/**
* Sets the state of one or more entries
*
* @return void
*/
public function accessTask()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
if (!User::authorise('core.edit.state', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming
$state = Request::getInt('access', 0);
$ids = Request::getVar('id', array());
$ids = !is_array($ids) ? array($ids) : $ids;
// Check for an ID
if (count($ids) < 1) {
Notify::warning(Lang::txt('COM_FORUM_SELECT_ENTRY_TO_CHANGE_ACCESS'));
return $this->cancelTask();
}
$i = 0;
foreach ($ids as $id) {
// Update record(s)
$row = Category::oneOrFail(intval($id));
$row->set('access', $state);
if (!$row->save()) {
Notify::error($row->getError());
continue;
}
$i++;
}
// set message
if ($i) {
Notify::success(Lang::txt('COM_FORUM_ITEMS_ACCESS_CHANGED', $i));
}
$this->cancelTask();
}
/**
* Save an entry
*
* @return void
*/
public function saveTask()
{
if (User::isGuest()) {
$return = Route::url('index.php?option=' . $this->_option, false, true);
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return)));
}
// Check for request forgeries
Request::checkToken();
// Incoming
$section = Request::getVar('section', '');
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
$fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
$fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
$fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
// Instantiate a Post record
$post = Post::oneOrNew($fields['id']);
// Set authorization if the current user is the creator
// of an existing post.
$assetType = $fields['parent'] ? 'post' : 'thread';
if ($post->get('id')) {
if ($post->get('created_by') == User::get('id')) {
$this->config->set('access-edit-' . $assetType, true);
}
$fields['modified'] = \Date::toSql();
$fields['modified_by'] = User::get('id');
}
// Authorization check
$this->_authorize($assetType, intval($fields['id']));
if (!$this->config->get('access-edit-' . $assetType) && !$this->config->get('access-create-' . $assetType)) {
App::redirect(Route::url('index.php?option=' . $this->_option));
}
// Bind data
$post->set($fields);
// Make sure the thread exists and is accepting new posts
if ($post->get('parent') && isset($fields['thread'])) {
$thread = Post::oneOrFail($fields['thread']);
if (!$thread->get('id') || $thread->get('closed')) {
Notify::error(Lang::txt('COM_FORUM_ERROR_THREAD_CLOSED'));
return $this->editTask($post);
}
}
// Make sure the category exists and is accepting new posts
$category = Category::oneOrFail($post->get('category_id'));
if ($category->get('closed')) {
Notify::error(Lang::txt('COM_FORUM_ERROR_CATEGORY_CLOSED'));
return $this->editTask($post);
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editTask($post);
}
// Upload files
if (!$this->uploadTask($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editTask($post);
}
// Save tags
$post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
// Determine message
if (!$fields['id']) {
$message = Lang::txt('COM_FORUM_POST_ADDED');
if (!$fields['parent']) {
$message = Lang::txt('COM_FORUM_THREAD_STARTED');
}
} else {
$message = $post->get('modified_by') ? Lang::txt('COM_FORUM_POST_EDITED') : Lang::txt('COM_FORUM_POST_ADDED');
}
$url = 'index.php?option=' . $this->_option . '§ion=' . $section . '&category=' . $category->get('alias') . '&thread=' . $post->get('thread') . '#c' . $post->get('id');
// Record the activity
$recipients = array(['forum.site', 1], ['forum.section', $category->get('section_id')], ['user', $post->get('created_by')]);
$type = 'thread';
$desc = Lang::txt('COM_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . $post->get('title') . '</a>');
// If this is a post in a thread and not the thread starter...
if ($post->get('parent')) {
$thread = isset($thread) ? $thread : Post::oneOrFail($post->get('thread'));
$thread->set('last_activity', $fields['id'] ? $post->get('modified') : $post->get('created'));
$thread->save();
$type = 'post';
$desc = Lang::txt('COM_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), $post->get('id'), '<a href="' . Route::url($url) . '">' . $thread->get('title') . '</a>');
// If the parent post is not the same as the
// thread starter (i.e., this is a reply)
if ($post->get('parent') != $post->get('thread')) {
$parent = Post::oneOrFail($post->get('parent'));
$recipients[] = ['user', $parent->get('created_by')];
}
}
Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'forum.' . $type, 'scope_id' => $post->get('id'), 'anonymous' => $post->get('anonymous', 0), 'description' => $desc, 'details' => array('thread' => $post->get('thread'), 'url' => Route::url($url))], 'recipients' => $recipients]);
// Set the redirect
App::redirect(Route::url($url), $message, 'message');
}
/**
* Display a list of threads
*
* @apiMethod GET
* @apiUri /forum/list
* @apiParameter {
* "name": "limit",
* "description": "Number of result to return.",
* "type": "integer",
* "required": false,
* "default": 25
* }
* @apiParameter {
* "name": "limitstart",
* "description": "Number of where to start returning results.",
* "type": "integer",
* "required": false,
* "default": 0
* }
* @apiParameter {
* "name": "search",
* "description": "A word or phrase to search for.",
* "type": "string",
* "required": false,
* "default": ""
* }
* @apiParameter {
* "name": "section",
* "description": "Section ID. Find all posts for all categories within a section.",
* "type": "integer",
* "required": false,
* "default": 0
* }
* @apiParameter {
* "name": "category",
* "description": "Category ID. Find all posts within a category.",
* "type": "integer",
* "required": false,
* "default": 0
* }
* @apiParameter {
* "name": "threads_only",
* "description": "Return only thread starter posts (true) or any post (false).",
* "type": "boolean",
* "required": false,
* "default": false
* }
* @apiParameter {
* "name": "parent",
* "description": "Parent post ID. Find all immediate descendent (replies) posts.",
* "type": "integer",
* "required": false,
* "default": null
* }
* @apiParameter {
* "name": "thread",
* "description": "Thread ID. Find all posts in a specified thread.",
* "type": "integer",
* "required": false,
* "default": 0
* }
* @apiParameter {
* "name": "scope",
* "description": "Scope (site, groups, members, etc.)",
* "type": "string",
* "required": false,
* "default": "site"
* }
* @apiParameter {
* "name": "scope_id",
* "description": "Scope ID",
* "type": "integer",
* "required": false,
* "default": 0
* }
* @return void
*/
public function listTask()
{
$filters = array('limit' => Request::getInt('limit', 25), 'start' => Request::getInt('limitstart', 0), 'section_id' => Request::getInt('section', 0), 'category_id' => Request::getInt('category', 0), 'parent' => Request::getInt('parent', 0), 'thread' => Request::getInt('thread', 0), 'threads' => Request::getVar('threads_only', false), 'search' => Request::getVar('search', ''), 'scope' => Request::getWord('scope', 'site'), 'scope_id' => Request::getInt('scope_id', 0), 'state' => Post::STATE_PUBLISHED, 'parent' => 0, 'access' => User::getAuthorisedViewLevels());
$filters['threads'] = !$filters['threads'] || $filters['threads'] == 'false' ? false : true;
if ($filters['scope'] == 'group') {
$group = \Hubzero\User\Group::getInstance($filters['scope_id']);
if ($group && in_array(User::get('id'), $group->get('members'))) {
$filters['access'][] = 5;
// Private
}
}
$entries = Post::all()->whereEquals('state', $filters['state'])->whereIn('access', $filters['access'])->whereEquals('scope', $filters['scope'])->whereEquals('scope_id', $filters['scope_id']);
if ($filters['thread']) {
$entries->whereEquals('thread', $filters['thread']);
}
if ($filters['parent']) {
$entries->whereEquals('parent', $filters['parent']);
}
if ($filters['threads']) {
$entries->whereEquals('parent', 0);
}
if ($filters['section_id']) {
// Make sure the section exists and is available
$section = Section::oneOrFail($filters['section_id']);
if (!$section->get('id')) {
throw new Exception(Lang::txt('COM_FORUM_ERROR_SECTION_NOT_FOUND'), 404);
}
if ($section->get('state') == Section::STATE_DELETED) {
throw new Exception(Lang::txt('COM_FORUM_ERROR_SECTION_NOT_FOUND'), 404);
}
if (!$filters['category_id']) {
$categories = $section->categories()->whereEquals('state', $filters['state'])->whereIn('access', $filters['access'])->rows();
$filters['category_id'] = array();
foreach ($categories as $category) {
$filters['category_id'][] = $category->get('id');
}
}
}
if ($filters['category_id']) {
// If one category, make sure it exists and is available
if (is_int($filters['category_id'])) {
$category = Category::oneOrFail($filters['category_id']);
if (!$category->get('id')) {
throw new Exception(Lang::txt('COM_FORUM_ERROR_CATEGORY_NOT_FOUND'), 404);
}
if ($category->get('state') == Category::STATE_DELETED) {
throw new Exception(Lang::txt('COM_FORUM_ERROR_CATEGORY_NOT_FOUND'), 404);
}
if ($filters['section_id'] && $category->get('section_id') != $filters['section_id']) {
throw new Exception(Lang::txt('COM_FORUM_ERROR_CATEGORY_NOT_FOUND'), 404);
}
}
$entries->whereIn('category_id', (array) $filters['category_id']);
}
if ($filters['search']) {
$entries->whereLike('comment', $filters['search'], 1)->orWhereLike('title', $filters['search'], 1)->resetDepth();
}
$threads = $entries->ordered()->paginated()->rows();
$response = new stdClass();
$response->threads = array();
$response->total = $threads->count();
if ($response->total) {
$base = str_replace('/api', '', rtrim(Request::base(), '/'));
foreach ($threads as $thread) {
$obj = new stdClass();
$obj->id = $thread->get('id');
$obj->title = $thread->get('title');
$obj->created = with(new Date($thread->get('created')))->format('Y-m-d\\TH:i:s\\Z');
$obj->modified = $thread->get('modified');
$obj->anonymous = $thread->get('anonymous');
//$obj->closed = ($thread->get('closed') ? true : false);
$obj->scope = $thread->get('scope');
$obj->scope_id = $thread->get('scope_id');
$obj->thread = $thread->get('thread');
$obj->parent = $thread->get('parent');
$obj->category_id = $thread->get('category_id');
$obj->state = $thread->get('state');
$obj->access = $thread->get('access');
$obj->creator = new stdClass();
$obj->creator->id = 0;
$obj->creator->name = Lang::txt('COM_FORUM_ANONYMOUS');
if (!$thread->get('anonymous')) {
$obj->creator->id = $thread->get('created_by');
$obj->creator->name = $thread->creator->get('name');
}
$obj->posts = $thread->thread()->whereEquals('state', $filters['state'])->whereIn('access', $filters['access'])->total();
$obj->url = $base . '/' . ltrim(Route::url($thread->link()), '/');
$response->threads[] = $obj;
}
}
$response->success = true;
$this->send($response);
}
/**
* Saves posted data for a new/edited forum thread post
*
* @return void
*/
public function savethread()
{
// Check for request forgeries
Request::checkToken();
// Must be logged in
if (User::isGuest()) {
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url($this->base, false, true))));
return;
}
// Incoming
$section = Request::getVar('section', '');
$no_html = Request::getInt('no_html', 0);
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
// Check permissions
$this->_authorize('thread', intval($fields['id']));
$asset = 'thread';
if ($fields['id'] && !$this->params->get('access-edit-thread') || !$fields['id'] && !$this->params->get('access-create-thread')) {
App::redirect(Route::url($this->base), Lang::txt('You are not authorized to perform this action.'), 'warning');
return;
}
// Bind data
$post = Post::oneOrNew($fields['id']);
// Double comment?
$double = Post::all()->whereEquals('object_id', $post->get('object_id'))->whereEquals('scope', $post->get('scope'))->whereEquals('scope_id', $post->get('scope_id'))->whereEquals('created_by', $post->get('created_by'))->whereEquals('comment', $post->get('comment'))->row();
if ($double->get('id')) {
$post->set($double->toArray());
}
$post->set($fields);
// Load the category
$category = Category::oneOrFail($post->get('category_id'));
if (!$post->get('object_id') && $category->get('object_id')) {
$post->set('object_id', $category->get('object_id'));
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editthread($post);
}
// Upload file
if (!$this->upload($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editthread($post);
}
// Save tags
$post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
$thread = $post->get('thread');
// Being called through AJAX?
if ($no_html) {
// Set the thread
Request::setVar('thread', $thread);
// Is this a new post in a thread or new thread entirely?
if (!$post->get('parent')) {
// New thread
// Update the thread list and get the contents of the thread
Request::setVar('action', 'both');
} else {
// Get a list of new posts in the thread
Request::setVar('action', 'posts');
}
// If we have a lecture set, push through to the lecture view
if (Request::getVar('group', '')) {
$unit = $this->course->offering()->unit($category->get('alias'));
$lecture = new \Components\Courses\Models\Assetgroup($post->get('object_id'));
return $this->onCourseAfterLecture($this->course, $unit, $lecture);
} else {
// Display main panel
return $this->panel();
}
}
$rtrn = base64_decode(Request::getVar('return', '', 'post'));
if (!$rtrn) {
$rtrn = Route::url($this->base . '&thread=' . $thread);
}
// Set the redirect
App::redirect($rtrn, Lang::txt('Post successfully saved'), 'passed');
}
/**
* Saves posted data for a new/edited forum thread post
*
* @return void
*/
public function savethread()
{
// Login check is handled in the onGroup() method
/*if (User::isGuest())
{
App::redirect(
Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url($this->base, false, true)))
);
return;
}*/
// Check for request forgeries
Request::checkToken();
// Incoming
$section = Request::getVar('section', '');
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$fields = array_map('trim', $fields);
$fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
$fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
$fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
// Instantiate a Post record
$post = Post::oneOrNew($fields['id']);
$this->_authorize('thread', intval($fields['id']));
$asset = 'thread';
if ($fields['parent']) {
//$asset = 'post';
}
$moving = false;
// Already present
if ($fields['id']) {
if ($post->get('created_by') == User::get('id')) {
$this->params->set('access-edit-' . $asset, true);
}
// Determine if we are moving the category for email suppression
if ($post->get('category_id') != $fields['category_id']) {
$moving = true;
}
$fields['modified'] = \Date::toSql();
$fields['modified_by'] = User::get('id');
}
if (!$this->params->get('access-edit-thread') && !$this->params->get('access-create-thread')) {
App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=forum'), Lang::txt('PLG_GROUPS_FORUM_NOT_AUTHORIZED'), 'warning');
}
// Bind data
$post->set($fields);
// Make sure the thread exists and is accepting new posts
if ($post->get('parent') && isset($fields['thread'])) {
$thread = Post::oneOrFail($fields['thread']);
if (!$thread->get('id') || $thread->get('closed')) {
Notify::error(Lang::txt('PLG_GROUPS_FORUM_ERROR_THREAD_CLOSED'));
return $this->editthread($post);
}
}
if (!$post->get('category_id')) {
Notify::error(Lang::txt('PLG_GROUPS_FORUM_ERROR_MISSING_CATEGORY'));
return $this->editthread($post);
}
// Make sure the category exists and is accepting new posts
$category = Category::oneOrFail($post->get('category_id'));
if ($category->get('closed')) {
Notify::error(Lang::txt('PLG_GROUPS_ERROR_CATEGORY_CLOSED'));
return $this->editthread($post);
}
// Store new content
if (!$post->save()) {
Notify::error($post->getError());
return $this->editthread($post);
}
// Upload
if (!$this->upload($post->get('thread', $post->get('id')), $post->get('id'))) {
Notify::error($this->getError());
return $this->editthread($post);
}
// Save tags
$post->tag(Request::getVar('tags', '', 'post'), User::get('id'));
// Set message
if (!$fields['id']) {
$message = Lang::txt('PLG_GROUPS_FORUM_POST_ADDED');
if (!$fields['parent']) {
$message = Lang::txt('PLG_GROUPS_FORUM_THREAD_STARTED');
}
} else {
$message = $post->get('modified_by') ? Lang::txt('PLG_GROUPS_FORUM_POST_EDITED') : Lang::txt('PLG_GROUPS_FORUM_POST_ADDED');
}
$section = $category->section();
$thread = Post::oneOrNew($post->get('thread'));
// Disable notifications
if ($fields['id'] && !Request::getInt('notify', 0)) {
$moving = true;
}
// Email the group and insert email tokens to allow them to respond to group posts via email
$params = Component::params('com_groups');
if ($params->get('email_comment_processing') && (isset($moving) && $moving == false)) {
$thread->set('section', $section->get('alias'));
$thread->set('category', $category->get('alias'));
$post->set('section', $section->get('alias'));
$post->set('category', $category->get('alias'));
// Figure out who should be notified about this comment (all group members for now)
$userIDsToEmail = array();
$memberoptions = false;
if (file_exists(PATH_CORE . DS . 'plugins' . DS . 'groups' . DS . 'memberoptions' . DS . 'models' . DS . 'memberoption.php')) {
include_once PATH_CORE . DS . 'plugins' . DS . 'groups' . DS . 'memberoptions' . DS . 'models' . DS . 'memberoption.php';
$memberoptions = true;
}
foreach ($this->members as $mbr) {
//Look up user info
$user = User::getInstance($mbr);
if ($user->get('id') && $memberoptions) {
// Find the user's group settings, do they want to get email (0 or 1)?
$groupMemberOption = Plugins\Groups\Memberoptions\Models\Memberoption::oneByUserAndOption($this->group->get('gidNumber'), $user->get('id'), 'receive-forum-email');
$sendEmail = $groupMemberOption->get('optionvalue', 0);
if ($sendEmail == 1) {
$userIDsToEmail[] = $user->get('id');
}
}
}
$allowEmailResponses = true;
try {
$encryptor = new \Hubzero\Mail\Token();
} catch (Exception $e) {
$allowEmailResponses = false;
}
$from = array('name' => (!$post->get('anonymous') ? $post->creator->get('name', Lang::txt('PLG_GROUPS_FORUM_UNKNOWN')) : Lang::txt('PLG_GROUPS_FORUM_ANONYMOUS')) . ' @ ' . Config::get('sitename'), 'email' => Config::get('mailfrom'), 'replytoname' => Config::get('sitename'), 'replytoemail' => Config::get('mailfrom'));
// Email each group member separately, each needs a user specific token
foreach ($userIDsToEmail as $userID) {
$unsubscribeLink = '';
$delimiter = '';
if ($allowEmailResponses) {
$delimiter = '~!~!~!~!~!~!~!~!~!~!';
// Construct User specific Email ThreadToken
// Version, type, userid, xforumid
$token = $encryptor->buildEmailToken(1, 2, $userID, $post->get('thread', $post->get('id')));
// add unsubscribe link
$unsubscribeToken = $encryptor->buildEmailToken(1, 3, $userID, $this->group->get('gidNumber'));
$unsubscribeLink = rtrim(Request::base(), '/') . '/' . ltrim(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=forum&action=unsubscribe&t=' . $unsubscribeToken), DS);
$from['replytoname'] = Lang::txt('PLG_GROUPS_FORUM_REPLYTO') . ' @ ' . Config::get('sitename');
$from['replytoemail'] = 'hgm-' . $token . '@' . $_SERVER['HTTP_HOST'];
}
$msg = array();
// create view object
$eview = new \Hubzero\Mail\View(array('base_path' => __DIR__, 'name' => 'email', 'layout' => 'comment_plain'));
// plain text
$eview->set('delimiter', $delimiter)->set('unsubscribe', $unsubscribeLink)->set('group', $this->group)->set('section', $section)->set('category', $category)->set('thread', $thread)->set('post', $post);
$plain = $eview->loadTemplate(false);
$msg['plaintext'] = str_replace("\n", "\r\n", $plain);
// HTML
$eview->setLayout('comment_html');
$html = $eview->loadTemplate();
$msg['multipart'] = str_replace("\n", "\r\n", $html);
$subject = Lang::txt('PLG_GROUPS_FORUM') . ': ' . $this->group->get('cn') . ' - ' . $thread->get('title');
if (!Event::trigger('xmessage.onSendMessage', array('group_message', $subject, $msg, $from, array($userID), $this->option, null, '', $this->group->get('gidNumber')))) {
$this->setError(Lang::txt('GROUPS_ERROR_EMAIL_MEMBERS_FAILED'));
}
}
}
$url = $this->base . '&scope=' . $section->get('alias') . '/' . $category->get('alias') . '/' . $thread->get('id');
// Record the activity
$recipients = array(['group', $this->group->get('gidNumber')], ['forum.' . $this->forum->get('scope'), $this->forum->get('scope_id')], ['user', $post->get('created_by')]);
foreach ($this->group->get('managers') as $recipient) {
$recipients[] = ['user', $recipient];
}
$type = 'thread';
$desc = Lang::txt('PLG_GROUPS_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . $post->get('title') . '</a>');
// If this is a post in a thread and not the thread starter...
if ($post->get('parent')) {
$thread = isset($thread) ? $thread : Post::oneOrFail($post->get('thread'));
$thread->set('last_activity', $fields['id'] ? $post->get('modified') : $post->get('created'));
$thread->save();
$type = 'post';
$desc = Lang::txt('PLG_GROUPS_FORUM_ACTIVITY_' . strtoupper($type) . '_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), $post->get('id'), '<a href="' . Route::url($url) . '">' . $thread->get('title') . '</a>');
// If the parent post is not the same as the
// thread starter (i.e., this is a reply)
if ($post->get('parent') != $post->get('thread')) {
$parent = Post::oneOrFail($post->get('parent'));
$recipients[] = ['user', $parent->get('created_by')];
}
}
Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'forum.' . $type, 'scope_id' => $post->get('id'), 'anonymous' => $post->get('anonymous', 0), 'description' => $desc, 'details' => array('thread' => $post->get('thread'), 'url' => Route::url($url))], 'recipients' => $recipients]);
// Set the redirect
App::redirect(Route::url($url), $message, 'passed');
}
