diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index 5673de58ef..660d02f36a 100644 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -1526,18 +1526,18 @@ function get_threads($forum_id, $course_code = null) $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); $table_users = Database :: get_main_table(TABLE_MAIN_USER); - $thread_list = array(); // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement - // because we also have thread.* in it. This is because thread has a field locked and post also has the same field - // since we are merging these we would have the post.locked value but in fact we want the thread.locked value - // This is why it is added to the end of the field selection - - $sql = "SELECT thread.*, - item_properties.*, - users.firstname, - users.lastname, - users.user_id, - thread.locked as locked + // because we also have thread.* in it. This is because thread has a field locked and post also has the same field + // since we are merging these we would have the post.locked value but in fact we want the thread.locked value + // This is why it is added to the end of the field selection + + $sql = "SELECT + thread.*, + item_properties.*, + users.firstname, + users.lastname, + users.user_id, + thread.locked as locked FROM $table_threads thread INNER JOIN $table_item_property item_properties ON thread.thread_id=item_properties.ref AND @@ -1553,15 +1553,16 @@ function get_threads($forum_id, $course_code = null) if (is_allowed_to_edit()) { // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement - // because we also have thread.* in it. This is because thread has a field locked and post also has the same field - // since we are merging these we would have the post.locked value but in fact we want the thread.locked value - // This is why it is added to the end of the field selection - $sql = "SELECT thread.*, - item_properties.*, - users.firstname, - users.lastname, - users.user_id, - thread.locked as locked + // because we also have thread.* in it. This is because thread has a field locked and post also has the same field + // since we are merging these we would have the post.locked value but in fact we want the thread.locked value + //This is why it is added to the end of the field selection + $sql = "SELECT + thread.*, + item_properties.*, + users.firstname, + users.lastname, + users.user_id, + thread.locked as locked FROM $table_threads thread INNER JOIN $table_item_property item_properties ON thread.thread_id=item_properties.ref AND @@ -1576,6 +1577,7 @@ function get_threads($forum_id, $course_code = null) ORDER BY thread.thread_sticky DESC, thread.thread_date DESC"; } $result = Database::query($sql); + $thread_list = array(); while ($row = Database::fetch_array($result, 'ASSOC')) { $thread_list[] = $row; } @@ -2127,15 +2129,17 @@ function show_add_post_form($action = '', $id = '', $form_values = '') global $_user; global $origin; - $gradebook = Security::remove_XSS($_GET['gradebook']); + $gradebook = isset($_GET['gradebook']) ? Security::remove_XSS($_GET['gradebook']) : null; + $action = isset($_GET['action']) ? Security::remove_XSS($_GET['action']) : null; + // Setting the class and text of the form title and submit button. - if ($_GET['action'] == 'quote') { + if ($action == 'quote') { $class = 'save'; $text = get_lang('QuoteMessage'); - } elseif ($_GET['action'] == 'replythread') { + } elseif ($action == 'replythread') { $class = 'save'; $text = get_lang('ReplyToThread'); - } elseif ($_GET['action'] == 'replymessage') { + } elseif ($action == 'replymessage') { $class = 'save'; $text = get_lang('ReplyToMessage'); } else { @@ -2146,10 +2150,13 @@ function show_add_post_form($action = '', $id = '', $form_values = '') // Initialize the object. $my_thread = isset($_GET['thread']) ? $_GET['thread'] : ''; $my_forum = isset($_GET['forum']) ? $_GET['forum'] : ''; - $my_action = isset($_GET['action']) ? $_GET['action'] : ''; $my_post = isset($_GET['post']) ? $_GET['post'] : ''; $my_gradebook = isset($_GET['gradebook']) ? Security::remove_XSS($_GET['gradebook']) : ''; - $form = new FormValidator('thread', 'post', api_get_self().'?forum='.Security::remove_XSS($my_forum).'&gradebook='.$gradebook.'&thread='.Security::remove_XSS($my_thread).'&post='.Security::remove_XSS($my_post).'&action='.Security::remove_XSS($my_action).'&origin='.$origin); + $form = new FormValidator( + 'thread', + 'post', + api_get_self().'?forum='.Security::remove_XSS($my_forum).'&gradebook='.$gradebook.'&thread='.Security::remove_XSS($my_thread).'&post='.Security::remove_XSS($my_post).'&action='.$action.'&origin='.$origin + ); $form->setConstants(array('forum' => '5')); $form->addElement('header', $text); diff --git a/main/forum/iframe_thread.php b/main/forum/iframe_thread.php index 639f1f5be3..1c0a592cd0 100644 --- a/main/forum/iframe_thread.php +++ b/main/forum/iframe_thread.php @@ -54,7 +54,7 @@ require_once 'forumfunction.inc.php'; // but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table. $current_thread=get_thread_information($_GET['thread']); // Note: this has to be validated that it is an existing thread. $current_forum=get_forum_information($current_thread['forum_id']); // Note: this has to be validated that it is an existing forum. -$current_forum_category=get_forumcategory_information($current_forum['forum_category']); +$current_forum_category = get_forumcategory_information($current_forum['forum_category']); /* Is the user allowed here? */ @@ -76,8 +76,8 @@ $course_id = api_get_course_int_id(); // but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table. $sql = "SELECT * FROM $table_posts posts, $table_users users - WHERE - posts.c_id = $course_id AND + WHERE + posts.c_id = $course_id AND posts.thread_id='".$current_thread['thread_id']."' AND posts.poster_id=users.user_id ORDER BY posts.post_id ASC"; @@ -108,4 +108,4 @@ echo ""; ?> - \ No newline at end of file + diff --git a/main/forum/newthread.php b/main/forum/newthread.php index f1922df24a..4302a0d55a 100644 --- a/main/forum/newthread.php +++ b/main/forum/newthread.php @@ -155,7 +155,7 @@ handle_forum_and_forumcategories(); // Action links echo '
'; echo ''.search_link().''; -echo ''.Display::return_icon('back.png',get_lang('BackToForum'),'',ICON_SIZE_MEDIUM).''; +echo ''.Display::return_icon('back.png',get_lang('BackToForum'),'',ICON_SIZE_MEDIUM).''; echo '
'; $values = show_add_post_form('newthread', '', isset($_SESSION['formelements']) ? $_SESSION['formelements'] : null); diff --git a/main/forum/reply.php b/main/forum/reply.php index e8137c1439..5090e6152b 100644 --- a/main/forum/reply.php +++ b/main/forum/reply.php @@ -92,6 +92,7 @@ if ($current_forum['forum_of_group'] != 0) { } /* Breadcrumbs */ +$gradebook = null; if (isset($_SESSION['gradebook'])){ $gradebook = Security::remove_XSS($_SESSION['gradebook']); } diff --git a/main/forum/viewforum.php b/main/forum/viewforum.php index d36c783d41..c1dec412d3 100644 --- a/main/forum/viewforum.php +++ b/main/forum/viewforum.php @@ -99,7 +99,7 @@ if (!empty($group_id)) { $my_search = isset($_GET['search']) ? $_GET['search'] : ''; $my_action = isset($_GET['action']) ? $_GET['action'] : ''; - +$gradebook = null; if (isset($_SESSION['gradebook'])){ $gradebook = $_SESSION['gradebook']; } @@ -336,7 +336,7 @@ $counter = 0; if (is_array($threads)) { foreach ($threads as $row) { // Thread who have no replies yet and the only post is invisible should not be displayed to students. - if (api_is_allowed_to_edit(false, true) OR !($row['thread_replies'] == '0' AND $row['visible'] == '0')) { + if (api_is_allowed_to_edit(false, true) OR !($row['thread_replies'] == '0' AND $row['visibility'] == '0')) { if ($counter % 2 == 0) { $class = 'row_odd'; } else { @@ -375,7 +375,7 @@ if (is_array($threads)) { if ($last_post_info) { $poster_info = api_get_user_info($last_post_info['poster_id']); $post_date = api_convert_and_format_date($last_post_info['post_date']); - $last_post = $post_date.' '.get_lang('By').' '.display_user_link($last_post_info['poster_id'], $poster_info['complete_name'], '', $poster_info['user_name']); + $last_post = $post_date.' '.get_lang('By').' '.display_user_link($last_post_info['poster_id'], $poster_info['complete_name'], '', $poster_info['username']); } /* if ($row['last_poster_user_id'] == '0') { @@ -407,8 +407,11 @@ if (is_array($threads)) { echo ''.$last_post.''; echo ''; + // Get attachment id. - $attachment_list = get_attachment($row['post_id']); + if (isset($row['post_id'])) { + $attachment_list = get_attachment($row['post_id']); + } $id_attach = !empty($attachment_list) ? $attachment_list['id'] : ''; $sql_post_id = "SELECT post_id FROM $table_posts WHERE c_id = $course_id AND post_title='".Database::escape_string($row['thread_title'])."'"; diff --git a/main/forum/viewforumcategory.php b/main/forum/viewforumcategory.php index 7b6584de89..78365968f6 100644 --- a/main/forum/viewforumcategory.php +++ b/main/forum/viewforumcategory.php @@ -58,6 +58,7 @@ require 'forumconfig.inc.php'; require_once 'forumfunction.inc.php'; /* Header and Breadcrumbs */ +$gradebook = null; if (isset($_SESSION['gradebook'])) { $gradebook= $_SESSION['gradebook']; } @@ -94,7 +95,7 @@ if ($origin=='learnpath') { } /* ACTIONS */ -$whatsnew_post_info = $_SESSION['whatsnew_post_info']; +$whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null; /* Is the user allowed here? */ diff --git a/main/forum/viewthread.php b/main/forum/viewthread.php index 79e0b90698..d530036a34 100644 --- a/main/forum/viewthread.php +++ b/main/forum/viewthread.php @@ -29,10 +29,12 @@ $origin = ''; if (isset($_GET['origin'])) { $origin = Security::remove_XSS($_GET['origin']); } +$my_search = null; +$gradebook = null; /* MAIN DISPLAY SECTION */ -/* Retrieving forum and forum categorie information */ +/* Retrieving forum and forum category information */ // We are getting all the information about the current forum and forum category. // Note pcool: I tried to use only one sql statement (and function) for this, @@ -42,7 +44,7 @@ $current_thread = get_thread_information($_GET['thread']); // Note: This has to be validated that it is an existing forum. $current_forum = get_forum_information($current_thread['forum_id']); $current_forum_category = get_forumcategory_information($current_forum['forum_category']); -$whatsnew_post_info = $_SESSION['whatsnew_post_info']; // This variable should be deprecated? +$whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null; // This variable should be deprecated? /* Header and Breadcrumbs */