/** * Widget controller to produce the formally known show_votes() * * @param String $range_id range id of the news to get displayed * @return array() Array of votes */ function display_action($range_id) { if (!$range_id) { $this->set_status(400); return $this->render_nothing(); } if (!StudipNews::haveRangePermission('view', $range_id, $GLOBALS['user']->id)) { $this->set_status(401); return $this->render_nothing(); } // Check if user wrote a comment if (Request::submitted('accept') && trim(Request::get('comment_content')) && Request::isPost()) { CSRFProtection::verifySecurityToken(); StudipComment::create(array('object_id' => Request::get('comsubmit'), 'user_id' => $GLOBALS['user']->id, 'content' => trim(Request::get('comment_content')))); } // Check if user wants to remove a announcement if ($news_id = Request::get('remove_news')) { $news = new StudipNews($news_id); $range = Request::get('news_range'); if ($news->havePermission('unassign', $range)) { if (Request::get('confirm')) { $news->deleteRange($range); $news->store(); } else { $this->question = createQuestion(_('Ankündigung wirklich aus diesem Bereich entfernen?'), array('remove_news' => $news_id, 'news_range' => $range, 'confirm' => true)); } } } // Check if user wants to delete an announcement if ($news_id = Request::get('delete_news')) { $news = new StudipNews($news_id); if ($news->havePermission('delete')) { if (Request::get('confirm')) { $news->delete(); } else { $this->question = createQuestion(_('Ankündigung wirklich löschen?'), array('delete_news' => $news_id, 'confirm' => true)); } } } $this->perm = StudipNews::haveRangePermission('edit', $range_id); $this->show_all_news = Request::get('nshow_all') && $this->perm; $news = StudipNews::GetNewsByRange($range_id, !$this->show_all_news); if ($this->show_all_news) { URLHelper::addLinkParam('nshow_all', 1); } $this->news = StudipNews::GetNewsByRange($range_id, !$this->show_all_news, true); $this->count_all_news = $this->show_all_news ? count($this->news) : count(StudipNews::GetNewsByRange($range_id, false)); $this->rss_id = get_config('NEWS_RSS_EXPORT_ENABLE') ? StudipNews::GetRssIdFromRangeId($range_id) : false; $this->range = $range_id; $this->nobody = !$GLOBALS['user']->id || $GLOBALS['user']->id == 'nobody'; $this->visit(); }
/** * generates proper text for confirmation question and deletes news * * * @param mixed $delete_news_array (single id or array) * @return string text for confirmation question or empty string after deletion */ function delete_news($delete_news_array) { $text = ''; $confirmed = false; if (!is_array($delete_news_array)) { $delete_news_array = array($delete_news_array); } if (Request::submitted('yes') and Request::isPost()) { CSRFProtection::verifySecurityToken(); $confirmed = true; } foreach ($delete_news_array as $news_id) { if ($news_id) { $delete_news = new StudipNews($news_id); $delete_news_titles[] = $delete_news->getValue('topic'); if ($confirmed) { $msg_object = new messaging(); if ($delete_news->havePermission('delete')) { PageLayout::postMessage(MessageBox::success(sprintf(_('Ankündigung "%s" wurde gelöscht.'), htmlReady($delete_news->getValue('topic'))))); if ($delete_news->getValue('user_id') != $GLOBALS['auth']->auth['uid']) { setTempLanguage($delete_news->getValue('user_id')); $msg = sprintf(_('Ihre Ankündigung "%s" wurde von der Administration gelöscht!.'), $delete_news->getValue('topic'), get_fullname() . ' (' . get_username() . ')') . "\n"; $msg_object->insert_message($msg, get_username($delete_news->getValue('user_id')), "____%system%____", FALSE, FALSE, "1", FALSE, _("Systemnachricht:") . " " . _("Ankündigung geändert")); restoreLanguage(); } $delete_news->delete(); } else { PageLayout::postMessage(MessageBox::error(sprintf(_('Keine Berechtigung zum Löschen der Ankündigung "%s".'), htmlReady($delete_news->getValue('topic'))))); } } } } if (!$confirmed) { if (count($delete_news_titles) == 1) { $text = sprintf(_('- Die Ankündigung "%s" wird unwiderruflich gelöscht.'), $delete_news_titles[0]) . "\n"; } elseif (count($delete_news_titles) > 1) { $text = sprintf(_('- Die %s Ankündigungen "%s" werden unwiderruflich gelöscht.'), count($delete_news_titles), implode('", "', $delete_news_titles)) . "\n"; } } return $text; }