chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r17217] minor - style changes - defined variable

Browse Source
skala
Isaac Flores 17 years ago
parent a4790ed19b
commit c049d31aff
9 changed files with 120 additions and 95 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      main/forum/editpost.php
  2. 70
      main/forum/forumfunction.inc.php
  3. 2
      main/forum/iframe_thread.php
  4. 8
      main/forum/index.php
  5. 4
      main/forum/newthread.php
  6. 5
      main/forum/reply.php
  7. 67
      main/forum/viewforum.php
  8. 19
      main/forum/viewforumcategory.php
  9. 33
      main/forum/viewthread.php

7
main/forum/editpost.php
Unescape View File

@ -1,5 +1,4 @@
<?php // $Id: $
<?php
/*
==============================================================================
Dokeos - elearning and course management software
@ -190,11 +189,11 @@ echo "\t</tr>\n";
echo '</table>';
// the form for the reply
$values=show_edit_post_form($current_post, $current_thread, $current_forum, $_SESSION['formelements']);
$values=show_edit_post_form($current_post, $current_thread, $current_forum, isset($_SESSION['formelements'])?$_SESSION['formelements']:'');
if (!empty($values) and $_POST['SubmitPost']) {
store_edit_post($values);
$option_chek=$values['thread_qualify_gradebook'];// values 1 or 0
$option_chek=isset($values['thread_qualify_gradebook'])?$values['thread_qualify_gradebook']:null;// values 1 or 0
if ( 1== $option_chek ) {
$id=$values['thread_id'];
$title_gradebook=$values['calification_notebook_title'];

70
main/forum/forumfunction.inc.php
Unescape View File

@ -1639,9 +1639,9 @@ function store_thread($values) {
VALUES ('".$clean_post_title."',
'".Database::escape_string($values['forum_id'])."',
'".Database::escape_string($_user['user_id'])."',
'".Database::escape_string($values['poster_name'])."',
'".Database::escape_string(isset($values['poster_name'])?$values['poster_name']:null)."',
'".Database::escape_string($post_date)."',
'".Database::escape_string($values['thread_sticky'])."'," .
'".Database::escape_string(isset($values['thread_sticky'])?$values['thread_sticky']:null)."'," .
"'".Database::escape_string($values['calification_notebook_title'])."'," .
"'".Database::escape_string($values['numeric_calification'])."'," .
"'".Database::escape_string($values['weight_calification'])."'," .
@ -1651,7 +1651,7 @@ function store_thread($values) {
//add option gradebook qualify
if( 1==$values['thread_qualify_gradebook']) {
if(isset($values['thread_qualify_gradebook']) && 1==$values['thread_qualify_gradebook']) {
//add function gradebook
$coursecode=api_get_course_id();
$resourcetype=5;
@ -1683,9 +1683,9 @@ function store_thread($values) {
'".Database::escape_string($last_thread_id)."',
'".Database::escape_string($values['forum_id'])."',
'".Database::escape_string($_user['user_id'])."',
'".Database::escape_string($values['poster_name'])."',
'".Database::escape_string(isset($values['poster_name'])?$values['poster_name']:null)."',
'".Database::escape_string($post_date)."',
'".Database::escape_string($values['post_notification'])."','0',
'".Database::escape_string(isset($values['post_notification'])?$values['post_notification']:null)."','0',
'".Database::escape_string($visible)."')";
api_sql_query($sql, __FILE__,__LINE__);
$last_post_id=Database::insert_id();
@ -1738,8 +1738,8 @@ function store_thread($values) {
$message.=get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&forum='.$values['forum_id'].'&origin='.$origin.'&amp;thread='.$last_thread_id.'">'.get_lang('Message').'</a>';
}
$reply_info['new_post_id'] = $last_post_id;
if ($values['post_notification'] == 1) {
$my_post_notification=isset($values['post_notification']) ? $values['post_notification'] : null;
if ($my_post_notification == 1) {
set_notification('thread',$last_thread_id, true);
}
@ -1775,13 +1775,18 @@ function show_add_post_form($action='', $id='', $form_values='') {
global $charset;
// initiate the object
$form = new FormValidator('thread', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin);
$my_thread = isset($_GET['thread']) ? $_GET['thread']:'';
$my_forum = isset($_GET['forum']) ? $_GET['forum']:'';
$my_action = isset($_GET['action']) ? $_GET['action']:'';
$my_post = isset($_GET['post']) ? $_GET['post']:'';
$my_gradebook = isset($_GET['gradebook']) ? $_GET['gradebook']:'';
$form = new FormValidator('thread', 'post', api_get_self().'?forum='.Security::remove_XSS($my_forum).'&thread='.Security::remove_XSS($my_thread).'&post='.Security::remove_XSS($my_post).'&action='.Security::remove_XSS($my_action).'&origin='.$origin);
$form->setConstants(array('forum' => '5'));
// settting the form elements
$form->addElement('hidden', 'forum_id', strval(intval($_GET['forum'])));
$form->addElement('hidden', 'thread_id', strval(intval($_GET['thread'])));
$form->addElement('hidden', 'gradebook', $_GET['gradebook']);
$form->addElement('hidden', 'forum_id', strval(intval($my_forum)));
$form->addElement('hidden', 'thread_id', strval(intval($my_thread)));
$form->addElement('hidden', 'gradebook', $my_gradebook);
// if anonymous posts are allowed we also display a form to allow the user to put his name or username in
if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id'])) {
@ -1813,7 +1818,7 @@ function show_add_post_form($action='', $id='', $form_values='') {
$info =api_get_user_info($userid);
$courseid=api_get_course_id();
if( (api_is_course_admin() || api_is_course_coach() || api_is_course_tutor()) && !($_GET['thread']) ){
if( (api_is_course_admin() || api_is_course_coach() || api_is_course_tutor()) && !($my_thread) ){
// thread qualify
$form->addElement('static','Group', '<br /><strong>'.get_lang('QualifyThread').'</strong>');
$form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook'));
@ -1838,12 +1843,12 @@ function show_add_post_form($action='', $id='', $form_values='') {
// if we are quoting a message we have to retrieve the information of the post we are quoting so that
// we can add this as default to the textarea
if (($action=='quote' || $action=='replymessage') && isset($_GET['post'])) {
if (($action=='quote' || $action=='replymessage') && isset($my_post)) {
// we also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!)
$form->addElement('hidden', 'post_parent_id', strval(intval($_GET['post']))); // note this has to be cleaned first
$form->addElement('hidden', 'post_parent_id', strval(intval($my_post))); // note this has to be cleaned first
// if we are replying or are quoting then we display a default title.
$values=get_post_information($_GET['post']); // note: this has to be cleaned first
$values=get_post_information($my_post); // note: this has to be cleaned first
$defaults['post_title']=get_lang('ReplyShort').html_entity_decode($values['post_title'],ENT_QUOTES,$charset);
// When we are quoting a message then we have to put that message into the wysiwyg editor.
// note: the style has to be hardcoded here because using class="quote" didn't work
@ -1851,7 +1856,7 @@ function show_add_post_form($action='', $id='', $form_values='') {
$defaults['post_text']='<div>&nbsp;</div><div style="margin: 5px;"><div style="font-size: 90%; font-style: italic;">'.get_lang('Quoting').' '.$values['firstname'].' '.$values['lastname'].':</div><div style="color: #006600; font-size: 90%; font-style: italic; background-color: #FAFAFA; border: #D1D7DC 1px solid; padding: 3px;">'.prepare4display($values['post_text']).'</div></div><div>&nbsp;</div><div>&nbsp;</div>';
}
}
$form->setDefaults($defaults);
$form->setDefaults(isset($defaults)?$defaults:null);
// the course admin can make a thread sticky (=appears with special icon and always on top)
$form->addRule('post_title', '<div class="required">'.get_lang('ThisFieldIsRequired'), 'required');
@ -1875,7 +1880,7 @@ function show_add_post_form($action='', $id='', $form_values='') {
$form->display();
echo '<br />';
if ($forum_setting['show_thread_iframe_on_reply'] and $action<>'newthread') {
echo "<iframe src=\"iframe_thread.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."#".Security::remove_XSS($_GET['post'])."\" width=\"80%\"></iframe>";
echo "<iframe src=\"iframe_thread.php?forum=".Security::remove_XSS($my_forum)."&amp;thread=".Security::remove_XSS($my_thread)."#".Security::remove_XSS($my_post)."\" width=\"80%\"></iframe>";
}
}
}
@ -2062,13 +2067,13 @@ function store_reply($values) {
// We first store an entry in the forum_post table
$sql="INSERT INTO $table_posts (post_title, post_text, thread_id, forum_id, poster_id, post_date, post_notification, post_parent_id, visible)
VALUES ('".Database::escape_string($values['post_title'])."',
'".Database::escape_string($values['post_text'])."',
'".Database::escape_string(isset($values['post_text']) ? $values['post_text'] : null)."',
'".Database::escape_string($values['thread_id'])."',
'".Database::escape_string($values['forum_id'])."',
'".Database::escape_string($_user['user_id'])."',
'".Database::escape_string($post_date)."',
'".Database::escape_string($values['post_notification'])."',
'".Database::escape_string($values['post_parent_id'])."',
'".Database::escape_string(isset($values['post_notification'])?$values['post_notification']:null)."',
'".Database::escape_string(isset($values['post_parent_id'])?$values['post_parent_id']:null)."',
'".Database::escape_string($visible)."')";
$result=api_sql_query($sql, __LINE__, __FILE__);
$new_post_id=Database::insert_id();
@ -2124,7 +2129,8 @@ function store_reply($values) {
$message.=get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&forum='.$values['forum_id'].'&amp;thread='.$values['thread_id'].'&origin='.$origin.'">'.get_lang('Message').'</a>';
// setting the notification correctly
if ($values['post_notification'] == 1) {
$my_post_notification=isset($values['post_notification']) ? $values['post_notification'] :null;
if ($my_post_notification == 1) {
set_notification('thread',$values['thread_id'], true);
}
@ -2171,7 +2177,7 @@ function show_edit_post_form($current_post, $current_thread, $current_forum, $fo
}
$form->addElement('text', 'post_title', get_lang('Title'),'class="input_titles"');
$form->addElement('html_editor', 'post_text', get_lang('Text'));
if (!$_GET['edit']) {
if (!isset($_GET['edit'])) {
$form->addElement('static','Group', '<br /><strong>'.get_lang('AlterQualifyThread').'</strong>');
$form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook'));
$defaults['thread_qualify_gradebook']=is_resource_in_course_gradebook(api_get_course_id(),5,$_GET['thread'],api_get_session_id());
@ -2192,7 +2198,7 @@ function show_edit_post_form($current_post, $current_thread, $current_forum, $fo
}
}
if ($current_forum['allow_attachments']=='1' OR api_is_allowed_to_edit()) {
if (empty($form_values) AND !$_POST['SubmitPost']) {
if (empty($form_values) AND !isset($_POST['SubmitPost'])) {
//edit_added_resources('forum_post',$current_post['post_id']);
}
//$form->add_resource_button();
@ -2245,7 +2251,7 @@ function store_edit_post($values) {
// first we check if the change affects the thread and if so we commit the changes (sticky and post_title=thread_title are relevant)
if (array_key_exists('is_first_post_of_thread',$values) AND $values['is_first_post_of_thread']=='1') {
$sql="UPDATE $table_threads SET thread_title='".Database::escape_string($values['post_title'])."',
thread_sticky='".Database::escape_string($values['thread_sticky'])."'," .
thread_sticky='".Database::escape_string(isset($values['thread_sticky']) ? $values['thread_sticky'] : null)."'," .
"thread_title_qualify='".Database::escape_string($values['calification_notebook_title'])."'," .
"thread_qualify_max='".Database::escape_string($values['numeric_calification'])."',".
"thread_weight='".Database::escape_string($values['weight_calification'])."'".
@ -2257,7 +2263,7 @@ function store_edit_post($values) {
// update the post_title and the post_text
$sql="UPDATE $table_posts SET post_title='".Database::escape_string($values['post_title'])."',
post_text='".Database::escape_string($values['post_text'])."',
post_notification='".Database::escape_string($values['post_notification'])."'
post_notification='".Database::escape_string(isset($values['post_notification'])?$values['post_notification']:null)."'
WHERE post_id='".Database::escape_string($values['post_id'])."'";
//error_log($sql);
api_sql_query($sql,__FILE__, __LINE__);
@ -2266,7 +2272,8 @@ function store_edit_post($values) {
$ccode = api_get_course_id();
$sid = api_get_session_id();
$link_id = is_resource_in_course_gradebook($ccode,5,$values['thread_id'],$sid);
if ($values['thread_qualify_gradebook']!=1) {
$thread_qualify_gradebook=isset($values['thread_qualify_gradebook']) ? $values['thread_qualify_gradebook'] : null;
if ($thread_qualify_gradebook!=1) {
if ($link_id !== false) {
remove_resource_from_course_gradebook($link_id);
}
@ -3103,10 +3110,11 @@ function delete_attachment($id) {
$sql = 'DELETE FROM '. $forum_table_attachment.' WHERE post_id ="'.$id.'"';
$result=api_sql_query($sql, __FILE__, __LINE__);
$courseDir = $_course['path'].'/upload/forum';
$courseDir = $_course['path'].'/upload/forum';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$updir = $sys_course_path.$courseDir;
$file=$updir.'/'.$attach_list['path'];
$updir = $sys_course_path.$courseDir;
$my_path =isset($attach_list['path']) ? $attach_list['path'] : null;
$file =$updir.'/'.$my_path;
api_item_property_update($_course, TOOL_FORUM_ATTACH, $id ,'ForumAttachmentDelete', api_get_user_id());
@ -3314,7 +3322,9 @@ function send_notifications($forum_id=0, $thread_id=0, $post_id=0) {
// the content of the mail
$email_subject = get_lang('NewForumPost')." - ".$_course['official_code'];
$thread_link= api_get_path('WEB_CODE_PATH').'forum/viewthread.php?'.api_get_cidreq().'&forum='.$forum_id.'&thread='.$thread_id;
$message .= $link;
$my_link=isset($link)?$link:'';
$my_message=isset($message)?$message:'';
$my_message .= $my_link;
// users who subscribed to the forum
if ($forum_id<>0) {

2
main/forum/iframe_thread.php
Unescape View File

@ -65,7 +65,7 @@
*/
// name of the language file that needs to be included
$language_file = 'forum';
$this_section=SECTION_COURSES;
//$this_section=SECTION_COURSES;
require_once '../inc/global.inc.php';
/* ------------ ACCESS RIGHTS ------------ */
// notice for unauthorized people.

8
main/forum/index.php
Unescape View File

@ -251,7 +251,7 @@ if ($get_actions!='add' && $get_actions!='edit' ) {
// Here we clean the whatnew_post_info array a little bit because to display the icon we
// test if $whatsnew_post_info[$forum['forum_id']] is empty or not.
if (!empty($whatsnew_post_info)) {
if (is_array($whatsnew_post_info[$forum['forum_id']])) {
if (is_array(isset($whatsnew_post_info[$forum['forum_id']])?$whatsnew_post_info[$forum['forum_id']]:null)) {
foreach ($whatsnew_post_info[$forum['forum_id']] as $key_thread_id => $new_post_array) {
if (empty($whatsnew_post_info[$forum['forum_id']][$key_thread_id])) {
unset($whatsnew_post_info[$forum['forum_id']][$key_thread_id]);
@ -323,6 +323,7 @@ if ($get_actions!='add' && $get_actions!='edit' ) {
echo "\t\t<td width=\"20\">";
if ($forum['forum_of_group']!=='0') {
if (is_array($whatsnew_post_info[$forum['forum_id']]) and !empty($whatsnew_post_info[$forum['forum_id']])) {
echo icon('../img/forumgroupnew.gif');
@ -330,8 +331,9 @@ if ($get_actions!='add' && $get_actions!='edit' ) {
echo icon('../img/forumgroup.gif', get_lang('GroupForum'));
}
} else {
if (!empty($whatsnew_post_info)) {
if (is_array($whatsnew_post_info[$forum['forum_id']]) and !empty($whatsnew_post_info[$forum['forum_id']])) {
$my_whatsnew_post_info=isset($my_whatsnew_post_info[$forum['forum_id']])?$my_whatsnew_post_info[$forum['forum_id']]:'';;
if (!empty($my_whatsnew_post_info)) {
if (is_array($my_whatsnew_post_info) and !empty($my_whatsnew_post_info)) {
echo icon('../img/forum.gif', get_lang('Forum'));
} else {
echo icon('../img/forum.gif');

4
main/forum/newthread.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: $
<?php
/*
==============================================================================
@ -201,7 +201,7 @@ if ($origin != 'learnpath') {
}
echo '</table>';
$values=show_add_post_form('newthread','', $_SESSION['formelements']);
$values=show_add_post_form('newthread','', isset($_SESSION['formelements'])?$_SESSION['formelements']:null);
if (!empty($values) and isset($values['SubmitPost'])) {
//add new thread in table forum_thread

5
main/forum/reply.php
Unescape View File

@ -186,7 +186,10 @@ echo "\t</tr>\n";
echo '</table>';
// the form for the reply
$values=show_add_post_form($_GET['action'], $_GET['post'], $_SESSION['formelements']); // note: this has to be cleaned first
$my_action = isset($_GET['action']) ? $_GET['action'] : '';
$my_post = isset($_GET['post']) ? $_GET['post'] : '';
$my_elements = isset($_SESSION['formelements']) ? $_SESSION['formelements'] : '';
$values=show_add_post_form($my_action,$my_post, $my_elements); // note: this has to be cleaned first
if (!empty($values) AND $_POST['SubmitPost']) {
store_reply($values);

67
main/forum/viewforum.php
Unescape View File

@ -64,6 +64,7 @@ $nameTools=get_lang('Forum');
//are we in a lp ?
$origin = '';
$origin_string='';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
$origin_string = '&origin='.$origin;
@ -95,7 +96,8 @@ $userinf=api_get_user_info($userid);
// we are getting all the information about the current forum and forum category.
// note pcool: I tried to use only one sql statement (and function) for this
// but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table
$current_forum=get_forum_information($_GET['forum']); // note: this has to be validated that it is an existing forum.
$my_forum=isset($_GET['forum'])?$_GET['forum']:'';
$current_forum=get_forum_information($my_forum); // note: this has to be validated that it is an existing forum.
$current_forum_category=get_forumcategory_information($current_forum['forum_category']);
@ -105,9 +107,11 @@ $current_forum_category=get_forumcategory_information($current_forum['forum_cate
Header and Breadcrumbs
-----------------------------------------------------------
*/
$interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS($_GET['search']),"name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title']));
$my_search=isset($_GET['search'])?$_GET['search']:'';
$my_action=isset($_GET['action'])?$_GET['action']:'';
$interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS($my_search),"name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&amp;search=".Security::remove_XSS(urlencode($my_search)),"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($my_forum)."&amp;search=".Security::remove_XSS(urlencode($my_search)),"name" => prepare4display($current_forum['forum_title']));
if ($origin=='learnpath') {
include(api_get_path(INCLUDE_PATH).'reduced_header.inc.php');
@ -124,35 +128,35 @@ if ($origin=='learnpath') {
*/
$table_link = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
// Change visibility of a forum or a forum category
if (($_GET['action']=='invisible' OR $_GET['action']=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
if (($my_action=='invisible' OR $my_action=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$message=change_visibility($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first
}
// locking and unlocking
if (($_GET['action']=='lock' OR $_GET['action']=='unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$message=change_lock_status($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first
if (($my_action=='lock' OR $my_action=='unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$message=change_lock_status($_GET['content'], $_GET['id'],$my_action);// note: this has to be cleaned first
}
// deleting
if ($_GET['action']=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
if ($my_action=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$message=delete_forum_forumcategory_thread($_GET['content'],$_GET['id']); // note: this has to be cleaned first
//delete link
$sql_link='DELETE FROM '.$table_link.' WHERE ref_id='.Security::remove_XSS($_GET['id']).' and type=5 and course_code="'.api_get_course_id().'";';
api_sql_query($sql_link);
}
// moving
if ($_GET['action']=='move' and isset($_GET['thread']) AND api_is_allowed_to_edit(false,true)) {
if ($my_action=='move' and isset($_GET['thread']) AND api_is_allowed_to_edit(false,true)) {
$message=move_thread_form();
}
// notification
if ($_GET['action'] == 'notify' AND isset($_GET['content']) AND isset($_GET['id'])) {
if ($my_action == 'notify' AND isset($_GET['content']) AND isset($_GET['id'])) {
$return_message = set_notification($_GET['content'],$_GET['id']);
Display :: display_confirmation_message($return_message,false);
}
// student list
if ($_GET['action'] == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) AND $userinf['status']=='1') {
if ($my_action == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) AND $userinf['status']=='1') {
switch($_GET['list']) {
switch(isset($_GET['list'])) {
case "qualify":
$student_list=get_thread_users_qualify($_GET['id']);
$nrorow3 =-2;
@ -168,7 +172,7 @@ if ($_GET['action'] == 'liststd' AND isset($_GET['content']) AND isset($_GET['id
}
$table_list = '<p><br /><h3>'.get_lang('ThreadUsersList').'&nbsp;:'.get_name_thread_by_id($_GET['id']).'</h3>';
if ($nrorow3>0 || $nrorow3==-2) {
$url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($_GET['forum']).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content']).'&id='.Security::remove_XSS($_GET['id']);
$url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($my_forum).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content']).'&id='.Security::remove_XSS($_GET['id']);
$table_list.= '<br />
<div style="width:50%">
<table class="data_table" border="0">
@ -194,7 +198,7 @@ if ($_GET['action'] == 'liststd' AND isset($_GET['content']) AND isset($_GET['id
$table_list.= '<th>'.get_lang('Qualify').'</th>';
}
$table_list.= '</tr>';
$max_qualify=show_qualify('2',$_GET['cidReq'],$_GET['forum'],$userid,$_GET['id']);
$max_qualify=show_qualify('2',$_GET['cidReq'],$my_forum,$userid,$_GET['id']);
$counter_stdlist=0;
while ($row_student_list=Database::fetch_array($student_list)) {
if ($counter_stdlist%2==0) {
@ -203,13 +207,13 @@ if ($_GET['action'] == 'liststd' AND isset($_GET['content']) AND isset($_GET['id
$class_stdlist="row_even";
}
$name_user_theme = $row_student_list['firstname'].' '.$row_student_list['lastname'];
$table_list.= '<tr class="$class_stdlist"><td><a href="../user/userInfo.php?uInfo='.$row_student_list['user_id'].'&tipo=sdtlist&'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).$origin_string.'">'.$name_user_theme.'</a></td>';
$table_list.= '<tr class="$class_stdlist"><td><a href="../user/userInfo.php?uInfo='.$row_student_list['user_id'].'&tipo=sdtlist&'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).$origin_string.'">'.$name_user_theme.'</a></td>';
if ($_GET['list']=='qualify') {
$table_list.= '<td>'.$row_student_list['qualify'].'/'.$max_qualify.'</td>';
}
if ($userinf['status']=='1') {
$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$row_student_list['user_id'],$_GET['id']);
$table_list.= '<td><a href="forumqualify.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['id']).'&user_id='.$row_student_list['user_id'].'&idtextqualify='.$current_qualify_thread.'">'.icon('../img/'.$icon_qualify,get_lang('Qualify')).'</a></td></tr>';
$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$my_forum,$row_student_list['user_id'],$_GET['id']);
$table_list.= '<td><a href="forumqualify.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&thread='.Security::remove_XSS($_GET['id']).'&user_id='.$row_student_list['user_id'].'&idtextqualify='.$current_qualify_thread.'">'.icon('../img/'.$icon_qualify,get_lang('Qualify')).'</a></td></tr>';
}
$counter_stdlist++;
}
@ -257,7 +261,7 @@ echo '<span style="float:right;">'.search_link().'</span>';
// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed
if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
echo '<a href="newthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).$origin_string.'">'.Display::return_icon('forumthread_new.gif',get_lang('NewTopic')).' '.get_lang('NewTopic').'</a>';
echo '<a href="newthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).$origin_string.'">'.Display::return_icon('forumthread_new.gif',get_lang('NewTopic')).' '.get_lang('NewTopic').'</a>';
} else {
echo get_lang('ForumLocked');
}
@ -302,9 +306,9 @@ echo "\t\t<td>".get_lang('Actions')."</td>\n";
echo "\t</tr>\n";
// getting al the threads
$threads=get_threads($_GET['forum']); // note: this has to be cleaned first
$threads=get_threads($my_forum); // note: this has to be cleaned first
$whatsnew_post_info=$_SESSION['whatsnew_post_info'];
$whatsnew_post_info=isset($_SESSION['whatsnew_post_info'])?$_SESSION['whatsnew_post_info']:null;
$counter=0;
if(is_array($threads)) {
@ -318,7 +322,8 @@ if(is_array($threads)) {
}
echo "\t<tr class=\"$class\">\n";
echo "\t\t<td>";
if (is_array($whatsnew_post_info[$_GET['forum']][$row['thread_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) {
$my_whatsnew_post_info=isset($whatsnew_post_info[$my_forum][$row['thread_id']])?$whatsnew_post_info[$my_forum][$row['thread_id']]:null;
if (is_array($my_whatsnew_post_info) and !empty($my_whatsnew_post_info)) {
echo icon('../img/forumthread.gif');
} else {
echo icon('../img/forumthread.gif');
@ -329,7 +334,7 @@ if(is_array($threads)) {
}
echo "</td>\n";
echo "\t\t<td>";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".$row['thread_id'].$origin_string."&amp;search=".Security::remove_XSS(urlencode($_GET['search']))."\" ".class_visible_invisible($row['visibility']).">".prepare4display($row['thread_title'])."</a></td>\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($my_forum)."&amp;thread=".$row['thread_id'].$origin_string."&amp;search=".Security::remove_XSS(urlencode($my_search))."\" ".class_visible_invisible($row['visibility']).">".prepare4display($row['thread_title'])."</a></td>\n";
echo "\t\t<td>".$row['thread_replies']."</td>\n";
if ($row['user_id']=='0') {
$name=prepare4display($row['thread_poster_name']);
@ -368,22 +373,22 @@ if(is_array($threads)) {
echo "\t\t<td>".$last_post."</td>\n";
echo "\t\t<td>";
if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) {
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($row['thread_id'])."&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;action=delete&amp;content=thread&amp;id=".$row['thread_id'].$origin_string."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteCompleteThread"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array("forum"=>$_GET['forum'],'origin'=>$origin));
display_lock_unlock_icon('thread',$row['thread_id'], $row['locked'], array("forum"=>$_GET['forum'],'origin'=>$origin));
echo "<a href=\"viewforum.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;action=move&amp;thread=".$row['thread_id'].$origin_string."\">".icon('../img/deplacer_fichier.gif',get_lang('MoveThread'))."</a>";
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($my_forum)."&amp;thread=".Security::remove_XSS($row['thread_id'])."&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($my_forum)."&amp;action=delete&amp;content=thread&amp;id=".$row['thread_id'].$origin_string."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteCompleteThread"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array("forum"=>$my_forum,'origin'=>$origin));
display_lock_unlock_icon('thread',$row['thread_id'], $row['locked'], array("forum"=>$my_forum,'origin'=>$origin));
echo "<a href=\"viewforum.php?".api_get_cidreq()."&forum=".Security::remove_XSS($my_forum)."&amp;action=move&amp;thread=".$row['thread_id'].$origin_string."\">".icon('../img/deplacer_fichier.gif',get_lang('MoveThread'))."</a>";
}
$iconnotify = 'send_mail.gif';
if (is_array($_SESSION['forum_notification']['thread'])) {
if (is_array(isset($_SESSION['forum_notification']['thread'])?$_SESSION['forum_notification']['thread']:null)) {
if (in_array($row['thread_id'],$_SESSION['forum_notification']['thread'])) {
$iconnotify = 'send_mail_checked.gif';
}
}
$icon_liststd = 'group.gif';
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".Security::remove_XSS($_GET['forum'])."&amp;action=notify&amp;content=thread&amp;id=".$row['thread_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&amp;forum=".Security::remove_XSS($my_forum)."&amp;action=notify&amp;content=thread&amp;id=".$row['thread_id']."\">".icon('../img/'.$iconnotify,get_lang('NotifyMe'))."</a>";
if ($userinf['status']=='1') {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;action=liststd&amp;content=thread&amp;id='.$row['thread_id'].'">'.icon('../img/'.$icon_liststd,get_lang('StudentList')).'</a>';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($my_forum).'&amp;action=liststd&amp;content=thread&amp;id='.$row['thread_id'].'">'.icon('../img/'.$icon_liststd,get_lang('StudentList')).'</a>';
}
echo "</td>\n";
echo "\t</tr>\n";
@ -394,7 +399,7 @@ if(is_array($threads)) {
}
}
echo "</table>";
echo $table_list;
echo isset($table_list)?$table_list:'';
/*
==============================================================================
FOOTER

19
main/forum/viewforumcategory.php
Unescape View File

@ -258,19 +258,20 @@ if ($action_forums!='add') {
}
}
//echo '<hr>';
$form_count=isset($form_count)?$form_count:0;
if ($show_forum === true) {
$form_count++;
echo "\t<tr class=\"forum\">\n";
echo "\t\t<td width=\"20\">";
$my_whatsnew_post_info=isset($whatsnew_post_info[$forum['forum_id']])?$whatsnew_post_info[$forum['forum_id']]:null;
if ($forum['forum_of_group']!=='0') {
if (is_array($whatsnew_post_info[$forum['forum_id']]) and !empty($whatsnew_post_info[$forum['forum_id']])) {
if (is_array($my_whatsnew_post_info) and !empty($my_whatsnew_post_info)) {
echo icon('../img/forumgroupnew.gif');
} else {
echo icon('../img/forumgroup.gif', get_lang('GroupForum'));
}
} else {
if (is_array($whatsnew_post_info[$forum['forum_id']]) and !empty($whatsnew_post_info[$forum['forum_id']])) {
if (is_array($my_whatsnew_post_info) and !empty($my_whatsnew_post_info)) {
echo icon('../img/forum.gif', get_lang('Forum'));
} else {
echo icon('../img/forum.gif');
@ -282,11 +283,13 @@ if ($action_forums!='add') {
} else {
$session_displayed = '';
}
echo "\t\t<td><a href=\"viewforum.php?".api_get_cidreq()."&forum=".$forum['forum_id']."&amp;search=".Security::remove_XSS(urlencode($_GET['search']))."\" ".class_visible_invisible($forum['visibility']).">".prepare4display($forum['forum_title']).$session_displayed.'</a><br />'.prepare4display($forum['forum_comment'])."</td>\n";
echo "\t\t<td><a href=\"viewforum.php?".api_get_cidreq()."&forum=".$forum['forum_id']."&amp;search=".Security::remove_XSS(urlencode(isset($_GET['search'])?$_GET['search']:''))."\" ".class_visible_invisible($forum['visibility']).">".prepare4display($forum['forum_title']).$session_displayed.'</a><br />'.prepare4display($forum['forum_comment'])."</td>\n";
//$number_forum_topics_and_posts=get_post_topics_of_forum($forum['forum_id']); // deprecated
// the number of topics and posts
echo "\t\t<td>".$forum['number_of_threads']."</td>\n";
echo "\t\t<td>".$forum['number_of_posts']."</td>\n";
$my_number_threads=isset($forum['number_of_threads']) ? $forum['number_of_threads'] : '';
$my_number_posts=isset($forum['number_of_posts']) ? $forum['number_of_posts'] : '';
echo "\t\t<td>".$my_number_threads."</td>\n";
echo "\t\t<td>".$my_number_posts."</td>\n";
// the last post in the forum
if ($forum['last_poster_name']<>'') {
$name=$forum['last_poster_name'];
@ -301,7 +304,7 @@ if ($action_forums!='add') {
}
echo "</td>\n";
echo "\t\t<td NOWRAP align='center'>";
if (api_is_allowed_to_edit(false,true) && !($forum['session_id']==0 && intval($_SESSION['id_session'])!=0)) {
if (api_is_allowed_to_edit(false,true) && !($forum['session_id']==0 && intval(isset($_SESSION['id_session'])?$_SESSION['id_session']:null)!=0)) {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=edit&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=delete&amp;content=forum&amp;id=".$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteForum"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('forum',$forum['forum_id'], $forum['visibility'], array("forumcategory"=>$_GET['forumcategory']));
@ -309,7 +312,7 @@ if ($action_forums!='add') {
display_up_down_icon('forum',$forum['forum_id'], $forums_in_category);
}
$iconnotify = 'send_mail.gif';
if (is_array($_SESSION['forum_notification']['forum'])) {
if (is_array(isset($_SESSION['forum_notification']['forum'])?$_SESSION['forum_notification']['forum']:null)) {
if (in_array($forum['forum_id'],$_SESSION['forum_notification']['forum'])) {
$iconnotify = 'send_mail_checked.gif';
}

33
main/forum/viewthread.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: $
<?php
/*
==============================================================================
@ -95,19 +95,20 @@ if (!empty($_GET['gradebook'])) {
'name' => get_lang('Gradebook')
);
}
$my_search=isset($_GET['search']) ? $_GET['search'] : '';
if ($origin=='learnpath') {
include(api_get_path(INCLUDE_PATH).'reduced_header.inc.php');
} else {
$interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS(urlencode($my_search)),"name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&amp;search=".Security::remove_XSS(urlencode($my_search)),"name" => prepare4display($current_forum_category['cat_title']));
if (isset($_GET['gradebook']) and $_GET['gradebook']=='view') {
$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$info_thread['forum_id']."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$info_thread['forum_id']."&amp;search=".Security::remove_XSS(urlencode($my_search)),"name" => prepare4display($current_forum['forum_title']));
} else {
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;search=".Security::remove_XSS(urlencode($my_search)),"name" => prepare4display($current_forum['forum_title']));
}
if ($message<>'PostDeletedSpecial') {
if (isset($message) && $message<>'PostDeletedSpecial') {
if (isset($_GET['gradebook']) and $_GET['gradebook']=='view') {
$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".$info_thread['forum_id']."&amp;gradebook=".Security::remove_XSS($_GET['gradebook'])."&thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title']));
@ -136,13 +137,14 @@ if (!api_is_allowed_to_edit(false,true) AND ($current_forum['visibility']==0 OR
Actions
-----------------------------------------------------------
*/
if ($_GET['action']=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$my_action = isset($_GET['action']) ? $_GET['action'] : '';
if ($my_action=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$message=delete_post($_GET['id']); // note: this has to be cleaned first
}
if (($_GET['action']=='invisible' OR $_GET['action']=='visible') AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
if (($my_action=='invisible' OR $my_action=='visible') AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) {
$message=approve_post($_GET['id'],$_GET['action']); // note: this has to be cleaned first
}
if ($_GET['action']=='move' and isset($_GET['post'])) {
if ($my_action=='move' and isset($_GET['post'])) {
$message=move_post_form();
}
@ -151,11 +153,12 @@ if ($_GET['action']=='move' and isset($_GET['post'])) {
Display the action messages
-----------------------------------------------------------
*/
if (isset($message)) {
Display :: display_confirmation_message(get_lang($message));
$my_message = isset($message) ? $message : '';
if ($my_message) {
Display :: display_confirmation_message(get_lang($my_message));
}
if ($message<>'PostDeletedSpecial') {
if ($my_message<>'PostDeletedSpecial') {
// in this case the first and only post of the thread is removed
// this increases the number of times the thread has been viewed
increase_thread_view($_GET['thread']);
@ -166,7 +169,7 @@ if ($message<>'PostDeletedSpecial') {
*/
echo '<div class="actions">';
echo '<div style="float:right;">';
$my_url = '<a href="viewthread.php?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;search='.Security::remove_XSS(urlencode($_GET['search']));
$my_url = '<a href="viewthread.php?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;search='.Security::remove_XSS(urlencode($my_search));
echo $my_url.'&amp;view=flat&origin='.$origin.'">'.get_lang('FlatView').'</a> | ';
echo $my_url.'&amp;view=threaded&origin='.$origin.'">'.get_lang('ThreadedView').'</a> | ';
echo $my_url.'&amp;view=nested&origin='.$origin.'">'.get_lang('NestedView').'</a>';
@ -205,7 +208,7 @@ if ($message<>'PostDeletedSpecial') {
-----------------------------------------------------------
*/
if (!$_SESSION['view']) {
if (!isset($_SESSION['view'])) {
$viewmode=$current_forum['default_view'];
} else {
$viewmode=$_SESSION['view'];
@ -241,7 +244,7 @@ if ($message<>'PostDeletedSpecial') {
echo prepare4display($current_forum['forum_title']).'<br />';
echo "</th>\n";
echo "\t</tr>\n";
echo '<span>'.prepare4display($current_thread['thread_comment']).'</span>';
echo '<span>'.prepare4display(isset($current_thread['thread_comment'])?$current_thread['thread_comment']:'').'</span>';
echo "</table>";
switch ($viewmode) {

Write Preview
Loading…
Cancel
Save