chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #12 from AngelFQC/BT9892

Browse Source 
Fix forum tool - refs BT#9892 #TMI
1.10.x
Alex Aragon Calixto 10 years ago
parent e7f388f3e5 b808727539
commit e48cacfaa4
12 changed files with 945 additions and 580 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      main/forum/forumfunction.inc.php
  2. 341
      main/forum/index.php
  3. 4
      main/forum/newthread.php
  4. 308
      main/forum/viewforum.php
  5. 236
      main/forum/viewforumcategory.php
  6. 35
      main/forum/viewpost.inc.php
  7. 103
      main/forum/viewthread.php
  8. 245
      main/forum/viewthread_flat.inc.php
  9. 194
      main/forum/viewthread_nested.inc.php
  10. 6
      main/install/database.sql
  11. 40
      src/Chamilo/CoreBundle/Migrations/Schema/V110/Version20150521113600.php
  12. 4
      src/Chamilo/CourseBundle/Entity/CForumThread.php

9
main/forum/forumfunction.inc.php
Unescape View File

@ -1230,19 +1230,20 @@ function move_up_down($content, $direction, $id)
// The SQL statement
if ($content == 'forumcategory') {
$sql = "SELECT *
FROM".$table_categories." forum_categories, ".$table_item_property." item_properties
FROM $table_categories forum_categories, $table_item_property item_properties
WHERE
forum_categories.c_id = $course_id AND
item_properties.c_id = $course_id AND
forum_categories.cat_id=item_properties.ref AND
item_properties.tool='".TOOL_FORUM_CATEGORY."'
item_properties.tool='" . TOOL_FORUM_CATEGORY . "'
ORDER BY forum_categories.cat_order $sort_direction";
}
if ($content == 'forum') {
$sql = "SELECT * FROM".$table."
$sql = "SELECT *
FROM $table
WHERE
c_id = $course_id AND
forum_category='".Database::escape_string($forum_category)."'
forum_category='" . Database::escape_string($forum_category) . "'
ORDER BY forum_order $sort_direction";
}
// echo $sql.'<br />';

341
main/forum/index.php
Unescape View File

@ -64,14 +64,12 @@ if (!empty($_GET['gradebook']) && $_GET['gradebook'] == 'view') {
if (!empty($gradebook) && $gradebook == 'view') {
$interbreadcrumb[] = array(
'url' => '../gradebook/'.$_SESSION['gradebook_dest'],
'url' => '../gradebook/' . $_SESSION['gradebook_dest'],
'name' => get_lang('ToolGradebook'),
);
}
$search_forum = isset($_GET['search']) ? Security::remove_XSS(
$_GET['search']
) : '';
$search_forum = isset($_GET['search']) ? Security::remove_XSS($_GET['search']) : '';
/* ACTIONS */
@ -81,7 +79,7 @@ if ($actions == 'add') {
switch ($_GET['content']) {
case 'forum':
$interbreadcrumb[] = array(
'url' => 'index.php?search='.$search_forum.'&'.api_get_cidreq(),
'url' => 'index.php?search=' . $search_forum . '&' . api_get_cidreq(),
'name' => get_lang('Forum'),
);
$interbreadcrumb[] = array(
@ -91,7 +89,7 @@ if ($actions == 'add') {
break;
case 'forumcategory':
$interbreadcrumb[] = array(
'url' => 'index.php?search='.$search_forum.'&'.api_get_cidreq(),
'url' => 'index.php?search=' . $search_forum . '&' . api_get_cidreq(),
'name' => get_lang('Forum'),
);
$interbreadcrumb[] = array(
@ -125,7 +123,8 @@ if (api_is_allowed_to_edit(false, true)) {
// Notification
if ($actions == 'notify' && isset($_GET['content']) && isset($_GET['id'])) {
if (api_get_session_id() != 0 &&
if (
api_get_session_id() != 0 &&
api_is_allowed_to_session_edit(false, true) == false
) {
api_not_allowed();
@ -187,28 +186,30 @@ echo '<div class="actions">';
//if is called from learning path
if (!empty($_GET['lp_id']) || !empty($_POST['lp_id'])) {
echo "<a href=\"../newscorm/lp_controller.php?".api_get_cidreq(
)."&gradebook=&action=add_item&type=step&lp_id=".$lp_id."#resource_tab-5\">".
Display::return_icon(
echo "<a href=\"../newscorm/lp_controller.php?"
. api_get_cidreq()
. "&gradebook=&action=add_item&type=step&lp_id=$lp_id#resource_tab-5\">"
. Display::return_icon(
'back.png',
get_lang("BackTo").' '.get_lang("LearningPaths"),
get_lang("BackTo") . ' ' . get_lang("LearningPaths"),
'',
ICON_SIZE_MEDIUM
)."</a>";
)
. "</a>";
}
if (!empty($forum_list)) {
echo search_link();
}
if (api_is_allowed_to_edit(false, true)) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=add&content=forumcategory&lp_id='.$lp_id.'"> '.
echo '<a href="'
. api_get_self() . '?' . api_get_cidreq()
. '&action=add&content=forumcategory&lp_id=' . $lp_id . '"> ' .
Display::return_icon(
'new_folder.png',
get_lang('AddForumCategory'),
'',
ICON_SIZE_MEDIUM
).'</a>';
'new_folder.png', get_lang('AddForumCategory'), '', ICON_SIZE_MEDIUM
)
. '</a>';
if (is_array($forumCategories) and !empty($forumCategories)) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=add&content=forum&lp_id='.$lp_id.'"> '.
@ -252,9 +253,7 @@ if (is_array($forumCategories)) {
);
if (empty($sessionId) && !empty($forumCategory['session_name'])) {
$session_displayed = ' ('.Security::remove_XSS(
$forumCategory['session_name']
).')';
$session_displayed = ' (' . Security::remove_XSS($forumCategory['session_name']) . ')';
} else {
$session_displayed = '';
}
@ -263,85 +262,91 @@ if (is_array($forumCategories)) {
$forumCategory['cat_title'] = get_lang('WithoutCategory');
}
$html = '';
$iconsEdit = '';
$idCategory = $forumCategory['cat_id'];
$urlCategory = 'viewforumcategory.php?' . api_get_cidreq() . '&forumcategory=' . intval($idCategory);
$titleCategory = Display::tag(
'a',
$forumCategory['cat_title'],
array(
'href' => $urlCategory,
'class' => return_visible_invisible($forumCategory['visibility'])
)
);
$html = '';
$iconsEdit = '';
$idCategory = $forumCategory['cat_id'];
$urlCategory = 'viewforumcategory.php?'.api_get_cidreq().'&forumcategory='.intval($idCategory);
$titleCategory = Display::tag(
'a',
$forumCategory['cat_title'],
array(
'href' => $urlCategory,
'class' => return_visible_invisible($forumCategory['visibility'])
)
);
$descriptionCategory = $forumCategory['cat_comment'];
if (!empty($idCategory)){
if (api_is_allowed_to_edit(false, true) && !($forumCategory['session_id'] == 0 && intval($sessionId) != 0)){
$iconsEdit.= '<a href="'.api_get_self().'?'.api_get_cidreq()
.'&action=edit&content=forumcategory&id='.intval($idCategory).
'">'.Display::return_icon(
'edit.png',
get_lang('Edit'),
array(),
ICON_SIZE_SMALL
).'</a>';
$iconsEdit.='<a href="'.api_get_self().'?'.api_get_cidreq().
'&action=delete&content=forumcategory&id='. intval($idCategory).
"\" onclick=\"javascript:if(!confirm('". addslashes(api_htmlentities(
get_lang('DeleteForumCategory'),
ENT_QUOTES
)).
"')) return false;\">".
Display::return_icon(
$descriptionCategory = $forumCategory['cat_comment'];
if (!empty($idCategory)){
if (
api_is_allowed_to_edit(false, true) &&
!($forumCategory['session_id'] == 0 &&
intval($sessionId) != 0)
){
$iconsEdit .= '<a href="' . api_get_self() . '?' . api_get_cidreq()
. '&action=edit&content=forumcategory&id=' . intval($idCategory)
. '">' . Display::return_icon(
'edit.png',
get_lang('Edit'),
array(),
ICON_SIZE_SMALL
)
. '</a>';
$iconsEdit .='<a href="' . api_get_self() . '?' . api_get_cidreq()
. '&action=delete&content=forumcategory&id=' . intval($idCategory)
. "\" onclick=\"javascript:if(!confirm('"
. addslashes(api_htmlentities(
get_lang('DeleteForumCategory'),
ENT_QUOTES
))
. "')) return false;\">"
. Display::return_icon(
'delete.png',
get_lang('Delete'),
array(),
ICON_SIZE_SMALL
).
'</a>';
$iconsEdit .= return_visible_invisible_icon(
'forumcategory',
strval(intval($idCategory)),
strval(intval($forumCategory['visibility']))
);
$iconsEdit .= return_lock_unlock_icon(
'forumcategory',
strval(intval($$idCategory)),
strval(intval($forumCategory['locked']))
);
$iconsEdit .= return_up_down_icon(
'forumcategory',
strval(intval($idCategory)),
$forumCategories
);
}
)
. '</a>';
$iconsEdit .= return_visible_invisible_icon(
'forumcategory',
strval(intval($idCategory)),
strval(intval($forumCategory['visibility']))
);
$iconsEdit .= return_lock_unlock_icon(
'forumcategory',
strval(intval($idCategory)),
strval(intval($forumCategory['locked']))
);
$iconsEdit .= return_up_down_icon(
'forumcategory',
strval(intval($idCategory)),
$forumCategories
);
}
}
$html .= '<div class="category-forum">';
$html .= Display::tag(
'div',
$iconsEdit,
array(
'class' => 'pull-right'
)
);
$icoCategory = Display::return_icon(
'forum_blue.png',
get_lang(
$forumCategory['cat_title']
),
array(),
ICON_SIZE_MEDIUM
);
$html .= '<h3>' . $icoCategory . $titleCategory . '</h3>';
$html .= '<div class="category-forum">';
$html .= Display::tag(
'div',
$iconsEdit,
array(
'class' => 'pull-right'
)
);
$icoCategory = Display::return_icon(
'forum_blue.png',
get_lang(
$forumCategory['cat_title']
),
array(),
ICON_SIZE_MEDIUM
);
$html .= '<h3>' . $icoCategory . $titleCategory . '</h3>';
if ($descriptionCategory != '' && trim($descriptionCategory) != '&nbsp;') {
$html .= '<div class="forum-description">'.$descriptionCategory.'</div>';
}
if ($descriptionCategory != '' && trim($descriptionCategory) != '&nbsp;') {
$html .= '<div class="forum-description">'.$descriptionCategory.'</div>';
}
$html .= '</div>';
echo $html;
@ -367,7 +372,8 @@ if (is_array($forumCategories)) {
// test if $whatsnew_post_info[$forum['forum_id']] is empty or not.
if (isset($forum['forum_id'])) {
if (!empty($whatsnew_post_info)) {
if (isset($whatsnew_post_info[$forum['forum_id']]) &&
if (
isset($whatsnew_post_info[$forum['forum_id']]) &&
is_array($whatsnew_post_info[$forum['forum_id']])
) {
foreach ($whatsnew_post_info[$forum['forum_id']] as $key_thread_id => $new_post_array) {
@ -382,15 +388,14 @@ if (is_array($forumCategories)) {
// Note: This can be speed up if we transform the $forum_list
// to an array that uses the forum_category as the key.
if (isset($forum['forum_category']) &&
if (
isset($forum['forum_category']) &&
$forum['forum_category'] == $forumCategory['cat_id']
) {
$show_forum = false;
// SHOULD WE SHOW THIS PARTICULAR FORUM
// you are teacher => show forum
if (api_is_allowed_to_edit(false, true)) {
$show_forum = true;
} else {
@ -422,9 +427,10 @@ if (is_array($forumCategories)) {
// Showing the image
if (!empty($forum['forum_image'])) {
$image_path = api_get_path(
WEB_COURSE_PATH
) . api_get_course_path() . '/upload/forum/images/' . $forum['forum_image'];
$image_path = api_get_path(WEB_COURSE_PATH)
. api_get_course_path()
. '/upload/forum/images/'
. $forum['forum_image'];
$image_size = api_getimagesize($image_path);
$img_attributes = '';
if (!empty($image_size)) {
@ -433,12 +439,10 @@ if (is_array($forumCategories)) {
$imgForum = "<img src=\"$image_path\" $img_attributes>";
} else {
$imgForum = '';
}
$forum_image = $imgForum;
} else {
if ($forum['forum_of_group'] == '0') {
$forum_image = Display::return_icon(
'forum_group.png',
@ -446,7 +450,6 @@ if (is_array($forumCategories)) {
null,
ICON_SIZE_LARGE
);
} else {
$forum_image = Display::return_icon(
'forum.png',
@ -473,16 +476,16 @@ if (is_array($forumCategories)) {
0,
30
);
$forum_title_group_addition = ' (<a href="../group/group_space.php?'.api_get_cidreq(
).'&gidReq='.$forum['forum_of_group'].'" class="forum_group_link">'.get_lang(
'GoTo'
).' '.$group_title.'</a>)'.$session_img;
$forum_title_group_addition = ' (<a href="../group/group_space.php?'
. api_get_cidreq() . '&gidReq=' . $forum['forum_of_group']
. '" class="forum_group_link">' . get_lang('GoTo') . ' ' . $group_title . '</a>)'
. $session_img;
} else {
$forum_title_group_addition = '';
}
if (empty($sessionId) && !empty($forum['session_name'])) {
$session_displayed = ' ('.$forum['session_name'].')';
$session_displayed = ' (' . $forum['session_name'] . ')';
} else {
$session_displayed = '';
}
@ -494,7 +497,9 @@ if (is_array($forumCategories)) {
$html .= '<div class="row">';
$html .= '<div class="col-md-6">';
$html .= '<div class="col-md-3">';
$html .= '<div class="number-post">'.$forum_image .'<p>' . $number_posts . ' ' . get_lang('Posts') . '</p></div>';
$html .= '<div class="number-post">'
. $forum_image . '<p>' . $number_posts . ' ' . get_lang('Posts') . '</p>'
. '</div>';
$html .= '</div>';
$html .= '<div class="col-md-9">';
@ -509,9 +514,11 @@ if (is_array($forumCategories)) {
'a',
$forum['forum_title'],
array (
'href'=>'viewforum.php?' . api_get_cidreq().'&gidReq=' . intval($groupid).'&forum=' . intval(
$forum['forum_id']),
'class' => return_visible_invisible( strval( intval($forum['visibility']) ) ) )
'href' => 'viewforum.php?' . api_get_cidreq()
. '&gidReq=' . intval($groupid)
. '&forum=' . intval($forum['forum_id']),
'class' => return_visible_invisible( strval( intval($forum['visibility']) ) )
)
);
$html .= '<h3 class="title">' . $iconForum . $linkForum . '</h3>';
@ -526,30 +533,29 @@ if (is_array($forumCategories)) {
$html .= '</div>';
$html .= '</div>';
$iconEmpty='';
// The number of topics and posts.
if ($forum['forum_of_group'] !== '0') {
$iconEmpty='';
$newPost='';
if (is_array($mywhatsnew_post_info) && !empty($mywhatsnew_post_info)) {
$newPost = ' '.
Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
$newPost = ' ' . Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
} else {
$newPost = $iconEmpty;
}
} else {
if (is_array($mywhatsnew_post_info) && !empty($mywhatsnew_post_info)) {
$newPost = ' '.
Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
$newPost = ' ' . Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
} else {
$newPost = $iconEmpty;
}
@ -585,16 +591,16 @@ if (is_array($forumCategories)) {
);
}
if (!empty($forum['last_post_id'])) {
$html .= Display::return_icon(
'post-item.png',
null,
null,
ICON_SIZE_TINY
).' '.
api_convert_and_format_date($forum['last_post_date']).
'<br /> ' . get_lang('By').' '.
)
. ' ' .
api_convert_and_format_date($forum['last_post_date'])
. '<br /> ' . get_lang('By') . ' ' .
display_user_link(
$poster_id,
$name,
@ -605,34 +611,22 @@ if (is_array($forumCategories)) {
$html .= '</div>';
$html .= '<div class="col-md-4">';
if (api_is_allowed_to_edit(
false,
true
) && !($forum['session_id'] == 0 && intval(
$sessionId
) != 0)
if (
api_is_allowed_to_edit(false, true) &&
!($forum['session_id'] == 0 && intval($sessionId) != 0)
) {
$html .= '<a href="'.api_get_self() . '?' . api_get_cidreq(
).'&action=edit&content=forum&id='.$forum['forum_id'] . '">'.
Display::return_icon(
'edit.png',
get_lang('Edit'),
array(),
ICON_SIZE_SMALL
) . '</a>';
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=delete&content=forum&id='.$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(
api_htmlentities(
get_lang('DeleteForum'),
ENT_QUOTES
)
)."')) return false;\">".
Display::return_icon(
'delete.png',
get_lang('Delete'),
array(),
ICON_SIZE_SMALL
).'</a>';
$html .= '<a href="'.api_get_self() . '?' . api_get_cidreq()
. '&action=edit&content=forum&id=' . $forum['forum_id'] . '">'
. Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL)
. '</a>';
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq()
. '&action=delete&content=forum&id=' . $forum['forum_id']
. "\" onclick=\"javascript:if(!confirm('" . addslashes(
api_htmlentities(get_lang('DeleteForum'), ENT_QUOTES)
)
. "')) return false;\">"
. Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)
. '</a>';
$html .= return_visible_invisible_icon(
'forum',
$forum['forum_id'],
@ -651,7 +645,7 @@ if (is_array($forumCategories)) {
}
$iconnotify = 'notification_mail_na.png';
$session_forum_notification = isset($_SESSION['forum_notification']['forum']) ?
$_SESSION['forum_notification']['forum'] : false;
$_SESSION['forum_notification']['forum'] : false;
if (is_array($session_forum_notification)) {
if (in_array(
$forum['forum_id'],
@ -661,20 +655,16 @@ if (is_array($forumCategories)) {
}
}
if (!api_is_anonymous(
) && api_is_allowed_to_session_edit(false, true)
if (
!api_is_anonymous() &&
api_is_allowed_to_session_edit(false, true)
) {
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq(
).'&action=notify&content=forum&id='.$forum['forum_id'].'">'.
Display::return_icon(
$iconnotify,
get_lang('NotifyMe'),
null,
ICON_SIZE_SMALL
) . '</a>';
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq()
. '&action=notify&content=forum&id=' . $forum['forum_id'] . '">'
. Display::return_icon($iconnotify, get_lang('NotifyMe'), null, ICON_SIZE_SMALL)
. '</a>';
}
$html .= '</div>';
$html .= '</div>';
$html .= '</div>';
@ -682,19 +672,14 @@ if (is_array($forumCategories)) {
$html .= '</div>';
$html .= '</div>';
$html .= '</div>';
}
echo $html;
}
}
} else {
echo '<div class="alert alert-warning">'.get_lang(
'NoForumInThisCategory'
).'</div>'.(api_is_allowed_to_edit(
false,
true
) ? '<div>' : '</div>').'</div>';
echo '<div class="alert alert-warning">' . get_lang('NoForumInThisCategory') . '</div>'
. (api_is_allowed_to_edit(false, true) ? '<div>' : '</div>')
. '</div>';
}
echo '</div>';

4
main/forum/newthread.php
Unescape View File

@ -137,7 +137,7 @@ if (isset($_POST['add_resources']) AND $_POST['add_resources'] == get_lang('Reso
$_SESSION['formelements'] = $_POST;
$_SESSION['origin'] = $_SERVER['REQUEST_URI'];
$_SESSION['breadcrumbs'] = $interbreadcrumb;
header('Location: ../resourcelinker/resourcelinker.php');
Header::location('../resourcelinker/resourcelinker.php');
}
/* Header */
@ -175,6 +175,6 @@ if (!empty($values) && isset($values['SubmitPost'])) {
echo $attachmentAjaxForm;
}
if ($origin != 'learnpath') {
if (isset($origin) && $origin != 'learnpath') {
Display :: display_footer();
}

308
main/forum/viewforum.php
Unescape View File

@ -40,7 +40,7 @@ $nameTools = get_lang('ToolForum');
$origin = '';
$origin_string = '';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
$origin = Security::remove_XSS($_GET['origin']);
$origin_string = '&origin='.$origin;
}
@ -72,16 +72,19 @@ if (!empty($groupId)) {
$is_group_tutor = GroupManager::is_tutor_of_group(api_get_user_id(), $groupId);
//Course
if (!api_is_allowed_to_edit(false, true) AND //is a student
if (
!api_is_allowed_to_edit(false, true) AND //is a student
(($current_forum_category && $current_forum_category['visibility'] == 0) OR
$current_forum['visibility'] == 0 OR !$user_has_access_in_group)
$current_forum['visibility'] == 0 OR !$user_has_access_in_group)
) {
api_not_allowed(true);
}
} else {
//Course
if (!api_is_allowed_to_edit(false, true) AND //is a student
(($current_forum_category && $current_forum_category['visibility'] == 0) OR
if (
!api_is_allowed_to_edit(false, true) AND //is a student
(
($current_forum_category && $current_forum_category['visibility'] == 0) OR
$current_forum['visibility'] == 0
) //forum category or forum visibility is false
) {
@ -114,39 +117,79 @@ if (!empty($_GET['gidReq'])) {
$forumUrl = api_get_path(WEB_CODE_PATH).'forum/';
if ($origin == 'group') {
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'group/group.php', 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'group/group_space.php?'.api_get_cidreq(), 'name'=> get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Forum').' '.Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array(
'url' => api_get_path(WEB_CODE_PATH) . 'group/group.php',
'name' => get_lang('Groups')
);
$interbreadcrumb[] = array(
'url' => api_get_path(WEB_CODE_PATH) . 'group/group_space.php?' . api_get_cidreq(),
'name' => get_lang('GroupSpace') . ' ' . $group_properties['name']
);
$interbreadcrumb[] = array(
'url' => '#',
'name' => get_lang('Forum') . ' ' . Security::remove_XSS($current_forum['forum_title'])
);
} else {
$interbreadcrumb[] = array('url' => $forumUrl.'index.php?search='.Security::remove_XSS($my_search), 'name' => get_lang('ForumCategories'));
$interbreadcrumb[] = array('url' => $forumUrl.'viewforumcategory.php?forumcategory='.$current_forum_category['cat_id'].'&search='.Security::remove_XSS(urlencode($my_search)), 'name' => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[] = array('url' => '#', 'name' => Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array(
'url' => $forumUrl . 'index.php?search=' . Security::remove_XSS($my_search),
'name' => get_lang('ForumCategories')
);
$interbreadcrumb[] = array(
'url' => $forumUrl . 'viewforumcategory.php?forumcategory=' . $current_forum_category['cat_id']
. '&search=' . Security::remove_XSS(urlencode($my_search)),
'name' => prepare4display($current_forum_category['cat_title'])
);
$interbreadcrumb[] = array(
'url' => '#',
'name' => Security::remove_XSS($current_forum['forum_title'])
);
}
if ($origin == 'learnpath') {
Display::display_reduced_header();
} else {
// The last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string.
Display :: display_header('');
Display::display_header('');
}
/* Actions */
// Change visibility of a forum or a forum category.
if (($my_action == 'invisible' OR $my_action=='visible') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false, true) && api_is_allowed_to_session_edit(false, true)) {
if (
($my_action == 'invisible' OR $my_action == 'visible') AND
isset($_GET['content']) AND
isset($_GET['id']) AND
api_is_allowed_to_edit(false, true) &&
api_is_allowed_to_session_edit(false, true)
) {
$message = change_visibility($_GET['content'], $_GET['id'], $_GET['action']);
}
// Locking and unlocking.
if (($my_action == 'lock' OR $my_action == 'unlock') AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false, true) && api_is_allowed_to_session_edit(false, true)) {
if (
($my_action == 'lock' OR $my_action == 'unlock') AND
isset($_GET['content']) AND isset($_GET['id']) AND
api_is_allowed_to_edit(false, true) &&
api_is_allowed_to_session_edit(false, true)
) {
$message = change_lock_status($_GET['content'], $_GET['id'], $my_action);
}
// Deleting.
if ($my_action == 'delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false, true) && api_is_allowed_to_session_edit(false, true)) {
if (
$my_action == 'delete' AND
isset($_GET['content']) AND
isset($_GET['id']) AND
api_is_allowed_to_edit(false, true) &&
api_is_allowed_to_session_edit(false, true)
) {
$locked = api_resource_is_locked_by_gradebook($_GET['id'], LINK_FORUM_THREAD);
if ($locked == false) {
$message = deleteForumCategoryThread($_GET['content'], $_GET['id']);
// Delete link
$link_info = GradebookUtils::is_resource_in_course_gradebook(api_get_course_id(), 5 , intval($_GET['id']), api_get_session_id());
$link_info = GradebookUtils::is_resource_in_course_gradebook(
api_get_course_id(),
5,
intval($_GET['id']),
api_get_session_id()
);
$link_id = $link_info['id'];
if ($link_info !== false) {
GradebookUtils::remove_resource_from_course_gradebook($link_id);
@ -161,24 +204,28 @@ if ($my_action == 'move' && isset($_GET['thread']) &&
$message = move_thread_form();
}
// Notification.
if ($my_action == 'notify' &&
if (
$my_action == 'notify' &&
isset($_GET['content']) &&
isset($_GET['id']) &&
api_is_allowed_to_session_edit(false, true)
) {
$return_message = set_notification($_GET['content'], $_GET['id']);
Display :: display_confirmation_message($return_message, false);
Display::display_confirmation_message($return_message, false);
}
// Student list
if ($my_action == 'liststd' &&
if (
$my_action == 'liststd' &&
isset($_GET['content']) &&
isset($_GET['id']) &&
(api_is_allowed_to_edit(null, true) || $is_group_tutor)
) {
$active = null;
switch ($_GET['list']) {
$listType = isset($_GET['list']) ? $_GET['list'] : null;
switch ($listType) {
case 'qualify':
$student_list = get_thread_users_qualify($_GET['id']);
$nrorow3 = -2;
@ -196,22 +243,25 @@ if ($my_action == 'liststd' &&
break;
}
$table_list = Display::page_subheader(get_lang('ThreadUsersList').': '.get_name_thread_by_id($_GET['id']));
$table_list = Display::page_subheader(get_lang('ThreadUsersList') . ': ' . get_name_thread_by_id($_GET['id']));
if ($nrorow3 > 0 || $nrorow3 == -2) {
$url = 'cidReq='.Security::remove_XSS($_GET['cidReq']).'&forum='.Security::remove_XSS($my_forum).'&action='.Security::remove_XSS($_GET['action']).'&content='.Security::remove_XSS($_GET['content'],STUDENT).'&id='.intval($_GET['id']);
$url = 'cidReq=' . Security::remove_XSS($_GET['cidReq']) .
'&forum=' . Security::remove_XSS($my_forum) . '&action='
. Security::remove_XSS($_GET['action']) . '&content='
. Security::remove_XSS($_GET['content'], STUDENT) . '&id=' . intval($_GET['id']);
$tabs = array(
array(
'content' => get_lang('AllStudents'),
'url' => $forumUrl.'viewforum.php?'.$url.'&origin='.$origin.'&list=all'
'url' => $forumUrl . 'viewforum.php?' . $url . '&origin=' . $origin . '&list=all'
),
array(
'content' => get_lang('StudentsQualified'),
'url' => $forumUrl.'viewforum.php?'.$url.'&origin='.$origin.'&list=qualify'
'url' => $forumUrl . 'viewforum.php?' . $url . '&origin=' . $origin . '&list=qualify'
),
array(
'content' => get_lang('StudentsNotQualified'),
'url' => $forumUrl.'viewforum.php?'.$url.'&origin='.$origin.'&list=notqualify'
'url' => $forumUrl . 'viewforum.php?' . $url . '&origin=' . $origin . '&list=notqualify'
),
);
$table_list .= Display::tabs_only_link($tabs, $active);
@ -220,13 +270,13 @@ if ($my_action == 'liststd' &&
$table_list .= '<center><br /><table class="data_table" style="width:50%">';
// The column headers (TODO: Make this sortable).
$table_list .= '<tr >';
$table_list .= '<th height="24">'.get_lang('NamesAndLastNames').'</th>';
$table_list .= '<th height="24">' . get_lang('NamesAndLastNames') . '</th>';
if ($_GET['list'] == 'qualify') {
$table_list.= '<th>'.get_lang('Qualification').'</th>';
if ($listType == 'qualify') {
$table_list .= '<th>' . get_lang('Qualification') . '</th>';
}
if (api_is_allowed_to_edit(null, true)) {
$table_list.= '<th>'.get_lang('Qualify').'</th>';
$table_list .= '<th>' . get_lang('Qualify') . '</th>';
}
$table_list .= '</tr>';
$max_qualify = showQualify('2', $userid, $_GET['id']);
@ -234,36 +284,40 @@ if ($my_action == 'liststd' &&
if (Database::num_rows($student_list) > 0) {
while ($row_student_list=Database::fetch_array($student_list)) {
$userInfo = api_get_user_info($row_student_list['user_id']);
$userInfo = api_get_user_info($row_student_list['id']);
if ($counter_stdlist % 2 == 0) {
$class_stdlist = 'row_odd';
} else {
$class_stdlist = 'row_even';
}
$table_list .= '<tr class="'.$class_stdlist.'"><td>';
$table_list .= '<tr class="' . $class_stdlist . '"><td>';
$table_list .= UserManager::getUserProfileLink($userInfo);
$table_list .= '</td>';
if ($_GET['list'] == 'qualify') {
$table_list .= '<td>'.$row_student_list['qualify'].'/'.$max_qualify.'</td>';
if ($listType == 'qualify') {
$table_list .= '<td>' . $row_student_list['qualify'] . '/' . $max_qualify . '</td>';
}
if (api_is_allowed_to_edit(null, true)) {
$current_qualify_thread = showQualify(
'1',
$row_student_list['user_id'],
$row_student_list['id'],
$_GET['id']
);
$table_list .= '<td>
<a href="'.$forumUrl.'forumqualify.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&thread='.Security::remove_XSS($_GET['id']).'&user='.$row_student_list['user_id'].'&user_id='.$row_student_list['user_id'].'&idtextqualify='.$current_qualify_thread.'&origin='.$origin.'">'.
Display::return_icon($icon_qualify, get_lang('Qualify')).'</a></td></tr>';
<a href="' . $forumUrl . 'forumqualify.php?' . api_get_cidreq()
. '&forum=' . Security::remove_XSS($my_forum) . '&thread='
. Security::remove_XSS($_GET['id']) . '&user=' . $row_student_list['id']
. '&user_id=' . $row_student_list['id'] . '&idtextqualify='
. $current_qualify_thread . '&origin=' . $origin . '">'
. Display::return_icon($icon_qualify, get_lang('Qualify')) . '</a></td></tr>';
}
$counter_stdlist++;
}
} else {
if ($_GET['list'] == 'qualify') {
$table_list .= '<tr><td colspan="2">'.get_lang('ThereIsNotQualifiedLearners').'</td></tr>';
if ($listType == 'qualify') {
$table_list .= '<tr><td colspan="2">' . get_lang('ThereIsNotQualifiedLearners') . '</td></tr>';
} else {
$table_list .= '<tr><td colspan="2">'.get_lang('ThereIsNotUnqualifiedLearners').'</td></tr>';
$table_list .= '<tr><td colspan="2">' . get_lang('ThereIsNotUnqualifiedLearners') . '</td></tr>';
}
}
@ -281,7 +335,7 @@ if ($origin == 'learnpath') {
/* Display the action messages */
if (!empty($message)) {
Display :: display_confirmation_message($message);
Display::display_confirmation_message($message);
}
/* Action links */
@ -290,12 +344,15 @@ echo '<div class="actions">';
if ($origin != 'learnpath') {
if ($origin=='group') {
echo '<a href"='.api_get_path(WEB_CODE_PATH).'group/group_space.php?'.api_get_cidreq().'&gradebook='.$gradebook.'">'.
Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('Groups'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href"=' . api_get_path(WEB_CODE_PATH) . 'group/group_space.php?'
. api_get_cidreq() . '&gradebook=' . $gradebook . '">'
. Display::return_icon('back.png', get_lang('BackTo')
. ' ' . get_lang('Groups'), '', ICON_SIZE_MEDIUM) . '</a>';
} else {
echo '<span style="float:right;">'.search_link().'</span>';
echo '<a href="'.$forumUrl.'index.php?'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM).'</a>';
echo '<a href="' . $forumUrl . 'index.php?' . api_get_cidreq() . '">'
. Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM)
. '</a>';
}
}
@ -303,19 +360,24 @@ if ($origin != 'learnpath') {
// 1. the course admin is here
// 2. the course member is here and new threads are allowed
// 3. a visitor is here and new threads AND allowed AND anonymous posts are allowed
if (api_is_allowed_to_edit(false, true) OR
if (
api_is_allowed_to_edit(false, true) OR
($current_forum['allow_new_threads'] == 1 AND isset($_user['user_id'])) OR
($current_forum['allow_new_threads'] == 1 AND !isset($_user['user_id']) AND $current_forum['allow_anonymous'] == 1)
) {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) {
if (!api_is_anonymous() && !api_is_invitee()) {
if ($my_forum == strval(intval($my_forum))) {
echo '<a href="'.$forumUrl.'newthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).$origin_string.'">'.
Display::return_icon('new_thread.png',get_lang('NewTopic'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href="' . $forumUrl . 'newthread.php?' . api_get_cidreq() . '&forum='
. Security::remove_XSS($my_forum) . $origin_string . '">'
. Display::return_icon('new_thread.png', get_lang('NewTopic'), '', ICON_SIZE_MEDIUM)
. '</a>';
} else {
$my_forum = strval(intval($my_forum));
echo '<a href="'.$forumUrl.'newthread.php?'.api_get_cidreq().'&forum='.$my_forum.$origin_string.'">'.
Display::return_icon('new_thread.png',get_lang('NewTopic'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href="' . $forumUrl . 'newthread.php?' . api_get_cidreq()
. '&forum=' . $my_forum . $origin_string . '">'
. Display::return_icon('new_thread.png', get_lang('NewTopic'), '', ICON_SIZE_MEDIUM)
. '</a>';
}
}
} else {
@ -376,18 +438,14 @@ if (is_array($threads)) {
!($row['thread_replies'] == '0' AND $row['visibility'] == '0')
) {
$my_whatsnew_post_info = isset($whatsnew_post_info[$my_forum][$row['thread_id']]) ? $whatsnew_post_info[$my_forum][$row['thread_id']] : null;
$my_whatsnew_post_info = null;
//var_dump($my_whatsnew_post_info);
if (isset($whatsnew_post_info[$my_forum][$row['thread_id']])) {
$my_whatsnew_post_info = $whatsnew_post_info[$my_forum][$row['thread_id']];
}
if (is_array($my_whatsnew_post_info) && !empty($my_whatsnew_post_info)) {
$newPost = ' '.
Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
$newPost = ' ' . Display::return_icon('alert.png', get_lang('Forum'), null, ICON_SIZE_SMALL);
} else {
$newPost = '';
}
@ -397,7 +455,10 @@ if (is_array($threads)) {
}
$name = api_get_person_name($row['firstname'], $row['lastname']);
$linkPostForum = '<a href="viewthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&origin='.$origin.'&thread='.$row['thread_id'].$origin_string.'&search='.Security::remove_XSS(urlencode($my_search)).'">'.$row['thread_title'].'</a>';
$linkPostForum = '<a href="viewthread.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum)
. "&origin=$origin&thread={$row['thread_id']}$origin_string&search="
. Security::remove_XSS(urlencode($my_search)) . '">'
. $row['thread_title'] . '</a>';
$html = '';
$html .= '<div class="panel panel-default forum '.($row['thread_sticky']?'sticky':'').'">';
$html .= '<div class="panel-body">';
@ -412,20 +473,27 @@ if (is_array($threads)) {
$authorName = '';
if ($origin != 'learnpath') {
$authorName = display_user_link($row['user_id'], api_get_person_name($row['firstname'], $row['lastname']), '', $poster_username);
$authorName = display_user_link(
$row['user_id'],
api_get_person_name($row['firstname'],
$row['lastname']),
'',
$poster_username
);
} else {
$authorName = Display::tag(
'span',
api_get_person_name(
$row['firstname'],
$row['lastname']),
$row['lastname']
),
array(
"title"=>api_htmlentities($poster_username, ENT_QUOTES)
"title" => api_htmlentities($poster_username, ENT_QUOTES)
)
);
}
$html .= '<div class="thumbnail">'.display_user_image($row['user_id'],$name).'</div>';
$html .= '<div class="thumbnail">' . display_user_image($row['user_id'], $name) . '</div>';
$html .= '</div>';
$html .= '<div class="col-md-10">';
$html .= Display::tag(
@ -436,41 +504,48 @@ if (is_array($threads)) {
)
);
$html .= '<p>'. get_lang('By') .' ' .$authorName.'</p>';
$html .= '<p>'. api_convert_and_format_date($row['insert_date']). '</p>';
$html .= '<p>' . api_convert_and_format_date($row['insert_date']) . '</p>';
$html .= '</div>';
$html .= '</div>';
$html .= '</div>';
$html .= '<div class="col-md-6">';
$html .= '<div class="row">';
$html .= '<div class="col-md-4">'.Display::return_icon('post-forum.png',null,null,ICON_SIZE_SMALL).' '.$row['thread_replies']. ' '.get_lang('Replies').'<br>';
$html .= '<div class="col-md-4">'
. Display::return_icon('post-forum.png', null, null, ICON_SIZE_SMALL)
. " {$row['thread_replies']} " . get_lang('Replies') . '<br>';
$html .= Display::return_icon(
'post-forum.png',
null,
null,
ICON_SIZE_SMALL
).' '.$row['thread_views'].' '.get_lang('Views').'<br>'.$newPost;
) . ' ' . $row['thread_views'] . ' ' . get_lang('Views') . '<br>' . $newPost;
$html .= '</div>';
$last_post_info = get_last_post_by_thread($row['c_id'], $row['thread_id'], $row['forum_id'], api_is_allowed_to_edit());
$last_post_info = get_last_post_by_thread(
$row['c_id'],
$row['thread_id'],
$row['forum_id'],
api_is_allowed_to_edit()
);
$last_post = null;
if ($last_post_info) {
$poster_info = api_get_user_info($last_post_info['poster_id']);
$post_date = api_convert_and_format_date($last_post_info['post_date']);
$last_post = $post_date.'<br>'.get_lang('By').' '.display_user_link($last_post_info['poster_id'], $poster_info['complete_name'], '', $poster_info['username']);
$last_post = $post_date . '<br>' . get_lang('By') . ' ' . display_user_link(
$last_post_info['poster_id'],
$poster_info['complete_name'],
'',
$poster_info['username']
);
}
$html .= '<div class="col-md-5">'.Display::return_icon(
'post-item.png',
null,
null,
ICON_SIZE_TINY
).' ' .$last_post;
$html .= '<div class="col-md-5">'
. Display::return_icon('post-item.png', null, null, ICON_SIZE_TINY)
. ' ' . $last_post;
$html .= '</div>';
/*
if ($row['last_poster_user_id'] == '0') {
$name = $row['poster_name'];
@ -507,43 +582,90 @@ if (is_array($threads)) {
}
$id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
$sql_post_id = "SELECT post_id FROM $table_posts WHERE c_id = $course_id AND post_title='".Database::escape_string($row['thread_title'])."'";
$sql_post_id = "SELECT post_id
FROM $table_posts
WHERE
c_id = $course_id AND
post_title='" . Database::escape_string($row['thread_title']) . "'";
$result_post_id = Database::query($sql_post_id);
$row_post_id = Database::fetch_array($result_post_id);
$iconsEdit = '';
if ($origin != 'learnpath') {
if (api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])) {
$iconsEdit .= '<a href="'.$forumUrl.'editpost.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&thread='.Security::remove_XSS($row['thread_id']).'&post='.$row_post_id['post_id'].'&id_attach='.$id_attach.'">'.
Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>';
$iconsEdit .= '<a href="' . $forumUrl . 'editpost.php?' . api_get_cidreq()
. '&forum=' . Security::remove_XSS($my_forum) . '&thread='
. Security::remove_XSS($row['thread_id']) . '&post=' . $row_post_id['post_id']
. '&id_attach=' . $id_attach . '">'
. Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>';
if (api_resource_is_locked_by_gradebook($row['thread_id'], LINK_FORUM_THREAD)) {
$iconsEdit .= Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL);
$iconsEdit .= Display::return_icon(
'delete_na.png',
get_lang('ResourceLockedByGradebook'),
array(),
ICON_SIZE_SMALL
);
} else {
$iconsEdit.= '<a href="'.api_get_self().'?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&action=delete&content=thread&id='.$row['thread_id'].$origin_string."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES))."')) return false;\">".
Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
$iconsEdit.= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum='
. Security::remove_XSS($my_forum) . '&action=delete&content=thread&id='
. $row['thread_id'] . $origin_string
. "\" onclick=\"javascript:if(!confirm('"
. addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES))
. "')) return false;\">"
. Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
}
$iconsEdit .= return_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => $groupId));
$iconsEdit .= return_lock_unlock_icon('thread', $row['thread_id'], $row['locked'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => api_get_group_id()));
$iconsEdit .= '<a href="viewforum.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&action=move&thread='.$row['thread_id'].$origin_string.'">'.
Display::return_icon('move.png', get_lang('MoveThread'), array(), ICON_SIZE_SMALL).'</a>';
$iconsEdit .= return_visible_invisible_icon(
'thread',
$row['thread_id'],
$row['visibility'],
array(
'forum' => $my_forum,
'origin' => $origin,
'gidReq' => $groupId
)
);
$iconsEdit .= return_lock_unlock_icon(
'thread',
$row['thread_id'],
$row['locked'],
array(
'forum' => $my_forum,
'origin' => $origin,
'gidReq' => api_get_group_id()
)
);
$iconsEdit .= '<a href="viewforum.php?' . api_get_cidreq() . '&forum='
. Security::remove_XSS($my_forum)
. '&action=move&thread=' . $row['thread_id'] . $origin_string . '">'
. Display::return_icon('move.png', get_lang('MoveThread'), array(), ICON_SIZE_SMALL)
. '</a>';
}
}
$iconnotify = 'notification_mail_na.png';
if (is_array(isset($_SESSION['forum_notification']['thread']) ? $_SESSION['forum_notification']['thread'] : null)) {
if (
is_array(
isset($_SESSION['forum_notification']['thread']) ? $_SESSION['forum_notification']['thread'] : null
)
) {
if (in_array($row['thread_id'], $_SESSION['forum_notification']['thread'])) {
$iconnotify = 'notification_mail.png';
}
}
$icon_liststd = 'user.png';
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
$iconsEdit .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&origin='.$origin.'&action=notify&content=thread&id='.$row['thread_id'].'">'.
Display::return_icon($iconnotify, get_lang('NotifyMe')).'</a>';
$iconsEdit .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum='
. Security::remove_XSS($my_forum)
. "&origin=$origin&action=notify&content=thread&id={$row['thread_id']}"
. '">' . Display::return_icon($iconnotify, get_lang('NotifyMe')) . '</a>';
}
if (api_is_allowed_to_edit(null,true) && $origin != 'learnpath') {
$iconsEdit .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&forum='.Security::remove_XSS($my_forum).'&origin='.$origin.'&action=liststd&content=thread&id='.$row['thread_id'].'">'.
Display::return_icon($icon_liststd,get_lang('StudentList'), array(), ICON_SIZE_SMALL).'</a>';
$iconsEdit .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum='
. Security::remove_XSS($my_forum)
. "&origin=$origin&action=liststd&content=thread&id={$row['thread_id']}"
. '">' . Display::return_icon($icon_liststd, get_lang('StudentList'), array(), ICON_SIZE_SMALL)
. '</a>';
}
$html .= $iconsEdit;
$html .= '</div>';
@ -566,5 +688,5 @@ echo isset($table_list) ? $table_list : '';
/* FOOTER */
if ($origin != 'learnpath') {
Display :: display_footer();
Display::display_footer();
}

236
main/forum/viewforumcategory.php
Unescape View File

@ -48,6 +48,13 @@ $nameTools = get_lang('ToolForum');
require 'forumconfig.inc.php';
require_once 'forumfunction.inc.php';
// Are we in a lp ?
$origin = '';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
}
/* Header and Breadcrumbs */
$gradebook = null;
if (isset($_SESSION['gradebook'])) {
@ -62,21 +69,29 @@ if (!empty($gradebook) && $gradebook == 'view') {
}
$current_forum_category = get_forum_categories($_GET['forumcategory']);
$interbreadcrumb[] = array('url' => 'index.php?gradebook='.$gradebook.'&amp;search='.Security::remove_XSS(urlencode(isset($_GET['search'])?$_GET['search']:'')),'name' => get_lang('Forum'));
$interbreadcrumb[] = array(
'url' => 'index.php?gradebook=' . $gradebook . '&amp;search='
. Security::remove_XSS(urlencode(isset($_GET['search']) ? $_GET['search'] : '')),
'name' => get_lang('Forum')
);
if (!empty($_GET['action']) && !empty($_GET['content'])) {
if ($_GET['action']=='add' && $_GET['content']=='forum' ) {
$interbreadcrumb[] = array('url' =>'viewforumcategory.php?forumcategory='.$current_forum_category['cat_id'].'&amp;origin='.$origin,'name' => $current_forum_category['cat_title']);
$interbreadcrumb[] = array('url' =>'#', 'name' => get_lang('AddForum'));
$interbreadcrumb[] = array(
'url' => 'viewforumcategory.php?forumcategory='
. $current_forum_category['cat_id'] . '&amp;origin=' . $origin,
'name' => $current_forum_category['cat_title']
);
$interbreadcrumb[] = array(
'url' =>'#',
'name' => get_lang('AddForum')
);
}
} else {
$interbreadcrumb[] = array('url' => '#','name' => $current_forum_category['cat_title']);
}
// Are we in a lp ?
$origin = '';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
$interbreadcrumb[] = array(
'url' => '#',
'name' => $current_forum_category['cat_title']
);
}
if ($origin=='learnpath') {
@ -92,7 +107,10 @@ $whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsn
// if the user is not a course administrator and the forum is hidden
// then the user is not allowed here.
if (!api_is_allowed_to_edit(false,true) AND ($current_forum_category && $current_forum_category['visibility']==0)) {
if (
!api_is_allowed_to_edit(false, true) AND
( $current_forum_category && $current_forum_category['visibility'] == 0)
) {
api_not_allowed();
}
@ -102,7 +120,9 @@ $html .= '<div class="actions">';
$html .= '<a href="index.php?gradebook='.$gradebook.'&'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackToForumOverview'), '', ICON_SIZE_MEDIUM).'</a>';
if (api_is_allowed_to_edit(false,true)) {
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&forumcategory='.$current_forum_category['cat_id'].'&amp;action=add&amp;content=forum"> '.Display::return_icon('new_forum.png', get_lang('AddForum'),'',ICON_SIZE_MEDIUM).'</a>';
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forumcategory='
. $current_forum_category['cat_id'] . '&amp;action=add&amp;content=forum"> '
. Display::return_icon('new_forum.png', get_lang('AddForum'), '', ICON_SIZE_MEDIUM) . '</a>';
}
$html .= search_link();
$html .= '</div>';
@ -118,7 +138,7 @@ if (api_is_allowed_to_edit(false, true)) {
// Notification
if ($action_forums == 'notify' && isset($_GET['content']) && isset($_GET['id'])) {
$return_message = set_notification($_GET['content'], $_GET['id']);
Display :: display_confirmation_message($return_message, false);
Display::display_confirmation_message($return_message, false);
}
if ($action_forums != 'add') {
@ -159,12 +179,12 @@ if ($action_forums != 'add') {
$html = '';
$html .= '<div class="category-forum">';
$my_session = isset($_SESSION['id_session']) ? $_SESSION['id_session'] : null;
if ((!isset($_SESSION['id_session']) || $_SESSION['id_session'] == 0) && !empty($forum_category['session_name'])) {
if (
(!isset($_SESSION['id_session']) || $_SESSION['id_session'] == 0) &&
!empty($forum_category['session_name'])
) {
$session_displayed = ' ('.Security::remove_XSS($forum_category['session_name']).')';
} else {
$session_displayed = '';
@ -172,36 +192,51 @@ if ($action_forums != 'add') {
$forum_categories_list = '';
$forumId = $forum_category['cat_id'];
$forumTitle = $forum_category['cat_title'];
$linkForumCategory = 'viewforumcategory.php?'.api_get_cidreq().'&amp;forumcategory='.strval(intval($forumId));
$linkForumCategory = 'viewforumcategory.php?' . api_get_cidreq() . '&amp;forumcategory=' . strval(intval($forumId));
$descriptionCategory = $forum_category['cat_comment'];
$icoCategory = Display::return_icon('forum_blue.png',
get_lang($forumCategory['cat_title']),
array('class'=>''),
$icoCategory = Display::return_icon(
'forum_blue.png',
get_lang($forum_category['cat_title']),
array('class' => ''),
ICON_SIZE_MEDIUM
);
if (api_is_allowed_to_edit(false, true) && !($forum_category['session_id'] == 0 && intval($my_session) != 0)) {
$iconsEdit = '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forumcategory='.Security::remove_XSS($_GET['forumcategory']).'&amp;action=edit&amp;content=forumcategory&amp;id='.$forumId.'">'.
Display::return_icon(
'edit.png',
get_lang('Edit'),
array(),
ICON_SIZE_SMALL
).'</a>';
$iconsEdit .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forumcategory='.Security::remove_XSS($_GET['forumcategory']).'&amp;action=delete&amp;content=forumcategory&amp;amp;id='.$forumId."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeleteForumCategory'), ENT_QUOTES))."')) return false;\">".
Display::return_icon(
'delete.png',
get_lang('Delete'),
array(),
ICON_SIZE_SMALL
).'</a>';
$iconsEdit .= return_visible_invisible_icon('forumcategory', $forum_category['cat_id'], $forum_category['visibility'], array('forumcategory' => $_GET['forumcategory']));
$iconsEdit .= return_lock_unlock_icon('forumcategory', $forum_category['cat_id'], $forum_category['locked'], array('forumcategory' => $_GET['forumcategory']));
$iconsEdit .= return_up_down_icon('forumcategory', $forum_category['cat_id'], $forum_categories_list);
$html .= Display::tag('div',$iconsEdit,array('class'=>'pull-right'));
$iconsEdit = '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;forumcategory='
. Security::remove_XSS($_GET['forumcategory']) . '&amp;action=edit&amp;content=forumcategory&amp;id='
. '' . $forumId . '">'
. Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>';
$iconsEdit .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;forumcategory='
. Security::remove_XSS($_GET['forumcategory'])
. '&amp;action=delete&amp;content=forumcategory&amp;amp;id=' . $forumId
. "\" onclick=\"javascript:if(!confirm('"
. addslashes(api_htmlentities(get_lang('DeleteForumCategory'), ENT_QUOTES))
. "')) return false;\">" . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)
. '</a>';
$iconsEdit .= return_visible_invisible_icon(
'forumcategory', $forum_category['cat_id'],
$forum_category['visibility'],
array('forumcategory' => $_GET['forumcategory'])
);
$iconsEdit .= return_lock_unlock_icon(
'forumcategory', $forum_category['cat_id'],
$forum_category['locked'],
array('forumcategory' => $_GET['forumcategory'])
);
$iconsEdit .= return_up_down_icon(
'forumcategory', $forum_category['cat_id'],
$forum_categories_list
);
$html .= Display::tag(
'div',
$iconsEdit,
array('class' => 'pull-right')
);
}
$session_img = api_get_session_image($forum_category['session_id'], $_user['status']);
$html .= Display::tag(
'h3',
$icoCategory.
@ -318,10 +353,16 @@ if ($action_forums != 'add') {
}
if ($forum['forum_of_group'] != '0') {
$my_all_groups_forum_name = isset($all_groups[$forum['forum_of_group']]['name']) ? $all_groups[$forum['forum_of_group']]['name'] : null;
$my_all_groups_forum_id = isset($all_groups[$forum['forum_of_group']]['id']) ? $all_groups[$forum['forum_of_group']]['id'] : null;
$my_all_groups_forum_name = isset($all_groups[$forum['forum_of_group']]['name'])
? $all_groups[$forum['forum_of_group']]['name']
: null;
$my_all_groups_forum_id = isset($all_groups[$forum['forum_of_group']]['id'])
? $all_groups[$forum['forum_of_group']]['id']
: null;
$group_title = api_substr($my_all_groups_forum_name, 0, 30);
$forum_title_group_addition = ' (<a href="../group/group_space.php?'.api_get_cidreq().'&amp;gidReq='.$my_all_groups_forum_id.'" class="forum_group_link">'.get_lang('GoTo').' '.$group_title.'</a>)';
$forum_title_group_addition = ' (<a href="../group/group_space.php?' . api_get_cidreq()
. '&amp;gidReq=' . $my_all_groups_forum_id . '" class="forum_group_link">'
. get_lang('GoTo') . ' ' . $group_title . '</a>)';
} else {
$forum_title_group_addition = '';
}
@ -347,7 +388,7 @@ if ($action_forums != 'add') {
$html .= '<div class="col-md-9">';
$iconForum = Display::return_icon(
'forum_yellow.png',
get_lang($forumCategory['cat_title']),
get_lang($forum_category['cat_title']),
null,
ICON_SIZE_MEDIUM
);
@ -356,52 +397,43 @@ if ($action_forums != 'add') {
'a',
$forum['forum_title'].$session_displayed,
array(
'href' => 'viewforum.php?'.api_get_cidreq().'&amp;gidReq='.$forum['forum_of_group'].'&amp;forum='.$forum['forum_id'].'&amp;origin='.$origin.'&amp;search='.Security::remove_XSS(urlencode(isset($_GET['search']) ? $_GET['search'] : '')),
'href' => 'viewforum.php?' . api_get_cidreq()
. "&gidReq={$forum['forum_of_group']}&forum={$forum['forum_id']}&origin=$origin&search="
. Security::remove_XSS(urlencode(isset($_GET['search']) ? $_GET['search'] : '')),
'class' => return_visible_invisible($forum['visibility'])
)
);
$html .= Display::tag(
'h3',
$linkForum . ' ' . $forum_title_group_addition,
array(
'class' => 'title'
)
);
'h3',
$linkForum . ' ' . $forum_title_group_addition,
array(
'class' => 'title'
)
);
$html .= Display::tag(
'p',
strip_tags($forum['forum_comment']),
array(
'class' => 'description'
)
);
'p',
strip_tags($forum['forum_comment']),
array(
'class' => 'description'
)
);
$html .= '</div>';
$html .= '</div>';
$html .= '<div class="col-md-6">';
$iconEmpty='';
// The number of topics and posts.
if ($forum['forum_of_group'] !== '0') {
$iconEmpty='';
$newPost='';
if (is_array($my_whatsnew_post_info) && !empty($my_whatsnew_post_info)) {
$newPost = ' '.
Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
$newPost = ' ' . Display::return_icon('alert.png', get_lang('Forum'), null, ICON_SIZE_SMALL);
} else {
$newPost = $iconEmpty;
}
} else {
if (is_array($my_whatsnew_post_info) && !empty($my_whatsnew_post_info)) {
$newPost = ' '.
Display::return_icon(
'alert.png',
get_lang('Forum'),
null,
ICON_SIZE_SMALL
);
$newPost = ' ' . Display::return_icon('alert.png', get_lang('Forum'), null, ICON_SIZE_SMALL);
} else {
$newPost = $iconEmpty;
}
@ -409,13 +441,8 @@ if ($action_forums != 'add') {
$html .= '<div class="row">';
$html .= '<div class="col-md-2">';
$html .= Display::return_icon(
'post-forum.png',
null,
null,
ICON_SIZE_SMALL
);
$html .= ' ' . $my_number_threads . '<br>'.$newPost.'</div>';
$html .= Display::return_icon('post-forum.png', null, null, ICON_SIZE_SMALL);
$html .= ' ' . $my_number_threads . '<br>' . $newPost . '</div>';
// the last post in the forum
if ($forum['last_poster_name'] != '') {
@ -427,24 +454,43 @@ if ($action_forums != 'add') {
}
$html .= '<div class="col-md-6">';
if (!empty($forum['last_post_id'])) {
$html .= Display::return_icon(
'post-item.png',
null,
null,
ICON_SIZE_TINY
).' ';
$html .= api_convert_and_format_date(
$forum['last_post_date']
).' '.get_lang('By').' '.display_user_link($poster_id, $name);
$html .= Display::return_icon('post-item.png', null, null, ICON_SIZE_TINY) . ' ';
$html .= api_convert_and_format_date($forum['last_post_date'])
. ' ' . get_lang('By') . ' '
. display_user_link($poster_id, $name);
}
$html .= '</div>';
$html .= '<div class="col-md-4">';
if (api_is_allowed_to_edit(false, true) && !($forum['session_id'] == 0 && intval(isset($_SESSION['id_session']) ? $_SESSION['id_session'] : null) != 0)) {
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forumcategory='.Security::remove_XSS($_GET['forumcategory']).'&amp;action=edit&amp;content=forum&amp;id='.$forum['forum_id'].'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>';
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forumcategory='.Security::remove_XSS($_GET['forumcategory']).'&amp;action=delete&amp;content=forum&amp;id='.$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeleteForum'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
$html .= return_visible_invisible_icon('forum', $forum['forum_id'], $forum['visibility'], array('forumcategory' => $_GET['forumcategory']));
$html .= return_lock_unlock_icon('forum', $forum['forum_id'], $forum['locked'], array('forumcategory' => $_GET['forumcategory']));
if (
api_is_allowed_to_edit(false, true) &&
!($forum['session_id'] == 0 &&
intval(isset($_SESSION['id_session']) ? $_SESSION['id_session'] : null) != 0)
) {
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;forumcategory='
. Security::remove_XSS($_GET['forumcategory'])
. '&amp;action=edit&amp;content=forum&amp;id=' . $forum['forum_id'] . '">'
. Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>';
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;forumcategory='
. Security::remove_XSS($_GET['forumcategory'])
. '&amp;action=delete&amp;content=forum&amp;id=' . $forum['forum_id']
. "\" onclick=\"javascript:if(!confirm('"
. addslashes(api_htmlentities(get_lang('DeleteForum'), ENT_QUOTES))
. "')) return false;\">"
. Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)
. '</a>';
$html .= return_visible_invisible_icon(
'forum',
$forum['forum_id'],
$forum['visibility'],
array('forumcategory' => $_GET['forumcategory'])
);
$html .= return_lock_unlock_icon(
'forum',
$forum['forum_id'],
$forum['locked'],
array('forumcategory' => $_GET['forumcategory'])
);
$html .= return_up_down_icon('forum', $forum['forum_id'], $forums_in_category);
}
@ -455,7 +501,9 @@ if ($action_forums != 'add') {
}
}
if (!api_is_anonymous()) {
$html .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forumcategory='.Security::remove_XSS($_GET['forumcategory']).'&amp;action=notify&amp;content=forum&amp;id='.$forum['forum_id'].'">'.Display::return_icon($iconnotify, get_lang('NotifyMe')).'</a>';
$html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;forumcategory='
. Security::remove_XSS($_GET['forumcategory']) . '&amp;action=notify&amp;content=forum&amp;id='
. $forum['forum_id'] . '">' . Display::return_icon($iconnotify, get_lang('NotifyMe')) . '</a>';
}
$html .= '</div>';
$html .= '</div>';
@ -477,5 +525,5 @@ if ($action_forums != 'add') {
/* FOOTER */
if ($origin != 'learnpath') {
Display :: display_footer();
Display::display_footer();
}

35
main/forum/viewpost.inc.php
Unescape View File

@ -23,8 +23,13 @@ if (isset($rows)) {
$counter = 1;
foreach ($rows as $row) {
if ($row['status']=='0') {
$style =" id = 'post".$post_en."' class=\"hide-me\" style=\"border:1px solid red; display:none; background-color:#F7F7F7; width:95%; margin: 0px 0px 4px 40px; \" ";
$url_post ='';
$style = <<<HTML
id="post$post_en" class="hide-me"
style="
border:1px solid red; display:none; background-color: #F7F7F7; width:95%; margin: 0px 0px 4px 40px;
"
HTML;
$url_post = '';
} else {
$style = "";
$post_en = $row['post_parent_id'];
@ -39,7 +44,7 @@ if (isset($rows)) {
echo Display::page_subheader($name);
}
echo "<div ".$style."><table class=\"data_table\">";
echo "<div " . $style . "><table class=\"table table-stripped table-hover table-bordered\">";
if ($row['visible']=='0') {
$titleclass = 'forum_message_post_title_2_be_approved';
$messageclass = 'forum_message_post_text_2_be_approved';
@ -53,16 +58,16 @@ if (isset($rows)) {
echo "<tr>";
echo "<td rowspan=\"3\" class=\"$leftclass\">";
echo '<br /><b>'. api_convert_and_format_date($row['post_date'], DATE_TIME_FORMAT_LONG).'</b><br />';
echo '<br /><b>' . api_convert_and_format_date($row['post_date'], DATE_TIME_FORMAT_LONG) . '</b><br />';
echo "</td>";
// The post title
echo "<td class=\"$titleclass\">".prepare4display($row['post_title'])."</td>";
echo "<td class=\"$titleclass\">" . prepare4display($row['post_title']) . "</td>";
echo "</tr>";
// The post message
echo "<tr >";
echo "<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>";
echo "<td class=\"$messageclass\">" . prepare4display($row['post_text']) . "</td>";
echo "</tr>";
// The check if there is an attachment
@ -71,25 +76,25 @@ if (isset($rows)) {
if (!empty($attachment_list)) {
foreach ($attachment_list as $attachment) {
echo '<tr ><td height="50%">';
$realname=$attachment['path'];
$user_filename=$attachment['filename'];
echo Display::return_icon('attachment.gif',get_lang('Attachment'));
$realname = $attachment['path'];
$user_filename = $attachment['filename'];
echo Display::return_icon('attachment.gif', get_lang('Attachment'));
echo '<a href="download.php?file=';
echo $realname;
echo ' "> '.$user_filename.' </a>';
echo '<span class="forum_attach_comment" >'.$attachment['comment'].'</span><br />';
echo ' "> ' . $user_filename . ' </a>';
echo '<span class="forum_attach_comment" >' . $attachment['comment'] . '</span><br />';
echo '</td></tr>';
}
}
// The post has been displayed => it can be removed from the what's new array
if (isset($whatsnew_post_info)) {
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']]);
unset($whatsnew_post_info[$currentForum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($whatsnew_post_info[$currentForum['forum_id']][$current_thread['thread_id']]);
}
if (isset($_SESSION['whatsnew_post_info'])) {
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']]);
unset($_SESSION['whatsnew_post_info'][$currentForum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$currentForum['forum_id']][$current_thread['thread_id']]);
}
echo "</table></div>";
$counter++;

103
main/forum/viewthread.php
Unescape View File

@ -42,7 +42,7 @@ $current_thread = get_thread_information($_GET['thread']);
// Note: This has to be validated that it is an existing forum.
$current_forum = get_forum_information($current_thread['forum_id']);
$current_forum_category = get_forumcategory_information($current_forum['forum_category']);
$whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null;
$whatsnew_post_info = isset($_SESSION['whatsnew_post_info']) ? $_SESSION['whatsnew_post_info'] : null;
/* Header and Breadcrumbs */
if (!empty($_GET['gradebook']) && $_GET['gradebook'] == 'view') {
@ -59,26 +59,58 @@ if (!empty($gradebook) && $gradebook == 'view') {
$groupId = api_get_group_id();
if ($origin == 'group') {
$group_properties = GroupManager :: get_group_properties($groupId);
$interbreadcrumb[] = array('url'=>'../group/group.php', 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url'=>'../group/group_space.php?'.api_get_cidreq(), 'name'=> get_lang('GroupSpace').' '.$group_properties['name']);
$interbreadcrumb[] = array('url'=>'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&'.api_get_cidreq().'&origin='.$origin.'&search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array('url'=>'viewthread.php?forum='.Security::remove_XSS($_GET['forum']).'&'.api_get_cidreq().'&thread='.Security::remove_XSS($_GET['thread']), 'name' => Security::remove_XSS($current_thread['thread_title']));
$group_properties = GroupManager::get_group_properties($groupId);
$interbreadcrumb[] = array(
'url' => '../group/group.php',
'name' => get_lang('Groups')
);
$interbreadcrumb[] = array(
'url' => '../group/group_space.php?' . api_get_cidreq(),
'name' => get_lang('GroupSpace') . ' ' . $group_properties['name']
);
$interbreadcrumb[] = array(
'url' => 'viewforum.php?forum=' . Security::remove_XSS($_GET['forum']) . '&' . api_get_cidreq()
. "&origin=$origin&search=" . Security::remove_XSS(urlencode($my_search)),
'name' => Security::remove_XSS($current_forum['forum_title'])
);
$interbreadcrumb[] = array(
'url' => 'viewthread.php?forum=' . Security::remove_XSS($_GET['forum']) . '&' . api_get_cidreq()
. '&thread=' . Security::remove_XSS($_GET['thread']),
'name' => Security::remove_XSS($current_thread['thread_title'])
);
Display :: display_header('');
Display::display_header('');
} else {
$my_search = isset($_GET['search']) ? $_GET['search'] : '';
if ($origin == 'learnpath') {
Display::display_reduced_header();
} else {
$interbreadcrumb[] = array('url' => 'index.php?'.(isset($gradebook)?'gradebook='.$gradebook.'&amp;':'').'search='.Security::remove_XSS(urlencode($my_search)), 'name' => $nameTools);
$interbreadcrumb[] = array('url' => 'viewforumcategory.php?forumcategory='.$current_forum_category['cat_id'].'&amp;origin='.$origin.'&amp;search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum_category['cat_title']));
$interbreadcrumb[] = array('url' => 'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&amp;origin='.$origin.'&amp;search='.Security::remove_XSS(urlencode($my_search)), 'name' => Security::remove_XSS($current_forum['forum_title']));
$interbreadcrumb[] = array('url' => '#', 'name' => Security::remove_XSS($current_thread['thread_title']));
$interbreadcrumb[] = array(
'url' => 'index.php?'
. (isset($gradebook) ? "gradebook=$gradebook&amp;" : '')
. 'search=' . Security::remove_XSS(urlencode($my_search)),
'name' => $nameTools
);
$interbreadcrumb[] = array(
'url' => 'viewforumcategory.php?forumcategory='
. $current_forum_category['cat_id']
. "&amp;origin=$origin&amp;search="
. Security::remove_XSS(urlencode($my_search)),
'name' => Security::remove_XSS($current_forum_category['cat_title'])
);
$interbreadcrumb[] = array(
'url' => 'viewforum.php?forum=' . Security::remove_XSS($_GET['forum'])
. "&amp;origin=$origin&amp;search="
. Security::remove_XSS(urlencode($my_search)),
'name' => Security::remove_XSS($current_forum['forum_title'])
);
$interbreadcrumb[] = array(
'url' => '#', 'name' => Security::remove_XSS($current_thread['thread_title'])
);
$message = isset($message) ? $message : '';
// the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string
Display :: display_header('');
Display::display_header('');
}
}
@ -86,7 +118,8 @@ if ($origin == 'group') {
// If the user is not a course administrator and the forum is hidden
// then the user is not allowed here.
if (!api_is_allowed_to_edit(false, true) &&
if (
!api_is_allowed_to_edit(false, true) &&
($current_forum['visibility'] == 0 || $current_thread['visibility'] == 0)
) {
$forum_allow = forum_not_allowed_here();
@ -97,16 +130,21 @@ if (!api_is_allowed_to_edit(false, true) &&
/* Actions */
$my_action = isset($_GET['action']) ? $_GET['action'] : '';
if ($my_action == 'delete' &&
if (
$my_action == 'delete' &&
isset($_GET['content']) &&
isset($_GET['id']) &&
(api_is_allowed_to_edit(false, true) || GroupManager::is_tutor_of_group(api_get_user_id(), $groupId))
(api_is_allowed_to_edit(false, true) ||
GroupManager::is_tutor_of_group(api_get_user_id(), $groupId))
) {
$message = delete_post($_GET['id']);
}
if (($my_action == 'invisible' || $my_action == 'visible') &&
if (
($my_action == 'invisible' ||
$my_action == 'visible') &&
isset($_GET['id']) &&
(api_is_allowed_to_edit(false, true) || GroupManager::is_tutor_of_group(api_get_user_id(), $groupId))
(api_is_allowed_to_edit(false, true) ||
GroupManager::is_tutor_of_group(api_get_user_id(), $groupId))
) {
$message = approve_post($_GET['id'], $_GET['action']);
}
@ -118,7 +156,7 @@ if ($my_action == 'move' && isset($_GET['post'])) {
$my_message = isset($message) ? $message : '';
if ($my_message) {
Display :: display_confirmation_message(get_lang($my_message));
Display::display_confirmation_message(get_lang($my_message));
}
if ($my_message != 'PostDeletedSpecial') {
@ -134,13 +172,15 @@ if ($my_message != 'PostDeletedSpecial') {
echo '<div class="actions">';
echo '<span style="float:right;">'.search_link().'</span>';
if ($origin != 'learnpath') {
echo '<a href="'.$forumUrl.'viewforum.php?forum='.Security::remove_XSS($_GET['forum']).'&'.api_get_cidreq().'">'.
Display::return_icon('back.png', get_lang('BackToForum'), '', ICON_SIZE_MEDIUM).'</a>';
echo '<a href="' . $forumUrl . 'viewforum.php?forum='
. Security::remove_XSS($_GET['forum']) . '&' . api_get_cidreq() . '">'
. Display::return_icon('back.png', get_lang('BackToForum'), '', ICON_SIZE_MEDIUM) . '</a>';
}
// The reply to thread link should only appear when the forum_category is
// not locked AND the forum is not locked AND the thread is not locked.
// If one of the three levels is locked then the link should not be displayed.
if (($current_forum_category &&
if (
($current_forum_category &&
$current_forum_category['locked'] == 0) &&
$current_forum['locked'] == 0 &&
$current_thread['locked'] == 0 ||
@ -150,8 +190,11 @@ if ($my_message != 'PostDeletedSpecial') {
if ($_user['user_id'] OR ($current_forum['allow_anonymous'] == 1 && !$_user['user_id'])) {
// reply link
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
echo '<a href="'.$forumUrl.'reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&amp;action=replythread">'.
Display::return_icon('reply_thread.png', get_lang('ReplyToThread'), '', ICON_SIZE_MEDIUM).'</a>';
echo '<a href="' . $forumUrl . 'reply.php?' . api_get_cidreq() . '&forum='
. Security::remove_XSS($_GET['forum']) . '&thread='
. Security::remove_XSS($_GET['thread']) . '&amp;action=replythread">'
. Display::return_icon('reply_thread.png', get_lang('ReplyToThread'), '', ICON_SIZE_MEDIUM)
. '</a>';
}
// new thread link
if (
@ -173,10 +216,16 @@ if ($my_message != 'PostDeletedSpecial') {
// The different views of the thread.
if ($origin != 'learnpath') {
$my_url = '<a href="'.$forumUrl.'viewthread.php?'.api_get_cidreq().'&'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&search='.Security::remove_XSS(urlencode($my_search));
echo $my_url.'&amp;view=flat">'.Display::return_icon('forum_listview.png', get_lang('FlatView'),null,ICON_SIZE_MEDIUM).get_lang('FlatView').'</a>';
$my_url = '<a href="' . $forumUrl . 'viewthread.php?' . api_get_cidreq() . '&' . api_get_cidreq()
. '&forum=' . Security::remove_XSS($_GET['forum']) . '&thread=' . Security::remove_XSS($_GET['thread'])
. '&search=' . Security::remove_XSS(urlencode($my_search));
echo $my_url . '&amp;view=flat">'
. Display::return_icon('forum_listview.png', get_lang('FlatView'), null, ICON_SIZE_MEDIUM)
. get_lang('FlatView') . '</a>';
//echo $my_url.'&amp;view=threaded">'.Display::return_icon('forum_threadedview.gif', get_lang('ThreadedView')).get_lang('ThreadedView').'</a>';
echo $my_url.'&amp;view=nested">'.Display::return_icon('forum_nestedview.png', get_lang('NestedView'),null, ICON_SIZE_MEDIUM).get_lang('NestedView').'</a>';
echo $my_url . '&amp;view=nested">'
. Display::return_icon('forum_nestedview.png', get_lang('NestedView'), null, ICON_SIZE_MEDIUM)
. get_lang('NestedView') . '</a>';
}
$my_url = null;
@ -231,5 +280,5 @@ if ($my_message != 'PostDeletedSpecial') {
}
if ($origin != 'learnpath') {
Display :: display_footer();
Display::display_footer();
}

245
main/forum/viewthread_flat.inc.php
Unescape View File

@ -9,10 +9,10 @@
//delete attachment file
if ((isset($_GET['action']) &&
$_GET['action']=='delete_attach') &&
$_GET['action'] == 'delete_attach') &&
isset($_GET['id_attach'])
) {
delete_attachment(0,$_GET['id_attach']);
delete_attachment(0, $_GET['id_attach']);
}
$sessionId = api_get_session_id();
@ -23,16 +23,24 @@ $groupId = api_get_group_id();
if (isset($current_thread['thread_id'])) {
$rows = get_posts($current_thread['thread_id']);
$increment = 0;
$clean_forum_id = intval($_GET['forum']);
$clean_forum_id = intval($_GET['forum']);
$clean_thread_id = intval($_GET['thread']);
$locked = api_resource_is_locked_by_gradebook(
$clean_thread_id,
LINK_FORUM_THREAD
$clean_thread_id, LINK_FORUM_THREAD
);
$closedPost = null;
if (!empty($rows)) {
foreach ($rows as $row) {
if ($row['user_id'] == '0') {
$name = prepare4display($row['poster_name']);
} else {
$name = api_get_person_name($row['firstname'], $row['lastname']);
}
$username = sprintf(get_lang('LoginX'), $row['username']);
if (($current_forum_category && $current_forum_category['locked'] == 0) &&
$current_forum['locked'] == 0 &&
@ -40,25 +48,53 @@ if (isset($current_thread['thread_id'])) {
api_is_allowed_to_edit(false, true)
) {
if ($_user['user_id'] || ($current_forum['allow_anonymous'] == 1 && !$_user['user_id'])) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false,true)) {
$buttonReply = Display::tag('a','<i class="fa fa-reply"></i> '.get_lang('ReplyToMessage') ,array('href' => 'reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$row['post_id'].'&action=replymessage&origin='.$origin, 'class' => 'btn btn-primary'));
$buttonQuote = Display::tag('a','<i class="fa fa-quote-left"></i> '.get_lang('QuoteMessage'),array('href' => 'reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$row['post_id'].'&action=quote&origin='.$origin, 'class' => 'btn btn-success'));
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
$buttonReply = Display::tag(
'a',
'<i class="fa fa-reply"></i> ' . get_lang('ReplyToMessage'),
array(
'href' => 'reply.php?' . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id&post="
. "{$row['post_id']}&action=replymessage&origin=$origin",
'class' => 'btn btn-primary'
)
);
$buttonQuote = Display::tag(
'a',
'<i class="fa fa-quote-left"></i> ' . get_lang('QuoteMessage'),
array(
'href' => 'reply.php?' . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id"
. "&post={$row['post_id']}&action=quote&origin=$origin",
'class' => 'btn btn-success'
)
);
}
}
} else {
if (($current_forum_category && $current_forum_category['locked'] == 1)) {
$closedPost = Display::tag('div','<i class="fa fa-exclamation-triangle"></i> '.get_lang('ForumcategoryLocked'),array('class'=>'alert alert-warning post-closed'));
$closedPost = Display::tag(
'div',
'<i class="fa fa-exclamation-triangle"></i> ' . get_lang('ForumcategoryLocked'),
array('class' => 'alert alert-warning post-closed')
);
}
if ($current_forum['locked']==1) {
$closedPost = Display::tag('div','<i class="fa fa-exclamation-triangle"></i> '.get_lang('ForumLocked'),array('class'=>'alert alert-warning post-closed'));
if ($current_forum['locked'] == 1) {
$closedPost = Display::tag(
'div',
'<i class="fa fa-exclamation-triangle"></i> ' . get_lang('ForumLocked'),
array('class' => 'alert alert-warning post-closed')
);
}
if ($current_thread['locked']==1) {
$closedPost = Display::tag('div','<i class="fa fa-exclamation-triangle"></i> '.get_lang('ThreadLocked'),array('class'=>'alert alert-warning post-closed'));
if ($current_thread['locked'] == 1) {
$closedPost = Display::tag(
'div',
'<i class="fa fa-exclamation-triangle"></i> ' . get_lang('ThreadLocked'),
array('class' => 'alert alert-warning post-closed')
);
}
}
@ -69,35 +105,52 @@ if (isset($current_thread['thread_id'])) {
$html .= '<div class="col-md-2">';
if ($origin!='learnpath') {
if ($origin != 'learnpath') {
if (api_get_course_setting('allow_user_image_forum')) {
$html .= '<div class="thumbnail">'.display_user_image($row['user_id'], $name).'</div>';
$html .= '<div class="thumbnail">' . display_user_image($row['user_id'], $name) . '</div>';
}
$html .= Display::tag('h4', display_user_link($row['user_id'], $name, '', $username), array('class' => 'title-username'));
$html .= Display::tag(
'h4',
display_user_link($row['user_id'], $name),
array('class' => 'title-username')
);
} else {
$html .= Display::tag('span', $name, array('title' => api_htmlentities($username, ENT_QUOTES)));
$html .= Display::tag(
'span',
$name,
array(
'title' => api_htmlentities($username, ENT_QUOTES)
)
);
}
$html .= Display::tag('p',api_convert_and_format_date($row['post_date']),array('class' => 'post-date'));
$html .= Display::tag(
'p',
api_convert_and_format_date($row['post_date']),
array('class' => 'post-date')
);
// get attach id
$attachment_list = get_attachment($row['post_id']);
$id_attach = !empty($attachment_list) ? $attachment_list['id'] : '';
$iconEdit = '';
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The user who posted it can edit his thread only if the course admin allowed
// this in the properties of the forum
// The course admin him/herself can do this off course always
if (
GroupManager::is_tutor_of_group($userId, $groupId) ||
($current_forum['allow_edit'] == 1 && $row['user_id'] == $_user['user_id']) ||
(
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
)
) {
if (api_is_allowed_to_session_edit(false, true)) {
if ($locked == false) {
$iconEdit .= "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&post=".$row['post_id']."&amp;origin=".$origin."&amp;edit=edition&amp;id_attach=".$id_attach."\">".
Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
$iconEdit .= "<a href=\"editpost.php?" . api_get_cidreq() . "&forum=" . $clean_forum_id
. "&thread=" . $clean_thread_id . "&post=" . $row['post_id'] . "&amp;origin="
. $origin . "&amp;edit=edition&amp;id_attach=" . $id_attach . "\">"
. Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . "</a>";
}
}
}
@ -109,47 +162,52 @@ if (isset($current_thread['thread_id'])) {
) {
if ($locked == false) {
$iconEdit .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=delete&amp;content=post&amp;id=".$row['post_id']."&amp;origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".
Display::return_icon('delete.png', get_lang('Delete'),array(), ICON_SIZE_SMALL)."</a>";
$iconEdit .= "<a href=\"" . api_get_self() . "?" . api_get_cidreq() . "&forum="
. $clean_forum_id . "&thread=" . $clean_thread_id
. "&action=delete&amp;content=post&amp;id=" . $row['post_id'] . "&amp;origin="
. $origin . "\" onclick=\"javascript:if(!confirm('"
. addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))
. "')) return false;\">"
. Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)
. "</a>";
}
}
if (api_is_allowed_to_edit(false, true) &&
if (
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
) {
$iconEdit .= return_visible_invisible_icon(
'post',
$row['post_id'],
$row['visible'],
array(
'forum' => $clean_forum_id,
'thread' => $clean_thread_id,
'origin' => $origin,
'post', $row['post_id'], $row['visible'], array(
'forum' => $clean_forum_id,
'thread' => $clean_thread_id,
'origin' => $origin,
)
);
$iconEdit .= "";
if ($increment>0) {
$iconEdit .= "<a href=\"viewthread.php?".api_get_cidreq()."&amp;forum=".$clean_forum_id."&amp;thread=".$clean_thread_id."&amp;action=move&amp;post=".$row['post_id']."&amp;origin=".$origin."\">".Display::return_icon('move.png',get_lang('MovePost'), array(), ICON_SIZE_SMALL)."</a>";
if ($increment > 0) {
$iconEdit .= "<a href=\"viewthread.php?" . api_get_cidreq() . "&amp;forum=" . $clean_forum_id
. "&amp;thread=" . $clean_thread_id . "&amp;action=move&amp;post=" . $row['post_id']
. "&amp;origin=" . $origin . "\">"
. Display::return_icon('move.png', get_lang('MovePost'), array(), ICON_SIZE_SMALL)
. "</a>";
}
}
}
$user_status = api_get_status_of_user_in_course(
$row['user_id'],
api_get_course_int_id()
$row['user_id'], api_get_course_int_id()
);
$current_qualify_thread = showQualify(
'1',
$row['poster_id'],
$_GET['thread']
'1', $row['poster_id'], $_GET['thread']
);
if (
(
$current_thread['thread_peer_qualify'] == 1 ||
api_is_allowed_to_edit(null, true)
) && $current_thread['thread_qualify_max'] > 0
&& $origin != 'learnpath'
) &&
$current_thread['thread_qualify_max'] > 0 && $origin != 'learnpath'
) {
$my_forum_id = $clean_forum_id;
if (isset($_GET['gradebook'])) {
@ -162,12 +220,16 @@ if (isset($current_thread['thread_id'])) {
$userCanEdit = true;
}
if ($increment > 0 && $locked == false && $userCanEdit) {
$iconEdit .= "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$my_forum_id."&thread=".$clean_thread_id."&action=list&post=".$row['post_id']."&amp;user=".$row['poster_id']."&amp;user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".
Display::return_icon('quiz.gif',get_lang('Qualify'))."</a> ";
$iconEdit .= "<a href=\"forumqualify.php?" . api_get_cidreq() . "&forum=" . $my_forum_id
. "&thread=" . $clean_thread_id . "&action=list&post=" . $row['post_id']
. "&amp;user=" . $row['poster_id'] . "&amp;user_id=" . $row['poster_id']
. "&origin=" . $origin . "&idtextqualify=" . $current_qualify_thread . "\" >"
. Display::return_icon('quiz.gif', get_lang('Qualify'))
. "</a> ";
}
}
if($iconEdit != ''){
$html .= '<div class="tools-icons">'.$iconEdit.'</div>';
if ($iconEdit != '') {
$html .= '<div class="tools-icons">' . $iconEdit . '</div>';
}
$html .= $closedPost;
@ -176,46 +238,39 @@ if (isset($current_thread['thread_id'])) {
$html .= '<div class="col-md-10">';
$titlePost = Display::tag('h3', $row['post_title'], array('class'=>'forum_post_title'));
$html .= Display::tag('div',$titlePost,array('class' => 'post-header'));
$titlePost = Display::tag(
'h3', $row['post_title'],
array('class' => 'forum_post_title')
);
$html .= Display::tag(
'div', $titlePost,
array('class' => 'post-header')
);
// see comments inside forumfunction.inc.php to lower filtering and allow more visual changes
$html .= Display::tag('div',$row['post_text'],array('class' => 'post-body'));
$html .= Display::tag(
'div', $row['post_text'],
array('class' => 'post-body')
);
$html .= '</div>';
$html .= '</div>';
// the style depends on the status of the message: approved or not
/* if ($row['visible']=='0') {
$titleclass = 'forum_message_post_title_2_be_approved';
$messageclass = 'forum_message_post_text_2_be_approved';
$leftclass = 'forum_message_left_2_be_approved';
} else {
$titleclass = 'forum_message_post_title';
$messageclass = 'forum_message_post_text';
$leftclass = 'forum_message_left';
}
if ($row['user_id']=='0') {
$name = prepare4display($row['poster_name']);
} else {
$name = api_get_person_name($row['firstname'], $row['lastname']);
}
$username = sprintf(get_lang('LoginX'), $row['username']);
*/
$html .= '<div class="row">';
$html .= '<div class="col-md-12">';
$html .= '<div class="pull-right">'.$buttonReply . ' ' . $buttonQuote . '</div>';
$html .= '<div class="pull-right">' . $buttonReply . ' ' . $buttonQuote . '</div>';
$html .= '</div>';
$html .= '</div>';
// prepare the notification icon
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) &&
!empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) &&
if (
isset(
$whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]
) &&
!empty(
$whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]
) &&
!empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])
) {
$post_image = Display::return_icon('forumpostnew.gif');
@ -223,16 +278,10 @@ if (isset($current_thread['thread_id'])) {
$post_image = Display::return_icon('forumpost.gif');
}
if ($row['post_notification']=='1' && $row['poster_id'] == $_user['user_id']) {
if ($row['post_notification'] == '1' && $row['poster_id'] == $_user['user_id']) {
$post_image .= Display::return_icon('forumnotification.gif', get_lang('YouWillBeNotified'));
}
// The post title
// The check if there is an attachment
$attachment_list = getAllAttachment($row['post_id']);
@ -240,18 +289,24 @@ if (isset($current_thread['thread_id'])) {
foreach ($attachment_list as $attachment) {
$realname = $attachment['path'];
$user_filename=$attachment['filename'];
echo Display::return_icon('attachment.gif',get_lang('Attachment'));
echo '<a href="download.php?file='.$realname.'"> '.$user_filename.' </a>';
if (($current_forum['allow_edit']==1 && $row['user_id']==$_user['user_id']) ||
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$sessionId))
) {
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;origin='.Security::remove_XSS($_GET['origin']).'&amp;action=delete_attach&amp;id_attach='.$attachment['id'].'&amp;forum='.$clean_forum_id.'&amp;thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a><br />';
$user_filename = $attachment['filename'];
echo Display::return_icon('attachment.gif', get_lang('Attachment'));
echo '<a href="download.php?file=' . $realname . '"> ' . $user_filename . ' </a>';
if (($current_forum['allow_edit'] == 1 && $row['user_id'] == $_user['user_id']) ||
(api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
) {
echo '&nbsp;&nbsp;<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;origin='
. Security::remove_XSS($_GET['origin']) . '&amp;action=delete_attach&amp;id_attach='
. $attachment['id'] . '&amp;forum=' . $clean_forum_id . '&amp;thread=' . $clean_thread_id
. '" onclick="javascript:if(!confirm(\''
. addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES))
. '\')) return false;">'
. Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)
. '</a><br />';
}
echo '<span class="forum_attach_comment" >'.$attachment['comment'].'</span>';
echo '<span class="forum_attach_comment" >' . $attachment['comment'] . '</span>';
}
}

194
main/forum/viewthread_nested.inc.php
Unescape View File

@ -11,12 +11,12 @@
// Are we in a lp ?
$origin = '';
if (isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
$origin = Security::remove_XSS($_GET['origin']);
}
//delete attachment file
if (isset($_GET['action']) &&
$_GET['action']=='delete_attach' &&
$_GET['action'] == 'delete_attach' &&
isset($_GET['id_attach'])
) {
delete_attachment(0, $_GET['id_attach']);
@ -25,7 +25,7 @@ if (isset($_GET['action']) &&
$rows = get_posts($_GET['thread']);
$rows = calculate_children($rows);
$count = 0;
$clean_forum_id = intval($_GET['forum']);
$clean_forum_id = intval($_GET['forum']);
$clean_thread_id = intval($_GET['thread']);
$group_id = api_get_group_id();
$locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD);
@ -35,7 +35,7 @@ $userId = api_get_user_id();
foreach ($rows as $post) {
// The style depends on the status of the message: approved or not.
if ($post['visible']=='0') {
if ($post['visible'] == '0') {
$titleclass = 'forum_message_post_title_2_be_approved';
$messageclass = 'forum_message_post_text_2_be_approved';
$leftclass = 'forum_message_left_2_be_approved';
@ -44,15 +44,15 @@ foreach ($rows as $post) {
$messageclass = 'forum_message_post_text';
$leftclass = 'forum_message_left';
}
/*
echo '<pre>';
print_r($post);
echo '</pre>';
*/
$indent=$post['indent_cnt'];
/*
echo '<pre>';
print_r($post);
echo '</pre>';
*/
$indent = $post['indent_cnt'];
$html = '';
$html .= '<div class="col-md-offset-'.$indent.'" >';
$html .= '<div class="col-md-offset-' . $indent . '" >';
$html .= '<div class="panel panel-default forum-post">';
$html .= '<div class="panel-body">';
@ -61,17 +61,25 @@ foreach ($rows as $post) {
$username = sprintf(get_lang('LoginX'), $post['username']);
if ($post['user_id']=='0') {
if ($post['user_id'] == '0') {
$name = $post['poster_name'];
} else {
$name = api_get_person_name($post['firstname'], $post['lastname']);
}
if (api_get_course_setting('allow_user_image_forum')) {
$html .= '<div class="thumbnail">'.display_user_image($post['user_id'],$name,$origin).'</div>';
$html .= '<div class="thumbnail">' . display_user_image($post['user_id'], $name, $origin) . '</div>';
}
$html .= Display::tag('h4',display_user_link($post['user_id'], $name, $origin, $username), array('class' => 'title-username'));
$html .= Display::tag('p',api_convert_and_format_date($post['post_date']),array('class' => 'post-date'));
$html .= Display::tag(
'h4',
display_user_link($post['user_id'], $name, $origin, $username),
array('class' => 'title-username')
);
$html .= Display::tag(
'p',
api_convert_and_format_date($post['post_date']),
array('class' => 'post-date')
);
// get attach id
$attachment_list = get_attachment($post['post_id']);
@ -81,41 +89,56 @@ foreach ($rows as $post) {
// The user who posted it can edit his thread only if the course admin allowed this in the properties of the forum
// The course admin him/herself can do this off course always
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
($current_forum['allow_edit'] == 1 && $row['user_id'] == $userId) ||
(api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
if (
GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
($current_forum['allow_edit'] == 1 && $post['user_id'] == $userId) ||
(api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
) {
if ($locked == false) {
$iconEdit .= "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&post=".$post['post_id']."&id_attach=".$id_attach."\">".
Display::return_icon('edit.png',get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a>";
$iconEdit .= "<a href=\"editpost.php?" . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id&post={$post['post_id']}&id_attach=$id_attach"
. "\">"
. Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL)
. "</a>";
}
}
if (GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
if (
GroupManager::is_tutor_of_group(api_get_user_id(), $group_id) ||
api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() && $current_forum['session_id'] != $sessionId)
) {
if ($locked == false) {
$iconEdit .="<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=delete&content=post&id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES))."')) return false;\">".
Display::return_icon('delete.png',get_lang('Delete'), array(), ICON_SIZE_SMALL)."</a>";
$iconEdit .="<a href=\"" . api_get_self() . "?" . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id&action=delete&content=post&id={$post['post_id']}"
. "\" onclick=\"javascript:if(!confirm('"
. addslashes(api_htmlentities(get_lang('DeletePost'), ENT_QUOTES)) . "')) return false;\">"
. Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)
. "</a>";
}
}
if (api_is_allowed_to_edit(false, true) &&
!(api_is_course_coach() &&
$current_forum['session_id'] != $sessionId
if (
api_is_allowed_to_edit(false, true) &&
!(
api_is_course_coach() &&
$current_forum['session_id'] != $sessionId
)
) {
$iconEdit .= return_visible_invisible_icon(
'post',
$post['post_id'],
$post['visible'],
array('forum' => $clean_forum_id, 'thread' => $clean_thread_id)
array(
'forum' => $clean_forum_id,
'thread' => $clean_thread_id
)
);
if ($count>0) {
$iconEdit .= "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=move&origin=".$origin."&post=".$post['post_id']."\">".
Display::return_icon('move.png',get_lang('MovePost'), array(),ICON_SIZE_SMALL)."</a>";
if ($count > 0) {
$iconEdit .= "<a href=\"viewthread.php?" . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id&action=move&origin=$origin&post={$post['post_id']}"
. "\">" . Display::return_icon('move.png', get_lang('MovePost'), array(), ICON_SIZE_SMALL) . "</a>";
}
}
@ -131,49 +154,83 @@ foreach ($rows as $post) {
if ($userCanQualify) {
if ($count > 0) {
$current_qualify_thread = showQualify(
'1',
$post['user_id'],
$_GET['thread']
'1', $post['user_id'], $_GET['thread']
);
if ($locked == false) {
$iconEdit .= "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$clean_forum_id."&thread=".$clean_thread_id."&action=list&post=".$post['post_id']."&user=".$post['user_id']."&user_id=".$post['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".
Display::return_icon('quiz.gif',get_lang('Qualify'))."</a>";
$iconEdit .= "<a href=\"forumqualify.php?" . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id&action=list&post={$post['post_id']}"
. "&user={$post['user_id']}&user_id={$post['user_id']}&origin=$origin"
. "&idtextqualify=$current_qualify_thread"
. "\" >" . Display::return_icon('quiz.gif', get_lang('Qualify')) . "</a>";
}
}
}
if ($iconEdit != '') {
$html .= '<div class="tools-icons">' . $iconEdit . '</div>';
}
if (($current_forum_category && $current_forum_category['locked'] == 0) &&
$current_forum['locked'] == 0 && $current_thread['locked'] == 0 || api_is_allowed_to_edit(false, true )
$current_forum['locked'] == 0 && $current_thread['locked'] == 0 || api_is_allowed_to_edit(false, true)
) {
if ($userId || ($current_forum['allow_anonymous']==1 && !$userId)) {
if ($userId || ($current_forum['allow_anonymous'] == 1 && !$userId)) {
if (!api_is_anonymous() && api_is_allowed_to_session_edit(false, true)) {
$buttonReply = Display::tag('a','<i class="fa fa-reply"></i> '.get_lang('ReplyToMessage') ,array('href' => 'reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$post['post_id'].'&action=replymessage&origin='. $origin, 'class' => 'btn btn-primary'));
$buttonQuote = Display::tag('a','<i class="fa fa-quote-left"></i> '.get_lang('QuoteMessage'),array('href' => 'reply.php?'.api_get_cidreq().'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'&post='.$post['post_id'].'&action=quote&origin='. $origin, 'class' => 'btn btn-success'));
$buttonReply = Display::tag(
'a',
'<i class="fa fa-reply"></i> ' . get_lang('ReplyToMessage'),
array(
'href' => 'reply.php?' . api_get_cidreq()
. "&forum=$clean_forum_id'&thread=$clean_thread_id"
. "&post={$post['post_id']}&action=replymessage&origin=$origin",
'class' => 'btn btn-primary'
)
);
$buttonQuote = Display::tag(
'a',
'<i class="fa fa-quote-left"></i> ' . get_lang('QuoteMessage'),
array(
'href' => 'reply.php?' . api_get_cidreq()
. "&forum=$clean_forum_id&thread=$clean_thread_id"
. "&post={$post['post_id']}&action=quote&origin=$origin",
'class' => 'btn btn-success'
)
);
}
}
} else {
if ($current_forum_category && $current_forum_category['locked'] == 1) {
$closedPost = Display::tag('div','<i class="fa fa-exclamation-triangle"></i> '.get_lang('ForumcategoryLocked'),array('class'=>'alert alert-warning post-closed'));
$closedPost = Display::tag(
'div',
'<i class="fa fa-exclamation-triangle"></i> ' . get_lang('ForumcategoryLocked'),
array('class' => 'alert alert-warning post-closed')
);
}
if ($current_forum['locked']==1) {
$closedPost = Display::tag('div','<i class="fa fa-exclamation-triangle"></i> '.get_lang('ForumLocked'),array('class'=>'alert alert-warning post-closed'));
if ($current_forum['locked'] == 1) {
$closedPost = Display::tag(
'div',
'<i class="fa fa-exclamation-triangle"></i> ' . get_lang('ForumLocked'),
array('class' => 'alert alert-warning post-closed')
);
}
if ($current_thread['locked']==1) {
$closedPost = Display::tag('div','<i class="fa fa-exclamation-triangle"></i> '.get_lang('ThreadLocked'),array('class'=>'alert alert-warning post-closed'));
if ($current_thread['locked'] == 1) {
$closedPost = Display::tag(
'div',
'<i class="fa fa-exclamation-triangle"></i> ' . get_lang('ThreadLocked'),
array('class' => 'alert alert-warning post-closed')
);
}
$html .= $closedPost;
}
if($iconEdit != ''){
$html .= '<div class="tools-icons">'.$iconEdit.'</div>';
}
$html .= $closedPost;
$html .= '</div>';
// note: this can be removed here because it will be displayed in the tree
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) &&
if (
isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) &&
!empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]) &&
!empty($whatsnew_post_info[$_GET['forum']][$post['thread_id']])
) {
@ -182,22 +239,21 @@ foreach ($rows as $post) {
$post_image = Display::return_icon('forumpost.gif');
}
if ($post['post_notification']=='1' && $post['poster_id']==$userId) {
if ($post['post_notification'] == '1' && $post['poster_id'] == $userId) {
$post_image .= Display::return_icon(
'forumnotification.gif',
get_lang('YouWillBeNotified')
'forumnotification.gif', get_lang('YouWillBeNotified')
);
}
$html .= '<div class="col-md-10">';
// The post title
$titlePost = Display::tag('h3', $post['post_title'], array('class'=>'forum_post_title'));
$html .= Display::tag('div',$titlePost,array('class' => 'post-header'));
$titlePost = Display::tag('h3', $post['post_title'], array('class' => 'forum_post_title'));
$html .= Display::tag('div', $titlePost, array('class' => 'post-header'));
// the post body
$html .= Display::tag('div',$post['post_text'],array('class' => 'post-body'));
$html .= Display::tag('div', $post['post_text'], array('class' => 'post-body'));
$html .= '</div>';
$html .= '</div>';
@ -205,32 +261,36 @@ foreach ($rows as $post) {
$html .= '<div class="row">';
$html .= '<div class="col-md-12">';
$html .= '<div class="pull-right">'.$buttonReply . ' ' . $buttonQuote . '</div>';
$html .= '<div class="pull-right">' . $buttonReply . ' ' . $buttonQuote . '</div>';
// The check if there is an attachment
$attachment_list = getAllAttachment($post['post_id']);
if (!empty($attachment_list) && is_array($attachment_list)) {
foreach ($attachment_list as $attachment) {
echo '<tr><td height="50%">';
$realname=$attachment['path'];
$user_filename=$attachment['filename'];
echo Display::return_icon('attachment.gif',get_lang('Attachment'));
$realname = $attachment['path'];
$user_filename = $attachment['filename'];
echo Display::return_icon('attachment.gif', get_lang('Attachment'));
echo '<a href="download.php?file=';
echo $realname;
echo ' "> '.$user_filename.' </a>';
echo '<span class="forum_attach_comment" >'.$attachment['comment'].'</span>';
echo ' "> ' . $user_filename . ' </a>';
echo '<span class="forum_attach_comment" >' . $attachment['comment'] . '</span>';
if (($current_forum['allow_edit'] == 1 && $post['user_id'] == $userId) ||
(api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $sessionId))
) {
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&origin='.Security::remove_XSS($_GET['origin']).'&action=delete_attach&id_attach='.$attachment['id'].'&forum='.$clean_forum_id.'&thread='.$clean_thread_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a><br />';
echo '&nbsp;&nbsp;<a href="' . api_get_self() . '?' . api_get_cidreq() . '&origin='
. Security::remove_XSS($_GET['origin']) . '&action=delete_attach&id_attach='
. $attachment['id'] . '&forum=' . $clean_forum_id . '&thread=' . $clean_thread_id
. '" onclick="javascript:if(!confirm(\''
. addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)) . '\')) return false;">'
. Display::return_icon('delete.gif', get_lang('Delete')) . '</a><br />';
}
}
}
$html .= '</div>';
$html .= '</div>';
// The post has been displayed => it can be removed from the what's new array
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]);
unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]);
unset($_SESSION['whatsnew_post_info'][$current_forum['forum_id']][$current_thread['thread_id']][$post['post_id']]);
$html .= '</div>';

6
main/install/database.sql
Unescape View File

@ -3454,10 +3454,10 @@ CREATE TABLE c_forum_thread (
c_id INT NOT NULL,
thread_title varchar(255) default NULL,
forum_id int default NULL,
thread_replies int default 0,
thread_replies int UNSIGNED default 0,
thread_poster_id int default NULL,
thread_poster_name varchar(100) default '',
thread_views int default 0,
thread_views int UNSIGNED default 0,
thread_last_post int default NULL,
thread_date datetime default '0000-00-00 00:00:00',
thread_sticky tinyint unsigned default 0,
@ -4603,5 +4603,5 @@ CREATE TABLE c_attendance_calendar_rel_group (
-- Version
LOCK TABLES settings_current WRITE;
UPDATE settings_current SET selected_value = '1.10.0.39' WHERE variable = 'chamilo_database_version';
UPDATE settings_current SET selected_value = '1.10.0.40' WHERE variable = 'chamilo_database_version';
UNLOCK TABLES;

40
src/Chamilo/CoreBundle/Migrations/Schema/V110/Version20150521113600.php
Unescape View File

@ -0,0 +1,40 @@
<?php
/* For licensing terms, see /license.txt */
namespace Chamilo\CoreBundle\Migrations\Schema\V110;
use Chamilo\CoreBundle\Migrations\AbstractMigrationChamilo;
use Doctrine\DBAL\Schema\Schema;
/**
* Username changes
*/
class Version20150521113600 extends AbstractMigrationChamilo
{
/**
* @param Schema $schema
*/
public function up(Schema $schema)
{
$this->addSql('ALTER TABLE c_forum_thread MODIFY thread_replies int UNSIGNED NOT NULL DEFAULT 0');
$this->addSql('ALTER TABLE c_forum_thread MODIFY thread_views int UNSIGNED NOT NULL DEFAULT 0');
$this->addSql("
UPDATE settings_current SET selected_value = '1.10.0.40' WHERE variable = 'chamilo_database_version'
");
}
/**
* @param Schema $schema
*/
public function down(Schema $schema)
{
$this->addSql('ALTER TABLE c_forum_thread MODIFY thread_replies int NULL');
$this->addSql('ALTER TABLE c_forum_thread MODIFY thread_views int NULL');
$this->addSql("
UPDATE settings_current SET selected_value = '1.10.0.39' WHERE variable = 'chamilo_database_version'
");
}
}

4
src/Chamilo/CourseBundle/Entity/CForumThread.php
Unescape View File

@ -53,7 +53,7 @@ class CForumThread
/**
* @var integer
*
* @ORM\Column(name="thread_replies", type="integer", nullable=true)
* @ORM\Column(name="thread_replies", type="integer", nullable=false, options={"unsigned":true, "default" = 0})
*/
private $threadReplies;
@ -74,7 +74,7 @@ class CForumThread
/**
* @var integer
*
* @ORM\Column(name="thread_views", type="integer", nullable=true)
* @ORM\Column(name="thread_views", type="integer", nullable=false, options={"unsigned":true, "default" = 0})
*/
private $threadViews;

Write Preview
Loading…
Cancel
Save