Esempio n. 1
0
 if (!forum_utils_news_access($forum_id)) {
     exit_error($Language->getText('global', 'error'), $Language->getText('news_admin_index', 'permission_denied'));
 }
 $vPostMsg = new Valid_WhiteList('post_message', array('y'));
 $vPostMsg->required();
 if ($request->isPost() && $request->valid($vPostMsg)) {
     //
     // MV: add management on "on post monitoring"
     $vMonitor = new Valid_WhiteList('enable_monitoring', array('1'));
     $vMonitor->required();
     $vThreadId = new Valid_UInt('thread_id');
     $vThreadId->required();
     if ($request->valid($vMonitor) && $request->valid($vThreadId)) {
         if (user_isloggedin()) {
             if (!user_monitor_forum($forum_id, user_getid())) {
                 if (!forum_thread_add_monitor($forum_id, $request->get('thread_id'), user_getid())) {
                     $feedback .= $Language->getText('forum_forum_utils', 'insert_err');
                 }
             }
         }
     }
     // Note: there is a 'msg_id' send but not used here.
     $vFollowUp = new Valid_UInt('is_followup_to');
     $vFollowUp->required();
     $vSubject = new Valid_String('subject');
     $vSubject->required();
     $vSubject->setErrorMessage($GLOBALS['Language']->getText('forum_forum_utils', 'include_body_and_subject'));
     $vBody = new Valid_Text('body');
     $vBody->required();
     $vBody->setErrorMessage($GLOBALS['Language']->getText('forum_forum_utils', 'include_body_and_subject'));
     if ($request->valid($vThreadId) && $request->valid($vFollowUp) && $request->valid($vSubject) && $request->valid($vBody)) {
Esempio n. 2
0
function post_message($thread_id, $is_followup_to, $subject, $body, $group_forum_id)
{
    global $feedback, $Language;
    if (user_isloggedin()) {
        $request =& HTTPRequest::instance();
        if (!$group_forum_id) {
            exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum_utils', 'post_without_id'));
        }
        if (!$body || !$subject) {
            exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum_utils', 'include_body_and_subject'));
        }
        //see if that message has been posted already for people that double-post
        $res3 = db_query("SELECT * FROM forum " . "WHERE is_followup_to=" . db_ei($is_followup_to) . " " . "AND subject='" . db_es(htmlspecialchars($subject)) . "' " . "AND group_forum_id=" . db_ei($group_forum_id) . " " . "AND body='" . db_es($body) . "' " . "AND posted_by='" . user_getid() . "'");
        if (db_numrows($res3) > 0) {
            //already posted this message
            exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum_utils', 'do_not_double_post'));
        } else {
            echo db_error();
        }
        if (!$thread_id) {
            $thread_id = get_next_thread_id();
            $is_followup_to = 0;
        } else {
            if ($is_followup_to) {
                //increment the parent's followup count if necessary
                $res2 = db_query("SELECT * FROM forum WHERE msg_id=" . db_ei($is_followup_to) . " AND thread_id=" . db_ei($thread_id) . " AND group_forum_id=" . db_ei($group_forum_id));
                if (db_numrows($res2) > 0) {
                    if (db_result($res2, 0, 'has_followups') > 0) {
                        //parent already is marked with followups
                    } else {
                        //mark the parent with followups as an optimization later
                        db_query("UPDATE forum SET has_followups='1' WHERE msg_id=" . db_ei($is_followup_to) . " AND thread_id=" . db_ei($thread_id) . " AND group_forum_id=" . db_ei($group_forum_id));
                    }
                } else {
                    exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum_utils', 'msg_not_exist'));
                }
            } else {
                //should never happen except with shoddy browsers or mucking with the HTML form
                exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum_utils', 'no_folowup_id'));
            }
        }
        $sql = "INSERT INTO forum (group_forum_id,posted_by,subject,body,date,is_followup_to,thread_id) " . "VALUES (" . db_ei($group_forum_id) . ", '" . user_getid() . "', '" . db_es(htmlspecialchars($subject)) . "', '" . db_es(htmlspecialchars($body)) . "', '" . time() . "'," . db_ei($is_followup_to) . "," . db_ei($thread_id) . ")";
        $result = db_query($sql);
        if (!$result) {
            echo $Language->getText('forum_forum_utils', 'insert_fail');
            echo db_error();
            $feedback .= ' ' . $Language->getText('forum_forum_utils', 'post_failed') . ' ';
        } else {
            $feedback .= ' ' . $Language->getText('forum_forum_utils', 'msg_posted') . ' ';
        }
        $msg_id = db_insertid($result);
        // extract cross reference in the message
        $reference_manager =& ReferenceManager::instance();
        $g_id = get_forum_group_id($group_forum_id);
        $GLOBALS['group_id'] = $g_id;
        // don't know why group_id is not set in forum (needed for references)
        $reference_manager->extractCrossRef($subject, $msg_id, ReferenceManager::REFERENCE_NATURE_FORUMMESSAGE, $g_id);
        $reference_manager->extractCrossRef($body, $msg_id, ReferenceManager::REFERENCE_NATURE_FORUMMESSAGE, $g_id);
        if ($request->isPost() && $request->existAndNonEmpty('enable_monitoring')) {
            forum_thread_add_monitor($group_forum_id, $thread_id, user_getid());
        } else {
            forum_thread_delete_monitor_by_user($group_forum_id, $msg_id, user_getid());
        }
        handle_monitoring($group_forum_id, $thread_id, $msg_id);
    } else {
        echo '
			<H3>' . $Language->getText('forum_forum_utils', 'could_post_if_logged') . '</H3>';
    }
}