']
).'</span>';
echo '</td>';
// The number of topics and posts.
@ -382,48 +513,112 @@ if (is_array($forumCategories)) {
$poster_id = 0;
$username = "";
} else {
$name = api_get_person_name($forum['last_poster_firstname'], $forum['last_poster_lastname']);
$name = api_get_person_name(
$forum['last_poster_firstname'],
$forum['last_poster_lastname']
);
$poster_id = $forum['last_poster_id'];
$userinfo = api_get_user_info($poster_id);
$username = sprintf(get_lang('LoginX'), $userinfo['username']);
$username = sprintf(
get_lang('LoginX'),
$userinfo['username']
);
}
echo '<td nowrap="nowrap">';
if (!empty($forum['last_post_id'])) {
echo api_convert_and_format_date($forum['last_post_date']).'<br /> '.get_lang('By').' '.display_user_link($poster_id, $name, '', $username);
echo api_convert_and_format_date(
$forum['last_post_date']
).'<br /> '.get_lang(
'By'
).' '.display_user_link(
$poster_id,
$name,
'',
$username
);
}
echo '</td>';
echo '<td class="td_actions">';
if (api_is_allowed_to_edit(false, true) && !($forum['session_id'] == 0 && intval($sessionId) != 0)) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=edit&content=forum&id='.$forum['forum_id'].'">'.
Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=delete&content=forum&id='.$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeleteForum'), ENT_QUOTES))."')) return false;\">".
Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
display_visible_invisible_icon('forum', $forum['forum_id'], $forum['visibility']);
display_lock_unlock_icon('forum', $forum['forum_id'], $forum['locked']);
display_up_down_icon('forum', $forum['forum_id'], $forumsInCategory);
if (api_is_allowed_to_edit(
false,
true
) && !($forum['session_id'] == 0 && intval(
$sessionId
) != 0)
) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=edit&content=forum&id='.$forum['forum_id'].'">'.
Display::return_icon(
'edit.png',
get_lang('Edit'),
array(),
ICON_SIZE_SMALL
).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=delete&content=forum&id='.$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(
api_htmlentities(
get_lang('DeleteForum'),
ENT_QUOTES
)
)."')) return false;\">".
Display::return_icon(
'delete.png',
get_lang('Delete'),
array(),
ICON_SIZE_SMALL
).'</a>';
display_visible_invisible_icon(
'forum',
$forum['forum_id'],
$forum['visibility']
);
display_lock_unlock_icon(
'forum',
$forum['forum_id'],
$forum['locked']
);
display_up_down_icon(
'forum',
$forum['forum_id'],
$forumsInCategory
);
}
$iconnotify = 'send_mail.gif';
$session_forum_notification = isset($_SESSION['forum_notification']['forum']) ? $_SESSION['forum_notification']['forum'] : false;
if (is_array($session_forum_notification)) {
if (in_array($forum['forum_id'], $session_forum_notification)) {
if (in_array(
$forum['forum_id'],
$session_forum_notification
)) {
$iconnotify = 'send_mail_checked.gif';
}
}
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true) ) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&action=notify&content=forum&id='.$forum['forum_id'].'">'.
Display::return_icon($iconnotify, get_lang('NotifyMe')).'</a>';
if (!api_is_anonymous(
) && api_is_allowed_to_session_edit(false, true)
) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=notify&content=forum&id='.$forum['forum_id'].'">'.
Display::return_icon(
$iconnotify,
get_lang('NotifyMe')
).'</a>';
}
echo '</td></tr>';
}
}
}
} else {
echo '<tr><td>'.get_lang('NoForumInThisCategory').'</td>'.(api_is_allowed_to_edit(false, true) ? '<td colspan="6"></td>' : '<td colspan="6"></td>').'</tr>';
echo '<tr><td>'.get_lang(
'NoForumInThisCategory'
).'</td>'.(api_is_allowed_to_edit(
false,
true
) ? '<td colspan="6"></td>' : '<td colspan="6"></td>').'</tr>';
}
echo '</table>';
}
}
Display :: display_footer();
Display:: display_footer();

30
main/forum/newthread.php
Unescape View File

@ -22,7 +22,7 @@
* @package chamilo.forum
*/
use \ChamiloSession as Session;
use ChamiloSession as Session;
// Including the global initialization file.
require_once '../inc/global.inc.php';
@ -76,15 +76,23 @@ if (!empty($_GET['gidReq'])) {
// The user is not allowed here if:
// 1. the forumcategory or forum is invisible (visibility==0) and the user is not a course manager
if (!api_is_allowed_to_edit(false, true) && (($current_forum_category['visibility'] && $current_forum_category['visibility'] == 0) || $current_forum['visibility'] == 0)) {
if (!api_is_allowed_to_edit(false, true) &&
(($current_forum_category['visibility'] && $current_forum_category['visibility'] == 0) || $current_forum['visibility'] == 0)
) {
api_not_allowed();
}
// 2. the forumcategory or forum is locked (locked <>0) and the user is not a course manager
if (!api_is_allowed_to_edit(false, true) AND (($current_forum_category['visibility'] && $current_forum_category['locked'] <> 0) OR $current_forum['locked'] <> 0)) {
if (!api_is_allowed_to_edit(false, true) &&
(($current_forum_category['visibility'] && $current_forum_category['locked'] <> 0) OR $current_forum['locked'] <> 0)
) {
api_not_allowed();
}
// 3. new threads are not allowed and the user is not a course manager
if (!api_is_allowed_to_edit(false, true) AND $current_forum['allow_new_threads'] <> 1) {
if (!api_is_allowed_to_edit(false, true) &&
$current_forum['allow_new_threads'] <> 1
) {
api_not_allowed();
}
// 4. anonymous posts are not allowed and the user is not logged in
@ -94,7 +102,11 @@ if (!$_user['user_id'] AND $current_forum['allow_anonymous'] <> 1) {
// 5. Check user access
if ($current_forum['forum_of_group'] != 0) {
$show_forum = GroupManager::user_has_access(api_get_user_id(), $current_forum['forum_of_group'], GroupManager::GROUP_TOOL_FORUM);
$show_forum = GroupManager::user_has_access(
api_get_user_id(),
$current_forum['forum_of_group'],
GroupManager::GROUP_TOOL_FORUM
);
if (!$show_forum) {
api_not_allowed();
}
@ -145,8 +157,6 @@ echo '<a href="viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&'.ap
echo '</div>';
// Set forum attachment data into $_SESSION
echo '<div class="row">';
echo '<div class="span12">';
getAttachedFiles($current_forum['forum_id'], 0, 0);
$values = show_add_post_form(
$current_forum,
@ -155,20 +165,16 @@ $values = show_add_post_form(
'',
isset($_SESSION['formelements']) ? $_SESSION['formelements'] : null
);
echo '</div></div>';
if (!empty($values) && isset($values['SubmitPost'])) {
// Add new thread in table forum_thread.
store_thread($current_forum, $values);
} else {
// Only show Forum attachment ajax form when do not pass form submit
echo '<div class="row"><div class="span12">';
$attachmentAjaxForm = getAttachmentAjaxForm($current_forum['forum_id'], 0, 0);
echo $attachmentAjaxForm;
echo '</div></div>';
}
/* FOOTER */
if ($origin != 'learnpath') {
Display :: display_footer();
}

10
main/forum/reply.php
Unescape View File

@ -133,20 +133,16 @@ if ($origin != 'learnpath') {
echo '<div style="height:15px">&nbsp;</div>';
}
/*New display forum div*/
echo '<div class="row">';
echo '<div class="span12">';
echo '<div class="forum_title">';
echo '<h1><a href="viewforum.php?&amp;origin='.$origin.'&amp;forum='.$current_forum['forum_id'].'" '.class_visible_invisible($current_forum['visibility']).'>'.prepare4display($current_forum['forum_title']).'</a></h1>';
echo '<p class="forum_description">'.prepare4display($current_forum['forum_comment']).'</p>';
echo '</div></div></div>';
echo '</div>';
/* End new display forum */
// The form for the reply
$my_action = isset($_GET['action']) ? Security::remove_XSS($_GET['action']) : '';
$my_post = isset($_GET['post']) ? Security::remove_XSS($_GET['post']) : '';
$my_elements = isset($_SESSION['formelements']) ? $_SESSION['formelements'] : '';
echo '<div class="row"><div class="span12">';
$values = show_add_post_form($current_forum, $forum_setting, $my_action, $my_post, $my_elements);
echo '</div></div>';
$values = show_add_post_form($current_forum, $forum_setting, $my_action, $my_post, $my_elements);
if (!empty($values) AND isset($_POST['SubmitPost'])) {
$result = store_reply($current_forum, $values);
//@todo split the show_add_post_form function
@ -158,14 +154,12 @@ if (!empty($values) AND isset($_POST['SubmitPost'])) {
</script>';
} else {
// Only show Forum attachment ajax form when do not pass form submit
echo '<div class="row"><div class="span12">';
$attachmentAjaxForm = getAttachmentAjaxForm(
$current_forum['forum_id'],
$current_thread['thread_id'],
0
);
echo $attachmentAjaxForm;
echo '</div></div>';
}
if ($origin != 'learnpath') {

13
main/forum/viewforum.php
Unescape View File

@ -144,7 +144,7 @@ if ($my_action == 'delete' AND isset($_GET['content']) AND isset($_GET['id']) AN
$locked = api_resource_is_locked_by_gradebook($_GET['id'], LINK_FORUM_THREAD);
if ($locked == false) {
$message = GradebookUtils::delete_forum_forumcategory_thread($_GET['content'], $_GET['id']);
$message = deleteForumCategoryThread($_GET['content'], $_GET['id']);
// Delete link
$link_info = GradebookUtils::is_resource_in_course_gradebook(api_get_course_id(), 5 , intval($_GET['id']), api_get_session_id());
$link_id = $link_info['id'];
@ -154,11 +154,18 @@ if ($my_action == 'delete' AND isset($_GET['content']) AND isset($_GET['id']) AN
}
}
// Moving.
if ($my_action == 'move' AND isset($_GET['thread']) AND api_is_allowed_to_edit(false, true) && api_is_allowed_to_session_edit(false, true)) {
if ($my_action == 'move' && isset($_GET['thread']) &&
api_is_allowed_to_edit(false, true ) &&
api_is_allowed_to_session_edit(false, true)
) {
$message = move_thread_form();
}
// Notification.
if ($my_action == 'notify' AND isset($_GET['content']) AND isset($_GET['id']) && api_is_allowed_to_session_edit(false, true)) {
if ($my_action == 'notify' &&
isset($_GET['content']) &&
isset($_GET['id']) &&
api_is_allowed_to_session_edit(false, true)
) {
$return_message = set_notification($_GET['content'], $_GET['id']);
Display :: display_confirmation_message($return_message, false);
}

60
main/forum/viewpost.inc.php
Unescape View File

@ -1,10 +1,19 @@
<?php
/* For licensing terms, see /license.txt */
/**
* @package chamilo.forum
*/
$course = api_get_course_info();
$rows = get_thread_user_post($course['code'], $current_thread['thread_id'], $_GET['user']);
$rows = get_thread_user_post(
$course['code'],
$current_thread['thread_id'],
$_GET['user']
);
$post_en = '';
if (isset($rows)) {
$counter = 1;
foreach ($rows as $row) {
@ -17,9 +26,9 @@ if (isset($rows)) {
}
if ($row['user_id'] == '0') {
$name=prepare4display($row['poster_name']);
$name = prepare4display($row['poster_name']);
} else {
$name=api_get_person_name($row['firstname'], $row['lastname']);
$name = api_get_person_name($row['firstname'], $row['lastname']);
}
if ($counter == 1) {
echo Display::page_subheader($name);
@ -27,13 +36,13 @@ if (isset($rows)) {
echo "<div ".$style."><table class=\"data_table\">";
if ($row['visible']=='0') {
$titleclass='forum_message_post_title_2_be_approved';
$messageclass='forum_message_post_text_2_be_approved';
$leftclass='forum_message_left_2_be_approved';
$titleclass = 'forum_message_post_title_2_be_approved';
$messageclass = 'forum_message_post_text_2_be_approved';
$leftclass = 'forum_message_left_2_be_approved';
} else {
$titleclass='forum_message_post_title';
$messageclass='forum_message_post_text';
$leftclass='forum_message_left';
$titleclass = 'forum_message_post_title';
$messageclass = 'forum_message_post_text';
$leftclass = 'forum_message_left';
}
echo "<tr>";
@ -42,7 +51,7 @@ if (isset($rows)) {
echo '<br /><b>'. api_convert_and_format_date($row['post_date'], DATE_TIME_FORMAT_LONG).'</b><br />';
if (api_is_allowed_to_edit(null,true)) {
echo $url_post;
//echo $url_post;
}
echo "</td>";
@ -74,10 +83,14 @@ if (isset($rows)) {
}
// The post has been displayed => it can be removed from the what's new array
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']]);
if (isset($whatsnew_post_info)) {
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']]);
}
if (isset($_SESSION['whatsnew_post_info'])) {
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']]);
}
echo "</table></div>";
$counter++;
}
@ -87,14 +100,27 @@ $userid = (int)$_GET['user_id'];
$userinf = api_get_user_info($userid);
$current_thread = get_thread_information($_GET['thread']);
$threadid = $current_thread['thread_id'];
$qualify = (int)$_POST['idtextqualify'];
//return Max qualify thread
$max_qualify = show_qualify('2', $userid, $threadid);
$current_qualify_thread = show_qualify('1', $userid, $threadid);
if (isset($_POST['idtextqualify'])) {
store_theme_qualify($userid,$threadid,$qualify,$_SESSION['_user']['user_id'],date('Y-m-d H:i:s'),'');
saveThreadScore(
$current_thread,
$userid,
$threadid,
$_POST['idtextqualify'],
api_get_user_id(),
date('Y-m-d H:i:s'),
''
);
}
$result = get_statistical_information($current_thread['thread_id'], $_GET['user_id'], $_GET['cidReq']);
$result = get_statistical_information(
$current_thread['thread_id'],
$_GET['user_id'],
api_get_course_int_id()
);
if ($userinf['status']!='1') {
echo '<div class="forum-qualification-input-box">';

65
main/forum/viewthread.php
Unescape View File

@ -43,7 +43,6 @@ $current_thread = get_thread_information($_GET['thread']);
$current_forum = get_forum_information($current_thread['forum_id']);
$current_forum_category = get_forumcategory_information($current_forum['forum_category']);
$whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null;
/* Header and Breadcrumbs */
if (!empty($_GET['gradebook']) && $_GET['gradebook'] == 'view') {
@ -58,13 +57,13 @@ if (!empty($gradebook) && $gradebook == 'view') {
);
}
$groupId = api_get_group_id();
if ($origin == 'group') {
$session_toolgroup = api_get_group_id();
$group_properties = GroupManager :: get_group_properties($session_toolgroup);
$group_properties = GroupManager :: get_group_properties($groupId);
$interbreadcrumb[] = array('url'=>'../group/group.php', 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url'=>'../group/group_space.php?gidReq='.$session_toolgroup, 'name'=> get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url'=>'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;gidReq='.$session_toolgroup.'&amp;origin='.$origin.'&amp;search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array('url'=>'viewthread.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;gradebook='.$gradebook.'&amp;thread='.Security::remove_XSS($_GET['thread']), 'name' => Security::remove_XSS($current_thread['thread_title']));
$interbreadcrumb[] = array('url'=>'../group/group_space.php?'.api_get_cidreq(), 'name'=> get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url'=>'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&'.api_get_cidreq().'&origin='.$origin.'&search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array('url'=>'viewthread.php?forum='.Security::remove_XSS($_GET['forum']).'&'.api_get_cidreq().'&thread='.Security::remove_XSS($_GET['thread']), 'name' => Security::remove_XSS($current_thread['thread_title']));
Display :: display_header('');
} else {
@ -87,7 +86,9 @@ if ($origin == 'group') {
// If the user is not a course administrator and the forum is hidden
// then the user is not allowed here.
if (!api_is_allowed_to_edit(false, true) AND ($current_forum['visibility'] == 0 OR $current_thread['visibility'] == 0)) {
if (!api_is_allowed_to_edit(false, true) &&
($current_forum['visibility'] == 0 || $current_thread['visibility'] == 0)
) {
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
exit;
@ -95,15 +96,21 @@ if (!api_is_allowed_to_edit(false, true) AND ($current_forum['visibility'] == 0
}
/* Actions */
$group_id = api_get_group_id();
$my_action = isset($_GET['action']) ? $_GET['action'] : '';
if ($my_action == 'delete' AND isset($_GET['content']) AND isset($_GET['id']) AND (api_is_allowed_to_edit(false, true) OR GroupManager::is_tutor_of_group(api_get_user_id(), $group_id))) {
if ($my_action == 'delete' &&
isset($_GET['content']) &&
isset($_GET['id']) &&
(api_is_allowed_to_edit(false, true) || GroupManager::is_tutor_of_group(api_get_user_id(), $groupId))
) {
$message = delete_post($_GET['id']);
}
if (($my_action == 'invisible' OR $my_action == 'visible') AND isset($_GET['id']) AND (api_is_allowed_to_edit(false, true) OR GroupManager::is_tutor_of_group(api_get_user_id(), $group_id))) {
if (($my_action == 'invisible' || $my_action == 'visible') &&
isset($_GET['id']) &&
(api_is_allowed_to_edit(false, true) || GroupManager::is_tutor_of_group(api_get_user_id(), $groupId))
) {
$message = approve_post($_GET['id'], $_GET['action']);
}
if ($my_action == 'move' AND isset($_GET['post'])) {
if ($my_action == 'move' && isset($_GET['post'])) {
$message = move_post_form();
}
@ -130,11 +137,17 @@ if ($my_message != 'PostDeletedSpecial') {
echo '<a href="'.$forumUrl.'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackToForum'), '', ICON_SIZE_MEDIUM).'</a>';
}
// The reply to thread link should only appear when the forum_category is not locked AND the forum is not locked AND the thread is not locked.
// The reply to thread link should only appear when the forum_category is
// not locked AND the forum is not locked AND the thread is not locked.
// If one of the three levels is locked then the link should not be displayed.
if (($current_forum_category && $current_forum_category['locked'] == 0) AND $current_forum['locked'] == 0 AND $current_thread['locked'] == 0 OR api_is_allowed_to_edit(false, true)) {
if (($current_forum_category &&
$current_forum_category['locked'] == 0) &&
$current_forum['locked'] == 0 &&
$current_thread['locked'] == 0 ||
api_is_allowed_to_edit(false, true)
) {
// The link should only appear when the user is logged in or when anonymous posts are allowed.
if ($_user['user_id'] OR ($current_forum['allow_anonymous'] == 1 AND !$_user['user_id'])) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous'] == 1 && !$_user['user_id'])) {
// reply link
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
echo '<a href="'.$forumUrl.'reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&amp;action=replythread">'.
@ -145,9 +158,9 @@ if ($my_message != 'PostDeletedSpecial') {
(
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])
) OR
($current_forum['allow_new_threads'] == 1 AND isset($_user['user_id'])) OR
($current_forum['allow_new_threads'] == 1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous'] == 1)
) ||
($current_forum['allow_new_threads'] == 1 && isset($_user['user_id'])) ||
($current_forum['allow_new_threads'] == 1 && !isset($_user['user_id']) && $current_forum['allow_anonymous'] == 1)
) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
echo '&nbsp;&nbsp;';
@ -172,18 +185,18 @@ if ($my_message != 'PostDeletedSpecial') {
/* Display Forum Category and the Forum information */
if (!isset($_SESSION['view'])) {
$viewmode = $current_forum['default_view'];
$viewMode = $current_forum['default_view'];
} else {
$viewmode = $_SESSION['view'];
$viewMode = $_SESSION['view'];
}
$viewmode_whitelist = array('flat', 'threaded', 'nested');
if (isset($_GET['view']) && in_array($_GET['view'], $viewmode_whitelist)) {
$viewmode = $_GET['view'];
$_SESSION['view'] = $viewmode;
$whiteList = array('flat', 'threaded', 'nested');
if (isset($_GET['view']) && in_array($_GET['view'], $whiteList)) {
$viewMode = $_GET['view'];
$_SESSION['view'] = $viewMode;
}
if (empty($viewmode)) {
$viewmode = 'flat';
if (empty($viewMode)) {
$viewMode = 'flat';
}
if (isset($_GET['msg']) && isset($_GET['type'])) {
@ -197,7 +210,7 @@ if ($my_message != 'PostDeletedSpecial') {
}
}
switch ($viewmode) {
switch ($viewMode) {
case 'flat':
include_once 'viewthread_flat.inc.php';
break;

101
main/forum/viewthread_flat.inc.php
Unescape View File

@ -15,15 +15,24 @@ if ((isset($_GET['action']) &&
delete_attachment(0,$_GET['id_attach']);
}
$sessionId = api_get_session_id();
$_user = api_get_user_info();
$userId = api_get_user_id();
$groupId = api_get_group_id();
if (isset($current_thread['thread_id'])) {
$rows = get_posts($current_thread['thread_id']);
$increment = 0;
$clean_forum_id = intval($_GET['forum']);
$clean_thread_id = intval($_GET['thread']);
$locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD);
$locked = api_resource_is_locked_by_gradebook(
$clean_thread_id,
LINK_FORUM_THREAD
);
if (!empty($rows)) {
foreach ($rows as $row) {
echo '<table width="100%" class="forum_table" cellspacing="5" border="0">';
// the style depends on the status of the message: approved or not
if ($row['visible']=='0') {
@ -47,15 +56,13 @@ if (isset($current_thread['thread_id'])) {
if ($origin!='learnpath') {
if (api_get_course_setting('allow_user_image_forum')) {
echo '<br />'.display_user_image($row['user_id'],$name).'<br />';
echo '<br />'.display_user_image($row['user_id'], $name).'<br />';
}
echo display_user_link($row['user_id'], $name, '', $username).'<br />';
} else {
echo Display::tag('span', $name, array('title' => api_htmlentities($username, ENT_QUOTES))).'<br />';
}
$group_id = api_get_group_id();
echo api_convert_and_format_date($row['post_date']).'<br /><br />';
// get attach id
$attachment_list = get_attachment($row['post_id']);
@ -63,27 +70,45 @@ if (isset($current_thread['thread_id'])) {
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if (
GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) ||
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))
GroupManager::is_tutor_of_group($userId, $groupId) ||
($current_forum['allow_edit'] == 1 && $row['user_id'] == $_user['user_id']) ||
(
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
)
) {
if (api_is_allowed_to_session_edit(false,true)) {
if (api_is_allowed_to_session_edit(false, true)) {
if ($locked == false) {
echo "<a href=\"editpost.php?".api_get_cidreq()."&amp;gidReq=".Security::remove_XSS($_GET['gidReq'])."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;post=".$row['post_id']."&amp;origin=".$origin."&amp;edit=edition&amp;id_attach=".$id_attach."\">".Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&post=".$row['post_id']."&amp;origin=".$origin."&amp;edit=edition&amp;id_attach=".$id_attach."\">".
Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
}
}
}
if ($origin != 'learnpath') {
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) || api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
if (GroupManager::is_tutor_of_group($userId, $groupId) ||
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
) {
if ($locked == false) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&amp;origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'),array(), ICON_SIZE_SMALL)."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=delete&amp;content=post&amp;id=".$row['post_id']."&amp;origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".
Display::return_icon('delete.png', get_lang('Delete'),array(), ICON_SIZE_SMALL)."</a>";
}
}
if (api_is_allowed_to_edit(false,true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])
if (api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
) {
display_visible_invisible_icon('post', $row['post_id'], $row['visible'],array('forum'=>$clean_forum_id,'thread'=>$clean_thread_id, 'origin'=>$origin ));
display_visible_invisible_icon(
'post',
$row['post_id'],
$row['visible'],
array(
'forum' => $clean_forum_id,
'thread' => $clean_thread_id,
'origin' => $origin,
)
);
echo "";
if ($increment>0) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=move&amp;post=".$row['post_id']."&amp;origin=".$origin."\">".Display::return_icon('move.png',get_lang('MovePost'), array(), ICON_SIZE_SMALL)."</a>";
@ -91,32 +116,54 @@ if (isset($current_thread['thread_id'])) {
}
}
$user_status = api_get_status_of_user_in_course($row['user_id'], api_get_course_int_id());
$current_qualify_thread = show_qualify('1', $row['poster_id'],$_GET['thread']);
$user_status = api_get_status_of_user_in_course(
$row['user_id'],
api_get_course_int_id()
);
if (api_is_allowed_to_edit(null,true) && $origin != 'learnpath') {
$current_qualify_thread = show_qualify(
'1',
$row['poster_id'],
$_GET['thread']
);
if (
($current_thread['thread_peer_qualify'] == 1 ||
api_is_allowed_to_edit(null, true))
&& $origin != 'learnpath'
) {
$my_forum_id = $clean_forum_id;
if (isset($_GET['gradebook'])) {
$info_thread = get_thread_information($clean_thread_id);
$my_forum_id = $info_thread['forum_id'];
}
if ($increment > 0 && $locked == false) {
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&amp;forum=".$my_forum_id."&amp;thread=".$clean_thread_id."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&amp;user_id=".$row['poster_id']."&amp;origin=".$origin."&amp;idtextqualify=".$current_qualify_thread."\" >".
$userCanEdit = $current_thread['thread_peer_qualify'] == 1 && $row['poster_id'] != $userId;
if (api_is_allowed_to_edit(null, true)) {
$userCanEdit = true;
}
if ($increment > 0 && $locked == false && $userCanEdit) {
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$my_forum_id."&thread=".$clean_thread_id."&action=list&post=".$row['post_id']."&amp;user=".$row['poster_id']."&amp;user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".
Display::return_icon('quiz.gif',get_lang('Qualify'))."</a> ";
}
}
if (($current_forum_category && $current_forum_category['locked']==0) &&
$current_forum['locked']==0 && $current_thread['locked']==0 || api_is_allowed_to_edit(false,true)
if (($current_forum_category && $current_forum_category['locked'] == 0) &&
$current_forum['locked'] == 0 &&
$current_thread['locked'] == 0 ||
api_is_allowed_to_edit(false, true)
) {
if ($_user['user_id'] || ($current_forum['allow_anonymous']==1 && !$_user['user_id'])) {
if ($_user['user_id'] || ($current_forum['allow_anonymous'] == 1 && !$_user['user_id'])) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$row['post_id'].'&amp;action=replymessage&amp;origin='.$origin.'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$row['post_id'].'&amp;action=quote&amp;origin='.$origin.'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$row['post_id'].'&action=replymessage&origin='.$origin.'">'.
Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$row['post_id'].'&action=quote&origin='.$origin.'">'.
Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
}
}
} else {
if ($current_forum_category && $current_forum_category['locked']==1) {
if ($current_forum_category && $current_forum_category['locked'] == 1) {
echo get_lang('ForumcategoryLocked').'<br />';
}
if ($current_forum['locked']==1) {
@ -170,7 +217,7 @@ if (isset($current_thread['thread_id'])) {
echo '<a href="download.php?file='.$realname.'"> '.$user_filename.' </a>';
if (($current_forum['allow_edit']==1 && $row['user_id']==$_user['user_id']) ||
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$sessionId))
) {
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;origin='.Security::remove_XSS($_GET['origin']).'&amp;action=delete_attach&amp;id_attach='.$attachment['id'].'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a><br />';
}

129
main/forum/viewthread_nested.inc.php
Unescape View File

@ -8,8 +8,6 @@
* @package chamilo.forum
*/
require_once api_get_path(SYS_CODE_PATH).'forum/forumfunction.inc.php';
// Are we in a lp ?
$origin = '';
if (isset($_GET['origin'])) {
@ -17,33 +15,39 @@ if (isset($_GET['origin'])) {
}
//delete attachment file
if ((isset($_GET['action']) && $_GET['action']=='delete_attach') && isset($_GET['id_attach'])) {
delete_attachment(0,$_GET['id_attach']);
if (isset($_GET['action']) &&
$_GET['action']=='delete_attach' &&
isset($_GET['id_attach'])
) {
delete_attachment(0, $_GET['id_attach']);
}
$rows = get_posts($_GET['thread']);
$rows = calculate_children($rows);
$count=0;
$count = 0;
$clean_forum_id = intval($_GET['forum']);
$clean_thread_id = intval($_GET['thread']);
$group_id = api_get_group_id();
$locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD);
$sessionId = api_get_session_id();
$currentThread = get_thread_information($_GET['thread']);
$userId = api_get_user_id();
foreach ($rows as $post) {
// The style depends on the status of the message: approved or not.
if ($post['visible']=='0') {
$titleclass='forum_message_post_title_2_be_approved';
$messageclass='forum_message_post_text_2_be_approved';
$leftclass='forum_message_left_2_be_approved';
$titleclass = 'forum_message_post_title_2_be_approved';
$messageclass = 'forum_message_post_text_2_be_approved';
$leftclass = 'forum_message_left_2_be_approved';
} else {
$titleclass='forum_message_post_title';
$messageclass='forum_message_post_text';
$leftclass='forum_message_left';
$titleclass = 'forum_message_post_title';
$messageclass = 'forum_message_post_text';
$leftclass = 'forum_message_left';
}
$indent=$post['indent_cnt']*'20';
echo "<div style=\"margin-left: ".$indent."px;\">";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">";
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">";
echo "<tr>";
echo "<td rowspan=\"3\" class=\"$leftclass\">";
@ -53,67 +57,87 @@ foreach ($rows as $post) {
} else {
$name = api_get_person_name($post['firstname'], $post['lastname']);
}
if (api_get_course_setting('allow_user_image_forum')) {
echo '<br />'.display_user_image($post['user_id'],$name,$origin).'<br />';
}
echo display_user_link($post['user_id'], $name, $origin, $username)."<br />";
echo api_convert_and_format_date($post['post_date']).'<br /><br />';
// get attach id
$attachment_list=get_attachment($post['post_id']);
$id_attach = !empty($attachment_list)?$attachment_list['id']:'';
$attachment_list = get_attachment($post['post_id']);
$id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR
($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) OR
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session']))
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
($current_forum['allow_edit'] == 1 && $row['user_id'] == $userId) ||
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
) {
if ($locked == false) {
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&post=".$post['post_id']."&amp;id_attach=".$id_attach."\">".
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&post=".$post['post_id']."&id_attach=".$id_attach."\">".
Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
}
}
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR
api_is_allowed_to_edit(false,true) &&
!(api_is_course_coach() &&
$current_forum['session_id']!=$_SESSION['id_session'])
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
) {
if ($locked == false) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;gidReq=".Security::remove_XSS($_GET['gidReq'])."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=delete&amp;content=post&amp;id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL)."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=delete&content=post&id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".
Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL)."</a>";
}
}
if (api_is_allowed_to_edit(false,true)
&& !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
display_visible_invisible_icon('post', $post['post_id'], $post['visible'], array('forum'=>$clean_forum_id,'thread'=>$clean_thread_id ));
if (api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() &&
$current_forum['session_id'] != $sessionId
)
) {
display_visible_invisible_icon(
'post',
$post['post_id'],
$post['visible'],
array('forum' => $clean_forum_id, 'thread' => $clean_thread_id)
);
if ($count>0) {
echo "<a href=\"viewthread.php?".api_get_cidreq()."&amp;gidReq=".Security::remove_XSS($_GET['gidReq'])."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=move&amp;origin=".$origin."&amp;post=".$post['post_id']."\">".Display::return_icon('move.png',get_lang('MovePost'), array(),ICON_SIZE_SMALL)."</a>";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=move&origin=".$origin."&post=".$post['post_id']."\">".
Display::return_icon('move.png',get_lang('MovePost'), array(),ICON_SIZE_SMALL)."</a>";
}
}
$userinf = api_get_user_info($post['user_id']);
$user_status = api_get_status_of_user_in_course($post['user_id'], api_get_course_int_id());
if (api_is_allowed_to_edit(null,true)) {
//if ($count>0 && $user_status!=1) {
if ($count>0) {
$current_qualify_thread = show_qualify('1', $post['user_id'],$_GET['thread']);
$userCanQualify = $currentThread['thread_peer_qualify'] == 1 && $post['poster_id'] != $userId;
if (api_is_allowed_to_edit(null, true)) {
$userCanQualify = true;
}
if ($userCanQualify) {
if ($count > 0) {
$current_qualify_thread = show_qualify(
'1',
$post['user_id'],
$_GET['thread']
);
if ($locked == false) {
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=list&amp;post=".$post['post_id']."&amp;user=".$post['user_id']."&amp;user_id=".$post['user_id']."&amp;origin=".$origin."&amp;idtextqualify=".$current_qualify_thread."\" >".Display::return_icon('new_test_small.gif',get_lang('Qualify'))."</a>";
echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=list&post=".$post['post_id']."&user=".$post['user_id']."&user_id=".$post['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".
Display::return_icon('quiz.gif',get_lang('Qualify'))."</a>";
}
}
}
if (($current_forum_category && $current_forum_category['locked']==0) AND
$current_forum['locked']==0 AND $current_thread['locked']==0 OR api_is_allowed_to_edit(false,true)
if (($current_forum_category && $current_forum_category['locked'] == 0) &&
$current_forum['locked']==0 && $current_thread['locked']==0 || api_is_allowed_to_edit(false, true)
) {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$post['post_id'].'&amp;action=replymessage&amp;origin='. $origin .'">'.Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'&amp;post='.$post['post_id'].'&amp;action=quote&amp;origin='. $origin .'">'.Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
if ($userId || ($current_forum['allow_anonymous']==1 && !$userId)) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$post['post_id'].'&action=replymessage&origin='. $origin .'">'.
Display :: return_icon('message_reply_forum.png', get_lang('ReplyToMessage'))."</a>";
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$post['post_id'].'&action=quote&origin='. $origin .'">'.
Display :: return_icon('quote.gif', get_lang('QuoteMessage'))."</a>";
}
}
} else {
if ($current_forum_category && $current_forum_category['locked']==1) {
if ($current_forum_category && $current_forum_category['locked'] == 1) {
echo get_lang('ForumcategoryLocked').'<br />';
}
if ($current_forum['locked']==1) {
@ -125,17 +149,22 @@ foreach ($rows as $post) {
}
echo "</td>";
// note: this can be removed here because it will be displayed in the tree
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) AND
!empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) AND
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) &&
!empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) &&
!empty($whatsnew_post_info[$_GET['forum']][$post['thread_id']])
) {
$post_image=Display::return_icon('forumpostnew.gif');
$post_image = Display::return_icon('forumpostnew.gif');
} else {
$post_image=Display::return_icon('forumpost.gif');
$post_image = Display::return_icon('forumpost.gif');
}
if ($post['post_notification']=='1' AND $post['poster_id']==$_user['user_id']) {
$post_image.=Display::return_icon('forumnotification.gif',get_lang('YouWillBeNotified'));
if ($post['post_notification']=='1' && $post['poster_id']==$userId) {
$post_image .= Display::return_icon(
'forumnotification.gif',
get_lang('YouWillBeNotified')
);
}
// The post title
echo "<td class=\"$titleclass\">".prepare4display($post['post_title'])."</td>";
echo "</tr>";
@ -157,10 +186,10 @@ foreach ($rows as $post) {
echo $realname;
echo ' "> '.$user_filename.' </a>';
echo '<span class="forum_attach_comment" >'.$attachment['comment'].'</span>';
if (($current_forum['allow_edit']==1 AND $post['user_id']==$_user['user_id']) OR
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))
if (($current_forum['allow_edit'] == 1 && $post['user_id'] == $userId) ||
(api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
) {
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;origin='.Security::remove_XSS($_GET['origin']).'&amp;action=delete_attach&amp;id_attach='.$attachment['id'].'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a><br />';
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&origin='.Security::remove_XSS($_GET['origin']).'&action=delete_attach&id_attach='.$attachment['id'].'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a><br />';
}
echo '</td></tr>';
}

170
main/forum/viewthread_threaded.inc.php
Unescape View File

@ -21,11 +21,14 @@
* @package chamilo.forum
*/
require_once api_get_path(SYS_CODE_PATH) . 'forum/forumfunction.inc.php';
$forumUrl = api_get_path(WEB_CODE_PATH) . 'forum/';
$_user = api_get_user_info();
$rows = get_posts($_GET['thread']);
$rows = calculate_children($rows);
$sessionId = api_get_session_id();
$currentThread = get_thread_information($_GET['thread']);
$post_id = isset($_GET['post']) ? (int) $_GET['post'] : 0;
$userId = api_get_user_id();
if (isset($_GET['post']) && $_GET['post']) {
$display_post_id = intval($_GET['post']);
@ -56,15 +59,14 @@ if (
// Displaying the thread (structure)
$thread_structure = "<div class=\"structure\">" .
get_lang('Structure') . "</div>";
$thread_structure = "<div class=\"structure\">" .get_lang('Structure')."</div>";
$counter = 0;
$count = 0;
$prev_next_array = array();
$forumId = intval($_GET['forum']);
$threadId = intval($_GET['thread']);
$group_id = api_get_group_id();
$groupId = api_get_group_id();
foreach ($rows as $post) {
$counter++;
@ -72,8 +74,8 @@ foreach ($rows as $post) {
$thread_structure .= "<div style=\"margin-left: " . $indent . "px;\">";
if (
!empty($whatsnew_post_info[$forumId][$post['thread_id']]) AND
isset($whatsnew_post_info[$forumId][$threadId][$post['post_id']]) AND
!empty($whatsnew_post_info[$forumId][$post['thread_id']]) &&
isset($whatsnew_post_info[$forumId][$threadId][$post['post_id']]) &&
!empty($whatsnew_post_info[$forumId][$threadId][$post['post_id']])
) {
$post_image = Display::return_icon('forumpostnew.gif');
@ -87,8 +89,7 @@ foreach ($rows as $post) {
$counter == 1 AND !isset($_GET['post'])
)
) {
$thread_structure .= '<strong>' .
prepare4display($post['post_title']) . '</strong></div>';
$thread_structure .= '<strong>' .prepare4display($post['post_title']) . '</strong></div>';
$prev_next_array[] = $post['post_id'];
} else {
if ($post['visible'] == '0') {
@ -143,6 +144,9 @@ $next_img = Display::return_icon(
array('style' => 'vertical-align: middle;')
);
$class_prev = '';
$class_next = '';
// Links
$first_href = $forumUrl . 'viewthread.php?' . api_get_cidreq() .
'&forum=' . $forumId . '&thread=' . $threadId .
@ -207,21 +211,25 @@ $username = sprintf(get_lang('LoginX'), $rows[$display_post_id]['username']);
if ($rows[$display_post_id]['user_id'] == '0') {
$name = prepare4display($rows[$display_post_id]['poster_name']);
} else {
$name = api_get_person_name($rows[$display_post_id]['firstname'], $rows[$display_post_id]['lastname']);
$name = api_get_person_name(
$rows[$display_post_id]['firstname'],
$rows[$display_post_id]['lastname']
);
}
if (api_get_course_setting('allow_user_image_forum')) {
echo '<br />' . display_user_image($rows[$display_post_id]['user_id'], $name, $origin) . '<br />';
}
echo display_user_link(
$rows[$display_post_id]['user_id'],
$name,
$origin,
$username
) . "<br />";
$rows[$display_post_id]['user_id'],
$name,
$origin,
$username
) . "<br />";
echo api_convert_and_format_date(
$rows[$display_post_id]['post_date']
) . '<br /><br />';
$rows[$display_post_id]['post_date']
) . '<br /><br />';
// Get attach id
$attachment_list = get_attachment($display_post_id);
$id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
@ -229,13 +237,13 @@ $id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if (
GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR (
$current_forum['allow_edit'] == 1 AND
GroupManager::is_tutor_of_group(api_get_user_id(), $groupId) || (
$current_forum['allow_edit'] == 1 &&
$row['user_id'] == $_user['user_id']
) OR (
api_is_allowed_to_edit(false,true) && !(
) || (
api_is_allowed_to_edit(false, true) && !(
api_is_course_coach() &&
$current_forum['session_id'] != $_SESSION['id_session']
$current_forum['session_id'] != $sessionId
)
)
) {
@ -253,12 +261,25 @@ if (
}
}
// Verified the post minor
$my_post = get_posts($_GET['thread']);
$id_posts = array();
if (!empty($my_post) && is_array($my_post)) {
foreach ($my_post as $post_value) {
$id_posts[] = $post_value['post_id'];
}
sort($id_posts, SORT_NUMERIC);
reset($id_posts);
// The post minor
$post_minor = (int)$id_posts[0];
}
if (
GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) OR
api_is_allowed_to_edit(false,true) && !(
api_is_course_coach() &&
$current_forum['session_id'] != $_SESSION['id_session']
)
GroupManager::is_tutor_of_group(api_get_user_id(), $groupId) ||
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() &&$current_forum['session_id'] != $sessionId)
) {
if ($locked == false) {
echo "<a href=\"" . api_get_self() . "?" . api_get_cidreq() .
@ -274,6 +295,7 @@ if (
ICON_SIZE_SMALL
)."</a>";
}
display_visible_invisible_icon(
'post',
$rows[$display_post_id]['post_id'],
@ -281,47 +303,44 @@ if (
array(
'forum' => $forumId,
'thread' => $threadId,
'post' => Security::remove_XSS($_GET['post']) ));
// Verified the post minor
$my_post = get_posts($_GET['thread']);
$id_posts = array();
if (!empty($my_post) && is_array($my_post)) {
foreach ($my_post as $post_value) {
$id_posts[] = $post_value['post_id'];
}
sort($id_posts, SORT_NUMERIC);
reset($id_posts);
// The post minor
$post_minor = (int) $id_posts[0];
$post_id = isset($_GET['post']) ? (int) $_GET['post'] : 0;
if (!isset($_GET['id']) && $post_id > $post_minor) {
echo "<a href=\"viewthread.php?" . api_get_cidreq() .
"&gidReq=" . Security::remove_XSS($_GET['gidReq']) .
"&forum=" . $forumId . "&thread=" . $threadId .
"&origin=" . $origin . "&action=move&post=" .
$rows[$display_post_id]['post_id'] . "\">" .
Display::return_icon(
'move.png',
get_lang('MovePost'),
array(),
ICON_SIZE_SMALL
) . "</a>";
}
'post' => Security::remove_XSS($_GET['post'])
)
);
if (!isset($_GET['id']) && $post_id > $post_minor) {
echo "<a href=\"viewthread.php?" . api_get_cidreq() .
"&forum=" . $forumId . "&thread=" . $threadId .
"&origin=" . $origin . "&action=move&post=" .
$rows[$display_post_id]['post_id'] . "\">" .
Display::return_icon(
'move.png',
get_lang('MovePost'),
array(),
ICON_SIZE_SMALL
) . "</a>";
}
}
$userinf = api_get_user_info($rows[$display_post_id]['user_id']);
/*$userinf = api_get_user_info($rows[$display_post_id]['user_id']);
$user_status = api_get_status_of_user_in_course(
$rows[$display_post_id]['user_id'],
api_get_course_int_id()
);
);*/
$userCanQualify = $currentThread['thread_peer_qualify'] == 1 && $rows[$display_post_id]['poster_id'] != $userId;
if (api_is_allowed_to_edit(null, true)) {
$userCanQualify = true;
}
if ($userCanQualify) {
if ($post_id > $post_minor) {
$current_qualify_thread = show_qualify(
'1',
$rows[$display_post_id]['user_id'],
$_GET['thread']
);
if ($locked == false) {
echo "<a href=\"forumqualify.php?" . api_get_cidreq() .
"&forum=" . $forumId . "&thread=" . $threadId .
@ -330,30 +349,20 @@ if (api_is_allowed_to_edit(null, true)) {
$rows[$display_post_id]['user_id'] . "&origin=" . $origin .
"&idtextqualify=" . $current_qualify_thread .
"\" >" . Display::return_icon(
'new_test_small.gif',
'quiz.gif',
get_lang('Qualify')
) . "</a>";
}
}
}
if (
(
$current_forum_category &&
$current_forum_category['locked'] == 0
) AND $current_forum['locked'] == 0 AND
$current_thread['locked'] == 0 OR
api_is_allowed_to_edit(false,true)
if (($current_forum_category && $current_forum_category['locked'] == 0) &&
$current_forum['locked'] == 0 &&
$current_thread['locked'] == 0 || api_is_allowed_to_edit(false, true)
) {
if (
$_user['user_id'] OR (
$current_forum['allow_anonymous'] == 1 AND
!$_user['user_id']
)
if ($_user['user_id'] ||
($current_forum['allow_anonymous'] == 1 && !$_user['user_id'])
) {
if (
!api_is_anonymous() &&
api_is_allowed_to_session_edit(false, true)
) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
echo '<a href="reply.php?' . api_get_cidreq() .
'&forum=' . $forumId . '&thread=' . $threadId .
'&post=' . $rows[$display_post_id]['post_id'] .
@ -383,6 +392,7 @@ if (
echo get_lang('ThreadLocked') . '<br />';
}
}
echo "</td>";
// Note: this can be removed here because it will be displayed in the tree
if (
@ -424,17 +434,11 @@ if (!empty($attachment_list) && is_array($attachment_list)) {
echo ' "> ' . $user_filename . ' </a>';
echo '<span class="forum_attach_comment">' .
Security::remove_XSS($attachment['comment'], STUDENT) . '</span>';
if (
(
$current_forum['allow_edit'] == 1 AND
$rows[$display_post_id]['user_id'] == $_user['user_id']
) OR (
api_is_allowed_to_edit(false, true) && !(
api_is_course_coach() &&
$current_forum['session_id'] != $_SESSION['id_session']
)
)
) {
($current_forum['allow_edit'] == 1 &&$rows[$display_post_id]['user_id'] == $_user['user_id']) ||
(api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
) {
echo '&nbsp;&nbsp;<a href="' . api_get_self() . '?' .
api_get_cidreq() . '&origin=' .
Security::remove_XSS($_GET['origin']) .

4
main/inc/lib/groupmanager.lib.php
Unescape View File

@ -1625,8 +1625,8 @@ class GroupManager
/**
* Is the user a tutor of this group?
* @param $user_id the id of the user
* @param $group_id the id of the group
* @param int $user_id the id of the user
* @param int $group_id the id of the group
* @return boolean true/false
* @todo use the function user_has_access that includes this function
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University

4
main/inc/lib/hook/HookAdminBlock.php
Unescape View File

@ -1,5 +1,6 @@
<?php
/* For licensing terms, see /license.txt /
/* For licensing terms, see /license.txt */
/**
* This file contains a Hook Event class for Admin Block.
* @package chamilo.library.hook
@ -12,7 +13,6 @@
*/
class HookAdminBlock extends HookEvent implements HookAdminBlockEventInterface
{
/**
* Constructor
*/

2
src/Chamilo/CoreBundle/Migrations/Schema/V110/Version110.php
Unescape View File

@ -298,6 +298,8 @@ class Version110 extends AbstractMigrationChamilo
$this->addSql("ALTER TABLE c_forum_thread DROP PRIMARY KEY");
$this->addSql("ALTER TABLE c_forum_thread ADD COLUMN iid int unsigned NOT NULL PRIMARY KEY AUTO_INCREMENT");
$this->addSql("ALTER TABLE c_forum_thread ADD COLUMN thread_peer_qualify tinyint default 0");
$this->addSql("ALTER TABLE c_glossary MODIFY COLUMN glossary_id int unsigned DEFAULT NULL");
$this->addSql("ALTER TABLE c_glossary MODIFY COLUMN c_id int unsigned DEFAULT NULL");
$this->addSql("ALTER TABLE c_glossary DROP PRIMARY KEY");

34
src/Chamilo/CourseBundle/Entity/CForumThread.php
Unescape View File

@ -140,10 +140,43 @@ class CForumThread
* @ORM\Column(name="thread_weight", type="float", precision=6, scale=2, nullable=false)
*/
private $threadWeight;
/**
* @var bool
*
* @ORM\Column(name="thread_peer_qualify", type="boolean")
*/
private $threadPeerQualify;
/**
* Constructor
*/
public function __construct()
{
$this->threadPeerQualify = 0;
}
/**
* @return boolean
*/
public function isThreadPeerQualify()
{
return $this->threadPeerQualify;
}
/**
* @param boolean $threadPeerQualify
*/
public function setThreadPeerQualify($threadPeerQualify)
{
$this->threadPeerQualify = $threadPeerQualify;
}
/**
* Set threadTitle
*
* @param string $threadTitle
*
* @return CForumThread
*/
public function setThreadTitle($threadTitle)
@ -167,6 +200,7 @@ class CForumThread
* Set forumId
*
* @param integer $forumId
*
* @return CForumThread
*/
public function setForumId($forumId)

543
tests/main/forum/forumfunction.inc.test.php
View File

File diff suppressed because it is too large Load Diff
Write Preview
Loading…
Cancel
Save