$sqlClauseString = null; } } else { $sqlClauseString = null; } if ($sqlClauseString) { $tbl_cdb_names = claro_sql_get_course_tbl(); $tbl_posts_text = $tbl_cdb_names['bb_posts_text']; $tbl_posts = $tbl_cdb_names['bb_posts']; $tbl_topics = $tbl_cdb_names['bb_topics']; $tbl_forums = $tbl_cdb_names['bb_forums']; $sql = "SELECT pt.post_id,\n pt.post_text,\n p.nom AS lastname,\n p.prenom AS firstname,\n p.`poster_id`,\n p.post_time,\n t.topic_id,\n t.topic_title,\n f.forum_id,\n f.forum_name,\n f.group_id\n FROM `" . $tbl_posts_text . "` AS pt,\n `" . $tbl_posts . "` AS p,\n `" . $tbl_topics . "` AS t,\n `" . $tbl_forums . "` AS f\n WHERE ( " . $sqlClauseString . ")\n AND pt.post_id = p.post_id\n AND p.topic_id = t.topic_id\n AND t.forum_id = f.forum_id\n ORDER BY p.post_time DESC, t.topic_id"; $searchResultList = claro_sql_query_fetch_all($sql); $userGroupList = get_user_group_list(claro_get_current_user_id()); $userGroupList = array_keys($userGroupList); $tutorGroupList = get_tutor_group_list(claro_get_current_user_id()); } else { $searchResultList = array(); } $pagetype = 'viewsearch'; ClaroBreadCrumbs::getInstance()->prepend(get_lang('Forums'), 'index.php'); CssLoader::getInstance()->load('clfrm', 'screen'); $noPHP_SELF = true; $out = ''; $out .= claro_html_tool_title(get_lang('Forums'), $is_allowedToEdit ? get_help_page_url('blockForumsHelp', 'CLFRM') : false); $out .= claro_html_menu_horizontal(disp_forum_toolbar($pagetype, null)) . disp_forum_breadcrumb($pagetype, null, null, null) . '<h4>' . get_lang('Search result') . ' : ' . (isset($_REQUEST['searchPattern']) ? claro_htmlspecialchars($_REQUEST['searchPattern']) : '') . '</h4>' . "\n"; if (count($searchResultList) < 1) { $out .= '<p>' . get_lang('No result') . '</p>'; } else { foreach ($searchResultList as $thisPost) { // PREVENT USER TO CONSULT POST FROM A GROUP THEY ARE NOT ALLOWED
function get_access_mode_to_group_forum($forum) { if (claro_is_user_authenticated()) { $userGroupList = get_user_group_list(claro_get_current_user_id()); $userGroupList = array_keys($userGroupList); $tutorGroupList = get_tutor_group_list(claro_get_current_user_id()); } else { $userGroupList = array(); $tutorGroupList = array(); } $is_groupPrivate = claro_get_current_group_properties_data('private'); $group_id = is_null($forum['group_id']) ? null : (int) $forum['group_id']; if (!is_null($group_id)) { if (in_array($group_id, $userGroupList) || in_array($group_id, $tutorGroupList) || !$is_groupPrivate || claro_is_allowed_to_edit()) { if (is_array($tutorGroupList) && in_array($group_id, $tutorGroupList)) { $accessMode = 'tutor'; } elseif (is_array($userGroupList) && in_array($group_id, $userGroupList)) { $accessMode = 'member'; } else { $accessMode = 'visitor'; } } else { $accessMode = 'private'; } return $accessMode; } return false; }