if (SystemAnnouncementManager::update_announcement($values['id'],$values['title'],$values['content'],$values['start'],$values['end'],$values['visible_teacher'],$values['visible_student'],$values['visible_guest'], $values['lang'],$values['send_mail']))
// 1. the forumcategory, forum or thread is invisible (visibility==0)
// 1. the forumcategory, forum or thread is invisible (visibility==0)
// 2. the forumcategory, forum or thread is locked (locked <>0)
// 2. the forumcategory, forum or thread is locked (locked <>0)
// 3. if anonymous posts are not allowed
// 3. if anonymous posts are not allowed
// 4. if editing of replies is not allowed
// 4. if editing of replies is not allowed
// The only exception is the course manager
// The only exception is the course manager
// I have split this is several pieces for clarity.
// I have split this is several pieces for clarity.
//if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0) OR ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)))
//if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0) OR ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0))) {
if (!api_is_allowed_to_edit(null,true) AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) {
if (!api_is_allowed_to_edit(null,true) AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) {
$forum_allow = forum_not_allowed_here();
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
if ($forum_allow === false) {
exit;
exit;
}
}
}
}
if (!api_is_allowed_to_edit(null,true) AND ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)) {
if (!api_is_allowed_to_edit(null,true) AND ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)) {
$forum_allow = forum_not_allowed_here();
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
if ($forum_allow === false) {
exit;
exit;
}
}
}
}
if (!$_user['user_id'] AND $current_forum['allow_anonymous']==0) {
if (!$_user['user_id'] AND $current_forum['allow_anonymous']==0) {
$forum_allow = forum_not_allowed_here();
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
if ($forum_allow === false) {
exit;
exit;
}
}
}
}
if (!api_is_allowed_to_edit(null,true) AND $current_forum['allow_edit']==0) {
if (!api_is_allowed_to_edit(null,true) AND $current_forum['allow_edit']==0) {
// the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string
// The last element of the breadcrumb navigation is already set in interbreadcrumb, so give an empty string.
Display :: display_header('');
Display :: display_header('');
api_display_tool_title($nameTools);
api_display_tool_title($nameTools);
}
}
/* Is the user allowed here? */
/* Is the user allowed here? */
// The user is not allowed here if
// The user is not allowed here if
// 1. the forumcategory, forum or thread is invisible (visibility==0
// 1. the forumcategory, forum or thread is invisible (visibility==0
@ -118,47 +125,48 @@ if($origin=='learnpath') {
// 3. if anonymous posts are not allowed
// 3. if anonymous posts are not allowed
// The only exception is the course manager
// The only exception is the course manager
// I have split this is several pieces for clarity.
// I have split this is several pieces for clarity.
//if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0) OR ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)))
//if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0) OR ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0))) {
if (!api_is_allowed_to_edit(false,true) AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) {
if (!api_is_allowed_to_edit(false,true) AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) {
$forum_allow = forum_not_allowed_here();
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
if ($forum_allow === false) {
exit;
exit;
}
}
}
}
if (!api_is_allowed_to_edit(false,true) AND ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)) {
if (!api_is_allowed_to_edit(false,true) AND ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)) {
$forum_allow = forum_not_allowed_here();
$forum_allow = forum_not_allowed_here();
if ($forum_allow === false) {
if ($forum_allow === false) {
exit;
exit;
}
}
}
}
if (!$_user['user_id'] AND $current_forum['allow_anonymous']==0) {
if (!$_user['user_id'] AND $current_forum['allow_anonymous']==0) {
// Change visibility of a forum or a forum category
// Change visibility of a forum or a forum category.
if (($my_action=='invisible' OR $my_action=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
if (($my_action=='invisible' OR $my_action=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
$message=change_visibility($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first
$message=change_visibility($_GET['content'], $_GET['id'], $_GET['action']); // Note: This has to be cleaned first.
}
}
// locking and unlocking
// Locking and unlocking.
if (($my_action=='lock' OR $my_action=='unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
if (($my_action=='lock' OR $my_action=='unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
$message=change_lock_status($_GET['content'], $_GET['id'],$my_action);// note: this has to be cleaned first
$message=change_lock_status($_GET['content'], $_GET['id'], $my_action); // Note: This has to be cleaned first.
}
}
// deleting
// Deleting.
if ($my_action=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
if ($my_action=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
$message=delete_forum_forumcategory_thread($_GET['content'],$_GET['id']); // note: this has to be cleaned first
$message=delete_forum_forumcategory_thread($_GET['content'], $_GET['id']); // Note: This has to be cleaned first.
//delete link
// Delete link
$sql_link='DELETE FROM '.$table_link.' WHERE ref_id='.intval($_GET['id']).' and type=5 and course_code="'.api_get_course_id().'";';
$sql_link='DELETE FROM '.$table_link.' WHERE ref_id='.intval($_GET['id']).' and type=5 and course_code="'.api_get_course_id().'";';
Database::query($sql_link);
Database::query($sql_link);
}
}
// moving
// Moving.
if ($my_action=='move' and isset($_GET['thread']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
if ($my_action == 'move' AND isset($_GET['thread']) AND api_is_allowed_to_edit(false,true) && api_is_allowed_to_session_edit(false,true)) {
$message=move_thread_form();
$message=move_thread_form();
}
}
// notification
// Notification.
if ($my_action == 'notify' AND isset($_GET['content']) AND isset($_GET['id']) && api_is_allowed_to_session_edit(false,true)) {
if ($my_action == 'notify' AND isset($_GET['content']) AND isset($_GET['id']) && api_is_allowed_to_session_edit(false,true)) {
// 2. the course member is here and new threads are allowed
// 2. the course member is here and new threads are allowed
// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed
// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
$last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC";
$last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC";
$last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC";
$last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC";
// step 4: we display all the forums in this category.
// Step 4: We display all the forums in this category.
$forum_count=0;
$forum_count=0;
foreach ($forum_list as $key=>$forum) {
foreach ($forum_list as $key=>$forum) {
if ($forum['forum_category']==$forum_category['cat_id']) {
if ($forum['forum_category']==$forum_category['cat_id']) {
// the forum has to be showed if
// The forum has to be showed if
// 1.v it is a not a group forum (teacher and student)
// 1.v it is a not a group forum (teacher and student)
// 2.v it is a group forum and it is public (teacher and student)
// 2.v it is a group forum and it is public (teacher and student)
// 3. it is a group forum and it is private (always for teachers only if the user is member of the forum
// 3. it is a group forum and it is private (always for teachers only if the user is member of the forum
// if the forum is private and it is a group forum and the user is not a member of the group forum then it cannot be displayed
// if the forum is private and it is a group forum and the user is not a member of the group forum then it cannot be displayed
//if (!($forum['forum_group_public_private']=='private' AND !is_null($forum['forum_of_group']) AND !in_array($forum['forum_of_group'], $groups_of_user)))
//if (!($forum['forum_group_public_private']=='private' AND !is_null($forum['forum_of_group']) AND !in_array($forum['forum_of_group'], $groups_of_user))) {
//{
$show_forum = false;
$show_forum=false;
// SHOULD WE SHOW THIS PARTICULAR FORUM
// SHOULD WE SHOW THIS PARTICULAR FORUM
// you are teacher => show forum
// you are teacher => show forum
if (api_is_allowed_to_edit(false,true)) {
if (api_is_allowed_to_edit(false,true)) {
//echo 'teacher';
//echo 'teacher';
$show_forum=true;
$show_forum=true;
} else {
} else {
// you are not a teacher
// you are not a teacher
//echo 'student';
//echo 'student';
// it is not a group forum => show forum (invisible forums are already left out see get_forums function)
// it is not a group forum => show forum (invisible forums are already left out see get_forums function)
if ($forum['forum_of_group']=='0') {
if ($forum['forum_of_group']=='0') {
//echo '-gewoon forum';
//echo '-gewoon forum';
$show_forum=true;
$show_forum=true;
} else {
} else {
// it is a group forum
// it is a group forum
//echo '-groepsforum';
//echo '-groepsforum';
// it is a group forum but it is public => show
// it is a group forum but it is public => show
if ($forum['forum_group_public_private']=='public') {
if ($forum['forum_group_public_private']=='public') {
$show_forum=true;
$show_forum=true;
//echo '-publiek';
//echo '-publiek';
} else {
} else {
// it is a group forum and it is private
// it is a group forum and it is private
//echo '-prive';
//echo '-prive';
// it is a group forum and it is private but the user is member of the group
// it is a group forum and it is private but the user is member of the group
if (in_array($forum['forum_of_group'],$groups_of_user)) {
if (in_array($forum['forum_of_group'],$groups_of_user)) {
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if ((api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ((api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
echo ' ';
echo ' ';
/* if ( isset($_GET['gradebook']) && $_GET['gradebook']!=""){
/* if ( isset($_GET['gradebook']) && $_GET['gradebook'] != '') {
} else if (isset($_GET['action']) && $_GET['action'] == 'edit_glossary' && is_numeric($_GET['glossary_id'])) { // Editing a glossary
} else if (isset($_GET['action']) && $_GET['action'] == 'edit_glossary' && is_numeric($_GET['glossary_id'])) { // Editing a glossary
// initiate the object
// initiate the object
$form = new FormValidator('glossary','post', api_get_self().'?action='.Security::remove_XSS($_GET['action']).'&glossary_id='.Security::remove_XSS($_GET['glossary_id']));
$form = new FormValidator('glossary','post', api_get_self().'?action='.Security::remove_XSS($_GET['action']).'&glossary_id='.Security::remove_XSS($_GET['glossary_id']));
Ivan Tcholakov
15 years ago