Exemple #1
0
 /**
  * Edits or creates a page.
  *
  * @param mixed $id Id of the page to edit; a new page will be created if
  *                  this parameter is omitted.
  */
 public function edit_action($id = null)
 {
     if (Request::submitted('submit')) {
         CSRFProtection::verifyUnsafeRequest();
         $scm = new StudipScmEntry($id);
         $scm->tab_name = Request::get('tab_name_template') ?: Request::get('tab_name');
         $scm->content = Studip\Markup::purifyHtml(Request::get('content'));
         $scm->user_id = $GLOBALS['user']->id;
         $scm->range_id = $GLOBALS['SessSemName'][1];
         if ($scm->isNew()) {
             $temp = StudipScmEntry::findByRange_id($GLOBALS['SessSemName'][1], 'ORDER BY position ASC');
             $scms = SimpleORMapCollection::createFromArray($temp);
             $max = max($scms->pluck('position'));
             $scm->position = $max + 1;
         }
         if ($scm->store() !== false) {
             $message = MessageBox::success(_('Die Änderungen wurden übernommen.'));
             PageLayout::postMessage($message);
         }
         $this->redirect('course/scm/' . $scm->id);
     }
     $this->scm = new StudipScmEntry($id);
     $this->set_title(_('Informationsseite bearbeiten') . ': ' . $this->scm->tab_name);
     Navigation::activateItem('/course/scm/' . $this->scm->id);
 }
Exemple #2
0
     wikiEdit($keyword, NULL, $user->id, Request::quoted('lastpage'));
 } else {
     // Default action: Display WikiPage (+ logic for submission)
     //
     if (empty($keyword)) {
         $keyword = 'WikiWikiWeb';
         // display Start page as default
     }
     releaseLocks($keyword);
     // kill old locks
     $special = "";
     if (Request::submitted('submit')) {
         //
         // Page was edited and submitted
         //
         submitWikiPage($keyword, $version, Studip\Markup::purifyHtml(Request::get('body')), $user->id, $SessSemName[1]);
         $version = "";
         // $version="" means: get latest
     } else {
         if ($cmd == "abortedit") {
             // Editieren abgebrochen
             //
             // Editing page was aborted
             //
             releasePageLocks($keyword, $user->id);
             // kill lock (set when starting to edit)
             if (Request::quoted('lastpage')) {
                 // if editing new page was aborted, display last page again
                 $keyword = Request::quoted('lastpage');
             }
         } else {
 /**
 * Updates the item content of any kind
 *
 * @access  private
 * @param   boolean  $no_delete  YES/NO (optional)
 * @return  boolean  true (reinits the tree)
 */
 function execCommandUpdateItem($no_delete = false)
 {
     $mode = $this->getInstance($this->itemID);
     $title = Request::get('title');
     if ($title == "" && $mode != QUESTION_BLOCK) {
         $title = _("Kein Titel angegeben.");
     }
     $text = Studip\Markup::purifyHtml(trim(Request::get('text')));
     switch ($mode) {
         case ROOT_BLOCK:
             $this->tree->eval->setTitle($title);
             $this->tree->eval->setText($text);
             //global features
             $this->tree->eval->setAnonymous(Request::get('anonymous'));
             $this->tree->eval->save();
             if ($this->tree->eval->isError) {
                 return EvalCommon::showErrorReport($this->tree->eval, _("Fehler beim Einlesen (root-item)"));
             }
             $this->msg[$this->itemID] = "msg§" . _("Veränderungen wurden gespeichert.");
             break;
         case ARRANGMENT_BLOCK:
             $group =& $this->tree->getGroupObject($this->itemID, true);
             $group->setTitle($title);
             $group->setText($text);
             $group->save();
             if ($group->isError) {
                 return EvalCommon::showErrorReport($this->tree->eval, _("Fehler beim Einlesen (Block)"));
             }
             $this->msg[$this->itemID] = "msg§" . _("Veränderungen wurden gespeichert.");
             $group = null;
             break;
         case QUESTION_BLOCK:
             $group =& $this->tree->getGroupObject($this->itemID, true);
             $group->setTitle($title);
             $group->setText($text);
             $group->setMandatory(Request::get('mandatory'));
             $group->save();
             // update the questions
             $msg = $this->execCommandUpdateQuestions();
             $no_answers = 0;
             $group =& $this->tree->getGroupObject($this->itemID, true);
             // info about missing answers
             if ($group->getChildren() && $group->getTemplateID() == NULL) {
                 foreach ($group->getChildren() as $question) {
                     if ($question->getChildren() == NULL) {
                         $no_answers++;
                     }
                 }
                 if ($no_answers == 1) {
                     if ($this->msg[$this->itemID]) {
                         $this->msg[$this->itemID] .= "<br>" . _("Einer Frage wurden noch keine Antwortenmöglichkeiten zugewiesen.");
                     } else {
                         $this->msg[$this->itemID] .= "info§" . _("Einer Frage  wurden noch keine Antwortenmöglichkeiten zugewiesen.");
                     }
                 } elseif ($no_answers > 1) {
                     if ($this->msg[$this->itemID]) {
                         $this->msg[$this->itemID] .= "<br>" . sprintf(_("%s Fragen wurden noch keine Antwortenmöglichkeiten zugewiesen."), $no_answers);
                     } else {
                         $this->msg[$this->itemID] .= "info§" . sprintf(_("%s Fragen wurden noch keine Antwortenmöglichkeiten zugewiesen."), $no_answers);
                     }
                 }
             }
             if ($group->isError) {
                 return EvalCommon::showErrorReport($this->tree->eval, _("Fehler beim Einlesen (Fragenblock)"));
             }
             if ($this->msg[$this->itemID]) {
                 $this->msg[$this->itemID] .= "<br>" . _("Veränderungen wurden gespeichert.");
             } else {
                 $this->msg[$this->itemID] .= "msg§" . _("Veränderungen wurden gespeichert.");
             }
             if ($msg) {
                 $this->msg[$this->itemID] = $this->msg[$this->itemID] . "<br>" . $msg;
             }
             #   }
             break;
         default:
             $this->msg[$this->itemID] .= "info§" . _("Falscher Blocktyp. Es wurden keine Veränderungen vorgenommen.");
             break;
     }
     $this->changed = true;
     return true;
 }
Exemple #4
0
 /**
  * Stores a user's details.
  */
 public function store_action()
 {
     $this->check_ticket();
     $changed = false;
     if (Config::get()->ENABLE_SKYPE_INFO) {
         $new_skype_name = Request::get('skype_name');
         if ($new_skype_name != $this->config->SKYPE_NAME) {
             $this->config->store('SKYPE_NAME', $new_skype_name);
             Visibility::updatePrivacySettingWithTest(Request::get('skype_name'), _("Skype Name"), "skype_name", 'privatedata', 1, $this->user->user_id);
             $changed = true;
         }
         if (Request::int('skype_online_status') != $this->config->SKYPE_ONLINE_STATUS) {
             $this->config->store('SKYPE_ONLINE_STATUS', Request::int('skype_online_status'));
             Visibility::updatePrivacySettingWithTest(Request::int('skype_online_status'), _("Skype Online Status"), "skype_online_status", 'skype_name', 1, $this->user->user_id);
             $changed = true;
         }
     }
     $mapping = array('telefon' => 'privatnr', 'cell' => 'privatcell', 'anschrift' => 'privadr', 'home' => 'Home', 'motto' => 'motto', 'hobby' => 'hobby', 'lebenslauf' => 'lebenslauf', 'schwerp' => 'schwerp', 'publi' => 'publi');
     // Visibilitymapping Remove in Stud.IP 3.0 with a migration
     $vis_mapping = array('telefon' => 'private_phone', 'cell' => 'private_cell', 'anschrift' => 'privadr', 'home' => 'homepage', 'motto' => 'motto', 'hobby' => 'hobby', 'lebenslauf' => 'lebenslauf', 'schwerp' => 'schwerp', 'publi' => 'publi');
     $settingsname = array('telefon' => _('Private Telefonnummer'), 'cell' => _('Private Handynummer'), 'anschrift' => _('Private Adresse'), 'home' => _('Homepage-Adresse'), 'motto' => _('Motto'), 'hobby' => _('Hobbies'), 'lebenslauf' => _('Lebenslauf'), 'schwerp' => _('Arbeitsschwerpunkte'), 'publi' => _('Publikationen'));
     foreach ($mapping as $key => $column) {
         $value = Request::get($key);
         if (in_array($key, array('hobby', 'lebenslauf', 'schwerp', 'publi'))) {
             // purify HTML input for these fields if wysiwyg is used
             $value = Studip\Markup::purifyHtml($value);
         }
         if ($this->user->{$column} != $value && $this->shallChange('user_info.' . $column, $column, $value)) {
             $this->user->{$column} = $value;
             Visibility::updatePrivacySettingWithTest($value, $settingsname[$key], $vis_mapping[$key], 'privatedata', 1, $this->user->user_id);
             $changed = true;
         }
     }
     $datafields_changed = false;
     $errors = array();
     $datafields = DataFieldEntry::getDataFieldEntries($this->user->user_id, 'user');
     $data = Request::getArray('datafields');
     foreach ($datafields as $id => $entry) {
         if (isset($data[$id]) && $data[$id] != $entry->getValue()) {
             // i really dont know if this is correct but it works
             Visibility::updatePrivacySettingWithTest($data[$id], $entry->getName(), $entry->getID(), 'additionaldata', 1, $this->user->user_id);
             $entry->setValueFromSubmit($data[$id]);
             if ($entry->isValid()) {
                 if ($entry->store()) {
                     $datafields_changed = true;
                 }
             } else {
                 $errors[] = sprintf(_('Fehlerhafter Eintrag im Feld <em>%s</em>: %s (Eintrag wurde nicht gespeichert)'), $entry->getName(), $entry->getDisplayValue());
             }
         }
     }
     if (count($errors) > 0) {
         $this->reportErrorWithDetails(_('Bitte überprüfen Sie Ihre Eingaben.'), $errors);
     } else {
         if ($this->user->store() || $changed || $datafields_changed) {
             $this->reportSuccess(_('Daten im Lebenslauf u.a. wurden geändert.'));
             setTempLanguage($this->user->user_id);
             $this->postPrivateMessage(_('Daten im Lebenslauf u.a. wurden geändert.'));
             restoreLanguage();
         }
     }
     $this->redirect('settings/details');
 }
Exemple #5
0
 public function index_action()
 {
     if (Request::isPost() && Request::get("edit") && $GLOBALS['perm']->have_studip_perm("tutor", $_SESSION['SessionSeminar'])) {
         $topic = new CourseTopic(Request::option("issue_id"));
         if ($topic['seminar_id'] && $topic['seminar_id'] !== $_SESSION['SessionSeminar']) {
             throw new AccessDeniedException();
         }
         if (Request::submitted("delete_topic")) {
             $topic->delete();
             PageLayout::postMessage(MessageBox::success(_("Thema gelöscht.")));
         } else {
             $topic['title'] = Request::get("title");
             $topic['description'] = Studip\Markup::purifyHtml(Request::get("description"));
             if ($topic->isNew()) {
                 $topic['seminar_id'] = $_SESSION['SessionSeminar'];
             }
             $topic->store();
             //change dates for this topic
             $former_date_ids = $topic->dates->pluck("termin_id");
             $new_date_ids = array_keys(Request::getArray("date"));
             foreach (array_diff($former_date_ids, $new_date_ids) as $delete_termin_id) {
                 $topic->dates->unsetByPk($delete_termin_id);
             }
             foreach (array_diff($new_date_ids, $former_date_ids) as $add_termin_id) {
                 $date = CourseDate::find($add_termin_id);
                 if ($date) {
                     $topic->dates[] = $date;
                 }
             }
             $topic->store();
             if (Request::get("folder") && !$topic->folder) {
                 $topic->connectWithDocumentFolder();
             }
             // create a connection to the module forum (can be anything)
             // will update title and description automagically
             if (Request::get("forumthread")) {
                 $topic->connectWithForumThread();
             }
             if (Request::option("issue_id") === "new") {
                 Request::set("open", $topic->getId());
             }
             PageLayout::postMessage(MessageBox::success(_("Thema gespeichert.")));
             $this->redirect("course/topics/index");
         }
     }
     if (Request::isPost() && Request::option("move_down")) {
         $topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
         $mainkey = null;
         foreach ($topics as $key => $topic) {
             if ($topic->getId() === Request::option("move_down")) {
                 $mainkey = $key;
             }
             $topic['priority'] = $key + 1;
         }
         if ($mainkey !== null && $mainkey < count($topics)) {
             $topics[$mainkey]->priority++;
             $topics[$mainkey + 1]->priority--;
         }
         foreach ($topics as $key => $topic) {
             $topic->store();
         }
     }
     if (Request::isPost() && Request::option("move_up")) {
         $topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
         foreach ($topics as $key => $topic) {
             if ($topic->getId() === Request::option("move_up") && $key > 0) {
                 $topic['priority'] = $key;
                 $topics[$key - 1]->priority = $key + 1;
                 $topics[$key - 1]->store();
             } else {
                 $topic['priority'] = $key + 1;
             }
             $topic->store();
         }
     }
     Navigation::activateItem('/course/schedule/topics');
     $this->topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
     $this->cancelled_dates_locked = LockRules::Check($_SESSION['SessionSeminar'], 'cancelled_dates');
 }
Exemple #6
0
 /**
  * Update the submitted entry.
  * 
  * @param string $topic_id id of the entry to update
  * @throws AccessDeniedException
  */
 function update_entry_action($topic_id)
 {
     if (Request::isXhr()) {
         $name = studip_utf8decode(Request::get('name', _('Kein Titel')));
         $content = Studip\Markup::purifyHtml(studip_utf8decode(Request::get('content', _('Keine Beschreibung'))));
     } else {
         $name = Request::get('name', _('Kein Titel'));
         $content = Studip\Markup::purifyHtml(Request::get('content', _('Keine Beschreibung')));
     }
     ForumPerm::check('add_entry', $this->getId(), $topic_id);
     if (ForumPerm::hasEditPerms($topic_id)) {
         ForumEntry::update($topic_id, $name, $content);
     } else {
         throw new AccessDeniedException(_('Sie haben keine Berechtigung, diesen Eintrag zu editieren!'));
     }
     if (Request::isXhr()) {
         $this->render_text(json_encode(array('name' => studip_utf8encode(htmlReady($name)), 'content' => studip_utf8encode(formatReady($content)))));
     } else {
         $this->redirect(PluginEngine::getLink('coreforum/index/index/' . $topic_id . '#' . $topic_id));
     }
 }
Exemple #7
0
 /**
  * Sends a message and redirects the user.
  */
 public function send_action()
 {
     PageLayout::setTitle(_("Nachricht verschicken"));
     if (Request::isPost() && count(array_filter(Request::getArray("message_to"))) && Request::submitted("message_body")) {
         $messaging = new messaging();
         $rec_uname = array();
         foreach (Request::getArray("message_to") as $user_id) {
             if ($user_id) {
                 $rec_uname[] = get_username($user_id);
             }
         }
         $messaging->provisonal_attachment_id = Request::option("message_id");
         $messaging->send_as_email = Request::int("message_mail");
         $messaging->insert_message(Studip\Markup::purifyHtml(Request::get("message_body")), $rec_uname, $GLOBALS['user']->id, '', '', '', null, Request::get("message_subject"), "", 'normal', trim(Request::get("message_tags")) ?: null);
         if (Request::option('answer_to')) {
             $old_message = Message::find(Request::option('answer_to'));
             if ($old_message) {
                 $old_message->originator->answered = 1;
                 $old_message->store();
             }
         }
         PageLayout::postMessage(MessageBox::success(_("Nachricht wurde verschickt.")));
     } else {
         if (!count(array_filter(Request::getArray('message_to')))) {
             PageLayout::postMessage(MessageBox::error(_('Sie haben nicht angegeben, wer die Nachricht empfangen soll!')));
         }
     }
 }
Exemple #8
0
 /**
  * Builds news dialog for editing / adding news
  *
  * @param string $id news           id (in case news already exists; otherwise set to "new")
  * @param string $context_range     range id (only for new news; set to 'template' for copied news)
  * @param string $template_id       template id (source of news template)
  *
  */
 function edit_news_action($id = '', $context_range = '', $template_id = '')
 {
     // initialize
     $this->news_isvisible = array('news_basic' => true, 'news_comments' => false, 'news_areas' => false);
     $ranges = array();
     $this->ranges = array();
     $this->area_options_selectable = array();
     $this->area_options_selected = array();
     $this->may_delete = false;
     $this->route = "news/edit_news/{$id}";
     if ($context_range) {
         $this->route .= "/{$context_range}";
         if ($template_id) {
             $this->route .= "/{$template_id}";
         }
     }
     $msg_object = new messaging();
     if ($id == "new") {
         unset($id);
         $this->title = _("Ankündigung erstellen");
     } else {
         $this->title = _("Ankündigung bearbeiten");
     }
     // user has to have autor permission at least
     if (!$GLOBALS['perm']->have_perm(autor)) {
         $this->set_status(401);
         return $this->render_nothing();
     }
     // Output as dialog (Ajax-Request) or as Stud.IP page?
     if (Request::isXhr()) {
         $this->set_layout(null);
         header('X-Title: ' . $this->title);
     } else {
         $this->set_layout($GLOBALS['template_factory']->open('layouts/base'));
     }
     // load news and comment data and check if user has permission to edit
     $news = new StudipNews($id);
     if (!$news->isNew()) {
         $this->comments = StudipComment::GetCommentsForObject($id);
     }
     if (!$news->havePermission('edit') and !$news->isNew()) {
         $this->set_status(401);
         PageLayout::postMessage(MessageBox::error(_('Keine Berechtigung!')));
         return $this->render_nothing();
     }
     // if form sent, get news data by post vars
     if (Request::get('news_isvisible')) {
         // visible categories, selected areas, topic, and body are utf8 encoded when sent via ajax
         $this->news_isvisible = unserialize(Request::get('news_isvisible'));
         if (Request::isXhr()) {
             $this->area_options_selected = unserialize(studip_utf8decode(Request::get('news_selected_areas')));
             $this->area_options_selectable = unserialize(studip_utf8decode(Request::get('news_selectable_areas')));
             $topic = studip_utf8decode(Request::get('news_topic'));
             $body = transformBeforeSave(Studip\Markup::purifyHtml(studip_utf8decode(Request::get('news_body'))));
         } else {
             $this->area_options_selected = unserialize(Request::get('news_selected_areas'));
             $this->area_options_selectable = unserialize(Request::get('news_selectable_areas'));
             $topic = Request::get('news_topic');
             $body = transformBeforeSave(Studip\Markup::purifyHtml(Request::get('news_body')));
         }
         $date = $this->getTimeStamp(Request::get('news_startdate'), 'start');
         $expire = $this->getTimeStamp(Request::get('news_enddate'), 'end') ? $this->getTimeStamp(Request::get('news_enddate'), 'end') - $this->getTimeStamp(Request::get('news_startdate'), 'start') : '';
         $allow_comments = Request::get('news_allow_comments') ? 1 : 0;
         if (Request::submitted('comments_status_deny')) {
             $this->anker = 'news_comments';
             $allow_comments = 0;
         } elseif (Request::submitted('comments_status_allow')) {
             $this->anker = 'news_comments';
             $allow_comments = 1;
         }
         if ($news->getValue('topic') != $topic or $news->getValue('body') != $body or $news->getValue('date') != $date or $news->getValue('allow_comments') != $allow_comments or $news->getValue('expire') != $expire) {
             $changed = true;
         }
         $news->setValue('topic', $topic);
         $news->setValue('body', $body);
         $news->setValue('date', $date);
         $news->setValue('expire', $expire);
         $news->setValue('allow_comments', $allow_comments);
     } elseif ($id) {
         // if news id given check for valid id and load ranges
         if ($news->isNew()) {
             PageLayout::postMessage(MessageBox::error(_('Die Ankündigung existiert nicht!')));
             return $this->render_nothing();
         }
         $ranges = $news->news_ranges->toArray();
     } elseif ($template_id) {
         // otherwise, load data from template
         $news_template = new StudipNews($template_id);
         if ($news_template->isNew()) {
             PageLayout::postMessage(MessageBox::error(_('Die Ankündigung existiert nicht!')));
             return $this->render_nothing();
         }
         // check for permission
         if (!$news_template->havePermission('edit')) {
             $this->set_status(401);
             return $this->render_nothing();
         }
         $ranges = $news_template->news_ranges->toArray();
         // remove those ranges for which user doesn't have permission
         foreach ($ranges as $key => $news_range) {
             if (!$news->haveRangePermission('edit', $news_range['range_id'])) {
                 $changed_areas++;
                 $this->news_isvisible['news_areas'] = true;
                 unset($ranges[$key]);
             }
         }
         if ($changed_areas == 1) {
             PageLayout::postMessage(MessageBox::info(_('1 zugeordneter Bereich wurde nicht übernommen, weil Sie dort keine Ankündigungen erstellen dürfen.')));
         } elseif ($changed_areas) {
             PageLayout::postMessage(MessageBox::info(sprintf(_('%s zugeordnete Bereiche wurden nicht übernommen, weil Sie dort keine Ankündigungen erstellen dürfen.'), $changed_areas)));
         }
         $news->setValue('topic', $news_template->getValue('topic'));
         $news->setValue('body', $news_template->getValue('body'));
         $news->setValue('date', $news_template->getValue('date'));
         $news->setValue('expire', $news_template->getValue('expire'));
         $news->setValue('allow_comments', $news_template->getValue('allow_comments'));
     } else {
         // for new news, set startdate to today and range to dialog context
         $news->setValue('date', strtotime(date('Y-m-d')));
         // + 12*60*60;
         $news->setValue('expire', 604800);
         if ($context_range != '' and $context_range != 'template') {
             $add_range = new NewsRange(array('', $context_range));
             $ranges[] = $add_range->toArray();
         }
     }
     // build news var for template
     $this->news = $news->toArray();
     // treat faculties and institutes as one area group (inst)
     foreach ($ranges as $range) {
         switch ($range['type']) {
             case 'fak':
                 $this->area_options_selected['inst'][$range['range_id']] = $range['name'];
                 break;
             default:
                 $this->area_options_selected[$range['type']][$range['range_id']] = $range['name'];
         }
     }
     // define search presets
     $this->search_presets['user'] = _('Meine Profilseite');
     if ($GLOBALS['perm']->have_perm('autor') and !$GLOBALS['perm']->have_perm('admin')) {
         $my_sem = $this->search_area('__THIS_SEMESTER__');
         if (count($my_sem['sem'])) {
             $this->search_presets['sem'] = _('Meine Veranstaltungen im aktuellen Semester') . ' (' . count($my_sem['sem']) . ')';
         }
     }
     if ($GLOBALS['perm']->have_perm('dozent') and !$GLOBALS['perm']->have_perm('root')) {
         $my_inst = $this->search_area('__MY_INSTITUTES__');
         if (count($my_inst)) {
             $this->search_presets['inst'] = _('Meine Einrichtungen') . ' (' . count($my_inst['inst']) . ')';
         }
     }
     if ($GLOBALS['perm']->have_perm('root')) {
         $this->search_presets['global'] = $this->area_structure['global']['title'];
     }
     // perform search
     if (Request::submitted('area_search') or Request::submitted('area_search_preset')) {
         $this->anker = 'news_areas';
         $this->search_term = studip_utf8decode(Request::get('area_search_term'));
         if (Request::submitted('area_search')) {
             $this->area_options_selectable = $this->search_area($this->search_term);
         } else {
             $this->current_search_preset = Request::option('search_preset');
             if ($this->current_search_preset == 'inst') {
                 $this->area_options_selectable = $my_inst;
             } elseif ($this->current_search_preset == 'sem') {
                 $this->area_options_selectable = $my_sem;
             } elseif ($this->current_search_preset == 'user') {
                 $this->area_options_selectable = array('user' => array($GLOBALS['auth']->auth['uid'] => get_fullname()));
             } elseif ($this->current_search_preset == 'global') {
                 $this->area_options_selectable = array('global' => array('studip' => _('Stud.IP')));
             }
         }
         if (!count($this->area_options_selectable)) {
             unset($this->search_term);
         } else {
             // already assigned areas won't be selectable
             foreach ($this->area_options_selected as $type => $data) {
                 foreach ($data as $id => $title) {
                     unset($this->area_options_selectable[$type][$id]);
                 }
             }
         }
     }
     // delete comment(s)
     if (Request::submitted('delete_marked_comments')) {
         $this->anker = 'news_comments';
         $this->flash['question_text'] = delete_comments(Request::optionArray('mark_comments'));
         $this->flash['question_param'] = array('mark_comments' => Request::optionArray('mark_comments'), 'delete_marked_comments' => 1);
         // reload comments
         if (!$this->flash['question_text']) {
             $this->comments = StudipComment::GetCommentsForObject($id);
             $changed = true;
         }
     }
     if ($news->havePermission('delete')) {
         $this->comments_admin = true;
     }
     if (is_array($this->comments)) {
         foreach ($this->comments as $key => $comment) {
             if (Request::submitted('news_delete_comment_' . $comment['comment_id'])) {
                 $this->anker = 'news_comments';
                 $this->flash['question_text'] = delete_comments($comment['comment_id']);
                 $this->flash['question_param'] = array('mark_comments' => array($comment['comment_id']), 'delete_marked_comments' => 1);
             }
         }
     }
     // open / close category
     foreach ($this->news_isvisible as $category => $value) {
         if (Request::submitted('toggle_' . $category) or Request::get($category . '_js')) {
             $this->news_isvisible[$category] = $this->news_isvisible[$category] ? false : true;
             $this->anker = $category;
         }
     }
     // add / remove areas
     if (Request::submitted('news_add_areas') and is_array($this->area_options_selectable)) {
         $this->anker = 'news_areas';
         foreach (Request::optionArray('area_options_selectable') as $range_id) {
             foreach ($this->area_options_selectable as $type => $data) {
                 if (isset($data[$range_id])) {
                     $this->area_options_selected[$type][$range_id] = $data[$range_id];
                     unset($this->area_options_selectable[$type][$range_id]);
                 }
             }
         }
     }
     if (Request::submitted('news_remove_areas') and is_array($this->area_options_selected)) {
         $this->anker = 'news_areas';
         foreach (Request::optionArray('area_options_selected') as $range_id) {
             foreach ($this->area_options_selected as $type => $data) {
                 if (isset($data[$range_id])) {
                     $this->area_options_selectable[$type][$range_id] = $data[$range_id];
                     unset($this->area_options_selected[$type][$range_id]);
                 }
             }
         }
     }
     // prepare to save news
     if (Request::submitted('save_news') and Request::isPost()) {
         CSRFProtection::verifySecurityToken();
         //prepare ranges array for already assigned news_ranges
         foreach ($news->getRanges() as $range_id) {
             $this->ranges[$range_id] = get_object_type($range_id, array('global', 'fak', 'inst', 'sem', 'user'));
         }
         // check if new ranges must be added
         foreach ($this->area_options_selected as $type => $area_group) {
             foreach ($area_group as $range_id => $area_title) {
                 if (!isset($this->ranges[$range_id])) {
                     if ($news->haveRangePermission('edit', $range_id)) {
                         $news->addRange($range_id);
                         $changed = true;
                     } else {
                         PageLayout::postMessage(MessageBox::error(sprintf(_('Sie haben keine Berechtigung zum Ändern der Bereichsverknüpfung für "%s".'), htmlReady($area_title))));
                         $error++;
                     }
                 }
             }
         }
         // check if assigned ranges must be removed
         foreach ($this->ranges as $range_id => $range_type) {
             if ($range_type === 'fak' && !isset($this->area_options_selected['inst'][$range_id]) || $range_type !== 'fak' && !isset($this->area_options_selected[$range_type][$range_id])) {
                 if ($news->havePermission('unassign', $range_id)) {
                     $news->deleteRange($range_id);
                     $changed = true;
                 } else {
                     PageLayout::postMessage(MessageBox::error(_('Sie haben keine Berechtigung zum Ändern der Bereichsverknüpfung.')));
                     $error++;
                 }
             }
         }
         // save news
         if ($news->validate() and !$error) {
             if ($news->getValue('user_id') != $GLOBALS['auth']->auth['uid']) {
                 $news->setValue('chdate_uid', $GLOBALS['auth']->auth['uid']);
                 setTempLanguage($news->getValue('user_id'));
                 $msg = sprintf(_('Ihre Ankündigung "%s" wurde von %s verändert.'), $news->getValue('topic'), get_fullname() . ' (' . get_username() . ')') . "\n";
                 $msg_object->insert_message($msg, get_username($news->getValue('user_id')), "____%system%____", FALSE, FALSE, "1", FALSE, _("Systemnachricht:") . " " . _("Ankündigung geändert"));
                 restoreLanguage();
             } else {
                 $news->setValue('chdate_uid', '');
             }
             $news->store();
             PageLayout::postMessage(MessageBox::success(_('Die Ankündigung wurde gespeichert.')));
             // in fallback mode redirect to edit page with proper news id
             if (!Request::isXhr() and !$id) {
                 $this->redirect('news/edit_news/' . $news->getValue('news_id'));
             } elseif (Request::isXhr()) {
                 $this->render_nothing();
             }
         }
     }
     // check if user has full permission on news object
     if ($news->havePermission('delete')) {
         $this->may_delete = true;
     }
 }