editpost.php 7.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * These files are a complete rework of the forum. The database structure is
  5. * based on phpBB but all the code is rewritten. A lot of new functionalities
  6. * are added:
  7. * - forum categories and forums can be sorted up or down, locked or made invisible
  8. * - consistent and integrated forum administration
  9. * - forum options: are students allowed to edit their post?
  10. * moderation of posts (approval)
  11. * reply only forums (students cannot create new threads)
  12. * multiple forums per group
  13. * - sticky messages
  14. * - new view option: nested view
  15. * - quoting a message.
  16. *
  17. * @Author Patrick Cool <patrick.cool@UGent.be>, Ghent University
  18. * @Copyright Ghent University
  19. * @Copyright Patrick Cool
  20. *
  21. * @package chamilo.forum
  22. */
  23. require_once __DIR__.'/../inc/global.inc.php';
  24. // The section (tabs).
  25. $this_section = SECTION_COURSES;
  26. // Notification for unauthorized people.
  27. api_protect_course_script(true);
  28. $nameTools = get_lang('Forums');
  29. // Unset the formElements in session before the includes function works
  30. unset($_SESSION['formelements']);
  31. require_once 'forumfunction.inc.php';
  32. // Are we in a lp ?
  33. $origin = api_get_origin();
  34. /* MAIN DISPLAY SECTION */
  35. /* Retrieving forum and forum category information */
  36. // We are getting all the information about the current forum and forum category.
  37. // Note pcool: I tried to use only one sql statement (and function) for this,
  38. // but the problem is that the visibility of the forum AND forum category are stored in the item_property table.
  39. $forumId = isset($_GET['forum']) ? (int) $_GET['forum'] : 0;
  40. $current_thread = get_thread_information($forumId, $_GET['thread']);
  41. $current_forum = get_forum_information($forumId);
  42. $current_forum_category = get_forumcategory_information($current_forum['forum_category']);
  43. $current_post = get_post_information($_GET['post']);
  44. if (empty($current_post)) {
  45. api_not_allowed(true);
  46. }
  47. api_block_course_item_locked_by_gradebook($_GET['thread'], LINK_FORUM_THREAD);
  48. $isEditable = postIsEditableByStudent($current_forum, $current_post);
  49. if (!$isEditable) {
  50. api_not_allowed(true);
  51. }
  52. if (api_is_in_gradebook()) {
  53. $interbreadcrumb[] = [
  54. 'url' => Category::getUrl(),
  55. 'name' => get_lang('Assessments'),
  56. ];
  57. }
  58. $group_properties = GroupManager::get_group_properties(api_get_group_id());
  59. if ($origin == 'group') {
  60. $_clean['toolgroup'] = api_get_group_id();
  61. $interbreadcrumb[] = [
  62. 'url' => api_get_path(WEB_CODE_PATH).'group/group.php?'.api_get_cidreq(),
  63. 'name' => get_lang('Groups'),
  64. ];
  65. $interbreadcrumb[] = [
  66. 'url' => api_get_path(WEB_CODE_PATH).'group/group_space.php?'.api_get_cidreq(),
  67. 'name' => get_lang('Group area').' '.$group_properties['name'],
  68. ];
  69. $interbreadcrumb[] = [
  70. 'url' => api_get_path(WEB_CODE_PATH).'forum/viewforum.php?'.api_get_cidreq().'&forum='.$forumId,
  71. 'name' => prepare4display($current_forum['forum_title']),
  72. ];
  73. $interbreadcrumb[] = ['url' => 'javascript: void (0);', 'name' => get_lang('Edit a post')];
  74. } else {
  75. $interbreadcrumb[] = [
  76. 'url' => api_get_path(WEB_CODE_PATH).'forum/index.php?'.api_get_cidreq(),
  77. 'name' => $nameTools,
  78. ];
  79. $interbreadcrumb[] = [
  80. 'url' => api_get_path(WEB_CODE_PATH).'forum/viewforumcategory.php?forumcategory='.$current_forum_category['cat_id'].'&'.api_get_cidreq(),
  81. 'name' => prepare4display($current_forum_category['cat_title']),
  82. ];
  83. $interbreadcrumb[] = [
  84. 'url' => api_get_path(WEB_CODE_PATH).'forum/viewforum.php?forum='.$forumId.'&'.api_get_cidreq(),
  85. 'name' => prepare4display($current_forum['forum_title']),
  86. ];
  87. $interbreadcrumb[] = [
  88. 'url' => api_get_path(WEB_CODE_PATH).'forum/viewthread.php?'.api_get_cidreq().'&forum='.$forumId.'&thread='.intval($_GET['thread']),
  89. 'name' => prepare4display($current_thread['thread_title']),
  90. ];
  91. $interbreadcrumb[] = ['url' => 'javascript: void (0);', 'name' => get_lang('Edit a post')];
  92. }
  93. $table_link = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
  94. /* Header */
  95. $htmlHeadXtra[] = <<<JS
  96. <script>
  97. $(function() {
  98. $('#reply-add-attachment').on('click', function(e) {
  99. e.preventDefault();
  100. var newInputFile = $('<input>', {
  101. type: 'file',
  102. name: 'user_upload[]'
  103. });
  104. $('[name="user_upload[]"]').parent().append(newInputFile);
  105. });
  106. });
  107. </script>
  108. JS;
  109. /* Is the user allowed here? */
  110. // The user is not allowed here if
  111. // 1. the forum category, forum or thread is invisible (visibility==0)
  112. // 2. the forum category, forum or thread is locked (locked <>0)
  113. // 3. if anonymous posts are not allowed
  114. // 4. if editing of replies is not allowed
  115. // The only exception is the course manager
  116. // I have split this is several pieces for clarity.
  117. if (!api_is_allowed_to_edit(null, true) &&
  118. (
  119. ($current_forum_category && $current_forum_category['visibility'] == 0) ||
  120. $current_forum['visibility'] == 0
  121. )
  122. ) {
  123. api_not_allowed(true);
  124. }
  125. if (!api_is_allowed_to_edit(null, true) &&
  126. (
  127. ($current_forum_category && $current_forum_category['locked'] != 0) ||
  128. $current_forum['locked'] != 0 ||
  129. $current_thread['locked'] != 0
  130. )
  131. ) {
  132. api_not_allowed(true);
  133. }
  134. if (!$_user['user_id'] && $current_forum['allow_anonymous'] == 0) {
  135. api_not_allowed(true);
  136. }
  137. $group_id = api_get_group_id();
  138. if (!api_is_allowed_to_edit(null, true) &&
  139. $current_forum['allow_edit'] == 0 &&
  140. !GroupManager::is_tutor_of_group(api_get_user_id(), $group_properties)
  141. ) {
  142. api_not_allowed(true);
  143. }
  144. if ($origin == 'learnpath') {
  145. Display::display_reduced_header();
  146. } else {
  147. Display::display_header();
  148. }
  149. // Action links
  150. if ($origin != 'learnpath') {
  151. echo '<div class="actions">';
  152. echo '<span style="float:right;">'.search_link().'</span>';
  153. if ($origin == 'group') {
  154. echo '<a href="../group/group_space.php?'.api_get_cidreq().'">'.
  155. Display::return_icon(
  156. 'back.png',
  157. get_lang('Back to').' '.get_lang('Groups'),
  158. '',
  159. ICON_SIZE_MEDIUM
  160. ).
  161. '</a>';
  162. } else {
  163. echo '<a href="index.php?'.api_get_cidreq().'">'.
  164. Display::return_icon(
  165. 'back.png',
  166. get_lang('Back toForumOverview'),
  167. '',
  168. ICON_SIZE_MEDIUM
  169. ).
  170. '</a>';
  171. }
  172. echo '<a href="viewforum.php?forum='.$forumId.'&'.api_get_cidreq().'">'.
  173. Display::return_icon(
  174. 'forum.png',
  175. get_lang('Back toForum'),
  176. '',
  177. ICON_SIZE_MEDIUM
  178. ).
  179. '</a>';
  180. echo '</div>';
  181. }
  182. /* Display Forum Category and the Forum information */
  183. /*New display forum div*/
  184. echo '<div class="forum_title">';
  185. echo '<h1>';
  186. echo Display::url(
  187. prepare4display($current_forum['forum_title']),
  188. 'viewforum.php?'.api_get_cidreq().'&'.http_build_query([
  189. 'origin' => $origin,
  190. 'forum' => $current_forum['forum_id'],
  191. ]),
  192. ['class' => empty($current_forum['visibility']) ? 'text-muted' : null]
  193. );
  194. echo '</h1>';
  195. echo '<p class="forum_description">'.prepare4display($current_forum['forum_comment']).'</p>';
  196. echo '</div>';
  197. /* End new display forum */
  198. // Set forum attachment data into $_SESSION
  199. getAttachedFiles(
  200. $current_forum['forum_id'],
  201. $current_thread['thread_id'],
  202. $current_post['post_id']
  203. );
  204. show_edit_post_form(
  205. $current_post,
  206. $current_thread,
  207. $current_forum,
  208. isset($_SESSION['formelements']) ? $_SESSION['formelements'] : ''
  209. );
  210. // Footer
  211. if (isset($origin) && $origin == 'learnpath') {
  212. Display::display_reduced_footer();
  213. } else {
  214. Display::display_footer();
  215. }