diff --git a/main/forum/download.php b/main/forum/download.php index a848cdb560..8670e100ba 100755 --- a/main/forum/download.php +++ b/main/forum/download.php @@ -9,10 +9,6 @@ * @package chamilo.document */ -/* - MAIN CODE -*/ - session_cache_limiter('public'); require_once '../inc/global.inc.php'; @@ -44,11 +40,12 @@ $full_file_name = api_get_path(SYS_COURSE_PATH).api_get_course_path().'/upload/f //if the rewrite rule asks for a directory, we redirect to the document explorer if (is_dir($full_file_name)) { //remove last slash if present - //$doc_url = ($doc_url{strlen($doc_url)-1}=='/')?substr($doc_url,0,strlen($doc_url)-1):$doc_url; //mod_rewrite can change /some/path/ to /some/path// in some cases, so clean them all off (René) - while ($doc_url{$dul = strlen($doc_url)-1}=='/') $doc_url = substr($doc_url,0,$dul); + while ($doc_url{$dul = strlen($doc_url) - 1} == '/') { + $doc_url = substr($doc_url, 0, $dul); + } //create the path - $document_explorer = api_get_path(WEB_COURSE_PATH).api_get_course_path(); // home course path + $document_explorer = api_get_path(WEB_COURSE_PATH).api_get_course_path(); //redirect header('Location: '.$document_explorer); } @@ -61,19 +58,41 @@ $course_id = api_get_course_int_id(); // launch event event_download($doc_url); -$sql='SELECT thread_id, forum_id,filename FROM '.$tbl_forum_post.' f INNER JOIN '.$tbl_forum_attachment.' a - ON a.post_id=f.post_id - WHERE f.c_id = '.$course_id.' AND a.c_id = '.$course_id.' AND path LIKE BINARY "'.$doc_url.'"'; +$sql = 'SELECT thread_id, forum_id,filename + FROM '.$tbl_forum_post.' f + INNER JOIN '.$tbl_forum_attachment.' a + ON a.post_id=f.post_id + WHERE + f.c_id = '.$course_id.' AND + a.c_id = '.$course_id.' AND + path LIKE BINARY "'.$doc_url.'"'; $result = Database::query($sql); -$row = Database::fetch_array($result); - -$forum_thread_visibility = api_get_item_visibility(api_get_course_info($course_code),TOOL_FORUM_THREAD,$row['thread_id'], api_get_session_id()); -$forum_forum_visibility = api_get_item_visibility(api_get_course_info($course_code),TOOL_FORUM,$row['forum_id'], api_get_session_id()); +$row = Database::fetch_array($result); + +$forum_thread_visibility = api_get_item_visibility( + api_get_course_info($course_code), + TOOL_FORUM_THREAD, + $row['thread_id'], + api_get_session_id() +); +$forum_forum_visibility = api_get_item_visibility( + api_get_course_info($course_code), + TOOL_FORUM, + $row['forum_id'], + api_get_session_id() +); if ($forum_thread_visibility==1 && $forum_forum_visibility==1) { - if (Security::check_abs_path($full_file_name, api_get_path(SYS_COURSE_PATH).api_get_course_path().'/upload/forum/')) { - DocumentManager::file_send_for_download($full_file_name, TRUE, $row['filename']); + if (Security::check_abs_path( + $full_file_name, + api_get_path(SYS_COURSE_PATH).api_get_course_path().'/upload/forum/') + ) { + DocumentManager::file_send_for_download( + $full_file_name, + true, + $row['filename'] + ); } } -exit; \ No newline at end of file +exit; diff --git a/main/forum/editpost.php b/main/forum/editpost.php index a29564f4b1..03bf278476 100755 --- a/main/forum/editpost.php +++ b/main/forum/editpost.php @@ -21,7 +21,6 @@ * * @package chamilo.forum */ -/* INIT SECTION */ // Language files that need to be included. $language_file = array('forum', 'group', 'gradebook'); @@ -99,10 +98,10 @@ if ($origin == 'group') { $interbreadcrumb[] = array('url' => 'viewforum.php?origin='.$origin.'&gidReq='.$_SESSION['toolgroup'].'&forum='.Security::remove_XSS($_GET['forum']), 'name' => prepare4display($current_forum['forum_title'])); $interbreadcrumb[] = array('url' => 'javascript: void (0);', 'name' => get_lang('EditPost')); } else { - $interbreadcrumb[] = array('url' => 'index.php?gradebook='.$gradebook, 'name' => $nameTools); + $interbreadcrumb[] = array('url' => 'index.php?'.api_get_cidreq(), 'name' => $nameTools); $interbreadcrumb[] = array('url' => 'viewforumcategory.php?forumcategory='.$current_forum_category['cat_id'], 'name' => prepare4display($current_forum_category['cat_title'])); $interbreadcrumb[] = array('url' => 'viewforum.php?origin='.$origin.'&forum='.Security::remove_XSS($_GET['forum']), 'name' => prepare4display($current_forum['forum_title'])); - $interbreadcrumb[] = array('url' => 'viewthread.php?gradebook='.$gradebook.'&origin='.$origin.'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']), 'name' => prepare4display($current_thread['thread_title'])); + $interbreadcrumb[] = array('url' => 'viewthread.php?'.api_get_cidreq().'&origin='.$origin.'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']), 'name' => prepare4display($current_thread['thread_title'])); $interbreadcrumb[] = array('url' => 'javascript: void (0);', 'name' => get_lang('EditPost')); } @@ -139,14 +138,23 @@ if ($origin == 'learnpath') { // The only exception is the course manager // I have split this is several pieces for clarity. //if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility'] == 0 OR $current_forum['visibility'] == 0) OR ($current_forum_category['locked'] <> 0 OR $current_forum['locked'] <> 0 OR $current_thread['locked'] <> 0))) { -if (!api_is_allowed_to_edit(null, true) AND (($current_forum_category && $current_forum_category['visibility'] == 0) OR $current_forum['visibility'] == 0)) { +if (!api_is_allowed_to_edit(null, true) AND + (($current_forum_category && $current_forum_category['visibility'] == 0) OR + $current_forum['visibility'] == 0) +) { $forum_allow = forum_not_allowed_here(); if ($forum_allow === false) { exit; } } -if (!api_is_allowed_to_edit(null, true) AND (($current_forum_category && $current_forum_category['locked'] <> 0 ) OR $current_forum['locked'] <> 0 OR $current_thread['locked'] <> 0)) { +if (!api_is_allowed_to_edit(null, true) AND + ( + ($current_forum_category && $current_forum_category['locked'] <> 0 ) OR + $current_forum['locked'] <> 0 OR + $current_thread['locked'] <> 0 + ) +) { $forum_allow = forum_not_allowed_here(); if ($forum_allow === false) { exit; @@ -173,9 +181,9 @@ if ($origin != 'learnpath') { echo '
'; echo ''.search_link().''; if ($origin == 'group') { - echo ''.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('Groups'), '', ICON_SIZE_MEDIUM).''; + echo ''.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('Groups'), '', ICON_SIZE_MEDIUM).''; } else { - echo ''.Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM).''; + echo ''.Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM).''; } echo ''.Display::return_icon('forum.png', get_lang('BackToForum'), '', ICON_SIZE_MEDIUM).''; echo '
'; @@ -184,12 +192,12 @@ if ($origin != 'learnpath') { /* Display Forum Category and the Forum information */ /*New display forum div*/ - echo '
'; - echo '
'; - echo '
'; - echo '

'.prepare4display($current_forum['forum_title']).'

'; - echo '

'.prepare4display($current_forum['forum_comment']).'

'; - echo '
'; +echo '
'; +echo '
'; +echo '
'; +echo '

'.prepare4display($current_forum['forum_title']).'

'; +echo '

'.prepare4display($current_forum['forum_comment']).'

'; +echo '
'; /* End new display forum */ // Set forum attachment data into $_SESSION @@ -197,7 +205,13 @@ getAttachedFiles($current_forum['forum_id'], $current_thread['thread_id'], $curr // The form for the reply echo '
'; echo '
'; -$values = show_edit_post_form($forum_setting, $current_post, $current_thread, $current_forum, isset($_SESSION['formelements']) ? $_SESSION['formelements'] : ''); +$values = show_edit_post_form( + $forum_setting, + $current_post, + $current_thread, + $current_forum, + isset($_SESSION['formelements']) ? $_SESSION['formelements'] : '' +); echo '
'; if (!empty($values) and isset($_POST['SubmitPost'])) { @@ -214,7 +228,18 @@ if (!empty($values) and isset($_POST['SubmitPost'])) { $link_info = is_resource_in_course_gradebook(api_get_course_id(), 5, $id, $session_id); $link_id = $link_info['id']; if (!$link_info) { - add_resource_to_course_gradebook($values['category_id'], api_get_course_id(), 5, $id, $title_gradebook, $weight_calification, $value_calification, $description, 1, api_get_session_id()); + add_resource_to_course_gradebook( + $values['category_id'], + api_get_course_id(), + 5, + $id, + $title_gradebook, + $weight_calification, + $value_calification, + $description, + 1, + api_get_session_id() + ); } else { Database::query('UPDATE '.$table_link.' SET weight='.$weight_calification.' WHERE id='.$link_id.''); } @@ -222,7 +247,11 @@ if (!empty($values) and isset($_POST['SubmitPost'])) { } else { // Only show Forum attachment ajax form when do not pass form submit echo '
'; - $attachmentAjaxForm = getAttachmentAjaxForm($current_forum['forum_id'], $current_thread['thread_id'], $current_post['post_id']); + $attachmentAjaxForm = getAttachmentAjaxForm( + $current_forum['forum_id'], + $current_thread['thread_id'], + $current_post['post_id'] + ); echo $attachmentAjaxForm; echo '
'; } @@ -230,4 +259,4 @@ if (!empty($values) and isset($_POST['SubmitPost'])) { // Footer if ($origin != 'learnpath') { Display :: display_footer(); -} \ No newline at end of file +} diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index 298e107147..3ba48ce43b 100755 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -1744,10 +1744,11 @@ function get_threads($forum_id, $course_code = null) thread.locked as locked FROM $table_threads thread INNER JOIN $table_item_property item_properties - ON thread.thread_id=item_properties.ref AND - item_properties.c_id = $course_id AND - thread.c_id = $course_id AND - item_properties.tool='".TABLE_FORUM_THREAD."'$groupCondition + ON + thread.thread_id=item_properties.ref AND + item_properties.c_id = $course_id AND + thread.c_id = $course_id AND + item_properties.tool='".TABLE_FORUM_THREAD."'$groupCondition LEFT JOIN $table_users users ON thread.thread_poster_id=users.user_id WHERE @@ -1767,7 +1768,7 @@ function get_threads($forum_id, $course_code = null) /** * Retrieve all posts of a given thread * - * @return an array containing all the information about the posts of a given thread + * @return array containing all the information about the posts of a given thread * * @author Patrick Cool , Ghent University * @version february 2006, dokeos 1.8 @@ -1807,6 +1808,7 @@ function get_posts($thread_id) ORDER BY posts.post_id ASC"; } $result = Database::query($sql); + $post_list = array(); while ($row = Database::fetch_array($result)) { $post_list[] = $row; } @@ -2796,13 +2798,11 @@ function store_reply($current_forum, $values) */ function show_edit_post_form($forum_setting, $current_post, $current_thread, $current_forum, $form_values = '', $id_attach = 0) { - $gradebook = Security::remove_XSS($_GET['gradebook']); - // Initialize the object. $form = new FormValidator( 'edit_post', 'post', - api_get_self().'?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&gradebook='.$gradebook.'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']) + api_get_self().'?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']) ); $form->addElement('header', get_lang('EditPost')); // Setting the form elements. @@ -3914,9 +3914,9 @@ function search_link() /** * This function adds an attachment file into a forum - * @param string a comment about file - * @param int last id from forum_post table - * @return void + * @param string $file_comment a comment about file + * @param int $last_id from forum_post table + * @return int|bool */ function add_forum_attachment_file($file_comment, $last_id) { @@ -3935,7 +3935,10 @@ function add_forum_attachment_file($file_comment, $last_id) $updir = $sys_course_path.$course_dir; // Try to add an extension to the file if it hasn't one. - $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); + $new_file_name = add_ext_on_mime( + stripslashes($_FILES['user_upload']['name']), + $_FILES['user_upload']['type'] + ); // User's file name $file_name = $_FILES['user_upload']['name']; @@ -3954,10 +3957,15 @@ function add_forum_attachment_file($file_comment, $last_id) $sql = "INSERT INTO $agenda_forum_attachment (c_id, filename, comment, path, post_id, size) VALUES (".api_get_course_int_id().", '$safe_file_name', '$safe_file_comment', '$safe_new_file_name' , '$last_id', '".intval($_FILES['user_upload']['size'])."' )"; Database::query($sql); - $message .= ' / '.get_lang('FileUploadSucces').'
'; $last_id_file = Database::insert_id(); - api_item_property_update($_course, TOOL_FORUM_ATTACH, $last_id_file, 'ForumAttachmentAdded', api_get_user_id()); + api_item_property_update( + $_course, + TOOL_FORUM_ATTACH, + $last_id_file, + 'ForumAttachmentAdded', + api_get_user_id() + ); return $last_id_file; } @@ -4965,8 +4973,7 @@ function getAttachedFiles($forumId, $threadId, $postId = null, $attachId = null, // Set result as succes and bring delete URL $json['result'] = Display::return_icon('accept.png', get_lang('Uploaded')); $json['delete'] = '' . Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL) . ''; } else { diff --git a/main/forum/viewthread_flat.inc.php b/main/forum/viewthread_flat.inc.php index 8ceea559f9..16ec6d71e0 100755 --- a/main/forum/viewthread_flat.inc.php +++ b/main/forum/viewthread_flat.inc.php @@ -89,7 +89,7 @@ if (isset($current_thread['thread_id'])) { $my_forum_id = $info_thread['forum_id']; } if ($increment > 0 && $locked == false) { - echo "". + echo "". Display::return_icon('quiz.gif',get_lang('Qualify'))." "; } }