/**
* Save a post and redirects to listing
*
* @return void
*/
public function saveTask()
{
// Check for request forgeries
Request::checkToken();
if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
User::setState('com_forum.edit.thread.data', null);
// Incoming
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
$fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
$fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
$fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
if ($fields['id']) {
$fields['modified'] = \Date::toSql();
$fields['modified_by'] = User::get('id');
}
// Initiate extended database class
$post = Post::oneOrNew(intval($fields['id']))->set($fields);
// Bind the rules.
$data = Request::getVar('jform', array(), 'post');
if (isset($data['rules']) && is_array($data['rules'])) {
$model = new AdminThread();
$form = $model->getForm($data, false);
$validData = $model->validate($form, $data);
$post->assetRules = $validData['rules'];
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editTask($post);
}
// Handle attachments
if (!$this->uploadTask($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editTask($post);
}
// Process tags
$post->tag(trim(Request::getVar('tags', '')));
Notify::success(Lang::txt('COM_FORUM_POST_SAVED'));
if ($this->getTask() == 'apply') {
return $this->editTask($post);
}
// Redirect
$p = '';
if ($thread = Request::getInt('thread', 0)) {
$p = '&task=thread&thread=' . $thread;
}
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . $p, false));
}
/**
* Saves posted data for a new/edited forum thread post
*
* @return void
*/
public function savethread()
{
// Check for request forgeries
Request::checkToken();
// Must be logged in
if (User::isGuest()) {
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url($this->base, false, true))));
return;
}
// Incoming
$section = Request::getVar('section', '');
$no_html = Request::getInt('no_html', 0);
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
// Check permissions
$this->_authorize('thread', intval($fields['id']));
$asset = 'thread';
if ($fields['id'] && !$this->params->get('access-edit-thread') || !$fields['id'] && !$this->params->get('access-create-thread')) {
App::redirect(Route::url($this->base), Lang::txt('You are not authorized to perform this action.'), 'warning');
return;
}
// Bind data
$post = Post::oneOrNew($fields['id']);
// Double comment?
$double = Post::all()->whereEquals('object_id', $post->get('object_id'))->whereEquals('scope', $post->get('scope'))->whereEquals('scope_id', $post->get('scope_id'))->whereEquals('created_by', $post->get('created_by'))->whereEquals('comment', $post->get('comment'))->row();
if ($double->get('id')) {
$post->set($double->toArray());
}
$post->set($fields);
// Load the category
$category = Category::oneOrFail($post->get('category_id'));
if (!$post->get('object_id') && $category->get('object_id')) {
$post->set('object_id', $category->get('object_id'));
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editthread($post);
}
// Upload file
if (!$this->upload($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editthread($post);
}
// Save tags
$post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
$thread = $post->get('thread');
// Being called through AJAX?
if ($no_html) {
// Set the thread
Request::setVar('thread', $thread);
// Is this a new post in a thread or new thread entirely?
if (!$post->get('parent')) {
// New thread
// Update the thread list and get the contents of the thread
Request::setVar('action', 'both');
} else {
// Get a list of new posts in the thread
Request::setVar('action', 'posts');
}
// If we have a lecture set, push through to the lecture view
if (Request::getVar('group', '')) {
$unit = $this->course->offering()->unit($category->get('alias'));
$lecture = new \Components\Courses\Models\Assetgroup($post->get('object_id'));
return $this->onCourseAfterLecture($this->course, $unit, $lecture);
} else {
// Display main panel
return $this->panel();
}
}
$rtrn = base64_decode(Request::getVar('return', '', 'post'));
if (!$rtrn) {
$rtrn = Route::url($this->base . '&thread=' . $thread);
}
// Set the redirect
App::redirect($rtrn, Lang::txt('Post successfully saved'), 'passed');
}
/**
* Save an entry
*
* @return void
*/
public function saveTask()
{
if (User::isGuest()) {
$return = Route::url('index.php?option=' . $this->_option, false, true);
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return)));
}
// Check for request forgeries
Request::checkToken();
// Incoming
$section = Request::getVar('section', '');
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
$fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
$fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
$fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
// Instantiate a Post record
$post = Post::oneOrNew($fields['id']);
// Set authorization if the current user is the creator
// of an existing post.
$assetType = $fields['parent'] ? 'post' : 'thread';
if ($post->get('id')) {
if ($post->get('created_by') == User::get('id')) {
$this->config->set('access-edit-' . $assetType, true);
}
$fields['modified'] = \Date::toSql();
$fields['modified_by'] = User::get('id');
}
// Authorization check
$this->_authorize($assetType, intval($fields['id']));
if (!$this->config->get('access-edit-' . $assetType) && !$this->config->get('access-create-' . $assetType)) {
App::redirect(Route::url('index.php?option=' . $this->_option));
}
// Bind data
$post->set($fields);
// Make sure the thread exists and is accepting new posts
if ($post->get('parent') && isset($fields['thread'])) {
$thread = Post::oneOrFail($fields['thread']);
if (!$thread->get('id') || $thread->get('closed')) {
Notify::error(Lang::txt('COM_FORUM_ERROR_THREAD_CLOSED'));
return $this->editTask($post);
}
}
// Make sure the category exists and is accepting new posts
$category = Category::oneOrFail($post->get('category_id'));
if ($category->get('closed')) {
Notify::error(Lang::txt('COM_FORUM_ERROR_CATEGORY_CLOSED'));
return $this->editTask($post);
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editTask($post);
}
// Upload files
if (!$this->uploadTask($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editTask($post);
}
// Save tags
$post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
// Determine message
if (!$fields['id']) {
$message = Lang::txt('COM_FORUM_POST_ADDED');
if (!$fields['parent']) {
$message = Lang::txt('COM_FORUM_THREAD_STARTED');
}
} else {
$message = $post->get('modified_by') ? Lang::txt('COM_FORUM_POST_EDITED') : Lang::txt('COM_FORUM_POST_ADDED');
}
$url = 'index.php?option=' . $this->_option . '§ion=' . $section . '&category=' . $category->get('alias') . '&thread=' . $post->get('thread') . '#c' . $post->get('id');
// Record the activity
$recipients = array(['forum.site', 1], ['forum.section', $category->get('section_id')], ['user', $post->get('created_by')]);
$type = 'thread';
$desc = Lang::txt('COM_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . $post->get('title') . '</a>');
// If this is a post in a thread and not the thread starter...
if ($post->get('parent')) {
$thread = isset($thread) ? $thread : Post::oneOrFail($post->get('thread'));
$thread->set('last_activity', $fields['id'] ? $post->get('modified') : $post->get('created'));
$thread->save();
$type = 'post';
$desc = Lang::txt('COM_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), $post->get('id'), '<a href="' . Route::url($url) . '">' . $thread->get('title') . '</a>');
// If the parent post is not the same as the
// thread starter (i.e., this is a reply)
if ($post->get('parent') != $post->get('thread')) {
$parent = Post::oneOrFail($post->get('parent'));
$recipients[] = ['user', $parent->get('created_by')];
}
}
Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'forum.' . $type, 'scope_id' => $post->get('id'), 'anonymous' => $post->get('anonymous', 0), 'description' => $desc, 'details' => array('thread' => $post->get('thread'), 'url' => Route::url($url))], 'recipients' => $recipients]);
// Set the redirect
App::redirect(Route::url($url), $message, 'message');
}
/**
* Saves posted data for a new/edited forum thread post
*
* @return void
*/
public function savethread()
{
// Login check is handled in the onGroup() method
/*if (User::isGuest())
{
App::redirect(
Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url($this->base, false, true)))
);
return;
}*/
// Check for request forgeries
Request::checkToken();
// Incoming
$section = Request::getVar('section', '');
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
$fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
$fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
$fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
// Instantiate a Post record
$post = Post::oneOrNew($fields['id']);
$this->_authorize('thread', intval($fields['id']));
$asset = 'thread';
if ($fields['parent']) {
//$asset = 'post';
}
$moving = false;
// Already present
if ($fields['id']) {
if ($post->get('created_by') == User::get('id')) {
$this->params->set('access-edit-' . $asset, true);
}
// Determine if we are moving the category for email suppression
if ($post->get('category_id') != $fields['category_id']) {
$moving = true;
}
$fields['modified'] = \Date::toSql();
$fields['modified_by'] = User::get('id');
}
if (!$this->params->get('access-edit-thread') && !$this->params->get('access-create-thread')) {
App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=forum'), Lang::txt('PLG_GROUPS_FORUM_NOT_AUTHORIZED'), 'warning');
}
// Bind data
$post->set($fields);
// Make sure the thread exists and is accepting new posts
if ($post->get('parent') && isset($fields['thread'])) {
$thread = Post::oneOrFail($fields['thread']);
if (!$thread->get('id') || $thread->get('closed')) {
Notify::error(Lang::txt('PLG_GROUPS_FORUM_ERROR_THREAD_CLOSED'));
return $this->editthread($post);
}
}
if (!$post->get('category_id')) {
Notify::error(Lang::txt('PLG_GROUPS_FORUM_ERROR_MISSING_CATEGORY'));
return $this->editthread($post);
}
// Make sure the category exists and is accepting new posts
$category = Category::oneOrFail($post->get('category_id'));
if ($category->get('closed')) {
Notify::error(Lang::txt('PLG_GROUPS_ERROR_CATEGORY_CLOSED'));
return $this->editthread($post);
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editthread($post);
}
// Upload
if (!$this->upload($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editthread($post);
}
// Save tags
$post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
// Set message
if (!$fields['id']) {
$message = Lang::txt('PLG_GROUPS_FORUM_POST_ADDED');
if (!$fields['parent']) {
$message = Lang::txt('PLG_GROUPS_FORUM_THREAD_STARTED');
}
} else {
$message = $post->get('modified_by') ? Lang::txt('PLG_GROUPS_FORUM_POST_EDITED') : Lang::txt('PLG_GROUPS_FORUM_POST_ADDED');
}
$section = $category->section();
$thread = Post::oneOrNew($post->get('thread'));
// Disable notifications
if ($fields['id'] && !Request::getInt('notify', 0)) {
$moving = true;
}
// Email the group and insert email tokens to allow them to respond to group posts via email
$params = Component::params('com_groups');
if ($params->get('email_comment_processing') && (isset($moving) && $moving == false)) {
$thread->set('section', $section->get('alias'));
$thread->set('category', $category->get('alias'));
$post->set('section', $section->get('alias'));
$post->set('category', $category->get('alias'));
// Figure out who should be notified about this comment (all group members for now)
$userIDsToEmail = array();
$memberoptions = false;
if (file_exists(PATH_CORE . DS . 'plugins' . DS . 'groups' . DS . 'memberoptions' . DS . 'models' . DS . 'memberoption.php')) {
include_once PATH_CORE . DS . 'plugins' . DS . 'groups' . DS . 'memberoptions' . DS . 'models' . DS . 'memberoption.php';
$memberoptions = true;
}
foreach ($this->members as $mbr) {
//Look up user info
$user = User::getInstance($mbr);
if ($user->get('id') && $memberoptions) {
// Find the user's group settings, do they want to get email (0 or 1)?
$groupMemberOption = Plugins\Groups\Memberoptions\Models\Memberoption::oneByUserAndOption($this->group->get('gidNumber'), $user->get('id'), 'receive-forum-email');
$sendEmail = $groupMemberOption->get('optionvalue', 0);
if ($sendEmail == 1) {
$userIDsToEmail[] = $user->get('id');
}
}
}
$allowEmailResponses = true;
try {
$encryptor = new \Hubzero\Mail\Token();
} catch (Exception $e) {
$allowEmailResponses = false;
}
$from = array('name' => (!$post->get('anonymous') ? $post->creator->get('name', Lang::txt('PLG_GROUPS_FORUM_UNKNOWN')) : Lang::txt('PLG_GROUPS_FORUM_ANONYMOUS')) . ' @ ' . Config::get('sitename'), 'email' => Config::get('mailfrom'), 'replytoname' => Config::get('sitename'), 'replytoemail' => Config::get('mailfrom'));
// Email each group member separately, each needs a user specific token
foreach ($userIDsToEmail as $userID) {
$unsubscribeLink = '';
$delimiter = '';
if ($allowEmailResponses) {
$delimiter = '~!~!~!~!~!~!~!~!~!~!';
// Construct User specific Email ThreadToken
// Version, type, userid, xforumid
$token = $encryptor->buildEmailToken(1, 2, $userID, $post->get('thread', $post->get('id')));
// add unsubscribe link
$unsubscribeToken = $encryptor->buildEmailToken(1, 3, $userID, $this->group->get('gidNumber'));
$unsubscribeLink = rtrim(Request::base(), '/') . '/' . ltrim(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=forum&action=unsubscribe&t=' . $unsubscribeToken), DS);
$from['replytoname'] = Lang::txt('PLG_GROUPS_FORUM_REPLYTO') . ' @ ' . Config::get('sitename');
$from['replytoemail'] = 'hgm-' . $token . '@' . $_SERVER['HTTP_HOST'];
}
$msg = array();
// create view object
$eview = new \Hubzero\Mail\View(array('base_path' => __DIR__, 'name' => 'email', 'layout' => 'comment_plain'));
// plain text
$eview->set('delimiter', $delimiter)->set('unsubscribe', $unsubscribeLink)->set('group', $this->group)->set('section', $section)->set('category', $category)->set('thread', $thread)->set('post', $post);
$plain = $eview->loadTemplate(false);
$msg['plaintext'] = str_replace("\n", "\r\n", $plain);
// HTML
$eview->setLayout('comment_html');
$html = $eview->loadTemplate();
$msg['multipart'] = str_replace("\n", "\r\n", $html);
$subject = Lang::txt('PLG_GROUPS_FORUM') . ': ' . $this->group->get('cn') . ' - ' . $thread->get('title');
if (!Event::trigger('xmessage.onSendMessage', array('group_message', $subject, $msg, $from, array($userID), $this->option, null, '', $this->group->get('gidNumber')))) {
$this->setError(Lang::txt('GROUPS_ERROR_EMAIL_MEMBERS_FAILED'));
}
}
}
$url = $this->base . '&scope=' . $section->get('alias') . '/' . $category->get('alias') . '/' . $thread->get('id');
// Record the activity
$recipients = array(['group', $this->group->get('gidNumber')], ['forum.' . $this->forum->get('scope'), $this->forum->get('scope_id')], ['user', $post->get('created_by')]);
foreach ($this->group->get('managers') as $recipient) {
$recipients[] = ['user', $recipient];
}
$type = 'thread';
$desc = Lang::txt('PLG_GROUPS_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . $post->get('title') . '</a>');
// If this is a post in a thread and not the thread starter...
if ($post->get('parent')) {
$thread = isset($thread) ? $thread : Post::oneOrFail($post->get('thread'));
$thread->set('last_activity', $fields['id'] ? $post->get('modified') : $post->get('created'));
$thread->save();
$type = 'post';
$desc = Lang::txt('PLG_GROUPS_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), $post->get('id'), '<a href="' . Route::url($url) . '">' . $thread->get('title') . '</a>');
// If the parent post is not the same as the
// thread starter (i.e., this is a reply)
if ($post->get('parent') != $post->get('thread')) {
$parent = Post::oneOrFail($post->get('parent'));
$recipients[] = ['user', $parent->get('created_by')];
}
}
Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'forum.' . $type, 'scope_id' => $post->get('id'), 'anonymous' => $post->get('anonymous', 0), 'description' => $desc, 'details' => array('thread' => $post->get('thread'), 'url' => Route::url($url))], 'recipients' => $recipients]);
// Set the redirect
App::redirect(Route::url($url), $message, 'passed');
}