require_once $gfcommon . 'forum/Forum.class.php'; require_once $gfcommon . 'forum/ForumMessage.class.php'; $msg_id = getIntFromRequest("msg_id"); $group_id = getIntFromRequest('group_id'); $forum_id = getIntFromRequest("forum_id"); global $HTML; $fa = new ForumAdmin(); if (!$forum_id || !$group_id || !$msg_id) { exit_missing_param(); } if ($fa->Authorized($group_id)) { //user authorized, continue check if ($fa->isForumAdmin($forum_id)) { //print the message forum_header(array()); $g =& $fa->GetGroupObject(); $f = new Forum($g, $forum_id); if (!$f || !is_object($f)) { exit_error(_('Error'), "Error getting new Forum"); } elseif ($f->isError()) { exit_error(_('Error'), $f->getErrorMessage()); } $fm = new ForumMessage($f, $msg_id, false, true); //create the pending message if (!$fm || !is_object($fm)) { exit_error(_('Error'), "Error getting new ForumMessage"); } elseif ($fm->isError()) { exit_error(_('Error'), "Error getting new ForumMessage: " . $fm->getErrorMessage()); } $fhtml = new ForumHTML($f); if (!$fhtml || !is_object($fhtml)) {
exit_no_group(); } elseif ($fa->isPermissionDeniedError()) { exit_permission_denied(); } } } elseif (getStringFromRequest("editmsg")) { // edit message handling $forum_id = getStringFromRequest("forum_id"); $thread_id = getStringFromRequest("thread_id"); $msg_id = getStringFromRequest("editmsg"); $fa = new ForumAdmin(); if ($fa->Authorized($group_id)) { if ($fa->isForumAdmin($forum_id)) { if (getStringFromRequest("ok")) { //actually finish editing the message and save the contents $f = new Forum($fa->GetGroupObject(), $forum_id); if (!$f || !is_object($f)) { exit_error('Error', 'Error Getting Forum'); } elseif ($f->isError()) { exit_error('Error', $f->getErrorMessage()); } $fm = new ForumMessage($f, $msg_id, false, false); if (!$fm || !is_object($fm)) { exit_error(_('Error'), _('Error getting new forum message')); } elseif ($fm->isError()) { exit_error(_('Error'), $fm->getErrorMessage()); } $subject = getStringFromRequest('subject'); $body = getStringFromRequest('body'); $sanitizer = new TextSanitizer(); $body = $sanitizer->SanitizeHtml($body);