} elseif ($fh->isError()) {
exit_error(_('Error'), $fh->getErrorMessage());
}
forum_header(array('title' => $fm->getSubject(), 'forum_id' => $forum_id));
$title_arr = array();
$title_arr[] = _('Message') . ': ' . $msg_id;
echo $GLOBALS['HTML']->listTableTop($title_arr);
echo "<tr class=\"tablecontent\"><td>\n";
$fa = new ForumAdmin();
if ($f->userIsAdmin()) {
echo $fa->PrintAdminMessageOptions($msg_id, $group_id, 0, $forum_id);
// 0 in thread id because that tells us to go back to message.php instead of forum.php
}
echo _('BY') . ': ' . $fm->getPosterRealName() . ' (' . util_make_link_u($fm->getPosterName(), $fm->getPosterID(), $fm->getPosterName()) . ')<br />';
echo _('DATE') . ': ' . date(_('Y-m-d H:i'), $fm->getPostDate()) . '<br />';
$am = new AttachManager();
echo $am->PrintHelperFunctions();
echo $am->PrintAttachLink($fm, $group_id, $forum_id) . '<br/>';
echo _('SUBJECT') . ': ' . $fm->getSubject() . '<p> </p>';
if (!strstr('<', $fm->getBody())) {
echo nl2br($fm->getBody());
//backwards compatibility for non html messages
} else {
echo $fm->getBody();
}
echo "</td></tr>";
echo $GLOBALS['HTML']->listTableBottom();
/*
Show entire thread
*/
echo '<br /><br />
//pending messages aren't deleted from this page
$sql1 = "SELECT filename FROM forum_attachment WHERE attachmentid='{$attachid}'";
$sql2 = "SELECT posted_by FROM forum WHERE msg_id='{$msg_id}'";
}
$res = db_query($sql1);
$res2 = db_query($sql2);
if (!$res || !$res2) {
exit_error("Attachment error", "DB Error");
}
if (!(db_result($res2, 0, 'posted_by') == user_getid() || $f->userIsAdmin())) {
goodbye(_('You cannot edit this attachment'));
} else {
if ($doedit == "1") {
//actually edit the attach and save the info
forum_header(array('title' => _('Attachments')));
$am = new AttachManager();
$fm = new ForumMessage($f, $msg_id, false, false);
$am->SetForumMsg($fm);
$attach = getUploadedFile("attachment1");
if ($attachid) {
//update existing one
$attachok = $am->attach($attach, $group_id, $attachid, $msg_id);
if ($attachok != false) {
$fm->fetchData($msg_id);
$fm->sendAttachNotice($attachok);
}
} else {
//add new one
$attachok = $am->attach($attach, $group_id, $attachid, $msg_id);
if ($attachok != false) {
$fm->fetchData($msg_id);
function showNestedMessage(&$msg)
{
/*
accepts a database result handle to display a single message
in the format appropriate for the nested messages
*/
global $HTML, $group_id;
/*
See if this message is new or not
If so, highlite it in bold
*/
if ($this->Forum->getSavedDate() < $msg->getPostDate()) {
$bold_begin = '<strong>';
$bold_end = '</strong>';
} else {
$bold_begin = '';
$bold_end = '';
}
$am = new AttachManager();
$fa = new ForumAdmin();
$msgforum =& $msg->getForum();
$ret_val = '
<table border="0">
<tr>
<td class="tablecontent" nowrap="nowrap">';
if ($msgforum->userIsAdmin()) {
$ret_val .= $fa->PrintAdminMessageOptions($msg->getID(), $group_id, $msg->getThreadID(), $msgforum->getID());
}
$ret_val .= _('By:') . ' ' . util_make_link_u($msg->getPosterName(), $msg->getPosterID(), $msg->getPosterRealName()) . '<br />
';
$ret_val .= $am->PrintAttachLink($msg, $group_id, $msgforum->getID()) . '
<br />' . util_make_link('/forum/message.php?msg_id=' . $msg->getID() . '&group_id=' . $group_id, html_image('ic/msg.png', "10", "12", array("border" => "0")) . $bold_begin . $msg->getSubject() . ' [ ' . _('reply') . ' ]' . $bold_end) . ' ' . '<br />' . date(_('Y-m-d H:i'), $msg->getPostDate()) . '
</td>
</tr>
<tr>
<td>
';
if (!strstr($msg->getBody(), '<')) {
$ret_val .= nl2br($msg->getBody());
//backwards compatibility for non html messages
} else {
$ret_val .= $msg->getBody();
}
$ret_val .= '
</td>
</tr>
</table>';
return $ret_val;
}
/**
* ExecuteAction - Executes the action passed as parameter
*
* @param string action to execute.
*/
function ExecuteAction($action)
{
global $HTML;
if ($action == "change_status") {
//change a forum
$forum_name = getStringFromRequest('forum_name');
$description = getStringFromRequest('description');
$send_all_posts_to = getStringFromRequest('send_all_posts_to');
$allow_anonymous = getIntFromRequest('allow_anonymous');
$is_public = getIntFromRequest('is_public');
$moderation_level = getIntFromRequest('moderation_level');
$group_forum_id = getIntFromRequest('group_forum_id');
/*
Change a forum
*/
$f = new Forum($this->g, $group_forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->userIsAdmin()) {
exit_permission_denied();
}
if (!$f->update($forum_name, $description, $allow_anonymous, $is_public, $send_all_posts_to, $moderation_level)) {
exit_error(_('Error'), $f->getErrorMessage());
} else {
$feedback = _('Forum Info Updated Successfully');
}
return $feedback;
}
if ($action == "add_forum") {
//add forum
$forum_name = getStringFromRequest('forum_name');
$description = getStringFromRequest('description');
$is_public = getStringFromRequest('is_public');
$send_all_posts_to = getStringFromRequest('send_all_posts_to');
$allow_anonymous = getStringFromRequest('allow_anonymous');
$moderation_level = getIntFromRequest('moderation_level');
/*
Adding forums to this group
*/
if (!$this->p->isForumAdmin()) {
form_release_key(getStringFromRequest("form_key"));
exit_permission_denied();
}
$f = new Forum($this->g);
if (!$f || !is_object($f)) {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->create($forum_name, $description, $is_public, $send_all_posts_to, 1, $allow_anonymous, $moderation_level)) {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error'), $f->getErrorMessage());
} else {
$feedback = _('Forum created successfully');
}
return $feedback;
}
if ($action == "delete") {
//Deleting messages or threads
$msg_id = getStringFromRequest('deletemsg');
$forum_id = getIntFromRequest('forum_id');
$f = new Forum($this->g, $forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->userIsAdmin()) {
exit_permission_denied();
}
$fm = new ForumMessage($f, $msg_id);
if (!$fm || !is_object($fm)) {
exit_error(_('Error'), _('Error Getting ForumMessage'));
} elseif ($fm->isError()) {
exit_error(_('Error'), $fm->getErrorMessage());
}
$count = $fm->delete();
if (!$count || $fm->isError()) {
exit_error(_('Error'), $fm->getErrorMessage());
} else {
$feedback = sprintf(ngettext('%1$s message deleted', '%1$s messages deleted', $count), $count);
}
return $feedback;
}
if ($action == "delete_forum") {
//delete the forum
/*
Deleting entire forum
*/
$group_forum_id = getIntFromRequest('group_forum_id');
$f = new Forum($this->g, $group_forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->userIsAdmin()) {
exit_permission_denied();
}
if (!$f->delete(getStringFromRequest('sure'), getStringFromRequest('really_sure'))) {
exit_error(_('Error'), $f->getErrorMessage());
} else {
$feedback = _('Successfully Deleted');
}
return $feedback;
}
if ($action == "view_pending") {
//show the pending messages, awaiting moderation
$group_id = $this->group_id;
$forum_id = getStringFromRequest("forum_id");
if ($this->isGroupAdmin()) {
$this->PrintAdminOptions();
}
$sql = "SELECT forum_name, group_forum_id FROM forum_group_list WHERE group_id='{$group_id}' and moderation_level > 0";
$res = db_query($sql);
if (!$res) {
echo db_error();
return;
}
global $sys_db_row_pointer;
$moderated_forums = array();
for ($i = 0; $i < db_numrows($res); $i++) {
$aux = db_fetch_array($res);
$moderated_forums[$aux[1]] = $aux[0];
}
if (count($moderated_forums) == 0) {
echo $HTML->feedback(_('No forums are moderated for this group'));
forum_footer(array());
exit;
}
if (!$forum_id) {
//get the first one
$keys = array_keys($moderated_forums);
$forum_id = $keys[0];
}
echo '
<script language="JavaScript" type="text/javascript">
function confirmDel() {
var agree=confirm("Proceed? Actions are permanent!");
if (agree) {
return true;
} else {
return false;
}
}
</script>
<p><form name="pending" action="pending.php" method="post">
<input type="hidden" name="action" value="update_pending" />
<input type="hidden" name="form_key" value="' . form_generate_key() . '">
<input type="hidden" name="group_id" value="' . getIntFromRequest("group_id") . '" />
<input type="hidden" name="forum_id" value="' . $forum_id . '" />
';
//$moderated_forums["A"] = "All Forums for this group"; // to show all
echo html_build_select_box_from_assoc($moderated_forums, forum_id, $forum_id);
echo ' <input name="Go" type="submit" value="Go"><p>';
$title = array();
$title[] = _('Forum Name');
$title[] = _('Message');
$title[] = "Action";
$sql = "SELECT msg_id,subject,pm.group_forum_id,gl.forum_name FROM forum_pending_messages pm, forum_group_list gl WHERE pm.group_forum_id='{$forum_id}' AND pm.group_forum_id=gl.group_forum_id AND gl.group_forum_id='{$forum_id}'";
$res = db_query($sql);
if (!$res) {
echo db_error();
return;
}
$options = array("1" => "No action", "2" => "Delete", "3" => "Release");
//array with the supported actions
//i�ll make a hidden variable, helps to determine when the user updates the info, which action corresponds to which msgID
for ($i = 0; $i < db_numrows($res); $i++) {
$ids .= db_result($res, $i, 'msg_id') . ",";
}
$i = 2;
echo $HTML->listTableTop($title);
while ($onemsg = db_fetch_array($res)) {
//$url = 'pendingmsgdetail.php?msg_id=' . $onemsg[msg_id];
//<a href=\"javascript:msgdetail('$url');\">$onemsg[subject]</a>
$url = "http://www.google.com";
echo "\n\t\t\t\t<tr" . $HTML->boxGetAltRowStyle($i++) . ">\n\t\t\t\t\t<td>{$onemsg['forum_name']}</td>\t\n\t\t\t\t\t<td><a href=\"#\" OnClick=\"window.open('pendingmsgdetail.php?msg_id={$onemsg['msg_id']}&forum_id={$onemsg['group_forum_id']}&group_id={$group_id}','PendingMessageDetail','width=800,height=600,status=no,resizable=yes');\">{$onemsg['subject']}</a></td>\n\t\t\t\t\t<td><div align=\"right\">" . html_build_select_box_from_assoc($options, "doaction[]", 1) . "</div></td>\n\t\t\t\t</tr>";
}
echo $HTML->listTableBottom();
echo '
<p>
<input type="hidden" name="msgids" value="' . $ids . '">
<div align="right"><input type="submit" onClick="return confirmDel();" name="update" value="' . _('Update') . '"></div>
</form>
';
}
if ($action == "update_pending") {
$group_id = getIntFromRequest("group_id");
$forum_id = getIntFromRequest("forum_id");
$msgids = getStringFromRequest("msgids");
//the message ids to update
$doaction = getArrayFromRequest("doaction");
//the actions for the messages
$msgids = split(",", $msgids);
array_pop($msgids);
//this last one is empty
/*if ($this->isGroupAdmin()) {
$this->PrintAdminOptions();
}*/
$results = array();
//messages
for ($i = 0; $i < count($msgids); $i++) {
switch ($doaction[$i]) {
case 1:
//no action
break;
case 2:
//delete
db_begin();
$sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
$sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
db_commit();
$feedback .= _('Forum deleted');
break;
case 3:
//release
$sql = "SELECT * FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
$res1 = db_query($sql);
if (!$res1) {
$feedback .= "DB Error " . db_error() . "<br>";
break;
}
$sql = "SELECT * FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
$res2 = db_query($sql);
if (!$res2) {
$feedback .= "DB Error " . db_error() . "<br>";
break;
}
$f = new Forum($this->g, $forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting new Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
$fm = new ForumMessage($f);
// pending = false
if (!$fm || !is_object($fm)) {
exit_error(_('Error'), "Error getting new ForumMessage");
} elseif ($fm->isError()) {
exit_error(_('Error'), "Error getting new ForumMessage: " . $fm->getErrorMessage());
}
$group_forum_id = db_result($res1, 0, "group_forum_id");
$subject = db_result($res1, 0, "subject");
$body = db_result($res1, 0, "body");
$post_date = db_result($res1, 0, "post_date");
$thread_id = db_result($res1, 0, "thread_id");
$is_followup_to = db_result($res1, 0, "is_followup_to");
$posted_by = db_result($res1, 0, "posted_by");
$has_followups = db_result($res1, 0, "has_followups");
$most_recent_date = db_result($res1, 0, "most_recent_date");
if ($fm->insertreleasedmsg($group_forum_id, $subject, $body, $post_date, $thread_id, $is_followup_to, $posted_by, $has_followups, time())) {
$feedback .= "( {$subject} ) " . _('Pending forum released') . "<br>";
if (db_numrows($res2) > 0) {
//if there�s an attachment
$am = new AttachManager();
//object that will handle and insert the attachment into the db
$am->SetForumMsg($fm);
$userid = db_result($res2, 0, "userid");
$dateline = db_result($res2, 0, "dateline");
$filename = db_result($res2, 0, "filename");
$filedata = db_result($res2, 0, "filedata");
$filesize = db_result($res2, 0, "filesize");
$visible = db_result($res2, 0, "visible");
$msg_id = db_result($res2, 0, "msg_id");
$filehash = db_result($res2, 0, "filehash");
$mimetype = db_result($res2, 0, "mimetype");
$am->AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype);
foreach ($am->Getmessages() as $item) {
$feedback .= "{$msg_id} - " . $item . "<br>";
}
}
$deleteok = true;
} else {
if ($fm->isError()) {
if ($fm->getErrorMessage() == _('Couldn\'t Update Master Thread parent with current time')) {
//the thread which the message was replying to doesn�t exist any more
$feedback .= "( " . $subject . " ) " . _('The thread which the message was posted to doesn\'t exist anymore, please delete the message.') . "<br>";
} else {
$feedback .= "{$msg_id} - " . $fm->getErrorMessage() . "<br>";
}
$deleteok = false;
}
}
if (isset($am) && is_object($am)) {
//if there was an attach, check if it was uploaded ok
if (!$am->isError()) {
$deleteok = true;
} else {
//undo the changes to the forum table
db_begin();
$sql = "DELETE FROM forum WHERE msg_id='{$fm->getID}()'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
db_commit();
$deleteok = false;
}
}
if ($deleteok) {
//delete the message and attach
db_begin();
$sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
$sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
db_commit();
}
}
}
html_feedback_top($feedback);
$page = 0;
$this->ExecuteAction("view_pending");
}
}
$options_popup = html_build_select_box_from_arrays($vals, $texts, 'style', $style, false);
//create a pop-up select box showing options for max_row count
$vals = array(25, 50, 75, 100);
$texts = array(_('Show') . ' 25', _('Show') . ' 50', _('Show') . ' 75', _('Show') . ' 100');
$max_row_popup = html_build_select_box_from_arrays($vals, $texts, 'max_rows', $max_rows, false);
//now show the popup boxes in a form
$ret_val = '
<form action="' . getStringFromServer('PHP_SELF') . '" method="get">
<input type="hidden" name="set" value="custom" />
<input type="hidden" name="forum_id" value="' . $forum_id . '" />
<table border="0" width="33%">
<tr><td>' . $options_popup . '</td><td>' . $max_row_popup . '</td><td><input type="submit" name="submit" value="' . _('Change View') . '" />
</td></tr>
</table></form>
<p> </p>';
$am = new AttachManager();
$ret_val .= $am->PrintHelperFunctions();
if ($style == 'nested') {
$msg_arr =& $fmf->nestArray($fmf->getNested());
if ($fmf->isError()) {
echo $fmf->getErrorMessage();
}
$rows = count($msg_arr["0"]);
$avail_rows = $fmf->fetched_rows;
if ($rows > $max_rows) {
$rows = $max_rows;
}
$i = 0;
while ($i < $rows && $total_rows < $max_rows) {
$total_rows++;
/*