Example #1
0
 /**
  * Save a post and redirects to listing
  *
  * @return  void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) {
         App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
     }
     User::setState('com_forum.edit.thread.data', null);
     // Incoming
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     $fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
     $fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
     $fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
     if ($fields['id']) {
         $fields['modified'] = \Date::toSql();
         $fields['modified_by'] = User::get('id');
     }
     // Initiate extended database class
     $post = Post::oneOrNew(intval($fields['id']))->set($fields);
     // Bind the rules.
     $data = Request::getVar('jform', array(), 'post');
     if (isset($data['rules']) && is_array($data['rules'])) {
         $model = new AdminThread();
         $form = $model->getForm($data, false);
         $validData = $model->validate($form, $data);
         $post->assetRules = $validData['rules'];
     }
     // Store new content
     if (!$post->save()) {
         Notify::error($post->getError());
         return $this->editTask($post);
     }
     // Handle attachments
     if (!$this->uploadTask($post->get('thread', $post->get('id')), $post->get('id'))) {
         Notify::error($this->getError());
         return $this->editTask($post);
     }
     // Process tags
     $post->tag(trim(Request::getVar('tags', '')));
     Notify::success(Lang::txt('COM_FORUM_POST_SAVED'));
     if ($this->getTask() == 'apply') {
         return $this->editTask($post);
     }
     // Redirect
     $p = '';
     if ($thread = Request::getInt('thread', 0)) {
         $p = '&task=thread&thread=' . $thread;
     }
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . $p, false));
 }
Example #2
0
 /**
  * Saves posted data for a new/edited forum thread post
  *
  * @return  void
  */
 public function savethread()
 {
     // Check for request forgeries
     Request::checkToken();
     // Must be logged in
     if (User::isGuest()) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url($this->base, false, true))));
         return;
     }
     // Incoming
     $section = Request::getVar('section', '');
     $no_html = Request::getInt('no_html', 0);
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     // Check permissions
     $this->_authorize('thread', intval($fields['id']));
     $asset = 'thread';
     if ($fields['id'] && !$this->params->get('access-edit-thread') || !$fields['id'] && !$this->params->get('access-create-thread')) {
         App::redirect(Route::url($this->base), Lang::txt('You are not authorized to perform this action.'), 'warning');
         return;
     }
     // Bind data
     $post = Post::oneOrNew($fields['id']);
     // Double comment?
     $double = Post::all()->whereEquals('object_id', $post->get('object_id'))->whereEquals('scope', $post->get('scope'))->whereEquals('scope_id', $post->get('scope_id'))->whereEquals('created_by', $post->get('created_by'))->whereEquals('comment', $post->get('comment'))->row();
     if ($double->get('id')) {
         $post->set($double->toArray());
     }
     $post->set($fields);
     // Load the category
     $category = Category::oneOrFail($post->get('category_id'));
     if (!$post->get('object_id') && $category->get('object_id')) {
         $post->set('object_id', $category->get('object_id'));
     }
     // Store new content
     if (!$post->save()) {
         Notify::error($post->getError());
         return $this->editthread($post);
     }
     // Upload file
     if (!$this->upload($post->get('thread', $post->get('id')), $post->get('id'))) {
         Notify::error($this->getError());
         return $this->editthread($post);
     }
     // Save tags
     $post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
     $thread = $post->get('thread');
     // Being called through AJAX?
     if ($no_html) {
         // Set the thread
         Request::setVar('thread', $thread);
         // Is this a new post in a thread or new thread entirely?
         if (!$post->get('parent')) {
             // New thread
             // Update the thread list and get the contents of the thread
             Request::setVar('action', 'both');
         } else {
             // Get a list of new posts in the thread
             Request::setVar('action', 'posts');
         }
         // If we have a lecture set, push through to the lecture view
         if (Request::getVar('group', '')) {
             $unit = $this->course->offering()->unit($category->get('alias'));
             $lecture = new \Components\Courses\Models\Assetgroup($post->get('object_id'));
             return $this->onCourseAfterLecture($this->course, $unit, $lecture);
         } else {
             // Display main panel
             return $this->panel();
         }
     }
     $rtrn = base64_decode(Request::getVar('return', '', 'post'));
     if (!$rtrn) {
         $rtrn = Route::url($this->base . '&thread=' . $thread);
     }
     // Set the redirect
     App::redirect($rtrn, Lang::txt('Post successfully saved'), 'passed');
 }
Example #3
0
 /**
  * Save an entry
  *
  * @return  void
  */
 public function saveTask()
 {
     if (User::isGuest()) {
         $return = Route::url('index.php?option=' . $this->_option, false, true);
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return)));
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $section = Request::getVar('section', '');
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     $fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
     $fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
     $fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
     // Instantiate a Post record
     $post = Post::oneOrNew($fields['id']);
     // Set authorization if the current user is the creator
     // of an existing post.
     $assetType = $fields['parent'] ? 'post' : 'thread';
     if ($post->get('id')) {
         if ($post->get('created_by') == User::get('id')) {
             $this->config->set('access-edit-' . $assetType, true);
         }
         $fields['modified'] = \Date::toSql();
         $fields['modified_by'] = User::get('id');
     }
     // Authorization check
     $this->_authorize($assetType, intval($fields['id']));
     if (!$this->config->get('access-edit-' . $assetType) && !$this->config->get('access-create-' . $assetType)) {
         App::redirect(Route::url('index.php?option=' . $this->_option));
     }
     // Bind data
     $post->set($fields);
     // Make sure the thread exists and is accepting new posts
     if ($post->get('parent') && isset($fields['thread'])) {
         $thread = Post::oneOrFail($fields['thread']);
         if (!$thread->get('id') || $thread->get('closed')) {
             Notify::error(Lang::txt('COM_FORUM_ERROR_THREAD_CLOSED'));
             return $this->editTask($post);
         }
     }
     // Make sure the category exists and is accepting new posts
     $category = Category::oneOrFail($post->get('category_id'));
     if ($category->get('closed')) {
         Notify::error(Lang::txt('COM_FORUM_ERROR_CATEGORY_CLOSED'));
         return $this->editTask($post);
     }
     // Store new content
     if (!$post->save()) {
         Notify::error($post->getError());
         return $this->editTask($post);
     }
     // Upload files
     if (!$this->uploadTask($post->get('thread', $post->get('id')), $post->get('id'))) {
         Notify::error($this->getError());
         return $this->editTask($post);
     }
     // Save tags
     $post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
     // Determine message
     if (!$fields['id']) {
         $message = Lang::txt('COM_FORUM_POST_ADDED');
         if (!$fields['parent']) {
             $message = Lang::txt('COM_FORUM_THREAD_STARTED');
         }
     } else {
         $message = $post->get('modified_by') ? Lang::txt('COM_FORUM_POST_EDITED') : Lang::txt('COM_FORUM_POST_ADDED');
     }
     $url = 'index.php?option=' . $this->_option . '&section=' . $section . '&category=' . $category->get('alias') . '&thread=' . $post->get('thread') . '#c' . $post->get('id');
     // Record the activity
     $recipients = array(['forum.site', 1], ['forum.section', $category->get('section_id')], ['user', $post->get('created_by')]);
     $type = 'thread';
     $desc = Lang::txt('COM_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . $post->get('title') . '</a>');
     // If this is a post in a thread and not the thread starter...
     if ($post->get('parent')) {
         $thread = isset($thread) ? $thread : Post::oneOrFail($post->get('thread'));
         $thread->set('last_activity', $fields['id'] ? $post->get('modified') : $post->get('created'));
         $thread->save();
         $type = 'post';
         $desc = Lang::txt('COM_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), $post->get('id'), '<a href="' . Route::url($url) . '">' . $thread->get('title') . '</a>');
         // If the parent post is not the same as the
         // thread starter (i.e., this is a reply)
         if ($post->get('parent') != $post->get('thread')) {
             $parent = Post::oneOrFail($post->get('parent'));
             $recipients[] = ['user', $parent->get('created_by')];
         }
     }
     Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'forum.' . $type, 'scope_id' => $post->get('id'), 'anonymous' => $post->get('anonymous', 0), 'description' => $desc, 'details' => array('thread' => $post->get('thread'), 'url' => Route::url($url))], 'recipients' => $recipients]);
     // Set the redirect
     App::redirect(Route::url($url), $message, 'message');
 }
Example #4
0
 /**
  * Saves posted data for a new/edited forum thread post
  *
  * @return  void
  */
 public function savethread()
 {
     // Login check is handled in the onGroup() method
     /*if (User::isGuest())
     		{
     			App::redirect(
     				Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url($this->base, false, true)))
     			);
     			return;
     		}*/
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $section = Request::getVar('section', '');
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     $fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
     $fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
     $fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
     // Instantiate a Post record
     $post = Post::oneOrNew($fields['id']);
     $this->_authorize('thread', intval($fields['id']));
     $asset = 'thread';
     if ($fields['parent']) {
         //$asset = 'post';
     }
     $moving = false;
     // Already present
     if ($fields['id']) {
         if ($post->get('created_by') == User::get('id')) {
             $this->params->set('access-edit-' . $asset, true);
         }
         // Determine if we are moving the category for email suppression
         if ($post->get('category_id') != $fields['category_id']) {
             $moving = true;
         }
         $fields['modified'] = \Date::toSql();
         $fields['modified_by'] = User::get('id');
     }
     if (!$this->params->get('access-edit-thread') && !$this->params->get('access-create-thread')) {
         App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=forum'), Lang::txt('PLG_GROUPS_FORUM_NOT_AUTHORIZED'), 'warning');
     }
     // Bind data
     $post->set($fields);
     // Make sure the thread exists and is accepting new posts
     if ($post->get('parent') && isset($fields['thread'])) {
         $thread = Post::oneOrFail($fields['thread']);
         if (!$thread->get('id') || $thread->get('closed')) {
             Notify::error(Lang::txt('PLG_GROUPS_FORUM_ERROR_THREAD_CLOSED'));
             return $this->editthread($post);
         }
     }
     if (!$post->get('category_id')) {
         Notify::error(Lang::txt('PLG_GROUPS_FORUM_ERROR_MISSING_CATEGORY'));
         return $this->editthread($post);
     }
     // Make sure the category exists and is accepting new posts
     $category = Category::oneOrFail($post->get('category_id'));
     if ($category->get('closed')) {
         Notify::error(Lang::txt('PLG_GROUPS_ERROR_CATEGORY_CLOSED'));
         return $this->editthread($post);
     }
     // Store new content
     if (!$post->save()) {
         Notify::error($post->getError());
         return $this->editthread($post);
     }
     // Upload
     if (!$this->upload($post->get('thread', $post->get('id')), $post->get('id'))) {
         Notify::error($this->getError());
         return $this->editthread($post);
     }
     // Save tags
     $post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
     // Set message
     if (!$fields['id']) {
         $message = Lang::txt('PLG_GROUPS_FORUM_POST_ADDED');
         if (!$fields['parent']) {
             $message = Lang::txt('PLG_GROUPS_FORUM_THREAD_STARTED');
         }
     } else {
         $message = $post->get('modified_by') ? Lang::txt('PLG_GROUPS_FORUM_POST_EDITED') : Lang::txt('PLG_GROUPS_FORUM_POST_ADDED');
     }
     $section = $category->section();
     $thread = Post::oneOrNew($post->get('thread'));
     // Disable notifications
     if ($fields['id'] && !Request::getInt('notify', 0)) {
         $moving = true;
     }
     // Email the group and insert email tokens to allow them to respond to group posts via email
     $params = Component::params('com_groups');
     if ($params->get('email_comment_processing') && (isset($moving) && $moving == false)) {
         $thread->set('section', $section->get('alias'));
         $thread->set('category', $category->get('alias'));
         $post->set('section', $section->get('alias'));
         $post->set('category', $category->get('alias'));
         // Figure out who should be notified about this comment (all group members for now)
         $userIDsToEmail = array();
         $memberoptions = false;
         if (file_exists(PATH_CORE . DS . 'plugins' . DS . 'groups' . DS . 'memberoptions' . DS . 'models' . DS . 'memberoption.php')) {
             include_once PATH_CORE . DS . 'plugins' . DS . 'groups' . DS . 'memberoptions' . DS . 'models' . DS . 'memberoption.php';
             $memberoptions = true;
         }
         foreach ($this->members as $mbr) {
             //Look up user info
             $user = User::getInstance($mbr);
             if ($user->get('id') && $memberoptions) {
                 // Find the user's group settings, do they want to get email (0 or 1)?
                 $groupMemberOption = Plugins\Groups\Memberoptions\Models\Memberoption::oneByUserAndOption($this->group->get('gidNumber'), $user->get('id'), 'receive-forum-email');
                 $sendEmail = $groupMemberOption->get('optionvalue', 0);
                 if ($sendEmail == 1) {
                     $userIDsToEmail[] = $user->get('id');
                 }
             }
         }
         $allowEmailResponses = true;
         try {
             $encryptor = new \Hubzero\Mail\Token();
         } catch (Exception $e) {
             $allowEmailResponses = false;
         }
         $from = array('name' => (!$post->get('anonymous') ? $post->creator->get('name', Lang::txt('PLG_GROUPS_FORUM_UNKNOWN')) : Lang::txt('PLG_GROUPS_FORUM_ANONYMOUS')) . ' @ ' . Config::get('sitename'), 'email' => Config::get('mailfrom'), 'replytoname' => Config::get('sitename'), 'replytoemail' => Config::get('mailfrom'));
         // Email each group member separately, each needs a user specific token
         foreach ($userIDsToEmail as $userID) {
             $unsubscribeLink = '';
             $delimiter = '';
             if ($allowEmailResponses) {
                 $delimiter = '~!~!~!~!~!~!~!~!~!~!';
                 // Construct User specific Email ThreadToken
                 // Version, type, userid, xforumid
                 $token = $encryptor->buildEmailToken(1, 2, $userID, $post->get('thread', $post->get('id')));
                 // add unsubscribe link
                 $unsubscribeToken = $encryptor->buildEmailToken(1, 3, $userID, $this->group->get('gidNumber'));
                 $unsubscribeLink = rtrim(Request::base(), '/') . '/' . ltrim(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=forum&action=unsubscribe&t=' . $unsubscribeToken), DS);
                 $from['replytoname'] = Lang::txt('PLG_GROUPS_FORUM_REPLYTO') . ' @ ' . Config::get('sitename');
                 $from['replytoemail'] = 'hgm-' . $token . '@' . $_SERVER['HTTP_HOST'];
             }
             $msg = array();
             // create view object
             $eview = new \Hubzero\Mail\View(array('base_path' => __DIR__, 'name' => 'email', 'layout' => 'comment_plain'));
             // plain text
             $eview->set('delimiter', $delimiter)->set('unsubscribe', $unsubscribeLink)->set('group', $this->group)->set('section', $section)->set('category', $category)->set('thread', $thread)->set('post', $post);
             $plain = $eview->loadTemplate(false);
             $msg['plaintext'] = str_replace("\n", "\r\n", $plain);
             // HTML
             $eview->setLayout('comment_html');
             $html = $eview->loadTemplate();
             $msg['multipart'] = str_replace("\n", "\r\n", $html);
             $subject = Lang::txt('PLG_GROUPS_FORUM') . ': ' . $this->group->get('cn') . ' - ' . $thread->get('title');
             if (!Event::trigger('xmessage.onSendMessage', array('group_message', $subject, $msg, $from, array($userID), $this->option, null, '', $this->group->get('gidNumber')))) {
                 $this->setError(Lang::txt('GROUPS_ERROR_EMAIL_MEMBERS_FAILED'));
             }
         }
     }
     $url = $this->base . '&scope=' . $section->get('alias') . '/' . $category->get('alias') . '/' . $thread->get('id');
     // Record the activity
     $recipients = array(['group', $this->group->get('gidNumber')], ['forum.' . $this->forum->get('scope'), $this->forum->get('scope_id')], ['user', $post->get('created_by')]);
     foreach ($this->group->get('managers') as $recipient) {
         $recipients[] = ['user', $recipient];
     }
     $type = 'thread';
     $desc = Lang::txt('PLG_GROUPS_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . $post->get('title') . '</a>');
     // If this is a post in a thread and not the thread starter...
     if ($post->get('parent')) {
         $thread = isset($thread) ? $thread : Post::oneOrFail($post->get('thread'));
         $thread->set('last_activity', $fields['id'] ? $post->get('modified') : $post->get('created'));
         $thread->save();
         $type = 'post';
         $desc = Lang::txt('PLG_GROUPS_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), $post->get('id'), '<a href="' . Route::url($url) . '">' . $thread->get('title') . '</a>');
         // If the parent post is not the same as the
         // thread starter (i.e., this is a reply)
         if ($post->get('parent') != $post->get('thread')) {
             $parent = Post::oneOrFail($post->get('parent'));
             $recipients[] = ['user', $parent->get('created_by')];
         }
     }
     Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'forum.' . $type, 'scope_id' => $post->get('id'), 'anonymous' => $post->get('anonymous', 0), 'description' => $desc, 'details' => array('thread' => $post->get('thread'), 'url' => Route::url($url))], 'recipients' => $recipients]);
     // Set the redirect
     App::redirect(Route::url($url), $message, 'passed');
 }