From d24b0ff1ce4a4162f15e49bfbcd60feb0c960740 Mon Sep 17 00:00:00 2001 From: Isaac Flores Date: Fri, 28 Nov 2008 20:31:47 +0100 Subject: [PATCH] [svn r17016] changes in logic - improvement forum functionality - see(FS#3249) --- main/forum/editpost.php | 71 +- main/forum/forumbody.inc.php | 14 +- main/forum/forumfunction.inc.php | 7281 +++++++++++++--------------- main/forum/forumqualify.php | 38 +- main/forum/newthread.php | 14 +- main/forum/viewforum.php | 804 +-- main/forum/viewpost.php | 30 +- main/forum/viewthread.php | 39 +- main/forum/viewthread_flat.inc.php | 13 +- 9 files changed, 3923 insertions(+), 4381 deletions(-) diff --git a/main/forum/editpost.php b/main/forum/editpost.php index ba2ff26c26..8d82f38425 100644 --- a/main/forum/editpost.php +++ b/main/forum/editpost.php @@ -1,5 +1,5 @@ - "reply.php?forum=".Security::remove_XSS($_GET[ Resource Linker ----------------------------------------------------------- */ -if (isset($_POST['add_resources']) AND $_POST['add_resources']==get_lang('Resources')) -{ +if (isset($_POST['add_resources']) AND $_POST['add_resources']==get_lang('Resources')) { $_SESSION['formelements']=$_POST; $_SESSION['origin']=$_SERVER['REQUEST_URI']; $_SESSION['breadcrumbs']=$interbreadcrumb; header("Location: ../resourcelinker/resourcelinker.php"); } - +$table_link = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_LINK); /* ----------------------------------------------------------- Header @@ -151,7 +148,7 @@ if (isset($_POST['add_resources']) AND $_POST['add_resources']==get_lang('Resour */ Display :: display_header(null); api_display_tool_title($nameTools); -////echo ''; +//echo ''; /* ----------------------------------------------------------- Is the user allowed here? @@ -165,20 +162,16 @@ api_display_tool_title($nameTools); // The only exception is the course manager // I have split this is several pieces for clarity. //if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0) OR ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0))) -if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) -{ +if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) { forum_not_allowed_here(); } -if (!api_is_allowed_to_edit() AND ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)) -{ +if (!api_is_allowed_to_edit() AND ($current_forum_category['locked']<>0 OR $current_forum['locked']<>0 OR $current_thread['locked']<>0)) { forum_not_allowed_here(); +} +if (!$_user['user_id'] AND $current_forum['allow_anonymous']==0) { + forum_not_allowed_here(); } -if (!$_user['user_id'] AND $current_forum['allow_anonymous']==0) -{ - forum_not_allowed_here(); -} -if (!api_is_allowed_to_edit() AND $current_forum['allow_edit']==0) -{ +if (!api_is_allowed_to_edit() AND $current_forum['allow_edit']==0) { forum_not_allowed_here(); } @@ -198,23 +191,25 @@ echo ''; // the form for the reply $values=show_edit_post_form($current_post, $current_thread, $current_forum, $_SESSION['formelements']); -if (!empty($values) and $_POST['SubmitPost']) -{ - store_edit_post($values); - //add gradebook function - $option_chek=$values['thread_qualify_gradebook'];// values 1 or 0 - //var_dump($values); - if($option_chek==1){ - $id=$values['thread_id'];// last id from - $title_gradebook=$values['calification_notebook_title']; - $value_calification=$values['numeric_calification']; - $description=""; - //add_resource_to_course_gradebook(api_get_course_id(), 5, $id, $title, 0, $_POST['qualification_value'], Database::escape_string($_POST['description']), "'".date('Y-m-d H:i:s')."'", 1); - add_resource_to_course_gradebook(api_get_course_id(), 5, $id, $title_gradebook, 0,$value_calification,$description, "'".date('Y-m-d H:i:s')."'",api_get_session_id()); - } - +if (!empty($values) and $_POST['SubmitPost']) { + store_edit_post($values); + + $option_chek=$values['thread_qualify_gradebook'];// values 1 or 0 + if ( 1== $option_chek ) { + $id=$values['thread_id']; + $title_gradebook=$values['calification_notebook_title']; + $value_calification=$values['numeric_calification']; + $weight_calification=$values['weight_calification']; + $description=""; + $link_id=is_resource_in_course_gradebook(api_get_course_id(),5,$id,null); + if ( $link_id==false ) { + add_resource_to_course_gradebook(api_get_course_id(), 5, $id, $title_gradebook,$weight_calification,$value_calification,$description,time(),1,api_get_session_id()); + } else { + api_sql_query('UPDATE '.$table_link.' SET weight='.$weight_calification.' WHERE id='.$link_id.''); + } + + } + } - // footer -Display :: display_footer(); -?> \ No newline at end of file +Display :: display_footer(); \ No newline at end of file diff --git a/main/forum/forumbody.inc.php b/main/forum/forumbody.inc.php index f28dfe7281..4210ae9193 100644 --- a/main/forum/forumbody.inc.php +++ b/main/forum/forumbody.inc.php @@ -1,11 +1,12 @@ - @@ -14,6 +15,7 @@ $output = << + FIN; $output .= ' diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index 267e286666..05a12593cd 100644 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -1,3891 +1,3390 @@ -, Ghent University -* @copyright Ghent University -* @copyright Patrick Cool -* @author Julio Montoya , Dokeos Several fixes -* @package dokeos.forum -* -* @todo several functions have to be moved to the itemmanager library -* @todo displaying icons => display library -* @todo complete the missing phpdoc the correct order should be -* -* some explanation of the function -* -* @param -* @return -* - @todo -* -* @author firstname lastname , organisation -* @version (day) month year -* -* @deprecated -*/ - -/** - ************************************************************************** - * IMPORTANT NOTICE - * Please do not change anything is this code yet because there are still - * some significant code that need to happen and I do not have the time to - * merge files and test it all over again. So for the moment, please do not - * touch the code - * -- Patrick Cool - ************************************************************************** -*/ -require_once(api_get_path(INCLUDE_PATH).'/lib/mail.lib.inc.php'); -require_once(api_get_path(INCLUDE_PATH).'/conf/mail.conf.php'); -require_once(api_get_path(INCLUDE_PATH).'/lib/usermanager.lib.php'); -get_notifications_of_user(); -/** -* This function handles all the forum and forumcategories actions. This is a wrapper for the -* forum and forum categories. All this code code could go into the section where this function is -* called but this make the code there cleaner. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function handle_forum_and_forumcategories() -{ - // Adding a forum category - if (($_GET['action']=='add' AND $_GET['content']=='forumcategory') OR $_POST['SubmitForumCategory'] ) - { - show_add_forumcategory_form(); - } - // Adding a forum - if ((($_GET['action']=='add' OR $_GET['action']=='edit') AND $_GET['content']=='forum') OR $_POST['SubmitForum'] ) - { - if ($_GET['action']=='edit' and isset($_GET['id']) OR $_POST['SubmitForum'] ) - { - $inputvalues=get_forums(strval(intval($_GET['id']))); // note: this has to be cleaned first - } - show_add_forum_form($inputvalues); - } - // Edit a forum category - if (($_GET['action']=='edit' AND $_GET['content']=='forumcategory' AND isset($_GET['id'])) OR $_POST['SubmitEditForumCategory'] ) - { - $forum_category=get_forum_categories(strval(intval($_GET['id']))); // note: this has to be cleaned first - show_edit_forumcategory_form($forum_category); - } - // Delete a forum category - if ($_GET['action']=='delete' AND isset($_GET['content']) AND isset($_GET['id'])) - { - $return_message=delete_forum_forumcategory_thread($_GET['content'],$_GET['id']);// note: this has to be cleaned first - Display :: display_confirmation_message($return_message,false); - - } - // Change visibility of a forum or a forum category - if (($_GET['action']=='invisible' OR $_GET['action']=='visible') AND isset($_GET['content']) AND isset($_GET['id'])) - { - $return_message=change_visibility($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first - Display :: display_confirmation_message($return_message,false); - } - // Change lock status of a forum or a forum category - if (($_GET['action']=='lock' OR $_GET['action']=='unlock') AND isset($_GET['content']) AND isset($_GET['id'])) - { - $return_message=change_lock_status($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first - Display :: display_confirmation_message($return_message,false); - } - // Move a forum or a forum category - if ($_GET['action']=='move' AND isset($_GET['content']) AND isset($_GET['id']) AND isset($_GET['direction'])) - { - $return_message=move_up_down($_GET['content'], $_GET['direction'], $_GET['id']);// note: this has to be cleaned first - Display :: display_confirmation_message($return_message,false); - } - -} - -/** -* This function displays the form that is used to add a forum category. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function show_add_forumcategory_form($inputvalues=array()) -{ - // initiate the object - $form = new FormValidator('forumcategory'); - - // settting the form elements - $form->addElement('header', '', get_lang('AddForumCategory')); - $form->addElement('text', 'forum_category_title', get_lang('Title'),'class="input_titles"'); - $form->addElement('html_editor', 'forum_category_comment', get_lang('Comment')); - $form->addElement('submit', 'SubmitForumCategory', get_lang('OK')); - - // setting the rules - $form->addRule('forum_category_title', '
'.get_lang('ThisFieldIsRequired'), 'required'); - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - store_forumcategory($values); - } - else - { - $form->display(); - } -} - - -/** -* This function displays the form that is used to add a forum category. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function show_add_forum_form($inputvalues=array()) -{ - global $_course; - - // initiate the object - $form = new FormValidator('forumcategory', 'post', 'index.php'); - - // the header for the form - $session_header = isset($_SESSION['session_name']) ? ' ('.$_SESSION['session_name'].') ' : ''; - $form->addElement('header', '', get_lang('AddForum').$session_header); - - // we have a hidden field if we are editing - if (is_array($inputvalues)) - { - $form->addElement('hidden', 'forum_id', $inputvalues['forum_id']); - } - - // The title of the forum - $form->addElement('text', 'forum_title', get_lang('Title'),'class="input_titles"'); - - // The comment of the forum - $form->addElement('html_editor', 'forum_comment', get_lang('Comment')); - - // dropdown list: Forum Categories - $forum_categories=get_forum_categories(); - foreach ($forum_categories as $key=>$value) - { - $forum_categories_titles[$value['cat_id']]=$value['cat_title']; - } - $form->addElement('select', 'forum_category', get_lang('InForumCategory'), $forum_categories_titles); - - if ($_course['visibility']==COURSE_VISIBILITY_OPEN_WORLD) - { - // This is for vertical - //$form->addElement('radio', 'allow_anonymous', get_lang('AllowAnonymousPosts'), get_lang('Yes'), 1); - //$form->addElement('radio', 'allow_anonymous', '', get_lang('No'), 0); - // This is for horizontal - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'allow_anonymous',null,get_lang('Yes'),1); - $group[] =& HTML_QuickForm::createElement('radio', 'allow_anonymous',null,get_lang('No'),0); - $form->addGroup($group, 'allow_anonymous_group', get_lang('AllowAnonymousPosts'), ' '); - } - - // This is for vertical - //$form->addElement('radio', 'students_can_edit', get_lang('StudentsCanEdit'), get_lang('Yes'), 1); - //$form->addElement('radio', 'students_can_edit', '', get_lang('No'), 0); - // This is for horizontal - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'students_can_edit',null,get_lang('Yes'),1); - $group[] =& HTML_QuickForm::createElement('radio', 'students_can_edit',null,get_lang('No'),0); - $form->addGroup($group, 'students_can_edit_group', get_lang('StudentsCanEdit'), ' '); - - // This is for vertical - //$form->addElement('radio', 'approval_direct', get_lang('ApprovalDirect'), get_lang('Approval'), 1); - //$form->addElement('radio', 'approval_direct', '', get_lang('Direct'), 0); - // This is for horizontal - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'approval_direct',null,get_lang('Approval'),1); - $group[] =& HTML_QuickForm::createElement('radio', 'approval_direct',null,get_lang('Direct'),0); - //$form->addGroup($group, 'approval_direct_group', get_lang('ApprovalDirect'), ' '); - - // This is for vertical - //$form->addElement('radio', 'allow_attachments', get_lang('AllowAttachments'), get_lang('Yes'), 1); - //$form->addElement('radio', 'allow_attachments', '', get_lang('No'), 0); - // This is for horizontal - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'allow_attachments',null,get_lang('Yes'),1); - $group[] =& HTML_QuickForm::createElement('radio', 'allow_attachments',null,get_lang('No'),0); - //$form->addGroup($group, 'allow_attachments_group', get_lang('AllowAttachments'), ' '); - - // This is for vertical - //$form->addElement('radio', 'allow_new_threads', get_lang('AllowNewThreads'), 1, get_lang('Yes')); - //$form->addElement('radio', 'allow_new_threads', '', 0, get_lang('No')); - // This is for horizontal - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'allow_new_threads',null, get_lang('Yes'),1); - $group[] =& HTML_QuickForm::createElement('radio', 'allow_new_threads',null, get_lang('No'),0); - $form->addGroup($group, 'allow_new_threads_group', get_lang('AllowNewThreads'), ' '); - - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'default_view_type', null, get_lang('Flat'), 'flat'); - $group[] =& HTML_QuickForm::createElement('radio', 'default_view_type', null, get_lang('Threaded'), 'threaded'); - $group[] =& HTML_QuickForm::createElement('radio', 'default_view_type', null, get_lang('Nested'), 'nested'); - $form->addGroup($group, 'default_view_type_group', get_lang('DefaultViewType'), ' '); - - - $form->addElement('static','Group', '
'.get_lang('GroupSettings').''); - - // dropdown list: Groups - $groups=GroupManager::get_group_list(); - $groups_titles[0]=get_lang('NotAGroupForum'); - foreach ($groups as $key=>$value) - { - $groups_titles[$value['id']]=$value['name']; - } - $form->addElement('select', 'group_forum', get_lang('ForGroup'), $groups_titles); - - // Public or private group forum - $group=''; - $group[] =& HTML_QuickForm::createElement('radio', 'public_private_group_forum', null, get_lang('Public'), 'public'); - $group[] =& HTML_QuickForm::createElement('radio', 'public_private_group_forum', null, get_lang('Private'), 'private'); - $form->addGroup($group, 'public_private_group_forum_group', get_lang('PublicPrivateGroupForum'), ' '); - - // The OK button - $form->addElement('submit', 'SubmitForum', get_lang('OK')); - // setting the rules - $form->addRule('forum_title', get_lang('ThisFieldIsRequired'), 'required'); - $form->addRule('forum_category', get_lang('ThisFieldIsRequired'), 'required'); - - global $charset; - - // settings the defaults - if (!is_array($inputvalues)) - { - $defaults['allow_anonymous_group']['allow_anonymous']=0; - $defaults['students_can_edit_group']['students_can_edit']=0; - $defaults['approval_direct_group']['approval_direct']=0; - $defaults['allow_attachments_group']['allow_attachments']=1; - //since 1.8.6, new threads are disabled by default upon forum creation - $defaults['allow_new_threads_group']['allow_new_threads']=0; - $defaults['default_view_type_group']['default_view_type']=api_get_setting('default_forum_view'); - $defaults['public_private_group_forum_group']['public_private_group_forum']='public'; - if (isset($_GET['forumcategory'])) - { - $defaults['forum_category']=$_GET['forumcategory']; - } - } - else // the default values when editing = the data in the table - { - $defaults['forum_id']=$inputvalues['forum_id']; - $defaults['forum_title']=prepare4display(html_entity_decode($inputvalues['forum_title'],ENT_QUOTES,$charset)); - $defaults['forum_comment']=prepare4display($inputvalues['forum_comment']); - $defaults['forum_category']=$inputvalues['forum_category']; - $defaults['allow_anonymous_group']['allow_anonymous']=$inputvalues['allow_anonymous']; - $defaults['students_can_edit_group']['students_can_edit']=$inputvalues['allow_edit']; - $defaults['approval_direct_group']['approval_direct']=$inputvalues['approval_direct_post']; - $defaults['allow_attachments_group']['allow_attachments']=$inputvalues['allow_attachments']; - $defaults['allow_new_threads_group']['allow_new_threads']=$inputvalues['allow_new_threads']; - $defaults['default_view_type_group']['default_view_type']=$inputvalues['default_view']; - $defaults['public_private_group_forum_group']['public_private_group_forum']=$inputvalues['forum_group_public_private']; - $defaults['group_forum']=$inputvalues['forum_of_group']; - } - $form->setDefaults($defaults); - - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - store_forum($values); - } - else - { - $form->display(); - } -} - - - -/** -* This function displays the form that is used to edit a forum category. -* This is more or less a copy from the show_add_forumcategory_form function with the only difference that is uses -* some default values. I tried to have both in one function but this gave problems with the handle_forum_and_forumcategories function -* (storing was done twice) -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function show_edit_forumcategory_form($inputvalues=array()) -{ - // initiate the object - $form = new FormValidator('forumcategory'); - - // settting the form elements - $form->addElement('header', '', get_lang('EditForumCategory')); - $form->addElement('hidden', 'forum_category_id'); - $form->addElement('text', 'forum_category_title', get_lang('Title'),'class="input_titles"'); - $form->addElement('html_editor', 'forum_category_comment', get_lang('Comment')); - $form->addElement('submit', 'SubmitEditForumCategory', get_lang('OK')); - global $charset; - // setting the default values - $defaultvalues['forum_category_id']=$inputvalues['cat_id']; - $defaultvalues['forum_category_title']=prepare4display(html_entity_decode($inputvalues['cat_title'],ENT_QUOTES,$charset)); - $defaultvalues['forum_category_comment']=prepare4display($inputvalues['cat_comment']); - $form->setDefaults($defaultvalues); - - // setting the rules - $form->addRule('forum_category_title', get_lang('ThisFieldIsRequired'), 'required'); - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - store_forumcategory($values); - } - else - { - $form->display(); - } -} - - - -/** -* This function stores the forum category in the database. The new category is added to the end. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_forumcategory($values) -{ - $table_categories = Database :: get_course_table(TABLE_FORUM_CATEGORY); - global $_course; - global $_user; - - // find the max cat_order. The new forum category is added at the end => max cat_order + & - $sql="SELECT MAX(cat_order) as sort_max FROM ".Database::escape_string($table_categories); - $result=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($result); - $new_max=$row['sort_max']+1; - - $clean_cat_title=Security::remove_XSS(Database::escape_string($values['forum_category_title'])); - - if (isset($values['forum_category_id'])) - { // storing an edit - $sql="UPDATE ".$table_categories." SET cat_title='".$clean_cat_title."', cat_comment='".Database::escape_string($values['forum_category_comment'])."' WHERE cat_id='".Database::escape_string($values['forum_category_id'])."'"; - api_sql_query($sql,__FILE__,__LINE__); - $last_id=Database::get_last_insert_id(); - $my_user_id = api_get_user_id(); - api_item_property_update($_course, TOOL_FORUM_CATEGORY, $values['forum_category_id'],"ForumCategoryAdded",$my_user_id ); - $return_message=get_lang('ForumCategoryEdited'); - } - else - { - $sql="INSERT INTO ".$table_categories." (cat_title, cat_comment, cat_order, session_id) VALUES ('".$clean_cat_title."','".Database::escape_string($values['forum_category_comment'])."','".Database::escape_string($new_max)."',".intval($_SESSION['id_session']).")"; - api_sql_query($sql,__FILE__,__LINE__); - $last_id=Database::get_last_insert_id(); - $my_user_id = api_get_user_id(); - api_item_property_update($_course, TOOL_FORUM_CATEGORY, $last_id,"ForumCategoryAdded", $my_user_id); - $return_message=get_lang('ForumCategoryAdded'); - } - - Display :: display_confirmation_message($return_message); -} - -/** -* This function delete the forum image if exists -* -* @param int forum id -* @return boolean true if success -* -* @author Julio Montoya , Dokeos -* @version October 2008, dokeos 1.8.6 -*/ -function delete_forum_image($forum_id) -{ - $table_forums = Database::get_course_table(TABLE_FORUM); echo '
'; - $sql="SELECT forum_image FROM $table_forums WHERE forum_id = '$forum_id' "; - $result=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($result); - if ($row['forum_image']!='') - { - $del_file = api_get_path(SYS_COURSE_PATH).api_get_course_path().'/upload/forum/images/'.$row['forum_image']; - return @unlink($del_file); - } - else - { - return false; - } - -} -/** -* This function stores the forum in the database. The new forum is added to the end. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_forum($values) -{ - global $_course; - global $_user; - - $table_forums = Database::get_course_table(TABLE_FORUM); - - // find the max forum_order for the given category. The new forum is added at the end => max cat_order + & - $sql="SELECT MAX(forum_order) as sort_max FROM ".$table_forums." WHERE forum_category=".Database::escape_string($values['forum_category']); - $result=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($result); - $new_max=$row['sort_max']+1; - $session_id = isset($_SESSION['id_session']) ? $_SESSION['id_session'] : 0; - - $clean_title=Security::remove_XSS(Database::escape_string(htmlspecialchars($values['forum_title']))); - - $image_moved=false; - if(!empty($_FILES['picture']['name'])) - { - $upload_ok = process_uploaded_file($_FILES['picture']); - $has_attachment=true; - } - else - { - $image_moved=true; - } - - // remove existing picture if asked - if ($values['remove_picture']) - { - delete_forum_image($values['forum_id']); - } - - - if($upload_ok) - { - if ($has_attachment) - { - $courseDir = $_course['path'].'/upload/forum/images'; - $sys_course_path = api_get_path(SYS_COURSE_PATH); - $updir = $sys_course_path.$courseDir; - - // Try to add an extension to the file if it hasn't one - $new_file_name = add_ext_on_mime(stripslashes($_FILES['picture']['name']), $_FILES['picture']['type']); - - // user's file name - $file_name =$_FILES['picture']['name']; - - if (!filter_extension($new_file_name)) - { - //Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); - $image_moved=false; - } - else - { - $file_extension = explode('.', $_FILES['picture']['name']); - $file_extension = strtolower($file_extension[sizeof($file_extension) - 1]); - $new_file_name = uniqid('').'.'.$file_extension; - $new_path=$updir.'/'.$new_file_name; - $result= @move_uploaded_file($_FILES['picture']['tmp_name'], $new_path); - // Storing the attachments if any - if ($result) - { - $image_moved=true; - } - } - } - } - - if (isset($values['forum_id'])) - { - $sql_image=''; - if ($image_moved) - { - $sql_image=" forum_image='".Database::escape_string($new_file_name)."', "; - delete_forum_image($values['forum_id']); - } - - // storing an edit - $sql="UPDATE ".$table_forums." SET - forum_title='".$clean_title."', - ".$sql_image." - forum_comment='".Database::escape_string($values['forum_comment'])."', - forum_category='".Database::escape_string($values['forum_category'])."', - allow_anonymous='".Database::escape_string($values['allow_anonymous_group']['allow_anonymous'])."', - allow_edit='".Database::escape_string($values['students_can_edit_group']['students_can_edit'])."', - approval_direct_post='".Database::escape_string($values['approval_direct_group']['approval_direct'])."', - allow_attachments='".Database::escape_string($values['allow_attachments_group']['allow_attachments'])."', - allow_new_threads='".Database::escape_string($values['allow_new_threads_group']['allow_new_threads'])."', - forum_group_public_private='".Database::escape_string($values['public_private_group_forum_group']['public_private_group_forum'])."', - default_view='".Database::escape_string($values['default_view_type_group']['default_view_type'])."', - forum_of_group='".Database::escape_string($values['group_forum'])."' - WHERE forum_id='".Database::escape_string($values['forum_id'])."'"; - api_sql_query($sql,__FILE__,__LINE__); - $return_message=get_lang('ForumEdited'); - } - else - { - $sql_image=''; - if ($image_moved) - { - $sql_image="'".$new_file_name."', "; - } - - $sql="INSERT INTO ".$table_forums." - (forum_title, forum_image, forum_comment, forum_category, allow_anonymous, allow_edit, approval_direct_post, allow_attachments, allow_new_threads, default_view, forum_of_group, forum_group_public_private, forum_order, session_id) - VALUES ('".$clean_title."', - ".$sql_image." - '".Database::escape_string($values['forum_comment'])."', - '".Database::escape_string($values['forum_category'])."', - '".Database::escape_string($values['allow_anonymous_group']['allow_anonymous'])."', - '".Database::escape_string($values['students_can_edit_group']['students_can_edit'])."', - '".Database::escape_string($values['approval_direct_group']['approval_direct'])."', - '".Database::escape_string($values['allow_attachments_group']['allow_attachments'])."', - '".Database::escape_string($values['allow_new_threads_group']['allow_new_threads'])."', - '".Database::escape_string($values['default_view_type_group']['default_view_type'])."', - '".Database::escape_string($values['group_forum'])."', - '".Database::escape_string($values['public_private_group_forum_group']['public_private_group_forum'])."', - '".Database::escape_string($new_max)."', - ".intval($session_id).")"; - api_sql_query($sql, __LINE__,__FILE__); - $last_id=Database::get_last_insert_id(); - api_item_property_update($_course, TOOL_FORUM, $last_id,"ForumCategoryAdded", api_get_user_id()); - $return_message=get_lang('ForumAdded'); - } - - return $return_message; -} - -/** -* This function deletes a forum or a forum category -* This function currently does not delete the forums inside the category, nor the threads and replies inside these forums. -* For the moment this is the easiest method and it has the advantage that it allows to recover fora that were acidently deleted -* when the forum category got deleted. -* -* @param $content = what we are deleting (a forum or a forum category) -* @param $id The id of the forum category that has to be deleted. -* -* @todo write the code for the cascading deletion of the forums inside a forum category and also the threads and replies inside these forums -* @todo config setting for recovery or not (see also the documents tool: real delete or not). -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function delete_forum_forumcategory_thread($content, $id) -{ - global $_course; - - if ($content=='forumcategory') - { - $tool_constant=TOOL_FORUM_CATEGORY; - $return_message=get_lang('ForumCategoryDeleted'); - } - if ($content=='forum') - { - $tool_constant=TOOL_FORUM; - $return_message=get_lang('ForumDeleted'); - } - if ($content=='thread') - { - $tool_constant=TOOL_FORUM_THREAD; - $return_message=get_lang('ThreadDeleted'); - } - $my_user_id = api_get_user_id(); - api_item_property_update($_course,$tool_constant,$id,'delete',$my_user_id); // note: check if this returns a true and if so => return $return_message, if not => return false; - //delete_attachment($post_id); - return $return_message; -} - -/** -* This function deletes a forum post. This separate function is needed because forum posts do not appear in the item_property table (yet) -* and because deleting a post also has consequence on the posts that have this post as parent_id (they are also deleted). -* an alternative would be to store the posts also in item_property and mark this post as deleted (visibility = 2). -* We also have to decrease the number of replies in the thread table -* -* @param $post_id the id of the post that will be deleted -* -* @todo write recursive function that deletes all the posts that have this message as parent -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function delete_post($post_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - - $sql="DELETE FROM $table_posts WHERE post_id='".Database::escape_string($post_id)."'"; // note: this has to be a recursive function that deletes all of the posts in this block. - api_sql_query($sql,__FILE__,__LINE__); - - delete_attachment($post_id); - - $last_post_of_thread=check_if_last_post_of_thread(strval(intval($_GET['thread']))); - - if (is_array($last_post_of_thread)) - { - // Decreasing the number of replies for this thread and also changing the last post information - $sql="UPDATE $table_threads SET thread_replies=thread_replies-1, - thread_last_post='".Database::escape_string($last_post_of_thread['post_id'])."', - thread_date='".Database::escape_string($last_post_of_thread['post_date'])."' - WHERE thread_id='".Database::escape_string($_GET['thread'])."'"; - api_sql_query($sql,__FILE__,__LINE__); - return 'PostDeleted'; - } - if ($last_post_of_thread==false) - { - // we deleted the very single post of the thread so we need to delete the entry in the thread table also. - $sql="DELETE FROM $table_threads WHERE thread_id='".Database::escape_string($_GET['thread'])."'"; - api_sql_query($sql,__FILE__,__LINE__); - return 'PostDeletedSpecial'; - } -} - - -/** -* This function gets the all information of the last (=most recent) post of the thread -* This can be done by sorting the posts that have the field thread_id=$thread_id and sort them by post_date -* -* @param $thread_id the id of the thread we want to know the last post of. -* @return an array if there is a last post found, false if there is no post entry linked to that thread => thread will be deleted -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function check_if_last_post_of_thread($thread_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - - $sql="SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($thread_id)."' ORDER BY post_date DESC"; - $result=api_sql_query($sql,__FILE__,__LINE__); - if (Database::num_rows($result)>0) - { - $row=Database::fetch_array($result); - return $row; - } - else - { - return false; - } -} - - -/** -* This function takes care of the display of the visibility icon -* -* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post -* @param $id the id of the content we want to make invisible -* @param $current_visibility_status what is the current status of the visibility (0 = invisible, 1 = visible) -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function display_visible_invisible_icon($content, $id, $current_visibility_status, $additional_url_parameters='') -{ - $id = Security::remove_XSS($id); - if ($current_visibility_status=='1') - { - echo ''.icon('../img/visible.gif',get_lang('MakeInvisible')).''; - } - if ($current_visibility_status=='0') - { - echo ''.icon('../img/invisible.gif',get_lang('MakeVisible')).''; - } -} - -/** -* This function takes care of the display of the lock icon -* -* @param $content what is it that we want to (un)lock: forum category, forum, thread, post -* @param $id the id of the content we want to (un)lock -* @param $current_visibility_status what is the current status of the visibility (0 = invisible, 1 = visible) -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function display_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters='') -{ - $id = Security::remove_XSS($id); - if ($current_lock_status=='1') - { - echo ''.icon('../img/lock.gif',get_lang('Unlock')).''; - } - if ($current_lock_status=='0') - { - echo ''.icon('../img/unlock.gif',get_lang('Lock')).''; - } -} - -/** -* This function takes care of the display of the up and down icon -* -* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post -* @param $id is the id of the item we want to display the icons for -* @param $list is an array of all the items. All items in this list should have an up and down icon except for the first (no up icon) and the last (no down icon) -* The key of this $list array is the id of the item. -* -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function display_up_down_icon($content, $id, $list) -{ - $id = strval(intval($id)); - $total_items=count($list); - $position = 0; - $internal_counter=0; - - if(is_array($list)) - { - foreach ($list as $key=>$listitem) - { - $internal_counter++; - if ($id==$key) - { - $position=$internal_counter; - } - } - } - if ($position>1) - { - $return_value=''; - } - else - { - $return_value=''; - } - - if ($position<$total_items) - { - $return_value.=''; - } - else - { - - $return_value.=''; - } - - echo $return_value; -} - - - - -/** -* This function changes the visibility in the database (item_property) -* -* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post -* @param $id the id of the content we want to make invisible -* @param $target_visibility what is the current status of the visibility (0 = invisible, 1 = visible) -* -* @todo change the get parameter so that it matches the tool constants. -* @todo check if api_item_property_update returns true or false => returnmessage depends on it. -* @todo move to itemmanager -* -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function change_visibility($content, $id, $target_visibility) -{ - global $_course; - $constants=array('forumcategory'=>TOOL_FORUM_CATEGORY, 'forum'=>TOOL_FORUM, 'thread'=>TOOL_FORUM_THREAD); - api_item_property_update($_course,$constants[$content],$id,$target_visibility,api_get_user_id()); // note: check if this returns true or false => returnmessage depends on it. - if ($target_visibility=='visible') - { - handle_mail_cue($content, $id); - } - - return get_lang('VisibilityChanged'); -} - - -/** -* This function changes the lock status in the database -* -* @param $content what is it that we want to (un)lock: forum category, forum, thread, post -* @param $id the id of the content we want to (un)lock -* @param $action do we lock (=>locked value in db = 1) or unlock (=> locked value in db = 0) -* @return string, language variable -* -* @todo move to itemmanager -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function change_lock_status($content, $id, $action) -{ - $table_categories = Database :: get_course_table(TABLE_FORUM_CATEGORY); - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - - // Determine the relevant table - if ($content=='forumcategory') - { - $table=$table_categories; - $id_field='cat_id'; - } - elseif ($content=='forum') - { - $table=$table_forums; - $id_field='forum_id'; - } - elseif ($content=='thread') - { - $table=$table_threads; - $id_field='thread_id'; - } - else - { - return get_lang('Error'); - } - - // Determine what we are doing => defines the value for the database and the return message - if ($action=='lock') - { - $db_locked=1; - $return_message=get_lang('Locked'); - } - elseif ($action=='unlock') - { - $db_locked=0; - $return_message=get_lang('Unlocked'); - } - else - { - return get_lang('Error'); - } - - // Doing the change in the database - $sql="UPDATE $table SET locked='".Database::escape_string($db_locked)."' WHERE $id_field='".Database::escape_string($id)."'"; - if (api_sql_query($sql,__FILE__,__LINE__)) - { - return $return_message; - } - else - { - return get_lang('Error'); - } -} - - -/** -* This function moves a forum or a forum category up or down -* -* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post -* @param $direction do we want to move it up or down. -* @param $id the id of the content we want to make invisible -* @todo consider removing the table_item_property calls here but this can prevent unwanted side effects when a forum does not have an entry in -* the item_property table but does have one in the forum table. -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function move_up_down($content, $direction, $id) -{ - $table_categories = Database :: get_course_table(TABLE_FORUM_CATEGORY); - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - - // Determine which field holds the sort order - if ($content=='forumcategory') - { - $table=$table_categories; - $sort_column='cat_order'; - $id_column='cat_id'; - $sort_column='cat_order'; - } - elseif ($content=='forum') - { - $table=$table_forums; - $sort_column='forum_order'; - $id_column='forum_id'; - $sort_column='forum_order'; - // we also need the forum_category of this forum - $sql="SELECT forum_category FROM $table_forums WHERE forum_id=".Database::escape_string($id); - $result=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($result); - $forum_category=$row['forum_category']; - } - else - { - return get_lang('Error'); - } - - // determine if need to sort ascending or descending - if ($direction=='down') - { - $sort_direction='ASC'; - } - elseif ($direction=='up') - { - $sort_direction='DESC'; - } - else - { - return get_lang('Error'); - } - - // The SQL statement - if ($content=='forumcategory') - { - $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties - WHERE forum_categories.cat_id=item_properties.ref - AND item_properties.tool='".TOOL_FORUM_CATEGORY."' - ORDER BY forum_categories.cat_order $sort_direction"; - } - if ($content=='forum') - { - $sql="SELECT * FROM".$table." WHERE forum_category='".Database::escape_string($forum_category)."' ORDER BY forum_order $sort_direction"; - } - - - // echo $sql.'
'; - - - // finding the items that need to be switched - $result=api_sql_query($sql,__FILE__,__LINE__); - $found=false; - while ($row=Database::fetch_array($result)) - { - //echo $row[$id_column].'-'; - if ($found==true) - { - $next_id=$row[$id_column]; - $next_sort=$row[$sort_column]; - $found=false; - } - if($id==$row[$id_column]) - { - $this_id=$id; - $this_sort=$row[$sort_column]; - $found=true; - } - } - - // Committing the switch - // we do an extra check if we do not have illegal values. If your remove this if statment you will - // be able to mess with the sorting by refreshing the page over and over again. - if ($this_sort<>'' AND $next_sort<>'' AND $next_id<>'' AND $this_id<>'') - { - $sql_update1="UPDATE $table SET $sort_column='".Database::escape_string($this_sort)."' WHERE $id_column='".Database::escape_string($next_id)."'"; - $sql_update2="UPDATE $table SET $sort_column='".Database::escape_string($next_sort)."' WHERE $id_column='".Database::escape_string($this_id)."'"; - api_sql_query($sql_update1,__FILE__,__LINE__); - api_sql_query($sql_update2,__FILE__,__LINE__); - } - - return get_lang(ucfirst($content).'Moved'); -} - - -/** -* This function returns a piece of html code that make the links grey (=invisible for the student) -* -* @param boolean 0/1: 0 = invisible, 1 = visible -* @return string -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function class_visible_invisible($current_visibility_status) -{ - if ($current_visibility_status=='0') - { - return "class='invisible'"; - } -} - -/** -* Retrieve all the information off the forum categories (or one specific) for the current course. -* The categories are sorted according to their sorting order (cat_order -* -* @param $id default ''. When an id is passed we only find the information about that specific forum category. If no id is passed we get all the forum categories. -* @return an array containing all the information about all the forum categories -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_forum_categories($id='') -{ - $table_categories = Database :: get_course_table(TABLE_FORUM_CATEGORY); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - $session_condition = isset($_SESSION['id_session']) ? 'AND forum_categories.session_id IN (0,'.intval($_SESSION['id_session']).')' : ''; - - if ($id=='') - { - $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties - WHERE forum_categories.cat_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM_CATEGORY."' - $session_condition - ORDER BY forum_categories.cat_order ASC"; - if (is_allowed_to_edit(false,true)) - { - $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties - WHERE forum_categories.cat_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM_CATEGORY."' - $session_condition - ORDER BY forum_categories.cat_order ASC"; - } - } - else - { - $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties - WHERE forum_categories.cat_id=item_properties.ref - AND item_properties.tool='".TOOL_FORUM_CATEGORY."' - AND forum_categories.cat_id='".Database::escape_string($id)."' - $session_condition - ORDER BY forum_categories.cat_order ASC"; - } - $result=api_sql_query($sql,__FILE__,__LINE__); - while ($row=Database::fetch_array($result)) - { - if($row['session_id']>0) - { - $sql_session = 'SELECT name FROM '.Database::get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$row['session_id']; - $rs_session = api_sql_query($sql_session,__FILE__,__LINE__); - $row['session_name'] = mysql_result($rs_session,0,0); - } - if ($id=='') - { - $forum_categories_list[$row['cat_id']]=$row; - } - else - { - $forum_categories_list=$row; - } - } - return $forum_categories_list; -} - -/** -* This function retrieves all the fora in a given forum category -* -* @param integer $cat_id the id of the forum category -* @return an array containing all the information about the forums (regardless of their category) -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_forums_in_category($cat_id) -{ - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_category='".Database::escape_string($cat_id)."' - AND forum.forum_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM."' - ORDER BY forum.forum_order ASC"; - if (is_allowed_to_edit(false,true)) - { - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_category='".Database::escape_string($cat_id)."' - AND forum.forum_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM."' - ORDER BY forum_order ASC"; - } - $result=api_sql_query($sql,__FILE__,__LINE__); - while ($row=Database::fetch_array($result)) - { - $forum_list[$row['forum_id']]=$row; - } - return $forum_list; -} -/** -* Retrieve all the forums (regardless of their category) or of only one. The forums are sorted according to the forum_order. -* Since it does not take the forum category into account there probably will be two or more forums that have forum_order=1, ... -* -* @return an array containing all the information about the forums (regardless of their category) -* @todo check $sql4 because this one really looks fishy. -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_forums($id='') -{ - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - // **************** GETTING ALL THE FORUMS ************************* // - - $session_condition = isset($_SESSION['id_session']) ? 'AND forum.session_id IN (0,'.intval($_SESSION['id_session']).')' : ''; - $forum_list = array(); - if ($id=='') - { - //-------------- Student -----------------// - // select all the forum information of all forums (that are visible to students) - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM."' - $session_condition - ORDER BY forum.forum_order ASC"; - // select the number of threads of the forums (only the threads that are visible) - $sql2="SELECT count(*) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties - WHERE threads.thread_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - GROUP BY threads.forum_id"; - // select the number of posts of the forum (post that are visible and that are in a thread that is visible) - $sql3="SELECT count(*) AS number_of_posts, posts.forum_id FROM $table_posts posts, $table_threads threads, ".$table_item_property." item_properties - WHERE posts.visible=1 - AND posts.thread_id=threads.thread_id - AND threads.thread_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - GROUP BY threads.forum_id"; - - //-------------- Course Admin -----------------// - if (is_allowed_to_edit(false,true)) - { - // select all the forum information of all forums (that are not deleted) - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM."' - $session_condition - ORDER BY forum_order ASC"; - //echo $sql.'
'; - // select the number of threads of the forums (only the threads that are not deleted) - $sql2="SELECT count(*) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties - WHERE threads.thread_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - GROUP BY threads.forum_id"; - //echo $sql2.'
'; - // select the number of posts of the forum - $sql3="SELECT count(*) AS number_of_posts, forum_id FROM $table_posts GROUP BY forum_id"; - //echo $sql3.'
'; - } - - - } - // **************** GETTING ONE SPECIFIC FORUM ************************* // - // We could do the splitup into student and course admin also but we want to have as much as information about a certain forum as possible - // so we do not take too much information into account. This function (or this section of the function) is namely used to fill the forms - // when editing a forum (and for the moment it is the only place where we use this part of the function) - else - { - // select all the forum information of the given forum (that is not deleted) - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_id=item_properties.ref - AND forum_id='".Database::escape_string($id)."' - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM."' - $session_condition - ORDER BY forum_order ASC"; - // select the number of threads of the forum - $sql2="SELECT count(*) AS number_of_threads, forum_id FROM $table_threads WHERE forum_id=".Database::escape_string($id)." GROUP BY forum_id"; - // select the number of posts of the forum - $sql3="SELECT count(*) AS number_of_posts, forum_id FROM $table_posts WHERE forum_id=".Database::escape_string($id)." GROUP BY forum_id"; - // select the last post and the poster (note: this is probably no longer needed) - $sql4="SELECT post.post_id, post.forum_id, post.poster_id, post.poster_name, post.post_date, users.lastname, users.firstname - FROM $table_posts post, $table_users users - WHERE forum_id=".Database::escape_string($id)." - AND post.poster_id=users.user_id - GROUP BY post.forum_id - ORDER BY post.post_id ASC"; - } - // handling all the forum information - $result=api_sql_query($sql,__FILE__,__LINE__); - while ($row=Database::fetch_array($result)) - { - if($row['session_id']>0) - { - $sql_session = 'SELECT name FROM '.Database::get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$row['session_id']; - $rs_session = api_sql_query($sql_session,__FILE__,__LINE__); - $row['session_name'] = mysql_result($rs_session,0,0); - } - if ($id=='') - { - $forum_list[$row['forum_id']]=$row; - } - else - { - $forum_list=$row; - } - } - - // handling the threadcount information - $result2=api_sql_query($sql2,__FILE__,__LINE__); - while ($row2=Database::fetch_array($result2)) - { - if ($id=='') - { - $forum_list[$row2['forum_id']]['number_of_threads']=$row2['number_of_threads']; - } - else - { - $forum_list['number_of_threads']=$row2['number_of_threads'];; - } - } - // handling the postcount information - $result3=api_sql_query($sql3,__FILE__,__LINE__); - while ($row3=Database::fetch_array($result3)) - { - if ($id=='') - { - if (array_key_exists($row3['forum_id'],$forum_list)) // this is needed because sql3 takes also the deleted forums into account - { - $forum_list[$row3['forum_id']]['number_of_posts']=$row3['number_of_posts']; - } - } - else - { - $forum_list['number_of_posts']=$row3['number_of_posts']; - } - } - - // finding the last post information (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname) - if ($id=='') - { - if(is_array($forum_list)) - { - foreach ($forum_list as $key=>$value) - { - $last_post_info_of_forum=get_last_post_information($key,is_allowed_to_edit(false,true)); - $forum_list[$key]['last_post_id']=$last_post_info_of_forum['last_post_id']; - $forum_list[$key]['last_poster_id']=$last_post_info_of_forum['last_poster_id']; - $forum_list[$key]['last_post_date']=$last_post_info_of_forum['last_post_date']; - $forum_list[$key]['last_poster_name']=$last_post_info_of_forum['last_poster_name']; - $forum_list[$key]['last_poster_lastname']=$last_post_info_of_forum['last_poster_lastname']; - $forum_list[$key]['last_poster_firstname']=$last_post_info_of_forum['last_poster_firstname']; - } - } - else - { - $forum_list = array(); - } - } - else - { - $last_post_info_of_forum=get_last_post_information($id,is_allowed_to_edit(false,true)); - $forum_list['last_post_id']=$last_post_info_of_forum['last_post_id']; - $forum_list['last_poster_id']=$last_post_info_of_forum['last_poster_id']; - $forum_list['last_post_date']=$last_post_info_of_forum['last_post_date']; - $forum_list['last_poster_name']=$last_post_info_of_forum['last_poster_name']; - $forum_list['last_poster_lastname']=$last_post_info_of_forum['last_poster_lastname']; - $forum_list['last_poster_firstname']=$last_post_info_of_forum['last_poster_firstname']; - } - return $forum_list; -} - -/** -* This functions gets all the last post information of a certain forum -* -* @param $forum_id the id of the forum we want to know the last post information of. -* @param $show_invisibles -* @return array containing all the information about the last post (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname) -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_last_post_information($forum_id, $show_invisibles=false) -{ - - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - $sql="SELECT post.post_id, post.forum_id, post.poster_id, post.poster_name, post.post_date, users.lastname, users.firstname, post.visible, thread_properties.visibility AS thread_visibility, forum_properties.visibility AS forum_visibility - FROM $table_posts post, $table_users users, $table_item_property thread_properties, $table_item_property forum_properties - WHERE post.forum_id=".Database::escape_string($forum_id)." - AND post.poster_id=users.user_id - AND post.thread_id=thread_properties.ref - AND thread_properties.tool='".TOOL_FORUM_THREAD."' - AND post.forum_id=forum_properties.ref - AND forum_properties.tool='".TOOL_FORUM."' - ORDER BY post.post_id DESC"; - $result=api_sql_query($sql,__LINE__,__FILE__); - if ($show_invisibles==true) - { - $row=Database::fetch_array($result); - $return_array['last_post_id']=$row['post_id']; - $return_array['last_poster_id']=$row['poster_id']; - $return_array['last_post_date']=$row['post_date']; - $return_array['last_poster_name']=$row['poster_name']; - $return_array['last_poster_lastname']=$row['lastname']; - $return_array['last_poster_firstname']=$row['firstname']; - return $return_array; - } - else - { - // we have to loop through the results to find the first one that is actually visible to students (forum_category, forum, thread AND post are visible) - while ($row=Database::fetch_array($result)) - { - if ($row['visible']=='1' AND $row['thread_visibility']=='1' AND $row['forum_visibility']=='1') - { - $return_array['last_post_id']=$row['post_id']; - $return_array['last_poster_id']=$row['poster_id']; - $return_array['last_post_date']=$row['post_date']; - $return_array['last_poster_name']=$row['poster_name']; - $return_array['last_poster_lastname']=$row['lastname']; - $return_array['last_poster_firstname']=$row['firstname']; - return $return_array; - } - } - } -} - -/** -* Retrieve all the threads of a given forum -* -* @param -* @return an array containing all the information about the threads -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_threads($forum_id) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement - // because we also have thread.* in it. This is because thread has a field locked and post also has the same field - // since we are merging these we would have the post.locked value but in fact we want the thread.locked value - // This is why it is added to the end of the field selection - - - $sql = "SELECT thread.*, item_properties.*, post.*, users.firstname, users.lastname, users.user_id, - last_poster_users.firstname as last_poster_firstname , last_poster_users.lastname as last_poster_lastname, last_poster_users.user_id as last_poster_user_id, thread.locked as locked - FROM $table_threads thread - INNER JOIN $table_item_property item_properties - ON thread.thread_id=item_properties.ref - AND item_properties.visibility='1' - AND item_properties.tool='".TOOL_FORUM_THREAD."' - LEFT JOIN $table_users users - ON thread.thread_poster_id=users.user_id - LEFT JOIN $table_posts post - ON thread.thread_last_post = post.post_id - LEFT JOIN $table_users last_poster_users - ON post.poster_id= last_poster_users.user_id - WHERE thread.forum_id='".Database::escape_string($forum_id)."' - ORDER BY thread.thread_sticky DESC, thread.thread_date DESC"; - if (is_allowed_to_edit(false,true)) - { - // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement - // because we also have thread.* in it. This is because thread has a field locked and post also has the same field - // since we are merging these we would have the post.locked value but in fact we want the thread.locked value - // This is why it is added to the end of the field selection - $sql = "SELECT thread.*, item_properties.*, post.*, users.firstname, users.lastname, users.user_id, - last_poster_users.firstname as last_poster_firstname , last_poster_users.lastname as last_poster_lastname, last_poster_users.user_id as last_poster_user_id, thread.locked as locked - FROM $table_threads thread - INNER JOIN $table_item_property item_properties - ON thread.thread_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - LEFT JOIN $table_users users - ON thread.thread_poster_id=users.user_id - LEFT JOIN $table_posts post - ON thread.thread_last_post = post.post_id - LEFT JOIN $table_users last_poster_users - ON post.poster_id= last_poster_users.user_id - WHERE thread.forum_id='".Database::escape_string($forum_id)."' - ORDER BY thread.thread_sticky DESC, thread.thread_date DESC"; - } - $result=api_sql_query($sql, __FILE__, __LINE__); - while ($row=Database::fetch_array($result,'ASSOC')) - { - $thread_list[]=$row; - } - return $thread_list; -} - -/** -* Retrieve all posts of a given thread -* -* @return an array containing all the information about the posts of a given thread -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_posts($thread_id) -{ - - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - // note: change these SQL so that only the relevant fields of the user table are used - if (api_is_allowed_to_edit(false,true)) - { - $sql = "SELECT * FROM $table_posts posts - LEFT JOIN $table_users users - ON posts.poster_id=users.user_id - WHERE posts.thread_id='".Database::escape_string($thread_id)."' - ORDER BY posts.post_id ASC"; - } - else - { - // students can only se the posts that are approved (posts.visible='1') - $sql = "SELECT * FROM $table_posts posts - LEFT JOIN $table_users users - ON posts.poster_id=users.user_id - WHERE posts.thread_id='".Database::escape_string($thread_id)."' - AND posts.visible='1' - ORDER BY posts.post_id ASC"; - } - $result=api_sql_query($sql, __FILE__, __LINE__); - while ($row=Database::fetch_array($result)) - { - $post_list[]=$row; - } - return $post_list; -} - -/** -* This function return the html syntax for the image -* -* @param $image_url The url of the image (absolute or relative) -* @param $alt The alt text (when the images cannot be displayed). http://www.w3.org/TR/html4/struct/objects.html#adef-alt -* @param $title The title of the image. Most browsers display this as 'tool tip'. http://www.w3.org/TR/html4/struct/global.html#adef-title -* -* @todo this is the same as the Display::xxx function, so it can be removed => all calls have to be changed also -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function icon($image_url,$alt='',$title='') -{ - if ($title=='') - { - $title=$alt; - } - return ''.$alt.''; -} - -/************************************************************************** - NEW TOPIC FUNCTIONS -**************************************************************************/ - -/** -* This function retrieves all the information of a post -* -* @param $forum_id integer that indicates the forum -* @return array returns -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_post_information($post_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - $sql="SELECT * FROM ".$table_posts."posts, ".$table_users." users WHERE posts.poster_id=users.user_id AND posts.post_id='".Database::escape_string($post_id)."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - return $row; -} - - -/** -* This function retrieves all the information of a thread -* -* @param $forum_id integer that indicates the forum -* @return array returns -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_thread_information($thread_id) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - $sql="SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties - WHERE item_properties.tool='".TOOL_FORUM_THREAD."' - AND item_properties.ref='".(int)$thread_id."' - AND threads.thread_id='".(int)$thread_id."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - return $row; -} - -/** -* This function retrieves forum thread users details -* @param int Thread ID -* @param string Course DB name (optional) -* @return array Array of type ([user_id=>w,lastname=>x,firstname=>y,thread_id=>z],[]) -* @author Christian Fasanando , -* @version October 2008, dokeos 1.8 -*/ - -function get_thread_users_details($thread_id, $db_name = null) -{ - $t_posts = Database :: get_course_table(TABLE_FORUM_POST, (empty($db_name)?null:$db_name)); - $t_users = Database :: get_main_table(TABLE_MAIN_USER); - $sql = "SELECT DISTINCT user_id, lastname, firstname, thread_id - FROM $t_posts , $t_users - WHERE poster_id = user_id - AND thread_id = '".(int)$thread_id."' - AND status not in('1')"; - - $result = api_sql_query($sql, __FILE__, __LINE__); - return $result; -} - -/** -* This function retrieves qualified forum thread users -* @param int Thread ID -* @param string Course DB name (optional) -* @return array Array of type ([user_id=>w,lastname=>x,firstname=>y,thread_id=>z],[]) -* @author Jhon Hinojosa, -* @version October 2008, dokeos 1.8 -*/ - -function get_thread_users_qualify($thread_id, $db_name = null) -{ - $t_posts = Database :: get_course_table(TABLE_FORUM_POST, (empty($db_name)?null:$db_name)); - $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY, (empty($db_name)?null:$db_name)); - $t_users = Database :: get_main_table(TABLE_MAIN_USER); - - $sql = "SELECT post.poster_id, user.lastname, user.firstname, post.thread_id,user.user_id,qualify.qualify - FROM $t_posts post, $t_qualify qualify, $t_users user - WHERE post.poster_id = user.user_id - AND post.poster_id = qualify.user_id - AND qualify.thread_id = '".(int)$thread_id."' - AND user.status not in('1') - GROUP BY post.poster_id "; - $result = api_sql_query($sql, __FILE__, __LINE__); - return $result; -} - -/** -* This function retrieves unqualified forum thread users -* @param int Thread ID -* @param string Course DB name (optional) -* @return array Array of type ([user_id=>w,lastname=>x,firstname=>y,thread_id=>z],[]) -* @author Christian Fasanando, -* @version October 2008, dokeos 1.8 -*/ - -function get_thread_users_not_qualify($thread_id, $db_name = null) -{ - $t_posts = Database :: get_course_table(TABLE_FORUM_POST, (empty($db_name)?null:$db_name)); - $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY, (empty($db_name)?null:$db_name)); - $t_users = Database :: get_main_table(TABLE_MAIN_USER); - - $sql1 = "select user_id FROM $t_qualify WHERE thread_id = '".(int)$thread_id."'"; - $result1 = api_sql_query($sql1,__FILE__,__LINE__); - $cad=''; - while ($row=Database::fetch_array($result1)) - { - $cad .= $row['user_id'].','; - } - if($cad=='') - { - $cad='0'; - } - else - { - $cad=substr($cad,0,strlen($cad)-1); - } - $sql = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, post.thread_id - FROM $t_posts post, $t_users user - WHERE post.poster_id = user.user_id - AND user.user_id NOT IN (".$cad.") - AND post.thread_id = '".(int)$thread_id."' - AND user.status not in('1')"; - - $result = api_sql_query($sql, __FILE__, __LINE__); - return $result; -} - - -/** -* This function retrieves all the information of a given forum_id -* -* @param $forum_id integer that indicates the forum -* @return array returns -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -* -* @deprecated this functionality is now moved to get_forums($forum_id) -*/ -function get_forum_information($forum_id) -{ - - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - $table_forums = Database :: get_course_table(TABLE_FORUM); - - $sql="SELECT * FROM ".$table_forums." forums, ".$table_item_property." item_properties - WHERE item_properties.tool='".TOOL_FORUM."' - AND item_properties.ref='".(int)$forum_id."' - AND forums.forum_id='".(int)$forum_id."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - $row['approval_direct_post'] = 0; // we can't anymore change this option, so it should always be activated - return $row; -} - -/** -* This function retrieves all the information of a given forumcategory id -* -* @param $forum_id integer that indicates the forum -* @return array returns -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_forumcategory_information($cat_id) -{ - $table_categories = Database :: get_course_table(TABLE_FORUM_CATEGORY); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - $sql="SELECT * FROM ".$table_categories." forumcategories, ".$table_item_property." item_properties - WHERE item_properties.tool='".TOOL_FORUM_CATEGORY."' - AND item_properties.ref='".Database::escape_string($cat_id)."' - AND forumcategories.cat_id='".Database::escape_string($cat_id)."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - return $row; -} - -/** -* This function counts the number of forums inside a given category -* -* @param $cat_id the id of the forum category -* @todo an additional parameter that takes the visibility into account. For instance $countinvisible=0 would return the number -* of visible forums, $countinvisible=1 would return the number of visible and invisible forums -* @return int the number of forums inside the given category -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function count_number_of_forums_in_category($cat_id) -{ - $table_forums = Database :: get_course_table(TABLE_FORUM); - - $sql="SELECT count(*) AS number_of_forums FROM ".$table_forums." WHERE forum_category='".Database::escape_string($cat_id)."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - return $row['number_of_forums']; -} - -/** -* This function stores a new thread. This is done through an entry in the forum_thread table AND -* in the forum_post table because. The threads are also stored in the item_property table. (forum posts are not (yet)) -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_thread($values) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - global $_user; - global $_course; - global $current_forum; - global $origin; - global $forum_table_attachment; - - $upload_ok=1; - $has_attachment=false; - - if(!empty($_FILES['user_upload']['name'])) - { - $upload_ok = process_uploaded_file($_FILES['user_upload']); - $has_attachment=true; - } - - - if($upload_ok) - { - - $post_date=date('Y-m-d H:i:s'); - - if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) - { - $visible=0; // the post is not approved yet. - } - else - { - $visible=1; - } - - $clean_post_title=Security::remove_XSS(Database::escape_string(htmlspecialchars($values['post_title']))); - - // We first store an entry in the forum_thread table because the thread_id is used in the forum_post table - $sql="INSERT INTO $table_threads (thread_title, forum_id, thread_poster_id, thread_poster_name, thread_date, thread_sticky,thread_title_qualify,thread_qualify_max) - VALUES ('".$clean_post_title."', - '".Database::escape_string($values['forum_id'])."', - '".Database::escape_string($_user['user_id'])."', - '".Database::escape_string($values['poster_name'])."', - '".Database::escape_string($post_date)."', - '".Database::escape_string($values['thread_sticky'])."'," . - "'".Database::escape_string($values['calification_notebook_title'])."'," . - "'".Database::escape_string($values['numeric_calification'])."')"; - $result=api_sql_query($sql, __LINE__, __FILE__); - $last_thread_id=Database::insert_id(); - - //add option gradebook qualify - - if($values['thread_qualify_gradebook']=='1'){ - //add function gradebook - $coursecode=api_get_course_id(); - $resourcetype=5; - $resourceid=$last_thread_id; - $resourcename=$values['calification_notebook_title']; - $maxqualify=$values['numeric_calification']; - $resourcedescription=''; - $sessionid=api_get_session_id(); - - //is_resource_in_course_gradebook($course_code, $resource_type, $resource_id); - add_resource_to_course_gradebook($coursecode,$resourcetype,$resourceid,$resourcename,0,$maxqualify,$resourcedescription,null,0,$sessionid); - - } - $my_user_id = api_get_user_id(); - api_item_property_update($_course, TOOL_FORUM_THREAD, $last_thread_id,"ForumThreadAdded", $my_user_id); - // if the forum properties tell that the posts have to be approved we have to put the whole thread invisible - // because otherwise the students will see the thread and not the post in the thread. - // we also have to change $visible because the post itself has to be visible in this case (otherwise the teacher would have - // to make the thread visible AND the post - - if ($visible==0) - { - api_item_property_update($_course, TOOL_FORUM_THREAD, $last_thread_id,"invisible", $my_user_id); - $visible=1; - } - - - // We now store the content in the table_post table - $sql="INSERT INTO $table_posts (post_title, post_text, thread_id, forum_id, poster_id, poster_name, post_date, post_notification, post_parent_id, visible) - VALUES ('".$clean_post_title."', - '".Database::escape_string($values['post_text'])."', - '".Database::escape_string($last_thread_id)."', - '".Database::escape_string($values['forum_id'])."', - '".Database::escape_string($_user['user_id'])."', - '".Database::escape_string($values['poster_name'])."', - '".Database::escape_string($post_date)."', - '".Database::escape_string($values['post_notification'])."','0', - '".Database::escape_string($visible)."')"; - api_sql_query($sql, __LINE__, __FILE__); - $last_post_id=Database::insert_id(); - - // now have to update the thread table to fill the thread_last_post field (so that we know when the thread has been updated for the last time) - $sql="UPDATE $table_threads SET thread_last_post='".Database::escape_string($last_post_id)."' WHERE thread_id='".Database::escape_string($last_thread_id)."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - $message=get_lang('NewThreadStored'); - - - // Storing the attachments if any - if ($has_attachment) - { - $courseDir = $_course['path'].'/upload/forum'; - $sys_course_path = api_get_path(SYS_COURSE_PATH); - $updir = $sys_course_path.$courseDir; - - // Try to add an extension to the file if it hasn't one - $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); - - // user's file name - $file_name =$_FILES['user_upload']['name']; - - if (!filter_extension($new_file_name)) - { - Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); - } - else - { - $new_file_name = uniqid(''); - $new_path=$updir.'/'.$new_file_name; - $result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); - $comment=$values['file_comment']; - - // Storing the attachments if any - if ($result) - { - $sql='INSERT INTO '.$forum_table_attachment.'(filename,comment, path, post_id,size) '. - "VALUES ( '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$last_post_id."', '".$_FILES['user_upload']['size']."' )"; - $result=api_sql_query($sql, __LINE__, __FILE__); - $message.=' / '.get_lang('FileUploadSucces').'
'; - - $last_id=Database::insert_id(); - api_item_property_update($_course, TOOL_FORUM_ATTACH, $last_id ,'ForumAttachmentAdded', api_get_user_id()); - - } - } - } - else - { - $message.='
'; - } - - if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) - { - $message.=get_lang('MessageHasToBeApproved').'
'; - $message.=get_lang('ReturnTo').' '.get_lang('Forum').'
'; - } - else - { - $message.=get_lang('ReturnTo').' '.get_lang('Forum').'
'; - $message.=get_lang('ReturnTo').' '.get_lang('Message').''; - } - $reply_info['new_post_id'] = $last_post_id; - - if ($values['post_notification'] == 1) - { - set_notification('thread',$last_thread_id, true); - } - - send_notification_mails($last_thread_id,$reply_info); - session_unregister('formelements'); - session_unregister('origin'); - session_unregister('breadcrumbs'); - session_unregister('addedresource'); - session_unregister('addedresourceid'); - - Display :: display_confirmation_message($message,false); - } - else - { - Display::display_error_message(get_lang('UplNoFileUploaded')); - } -} -/** -* This function displays the form that is used to add a post. This can be a new thread or a reply. -* @param $action is the parameter that determines if we are -* 1. newthread: adding a new thread (both empty) => No I-frame -* 2. replythread: Replying to a thread ($action = replythread) => I-frame with the complete thread (if enabled) -* 3. replymessage: Replying to a message ($action =replymessage) => I-frame with the complete thread (if enabled) (I first thought to put and I-frame with the message only) -* 4. quote: Quoting a message ($action= quotemessage) => I-frame with the complete thread (if enabled). The message will be in the reply. (I first thought not to put an I-frame here) -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function show_add_post_form($action='', $id='', $form_values='') -{ - global $forum_setting; - global $current_forum; - global $_user; - global $origin; - global $charset; - - // initiate the object - $form = new FormValidator('thread', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin); - $form->setConstants(array('forum' => '5')); - - // settting the form elements - $form->addElement('hidden', 'forum_id', strval(intval($_GET['forum']))); - $form->addElement('hidden', 'thread_id', strval(intval($_GET['thread']))); - - // if anonymous posts are allowed we also display a form to allow the user to put his name or username in - if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id'])) - { - $form->addElement('text', 'poster_name', get_lang('Name')); - } - - $form->addElement('text', 'post_title', get_lang('Title'),'class="input_titles"'); - $form->addElement('html_editor', 'post_text', get_lang('Text')); - - if ($forum_setting['allow_post_notificiation'] AND isset($_user['user_id'])) - { - $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail').' ('.$_user['mail'].')'); - } - - if ($forum_setting['allow_sticky'] AND api_is_allowed_to_edit() AND $action=='newthread') - { - $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost')); - } - - if ($current_forum['allow_attachments']=='1' OR api_is_allowed_to_edit()) - { - //$form->add_resource_button(); - $values = $form->exportValues(); - } - - // user upload - $form->addElement('html','
'.get_lang('AddAnAttachment').'


'); - $form->addElement('file','user_upload',ucwords(get_lang('FileName')),''); - $form->addElement('textarea','file_comment',get_lang('FileComment'),array ('rows' => 4, 'cols' => 34)); - - $userid =api_get_user_id(); - $info =api_get_user_info($userid); - $courseid=api_get_course_id(); - - if($info['status']!='5' && $info['status']!='6' && $_GET['action']!="replythread"&&(!$_GET['cidReq']) && !$_GET['forum']) - { - // thread qualify - $form->addElement('static','Group', '
'.get_lang('QualifyThread').''); - $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook')); - $form->addElement('html','
'); - $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook')); - $form->addElement('text', 'numeric_calification', get_lang('QualifyNumeric'),'Style="width:40px"'); - $form->addElement('html','
'); - } - - $form->addElement('submit', 'SubmitPost', get_lang('OK')); - $form->add_real_progress_bar('DocumentUpload','user_upload'); - - if (!empty($form_values)) - { - $defaults['post_title']=prepare4display(Security::remove_XSS($form_values['post_title'])); - $defaults['post_text']=prepare4display(Security::remove_XSS($form_values['post_text'])); - $defaults['post_notification']=Security::remove_XSS($form_values['post_notification']); - $defaults['thread_sticky']=Security::remove_XSS($form_values['thread_sticky']); - } - - // if we are quoting a message we have to retrieve the information of the post we are quoting so that - // we can add this as default to the textarea - if (($action=='quote' OR $action=='replymessage') and isset($_GET['post'])) - { - // we also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!) - $form->addElement('hidden', 'post_parent_id', strval(intval($_GET['post']))); // note this has to be cleaned first - - // if we are replying or are quoting then we display a default title. - $values=get_post_information($_GET['post']); // note: this has to be cleaned first - $defaults['post_title']=get_lang('ReplyShort').html_entity_decode($values['post_title'],ENT_QUOTES,$charset); - // When we are quoting a message then we have to put that message into the wysiwyg editor. - // note: the style has to be hardcoded here because using class="quote" didn't work - if($action=='quote') - { - $defaults['post_text']='
 
'.get_lang('Quoting').' '.$values['firstname'].' '.$values['lastname'].':
'.prepare4display($values['post_text']).'
 
 
'; - } - } - $form->setDefaults($defaults); - - // the course admin can make a thread sticky (=appears with special icon and always on top) - $form->addRule('post_title', '
'.get_lang('ThisFieldIsRequired'), 'required'); - if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id'])) - { - $form->addRule('poster_name', '
'.get_lang('ThisFieldIsRequired'), 'required'); - } - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - return $values; - } - else - { - $form->display(); - echo '
'; - if ($forum_setting['show_thread_iframe_on_reply'] and $action<>'newthread') - { - echo ""; - } - } -} -/** - * this function stores the qualified thread -* @param integer contains the information of current user_id -* @param integer contains the information of current thread_id -* @param integer contains the information of current thread_qualify -* @param integer contains the information of current qualify_user_id -* @param date contains the information of current qualify_time -* @param integer contains the information of current session_id -* @return integer contains the information of current thread_qualify; -* @author Isaac Flores , U.N.A.S University -* @version October 2008, dokeos 1.8.6 - **/ -function store_theme_qualify($user_id,$thread_id,$thread_qualify=0,$qualify_user_id=0,$qualify_time,$session_id=null) -{ - $table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY,''); - $table_threads = Database::get_course_table(TABLE_FORUM_THREAD,''); - - if ($user_id==strval(intval($user_id)) && $thread_id==strval(intval($thread_id)) && $thread_qualify==strval(intval($thread_qualify))) { - - //testing - - $sql_string="SELECT thread_qualify_max FROM ". $table_threads ." WHERE thread_id=".Database::escape_string($thread_id).""; - $res_string=api_sql_query($sql_string,__FILE__,__LINE__); - $row_string=Database::fetch_array($res_string); - - if($thread_qualify<=$row_string[0]){ - - $sql1="SELECT COUNT(*) FROM ".$table_threads_qualify." WHERE user_id=".Database::escape_string($user_id)." and thread_id=".Database::escape_string($thread_id).""; - $res1=api_sql_query($sql1); - $row=Database::fetch_array($res1); - - if($row[0]==0){ - $sql="INSERT INTO $table_threads_qualify (user_id," . - "thread_id,qualify,qualify_user_id,qualify_time,session_id)" . - "VALUES('".Database::escape_string($user_id)."','".Database::escape_string($thread_id)."','".Database::escape_string($thread_qualify)."'," . - "'".Database::escape_string($qualify_user_id)."','".Database::escape_string($qualify_time)."','".Database::escape_string($session_id)."')"; - $res=api_sql_query($sql,__FILE__,__LINE__); - - return $res; - }else{ - - $sql1="SELECT qualify FROM ".$table_threads_qualify." WHERE user_id=".Database::escape_string($user_id)." and thread_id=".Database::escape_string($thread_id).""; - $rs=api_sql_query($sql1,__FILE__,__LINE__); - $row=Database::fetch_array($rs); - $row[1]="update"; - return $row; - - } - - }else{ - return false; - } - - } - -} -/** -* This function show qualify. -* @param string contains the information of option to run -* @param string contains the information the current course id -* @param integer contains the information the current forum id -* @param integer contains the information the current user id -* @param integer contains the information the current thread id -* @return integer qualify -* @example $option=1 obtained the qualification of the current thread -* @author Isaac Flores , U.N.A.S University -* @version October 2008, dokeos 1.8.6 -*/ - function show_qualify($option,$couser_id,$forum_id,$user_id,$thread_id){ - - $table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY,''); - $table_threads = Database::get_course_table(TABLE_FORUM_THREAD,''); - - if($user_id==strval(intval($user_id)) && $thread_id==strval(intval($thread_id)) && $option==1) - { - $sql="SELECT qualify FROM ".$table_threads_qualify." WHERE user_id=".Database::escape_string($user_id)." and thread_id=".Database::escape_string($thread_id).""; - $rs=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($rs); - return $row[0]; - } - - if($user_id==strval(intval($user_id)) && $option==2){ - - $sql="SELECT thread_qualify_Max FROM ".$table_threads." WHERE thread_id=".Database::escape_string($thread_id).""; - $rs=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($rs); - return $row[0]; - } - - } - -/** -* This function returns the qualification history -* @param integer contains the id of current user_id -* @param integer contains the id of current thread_id -* @param string contains the option id -* @return array Array of type ([user_id=>a,thread_id=>b,qualify=>c,qualify_user_id=>d,qualify_time=>e,session_id=>f],[]) -* @author Christian Fasanando , -* @version October 2008, dokeos 1.8.6 -*/ -function get_historical_qualify($user_id, $thread_id, $opt) { - - $table_threads_qualify_log = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY_LOG,''); - $opt = Database::escape_string($opt); - if($opt=='false') - { - $sql="SELECT user_id,thread_id,qualify,qualify_user_id,qualify_time,session_id FROM ".$table_threads_qualify_log." WHERE thread_id='".Database::escape_string($thread_id)."' and user_id='".Database::escape_string($user_id)."' ORDER BY qualify_time"; - } - else - { - $sql="SELECT user_id,thread_id,qualify,qualify_user_id,qualify_time,session_id FROM ".$table_threads_qualify_log." WHERE thread_id='".Database::escape_string($thread_id)."' and user_id='".Database::escape_string($user_id)."' ORDER BY qualify_time DESC"; - } - $rs=api_sql_query($sql,__FILE__,__LINE__); - $results = array(); - if (Database::num_rows($rs)>0) { - while ($row = Database::fetch_array($rs)) { - $results[] = $row; - } - } - return $results; -} - -/** -* -* This function store qualify historical. -* @param integer contains the information of option to run -* @param integer contains the information the current course id -* @param integer contains the information the current forum id -* @param integer contains the information the current user id -* @param integer contains the information the current thread id -* @param integer contains the information the current qualify -* @return -* @example $option=1 obtained the qualification of the current thread -* @author Isaac Flores , U.N.A.S University -* @version October 2008, dokeos 1.8.6 -*/ -function store_qualify_historical($option,$couser_id,$forum_id,$user_id,$thread_id,$current_qualify,$qualify_user_id){ - - $table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY,''); - $table_threads =Database::get_course_table(TABLE_FORUM_THREAD,''); - $table_threads_qualify_log=Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY_LOG,''); - $current_date=date('Y-m-d H:i:s'); - - - if($user_id==strval(intval($user_id)) && $thread_id==strval(intval($thread_id)) && $option==1){ - //extract information of thread_qualify - - $sql="SELECT qualify,qualify_time FROM ".$table_threads_qualify." WHERE user_id=".Database::escape_string($user_id)." and thread_id=".Database::escape_string($thread_id).""; - $rs=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($rs); - - //insert thread_historical - $sql1="INSERT INTO $table_threads_qualify_log (user_id," . - "thread_id,qualify,qualify_user_id,qualify_time,session_id)" . - "VALUES('".Database::escape_string($user_id)."','".Database::escape_string($thread_id)."','".Database::escape_string($row[0])."'," . - "'".Database::escape_string($qualify_user_id)."','".Database::escape_string($row[1])."','')"; - api_sql_query($sql1,__FILE__,__LINE__); - - //update - $sql2="UPDATE ".$table_threads_qualify." SET qualify=".Database::escape_string($current_qualify).",qualify_time='".Database::escape_string($current_date)."' WHERE user_id=".Database::escape_string($user_id)." and thread_id=".Database::escape_string($thread_id).""; - api_sql_query($sql2,__FILE__,__LINE__); - } -} - -/** -* This function stores a reply in the forum_post table. -* It also updates the forum_threads table (thread_replies +1 , thread_last_post, thread_date) -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_reply($values) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - global $forum_table_attachment; - global $_user; - global $_course; - global $current_forum; - global $origin; - - $post_date=date('Y-m-d H:i:s'); - if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) - { - $visible=0; // the post is not approved yet. - } - else - { - $visible=1; - } - - $upload_ok=1; - $has_attachment=false; - if(!empty($_FILES['user_upload']['name'])) - { - $upload_ok = process_uploaded_file($_FILES['user_upload']); - $has_attachment=true; - } - - if($upload_ok) - { - // We first store an entry in the forum_post table - $sql="INSERT INTO $table_posts (post_title, post_text, thread_id, forum_id, poster_id, post_date, post_notification, post_parent_id, visible) - VALUES ('".Database::escape_string($values['post_title'])."', - '".Database::escape_string($values['post_text'])."', - '".Database::escape_string($values['thread_id'])."', - '".Database::escape_string($values['forum_id'])."', - '".Database::escape_string($_user['user_id'])."', - '".Database::escape_string($post_date)."', - '".Database::escape_string($values['post_notification'])."', - '".Database::escape_string($values['post_parent_id'])."', - '".Database::escape_string($visible)."')"; - $result=api_sql_query($sql, __LINE__, __FILE__); - $new_post_id=Database::insert_id(); - $values['new_post_id']=$new_post_id; - - $message=get_lang('ReplyAdded'); - - if ($has_attachment) - { - $courseDir = $_course['path'].'/upload/forum'; - $sys_course_path = api_get_path(SYS_COURSE_PATH); - $updir = $sys_course_path.$courseDir; - - // Try to add an extension to the file if it hasn't one - $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); - - // user's file name - $file_name =$_FILES['user_upload']['name']; - - if (!filter_extension($new_file_name)) - { - Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); - } - else - { - $new_file_name = uniqid(''); - $new_path=$updir.'/'.$new_file_name; - $result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); - $comment=$values['file_comment']; - - // Storing the attachments if any - if ($result) - { - $sql='INSERT INTO '.$forum_table_attachment.'(filename,comment, path, post_id,size) '. - "VALUES ( '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$new_post_id."', '".$_FILES['user_upload']['size']."' )"; - $result=api_sql_query($sql, __LINE__, __FILE__); - $message.=' / '.get_lang('FileUploadSucces'); - $last_id=Database::insert_id(); - api_item_property_update($_course, TOOL_FORUM_ATTACH, $last_id ,'ForumAttachmentAdded', api_get_user_id()); - } - } - } - - // update the thread - update_thread($values['thread_id'], $new_post_id,$post_date); - - // update the forum - api_item_property_update($_course, TOOL_FORUM, $values['forum_id'],"NewMessageInForum", api_get_user_id()); - - if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) - { - $message.='
'.get_lang('MessageHasToBeApproved').'
'; - } - - $message.='
'.get_lang('ReturnTo').' '.get_lang('Forum').'
'; - $message.=get_lang('ReturnTo').' '.get_lang('Message').''; - - // setting the notification correctly - if ($values['post_notification'] == 1) - { - set_notification('thread',$values['thread_id'], true); - } - - send_notification_mails($values['thread_id'], $values); - - session_unregister('formelements'); - session_unregister('origin'); - session_unregister('breadcrumbs'); - session_unregister('addedresource'); - session_unregister('addedresourceid'); - - Display :: display_confirmation_message($message,false); - - } - else - { - Display::display_error_message(get_lang('UplNoFileUploaded')." ". get_lang('UplSelectFileFirst')); - } - -} - - -/** -* This function displays the form that is used to edit a post. This can be a new thread or a reply. -* @param array contains all the information about the current post -* @param array contains all the information about the current thread -* @param array contains all info about the current forum (to check if attachments are allowed) -* @param array contains the default values to fill the form -* @return void -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function show_edit_post_form($current_post, $current_thread, $current_forum, $form_values='') -{ - global $forum_setting; - global $_user; - - // initiate the object - $form = new FormValidator('edit_post', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post'])); - - // settting the form elements - $form->addElement('hidden', 'post_id', $current_post['post_id']); - $form->addElement('hidden', 'thread_id', $current_thread['thread_id']); - if ($current_post['post_parent_id']==0) - { - $form->addElement('hidden', 'is_first_post_of_thread', '1'); - } - $form->addElement('text', 'post_title', get_lang('Title'),'class="input_titles"'); - $form->addElement('html_editor', 'post_text', get_lang('Text')); - - if(!$_GET['edit']){ - $form->addElement('static','Group', '
'.get_lang('AlterQualifyThread').''); - $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook')); - $defaults['thread_qualify_gradebook']=is_resource_in_course_gradebook(api_get_course_id(),5,$_GET['thread'],api_get_session_id()); - //$form->addElement('check','check_list', '
'.get_lang('El tema es calificable')); - $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'),'value="'.$current_thread[12].'"'); - $form->addElement('text', 'numeric_calification', get_lang('QualifyNumeric'),'value="'.$current_thread[13].'" Style="width:40px"'); - //add gradebook - } - - if ($forum_setting['allow_post_notificiation']) - { - $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail').' ('.$current_post['email'].')'); - } - if ($forum_setting['allow_sticky'] and api_is_allowed_to_edit() and $current_post['post_parent_id']==0) // the sticky checkbox only appears when it is the first post of a thread - { - $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost')); - if ($current_thread['thread_sticky']==1) - { - $defaults['thread_sticky']=true; - } - } - if ($current_forum['allow_attachments']=='1' OR api_is_allowed_to_edit()) - { - if (empty($form_values) AND !$_POST['SubmitPost']) - { - //edit_added_resources('forum_post',$current_post['post_id']); - } - //$form->add_resource_button(); - $values = $form->exportValues(); - } - - - $form->addElement('submit', 'SubmitPost', get_lang('Ok')); - global $charset; - // setting the default values for the form elements - $defaults['post_title']=prepare4display(html_entity_decode($current_post['post_title'],ENT_QUOTES,$charset)); - $defaults['post_text']=prepare4display($current_post['post_text']); - if ($current_post['post_notification']==1) - { - $defaults['post_notification']=true; - } - - if (!empty($form_values)) - { - $defaults['post_title']=Security::remove_XSS($form_values['post_title']); - $defaults['post_text']=Security::remove_XSS($form_values['post_text']); - $defaults['post_notification']=Security::remove_XSS($form_values['post_notification']); - $defaults['thread_sticky']=Security::remove_XSS($form_values['thread_sticky']); - } - - $form->setDefaults($defaults); - - // the course admin can make a thread sticky (=appears with special icon and always on top) - - $form->addRule('post_title', '
'.get_lang('ThisFieldIsRequired'), 'required'); - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - return $values; - } - else - { - $form->display(); - } -} - -/** -* This function stores the edit of a post in the forum_post table. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_edit_post($values) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - // first we check if the change affects the thread and if so we commit the changes (sticky and post_title=thread_title are relevant) - if (array_key_exists('is_first_post_of_thread',$values) AND $values['is_first_post_of_thread']=='1') - { - $sql="UPDATE $table_threads SET thread_title='".Database::escape_string($values['post_title'])."', - thread_sticky='".Database::escape_string($values['thread_sticky'])."'," . - "thread_title_qualify='".Database::escape_string($values['calification_notebook_title'])."'," . - "thread_qualify_max='".Database::escape_string($values['numeric_calification'])."' - WHERE thread_id='".Database::escape_string($values['thread_id'])."'"; - - api_sql_query($sql,__FILE__, __LINE__); - } - - // update the post_title and the post_text - $sql="UPDATE $table_posts SET post_title='".Database::escape_string($values['post_title'])."', - post_text='".Database::escape_string($values['post_text'])."', - post_notification='".Database::escape_string($values['post_notification'])."' - WHERE post_id='".Database::escape_string($values['post_id'])."'"; - //error_log($sql); - api_sql_query($sql,__FILE__, __LINE__); - - if (api_is_course_admin()==true) { - $ccode = api_get_course_id(); - $sid = api_get_session_id(); - //var_dump($values); - $link_id = is_resource_in_course_gradebook($ccode,5,$values['thread_id'],$sid); - if ($values['thread_qualify_gradebook']!=1) { - if ($link_id !== false) { - remove_resource_from_course_gradebook($link_id); - } - } else { - if ($link_id === false) { - add_resource_to_course_gradebook($ccode,5,$values['thread_id'],Database::escape_string($values['calification_notebook_title']),0,$values['numeric_calification'],null,null,0,$sid); - } - } - } - // Storing the attachments if any - //update_added_resources('forum_post',$values['post_id']); - - $message=get_lang('EditPostStored').'
'; - $message.=get_lang('ReturnTo').' '.get_lang('Forum').'
'; - $message.=get_lang('ReturnTo').' '.get_lang('Message').''; - - session_unregister('formelements'); - session_unregister('origin'); - session_unregister('breadcrumbs'); - session_unregister('addedresource'); - session_unregister('addedresourceid'); - - Display :: display_confirmation_message($message,false); -} - - -/** -* This function displays the firstname and lastname of the user as a link to the user tool. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function display_user_link($user_id, $name, $origin='') -{ - if ($user_id<>0) - { - return ''.$name.''; - } - else - { - return $name.' ('.get_lang('Anonymous').')'; - } -} - -/** -* This function displays the user image from the profile, with a link to the user's details. -* @param int User's database ID -* @param str User's name -* @return string An HTML with the anchor and the image of the user -* @author Julio Montoya -*/ - -function display_user_image($user_id,$name, $origin='') -{ - $link=''; - $attrb=array(); - - if ($user_id<>0) - { - $image_path = UserManager::get_user_picture_path_by_id($user_id,'web',false, true); - $image_repository = $image_path['dir']; - $existing_image = $image_path['file']; - return $link.''.$name.''; - } - else - { - return $link.''.$name.''; - } - -} - - -/** -* The thread view counter gets increased every time someone looks at the thread -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function increase_thread_view($thread_id) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $sql="UPDATE $table_threads SET thread_views=thread_views+1 WHERE thread_id='".Database::escape_string($thread_id)."'"; // this needs to be cleaned first - $result=api_sql_query($sql, __LINE__, __FILE__); -} - -/** -* The relies counter gets increased every time somebody replies to the thread -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function update_thread($thread_id, $last_post_id,$post_date) -{ - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - - $sql="UPDATE $table_threads SET thread_replies=thread_replies+1, - thread_last_post='".Database::escape_string($last_post_id)."', - thread_date='".Database::escape_string($post_date)."' WHERE thread_id='".Database::escape_string($thread_id)."'"; // this needs to be cleaned first - $result=api_sql_query($sql, __LINE__, __FILE__); -} - - - -/** -* This function is called when the user is not allowed in this forum/thread/... -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function forum_not_allowed_here() -{ - Display :: display_error_message(get_lang('NotAllowedHere')); - Display :: display_footer(); - exit; -} - -/** -* This function is used to find all the information about what's new in the forum tool -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_whats_new() -{ - global $_user; - global $_course; - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - - // note this has later to be replaced by the tool constant. But temporarily bb_forum is used since this is the only thing that is in the tracking currently. - //$tool=TOOL_FORUM; - $tool=TOOL_FORUM; // - // to do: remove this. For testing purposes only - //session_unregister('last_forum_access'); - //session_unregister('whatsnew_post_info'); - - if (!$_SESSION['last_forum_access']) - { - $tracking_last_tool_access=Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LASTACCESS); - $sql="SELECT * FROM ".$tracking_last_tool_access." WHERE access_user_id='".Database::escape_string($_user['user_id'])."' AND access_cours_code='".Database::escape_string($_course['sysCode'])."' AND access_tool='".Database::escape_string($tool)."'"; - $result=api_sql_query($sql,__FILE__,__LINE__); - $row=Database::fetch_array($result); - $_SESSION['last_forum_access']=$row['access_date']; - } - - if (!$_SESSION['whatsnew_post_info']) - { - if ($_SESSION['last_forum_access']<>'') - { - $whatsnew_post_info = array(); - $sql="SELECT * FROM".$table_posts."WHERE post_date>'".Database::escape_string($_SESSION['last_forum_access'])."'"; // note: check the performance of this query. - $result=api_sql_query($sql,__FILE__,__LINE__); - while ($row=Database::fetch_array($result)) - { - $whatsnew_post_info[$row['forum_id']][$row['thread_id']][$row['post_id']]=$row['post_date']; - } - $_SESSION['whatsnew_post_info']=$whatsnew_post_info; - } - } -} - -/** -* With this function we find the number of posts and topics in a given forum. -* -* @param -* @return -* -* @todo consider to call this function only once and let it return an array where the key is the forum id and the value is an array with number_of_topics and number of post -* as key of this array and the value as a value. This could reduce the number of queries needed (especially when there are more forums) -* @todo consider merging both in one query. -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -* -* @deprecated the counting mechanism is now inside the function get_forums -*/ -function get_post_topics_of_forum($forum_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - $sql="SELECT count(*) as number_of_posts FROM $table_posts WHERE forum_id='".$forum_id."'"; - if (api_is_allowed_to_edit(false,true)) - { - $sql="SELECT count(*) as number_of_posts - FROM $table_posts posts, $table_threads threads, $table_item_property item_property - WHERE posts.forum_id='".Database::escape_string($forum_id)."' - AND posts.thread_id=threads.thread_id - AND item_property.ref=threads.thread_id - AND item_property.visibility<>2 - AND item_property.tool='".TOOL_FORUM_THREAD."' - "; - } - else - { - $sql="SELECT count(*) as number_of_posts - FROM $table_posts posts, $table_threads threads, $table_item_property item_property - WHERE posts.forum_id='".Database::escape_string($forum_id)."' - AND posts.thread_id=threads.thread_id - AND item_property.ref=threads.thread_id - AND item_property.visibility=1 - AND posts.visible=1 - AND item_property.tool='".TOOL_FORUM_THREAD."' - "; - } - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - $number_of_posts=$row['number_of_posts']; - - // we could loop through the result array and count the number of different group_ids but I have chosen to use a second sql statement - if (api_is_allowed_to_edit(false,true)) - { - $sql="SELECT count(*) as number_of_topics - FROM $table_threads threads, $table_item_property item_property - WHERE threads.forum_id='".Database::escape_string($forum_id)."' - AND item_property.ref=threads.thread_id - AND item_property.visibility<>2 - AND item_property.tool='".TOOL_FORUM_THREAD."' - "; - } - else - { - $sql="SELECT count(*) as number_of_topics - FROM $table_threads threads, $table_item_property item_property - WHERE threads.forum_id='".Database::escape_string($forum_id)."' - AND item_property.ref=threads.thread_id - AND item_property.visibility=1 - AND item_property.tool='".TOOL_FORUM_THREAD."' - "; - } - $result=api_sql_query($sql, __FILE__, __LINE__); - $row=Database::fetch_array($result); - $number_of_topics=$row['number_of_topics']; - if ($number_of_topics=='') - { - $number_of_topics=0; // due to the nature of the group by this can result in an empty string. - } - - $return=array('number_of_topics'=>$number_of_topics, 'number_of_posts'=>$number_of_posts); - return $return; -} -/** -* This function approves a post = change -* -* @param $post_id the id of the post that will be deleted -* @param $action make the post visible or invisible -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function approve_post($post_id, $action) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - - if ($action=='invisible') - { - $visibility_value=0; - } - if ($action=='visible') - { - $visibility_value=1; - handle_mail_cue('post',$post_id); - } - - $sql="UPDATE $table_posts SET visible='".Database::escape_string($visibility_value)."' WHERE post_id='".Database::escape_string($post_id)."'"; - $return=api_sql_query($sql, __FILE__, __LINE__); - if ($return) - { - return 'PostVisibilityChanged'; - } -} - - -/** -* This function retrieves all the unapproved messages for a given forum -* This is needed to display the icon that there are unapproved messages in that thread (only the courseadmin can see this) -* -* @param $forum_id the forum where we want to know the unapproved messages of -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function get_unaproved_messages($forum_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - - $return_array=array(); - - $sql="SELECT DISTINCT thread_id FROM $table_posts WHERE forum_id='".Database::escape_string($forum_id)."' AND visible='0'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - while($row=Database::fetch_array($result)) - { - $return_array[]=$row['thread_id']; - } - return $return_array; -} - - -/** -* This function sends the notification mails to everybody who stated that they wanted to be informed when a new post -* was added to a given thread. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function send_notification_mails($thread_id, $reply_info) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - $table_mailcue = Database :: get_course_table(TABLE_FORUM_MAIL_QUEUE); - - // First we need to check if - // 1. the forum category is visible - // 2. the forum is visible - // 3. the thread is visible - // 4. the reply is visible (=when there is - $current_thread=get_thread_information($thread_id); - $current_forum=get_forum_information($current_thread['forum_id']); - $current_forum_category=get_forumcategory_information($current_forum['forum_category']); - if($current_thread['visibility']=='1' AND $current_forum['visibility']=='1' AND $current_forum_category['visibility']=='1' AND $current_forum['approval_direct_post']!='1') - { - $send_mails=true; - } - else - { - $send_mails=false; - } - - // the forum category, the forum, the thread and the reply are visible to the user - if ($send_mails==true) - { - send_notifications($current_thread['forum_id'],$thread_id); - } - else - { - $table_notification = Database::get_course_table('forum_notification'); - $sql = "SELECT * FROM $table_notification WHERE forum_id = '".Database::escape_string($current_forum['forum_id'])."' OR thread_id = '".Database::escape_string($thread_id)."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - while ($row=Database::fetch_array($result)) - { - $sql_mailcue="INSERT INTO $table_mailcue (thread_id, post_id) VALUES ('".Database::escape_string($thread_id)."', '".Database::escape_string($reply_info['new_post_id'])."')"; - $result_mailcue=api_sql_query($sql_mailcue, __LINE__, __FILE__); - } - } -} - -/** -* This function is called whenever something is made visible because there might be new posts and the user might have indicated that (s)he wanted -* to be informed about the new posts by mail. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function handle_mail_cue($content, $id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - $table_mailcue = Database :: get_course_table(TABLE_FORUM_MAIL_QUEUE); - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - - // if the post is made visible we only have to send mails to the people who indicated that they wanted to be informed for that thread. - if ($content=='post') - { - // getting the information about the post (need the thread_id) - $post_info=get_post_information($id); - - // sending the mail to all the users that wanted to be informed for replies on this thread. - $sql="SELECT users.firstname, users.lastname, users.user_id, users.email FROM $table_mailcue mailcue, $table_posts posts, $table_users users - WHERE posts.thread_id='".Database::escape_string($post_info['thread_id'])."' - AND posts.post_notification='1' - AND mailcue.thread_id='".Database::escape_string($post_info['thread_id'])."' - AND users.user_id=posts.poster_id - GROUP BY users.email"; - $result=api_sql_query($sql, __LINE__, __FILE__); - while ($row=Database::fetch_array($result)) - { - send_mail($row, get_thread_information($post_info['thread_id'])); - } - - // deleting the relevant entries from the mailcue - $sql_delete_mailcue="DELETE FROM $table_mailcue WHERE post_id='".Database::escape_string($id)."' AND thread_id='".Database::escape_string($post_info['thread_id'])."'"; - //$result=api_sql_query($sql_delete_mailcue, __LINE__, __FILE__); - } - elseif ($content=='thread') - { - // sending the mail to all the users that wanted to be informed for replies on this thread. - $sql="SELECT users.firstname, users.lastname, users.user_id, users.email FROM $table_mailcue mailcue, $table_posts posts, $table_users users - WHERE posts.thread_id='".Database::escape_string($id)."' - AND posts.post_notification='1' - AND mailcue.thread_id='".Database::escape_string($id)."' - AND users.user_id=posts.poster_id - GROUP BY users.email"; - $result=api_sql_query($sql, __LINE__, __FILE__); - while ($row=Database::fetch_array($result)) - { - send_mail($row, get_thread_information($id)); - } - - // deleting the relevant entries from the mailcue - $sql_delete_mailcue="DELETE FROM $table_mailcue WHERE thread_id='".Database::escape_string($id)."'"; - $result=api_sql_query($sql_delete_mailcue, __LINE__, __FILE__); - } - elseif ($content=='forum') - { - $sql="SELECT * FROM $table_threads WHERE forum_id='".Database::escape_string($id)."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - while ($row=Database::fetch_array($result)) - { - handle_mail_cue('thread',$row['thread_id']); - } - } - elseif ($content=='forum_category') - { - $sql="SELECT * FROM $table_forums WHERE forum_category ='".Database::escape_string($id)."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - while ($row=Database::fetch_array($result)) - { - handle_mail_cue('forum',$row['forum_id']); - } - } - else - { - return get_lang('Error'); - } -} -/** -* This function sends the mails for the mail notification -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function send_mail($user_info=array(), $thread_information=array()) -{ - global $_course; - global $_user; - - $email_subject = get_lang('NewForumPost')." - ".$_course['official_code']; - - if (isset($thread_information) and is_array($thread_information)) - { - $thread_link= api_get_path('WEB_CODE_PATH').'forum/viewthread.php?'.api_get_cidreq().'&forum='.$thread_information['forum_id'].'&thread='.$thread_information['thread_id']; - } - $email_body= $user_info['firstname']." ".$user_info['lastname']."\n\r"; - $email_body .= '['.$_course['official_code'].'] - ['.$_course['name']."]
\n"; - $email_body .= get_lang('NewForumPost')."\n"; - $email_body .= get_lang('YouWantedToStayInformed')."

\n"; - $email_body .= get_lang('ThreadCanBeFoundHere')." : ".$thread_link."\n"; - - //set the charset and use it for the encoding of the email - small fix, not really clean (should check the content encoding origin first) - //here we use the encoding used for the webpage where the text is encoded (ISO-8859-1 in this case) - if(empty($charset)){$charset='ISO-8859-1';} - - if ($user_info['user_id']<>$_user['user_id']) - { - $newmail = api_mail_html($user_info["lastname"].' '.$user_info["firstname"], $user_info["email"], $email_subject, $email_body, $_SESSION['_user']['lastName'].' '.$_SESSION['_user']['firstName'], $_SESSION['_user']['mail']); - } -} - -/** -* This function displays the form for moving a thread to a different (already existing) forum -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function move_thread_form() -{ - global $origin; - - // initiate the object - $form = new FormValidator('movepost', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin); - // the header for the form - $form->addElement('header', '', get_lang('MoveThread')); - // invisible form: the thread_id - $form->addElement('hidden', 'thread_id', strval(intval($_GET['thread']))); // note: this has to be cleaned first - - // the fora - $forum_categories=get_forum_categories(); - $forums=get_forums(); - - $htmlcontent="\n
\n\n"; - $form->addElement('html',$htmlcontent); - - // The OK button - $form->addElement('submit', 'SubmitForum', get_lang('OK')); - - // The validation or display - if( $form->validate()) - { - $values = $form->exportValues(); - if (isset($_POST['forum'])) - { - store_move_thread($values); - } - - } - else - { - $form->display(); - } -} - -/** -* This function displays the form for moving a post message to a different (already existing) or a new thread. -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function move_post_form() -{ - // initiate the object - $form = new FormValidator('movepost', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&post='.Security::remove_XSS($_GET['post'])); - // the header for the form - $form->addElement('header', '', get_lang('MovePost')); - - // invisible form: the post_id - $form->addElement('hidden', 'post_id', strval(intval($_GET['post']))); // note: this has to be cleaned first - - // dropdown list: Threads of this forum - $threads=get_threads(strval(intval($_GET['forum']))); // note: this has to be cleaned - //my_print_r($threads); - $threads_list[0]=get_lang('ANewThread'); - foreach ($threads as $key=>$value) - { - $threads_list[$value['thread_id']]=$value['thread_title']; - } - $form->addElement('select', 'thread', get_lang('MoveToThread'), $threads_list); - - - // The OK button - $form->addElement('submit', '', get_lang('OK')); - - // setting the rules - $form->addRule('thread', get_lang('ThisFieldIsRequired'), 'required'); - - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - store_move_post($values); - } - else - { - $form->display(); - } -} - -/** -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_move_post($values) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - global $_course; - - if ($values['thread']=='0') - { - $current_post=get_post_information($values['post_id']); - - // storing a new thread - $sql="INSERT INTO $table_threads (thread_title, forum_id, thread_poster_id, thread_poster_name, thread_last_post, thread_date) - VALUES ( - '".Database::escape_string($current_post['post_title'])."', - '".Database::escape_string($current_post['forum_id'])."', - '".Database::escape_string($current_post['poster_id'])."', - '".Database::escape_string($current_post['poster_name'])."', - '".Database::escape_string($values['post_id'])."', - '".Database::escape_string($current_post['post_date'])."' - )"; - $result=api_sql_query($sql, __LINE__, __FILE__); - $new_thread_id=Database::get_last_insert_id(); - api_item_property_update($_course, TOOL_FORUM_THREAD, $new_thread_id,"visible", $current_post['poster_id']); - - // moving the post to the newly created thread - $sql="UPDATE $table_posts SET thread_id='".Database::escape_string($new_thread_id)."', post_parent_id='0' WHERE post_id='".Database::escape_string($values['post_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - // resetting the parent_id of the thread to 0 for all those who had this moved post as parent - $sql="UPDATE $table_posts SET post_parent_id='0' WHERE post_parent_id='".Database::escape_string($values['post_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - // updating updating the number of threads in the forum - $sql="UPDATE $table_forums SET forum_threads=forum_threads+1 WHERE forum_id='".Database::escape_string($current_post['forum_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - // resetting the last post of the old thread and decreasing the number of replies and the thread - $sql="SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($current_post['thread_id'])."' ORDER BY post_id DESC"; - $result=api_sql_query($sql, __LINE__, __FILE__); - $row=Database::fetch_array($result); - $sql="UPDATE $table_threads SET thread_last_post='".$row['post_id']."', thread_replies=thread_replies-1 WHERE thread_id='".Database::escape_string($current_post['thread_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - } - else - { - // moving to the chosen thread - $sql="UPDATE $table_posts SET thread_id='".Database::escape_string($_POST['thread'])."', post_parent_id='0' WHERE post_id='".Database::escape_string($values['post_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - // resetting the parent_id of the thread to 0 for all those who had this moved post as parent - $sql="UPDATE $table_posts SET post_parent_id='0' WHERE post_parent_id='".Database::escape_string($values['post_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - } - - return get_lang('ThreadMoved'); -} - -/** -* -* @param -* @return -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function store_move_thread($values) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - global $_course; - - // change the thread table: setting the forum_id to the new forum - $sql="UPDATE $table_threads SET forum_id='".Database::escape_string($_POST['forum'])."' WHERE thread_id='".Database::escape_string($_POST['thread_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - // changing all the posts of the thread: setting the forum_id to the new forum - $sql="UPDATE $table_posts SET forum_id='".Database::escape_string($_POST['forum'])."' WHERE thread_id='".Database::escape_string($_POST['thread_id'])."'"; - $result=api_sql_query($sql, __LINE__, __FILE__); - - return get_lang('ThreadMoved'); -} - - -/** -* Prepares a string or an array of strings for display by stripping slashes -* @param mixed String or array of strings -* @return mixed String or array of strings -* -* @author Patrick Cool , Ghent University -* @version february 2006, dokeos 1.8 -*/ -function prepare4display($input='') -{ - $highlightcolors = array('yellow', '#33CC33','#3399CC', '#9999FF', '#33CC33'); - if (!is_array($input)) - { - if (!empty($_GET['search'])) - { - if (strstr($_GET['search'],'+')) - { - $search_terms = explode('+',$_GET['search']); - } - else - { - $search_terms[] = trim($_GET['search']); - } - $counter = 0; - foreach ($search_terms as $key=>$search_term) - { - $input = str_replace(trim(html_entity_decode($search_term)),''.trim(html_entity_decode($search_term)).'',$input); - $counter++; - } - } - return stripslashes($input); - } - else - { - $returnarray=array_walk($input, 'stripslashes'); - return $returnarray; - } -} - -/** - * Display the search form for the forum and display the search results - * - * @author Patrick Cool , Ghent University, Belgium - * @version march 2008, dokeos 1.8.5 - */ -function forum_search() -{ - // initiate the object - $form = new FormValidator('forumsearch'); - - // settting the form elements - $form->addElement('header', '', get_lang('ForumSearch')); - $form->addElement('text', 'search_term', get_lang('SearchTerm'),'class="input_titles"'); - $form->addElement('static', 'search_information', '', get_lang('ForumSearchInformation'), $dissertation[Security::remove_XSS($_GET['opleidingsonderdeelcode'])]['code']); - $form->addElement('submit', 'SubmitForumCategory', get_lang('Search')); - - // setting the rules - $form->addRule('search_term', '
'.get_lang('ThisFieldIsRequired'), 'required'); - $form->addRule('search_term', get_lang('TooShort'),'minlength',3); - - // The validation or display - if( $form->validate() ) - { - $values = $form->exportValues(); - $form->setDefaults($values); - $form->display(); - - // display the search results - display_forum_search_results($values['search_term']); - } - else - { - $form->display(); - } -} -/** - * Display the search results - * - * @author Patrick Cool , Ghent University, Belgium - * @version march 2008, dokeos 1.8.5 - */ -function display_forum_search_results($search_term) -{ - global $table_categories, $table_forums, $table_threads, $table_posts; - - // defining the search strings as an array - if (strstr($search_term,'+')) - { - $search_terms = explode('+',$search_term); - } - else - { - $search_terms[] = $search_term; - } - - // search restriction - foreach ($search_terms as $key => $value) - { - $search_restriction[] = "(posts.post_title LIKE '%".Database::escape_string(trim($value))."%' - OR posts.post_text LIKE '%".Database::escape_string(trim($value))."%')"; - } - - $sql = "SELECT * FROM $table_posts posts - WHERE ".implode(' AND ',$search_restriction)." - /*AND posts.thread_id = threads.thread_id*/ - GROUP BY posts.post_id"; - - // getting all the information of the forum categories - $forum_categories_list=get_forum_categories(); - - // getting all the information of the forums - $forum_list=get_forums(); - - $result = api_sql_query($sql, __FILE__, __LINE__); - while ($row = Database::fetch_array($result,'ASSOC')) - { - $display_result = false; - /* - we only show it when - 1. forum cateogory is visible - 2. forum is visible - 3. thread is visible (to do) - 4. post is visible - */ - if (!api_is_allowed_to_edit(false,true)) - { - if ($forum_categories_list[$row['forum_id']['forum_category']]['visibility'] == '1' AND $forum_list[$row['forum_id']]['visibility'] == '1' AND $row['visible'] == '1') - { - $display_result = true; - } - } - else - { - $display_result = true; - } - - if ($display_result == true) - { - $search_results_item = '
  • '.$forum_categories_list[$row['forum_id']['forum_category']]['cat_title'].' > '; - $search_results_item .= ''.$forum_list[$row['forum_id']]['forum_title'].' > '; - //$search_results_item .= 'THREAD > '; - $search_results_item .= ''.$row['post_title'].''; - $search_results_item .= '
    '; - if (strlen($row['post_title']) > 200 ) - { - $search_results_item .= substr(strip_tags($row['post_title']),0,200).'...'; - } - else - { - $search_results_item .= $row['post_title']; - } - $search_results_item .= '
    • '; - - - - $search_results[] = $search_results_item; - } - } - echo '
    '.count($search_results).' '.get_lang('ForumSearchResults').'
    '; - echo '
      '; - echo implode($search_results); - echo '
    '; -} - -/** - * Return the link to the forum search page - * - * @author Patrick Cool , Ghent University, Belgium - * @version April 2008, dokeos 1.8.5 - */ -function search_link() -{ - $return = ' '.Display::return_icon('search.gif', get_lang('Search')).' '.get_lang('Search').''; - if (!empty($_GET['search'])) - { - $return .= ': '.Security::remove_XSS($_GET['search']).' '; - $url = api_get_self().'?'; - foreach ($_GET as $key=>$value) - { - if ($key<>'search') - { - $url_parameter[]=Security::remove_XSS($key).'='.Security::remove_XSS($value); - } - } - $url = $url.implode('&',$url_parameter); - $return .= ''.Display::return_icon('delete.gif', get_lang('RemoveSearchResults')).''; - } - return $return; -} - -/** - * Show a list with all the attachments according to the post's id - * @param the post's id - * @return array with the post info - * @author Julio Montoya Dokeos - * @version avril 2008, dokeos 1.8.5 - */ - -function get_attachment($post_id) -{ - $forum_table_attachment = Database :: get_course_table(TABLE_FORUM_ATTACHMENT); - $row=array(); - $sql = 'SELECT path, filename,comment FROM '. $forum_table_attachment.' WHERE post_id ="'.$post_id.'"'; - $result=api_sql_query($sql, __FILE__, __LINE__); - if (Database::num_rows($result)!=0) - { - $row=Database::fetch_array($result); - } - return $row; -} -/** - * Delete the all the attachments from the DB and the file according to the post's id - * @param post id - * @author Julio Montoya Dokeos - * @version avril 2008, dokeos 1.8.5 - */ - -function delete_attachment($id) -{ - $forum_table_attachment = Database :: get_course_table(TABLE_FORUM_ATTACHMENT); - global $_course; - - $attach_list=get_attachment($id); - $sql = 'DELETE FROM '. $forum_table_attachment.' WHERE post_id ="'.$id.'"'; - $result=api_sql_query($sql, __FILE__, __LINE__); - - $courseDir = $_course['path'].'/upload/forum'; - $sys_course_path = api_get_path(SYS_COURSE_PATH); - $updir = $sys_course_path.$courseDir; - $file=$updir.'/'.$attach_list['path']; - - api_item_property_update($_course, TOOL_FORUM_ATTACH, $id ,'ForumAttachmentDelete', api_get_user_id()); - - if (Security::check_abs_path($file,$updir) ) - { - @ unlink($file); - } -} -/** - * This function gets all the forum information of the all the forum of the group - * - * @param integer $group_id the id of the group we need the fora of (see forum.forum_of_group) - * @return array - * - * @todo this is basically the same code as the get_forums function. Consider merging the two. - */ -function get_forums_of_group($group_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - $table_forums = Database :: get_course_table(TABLE_FORUM); - $table_threads = Database :: get_course_table(TABLE_FORUM_THREAD); - $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); - - //-------------- Student -----------------// - // select all the forum information of all forums (that are visible to students) - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_of_group = '".Database::escape_string($group_id)."' - AND forum.forum_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM."' - ORDER BY forum.forum_order ASC"; - // select the number of threads of the forums (only the threads that are visible) - $sql2="SELECT count(thread_id) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties - WHERE threads.thread_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - GROUP BY threads.forum_id"; - // select the number of posts of the forum (post that are visible and that are in a thread that is visible) - $sql3="SELECT count(post_id) AS number_of_posts, posts.forum_id FROM $table_posts posts, $table_threads threads, ".$table_item_property." item_properties - WHERE posts.visible=1 - AND posts.thread_id=threads.thread_id - AND threads.thread_id=item_properties.ref - AND item_properties.visibility=1 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - GROUP BY threads.forum_id"; - - //-------------- Course Admin -----------------// - if (is_allowed_to_edit(false,true)) - { - // select all the forum information of all forums (that are not deleted) - $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties - WHERE forum.forum_of_group = '".Database::escape_string($group_id)."' - AND forum.forum_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM."' - ORDER BY forum_order ASC"; - //echo $sql.'
    '; - // select the number of threads of the forums (only the threads that are not deleted) - $sql2="SELECT count(thread_id) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties - WHERE threads.thread_id=item_properties.ref - AND item_properties.visibility<>2 - AND item_properties.tool='".TOOL_FORUM_THREAD."' - GROUP BY threads.forum_id"; - //echo $sql2.'
    '; - // select the number of posts of the forum - $sql3="SELECT count(post_id) AS number_of_posts, forum_id FROM $table_posts GROUP BY forum_id"; - //echo $sql3.'
    '; - } - - // handling all the forum information - $result=api_sql_query($sql, __FILE__, __LINE__); - while ($row=Database::fetch_array($result,'ASSOC')) - { - $forum_list[$row['forum_id']]=$row; - } - - // handling the threadcount information - $result2=api_sql_query($sql2, __FILE__, __LINE__); - while ($row2=Database::fetch_array($result2,'ASSOC')) - { - if (is_array($forum_list)) - { - if (array_key_exists($row2['forum_id'],$forum_list)) - { - $forum_list[$row2['forum_id']]['number_of_threads']=$row2['number_of_threads']; - } - } - } - - // handling the postcount information - $result3=api_sql_query($sql3, __FILE__, __LINE__); - while ($row3=Database::fetch_array($result3,'ASSOC')) - { - if (is_array($forum_list)) - { - if (array_key_exists($row3['forum_id'],$forum_list)) // this is needed because sql3 takes also the deleted forums into account - { - $forum_list[$row3['forum_id']]['number_of_posts']=$row3['number_of_posts']; - } - } - } - - // finding the last post information (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname) - if (is_array($forum_list)) - { - foreach ($forum_list as $key=>$value) - { - $last_post_info_of_forum=get_last_post_information($key,is_allowed_to_edit(false,true)); - $forum_list[$key]['last_post_id']=$last_post_info_of_forum['last_post_id']; - $forum_list[$key]['last_poster_id']=$last_post_info_of_forum['last_poster_id']; - $forum_list[$key]['last_post_date']=$last_post_info_of_forum['last_post_date']; - $forum_list[$key]['last_poster_name']=$last_post_info_of_forum['last_poster_name']; - $forum_list[$key]['last_poster_lastname']=$last_post_info_of_forum['last_poster_lastname']; - $forum_list[$key]['last_poster_firstname']=$last_post_info_of_forum['last_poster_firstname']; - } - } - return $forum_list; -} - -/** - * This function stores which users have to be notified of which forums or threads - * - * @param string $content does the user want to be notified about a forum or about a thread - * @param integer $id the id of the forum or thread - * - * @author Patrick Cool , Ghent University, Belgium - * @version May 2008, dokeos 1.8.5 - * @since May 2008, dokeos 1.8.5 - */ -function set_notification($content,$id, $add_only = false) -{ - global $_user; - - // which database field do we have to store the id in? - if ($content == 'forum') - { - $database_field = 'forum_id'; - } - else - { - $database_field = 'thread_id'; - } - - // database table definition - $table_notification = Database::get_course_table('forum_notification'); - - // first we check if the notification is already set for this - $sql = "SELECT * FROM $table_notification WHERE $database_field = '".Database::escape_string($id)."' AND user_id = '".Database::escape_string($_user['user_id'])."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $total = mysql_num_rows($result); - - // if the user did not indicate that (s)he wanted to be notified already then we store the notification request (to prevent double notification requests) - if ($total <= 0) - { - $sql = "INSERT INTO $table_notification ($database_field, user_id) VALUES ('".Database::escape_string($id)."','".Database::escape_string($_user['user_id'])."')"; - $result=api_sql_query($sql, __FILE__, __LINE__); - api_session_unregister('forum_notification'); - get_notifications_of_user(0,true); - return get_lang('YouWillBeNotifiedOfNewPosts'); - } - else - { - if (!$add_only) - { - $sql = "DELETE FROM $table_notification WHERE $database_field = '".Database::escape_string($id)."' AND user_id = '".Database::escape_string($_user['user_id'])."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - api_session_unregister('forum_notification'); - get_notifications_of_user(0,true); - return get_lang('YouWillNoLongerBeNotifiedOfNewPosts'); - } - - } -} - -/** - * This function retrieves all the email adresses of the users who wanted to be notified - * about a new post in a certain forum or thread - * - * @param string $content does the user want to be notified about a forum or about a thread - * @param integer $id the id of the forum or thread - * - * @author Patrick Cool , Ghent University, Belgium - * @version May 2008, dokeos 1.8.5 - * @since May 2008, dokeos 1.8.5 - */ -function get_notifications($content,$id) -{ - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - // which database field contains the notification? - if ($content == 'forum') - { - $database_field = 'forum_id'; - } - else - { - $database_field = 'thread_id'; - } - - // database table definition - $table_notification = Database::get_course_table('forum_notification'); - - - $sql = "SELECT user.user_id, user.firstname, user.lastname, user.email, user.user_id user FROM $table_users user, $table_notification notification - WHERE user.user_id = notification.user_id - AND notification.$database_field= '".Database::escape_string($id)."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - $return = array(); - while ($row=Database::fetch_array($result)) - { - $return['user'.$row['user_id']]=array('email' => $row['email'], 'user_id' => $row['user_id']); - } - return $return; -} - -/** - * Get all the users who need to receive a notification of a new post (those subscribed to - * the forum or the thread) - * - * @param integer $forum_id the id of the forum - * @param integer $thread_id the id of the thread - * @param integer $post_id the id of the post - * @return unknown - * - * @author Patrick Cool , Ghent University, Belgium - * @version May 2008, dokeos 1.8.5 - * @since May 2008, dokeos 1.8.5 - */ -function send_notifications($forum_id=0, $thread_id=0, $post_id=0) -{ - global $_course; - - // the content of the mail - $email_subject = get_lang('NewForumPost')." - ".$_course['official_code']; - $thread_link= api_get_path('WEB_CODE_PATH').'forum/viewthread.php?'.api_get_cidreq().'&forum='.$forum_id.'&thread='.$thread_id; - $message .= $link; - - // users who subscribed to the forum - if ($forum_id<>0) - { - $users_to_be_notified_by_forum = get_notifications('forum',$forum_id); - } - else - { - return false; - } - - // user who subscribed to the thread - if ($thread_id<>0) - { - $users_to_be_notified_by_thread = get_notifications('thread',$thread_id); - } - - // merging the two - $users_to_be_notified = array_merge($users_to_be_notified_by_forum, $users_to_be_notified_by_thread); - - if (is_array($users_to_be_notified)) - { - foreach ($users_to_be_notified as $key=>$value) - { - if ($value['email'] <> $_user['email']) - { - $email_body= $value['firstname']." ".$value['lastname']."\n\r"; - $email_body .= '['.$_course['official_code'].'] - ['.$_course['name']."]
    \n"; - $email_body .= get_lang('NewForumPost')."\n"; - $email_body .= get_lang('YouWantedToStayInformed')."

    \n"; - $email_body .= get_lang('ThreadCanBeFoundHere')." : ".$thread_link."\n"; - - //set the charset and use it for the encoding of the email - small fix, not really clean (should check the content encoding origin first) - //here we use the encoding used for the webpage where the text is encoded (ISO-8859-1 in this case) - if(empty($charset)) - { - $charset='ISO-8859-1'; - } - - $newmail = api_mail_html($value['lastname'].' '.$value['firstname'], $value['email'], $email_subject, $email_body, $_SESSION['_user']['lastName'].' '.$_SESSION['_user']['firstName'], $_SESSION['_user']['mail']); - } - } - } -} - -/** - * Get all the notification subscriptions of the user - * = which forums and which threads does the user wants to be informed of when a new - * post is added to this thread - * - * @param integer $user_id the user_id of a user (default = 0 => the current user) - * @param boolean $force force get the notification subscriptions (even if the information is already in the session - * - * @author Patrick Cool , Ghent University, Belgium - * @version May 2008, dokeos 1.8.5 - * @since May 2008, dokeos 1.8.5 - */ -function get_notifications_of_user($user_id = 0, $force = false) -{ - global $_course; - - if ($user_id == 0) - { - global $_user; - $user_id = $_user['user_id']; - } - - // database table definition - $table_notification = Database::get_course_table('forum_notification'); - - if (!$_SESSION['forum_notification'] OR $_SESSION['forum_notification']['course'] <> $_course['code'] OR $force=true) - { - $_SESSION['forum_notification']['course'] = $_course['code']; - - - $sql = "SELECT * FROM $table_notification WHERE user_id='".Database::escape_string($user_id)."'"; - $result=api_sql_query($sql, __FILE__, __LINE__); - while ($row=Database::fetch_array($result)) - { - if (!is_null($row['forum_id'])) - { - $_SESSION['forum_notification']['forum'][] = $row['forum_id']; - } - if (!is_null($row['thread_id'])) - { - $_SESSION['forum_notification']['thread'][] = $row['thread_id']; - } - } - } -} - -/** -* This function counts the number of posts inside a thread -* @param int Thread ID -* @return int The number of posts inside a thread -* @author Jhon Hinojosa , -* @version October 2008, dokeos 1.8 -*/ -function count_number_of_post_in_thread($thread_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $sql = "SELECT * FROM $table_posts WHERE thread_id='".(int)$thread_id."' "; - $result = api_sql_query($sql, __FILE__, __LINE__); - return count(api_store_result($result)); -} - -/** -* This function counts the number of posts inside a thread from a given user -* @param int Thread ID -* @param int User ID -* @return int The number of post inside a thread user -* @author Jhon Hinojosa , -* @version October 2008, dokeos 1.8 -*/ -function count_number_of_post_for_user_thread($thread_id, $user_id) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $sql = "SELECT * FROM $table_posts WHERE thread_id='".(int)$thread_id."' - AND poster_id = '".(int)$user_id."' "; - $result = api_sql_query($sql, __FILE__, __LINE__); - return count(api_store_result($result)); -} - -/** -* This function counts the number of users registered in a given course -* @param string Course ID -* @return int the number of user register in course -* @author Jhon Hinojosa , -* @version October 2008, dokeos 1.8 -*/ -function count_number_of_user_in_course($course_id) -{ - $table_course_rel_user = Database::get_main_table("course_rel_user"); - $sql = "SELECT * FROM $table_course_rel_user WHERE course_code ='".Database::escape_string($course_id)."' "; - $result = api_sql_query($sql, __FILE__, __LINE__); - return count(api_store_result($result)); -} - -/** -* With this function we find the average of thread post a user -* @param int Thread ID -* @return int average of thread post a user -* @author Jhon Hinojosa , -* @version October 2008, dokeos 1.8 -*/ -function get_average_of_thread_post_user($thread_id) -{ - $average = ''; - return $average; -} - -/** -* This function retrieves statistical information -* @param int Thread ID -* @param int User ID -* @param int Course ID -* @return array the statistical information -* @author Jhon Hinojosa , -* @version October 2008, dokeos 1.8 -*/ -function get_statistical_information($thread_id, $user_id, $course_id) -{ - $statistics = array(); - $statistics['user_course'] = count_number_of_user_in_course($course_id); - $statistics['post'] = count_number_of_post_in_thread($thread_id); - $statistics['user_post'] = count_number_of_post_for_user_thread($thread_id, $user_id); - $statistics['average'] = get_average_of_thread_post_user(); - return $statistics; -} - -/** -* Counts the number of posts inside a thread -* @param int Thread ID -* @param int User ID -* @return int the number of posts inside a thread -* @author Jhon Hinojosa , -* @version October 2008, dokeos 1.8 -*/ -function get_thread_user_post($thread_id, $user_id ) -{ - $table_posts = Database :: get_course_table(TABLE_FORUM_POST); - $table_users = Database :: get_main_table(TABLE_MAIN_USER); - - $sql = "SELECT * FROM $table_posts posts - LEFT JOIN $table_users users - ON posts.poster_id=users.user_id - WHERE posts.thread_id='".(int)$thread_id."' - AND posts.poster_id='".(int)$user_id."' - ORDER BY posts.post_id ASC"; - - $result=api_sql_query($sql, __FILE__, __LINE__); - - while ($row=Database::fetch_array($result)) - { - $row['status'] = '1'; - $post_list[]=$row; - $sql = "SELECT * FROM $table_posts posts - LEFT JOIN $table_users users - ON posts.poster_id=users.user_id - WHERE posts.thread_id='".Database::escape_string($thread_id)."' - AND posts.post_parent_id='".$row['post_id']."' - ORDER BY posts.post_id ASC"; - $result2=api_sql_query($sql, __FILE__, __LINE__); - while ($row2=Database::fetch_array($result2)) - { - $row2['status'] = '0'; - $post_list[] = $row2; - } - } - return $post_list; -} - - -/** - * This function gets an user's name by id - * @param user_id int - * @return String - * @author Christian Fasanando - */ -function get_name_user_by_id($user_id) -{ - $t_users = Database :: get_main_table(TABLE_MAIN_USER); - $sql ="SELECT CONCAT(firstname,' ',lastname) FROM ".$t_users." WHERE user_id = '".(int)$user_id."' "; - $result = api_sql_query($sql, __FILE__, __LINE__); - $row = Database::fetch_array($result); - return $row[0]; -} - -/** - * This function gets a thread's name by id - * @param thread_id int - * @return String - * @author Christian Fasanando - */ -function get_name_thread_by_id($thread_id) -{ - $t_forum_thread = Database::get_course_table(TABLE_FORUM_THREAD,''); - $sql ="SELECT thread_title FROM ".$t_forum_thread." WHERE thread_id = '".(int)$thread_id."' "; - $result = api_sql_query($sql, __FILE__, __LINE__); - $row = Database::fetch_array($result); - return $row[0]; -} \ No newline at end of file +, Ghent University +* @copyright Ghent University +* @copyright Patrick Cool +* @author Julio Montoya , Dokeos Several fixes +* @package dokeos.forum +* +* @todo several functions have to be moved to the itemmanager library +* @todo displaying icons => display library +* @todo complete the missing phpdoc the correct order should be +* +* some explanation of the function +* +* @param +* @return +* + @todo +* +* @author firstname lastname , organisation +* @version (day) month year +* +* @deprecated +*/ + +/** + ************************************************************************** + * IMPORTANT NOTICE + * Please do not change anything is this code yet because there are still + * some significant code that need to happen and I do not have the time to + * merge files and test it all over again. So for the moment, please do not + * touch the code + * -- Patrick Cool + ************************************************************************** +*/ +require_once(api_get_path(INCLUDE_PATH).'/lib/mail.lib.inc.php'); +require_once(api_get_path(INCLUDE_PATH).'/conf/mail.conf.php'); +require_once(api_get_path(INCLUDE_PATH).'/lib/usermanager.lib.php'); +get_notifications_of_user(); +/** +* This function handles all the forum and forumcategories actions. This is a wrapper for the +* forum and forum categories. All this code code could go into the section where this function is +* called but this make the code there cleaner. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function handle_forum_and_forumcategories() { + // Adding a forum category + if (($_GET['action']=='add' && $_GET['content']=='forumcategory') || $_POST['SubmitForumCategory'] ) { + show_add_forumcategory_form(); + } + // Adding a forum + if ((($_GET['action']=='add' || $_GET['action']=='edit') && $_GET['content']=='forum') || $_POST['SubmitForum'] ) { + + if ($_GET['action']=='edit' && isset($_GET['id']) || $_POST['SubmitForum'] ) { + $inputvalues=get_forums(strval(intval($_GET['id']))); // note: this has to be cleaned first + } + show_add_forum_form($inputvalues); + } + // Edit a forum category + if (($_GET['action']=='edit' && $_GET['content']=='forumcategory' && isset($_GET['id'])) || $_POST['SubmitEditForumCategory'] ) { + $forum_category=get_forum_categories(strval(intval($_GET['id']))); // note: this has to be cleaned first + show_edit_forumcategory_form($forum_category); + } + // Delete a forum category + if (( isset($_GET['action']) && $_GET['action']=='delete') && isset($_GET['content']) && isset($_GET['id'])) { + $id_forum=Security::remove_XSS($_GET['id']); + $list_threads=get_threads($id_forum); + + for ( $i=0; $i < count($list_threads); $i++ ) { + $messaje=delete_forum_forumcategory_thread('thread',$list_threads[$i]['thread_id']); + $table_link = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_LINK); + $sql_link='DELETE FROM '.$table_link.' WHERE ref_id='.$list_threads[$i]['thread_id'].' and type=5 and course_code="'.api_get_course_id().'";'; + api_sql_query($sql_link,__FILE__,__LINE__); + } + $return_message=delete_forum_forumcategory_thread($_GET['content'],$_GET['id']); + Display :: display_confirmation_message($return_message,false); + } + // Change visibility of a forum or a forum category + if (($_GET['action']=='invisible' || $_GET['action']=='visible') && isset($_GET['content']) && isset($_GET['id'])) { + $return_message=change_visibility($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first + Display :: display_confirmation_message($return_message,false); + } + // Change lock status of a forum or a forum category + if (($_GET['action']=='lock' || $_GET['action']=='unlock') && isset($_GET['content']) && isset($_GET['id'])) { + $return_message=change_lock_status($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first + Display :: display_confirmation_message($return_message,false); + } + // Move a forum or a forum category + if ($_GET['action']=='move' && isset($_GET['content']) && isset($_GET['id']) && isset($_GET['direction'])) { + $return_message=move_up_down($_GET['content'], $_GET['direction'], $_GET['id']);// note: this has to be cleaned first + Display :: display_confirmation_message($return_message,false); + } +} +/** +* This function displays the form that is used to add a forum category. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function show_add_forumcategory_form($inputvalues=array()) { + // initiate the object + $form = new FormValidator('forumcategory'); + + // settting the form elements + $form->addElement('header', '', get_lang('AddForumCategory')); + $form->addElement('text', 'forum_category_title', get_lang('Title'),'class="input_titles"'); + $form->addElement('html_editor', 'forum_category_comment', get_lang('Comment')); + $form->addElement('submit', 'SubmitForumCategory', get_lang('OK')); + + // setting the rules + $form->addRule('forum_category_title', '
    '.get_lang('ThisFieldIsRequired'), 'required'); + + // The validation or display + if ( $form->validate() ) { + $values = $form->exportValues(); + store_forumcategory($values); + } else { + $form->display(); + } +} +/** +* This function displays the form that is used to add a forum category. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function show_add_forum_form($inputvalues=array()) { + global $_course; + + // initiate the object + $form = new FormValidator('forumcategory', 'post', 'index.php'); + + // the header for the form + $session_header = isset($_SESSION['session_name']) ? ' ('.$_SESSION['session_name'].') ' : ''; + $form->addElement('header', '', get_lang('AddForum').$session_header); + + // we have a hidden field if we are editing + if (is_array($inputvalues)) { + $form->addElement('hidden', 'forum_id', $inputvalues['forum_id']); + } + // The title of the forum + $form->addElement('text', 'forum_title', get_lang('Title'),'class="input_titles"'); + // The comment of the forum + $form->addElement('html_editor', 'forum_comment', get_lang('Comment')); + // dropdown list: Forum Categories + $forum_categories=get_forum_categories(); + foreach ($forum_categories as $key=>$value) { + $forum_categories_titles[$value['cat_id']]=$value['cat_title']; + } + $form->addElement('select', 'forum_category', get_lang('InForumCategory'), $forum_categories_titles); + + if ($_course['visibility']==COURSE_VISIBILITY_OPEN_WORLD) { + // This is for vertical + //$form->addElement('radio', 'allow_anonymous', get_lang('AllowAnonymousPosts'), get_lang('Yes'), 1); + //$form->addElement('radio', 'allow_anonymous', '', get_lang('No'), 0); + // This is for horizontal + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'allow_anonymous',null,get_lang('Yes'),1); + $group[] =& HTML_QuickForm::createElement('radio', 'allow_anonymous',null,get_lang('No'),0); + $form->addGroup($group, 'allow_anonymous_group', get_lang('AllowAnonymousPosts'), ' '); + } + + // This is for vertical + //$form->addElement('radio', 'students_can_edit', get_lang('StudentsCanEdit'), get_lang('Yes'), 1); + //$form->addElement('radio', 'students_can_edit', '', get_lang('No'), 0); + // This is for horizontal + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'students_can_edit',null,get_lang('Yes'),1); + $group[] =& HTML_QuickForm::createElement('radio', 'students_can_edit',null,get_lang('No'),0); + $form->addGroup($group, 'students_can_edit_group', get_lang('StudentsCanEdit'), ' '); + + // This is for vertical + //$form->addElement('radio', 'approval_direct', get_lang('ApprovalDirect'), get_lang('Approval'), 1); + //$form->addElement('radio', 'approval_direct', '', get_lang('Direct'), 0); + // This is for horizontal + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'approval_direct',null,get_lang('Approval'),1); + $group[] =& HTML_QuickForm::createElement('radio', 'approval_direct',null,get_lang('Direct'),0); + //$form->addGroup($group, 'approval_direct_group', get_lang('ApprovalDirect'), ' '); + + + // This is for vertical + //$form->addElement('radio', 'allow_attachments', get_lang('AllowAttachments'), get_lang('Yes'), 1); + //$form->addElement('radio', 'allow_attachments', '', get_lang('No'), 0); + // This is for horizontal + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'allow_attachments',null,get_lang('Yes'),1); + $group[] =& HTML_QuickForm::createElement('radio', 'allow_attachments',null,get_lang('No'),0); + //$form->addGroup($group, 'allow_attachments_group', get_lang('AllowAttachments'), ' '); + + // This is for vertical + //$form->addElement('radio', 'allow_new_threads', get_lang('AllowNewThreads'), 1, get_lang('Yes')); + //$form->addElement('radio', 'allow_new_threads', '', 0, get_lang('No')); + // This is for horizontal + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'allow_new_threads',null, get_lang('Yes'),1); + $group[] =& HTML_QuickForm::createElement('radio', 'allow_new_threads',null, get_lang('No'),0); + $form->addGroup($group, 'allow_new_threads_group', get_lang('AllowNewThreads'), ' '); + + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'default_view_type', null, get_lang('Flat'), 'flat'); + $group[] =& HTML_QuickForm::createElement('radio', 'default_view_type', null, get_lang('Threaded'), 'threaded'); + $group[] =& HTML_QuickForm::createElement('radio', 'default_view_type', null, get_lang('Nested'), 'nested'); + $form->addGroup($group, 'default_view_type_group', get_lang('DefaultViewType'), ' '); + + $form->addElement('static','Group', '
    '.get_lang('GroupSettings').''); + + // dropdown list: Groups + $groups=GroupManager::get_group_list(); + $groups_titles[0]=get_lang('NotAGroupForum'); + foreach ($groups as $key=>$value) { + $groups_titles[$value['id']]=$value['name']; + } + $form->addElement('select', 'group_forum', get_lang('ForGroup'), $groups_titles); + + // Public or private group forum + $group=''; + $group[] =& HTML_QuickForm::createElement('radio', 'public_private_group_forum', null, get_lang('Public'), 'public'); + $group[] =& HTML_QuickForm::createElement('radio', 'public_private_group_forum', null, get_lang('Public'), 'public'); + $group[] =& HTML_QuickForm::createElement('radio', 'public_private_group_forum', null, get_lang('Private'), 'private'); + $form->addGroup($group, 'public_private_group_forum_group', get_lang('PublicPrivateGroupForum'), ' '); + // The OK button + $form->addElement('submit', 'SubmitForum', get_lang('OK')); + // setting the rules + $form->addRule('forum_title', get_lang('ThisFieldIsRequired'), 'required'); + $form->addRule('forum_category', get_lang('ThisFieldIsRequired'), 'required'); + + global $charset; + + // settings the defaults + if (!is_array($inputvalues)) { + $defaults['allow_anonymous_group']['allow_anonymous']=0; + $defaults['students_can_edit_group']['students_can_edit']=0; + $defaults['approval_direct_group']['approval_direct']=0; + $defaults['allow_attachments_group']['allow_attachments']=1; + $defaults['allow_new_threads_group']['allow_new_threads']=0; + $defaults['default_view_type_group']['default_view_type']=api_get_setting('default_forum_view'); + $defaults['public_private_group_forum_group']['public_private_group_forum']='public'; + if (isset($_GET['forumcategory'])) { + $defaults['forum_category']=Security::remove_XSS($_GET['forumcategory']); + } + } else { // the default values when editing = the data in the table + $defaults['forum_id']=$inputvalues['forum_id']; + $defaults['forum_title']=prepare4display(html_entity_decode($inputvalues['forum_title'],ENT_QUOTES,$charset)); + $defaults['forum_comment']=prepare4display($inputvalues['forum_comment']); + $defaults['forum_category']=$inputvalues['forum_category']; + $defaults['allow_anonymous_group']['allow_anonymous']=$inputvalues['allow_anonymous']; + $defaults['students_can_edit_group']['students_can_edit']=$inputvalues['allow_edit']; + $defaults['approval_direct_group']['approval_direct']=$inputvalues['approval_direct_post']; + $defaults['allow_attachments_group']['allow_attachments']=$inputvalues['allow_attachments']; + $defaults['allow_new_threads_group']['allow_new_threads']=$inputvalues['allow_new_threads']; + $defaults['default_view_type_group']['default_view_type']=$inputvalues['default_view']; + $defaults['public_private_group_forum_group']['public_private_group_forum']=$inputvalues['forum_group_public_private']; + $defaults['group_forum']=$inputvalues['forum_of_group']; + } + $form->setDefaults($defaults); + // The validation or display + if( $form->validate() ) { + $values = $form->exportValues(); + store_forum($values); + } else { + $form->display(); + } +} + + + +/** +* This function displays the form that is used to edit a forum category. +* This is more or less a copy from the show_add_forumcategory_form function with the only difference that is uses +* some default values. I tried to have both in one function but this gave problems with the handle_forum_and_forumcategories function +* (storing was done twice) +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function show_edit_forumcategory_form($inputvalues=array()) { + // initiate the object + $form = new FormValidator('forumcategory'); + + // settting the form elements + $form->addElement('header', '', get_lang('EditForumCategory')); + $form->addElement('hidden', 'forum_category_id'); + $form->addElement('text', 'forum_category_title', get_lang('Title'),'class="input_titles"'); + $form->addElement('html_editor', 'forum_category_comment', get_lang('Comment')); + $form->addElement('submit', 'SubmitEditForumCategory',get_lang('OK')); + global $charset; + // setting the default values + $defaultvalues['forum_category_id']=$inputvalues['cat_id']; + + $defaultvalues['forum_category_title']=prepare4display(html_entity_decode($inputvalues['cat_title'],ENT_QUOTES,$charset)); + $defaultvalues['forum_category_comment']=prepare4display($inputvalues['cat_comment']); + $form->setDefaults($defaultvalues); + + // setting the rules + $form->addRule('forum_category_title', get_lang('ThisFieldIsRequired'), 'required'); + + // The validation or display + if( $form->validate() ) { + $values = $form->exportValues(); + store_forumcategory($values); + } else { + $form->display(); + } +} + + + +/** +* This function stores the forum category in the database. The new category is added to the end. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_forumcategory($values) { + global $table_categories; + global $_course; + global $_user; + + // find the max cat_order. The new forum category is added at the end => max cat_order + & + $sql="SELECT MAX(cat_order) as sort_max FROM ".Database::escape_string($table_categories); + $result=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($result); + $new_max=$row['sort_max']+1; + + $clean_cat_title=Security::remove_XSS(Database::escape_string($values['forum_category_title'])); + + if (isset($values['forum_category_id'])) { // storing an edit + $sql="UPDATE ".$table_categories." SET cat_title='".$clean_cat_title."', cat_comment='".Database::escape_string($values['forum_category_comment'])."' WHERE cat_id='".Database::escape_string($values['forum_category_id'])."'"; + api_sql_query($sql,__FILE__,__LINE__); + $last_id=Database::get_last_insert_id(); + api_item_property_update($_course, TOOL_FORUM_CATEGORY, $values['forum_category_id'],"ForumCategoryAdded", api_get_user_id()); + $return_message=get_lang('ForumCategoryEdited'); + } else { + $sql="INSERT INTO ".$table_categories." (cat_title, cat_comment, cat_order) VALUES ('".$clean_cat_title."','".Database::escape_string($values['forum_category_comment'])."','".Database::escape_string($new_max)."')"; + api_sql_query($sql,__FILE__,__LINE__); + $last_id=Database::get_last_insert_id(); + api_item_property_update($_course, TOOL_FORUM_CATEGORY, $last_id,"ForumCategoryAdded", api_get_user_id()); + $return_message=get_lang('ForumCategoryAdded'); + } + + Display :: display_confirmation_message($return_message); +} + +/** +* This function stores the forum in the database. The new forum is added to the end. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_forum($values) { + global $_course; + global $_user; + + $table_forums = Database::get_course_table(TABLE_FORUM); + + // find the max forum_order for the given category. The new forum is added at the end => max cat_order + & + $sql="SELECT MAX(forum_order) as sort_max FROM ".$table_forums." WHERE forum_category=".Database::escape_string($values['forum_category']); + $result=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($result); + $new_max=$row['sort_max']+1; + $session_id = isset($_SESSION['id_session']) ? $_SESSION['id_session'] : 0; + + $clean_title=Security::remove_XSS(Database::escape_string(htmlspecialchars($values['forum_title']))); + + if (isset($values['forum_id'])) { + + // storing an edit + $sql="UPDATE ".$table_forums." SET + forum_title='".$clean_title."', + forum_comment='".Database::escape_string($values['forum_comment'])."', + forum_category='".Database::escape_string($values['forum_category'])."', + allow_anonymous='".Database::escape_string($values['allow_anonymous_group']['allow_anonymous'])."', + allow_edit='".Database::escape_string($values['students_can_edit_group']['students_can_edit'])."', + approval_direct_post='".Database::escape_string($values['approval_direct_group']['approval_direct'])."', + allow_attachments='".Database::escape_string($values['allow_attachments_group']['allow_attachments'])."', + allow_new_threads='".Database::escape_string($values['allow_new_threads_group']['allow_new_threads'])."', + forum_group_public_private='".Database::escape_string($values['public_private_group_forum_group']['public_private_group_forum'])."', + default_view='".Database::escape_string($values['default_view_type_group']['default_view_type'])."', + forum_of_group='".Database::escape_string($values['group_forum'])."' + WHERE forum_id='".Database::escape_string($values['forum_id'])."'"; + api_sql_query($sql,__FILE__,__LINE__); + $return_message=get_lang('ForumEdited'); + } else { + $sql="INSERT INTO ".$table_forums." + (forum_title, forum_comment, forum_category, allow_anonymous, allow_edit, approval_direct_post, allow_attachments, allow_new_threads, default_view, forum_of_group, forum_group_public_private, forum_order, session_id) + VALUES ('".$clean_title."', + '".Database::escape_string($values['forum_comment'])."', + '".Database::escape_string($values['forum_category'])."', + '".Database::escape_string($values['allow_anonymous_group']['allow_anonymous'])."', + '".Database::escape_string($values['students_can_edit_group']['students_can_edit'])."', + '".Database::escape_string($values['approval_direct_group']['approval_direct'])."', + '".Database::escape_string($values['allow_attachments_group']['allow_attachments'])."', + '".Database::escape_string($values['allow_new_threads_group']['allow_new_threads'])."', + '".Database::escape_string($values['default_view_type_group']['default_view_type'])."', + '".Database::escape_string($values['group_forum'])."', + '".Database::escape_string($values['public_private_group_forum_group']['public_private_group_forum'])."', + '".Database::escape_string($new_max)."', + ".intval($session_id).")"; + api_sql_query($sql,__FILE__,__LINE__); + $last_id=Database::get_last_insert_id(); + api_item_property_update($_course, TOOL_FORUM, $last_id,"ForumCategoryAdded", api_get_user_id()); + $return_message=get_lang('ForumAdded'); + } + return $return_message; +} + +/** +* This function deletes a forum or a forum category +* This function currently does not delete the forums inside the category, nor the threads and replies inside these forums. +* For the moment this is the easiest method and it has the advantage that it allows to recover fora that were acidently deleted +* when the forum category got deleted. +* +* @param $content = what we are deleting (a forum or a forum category) +* @param $id The id of the forum category that has to be deleted. +* +* @todo write the code for the cascading deletion of the forums inside a forum category and also the threads and replies inside these forums +* @todo config setting for recovery or not (see also the documents tool: real delete or not). +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function delete_forum_forumcategory_thread($content, $id) { + global $_course; + + if ($content=='forumcategory') { + $tool_constant=TOOL_FORUM_CATEGORY; + $return_message=get_lang('ForumCategoryDeleted'); + } + if ($content=='forum') { + $tool_constant=TOOL_FORUM; + $return_message=get_lang('ForumDeleted'); + } + if ($content=='thread') { + $tool_constant=TOOL_FORUM_THREAD; + $return_message=get_lang('ThreadDeleted'); + } + api_item_property_update($_course,$tool_constant,$id,'delete',api_get_user_id()); // note: check if this returns a true and if so => return $return_message, if not => return false; + //delete_attachment($post_id); + return $return_message; +} + +/** +* This function deletes a forum post. This separate function is needed because forum posts do not appear in the item_property table (yet) +* and because deleting a post also has consequence on the posts that have this post as parent_id (they are also deleted). +* an alternative would be to store the posts also in item_property and mark this post as deleted (visibility = 2). +* We also have to decrease the number of replies in the thread table +* +* @param $post_id the id of the post that will be deleted +* +* @todo write recursive function that deletes all the posts that have this message as parent +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function delete_post($post_id) { + global $table_posts; + global $table_threads; + + $sql="DELETE FROM $table_posts WHERE post_id='".Database::escape_string($post_id)."'"; // note: this has to be a recursive function that deletes all of the posts in this block. + api_sql_query($sql,__FILE__,__LINE__); + + delete_attachment($post_id); + + $last_post_of_thread=check_if_last_post_of_thread(strval(intval($_GET['thread']))); + + if (is_array($last_post_of_thread)) { + // Decreasing the number of replies for this thread and also changing the last post information + $sql="UPDATE $table_threads SET thread_replies=thread_replies-1, + thread_last_post='".Database::escape_string($last_post_of_thread['post_id'])."', + thread_date='".Database::escape_string($last_post_of_thread['post_date'])."' + WHERE thread_id='".Database::escape_string($_GET['thread'])."'"; + api_sql_query($sql,__FILE__,__LINE__); + return 'PostDeleted'; + } + if ($last_post_of_thread==false) { + // we deleted the very single post of the thread so we need to delete the entry in the thread table also. + $sql="DELETE FROM $table_threads WHERE thread_id='".Database::escape_string($_GET['thread'])."'"; + api_sql_query($sql,__FILE__,__LINE__); + return 'PostDeletedSpecial'; + } +} + + +/** +* This function gets the all information of the last (=most recent) post of the thread +* This can be done by sorting the posts that have the field thread_id=$thread_id and sort them by post_date +* +* @param $thread_id the id of the thread we want to know the last post of. +* @return an array if there is a last post found, false if there is no post entry linked to that thread => thread will be deleted +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function check_if_last_post_of_thread($thread_id) { + global $table_posts; + + $sql="SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($thread_id)."' ORDER BY post_date DESC"; + $result=api_sql_query($sql,__FILE__,__LINE__); + if ( Database::num_rows($result)>0 ) { + $row=Database::fetch_array($result); + return $row; + } else { + return false; + } +} + + +/** +* This function takes care of the display of the visibility icon +* +* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post +* @param $id the id of the content we want to make invisible +* @param $current_visibility_status what is the current status of the visibility (0 = invisible, 1 = visible) +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function display_visible_invisible_icon($content, $id, $current_visibility_status, $additional_url_parameters='') { + $id = Security::remove_XSS($id); + if ($current_visibility_status=='1') { + echo ''.icon('../img/visible.gif',get_lang('MakeInvisible')).''; + } + if ($current_visibility_status=='0') { + echo ''.icon('../img/invisible.gif',get_lang('MakeVisible')).''; + } +} + +/** +* This function takes care of the display of the lock icon +* +* @param $content what is it that we want to (un)lock: forum category, forum, thread, post +* @param $id the id of the content we want to (un)lock +* @param $current_visibility_status what is the current status of the visibility (0 = invisible, 1 = visible) +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function display_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters='') +{ + $id = Security::remove_XSS($id); + if ($current_lock_status=='1') + { + echo ''.icon('../img/lock.gif',get_lang('Unlock')).''; + } + if ($current_lock_status=='0') + { + echo ''.icon('../img/unlock.gif',get_lang('Lock')).''; + } +} + +/** +* This function takes care of the display of the up and down icon +* +* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post +* @param $id is the id of the item we want to display the icons for +* @param $list is an array of all the items. All items in this list should have an up and down icon except for the first (no up icon) and the last (no down icon) +* The key of this $list array is the id of the item. +* +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function display_up_down_icon($content, $id, $list) { + $id = strval(intval($id)); + $total_items=count($list); + $position = 0; + $internal_counter=0; + + if(is_array($list)) { + foreach ($list as $key=>$listitem) { + $internal_counter++; + if ($id==$key) { + $position=$internal_counter; + } + } + } + if ($position>1) { + $return_value=''; + } else { + $return_value=''; + } + + if ($position<$total_items) { + $return_value.=''; + } else { + + $return_value.=''; + } + echo $return_value; +} + + + + +/** +* This function changes the visibility in the database (item_property) +* +* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post +* @param $id the id of the content we want to make invisible +* @param $target_visibility what is the current status of the visibility (0 = invisible, 1 = visible) +* +* @todo change the get parameter so that it matches the tool constants. +* @todo check if api_item_property_update returns true or false => returnmessage depends on it. +* @todo move to itemmanager +* +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function change_visibility($content, $id, $target_visibility) { + global $_course; + $constants=array('forumcategory'=>TOOL_FORUM_CATEGORY, 'forum'=>TOOL_FORUM, 'thread'=>TOOL_FORUM_THREAD); + api_item_property_update($_course,$constants[$content],$id,$target_visibility,api_get_user_id()); // note: check if this returns true or false => returnmessage depends on it. + if ($target_visibility=='visible') { + handle_mail_cue($content, $id); + } + return get_lang('VisibilityChanged'); +} + + +/** +* This function changes the lock status in the database +* +* @param $content what is it that we want to (un)lock: forum category, forum, thread, post +* @param $id the id of the content we want to (un)lock +* @param $action do we lock (=>locked value in db = 1) or unlock (=> locked value in db = 0) +* @return string, language variable +* +* @todo move to itemmanager +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function change_lock_status($content, $id, $action) { + global $table_categories; + global $table_forums; + global $table_threads; + global $table_posts; + + // Determine the relevant table + if ($content=='forumcategory') { + $table=$table_categories; + $id_field='cat_id'; + } elseif ($content=='forum') { + $table=$table_forums; + $id_field='forum_id'; + } elseif ($content=='thread') { + $table=$table_threads; + $id_field='thread_id'; + } else { + return get_lang('Error'); + } + + // Determine what we are doing => defines the value for the database and the return message + if ($action=='lock') { + $db_locked=1; + $return_message=get_lang('Locked'); + } elseif ($action=='unlock') { + $db_locked=0; + $return_message=get_lang('Unlocked'); + } else { + return get_lang('Error'); + } + + // Doing the change in the database + $sql="UPDATE $table SET locked='".Database::escape_string($db_locked)."' WHERE $id_field='".Database::escape_string($id)."'"; + if (api_sql_query($sql,__FILE__,__LINE__)) { + return $return_message; + } else { + return get_lang('Error'); + } +} + + +/** +* This function moves a forum or a forum category up or down +* +* @param $content what is it that we want to make (in)visible: forum category, forum, thread, post +* @param $direction do we want to move it up or down. +* @param $id the id of the content we want to make invisible +* @todo consider removing the table_item_property calls here but this can prevent unwanted side effects when a forum does not have an entry in +* the item_property table but does have one in the forum table. +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function move_up_down($content, $direction, $id) { + global $table_categories; + global $table_forums; + global $table_item_property; + + // Determine which field holds the sort order + if ($content=='forumcategory') { + $table=$table_categories; + $sort_column='cat_order'; + $id_column='cat_id'; + $sort_column='cat_order'; + } elseif ($content=='forum') { + $table=$table_forums; + $sort_column='forum_order'; + $id_column='forum_id'; + $sort_column='forum_order'; + // we also need the forum_category of this forum + $sql="SELECT forum_category FROM $table_forums WHERE forum_id=".Database::escape_string($id); + $result=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($result); + $forum_category=$row['forum_category']; + } else { + return get_lang('Error'); + } + + // determine if need to sort ascending or descending + if ($direction=='down') { + $sort_direction='ASC'; + } elseif ($direction=='up') { + $sort_direction='DESC'; + } else { + return get_lang('Error'); + } + + // The SQL statement + if ($content=='forumcategory') { + $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties + WHERE forum_categories.cat_id=item_properties.ref + AND item_properties.tool='".TOOL_FORUM_CATEGORY."' + ORDER BY forum_categories.cat_order $sort_direction"; + } + if ($content=='forum') { + $sql="SELECT * FROM".$table." WHERE forum_category='".Database::escape_string($forum_category)."' ORDER BY forum_order $sort_direction"; + } + // echo $sql.'
    '; + // finding the items that need to be switched + $result=api_sql_query($sql,__FILE__,__LINE__); + $found=false; + while ($row=Database::fetch_array($result)) { + //echo $row[$id_column].'-'; + if ($found==true) { + $next_id=$row[$id_column]; + $next_sort=$row[$sort_column]; + $found=false; + } + if($id==$row[$id_column]) { + $this_id=$id; + $this_sort=$row[$sort_column]; + $found=true; + } + } + + // Committing the switch + // we do an extra check if we do not have illegal values. If your remove this if statment you will + // be able to mess with the sorting by refreshing the page over and over again. + if ($this_sort<>'' && $next_sort<>'' && $next_id<>'' && $this_id<>'') { + $sql_update1="UPDATE $table SET $sort_column='".Database::escape_string($this_sort)."' WHERE $id_column='".Database::escape_string($next_id)."'"; + $sql_update2="UPDATE $table SET $sort_column='".Database::escape_string($next_sort)."' WHERE $id_column='".Database::escape_string($this_id)."'"; + api_sql_query($sql_update1,__FILE__,__LINE__); + api_sql_query($sql_update2,__FILE__,__LINE__); + } + + return get_lang(ucfirst($content).'Moved'); +} + + +/** +* This function returns a piece of html code that make the links grey (=invisible for the student) +* +* @param boolean 0/1: 0 = invisible, 1 = visible +* @return string +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function class_visible_invisible($current_visibility_status) { + if ($current_visibility_status=='0') { + return "class='invisible'"; + } +} + +/** +* Retrieve all the information off the forum categories (or one specific) for the current course. +* The categories are sorted according to their sorting order (cat_order +* +* @param $id default ''. When an id is passed we only find the information about that specific forum category. If no id is passed we get all the forum categories. +* @return an array containing all the information about all the forum categories +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_forum_categories($id='') { + $table_categories = Database :: get_course_table(TABLE_FORUM_CATEGORY); + $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY); + + if ($id=='') { + $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties + WHERE forum_categories.cat_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM_CATEGORY."' + ORDER BY forum_categories.cat_order ASC"; + if (is_allowed_to_edit()) { + $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties + WHERE forum_categories.cat_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM_CATEGORY."' + ORDER BY forum_categories.cat_order ASC"; + } + } else { + $sql="SELECT * FROM".$table_categories." forum_categories, ".$table_item_property." item_properties + WHERE forum_categories.cat_id=item_properties.ref + AND item_properties.tool='".TOOL_FORUM_CATEGORY."' + AND forum_categories.cat_id='".Database::escape_string($id)."' + ORDER BY forum_categories.cat_order ASC"; + } + $result=api_sql_query($sql,__FILE__,__LINE__); + while ($row=Database::fetch_array($result)) { + if ($id=='') { + $forum_categories_list[$row['cat_id']]=$row; + } else { + $forum_categories_list=$row; + } + } + return $forum_categories_list; +} + +/** +* This function retrieves all the fora in a given forum category +* +* @param integer $cat_id the id of the forum category +* @return an array containing all the information about the forums (regardless of their category) +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_forums_in_category($cat_id) +{ + global $table_forums; + global $table_item_property; + + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_category='".Database::escape_string($cat_id)."' + AND forum.forum_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM."' + ORDER BY forum.forum_order ASC"; + if (is_allowed_to_edit()) { + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_category='".Database::escape_string($cat_id)."' + AND forum.forum_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM."' + ORDER BY forum_order ASC"; + } + $result=api_sql_query($sql,__FILE__,__LINE__); + while ($row=Database::fetch_array($result)) { + $forum_list[$row['forum_id']]=$row; + } + return $forum_list; +} +/** +* Retrieve all the forums (regardless of their category) or of only one. The forums are sorted according to the forum_order. +* Since it does not take the forum category into account there probably will be two or more forums that have forum_order=1, ... +* +* @return an array containing all the information about the forums (regardless of their category) +* @todo check $sql4 because this one really looks fishy. +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_forums($id='') { + global $table_forums; + global $table_threads; + global $table_posts; + global $table_item_property; + global $table_users; + + // **************** GETTING ALL THE FORUMS ************************* // + + $session_condition = isset($_SESSION['id_session']) ? 'AND forum.session_id IN (0,'.intval($_SESSION['id_session']).')' : ''; + $forum_list = array(); + if ($id=='') { + //-------------- Student -----------------// + // select all the forum information of all forums (that are visible to students) + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM."' + $session_condition + ORDER BY forum.forum_order ASC"; + // select the number of threads of the forums (only the threads that are visible) + $sql2="SELECT count(*) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties + WHERE threads.thread_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + GROUP BY threads.forum_id"; + // select the number of posts of the forum (post that are visible and that are in a thread that is visible) + $sql3="SELECT count(*) AS number_of_posts, posts.forum_id FROM $table_posts posts, $table_threads threads, ".$table_item_property." item_properties + WHERE posts.visible=1 + AND posts.thread_id=threads.thread_id + AND threads.thread_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + GROUP BY threads.forum_id"; + + //-------------- Course Admin -----------------// + if (is_allowed_to_edit()) { + // select all the forum information of all forums (that are not deleted) + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM."' + $session_condition + ORDER BY forum_order ASC"; + //echo $sql.'
    '; + // select the number of threads of the forums (only the threads that are not deleted) + $sql2="SELECT count(*) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties + WHERE threads.thread_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + GROUP BY threads.forum_id"; + //echo $sql2.'
    '; + // select the number of posts of the forum + $sql3="SELECT count(*) AS number_of_posts, forum_id FROM $table_posts GROUP BY forum_id"; + //echo $sql3.'
    '; + } + + + } + // **************** GETTING ONE SPECIFIC FORUM ************************* // + // We could do the splitup into student and course admin also but we want to have as much as information about a certain forum as possible + // so we do not take too much information into account. This function (or this section of the function) is namely used to fill the forms + // when editing a forum (and for the moment it is the only place where we use this part of the function) + else { + // select all the forum information of the given forum (that is not deleted) + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_id=item_properties.ref + AND forum_id='".Database::escape_string($id)."' + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM."' + $session_condition + ORDER BY forum_order ASC"; + // select the number of threads of the forum + $sql2="SELECT count(*) AS number_of_threads, forum_id FROM $table_threads WHERE forum_id=".Database::escape_string($id)." GROUP BY forum_id"; + // select the number of posts of the forum + $sql3="SELECT count(*) AS number_of_posts, forum_id FROM $table_posts WHERE forum_id=".Database::escape_string($id)." GROUP BY forum_id"; + // select the last post and the poster (note: this is probably no longer needed) + $sql4="SELECT post.post_id, post.forum_id, post.poster_id, post.poster_name, post.post_date, users.lastname, users.firstname + FROM $table_posts post, $table_users users + WHERE forum_id=".Database::escape_string($id)." + AND post.poster_id=users.user_id + GROUP BY post.forum_id + ORDER BY post.post_id ASC"; + } + // handling all the forum information + $result=api_sql_query($sql,__FILE__,__LINE__); + while ($row=Database::fetch_array($result)) { + if ($id=='') { + $forum_list[$row['forum_id']]=$row; + } else { + $forum_list=$row; + } + } + + // handling the threadcount information + $result2=api_sql_query($sql2,__FILE__,__LINE__); + while ($row2=Database::fetch_array($result2)) { + if ($id=='') { + $forum_list[$row2['forum_id']]['number_of_threads']=$row2['number_of_threads']; + } else { + $forum_list['number_of_threads']=$row2['number_of_threads'];; + } + } + // handling the postcount information + $result3=api_sql_query($sql3,__FILE__,__LINE__); + while ($row3=Database::fetch_array($result3)) { + if ($id=='') { + if (array_key_exists($row3['forum_id'],$forum_list)) {// this is needed because sql3 takes also the deleted forums into account + $forum_list[$row3['forum_id']]['number_of_posts']=$row3['number_of_posts']; + } + } else { + $forum_list['number_of_posts']=$row3['number_of_posts']; + } + } + + // finding the last post information (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname) + if ($id=='') { + if(is_array($forum_list)) { + foreach ($forum_list as $key=>$value) { + $last_post_info_of_forum=get_last_post_information($key,is_allowed_to_edit()); + $forum_list[$key]['last_post_id']=$last_post_info_of_forum['last_post_id']; + $forum_list[$key]['last_poster_id']=$last_post_info_of_forum['last_poster_id']; + $forum_list[$key]['last_post_date']=$last_post_info_of_forum['last_post_date']; + $forum_list[$key]['last_poster_name']=$last_post_info_of_forum['last_poster_name']; + $forum_list[$key]['last_poster_lastname']=$last_post_info_of_forum['last_poster_lastname']; + $forum_list[$key]['last_poster_firstname']=$last_post_info_of_forum['last_poster_firstname']; + } + } else { + $forum_list = array(); + } + } else { + $last_post_info_of_forum=get_last_post_information($id,is_allowed_to_edit()); + $forum_list['last_post_id']=$last_post_info_of_forum['last_post_id']; + $forum_list['last_poster_id']=$last_post_info_of_forum['last_poster_id']; + $forum_list['last_post_date']=$last_post_info_of_forum['last_post_date']; + $forum_list['last_poster_name']=$last_post_info_of_forum['last_poster_name']; + $forum_list['last_poster_lastname']=$last_post_info_of_forum['last_poster_lastname']; + $forum_list['last_poster_firstname']=$last_post_info_of_forum['last_poster_firstname']; + } + return $forum_list; +} + +/** +* This functions gets all the last post information of a certain forum +* +* @param $forum_id the id of the forum we want to know the last post information of. +* @param $show_invisibles +* @return array containing all the information about the last post (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname) +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_last_post_information($forum_id, $show_invisibles=false) { + global $table_forums; + global $table_threads; + global $table_posts; + global $table_item_property; + global $table_users; + + $sql="SELECT post.post_id, post.forum_id, post.poster_id, post.poster_name, post.post_date, users.lastname, users.firstname, post.visible, thread_properties.visibility AS thread_visibility, forum_properties.visibility AS forum_visibility + FROM $table_posts post, $table_users users, $table_item_property thread_properties, $table_item_property forum_properties + WHERE post.forum_id=".Database::escape_string($forum_id)." + AND post.poster_id=users.user_id + AND post.thread_id=thread_properties.ref + AND thread_properties.tool='".TOOL_FORUM_THREAD."' + AND post.forum_id=forum_properties.ref + AND forum_properties.tool='".TOOL_FORUM."' + ORDER BY post.post_id DESC"; + $result=api_sql_query($sql,__FILE__,__LINE__); + if ($show_invisibles==true) { + $row=Database::fetch_array($result); + $return_array['last_post_id']=$row['post_id']; + $return_array['last_poster_id']=$row['poster_id']; + $return_array['last_post_date']=$row['post_date']; + $return_array['last_poster_name']=$row['poster_name']; + $return_array['last_poster_lastname']=$row['lastname']; + $return_array['last_poster_firstname']=$row['firstname']; + return $return_array; + } else { + // we have to loop through the results to find the first one that is actually visible to students (forum_category, forum, thread AND post are visible) + while ($row=Database::fetch_array($result)) { + if ($row['visible']=='1' AND $row['thread_visibility']=='1' AND $row['forum_visibility']=='1') { + $return_array['last_post_id']=$row['post_id']; + $return_array['last_poster_id']=$row['poster_id']; + $return_array['last_post_date']=$row['post_date']; + $return_array['last_poster_name']=$row['poster_name']; + $return_array['last_poster_lastname']=$row['lastname']; + $return_array['last_poster_firstname']=$row['firstname']; + return $return_array; + } + } + } +} + +/** +* Retrieve all the threads of a given forum +* +* @param +* @return an array containing all the information about the threads +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_threads($forum_id) { + global $table_item_property; + global $table_threads; + global $table_posts; + global $table_users; + + // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement + // because we also have thread.* in it. This is because thread has a field locked and post also has the same field + // since we are merging these we would have the post.locked value but in fact we want the thread.locked value + // This is why it is added to the end of the field selection + + + $sql = "SELECT thread.*, item_properties.*, post.*, users.firstname, users.lastname, users.user_id, + last_poster_users.firstname as last_poster_firstname , last_poster_users.lastname as last_poster_lastname, last_poster_users.user_id as last_poster_user_id, thread.locked as locked + FROM $table_threads thread + INNER JOIN $table_item_property item_properties + ON thread.thread_id=item_properties.ref + AND item_properties.visibility='1' + AND item_properties.tool='".TOOL_FORUM_THREAD."' + LEFT JOIN $table_users users + ON thread.thread_poster_id=users.user_id + LEFT JOIN $table_posts post + ON thread.thread_last_post = post.post_id + LEFT JOIN $table_users last_poster_users + ON post.poster_id= last_poster_users.user_id + WHERE thread.forum_id='".Database::escape_string($forum_id)."' + ORDER BY thread.thread_sticky DESC, thread.thread_date DESC"; + if (is_allowed_to_edit()) { + // important note: it might seem a little bit awkward that we have 'thread.locked as locked' in the sql statement + // because we also have thread.* in it. This is because thread has a field locked and post also has the same field + // since we are merging these we would have the post.locked value but in fact we want the thread.locked value + // This is why it is added to the end of the field selection + $sql = "SELECT thread.*, item_properties.*, post.*, users.firstname, users.lastname, users.user_id, + last_poster_users.firstname as last_poster_firstname , last_poster_users.lastname as last_poster_lastname, last_poster_users.user_id as last_poster_user_id, thread.locked as locked + FROM $table_threads thread + INNER JOIN $table_item_property item_properties + ON thread.thread_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + LEFT JOIN $table_users users + ON thread.thread_poster_id=users.user_id + LEFT JOIN $table_posts post + ON thread.thread_last_post = post.post_id + LEFT JOIN $table_users last_poster_users + ON post.poster_id= last_poster_users.user_id + WHERE thread.forum_id='".Database::escape_string($forum_id)."' + ORDER BY thread.thread_sticky DESC, thread.thread_date DESC"; + } + $result=api_sql_query($sql, __FILE__, __LINE__); + while ( $row=Database::fetch_array($result,'ASSOC') ) { + $thread_list[]=$row; + } + return $thread_list; +} + +/** +* Retrieve all posts of a given thread +* +* @return an array containing all the information about the posts of a given thread +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_posts($thread_id) { + global $table_posts; + global $table_users; + + // note: change these SQL so that only the relevant fields of the user table are used + if (api_is_allowed_to_edit()) { + $sql = "SELECT * FROM $table_posts posts + LEFT JOIN $table_users users + ON posts.poster_id=users.user_id + WHERE posts.thread_id='".Database::escape_string($thread_id)."' + ORDER BY posts.post_id ASC"; + } else { + // students can only se the posts that are approved (posts.visible='1') + $sql = "SELECT * FROM $table_posts posts + LEFT JOIN $table_users users + ON posts.poster_id=users.user_id + WHERE posts.thread_id='".Database::escape_string($thread_id)."' + AND posts.visible='1' + ORDER BY posts.post_id ASC"; + } + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + $post_list[]=$row; + } + return $post_list; +} + +/** +* This function return the html syntax for the image +* +* @param $image_url The url of the image (absolute or relative) +* @param $alt The alt text (when the images cannot be displayed). http://www.w3.org/TR/html4/struct/objects.html#adef-alt +* @param $title The title of the image. Most browsers display this as 'tool tip'. http://www.w3.org/TR/html4/struct/global.html#adef-title +* +* @todo this is the same as the Display::xxx function, so it can be removed => all calls have to be changed also +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function icon($image_url,$alt='',$title='') { + if ($title=='') { + $title=$alt; + } + return ''.$alt.''; +} + + + + + + +/************************************************************************** + NEW TOPIC FUNCTIONS +**************************************************************************/ + +/** +* This function retrieves all the information of a post +* +* @param $forum_id integer that indicates the forum +* @return array returns +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_post_information($post_id) { + global $table_posts; + global $table_users; + + $sql="SELECT * FROM ".$table_posts."posts, ".$table_users." users WHERE posts.poster_id=users.user_id AND posts.post_id='".Database::escape_string($post_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + return $row; +} + + +/** +* This function retrieves all the information of a thread +* +* @param $forum_id integer that indicates the forum +* @return array returns +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_thread_information($thread_id) { + global $table_threads; + global $table_item_property; + + $sql="SELECT * FROM ".$table_threads." threads, ".$table_item_property." item_properties + WHERE item_properties.tool='".TOOL_FORUM_THREAD."' + AND item_properties.ref='".Database::escape_string($thread_id)."' + AND threads.thread_id='".Database::escape_string($thread_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + return $row; +} + +/** +* This function retrieves forum thread users details +* @param int Thread ID +* @param string Course DB name (optional) +* @return array Array of type ([user_id=>w,lastname=>x,firstname=>y,thread_id=>z],[]) +* @author Christian Fasanando , +* @version octubre 2008, dokeos 1.8 +*/ + +function get_thread_users_details($thread_id, $db_name = null) { + $t_posts = Database :: get_course_table(TABLE_FORUM_POST, (empty($db_name)?null:$db_name)); + $t_users = Database :: get_main_table(TABLE_MAIN_USER); + $sql = "SELECT DISTINCT user_id, lastname, firstname, thread_id + FROM $t_posts , $t_users + WHERE poster_id = user_id + AND thread_id = '".Database::escape_string($thread_id)."' + AND status not in('1')"; + + $result = api_sql_query($sql, __FILE__, __LINE__); + return $result; +} + +/** +* This function retrieves forum thread users qualify +* @param int Thread ID +* @param string Course DB name (optional) +* @return array Array of type ([user_id=>w,lastname=>x,firstname=>y,thread_id=>z],[]) +* @author Jhon Hinojosa, +* @version octubre 2008, dokeos 1.8 +*/ + +function get_thread_users_qualify($thread_id, $db_name = null) { + $t_posts = Database :: get_course_table(TABLE_FORUM_POST, (empty($db_name)?null:$db_name)); + $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY, (empty($db_name)?null:$db_name)); + $t_users = Database :: get_main_table(TABLE_MAIN_USER); + + + $sql = "SELECT post.poster_id, user.lastname, user.firstname, post.thread_id,user.user_id,qualify.qualify + FROM $t_posts post, + $t_qualify qualify, + $t_users user + WHERE + post.poster_id = user.user_id + AND post.poster_id = qualify.user_id + AND qualify.thread_id = '".Database::escape_string($thread_id)."' + AND user.status not in('1') + GROUP BY post.poster_id "; + $result = api_sql_query($sql, __FILE__, __LINE__); + return $result; +} + +/** +* This function retrieves forum thread users not qualify +* @param int Thread ID +* @param string Course DB name (optional) +* @return array Array of type ([user_id=>w,lastname=>x,firstname=>y,thread_id=>z],[]) +* @author Jhon Hinojosa, +* @version octubre 2008, dokeos 1.8 +*/ + +function get_thread_users_not_qualify($thread_id, $db_name = null) { + $t_posts = Database :: get_course_table(TABLE_FORUM_POST, (empty($db_name)?null:$db_name)); + $t_qualify = Database :: get_course_table(TABLE_FORUM_THREAD_QUALIFY, (empty($db_name)?null:$db_name)); + $t_users = Database :: get_main_table(TABLE_MAIN_USER); + + $sql1 = "select user_id FROM $t_qualify WHERE thread_id = '".$thread_id."'"; + $result1 = api_sql_query($sql1,__FILE__,__LINE__); + $cad=''; + while ($row=Database::fetch_array($result1)) { + $cad .= $row['user_id'].','; + } + if($cad=='') { + $cad='0'; + } else { + $cad=substr($cad,0,strlen($cad)-1); + } + $sql = "SELECT DISTINCT user.user_id, user.lastname, user.firstname, post.thread_id + FROM $t_posts post, $t_users user + WHERE post.poster_id = user.user_id + AND user.user_id NOT IN (".$cad.") + AND post.thread_id = '".Database::escape_string($thread_id)."' + AND user.status not in('1')"; + + $result = api_sql_query($sql, __FILE__, __LINE__); + return $result; +} + + +/** +* This function retrieves all the information of a given forum_id +* +* @param $forum_id integer that indicates the forum +* @return array returns +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +* +* @deprecated this functionality is now moved to get_forums($forum_id) +*/ +function get_forum_information($forum_id) { + global $table_forums; + global $table_item_property; + + $sql="SELECT * FROM ".$table_forums." forums, ".$table_item_property." item_properties + WHERE item_properties.tool='".TOOL_FORUM."' + AND item_properties.ref='".Database::escape_string($forum_id)."' + AND forums.forum_id='".Database::escape_string($forum_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + $row['approval_direct_post'] = 0; // we can't anymore change this option, so it should always be activated + return $row; +} + +/** +* This function retrieves all the information of a given forumcategory id +* +* @param $forum_id integer that indicates the forum +* @return array returns +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_forumcategory_information($cat_id) { + global $table_categories; + global $table_item_property; + + $sql="SELECT * FROM ".$table_categories." forumcategories, ".$table_item_property." item_properties + WHERE item_properties.tool='".TOOL_FORUM_CATEGORY."' + AND item_properties.ref='".Database::escape_string($cat_id)."' + AND forumcategories.cat_id='".Database::escape_string($cat_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + return $row; +} + +/** +* This function counts the number of forums inside a given category +* +* @param $cat_id the id of the forum category +* @todo an additional parameter that takes the visibility into account. For instance $countinvisible=0 would return the number +* of visible forums, $countinvisible=1 would return the number of visible and invisible forums +* @return int the number of forums inside the given category +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function count_number_of_forums_in_category($cat_id) { + global $table_forums; + + $sql="SELECT count(*) AS number_of_forums FROM ".$table_forums." WHERE forum_category='".Database::escape_string($cat_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + return $row['number_of_forums']; +} + +/** +* This function stores a new thread. This is done through an entry in the forum_thread table AND +* in the forum_post table because. The threads are also stored in the item_property table. (forum posts are not (yet)) +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_thread($values) { + global $table_threads; + global $table_posts; + global $_user; + global $_course; + global $current_forum; + global $origin; + global $forum_table_attachment; + + $upload_ok=1; + $has_attachment=false; + + if(!empty($_FILES['user_upload']['name'])) { + $upload_ok = process_uploaded_file($_FILES['user_upload']); + $has_attachment=true; + } + if($upload_ok) { + + $post_date=date('Y-m-d H:i:s'); + + if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) { + $visible=0; // the post is not approved yet. + } else { + $visible=1; + } + + $clean_post_title=Security::remove_XSS(Database::escape_string(htmlspecialchars($values['post_title']))); + + // We first store an entry in the forum_thread table because the thread_id is used in the forum_post table + $sql="INSERT INTO $table_threads (thread_title, forum_id, thread_poster_id, thread_poster_name, thread_date, thread_sticky,thread_title_qualify,thread_qualify_max,thread_weight,session_id) + VALUES ('".$clean_post_title."', + '".Database::escape_string($values['forum_id'])."', + '".Database::escape_string($_user['user_id'])."', + '".Database::escape_string($values['poster_name'])."', + '".Database::escape_string($post_date)."', + '".Database::escape_string($values['thread_sticky'])."'," . + "'".Database::escape_string($values['calification_notebook_title'])."'," . + "'".Database::escape_string($values['numeric_calification'])."'," . + "'".Database::escape_string($values['weight_calification'])."'," . + "'".api_get_session_id()."')"; + $result=api_sql_query($sql, __LINE__, __FILE__); + $last_thread_id=Database::insert_id(); + + //add option gradebook qualify + + if( 1==$values['thread_qualify_gradebook']) { + //add function gradebook + $coursecode=api_get_course_id(); + $resourcetype=5; + $resourceid=$last_thread_id; + $resourcename=$values['calification_notebook_title']; + $maxqualify=$values['numeric_calification']; + $weigthqualify=$values['weight_calification']; + $resourcedescription=''; + $date=time(); + //is_resource_in_course_gradebook($course_code, $resource_type, $resource_id); + add_resource_to_course_gradebook($coursecode,$resourcetype,$resourceid,$resourcename,$weigthqualify,$maxqualify,$resourcedescription,$date,0,api_get_session_id()); + + } + + api_item_property_update($_course, TOOL_FORUM_THREAD, $last_thread_id,"ForumThreadAdded", api_get_user_id()); + // if the forum properties tell that the posts have to be approved we have to put the whole thread invisible + // because otherwise the students will see the thread and not the post in the thread. + // we also have to change $visible because the post itself has to be visible in this case (otherwise the teacher would have + // to make the thread visible AND the post + + if ($visible==0) { + api_item_property_update($_course, TOOL_FORUM_THREAD, $last_thread_id,"invisible", api_get_user_id()); + $visible=1; + } + // We now store the content in the table_post table + $sql="INSERT INTO $table_posts (post_title, post_text, thread_id, forum_id, poster_id, poster_name, post_date, post_notification, post_parent_id, visible) + VALUES ('".$clean_post_title."', + '".Database::escape_string($values['post_text'])."', + '".Database::escape_string($last_thread_id)."', + '".Database::escape_string($values['forum_id'])."', + '".Database::escape_string($_user['user_id'])."', + '".Database::escape_string($values['poster_name'])."', + '".Database::escape_string($post_date)."', + '".Database::escape_string($values['post_notification'])."','0', + '".Database::escape_string($visible)."')"; + api_sql_query($sql, __FILE__,__LINE__); + $last_post_id=Database::insert_id(); + + // now have to update the thread table to fill the thread_last_post field (so that we know when the thread has been updated for the last time) + $sql="UPDATE $table_threads SET thread_last_post='".Database::escape_string($last_post_id)."' WHERE thread_id='".Database::escape_string($last_thread_id)."'"; + $result=api_sql_query($sql, __LINE__, __FILE__); + $message=get_lang('NewThreadStored'); + // Storing the attachments if any + if ($has_attachment) { + $courseDir = $_course['path'].'/upload/forum'; + $sys_course_path = api_get_path(SYS_COURSE_PATH); + $updir = $sys_course_path.$courseDir; + + // Try to add an extension to the file if it hasn't one + $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); + + // user's file name + $file_name =$_FILES['user_upload']['name']; + + if (!filter_extension($new_file_name)) { + Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); + } else { + $new_file_name = uniqid(''); + $new_path=$updir.'/'.$new_file_name; + $result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); + $comment=$values['file_comment']; + + // Storing the attachments if any + if ($result) { + $sql='INSERT INTO '.$forum_table_attachment.'(filename,comment, path, post_id,size) '. + "VALUES ( '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$last_post_id."', '".$_FILES['user_upload']['size']."' )"; + $result=api_sql_query($sql, __LINE__, __FILE__); + $message.=' / '.get_lang('FileUploadSucces').'
    '; + + $last_id=Database::insert_id(); + api_item_property_update($_course, TOOL_FORUM_ATTACH, $last_id ,'ForumAttachmentAdded', api_get_user_id()); + + } + } + } else { + $message.='
    '; + } + + if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) { + $message.=get_lang('MessageHasToBeApproved').'
    '; + $message.=get_lang('ReturnTo').' '.get_lang('Forum').'
    '; + } else { + $message.=get_lang('ReturnTo').' '.get_lang('Forum').'
    '; + $message.=get_lang('ReturnTo').' '.get_lang('Message').''; + } + $reply_info['new_post_id'] = $last_post_id; + + if ($values['post_notification'] == 1) { + set_notification('thread',$last_thread_id, true); + } + + send_notification_mails($last_thread_id,$reply_info); + + session_unregister('formelements'); + session_unregister('origin'); + session_unregister('breadcrumbs'); + session_unregister('addedresource'); + session_unregister('addedresourceid'); + + Display :: display_confirmation_message($message,false); + } else { + Display::display_error_message(get_lang('UplNoFileUploaded')); + } +} +/** +* This function displays the form that is used to add a post. This can be a new thread or a reply. +* @param $action is the parameter that determines if we are +* 1. newthread: adding a new thread (both empty) => No I-frame +* 2. replythread: Replying to a thread ($action = replythread) => I-frame with the complete thread (if enabled) +* 3. replymessage: Replying to a message ($action =replymessage) => I-frame with the complete thread (if enabled) (I first thought to put and I-frame with the message only) +* 4. quote: Quoting a message ($action= quotemessage) => I-frame with the complete thread (if enabled). The message will be in the reply. (I first thought not to put an I-frame here) +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function show_add_post_form($action='', $id='', $form_values='') { + global $forum_setting; + global $current_forum; + global $_user; + global $origin; + global $charset; + + // initiate the object + $form = new FormValidator('thread', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin); + $form->setConstants(array('forum' => '5')); + + // settting the form elements + $form->addElement('hidden', 'forum_id', strval(intval($_GET['forum']))); + $form->addElement('hidden', 'thread_id', strval(intval($_GET['thread']))); + $form->addElement('hidden', 'gradebook', $_GET['gradebook']); + + // if anonymous posts are allowed we also display a form to allow the user to put his name or username in + if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id'])) { + $form->addElement('text', 'poster_name', get_lang('Name')); + } + + $form->addElement('text', 'post_title', get_lang('Title'),'class="input_titles"'); + $form->addElement('html_editor', 'post_text', get_lang('Text')); + + if ($forum_setting['allow_post_notificiation'] AND isset($_user['user_id'])) { + $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail').' ('.$_user['mail'].')'); + } + + if ($forum_setting['allow_sticky'] AND api_is_allowed_to_edit() AND $action=='newthread') { + $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost')); + } + + if ($current_forum['allow_attachments']=='1' OR api_is_allowed_to_edit()) { + //$form->add_resource_button(); + $values = $form->exportValues(); + } + + // user upload + $form->addElement('html','
    '.get_lang('AddAnAttachment').'


    '); + $form->addElement('file','user_upload',ucwords(get_lang('FileName')),''); + $form->addElement('textarea','file_comment',get_lang('FileComment'),array ('rows' => 4, 'cols' => 34)); + + $userid =api_get_user_id(); + $info =api_get_user_info($userid); + $courseid=api_get_course_id(); + + if( (api_is_course_admin() || api_is_course_coach() || api_is_course_tutor()) && !($_GET['thread']) ){ + // thread qualify + $form->addElement('static','Group', '
    '.get_lang('QualifyThread').''); + $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook')); + $form->addElement('html','
    '); + + $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook')); + $form->addElement('text', 'weight_calification', get_lang('QualifyWeight'),'Style="width:40px"'); + $form->addElement('text', 'numeric_calification', get_lang('QualifyNumeric'),'Style="width:40px"'); + + $form->addElement('html','
    '); + } + + $form->addElement('submit', 'SubmitPost', get_lang('Ok')); + $form->add_real_progress_bar('DocumentUpload','user_upload'); + + if ( !empty($form_values) ) { + $defaults['post_title']=prepare4display(Security::remove_XSS($form_values['post_title'])); + $defaults['post_text']=prepare4display(Security::remove_XSS($form_values['post_text'])); + $defaults['post_notification']=Security::remove_XSS($form_values['post_notification']); + $defaults['thread_sticky']=Security::remove_XSS($form_values['thread_sticky']); + } + + // if we are quoting a message we have to retrieve the information of the post we are quoting so that + // we can add this as default to the textarea + if (($action=='quote' || $action=='replymessage') && isset($_GET['post'])) { + // we also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!) + $form->addElement('hidden', 'post_parent_id', strval(intval($_GET['post']))); // note this has to be cleaned first + + // if we are replying or are quoting then we display a default title. + $values=get_post_information($_GET['post']); // note: this has to be cleaned first + $defaults['post_title']=get_lang('ReplyShort').html_entity_decode($values['post_title'],ENT_QUOTES,$charset); + // When we are quoting a message then we have to put that message into the wysiwyg editor. + // note: the style has to be hardcoded here because using class="quote" didn't work + if($action=='quote') { + $defaults['post_text']='
     
    '.get_lang('Quoting').' '.$values['firstname'].' '.$values['lastname'].':
    '.prepare4display($values['post_text']).'
     
     
    '; + } + } + $form->setDefaults($defaults); + + // the course admin can make a thread sticky (=appears with special icon and always on top) + $form->addRule('post_title', '
    '.get_lang('ThisFieldIsRequired'), 'required'); + if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id'])) { + $form->addRule('poster_name', '
    '.get_lang('ThisFieldIsRequired'), 'required'); + } + + // The validation or display + if( $form->validate() ) { + $values = $form->exportValues(); + return $values; + } else { + $form->display(); + echo '
    '; + if ($forum_setting['show_thread_iframe_on_reply'] and $action<>'newthread') { + echo ""; + } + } +} +/** + * @param integer contains the information of user id + * @param integer contains the information of thread id + * @param integer contains the information of thread qualify + * @param integer contains the information of user id of qualifier + * @param integer contains the information of time + * @param integer contains the information of session id + * @return Array() optional + * @author Isaac Flores , U.N.A.S University + * @version October 2008, dokeos 1.8.6 + **/ +function store_theme_qualify($user_id,$thread_id,$thread_qualify=0,$qualify_user_id=0,$qualify_time,$session_id=null) { + $table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY,''); + $table_threads =Database::get_course_table(TABLE_FORUM_THREAD,''); + if ($user_id==strval(intval($user_id)) && $thread_id==strval(intval($thread_id)) && $thread_qualify==strval(intval($thread_qualify))) { + + //testing + + $sql_string="SELECT thread_qualify_max FROM ". $table_threads ." WHERE thread_id=".$thread_id.";"; + $res_string=api_sql_query($sql_string,__FILE__,__LINE__); + $row_string=Database::fetch_array($res_string); + + if ($thread_qualify<=$row_string[0]) { + + $sql1="SELECT COUNT(*) FROM ".$table_threads_qualify." WHERE user_id=".$user_id." and thread_id=".$thread_id.";"; + $res1=api_sql_query($sql1); + $row=Database::fetch_array($res1); + + if ($row[0]==0) { + $sql="INSERT INTO $table_threads_qualify (user_id," . + "thread_id,qualify,qualify_user_id,qualify_time,session_id)" . + "VALUES('".$user_id."','".$thread_id."','".$thread_qualify."'," . + "'".$qualify_user_id."','".$qualify_time."','".$session_id."')"; + $res=api_sql_query($sql,__FILE__,__LINE__); + + return $res; + } else { + + $sql1="SELECT qualify FROM ".$table_threads_qualify." WHERE user_id=".$user_id." and thread_id=".$thread_id.";"; + $rs=api_sql_query($sql1,__FILE__,__LINE__); + $row=Database::fetch_array($rs); + $row[1]="update"; + return $row; + + } + + }else{ + return null; + } + } +} +/** +* This function show qualify. +* @param string contains the information of option to run +* @param string contains the information the current course id +* @param integer contains the information the current forum id +* @param integer contains the information the current user id +* @param integer contains the information the current thread id +* @return integer qualify +* @example $option=1 obtained the qualification of the current thread +* @author Isaac Flores , U.N.A.S University +* @version October 2008, dokeos 1.8.6 +*/ + function show_qualify($option,$couser_id,$forum_id,$user_id,$thread_id){ + + $table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY,''); + $table_threads =Database::get_course_table(TABLE_FORUM_THREAD,''); + if ($user_id==strval(intval($user_id)) && $thread_id==strval(intval($thread_id)) && $option==1) { + + $sql="SELECT qualify FROM ".$table_threads_qualify." WHERE user_id=".$user_id." and thread_id=".$thread_id.";"; + $rs=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($rs); + return $row[0]; + } + + if ($user_id==strval(intval($user_id)) && $option==2) { + + $sql="SELECT thread_qualify_max FROM ".$table_threads." WHERE thread_id=".$thread_id.";"; + $rs=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($rs); + return $row[0]; + } + + } + /** +* +* This function get qualify historical. +* @param integer contains the information the current user id +* @param integer contains the information the current thread id +* @param boolean contains the information of option to run +* @return array() +* @author Christian Fasanando , +* @version October 2008, dokeos 1.8.6 +*/ + function get_historical_qualify($user_id,$thread_id,$opt) { + + $table_threads_qualify_log = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY_LOG,''); + $opt = Database::escape_string($opt); + if($opt=='false') { + $sql="SELECT * FROM ".$table_threads_qualify_log." WHERE thread_id='".Database::escape_string($thread_id)."' and user_id='".Database::escape_string($user_id)."' ORDER BY qualify_time"; + } else { + $sql="SELECT * FROM ".$table_threads_qualify_log." WHERE thread_id='".Database::escape_string($thread_id)."' and user_id='".Database::escape_string($user_id)."' ORDER BY qualify_time DESC"; + } + $rs=api_sql_query($sql,__FILE__,__LINE__); + return $rs; + } + +/** +* +* This function store qualify historical. +* @param boolean contains the information of option to run +* @param string contains the information the current course id +* @param integer contains the information the current forum id +* @param integer contains the information the current user id +* @param integer contains the information the current thread id +* @param integer contains the information the current qualify +* @return void +* @example $option=1 obtained the qualification of the current thread +* @author Isaac Flores , U.N.A.S University +* @version October 2008, dokeos 1.8.6 +*/ +function store_qualify_historical($option,$couser_id,$forum_id,$user_id,$thread_id,$current_qualify,$qualify_user_id) { + + $table_threads_qualify = Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY,''); + $table_threads =Database::get_course_table(TABLE_FORUM_THREAD,''); + $table_threads_qualify_log=Database::get_course_table(TABLE_FORUM_THREAD_QUALIFY_LOG,''); + $current_date=date('Y-m-d H:i:s'); + + + if ($user_id==strval(intval($user_id)) && $thread_id==strval(intval($thread_id)) && $option==1) { + //extract information of thread_qualify + + $sql="SELECT qualify,qualify_time FROM ".$table_threads_qualify." WHERE user_id=".$user_id." and thread_id=".$thread_id.";"; + $rs=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($rs); + + //insert thread_historical + $sql1="INSERT INTO $table_threads_qualify_log (user_id," . + "thread_id,qualify,qualify_user_id,qualify_time,session_id)" . + "VALUES('".$user_id."','".$thread_id."','".$row[0]."'," . + "'".$qualify_user_id."','".$row[1]."','')"; + api_sql_query($sql1,__FILE__,__LINE__); + + //update + $sql2="UPDATE ".$table_threads_qualify." SET qualify=".$current_qualify.",qualify_time='".$current_date."' WHERE user_id=".$user_id." and thread_id=".$thread_id.";"; + api_sql_query($sql2,__FILE__,__LINE__); + } +} + +/** +* This function stores a reply in the forum_post table. +* It also updates the forum_threads table (thread_replies +1 , thread_last_post, thread_date) +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_reply($values) { + global $table_threads; + global $table_posts; + global $forum_table_attachment; + global $_user; + global $_course; + global $current_forum; + global $origin; + + $post_date=date('Y-m-d H:i:s'); + if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) { + $visible=0; // the post is not approved yet. + } else { + $visible=1; + } + + $upload_ok=1; + $has_attachment=false; + if (!empty($_FILES['user_upload']['name'])) { + $upload_ok = process_uploaded_file($_FILES['user_upload']); + $has_attachment=true; + } + + if ($upload_ok) { + // We first store an entry in the forum_post table + $sql="INSERT INTO $table_posts (post_title, post_text, thread_id, forum_id, poster_id, post_date, post_notification, post_parent_id, visible) + VALUES ('".Database::escape_string($values['post_title'])."', + '".Database::escape_string($values['post_text'])."', + '".Database::escape_string($values['thread_id'])."', + '".Database::escape_string($values['forum_id'])."', + '".Database::escape_string($_user['user_id'])."', + '".Database::escape_string($post_date)."', + '".Database::escape_string($values['post_notification'])."', + '".Database::escape_string($values['post_parent_id'])."', + '".Database::escape_string($visible)."')"; + $result=api_sql_query($sql, __LINE__, __FILE__); + $new_post_id=Database::insert_id(); + $values['new_post_id']=$new_post_id; + + $message=get_lang('ReplyAdded'); + + if ($has_attachment) { + $courseDir = $_course['path'].'/upload/forum'; + $sys_course_path = api_get_path(SYS_COURSE_PATH); + $updir = $sys_course_path.$courseDir; + + // Try to add an extension to the file if it hasn't one + $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); + + // user's file name + $file_name =$_FILES['user_upload']['name']; + + if (!filter_extension($new_file_name)) { + Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); + } else { + $new_file_name = uniqid(''); + $new_path=$updir.'/'.$new_file_name; + $result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); + $comment=$values['file_comment']; + + // Storing the attachments if any + if ($result) { + $sql='INSERT INTO '.$forum_table_attachment.'(filename,comment, path, post_id,size) '. + "VALUES ( '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$new_post_id."', '".$_FILES['user_upload']['size']."' )"; + $result=api_sql_query($sql, __LINE__, __FILE__); + $message.=' / '.get_lang('FileUploadSucces'); + $last_id=Database::insert_id(); + + api_item_property_update($_course, TOOL_FORUM_ATTACH, $last_id ,'ForumAttachmentAdded', api_get_user_id()); + } + } + } + + // update the thread + update_thread($values['thread_id'], $new_post_id,$post_date); + + // update the forum + api_item_property_update($_course, TOOL_FORUM, $values['forum_id'],"NewMessageInForum", api_get_user_id()); + + + + if ($current_forum['approval_direct_post']=='1' AND !api_is_allowed_to_edit()) { + $message.='
    '.get_lang('MessageHasToBeApproved').'
    '; + } + + $message.='
    '.get_lang('ReturnTo').' '.get_lang('Forum').'
    '; + $message.=get_lang('ReturnTo').' '.get_lang('Message').''; + + // setting the notification correctly + if ($values['post_notification'] == 1) { + set_notification('thread',$values['thread_id'], true); + } + + send_notification_mails($values['thread_id'], $values); + + session_unregister('formelements'); + session_unregister('origin'); + session_unregister('breadcrumbs'); + session_unregister('addedresource'); + session_unregister('addedresourceid'); + + Display :: display_confirmation_message($message,false); + + } else { + Display::display_error_message(get_lang('UplNoFileUploaded')." ". get_lang('UplSelectFileFirst')); + } + +} + + +/** +* This function displays the form that is used to edit a post. This can be a new thread or a reply. +* @param array contains all the information about the current post +* @param array contains all the information about the current thread +* @param array contains all info about the current forum (to check if attachments are allowed) +* @param array contains the default values to fill the form +* @return void +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function show_edit_post_form($current_post, $current_thread, $current_forum, $form_values='') { + global $forum_setting; + global $_user; + + // initiate the object + $form = new FormValidator('edit_post', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post'])); + + // settting the form elements + $form->addElement('hidden', 'post_id', $current_post['post_id']); + $form->addElement('hidden', 'thread_id', $current_thread['thread_id']); + if ($current_post['post_parent_id']==0) { + $form->addElement('hidden', 'is_first_post_of_thread', '1'); + } + $form->addElement('text', 'post_title', get_lang('Title'),'class="input_titles"'); + $form->addElement('html_editor', 'post_text', get_lang('Text')); + if (!$_GET['edit']) { + $form->addElement('static','Group', '
    '.get_lang('AlterQualifyThread').''); + $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook')); + $defaults['thread_qualify_gradebook']=is_resource_in_course_gradebook(api_get_course_id(),5,$_GET['thread'],api_get_session_id()); + //$form->addElement('check','check_list', '
    '.get_lang('El tema es calificable')); + $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'),'value="'.$current_thread['thread_title_qualify'].'"'); + $form->addElement('text', 'weight_calification', get_lang('QualifyWeight'),'value="'.$current_thread['thread_weight'].'" Style="width:40px"'); + $form->addElement('text', 'numeric_calification', get_lang('QualifyNumeric'),'value="'.$current_thread['thread_qualify_max'].'" Style="width:40px"'); + //add gradebook + } + + if ($forum_setting['allow_post_notificiation']) { + $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail').' ('.$current_post['email'].')'); + } + if ($forum_setting['allow_sticky'] and api_is_allowed_to_edit() and $current_post['post_parent_id']==0) { // the sticky checkbox only appears when it is the first post of a thread + $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost')); + if ( $current_thread['thread_sticky']==1 ) { + $defaults['thread_sticky']=true; + } + } + if ($current_forum['allow_attachments']=='1' OR api_is_allowed_to_edit()) { + if (empty($form_values) AND !$_POST['SubmitPost']) { + //edit_added_resources('forum_post',$current_post['post_id']); + } + //$form->add_resource_button(); + $values = $form->exportValues(); + } + + $form->addElement('submit', 'SubmitPost', get_lang('Ok')); + global $charset; + // setting the default values for the form elements + $defaults['post_title']=prepare4display(html_entity_decode($current_post['post_title'],ENT_QUOTES,$charset)); + $defaults['post_text']=prepare4display($current_post['post_text']); + if ( $current_post['post_notification']==1 ) { + $defaults['post_notification']=true; + } + + if (!empty($form_values)) { + $defaults['post_title']=Security::remove_XSS($form_values['post_title']); + $defaults['post_text']=Security::remove_XSS($form_values['post_text']); + $defaults['post_notification']=Security::remove_XSS($form_values['post_notification']); + $defaults['thread_sticky']=Security::remove_XSS($form_values['thread_sticky']); + } + + $form->setDefaults($defaults); + + // the course admin can make a thread sticky (=appears with special icon and always on top) + + $form->addRule('post_title', '
    '.get_lang('ThisFieldIsRequired'), 'required'); + + // The validation or display + if( $form->validate() ) { + $values = $form->exportValues(); + return $values; + } else { + $form->display(); + } +} + +/** +* This function stores the edit of a post in the forum_post table. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_edit_post($values) { + global $table_threads; + global $table_posts; + // first we check if the change affects the thread and if so we commit the changes (sticky and post_title=thread_title are relevant) + if (array_key_exists('is_first_post_of_thread',$values) AND $values['is_first_post_of_thread']=='1') { + $sql="UPDATE $table_threads SET thread_title='".Database::escape_string($values['post_title'])."', + thread_sticky='".Database::escape_string($values['thread_sticky'])."'," . + "thread_title_qualify='".Database::escape_string($values['calification_notebook_title'])."'," . + "thread_qualify_max='".Database::escape_string($values['numeric_calification'])."',". + "thread_weight='".Database::escape_string($values['weight_calification'])."'". + " WHERE thread_id='".Database::escape_string($values['thread_id'])."'"; + + api_sql_query($sql,__FILE__, __LINE__); + } + + // update the post_title and the post_text + $sql="UPDATE $table_posts SET post_title='".Database::escape_string($values['post_title'])."', + post_text='".Database::escape_string($values['post_text'])."', + post_notification='".Database::escape_string($values['post_notification'])."' + WHERE post_id='".Database::escape_string($values['post_id'])."'"; + //error_log($sql); + api_sql_query($sql,__FILE__, __LINE__); + + if (api_is_course_admin()==true) { + $ccode = api_get_course_id(); + $sid = api_get_session_id(); + $link_id = is_resource_in_course_gradebook($ccode,5,$values['thread_id'],$sid); + if ($values['thread_qualify_gradebook']!=1) { + if ($link_id !== false) { + remove_resource_from_course_gradebook($link_id); + } + } else { + if ($link_id === false && !$_GET['thread']) { + //$date_in_gradebook=date('Y-m-d H:i:s'); + $date_in_gradebook=null; + $weigthqualify=$values['weight_calification']; + add_resource_to_course_gradebook($ccode,5,$values['thread_id'],Database::escape_string($values['calification_notebook_title']),$weigthqualify,$values['numeric_calification'],null,$date_in_gradebook,0,$sid); + } + } + } + // Storing the attachments if any + //update_added_resources('forum_post',$values['post_id']); + + $message=get_lang('EditPostStored').'
    '; + $message.=get_lang('ReturnTo').' '.get_lang('Forum').'
    '; + $message.=get_lang('ReturnTo').' '.get_lang('Message').''; + + session_unregister('formelements'); + session_unregister('origin'); + session_unregister('breadcrumbs'); + session_unregister('addedresource'); + session_unregister('addedresourceid'); + + Display :: display_confirmation_message($message,false); +} + + +/** +* This function displays the firstname and lastname of the user as a link to the user tool. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function display_user_link($user_id, $name, $origin='') { + if ($user_id<>0) { + return ''.$name.''; + } else { + return $name.' ('.get_lang('Anonymous').')'; + } +} + +/** +* This function displays the user image from the profile, with a link to the user's details. +* @param int User's database ID +* @param str User's name +* @return string An HTML with the anchor and the image of the user +* @author Julio Montoya +*/ + +function display_user_image($user_id,$name, $origin='') { + $link=''; + $attrb=array(); + + if ($user_id<>0) { + $image_path = UserManager::get_user_picture_path_by_id($user_id,'web',false, true); + $image_repository = $image_path['dir']; + $existing_image = $image_path['file']; + return $link.''.$name.''; + + } else { + return $link.''.$name.''; + } + +} + + +/** +* The thread view counter gets increased every time someone looks at the thread +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function increase_thread_view($thread_id) { + global $table_threads; + + $sql="UPDATE $table_threads SET thread_views=thread_views+1 WHERE thread_id='".Database::escape_string($thread_id)."'"; // this needs to be cleaned first + $result=api_sql_query($sql, __LINE__, __FILE__); +} + +/** +* The relies counter gets increased every time somebody replies to the thread +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function update_thread($thread_id, $last_post_id,$post_date) { + global $table_threads; + + $sql="UPDATE $table_threads SET thread_replies=thread_replies+1, + thread_last_post='".Database::escape_string($last_post_id)."', + thread_date='".Database::escape_string($post_date)."' WHERE thread_id='".Database::escape_string($thread_id)."'"; // this needs to be cleaned first + $result=api_sql_query($sql, __LINE__, __FILE__); +} + + + +/** +* This function is called when the user is not allowed in this forum/thread/... +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function forum_not_allowed_here() { + Display :: display_error_message(get_lang('NotAllowedHere')); + Display :: display_footer(); + exit; +} + +/** +* This function is used to find all the information about what's new in the forum tool +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_whats_new() { + global $_user; + global $_course; + global $table_posts; + + // note this has later to be replaced by the tool constant. But temporarily bb_forum is used since this is the only thing that is in the tracking currently. + //$tool=TOOL_FORUM; + $tool=TOOL_FORUM; // + // to do: remove this. For testing purposes only + //session_unregister('last_forum_access'); + //session_unregister('whatsnew_post_info'); + + if (!$_SESSION['last_forum_access']) { + $tracking_last_tool_access=Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LASTACCESS); + $sql="SELECT * FROM ".$tracking_last_tool_access." WHERE access_user_id='".Database::escape_string($_user['user_id'])."' AND access_cours_code='".Database::escape_string($_course['sysCode'])."' AND access_tool='".Database::escape_string($tool)."'"; + $result=api_sql_query($sql,__FILE__,__LINE__); + $row=Database::fetch_array($result); + $_SESSION['last_forum_access']=$row['access_date']; + } + + if (!$_SESSION['whatsnew_post_info']) { + if ($_SESSION['last_forum_access']<>'') { + $whatsnew_post_info = array(); + $sql="SELECT * FROM".$table_posts."WHERE post_date>'".Database::escape_string($_SESSION['last_forum_access'])."'"; // note: check the performance of this query. + $result=api_sql_query($sql,__FILE__,__LINE__); + while ($row=Database::fetch_array($result)) { + $whatsnew_post_info[$row['forum_id']][$row['thread_id']][$row['post_id']]=$row['post_date']; + } + $_SESSION['whatsnew_post_info']=$whatsnew_post_info; + } + } +} + +/** +* With this function we find the number of posts and topics in a given forum. +* +* @param +* @return +* +* @todo consider to call this function only once and let it return an array where the key is the forum id and the value is an array with number_of_topics and number of post +* as key of this array and the value as a value. This could reduce the number of queries needed (especially when there are more forums) +* @todo consider merging both in one query. +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +* +* @deprecated the counting mechanism is now inside the function get_forums +*/ +function get_post_topics_of_forum($forum_id) { + global $table_posts; + global $table_threads; + global $table_item_property; + + $sql="SELECT count(*) as number_of_posts FROM $table_posts WHERE forum_id='".$forum_id."'"; + if (api_is_allowed_to_edit()) { + $sql="SELECT count(*) as number_of_posts + FROM $table_posts posts, $table_threads threads, $table_item_property item_property + WHERE posts.forum_id='".Database::escape_string($forum_id)."' + AND posts.thread_id=threads.thread_id + AND item_property.ref=threads.thread_id + AND item_property.visibility<>2 + AND item_property.tool='".TOOL_FORUM_THREAD."' + "; + } else { + $sql="SELECT count(*) as number_of_posts + FROM $table_posts posts, $table_threads threads, $table_item_property item_property + WHERE posts.forum_id='".Database::escape_string($forum_id)."' + AND posts.thread_id=threads.thread_id + AND item_property.ref=threads.thread_id + AND item_property.visibility=1 + AND posts.visible=1 + AND item_property.tool='".TOOL_FORUM_THREAD."' + "; + } + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + $number_of_posts=$row['number_of_posts']; + + // we could loop through the result array and count the number of different group_ids but I have chosen to use a second sql statement + if (api_is_allowed_to_edit()) { + $sql="SELECT count(*) as number_of_topics + FROM $table_threads threads, $table_item_property item_property + WHERE threads.forum_id='".Database::escape_string($forum_id)."' + AND item_property.ref=threads.thread_id + AND item_property.visibility<>2 + AND item_property.tool='".TOOL_FORUM_THREAD."' + "; + } else { + $sql="SELECT count(*) as number_of_topics + FROM $table_threads threads, $table_item_property item_property + WHERE threads.forum_id='".Database::escape_string($forum_id)."' + AND item_property.ref=threads.thread_id + AND item_property.visibility=1 + AND item_property.tool='".TOOL_FORUM_THREAD."' + "; + } + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + $number_of_topics=$row['number_of_topics']; + if ($number_of_topics=='') { + $number_of_topics=0; // due to the nature of the group by this can result in an empty string. + } + + $return=array('number_of_topics'=>$number_of_topics, 'number_of_posts'=>$number_of_posts); + return $return; +} +/** +* This function approves a post = change +* +* @param $post_id the id of the post that will be deleted +* @param $action make the post visible or invisible +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function approve_post($post_id, $action) { + global $table_posts; + + if ($action=='invisible') { + $visibility_value=0; + } + if ($action=='visible') { + $visibility_value=1; + handle_mail_cue('post',$post_id); + } + + $sql="UPDATE $table_posts SET visible='".Database::escape_string($visibility_value)."' WHERE post_id='".Database::escape_string($post_id)."'"; + $return=api_sql_query($sql, __FILE__, __LINE__); + if ($return) { + return 'PostVisibilityChanged'; + } +} + + +/** +* This function retrieves all the unapproved messages for a given forum +* This is needed to display the icon that there are unapproved messages in that thread (only the courseadmin can see this) +* +* @param $forum_id the forum where we want to know the unapproved messages of +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function get_unaproved_messages($forum_id) { + global $table_posts; + + $return_array=array(); + $sql="SELECT DISTINCT thread_id FROM $table_posts WHERE forum_id='".Database::escape_string($forum_id)."' AND visible='0'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + while($row=Database::fetch_array($result)) { + $return_array[]=$row['thread_id']; + } + return $return_array; +} + + +/** +* This function sends the notification mails to everybody who stated that they wanted to be informed when a new post +* was added to a given thread. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function send_notification_mails($thread_id, $reply_info) { + global $table_posts; + global $table_user; + global $table_mailcue; + + // First we need to check if + // 1. the forum category is visible + // 2. the forum is visible + // 3. the thread is visible + // 4. the reply is visible (=when there is + $current_thread=get_thread_information($thread_id); + $current_forum=get_forum_information($current_thread['forum_id']); + $current_forum_category=get_forumcategory_information($current_forum['forum_category']); + if($current_thread['visibility']=='1' AND $current_forum['visibility']=='1' AND $current_forum_category['visibility']=='1' AND $current_forum['approval_direct_post']!='1') { + $send_mails=true; + } else { + $send_mails=false; + } + + // the forum category, the forum, the thread and the reply are visible to the user + if ($send_mails==true) { + send_notifications($current_thread['forum_id'],$thread_id); + /* + $sql="SELECT DISTINCT user.firstname, user.lastname, user.email, user.user_id + FROM $table_posts post, $table_user user + WHERE post.thread_id='".Database::escape_string($thread_id)."' + AND post.post_notification='1' + AND post.poster_id=user.user_id"; + $result=api_sql_query($sql, __LINE__, __FILE__); + while ($row=Database::fetch_array($result)) + { + send_mail($row, $current_thread); + } + */ + } else { + /* + $sql="SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($thread_id)."' AND post_notification='1'"; + $result=api_sql_query($sql, __LINE__, __FILE__); + */ + $table_notification = Database::get_course_table('forum_notification'); + $sql = "SELECT * FROM $table_notification WHERE forum_id = '".Database::escape_string($current_forum['forum_id'])."' OR thread_id = '".Database::escape_string($thread_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + $sql_mailcue="INSERT INTO $table_mailcue (thread_id, post_id) VALUES ('".Database::escape_string($thread_id)."', '".Database::escape_string($reply_info['new_post_id'])."')"; + $result_mailcue=api_sql_query($sql_mailcue, __LINE__, __FILE__); + } + } +} + +/** +* This function is called whenever something is made visible because there might be new posts and the user might have indicated that (s)he wanted +* to be informed about the new posts by mail. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function handle_mail_cue($content, $id) { + global $table_mailcue; + global $table_forums; + global $table_threads; + global $table_posts; + global $table_users; + + // if the post is made visible we only have to send mails to the people who indicated that they wanted to be informed for that thread. + if ($content=='post') { + // getting the information about the post (need the thread_id) + $post_info=get_post_information($id); + + // sending the mail to all the users that wanted to be informed for replies on this thread. + $sql="SELECT users.firstname, users.lastname, users.user_id, users.email FROM $table_mailcue mailcue, $table_posts posts, $table_users users + WHERE posts.thread_id='".Database::escape_string($post_info['thread_id'])."' + AND posts.post_notification='1' + AND mailcue.thread_id='".Database::escape_string($post_info['thread_id'])."' + AND users.user_id=posts.poster_id + GROUP BY users.email"; + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + send_mail($row, get_thread_information($post_info['thread_id'])); + } + + // deleting the relevant entries from the mailcue + $sql_delete_mailcue="DELETE FROM $table_mailcue WHERE post_id='".Database::escape_string($id)."' AND thread_id='".Database::escape_string($post_info['thread_id'])."'"; + //$result=api_sql_query($sql_delete_mailcue, __LINE__, __FILE__); + } elseif ($content=='thread') { + // sending the mail to all the users that wanted to be informed for replies on this thread. + $sql="SELECT users.firstname, users.lastname, users.user_id, users.email FROM $table_mailcue mailcue, $table_posts posts, $table_users users + WHERE posts.thread_id='".Database::escape_string($id)."' + AND posts.post_notification='1' + AND mailcue.thread_id='".Database::escape_string($id)."' + AND users.user_id=posts.poster_id + GROUP BY users.email"; + $result=api_sql_query($sql,__FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + send_mail($row, get_thread_information($id)); + } + + // deleting the relevant entries from the mailcue + $sql_delete_mailcue="DELETE FROM $table_mailcue WHERE thread_id='".Database::escape_string($id)."'"; + $result=api_sql_query($sql_delete_mailcue, __FILE__, __LINE__); + } elseif ($content=='forum') { + $sql="SELECT * FROM $table_threads WHERE forum_id='".Database::escape_string($id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + handle_mail_cue('thread',$row['thread_id']); + } + } elseif ($content=='forum_category') { + $sql="SELECT * FROM $table_forums WHERE forum_category ='".Database::escape_string($id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + handle_mail_cue('forum',$row['forum_id']); + } + } else { + return get_lang('Error'); + } +} +/** +* This function sends the mails for the mail notification +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function send_mail($user_info=array(), $thread_information=array()) { + global $_course; + global $_user; + + $email_subject = get_lang('NewForumPost')." - ".$_course['official_code']; + + if (isset($thread_information) and is_array($thread_information)) { + $thread_link= api_get_path('WEB_CODE_PATH').'forum/viewthread.php?'.api_get_cidreq().'&forum='.$thread_information['forum_id'].'&thread='.$thread_information['thread_id']; + } + $email_body= $user_info['firstname']." ".$user_info['lastname']."\n\r"; + $email_body .= '['.$_course['official_code'].'] - ['.$_course['name']."]
    \n"; + $email_body .= get_lang('NewForumPost')."\n"; + $email_body .= get_lang('YouWantedToStayInformed')."

    \n"; + $email_body .= get_lang('ThreadCanBeFoundHere')." : ".$thread_link."\n"; + + //set the charset and use it for the encoding of the email - small fix, not really clean (should check the content encoding origin first) + //here we use the encoding used for the webpage where the text is encoded (ISO-8859-1 in this case) + if(empty($charset)) { + $charset='ISO-8859-1'; + } + + if ($user_info['user_id']<>$_user['user_id']) { + $newmail = api_mail_html($user_info["lastname"].' '.$user_info["firstname"], $user_info["email"], $email_subject, $email_body, $_SESSION['_user']['lastName'].' '.$_SESSION['_user']['firstName'], $_SESSION['_user']['mail']); + } +} + +/** +* This function displays the form for moving a thread to a different (already existing) forum +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function move_thread_form() { + global $origin; + + // initiate the object + $form = new FormValidator('movepost', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin); + // the header for the form + $form->addElement('header', '', get_lang('MoveThread')); + // invisible form: the thread_id + $form->addElement('hidden', 'thread_id', strval(intval($_GET['thread']))); // note: this has to be cleaned first + + // the fora + $forum_categories=get_forum_categories(); + $forums=get_forums(); + + $htmlcontent="\n
    \n\n"; + $form->addElement('html',$htmlcontent); + + // The OK button + $form->addElement('submit', 'SubmitForum',get_lang('Ok')); + + // The validation or display + if( $form->validate()) { + $values = $form->exportValues(); + if (isset($_POST['forum'])) { + store_move_thread($values); + } + + } else { + $form->display(); + } +} + +/** +* This function displays the form for moving a post message to a different (already existing) or a new thread. +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function move_post_form() { + // initiate the object + $form = new FormValidator('movepost', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&post='.Security::remove_XSS($_GET['post'])); + // the header for the form + $form->addElement('header', '', get_lang('MovePost')); + + // invisible form: the post_id + $form->addElement('hidden', 'post_id', strval(intval($_GET['post']))); // note: this has to be cleaned first + + // dropdown list: Threads of this forum + $threads=get_threads(strval(intval($_GET['forum']))); // note: this has to be cleaned + //my_print_r($threads); + $threads_list[0]=get_lang('ANewThread'); + foreach ($threads as $key=>$value) { + $threads_list[$value['thread_id']]=$value['thread_title']; + } + $form->addElement('select', 'thread', get_lang('MoveToThread'), $threads_list); + + + // The OK button + $form->addElement('submit', '',get_lang('Ok')); + + // setting the rules + $form->addRule('thread', get_lang('ThisFieldIsRequired'), 'required'); + + + // The validation or display + if( $form->validate() ) { + $values = $form->exportValues(); + store_move_post($values); + } else { + $form->display(); + } +} + +/** +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_move_post($values) { + global $table_posts; + global $table_threads; + global $table_forums; + global $_course; + + if ($values['thread']=='0') { + $current_post=get_post_information($values['post_id']); + + // storing a new thread + $sql="INSERT INTO $table_threads (thread_title, forum_id, thread_poster_id, thread_poster_name, thread_last_post, thread_date) + VALUES ( + '".Database::escape_string($current_post['post_title'])."', + '".Database::escape_string($current_post['forum_id'])."', + '".Database::escape_string($current_post['poster_id'])."', + '".Database::escape_string($current_post['poster_name'])."', + '".Database::escape_string($values['post_id'])."', + '".Database::escape_string($current_post['post_date'])."' + )"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $new_thread_id=Database::get_last_insert_id(); + api_item_property_update($_course, TOOL_FORUM_THREAD, $new_thread_id,"visible", $current_post['poster_id']); + + // moving the post to the newly created thread + $sql="UPDATE $table_posts SET thread_id='".Database::escape_string($new_thread_id)."', post_parent_id='0' WHERE post_id='".Database::escape_string($values['post_id'])."'"; + $result=api_sql_query($sql,__FILE__, __LINE__); + //echo $sql.'
    '; + + // resetting the parent_id of the thread to 0 for all those who had this moved post as parent + $sql="UPDATE $table_posts SET post_parent_id='0' WHERE post_parent_id='".Database::escape_string($values['post_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + //echo $sql.'
    '; + + // updating updating the number of threads in the forum + $sql="UPDATE $table_forums SET forum_threads=forum_threads+1 WHERE forum_id='".Database::escape_string($current_post['forum_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + //echo $sql.'
    '; + + // resetting the last post of the old thread and decreasing the number of replies and the thread + $sql="SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($current_post['thread_id'])."' ORDER BY post_id DESC"; + //echo $sql.'
    '; + $result=api_sql_query($sql, __FILE__, __LINE__); + $row=Database::fetch_array($result); + //my_print_r($row); + $sql="UPDATE $table_threads SET thread_last_post='".$row['post_id']."', thread_replies=thread_replies-1 WHERE thread_id='".Database::escape_string($current_post['thread_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + //echo $sql.'
    '; + } else { + // moving to the chosen thread + $sql="UPDATE $table_posts SET thread_id='".Database::escape_string($_POST['thread'])."', post_parent_id='0' WHERE post_id='".Database::escape_string($values['post_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + + // resetting the parent_id of the thread to 0 for all those who had this moved post as parent + $sql="UPDATE $table_posts SET post_parent_id='0' WHERE post_parent_id='".Database::escape_string($values['post_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + } + + return get_lang('ThreadMoved'); +} + +/** +* +* @param +* @return +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function store_move_thread($values) { + global $table_posts; + global $table_threads; + global $table_forums; + global $_course; + + // change the thread table: setting the forum_id to the new forum + $sql="UPDATE $table_threads SET forum_id='".Database::escape_string($_POST['forum'])."' WHERE thread_id='".Database::escape_string($_POST['thread_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + + + // changing all the posts of the thread: setting the forum_id to the new forum + $sql="UPDATE $table_posts SET forum_id='".Database::escape_string($_POST['forum'])."' WHERE thread_id='".Database::escape_string($_POST['thread_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + + return get_lang('ThreadMoved'); +} + + +/** +* Prepares a string or an array of strings for display by stripping slashes +* @param mixed String or array of strings +* @return mixed String or array of strings +* +* @author Patrick Cool , Ghent University +* @version february 2006, dokeos 1.8 +*/ +function prepare4display($input='') { + $highlightcolors = array('yellow', '#33CC33','#3399CC', '#9999FF', '#33CC33'); + if (!is_array($input)) { + if (!empty($_GET['search'])) { + if (strstr($_GET['search'],'+')) { + $search_terms = explode('+',$_GET['search']); + } else { + $search_terms[] = trim($_GET['search']); + } + $counter = 0; + foreach ($search_terms as $key=>$search_term) { + $input = str_replace(trim(html_entity_decode($search_term)),''.trim(html_entity_decode($search_term)).'',$input); + $counter++; + } + } + return stripslashes($input); + } else { + /*foreach ($input as $key=>$value) + { + $returnarray[$key]=stripslashes($value); + }*/ + $returnarray=array_walk($input, 'stripslashes'); + return $returnarray; + } +} + +/** + * Display the search form for the forum and display the search results + * + * @author Patrick Cool , Ghent University, Belgium + * @version march 2008, dokeos 1.8.5 + */ +function forum_search() { + // initiate the object + $form = new FormValidator('forumsearch'); + + // settting the form elements + $form->addElement('header', '', get_lang('ForumSearch')); + $form->addElement('text', 'search_term', get_lang('SearchTerm'),'class="input_titles"'); + $form->addElement('static', 'search_information', '', get_lang('ForumSearchInformation'), $dissertation[$_GET['opleidingsonderdeelcode']]['code']); + $form->addElement('submit', 'SubmitForumCategory', get_lang('Search')); + + // setting the rules + $form->addRule('search_term', '
    '.get_lang('ThisFieldIsRequired'), 'required'); + $form->addRule('search_term', get_lang('TooShort'),'minlength',3); + + // The validation or display + if( $form->validate() ) { + $values = $form->exportValues(); + $form->setDefaults($values); + $form->display(); + + // display the search results + display_forum_search_results($values['search_term']); + } else { + $form->display(); + } +} +/** + * Display the search results + * + * @author Patrick Cool , Ghent University, Belgium + * @version march 2008, dokeos 1.8.5 + */ +function display_forum_search_results($search_term) { + global $table_categories, $table_forums, $table_threads, $table_posts; + + // defining the search strings as an array + if (strstr($search_term,'+')) { + $search_terms = explode('+',$search_term); + } else { + $search_terms[] = $search_term; + } + + // search restriction + foreach ($search_terms as $key => $value) { + $search_restriction[] = "(posts.post_title LIKE '%".Database::escape_string(trim($value))."%' + OR posts.post_text LIKE '%".Database::escape_string(trim($value))."%')"; + } + + $sql = "SELECT * FROM $table_posts posts + WHERE ".implode(' AND ',$search_restriction)." + /*AND posts.thread_id = threads.thread_id*/ + GROUP BY posts.post_id"; + + // getting all the information of the forum categories + $forum_categories_list=get_forum_categories(); + + // getting all the information of the forums + $forum_list=get_forums(); + + $result = api_sql_query($sql, __FILE__, __LINE__); + while ($row = Database::fetch_array($result,'ASSOC')) { + $display_result = false; + /* + we only show it when + 1. forum cateogory is visible + 2. forum is visible + 3. thread is visible (to do) + 4. post is visible + */ + if (!api_is_allowed_to_edit()) { + if ($forum_categories_list[$row['forum_id']['forum_category']]['visibility'] == '1' AND $forum_list[$row['forum_id']]['visibility'] == '1' AND $row['visible'] == '1') { + $display_result = true; + } + } else { + $display_result = true; + } + + if ($display_result == true) { + $search_results_item = '
  • '.$forum_categories_list[$row['forum_id']['forum_category']]['cat_title'].' > '; + $search_results_item .= ''.$forum_list[$row['forum_id']]['forum_title'].' > '; + //$search_results_item .= 'THREAD > '; + $search_results_item .= ''.$row['post_title'].''; + $search_results_item .= '
    '; + if (strlen($row['post_title']) > 200 ) { + $search_results_item .= substr(strip_tags($row['post_title']),0,200).'...'; + } else { + $search_results_item .= $row['post_title']; + } + $search_results_item .= '
    • '; + $search_results[] = $search_results_item; + } + } + echo '
    '.count($search_results).' '.get_lang('ForumSearchResults').'
    '; + echo '
      '; + echo implode($search_results); + echo '
    '; +} + +/** + * Return the link to the forum search page + * + * @author Patrick Cool , Ghent University, Belgium + * @version April 2008, dokeos 1.8.5 + */ +function search_link() { + + $return = ' '.Display::return_icon('search.gif', get_lang('Search')).' '.get_lang('Search').''; + if (!empty($_GET['search'])) { + $return .= ': '.Security::remove_XSS($_GET['search']).' '; + $url = api_get_self().'?'; + foreach ($_GET as $key=>$value) { + if ($key<>'search') { + $url_parameter[]=Security::remove_XSS($key).'='.Security::remove_XSS($value); + } + } + $url = $url.implode('&',$url_parameter); + $return .= ''.Display::return_icon('delete.gif', get_lang('RemoveSearchResults')).''; + } + return $return; +} + +/** + * Show a list with all the attachments according to the post's id + * @param the post's id + * @return array with the post info + * @author Julio Montoya Dokeos + * @version avril 2008, dokeos 1.8.5 + */ + +function get_attachment($post_id) { + global $forum_table_attachment; + $row=array(); + $sql = 'SELECT path, filename,comment FROM '. $forum_table_attachment.' WHERE post_id ="'.$post_id.'"'; + $result=api_sql_query($sql, __FILE__, __LINE__); + if (Database::num_rows($result)!=0) { + $row=Database::fetch_array($result); + } + return $row; +} +/** + * Delete the all the attachments from the DB and the file according to the post's id + * @param post id + * @author Julio Montoya Dokeos + * @version avril 2008, dokeos 1.8.5 + */ + +function delete_attachment($id) { + global $forum_table_attachment; + global $_course; + + $attach_list=get_attachment($id); + $sql = 'DELETE FROM '. $forum_table_attachment.' WHERE post_id ="'.$id.'"'; + $result=api_sql_query($sql, __FILE__, __LINE__); + + $courseDir = $_course['path'].'/upload/forum'; + $sys_course_path = api_get_path(SYS_COURSE_PATH); + $updir = $sys_course_path.$courseDir; + $file=$updir.'/'.$attach_list['path']; + + api_item_property_update($_course, TOOL_FORUM_ATTACH, $id ,'ForumAttachmentDelete', api_get_user_id()); + + if (Security::check_abs_path($file,$updir) ) { + @ unlink($file); + } +} +/** + * This function gets all the forum information of the all the forum of the group + * + * @param integer $group_id the id of the group we need the fora of (see forum.forum_of_group) + * @return array + * + * @todo this is basically the same code as the get_forums function. Consider merging the two. + */ +function get_forums_of_group($group_id) { + global $table_forums; + global $table_threads; + global $table_posts; + global $table_item_property; + global $table_users; + + //-------------- Student -----------------// + // select all the forum information of all forums (that are visible to students) + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_of_group = '".Database::escape_string($group_id)."' + AND forum.forum_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM."' + ORDER BY forum.forum_order ASC"; + // select the number of threads of the forums (only the threads that are visible) + $sql2="SELECT count(thread_id) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties + WHERE threads.thread_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + GROUP BY threads.forum_id"; + // select the number of posts of the forum (post that are visible and that are in a thread that is visible) + $sql3="SELECT count(post_id) AS number_of_posts, posts.forum_id FROM $table_posts posts, $table_threads threads, ".$table_item_property." item_properties + WHERE posts.visible=1 + AND posts.thread_id=threads.thread_id + AND threads.thread_id=item_properties.ref + AND item_properties.visibility=1 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + GROUP BY threads.forum_id"; + + //-------------- Course Admin -----------------// + if (is_allowed_to_edit()) { + // select all the forum information of all forums (that are not deleted) + $sql="SELECT * FROM ".$table_forums." forum , ".$table_item_property." item_properties + WHERE forum.forum_of_group = '".Database::escape_string($group_id)."' + AND forum.forum_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM."' + ORDER BY forum_order ASC"; + //echo $sql.'
    '; + // select the number of threads of the forums (only the threads that are not deleted) + $sql2="SELECT count(thread_id) AS number_of_threads, threads.forum_id FROM $table_threads threads, ".$table_item_property." item_properties + WHERE threads.thread_id=item_properties.ref + AND item_properties.visibility<>2 + AND item_properties.tool='".TOOL_FORUM_THREAD."' + GROUP BY threads.forum_id"; + //echo $sql2.'
    '; + // select the number of posts of the forum + $sql3="SELECT count(post_id) AS number_of_posts, forum_id FROM $table_posts GROUP BY forum_id"; + //echo $sql3.'
    '; + } + + // handling all the forum information + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result,'ASSOC')) { + $forum_list[$row['forum_id']]=$row; + } + + // handling the threadcount information + $result2=api_sql_query($sql2, __FILE__, __LINE__); + while ($row2=Database::fetch_array($result2,'ASSOC')) { + if (is_array($forum_list)) { + if (array_key_exists($row2['forum_id'],$forum_list)) { + $forum_list[$row2['forum_id']]['number_of_threads']=$row2['number_of_threads']; + } + } + } + + // handling the postcount information + $result3=api_sql_query($sql3, __FILE__, __LINE__); + while ($row3=Database::fetch_array($result3,'ASSOC')) { + if (is_array($forum_list)) { + if (array_key_exists($row3['forum_id'],$forum_list)) {// this is needed because sql3 takes also the deleted forums into account + $forum_list[$row3['forum_id']]['number_of_posts']=$row3['number_of_posts']; + } + } + } + + // finding the last post information (last_post_id, last_poster_id, last_post_date, last_poster_name, last_poster_lastname, last_poster_firstname) + if (is_array($forum_list)) { + foreach ($forum_list as $key=>$value) { + $last_post_info_of_forum=get_last_post_information($key,is_allowed_to_edit()); + $forum_list[$key]['last_post_id']=$last_post_info_of_forum['last_post_id']; + $forum_list[$key]['last_poster_id']=$last_post_info_of_forum['last_poster_id']; + $forum_list[$key]['last_post_date']=$last_post_info_of_forum['last_post_date']; + $forum_list[$key]['last_poster_name']=$last_post_info_of_forum['last_poster_name']; + $forum_list[$key]['last_poster_lastname']=$last_post_info_of_forum['last_poster_lastname']; + $forum_list[$key]['last_poster_firstname']=$last_post_info_of_forum['last_poster_firstname']; + } + } + return $forum_list; +} + +/** + * This function stores which users have to be notified of which forums or threads + * + * @param string $content does the user want to be notified about a forum or about a thread + * @param integer $id the id of the forum or thread + * + * @author Patrick Cool , Ghent University, Belgium + * @version May 2008, dokeos 1.8.5 + * @since May 2008, dokeos 1.8.5 + */ +function set_notification($content,$id, $add_only = false) { + global $_user; + + // which database field do we have to store the id in? + if ($content == 'forum') { + $database_field = 'forum_id'; + } else { + $database_field = 'thread_id'; + } + + // database table definition + $table_notification = Database::get_course_table('forum_notification'); + + // first we check if the notification is already set for this + $sql = "SELECT * FROM $table_notification WHERE $database_field = '".Database::escape_string($id)."' AND user_id = '".Database::escape_string($_user['user_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $total = mysql_num_rows($result); + + // if the user did not indicate that (s)he wanted to be notified already then we store the notification request (to prevent double notification requests) + if ($total <= 0) { + $sql = "INSERT INTO $table_notification ($database_field, user_id) VALUES ('".Database::escape_string($id)."','".Database::escape_string($_user['user_id'])."')"; + $result=api_sql_query($sql, __FILE__, __LINE__); + api_session_unregister('forum_notification'); + get_notifications_of_user(0,true); + return get_lang('YouWillBeNotifiedOfNewPosts'); + } else { + if (!$add_only) { + $sql = "DELETE FROM $table_notification WHERE $database_field = '".Database::escape_string($id)."' AND user_id = '".Database::escape_string($_user['user_id'])."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + api_session_unregister('forum_notification'); + get_notifications_of_user(0,true); + return get_lang('YouWillNoLongerBeNotifiedOfNewPosts'); + } + + } +} + +/** + * This function retrieves all the email adresses of the users who wanted to be notified + * about a new post in a certain forum or thread + * + * @param string $content does the user want to be notified about a forum or about a thread + * @param integer $id the id of the forum or thread + * + * @author Patrick Cool , Ghent University, Belgium + * @version May 2008, dokeos 1.8.5 + * @since May 2008, dokeos 1.8.5 + */ +function get_notifications($content,$id) { + global $table_users; + + // which database field contains the notification? + if ($content == 'forum') { + $database_field = 'forum_id'; + } else { + $database_field = 'thread_id'; + } + // database table definition + $table_notification = Database::get_course_table('forum_notification'); + $sql = "SELECT user.user_id, user.firstname, user.lastname, user.email, user.user_id user FROM $table_users user, $table_notification notification + WHERE user.user_id = notification.user_id + AND notification.$database_field= '".Database::escape_string($id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + $return = array(); + while ($row=Database::fetch_array($result)) { + $return['user'.$row['user_id']]=array('email' => $row['email'], 'user_id' => $row['user_id']); + } + return $return; +} + +/** + * Get all the users who need to receive a notification of a new post (those subscribed to + * the forum or the thread) + * + * @param integer $forum_id the id of the forum + * @param integer $thread_id the id of the thread + * @param integer $post_id the id of the post + * @return unknown + * + * @author Patrick Cool , Ghent University, Belgium + * @version May 2008, dokeos 1.8.5 + * @since May 2008, dokeos 1.8.5 + */ +function send_notifications($forum_id=0, $thread_id=0, $post_id=0) { + global $_course; + + // the content of the mail + $email_subject = get_lang('NewForumPost')." - ".$_course['official_code']; + $thread_link= api_get_path('WEB_CODE_PATH').'forum/viewthread.php?'.api_get_cidreq().'&forum='.$forum_id.'&thread='.$thread_id; + $message .= $link; + + // users who subscribed to the forum + if ($forum_id<>0) { + $users_to_be_notified_by_forum = get_notifications('forum',$forum_id); + } else { + return false; + } + + // user who subscribed to the thread + if ($thread_id<>0) { + $users_to_be_notified_by_thread = get_notifications('thread',$thread_id); + } + + // merging the two + $users_to_be_notified = array_merge($users_to_be_notified_by_forum, $users_to_be_notified_by_thread); + + if (is_array($users_to_be_notified)) { + foreach ($users_to_be_notified as $key=>$value) { + if ($value['email'] <> $_user['email']) { + $email_body= $value['firstname']." ".$value['lastname']."\n\r"; + $email_body .= '['.$_course['official_code'].'] - ['.$_course['name']."]
    \n"; + $email_body .= get_lang('NewForumPost')."\n"; + $email_body .= get_lang('YouWantedToStayInformed')."

    \n"; + $email_body .= get_lang('ThreadCanBeFoundHere')." : ".$thread_link."\n"; + + //set the charset and use it for the encoding of the email - small fix, not really clean (should check the content encoding origin first) + //here we use the encoding used for the webpage where the text is encoded (ISO-8859-1 in this case) + if(empty($charset)) { + $charset='ISO-8859-1'; + } + + $newmail = api_mail_html($value['lastname'].' '.$value['firstname'], $value['email'], $email_subject, $email_body, $_SESSION['_user']['lastName'].' '.$_SESSION['_user']['firstName'], $_SESSION['_user']['mail']); + } + } + } +} + +/** + * Get all the notification subscriptions of the user + * = which forums and which threads does the user wants to be informed of when a new + * post is added to this thread + * + * @param integer $user_id the user_id of a user (default = 0 => the current user) + * @param boolean $force force get the notification subscriptions (even if the information is already in the session + * + * @author Patrick Cool , Ghent University, Belgium + * @version May 2008, dokeos 1.8.5 + * @since May 2008, dokeos 1.8.5 + */ +function get_notifications_of_user($user_id = 0, $force = false) { + global $_course; + + if ($user_id == 0) { + global $_user; + $user_id = $_user['user_id']; + } + + // database table definition + $table_notification = Database::get_course_table('forum_notification'); + + if (!$_SESSION['forum_notification'] OR $_SESSION['forum_notification']['course'] <> $_course['code'] OR $force=true) { + $_SESSION['forum_notification']['course'] = $_course['code']; + + $sql = "SELECT * FROM $table_notification WHERE user_id='".Database::escape_string($user_id)."'"; + $result=api_sql_query($sql, __FILE__, __LINE__); + while ($row=Database::fetch_array($result)) { + if (!is_null($row['forum_id'])) { + $_SESSION['forum_notification']['forum'][] = $row['forum_id']; + } + if (!is_null($row['thread_id'])) { + $_SESSION['forum_notification']['thread'][] = $row['thread_id']; + } + } + } +} + +/** +* This function counts the number of post inside a thread +* @param int Thread ID +* @return int the number of post inside a thread +* @author Jhon Hinojosa , +* @version octubre 2008, dokeos 1.8 +*/ +function count_number_of_post_in_thread($thread_id) { + global $table_posts; + $sql = "SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($thread_id)."' "; + $result = api_sql_query($sql, __FILE__, __LINE__); + return count(api_store_result($result)); +} + +/** +* This function counts the number of post inside a thread user +* @param int Thread ID +* @param int User ID +* @return int the number of post inside a thread user +* @author Jhon Hinojosa , +* @version octubre 2008, dokeos 1.8 +*/ +function count_number_of_post_for_user_thread($thread_id, $user_id) { + global $table_posts; + $sql = "SELECT * FROM $table_posts WHERE thread_id='".Database::escape_string($thread_id)."' + AND poster_id = '".Database::escape_string($user_id)."' "; + $result = api_sql_query($sql, __FILE__, __LINE__); + return count(api_store_result($result)); +} + +/** +* This function counts the number of user register in course +* @param int Course ID +* @return int the number of user register in course +* @author Jhon Hinojosa , +* @version octubre 2008, dokeos 1.8 +*/ +function count_number_of_user_in_course($course_id) { + $table_course_rel_user = Database::get_main_table("course_rel_user"); + $sql = "SELECT * FROM $table_course_rel_user WHERE course_code ='".Database::escape_string($course_id)."' "; + $result = api_sql_query($sql, __FILE__, __LINE__); + return count(api_store_result($result)); +} + +/** +* This function retrieves information of statistical +* @param int Thread ID +* @param int User ID +* @param int Course ID +* @return array the information of statistical +* @author Jhon Hinojosa , +* @version octubre 2008, dokeos 1.8 +*/ +function get_statistical_information($thread_id, $user_id, $course_id) { + $stadistic = array(); + $stadistic['user_course'] = count_number_of_user_in_course($course_id); + $stadistic['post'] = count_number_of_post_in_thread($thread_id); + $stadistic['user_post'] = count_number_of_post_for_user_thread($thread_id, $user_id); + //$stadistic['average'] = get_average_of_thread_post_user(); + return $stadistic; +} + +/** +* This function counts the number of post inside a thread +* @param int Thread ID +* @param int User ID +* @return int the number of post inside a thread +* @author Jhon Hinojosa , +* @version octubre 2008, dokeos 1.8 +*/ +function get_thread_user_post($thread_id, $user_id ) { + global $table_posts; + global $table_users; + + $sql = "SELECT * FROM $table_posts posts + LEFT JOIN $table_users users + ON posts.poster_id=users.user_id + WHERE posts.thread_id='".Database::escape_string($thread_id)."' + AND posts.poster_id='".Database::escape_string($user_id)."' + ORDER BY posts.post_id ASC"; + + $result=api_sql_query($sql, __FILE__, __LINE__); + + while ($row=Database::fetch_array($result)) { + $row['status'] = '1'; + $post_list[]=$row; + $sql = "SELECT * FROM $table_posts posts + LEFT JOIN $table_users users + ON posts.poster_id=users.user_id + WHERE posts.thread_id='".Database::escape_string($thread_id)."' + AND posts.post_parent_id='".$row['post_id']."' + ORDER BY posts.post_id ASC"; + $result2=api_sql_query($sql, __FILE__, __LINE__); + while ($row2=Database::fetch_array($result2)) + { + $row2['status'] = '0'; + $post_list[] = $row2; + } + } + return $post_list; +} + +/* This function get the name of an user by id + * @param user_id int + * return String + * @author Christian Fasanando + */ + function get_name_user_by_id($user_id) { + $t_users = Database :: get_main_table(TABLE_MAIN_USER); + $sql ="SELECT CONCAT(firstname,' ',lastname) FROM ".$t_users." WHERE user_id = '".$user_id."' "; + $result = api_sql_query($sql, __FILE__, __LINE__); + $row = Database::fetch_array($result); + return $row[0]; + } + + /* This function get the name of an thread by id + * @param thread_id int + * return String + * @author Christian Fasanando + */ + function get_name_thread_by_id($thread_id) { + $t_forum_thread = Database::get_course_table(TABLE_FORUM_THREAD,''); + $sql ="SELECT thread_title FROM ".$t_forum_thread." WHERE thread_id = '".$thread_id."' "; + $result = api_sql_query($sql, __FILE__, __LINE__); + $row = Database::fetch_array($result); + return $row[0]; + } \ No newline at end of file diff --git a/main/forum/forumqualify.php b/main/forum/forumqualify.php index 1f66140a70..bb301d037c 100644 --- a/main/forum/forumqualify.php +++ b/main/forum/forumqualify.php @@ -35,9 +35,21 @@ $current_forum_category=get_forumcategory_information($current_forum['forum_cate $whatsnew_post_info=$_SESSION['whatsnew_post_info']; $interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => $nameTools); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum_category['cat_title'])); -$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title'])); + +if (isset($_GET['gradebook']) && $_GET['gradebook']=='view') { + $info_thread=get_thread_information(Security::remove_XSS($_GET['thread'])); + $interbreadcrumb[]=array("url" => "viewforum.php?forum=".$info_thread['forum_id']."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title'])); +} else { + $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title'])); +} if ($message<>'PostDeletedSpecial') { - $interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title'])); + + if (isset($_GET['gradebook']) && $_GET['gradebook']=='view') { + $info_thread=get_thread_information(Security::remove_XSS($_GET['thread'])); + $interbreadcrumb[]=array("url" => "viewthread.php?forum=".$info_thread['forum_id']."&thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title'])); + } else { + $interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title'])); + } } Display::display_header(); @@ -57,18 +69,17 @@ if ($userinf['status']=='1') { $max_qualify=show_qualify('2',$_GET['cidReq'],$_GET['forum'],$userid,$threadid); require_once 'forumbody.inc.php'; - if(!empty($_REQUEST['idtextqualify'])) { + if (!empty($_REQUEST['idtextqualify'])) { $value_return=store_theme_qualify($userid,$threadid,$qualify,'',date("Y-m-d H:i:s"),''); $url="cidReq=".Security::remove_XSS($_GET['cidReq'])."&forum=".Security::remove_XSS($_GET['forum'])."&thread=".Security::remove_XSS($_GET['thread'])."&post=".Security::remove_XSS($_GET['post'])."&user_id=".Security::remove_XSS($_GET['user_id']); $current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$userid,$threadid); //header('location:forumqualify.php?'.$url.'&idtextqualify='.$current_qualify_thread); - if($value_return[0]!=$_REQUEST['idtextqualify'] && $value_return[1]=='update') - { + if($value_return[0]!=$_REQUEST['idtextqualify'] && $value_return[1]=='update') { store_qualify_historical('1','',$_GET['forum'],$userid,$threadid,$_REQUEST['idtextqualify'],api_get_user_id()); } } - if(!empty($_REQUEST['idtextqualify']) && $_REQUEST['idtextqualify'] > $max_qualify) { + if (!empty($_REQUEST['idtextqualify']) && $_REQUEST['idtextqualify'] > $max_qualify) { $return_message = get_lang('QualificationNotBeGreaterThanMaxScore'); Display :: display_error_message($return_message,false); } @@ -78,10 +89,9 @@ if ($userinf['status']=='1') { $opt=Database::escape_string($_GET['type']); $qualify_historic = get_historical_qualify($user_id_thread, $threadid, $opt); $counter= count($qualify_historic); - if($counter>0) - { + if ($counter>0) { echo '

    '.get_lang('QualificationChangesHistory').'

    '; - if($_GET['type'] == 'false') { + if ($_GET['type'] == 'false') { echo '
    '.get_lang('OrderBy').' :'.get_lang('MoreRecent').' | '.get_lang('Older').'
    '; @@ -105,15 +115,11 @@ if ($userinf['status']=='1') { } $table_list.= '
    \n\n
    \n\n
    '; echo $table_list; - } - else - { + } else { echo get_lang('NotChanged'); } -} -else -{ - //return false; +} else { api_not_allowed(); } +//footer Display::display_footer(); \ No newline at end of file diff --git a/main/forum/newthread.php b/main/forum/newthread.php index 16309422cc..0a62dfdd64 100644 --- a/main/forum/newthread.php +++ b/main/forum/newthread.php @@ -1,4 +1,4 @@ - '../gradebook/index.php', + 'name' => get_lang('Gradebook') + ); +} $interbreadcrumb[]=array("url" => "index.php","name" => $nameTools); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => $current_forum_category['cat_title']); $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum']),"name" => $current_forum['forum_title']); $interbreadcrumb[]=array("url" => "newthread.php?forum=".Security::remove_XSS($_GET['forum']),"name" => get_lang('NewTopic')); - /* ----------------------------------------------------------- Resource Linker @@ -148,7 +154,7 @@ if($origin=='learnpath') { // 4. anonymous posts are not allowed and the user is not logged in // I have split this is several pieces for clarity. -if (!api_is_allowed_to_edit(false,true) AND (($current_forum_category['visibility']==0 OR $current_forum['visibility']==0))) { +if (!api_is_allowed_to_edit(false,true) && (($current_forum_category['visibility']==0 || $current_forum['visibility']==0))) { forum_not_allowed_here(); } // 2. the forumcategory or forum is locked (locked <>0) and the user is not a course manager diff --git a/main/forum/viewforum.php b/main/forum/viewforum.php index c79d552353..b2013fcbfe 100644 --- a/main/forum/viewforum.php +++ b/main/forum/viewforum.php @@ -1,401 +1,405 @@ -, Ghent University -* @Copyright Ghent University -* @Copyright Patrick Cool -* -* @package dokeos.forum -*/ - -// name of the language file that needs to be included -$language_file = 'forum'; - -// including the global dokeos file -require '../inc/global.inc.php'; - -// notice for unauthorized people. -api_protect_course_script(true); - -// the section (tabs) -$this_section=SECTION_COURSES; - -// including additional library scripts -require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); -include_once (api_get_path(LIBRARY_PATH).'groupmanager.lib.php'); -$nameTools=get_lang('Forum'); - - -//are we in a lp ? -$origin = ''; -if(isset($_GET['origin'])) { - $origin = Security::remove_XSS($_GET['origin']); - $origin_string = '&origin='.$origin; -} - -/* ------------------------------------------------------------ - Including necessary files ------------------------------------------------------------ -*/ -require 'forumconfig.inc.php'; -require_once 'forumfunction.inc.php'; - -$userid=api_get_user_id(); -$userinf=api_get_user_info($userid); - -/* -============================================================================== - MAIN DISPLAY SECTION -============================================================================== -*/ - - -/* ------------------------------------------------------------ - Retrieving forum and forum categorie information ------------------------------------------------------------ -*/ -// we are getting all the information about the current forum and forum category. -// note pcool: I tried to use only one sql statement (and function) for this -// but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table -$current_forum=get_forum_information($_GET['forum']); // note: this has to be validated that it is an existing forum. -$current_forum_category=get_forumcategory_information($current_forum['forum_category']); - - - -/* ------------------------------------------------------------ - Header and Breadcrumbs ------------------------------------------------------------ -*/ -$interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS($_GET['search']),"name" => $nameTools); -$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum_category['cat_title'])); -$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title'])); - -if($origin=='learnpath') { - include(api_get_path(INCLUDE_PATH).'reduced_header.inc.php'); -} else { - // the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string - Display :: display_header(''); - api_display_tool_title($nameTools); -} - -/* ------------------------------------------------------------ - Actions ------------------------------------------------------------ -*/ -// Change visibility of a forum or a forum category -if (($_GET['action']=='invisible' OR $_GET['action']=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) { - $message=change_visibility($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first -} -// locking and unlocking -if (($_GET['action']=='lock' OR $_GET['action']=='unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) { - $message=change_lock_status($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first -} -// deleting -if ($_GET['action']=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) { - $message=delete_forum_forumcategory_thread($_GET['content'],$_GET['id']); // note: this has to be cleaned first -} -// moving -if ($_GET['action']=='move' and isset($_GET['thread']) AND api_is_allowed_to_edit(false,true)) { - $message=move_thread_form(); -} -// notification -if ($_GET['action'] == 'notify' AND isset($_GET['content']) AND isset($_GET['id'])) { - $return_message = set_notification($_GET['content'],$_GET['id']); - Display :: display_confirmation_message($return_message,false); -} - -// student list - -if ($_GET['action'] == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) AND $userinf['status']=='1') { - - switch($_GET['list']) { - case "qualify": - $student_list=get_thread_users_qualify($_GET['id']); - $nrorow3 =-2; - break; - case "notqualify": - $student_list=get_thread_users_not_qualify($_GET['id']); - $nrorow3 =-2; - break; - default: - $student_list=get_thread_users_details($_GET['id']); - $nrorow3 = Database::num_rows($student_list); - break; - } - $table_list = '


    '.get_lang('ThreadUsersList').' :'.get_name_thread_by_id($_GET['id']).'

    '; - if ($nrorow3>0 || $nrorow3==-2) { - $url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($_GET['forum']).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content']).'&id='.Security::remove_XSS($_GET['id']); - $table_list.= '
    -
    - - - - - - -
    '.get_lang('AllStudents').''.get_lang('StudentsQualified').''.get_lang('StudentsNotQualified').'
    -
    - '; - - $icon_qualify = 'blog_new.gif'; - $table_list.= '

    '; - // The column headers (to do: make this sortable) - $table_list.= ''; - $table_list.= ''; - - if ($_GET['list']=='qualify') { - $table_list.= ''; - } - if ($userinf['status']=='1') { - $table_list.= ''; - } - $table_list.= ''; - $max_qualify=show_qualify('2',$_GET['cidReq'],$_GET['forum'],$userid,$_GET['id']); - $counter_stdlist=0; - while ($row_student_list=Database::fetch_array($student_list)) { - if ($counter_stdlist%2==0) { - $class_stdlist="row_odd"; - } else { - $class_stdlist="row_even"; - } - $name_user_theme = $row_student_list['firstname'].' '.$row_student_list['lastname']; - $table_list.= ''; - if ($_GET['list']=='qualify') { - $table_list.= ''; - } - if ($userinf['status']=='1') { - $current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$row_student_list['user_id'],$_GET['id']); - $table_list.= ''; - } - $counter_stdlist++; - } - - $table_list.= '
    '.get_lang('NamesAndFirstNames').''.get_lang('Qualify').''.get_lang('Qualify').'
    '.$name_user_theme.''.$row_student_list['qualify'].'/'.$max_qualify.''.icon('../img/'.$icon_qualify,get_lang('Qualify')).'
    '; - $table_list .= '
    '; - } - else - { - $table_list .= get_lang('NoParticipation'); - } -} - -/* ------------------------------------------------------------ - Is the user allowed here? ------------------------------------------------------------ -*/ -// if the user is not a course administrator and the forum is hidden -// then the user is not allowed here. -if (!api_is_allowed_to_edit(false,true) AND ($current_forum_category['visibility']==0 OR $current_forum['visibility']==0)) { - forum_not_allowed_here(); -} - - -/* ------------------------------------------------------------ - Display the action messages ------------------------------------------------------------ -*/ -if (!empty($message)) { - Display :: display_confirmation_message($message); -} -/* ------------------------------------------------------------ - Action Links ------------------------------------------------------------ -*/ -echo '
    '; -echo ''.search_link().''; -// The link should appear when -// 1. the course admin is here -// 2. the course member is here and new threads are allowed -// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed -if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) { - if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) { - echo ''.Display::return_icon('forumthread_new.gif', get_lang('NewTopic')).' '.get_lang('NewTopic').''; - } else { - echo get_lang('ForumLocked'); - } -} -echo '
    '; - -/* ------------------------------------------------------------ - Display ------------------------------------------------------------ -*/ -echo "\n"; - -// the current forum -if ($origin != 'learnpath') { - echo "\t\n\t\t\n"; - echo "\t\n"; -} - -echo "\n"; -echo "\t\n"; - -// The column headers (to do: make this sortable) -echo "\t\n"; -echo "\t\t\n"; -echo "\t\t\n"; -echo "\t\t\n"; -echo "\t\t\n"; -echo "\t\t\n"; -echo "\t\t\n"; -echo "\t\t\n"; -echo "\t\n"; - -// getting al the threads -$threads=get_threads($_GET['forum']); // note: this has to be cleaned first - -$whatsnew_post_info=$_SESSION['whatsnew_post_info']; - -$counter=0; -if(is_array($threads)) { - foreach ($threads as $row) { - // thread who have no replies yet and the only post is invisible should not be displayed to students. - if (api_is_allowed_to_edit(false,true) OR !($row['thread_replies']=='0' AND $row['visible']=='0')) { - if($counter%2==0) { - $class="row_odd"; - } else { - $class="row_even"; - } - echo "\t\n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t\t\n"; - if ($row['user_id']=='0') { - $name=prepare4display($row['thread_poster_name']); - } else { - $name=$row['firstname'].' '.$row['lastname']; - } - echo "\t\t\n"; - if ($row['last_poster_user_id']=='0') { - $name=$row['poster_name']; - } else { - $name=$row['last_poster_firstname'].' '.$row['last_poster_lastname']; - } - - if($origin != 'learnpath') { - echo "\t\t\n"; - } else { - echo "\t\t\n"; - } - - // if the last post is invisible and it is not the teacher who is looking then we have to find the last visible post of the thread - if (($row['visible']=='1' OR api_is_allowed_to_edit(false,true)) && $origin!='learnpath') { - $last_post=$row['thread_date']." ".get_lang('By').' '.display_user_link($row['last_poster_user_id'], $name); - } elseif ($origin!='learnpath') { - $last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC"; - $last_post_result=api_sql_query($last_post_sql, __LINE__, __FILE__); - $last_post_row=mysql_fetch_array($last_post_result); - $name=$last_post_row['firstname'].' '.$last_post_row['lastname']; - $last_post=$last_post_row['post_date']." ".get_lang('By').' '.display_user_link($last_post_row['poster_id'], $name); - } else { - $last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC"; - $last_post_result=api_sql_query($last_post_sql, __LINE__, __FILE__); - $last_post_row=mysql_fetch_array($last_post_result); - $name=$last_post_row['firstname'].' '.$last_post_row['lastname']; - $last_post=$last_post_row['post_date']." ".get_lang('By').' '.$name; - } - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t\n"; - } - $counter++; - - - } -} -echo "
    "; - echo ''.prepare4display($current_forum['forum_title']).''; - - if (!empty ($current_forum['forum_comment'])) { - echo '
    '.prepare4display($current_forum['forum_comment']).''; - } - - if (!empty ($current_forum_category['cat_title'])) { - echo '
    '.prepare4display($current_forum_category['cat_title'])."
    "; - } - echo "
    ".get_lang('Title')."".get_lang('Replies')."".get_lang('Views')."".get_lang('Author')."".get_lang('LastPost')."".get_lang('Actions')."
    "; - if (is_array($whatsnew_post_info[$_GET['forum']][$row['thread_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) { - echo icon('../img/forumthread.gif'); - } else { - echo icon('../img/forumthread.gif'); - } - - if ($row['thread_sticky']==1) { - echo icon('../img/exclamation.gif'); - } - echo ""; - echo "".prepare4display($row['thread_title'])."".$row['thread_replies']."".$row['thread_views']."".display_user_link($row['user_id'], $name)."".$name."".$last_post.""; - if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) { - echo "".icon('../img/edit.gif',get_lang('Edit'))."\n"; - echo "".icon('../img/delete.gif',get_lang('Delete')).""; - display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array("forum"=>$_GET['forum'],'origin'=>$origin)); - display_lock_unlock_icon('thread',$row['thread_id'], $row['locked'], array("forum"=>$_GET['forum'],'origin'=>$origin)); - echo "".icon('../img/deplacer_fichier.gif',get_lang('MoveThread')).""; - } - $iconnotify = 'send_mail.gif'; - if (is_array($_SESSION['forum_notification']['thread'])) { - if (in_array($row['thread_id'],$_SESSION['forum_notification']['thread'])) { - $iconnotify = 'send_mail_checked.gif'; - } - } - $icon_liststd = 'group.gif'; - echo "".icon('../img/'.$iconnotify,get_lang('NotifyMe')).""; - if ($userinf['status']=='1') { - echo ''.icon('../img/'.$icon_liststd,get_lang('StudentList')).''; - } - echo "
    "; -echo $table_list; -/* -============================================================================== - FOOTER -============================================================================== -*/ -if ($origin != 'learnpath') { - Display :: display_footer(); +, Ghent University +* @Copyright Ghent University +* @Copyright Patrick Cool +* +* @package dokeos.forum +*/ + +// name of the language file that needs to be included +$language_file = 'forum'; + +// including the global dokeos file +require '../inc/global.inc.php'; + +// notice for unauthorized people. +api_protect_course_script(true); + +// the section (tabs) +$this_section=SECTION_COURSES; + +// including additional library scripts +require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); +include_once (api_get_path(LIBRARY_PATH).'groupmanager.lib.php'); +$nameTools=get_lang('Forum'); + + +//are we in a lp ? +$origin = ''; +if (isset($_GET['origin'])) { + $origin = Security::remove_XSS($_GET['origin']); + $origin_string = '&origin='.$origin; +} + +/* +----------------------------------------------------------- + Including necessary files +----------------------------------------------------------- +*/ +require 'forumconfig.inc.php'; +require_once 'forumfunction.inc.php'; + +$userid=api_get_user_id(); +$userinf=api_get_user_info($userid); + +/* +============================================================================== + MAIN DISPLAY SECTION +============================================================================== +*/ + + +/* +----------------------------------------------------------- + Retrieving forum and forum categorie information +----------------------------------------------------------- +*/ +// we are getting all the information about the current forum and forum category. +// note pcool: I tried to use only one sql statement (and function) for this +// but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table +$current_forum=get_forum_information($_GET['forum']); // note: this has to be validated that it is an existing forum. +$current_forum_category=get_forumcategory_information($current_forum['forum_category']); + + + +/* +----------------------------------------------------------- + Header and Breadcrumbs +----------------------------------------------------------- +*/ +$interbreadcrumb[]=array("url" => "index.php?search=".Security::remove_XSS($_GET['search']),"name" => $nameTools); +$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id']."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum_category['cat_title'])); +$interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum'])."&search=".Security::remove_XSS(urlencode($_GET['search'])),"name" => prepare4display($current_forum['forum_title'])); + +if ($origin=='learnpath') { + include(api_get_path(INCLUDE_PATH).'reduced_header.inc.php'); +} else { + // the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string + Display :: display_header(''); + api_display_tool_title($nameTools); +} + +/* +----------------------------------------------------------- + Actions +----------------------------------------------------------- +*/ +$table_link = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_LINK); +// Change visibility of a forum or a forum category +if (($_GET['action']=='invisible' OR $_GET['action']=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) { + $message=change_visibility($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first +} +// locking and unlocking +if (($_GET['action']=='lock' OR $_GET['action']=='unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) { + $message=change_lock_status($_GET['content'], $_GET['id'],$_GET['action']);// note: this has to be cleaned first +} +// deleting +if ($_GET['action']=='delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false,true)) { + $message=delete_forum_forumcategory_thread($_GET['content'],$_GET['id']); // note: this has to be cleaned first + //delete link + $sql_link='DELETE FROM '.$table_link.' WHERE ref_id='.Security::remove_XSS($_GET['id']).' and type=5 and course_code="'.api_get_course_id().'";'; + api_sql_query($sql_link); +} +// moving +if ($_GET['action']=='move' and isset($_GET['thread']) AND api_is_allowed_to_edit(false,true)) { + $message=move_thread_form(); +} +// notification +if ($_GET['action'] == 'notify' AND isset($_GET['content']) AND isset($_GET['id'])) { + $return_message = set_notification($_GET['content'],$_GET['id']); + Display :: display_confirmation_message($return_message,false); +} + +// student list + +if ($_GET['action'] == 'liststd' AND isset($_GET['content']) AND isset($_GET['id']) AND $userinf['status']=='1') { + + switch($_GET['list']) { + case "qualify": + $student_list=get_thread_users_qualify($_GET['id']); + $nrorow3 =-2; + break; + case "notqualify": + $student_list=get_thread_users_not_qualify($_GET['id']); + $nrorow3 =-2; + break; + default: + $student_list=get_thread_users_details($_GET['id']); + $nrorow3 = Database::num_rows($student_list); + break; + } + $table_list = '


    '.get_lang('ThreadUsersList').' :'.get_name_thread_by_id($_GET['id']).'

    '; + if ($nrorow3>0 || $nrorow3==-2) { + $url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($_GET['forum']).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content']).'&id='.Security::remove_XSS($_GET['id']); + $table_list.= '
    +
    + + + + + + +
    '.get_lang('AllStudents').''.get_lang('StudentsQualified').''.get_lang('StudentsNotQualified').'
    +
    + '; + + $icon_qualify = 'blog_new.gif'; + $table_list.= '

    '; + // The column headers (to do: make this sortable) + $table_list.= ''; + $table_list.= ''; + + if ($_GET['list']=='qualify') { + $table_list.= ''; + } + if ($userinf['status']=='1') { + $table_list.= ''; + } + $table_list.= ''; + $max_qualify=show_qualify('2',$_GET['cidReq'],$_GET['forum'],$userid,$_GET['id']); + $counter_stdlist=0; + while ($row_student_list=Database::fetch_array($student_list)) { + if ($counter_stdlist%2==0) { + $class_stdlist="row_odd"; + } else { + $class_stdlist="row_even"; + } + $name_user_theme = $row_student_list['firstname'].' '.$row_student_list['lastname']; + $table_list.= ''; + if ($_GET['list']=='qualify') { + $table_list.= ''; + } + if ($userinf['status']=='1') { + $current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$row_student_list['user_id'],$_GET['id']); + $table_list.= ''; + } + $counter_stdlist++; + } + + $table_list.= '
    '.get_lang('NamesAndFirstNames').''.get_lang('Qualify').''.get_lang('Qualify').'
    '.$name_user_theme.''.$row_student_list['qualify'].'/'.$max_qualify.''.icon('../img/'.$icon_qualify,get_lang('Qualify')).'
    '; + $table_list .= '
    '; + } else { + $table_list .= get_lang('NoParticipation'); + } +} + + +/* +----------------------------------------------------------- + Is the user allowed here? +----------------------------------------------------------- +*/ +// if the user is not a course administrator and the forum is hidden +// then the user is not allowed here. +if (!api_is_allowed_to_edit(false,true) AND ($current_forum_category['visibility']==0 OR $current_forum['visibility']==0)) { + forum_not_allowed_here(); +} + + +/* +----------------------------------------------------------- + Display the action messages +----------------------------------------------------------- +*/ +if (!empty($message)) { + Display :: display_confirmation_message($message); +} + + +/* +----------------------------------------------------------- + Action Links +----------------------------------------------------------- +*/ +echo '
    '; +echo ''.search_link().''; +// The link should appear when +// 1. the course admin is here +// 2. the course member is here and new threads are allowed +// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed +if (api_is_allowed_to_edit(false,true) OR ($current_forum['allow_new_threads']==1 AND isset($_user['user_id'])) OR ($current_forum['allow_new_threads']==1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous']==1)) { + if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) { + echo ''.Display::return_icon('forumthread_new.gif',get_lang('NewTopic')).' '.get_lang('NewTopic').''; + } else { + echo get_lang('ForumLocked'); + } +} +echo '
    '; + +/* +----------------------------------------------------------- + Display +----------------------------------------------------------- +*/ +echo "\n"; + +// the current forum +if ($origin != 'learnpath') { + echo "\t\n\t\t\n"; + echo "\t\n"; +} + +echo "\n"; +echo "\t\n"; + +// The column headers (to do: make this sortable) +echo "\t\n"; +echo "\t\t\n"; +echo "\t\t\n"; +echo "\t\t\n"; +echo "\t\t\n"; +echo "\t\t\n"; +echo "\t\t\n"; +echo "\t\t\n"; +echo "\t\n"; + +// getting al the threads +$threads=get_threads($_GET['forum']); // note: this has to be cleaned first + +$whatsnew_post_info=$_SESSION['whatsnew_post_info']; + +$counter=0; +if(is_array($threads)) { + foreach ($threads as $row) { + // thread who have no replies yet and the only post is invisible should not be displayed to students. + if (api_is_allowed_to_edit(false,true) OR !($row['thread_replies']=='0' AND $row['visible']=='0')) { + if($counter%2==0) { + $class="row_odd"; + } else { + $class="row_even"; + } + echo "\t\n"; + echo "\t\t\n"; + echo "\t\t\n"; + echo "\t\t\n"; + if ($row['user_id']=='0') { + $name=prepare4display($row['thread_poster_name']); + } else { + $name=$row['firstname'].' '.$row['lastname']; + } + echo "\t\t\n"; + if ($row['last_poster_user_id']=='0') { + $name=$row['poster_name']; + } else { + $name=$row['last_poster_firstname'].' '.$row['last_poster_lastname']; + } + + if($origin != 'learnpath') { + echo "\t\t\n"; + } else { + echo "\t\t\n"; + } + + // if the last post is invisible and it is not the teacher who is looking then we have to find the last visible post of the thread + if (($row['visible']=='1' OR api_is_allowed_to_edit(false,true)) && $origin!='learnpath') { + $last_post=$row['thread_date']." ".get_lang('By').' '.display_user_link($row['last_poster_user_id'], $name); + } elseif ($origin!='learnpath') { + $last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC"; + $last_post_result=api_sql_query($last_post_sql, __FILE__, __LINE__); + $last_post_row=mysql_fetch_array($last_post_result); + $name=$last_post_row['firstname'].' '.$last_post_row['lastname']; + $last_post=$last_post_row['post_date']." ".get_lang('By').' '.display_user_link($last_post_row['poster_id'], $name); + } else { + $last_post_sql="SELECT post.*, user.firstname, user.lastname FROM $table_posts post, $table_users user WHERE post.poster_id=user.user_id AND visible='1' AND thread_id='".$row['thread_id']."' ORDER BY post_id DESC"; + $last_post_result=api_sql_query($last_post_sql, __FILE__, __LINE__); + $last_post_row=mysql_fetch_array($last_post_result); + $name=$last_post_row['firstname'].' '.$last_post_row['lastname']; + $last_post=$last_post_row['post_date']." ".get_lang('By').' '.$name; + } + echo "\t\t\n"; + echo "\t\t\n"; + echo "\t\n"; + } + $counter++; + + + } +} +echo "
    "; + echo ''.prepare4display($current_forum['forum_title']).''; + + if (!empty ($current_forum['forum_comment'])) { + echo '
    '.prepare4display($current_forum['forum_comment']).''; + } + + if (!empty ($current_forum_category['cat_title'])) { + echo '
    '.prepare4display($current_forum_category['cat_title'])."
    "; + } + echo "
    ".get_lang('Title')."".get_lang('Replies')."".get_lang('Views')."".get_lang('Author')."".get_lang('LastPost')."".get_lang('Actions')."
    "; + if (is_array($whatsnew_post_info[$_GET['forum']][$row['thread_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) { + echo icon('../img/forumthread.gif'); + } else { + echo icon('../img/forumthread.gif'); + } + + if ($row['thread_sticky']==1) { + echo icon('../img/exclamation.gif'); + } + echo ""; + echo "".prepare4display($row['thread_title'])."".$row['thread_replies']."".$row['thread_views']."".display_user_link($row['user_id'], $name)."".$name."".$last_post.""; + if (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session'])) { + echo "".icon('../img/edit.gif',get_lang('Edit'))."\n"; + echo "".icon('../img/delete.gif',get_lang('Delete')).""; + display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array("forum"=>$_GET['forum'],'origin'=>$origin)); + display_lock_unlock_icon('thread',$row['thread_id'], $row['locked'], array("forum"=>$_GET['forum'],'origin'=>$origin)); + echo "".icon('../img/deplacer_fichier.gif',get_lang('MoveThread')).""; + } + $iconnotify = 'send_mail.gif'; + if (is_array($_SESSION['forum_notification']['thread'])) { + if (in_array($row['thread_id'],$_SESSION['forum_notification']['thread'])) { + $iconnotify = 'send_mail_checked.gif'; + } + } + $icon_liststd = 'group.gif'; + echo "".icon('../img/'.$iconnotify,get_lang('NotifyMe')).""; + if ($userinf['status']=='1') { + echo ''.icon('../img/'.$icon_liststd,get_lang('StudentList')).''; + } + echo "
    "; +echo $table_list; +/* +============================================================================== + FOOTER +============================================================================== +*/ +if ($origin != 'learnpath') { + Display :: display_footer(); } \ No newline at end of file diff --git a/main/forum/viewpost.php b/main/forum/viewpost.php index 7d47eb4bed..2d720d63e4 100644 --- a/main/forum/viewpost.php +++ b/main/forum/viewpost.php @@ -52,7 +52,7 @@ $htmlHeadXtra[] = '