/** * This function stores a reply in the forum_post table. * It also updates the forum_threads table (thread_replies +1 , thread_last_post, thread_date) * @param array * @param array * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function store_reply($current_forum, $values) { $_course = api_get_course_info(); $table_posts = Database::get_course_table(TABLE_FORUM_POST); $post_date = api_get_utc_datetime(); if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) { $visible = 0; } else { $visible = 1; } $upload_ok = 1; $return = array(); if ($upload_ok) { // We first store an entry in the forum_post table. $sql = "INSERT INTO {$table_posts} (c_id, post_title, post_text, thread_id, forum_id, poster_id, post_date, post_notification, post_parent_id, visible)\n VALUES (\n " . api_get_course_int_id() . ",\n '" . Database::escape_string($values['post_title']) . "',\n '" . Database::escape_string(isset($values['post_text']) ? $values['post_text'] : null) . "',\n '" . Database::escape_string($values['thread_id']) . "',\n '" . Database::escape_string($values['forum_id']) . "',\n '" . api_get_user_id() . "',\n '" . $post_date . "',\n '" . Database::escape_string(isset($values['post_notification']) ? $values['post_notification'] : null) . "',\n '" . Database::escape_string(isset($values['post_parent_id']) ? $values['post_parent_id'] : null) . "',\n '" . Database::escape_string($visible) . "')"; Database::query($sql); $new_post_id = Database::insert_id(); $values['new_post_id'] = $new_post_id; $message = get_lang('ReplyAdded'); if (!empty($_POST['file_ids']) && is_array($_POST['file_ids'])) { foreach ($_POST['file_ids'] as $key => $id) { editAttachedFile(array('comment' => $_POST['file_comments'][$key], 'post_id' => $new_post_id), $id); } } // Update the thread. update_thread($values['thread_id'], $new_post_id, $post_date); // Update the forum. api_item_property_update($_course, TOOL_FORUM, $values['forum_id'], 'NewMessageInForum', api_get_user_id()); if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) { $message .= '<br />' . get_lang('MessageHasToBeApproved') . '<br />'; } //$message .= '<br />'.get_lang('ReturnTo').' <a href="viewforum.php?'.api_get_cidreq().'&forum='.$values['forum_id'].'&gidReq='.$_SESSION['toolgroup'].'&origin='.$origin.'">'.get_lang('Forum').'</a><br />'; //$message .= get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&forum='.$values['forum_id'].'&thread='.$values['thread_id'].'&gidReq='.$_SESSION['toolgroup'].'&origin='.$origin.'&gradebook='.$gradebook.'">'.get_lang('Message').'</a>'; // Setting the notification correctly. $my_post_notification = isset($values['post_notification']) ? $values['post_notification'] : null; if ($my_post_notification == 1) { set_notification('thread', $values['thread_id'], true); } send_notification_mails($values['thread_id'], $values); Session::erase('formelements'); Session::erase('origin'); Session::erase('breadcrumbs'); Session::erase('addedresource'); Session::erase('addedresourceid'); $return['msg'] = $message; $return['type'] = 'confirmation'; } else { $return['msg'] = get_lang('UplNoFileUploaded') . ' ' . get_lang('UplSelectFileFirst'); $return['type'] = 'error'; } return $return; }
/** * This function stores a reply in the forum_post table. * It also updates the forum_threads table (thread_replies +1 , thread_last_post, thread_date) * @param array $current_forum * @param array $values * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function store_reply($current_forum, $values) { $_course = api_get_course_info(); $table_posts = Database::get_course_table(TABLE_FORUM_POST); $post_date = api_get_utc_datetime(); if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) { $visible = 0; } else { $visible = 1; } $upload_ok = 1; $return = array(); if ($upload_ok) { // We first store an entry in the forum_post table. $new_post_id = Database::insert($table_posts, ['c_id' => api_get_course_int_id(), 'post_title' => $values['post_title'], 'post_text' => isset($values['post_text']) ? $values['post_text'] : null, 'thread_id' => $values['thread_id'], 'forum_id' => $values['forum_id'], 'poster_id' => api_get_user_id(), 'post_date' => $post_date, 'post_notification' => isset($values['post_notification']) ? $values['post_notification'] : null, 'post_parent_id' => isset($values['post_parent_id']) ? $values['post_parent_id'] : null, 'visible' => $visible]); if ($new_post_id) { $sql = "UPDATE {$table_posts} SET post_id = iid WHERE iid = {$new_post_id}"; Database::query($sql); $values['new_post_id'] = $new_post_id; $message = get_lang('ReplyAdded'); if (!empty($_POST['file_ids']) && is_array($_POST['file_ids'])) { foreach ($_POST['file_ids'] as $key => $id) { editAttachedFile(array('comment' => $_POST['file_comments'][$key], 'post_id' => $new_post_id), $id); } } // Update the thread. update_thread($values['thread_id'], $new_post_id, $post_date); // Update the forum. api_item_property_update($_course, TOOL_FORUM, $values['forum_id'], 'NewMessageInForum', api_get_user_id()); if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) { $message .= '<br />' . get_lang('MessageHasToBeApproved') . '<br />'; } // Setting the notification correctly. $my_post_notification = isset($values['post_notification']) ? $values['post_notification'] : null; if ($my_post_notification == 1) { set_notification('thread', $values['thread_id'], true); } send_notification_mails($values['thread_id'], $values); add_forum_attachment_file('', $new_post_id); } Session::erase('formelements'); Session::erase('origin'); Session::erase('breadcrumbs'); Session::erase('addedresource'); Session::erase('addedresourceid'); $return['msg'] = $message; $return['type'] = 'confirmation'; } else { $return['msg'] = get_lang('UplNoFileUploaded') . ' ' . get_lang('UplSelectFileFirst'); $return['type'] = 'error'; } return $return; }
/** * This function stores a reply in the forum_post table. * It also updates the forum_threads table (thread_replies +1 , thread_last_post, thread_date) * * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function store_reply($values) { $_course = api_get_course_info(); global $current_forum; global $origin; $table_threads = Database::get_course_table(TABLE_FORUM_THREAD); $forum_table_attachment = Database::get_course_table(TABLE_FORUM_ATTACHMENT); $table_posts = Database::get_course_table(TABLE_FORUM_POST); $gradebook = Security::remove_XSS($_GET['gradebook']); $post_date = api_get_utc_datetime(); if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) { $visible = 0; // The post has not been approved yet. } else { $visible = 1; } $upload_ok = 1; $has_attachment = false; if (!empty($_FILES['user_upload']['name'])) { $upload_ok = FileManager::process_uploaded_file($_FILES['user_upload']); $has_attachment = true; } $return = array(); if ($upload_ok) { // We first store an entry in the forum_post table. $sql = "INSERT INTO {$table_posts} (c_id, post_title, post_text, thread_id, forum_id, poster_id, post_date, post_notification, post_parent_id, visible)\n VALUES (\n \t\t" . api_get_course_int_id() . ",\n \t\t'" . Database::escape_string($values['post_title']) . "',\n '" . Database::escape_string(isset($values['post_text']) ? $values['post_text'] : null) . "',\n '" . Database::escape_string($values['thread_id']) . "',\n '" . Database::escape_string($values['forum_id']) . "',\n '" . api_get_user_id() . "',\n '" . $post_date . "',\n '" . Database::escape_string(isset($values['post_notification']) ? $values['post_notification'] : null) . "',\n '" . Database::escape_string(isset($values['post_parent_id']) ? $values['post_parent_id'] : null) . "',\n '" . Database::escape_string($visible) . "')"; $result = Database::query($sql); $new_post_id = Database::insert_id(); $values['new_post_id'] = $new_post_id; $message = get_lang('ReplyAdded'); if ($has_attachment) { $course_dir = $_course['path'] . '/upload/forum'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path . $course_dir; // Try to add an extension to the file if it hasn't one. $new_file_name = FileManager::add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); // User's file name $file_name = $_FILES['user_upload']['name']; if (!FileManager::filter_extension($new_file_name)) { $return['msg'] = get_lang('UplUnableToSaveFileFilteredExtension'); $return['type'] = 'error'; } else { $new_file_name = uniqid(''); $new_path = $updir . '/' . $new_file_name; $result = @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); $comment = $values['file_comment']; // Storing the attachments if any. if ($result) { $sql = 'INSERT INTO ' . $forum_table_attachment . '(c_id, filename,comment, path, post_id,size) ' . "VALUES (" . api_get_course_int_id() . ", '" . Database::escape_string($file_name) . "', '" . Database::escape_string($comment) . "', '" . Database::escape_string($new_file_name) . "' , '" . $new_post_id . "', '" . intval($_FILES['user_upload']['size']) . "' )"; $result = Database::query($sql); $message .= ' / ' . get_lang('FileUploadSucces'); $last_id = Database::insert_id(); api_item_property_update($_course, TOOL_FORUM_ATTACH, $last_id, 'ForumAttachmentAdded', api_get_user_id()); } } } // Update the thread. update_thread($values['thread_id'], $new_post_id, $post_date); // Update the forum. api_item_property_update($_course, TOOL_FORUM, $values['forum_id'], 'NewMessageInForum', api_get_user_id()); if ($current_forum['approval_direct_post'] == '1' && !api_is_allowed_to_edit(null, true)) { $message .= '<br />' . get_lang('MessageHasToBeApproved') . '<br />'; } //$message .= '<br />'.get_lang('ReturnTo').' <a href="viewforum.php?'.api_get_cidreq().'&forum='.$values['forum_id'].'&gidReq='.$_SESSION['toolgroup'].'&origin='.$origin.'">'.get_lang('Forum').'</a><br />'; //$message .= get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&forum='.$values['forum_id'].'&thread='.$values['thread_id'].'&gidReq='.$_SESSION['toolgroup'].'&origin='.$origin.'&gradebook='.$gradebook.'">'.get_lang('Message').'</a>'; // Setting the notification correctly. $my_post_notification = isset($values['post_notification']) ? $values['post_notification'] : null; if ($my_post_notification == 1) { set_notification('thread', $values['thread_id'], true); } send_notification_mails($values['thread_id'], $values); Session::erase('formelements'); Session::erase('origin'); Session::erase('breadcrumbs'); Session::erase('addedresource'); Session::erase('addedresourceid'); $return['msg'] = $message; $return['type'] = 'confirmation'; } else { $return['msg'] = get_lang('UplNoFileUploaded') . ' ' . get_lang('UplSelectFileFirst'); $return['type'] = 'error'; } return $return; }