/** * Update the submitted entry. * * @param string $topic_id id of the entry to update * @throws AccessDeniedException */ function update_entry_action($topic_id) { if (Request::isXhr()) { $name = studip_utf8decode(Request::get('name', _('Kein Titel'))); $content = Studip\Markup::purifyHtml(studip_utf8decode(Request::get('content', _('Keine Beschreibung')))); } else { $name = Request::get('name', _('Kein Titel')); $content = Studip\Markup::purifyHtml(Request::get('content', _('Keine Beschreibung'))); } ForumPerm::check('add_entry', $this->getId(), $topic_id); if (ForumPerm::hasEditPerms($topic_id)) { ForumEntry::update($topic_id, $name, $content); } else { throw new AccessDeniedException(_('Sie haben keine Berechtigung, diesen Eintrag zu editieren!')); } if (Request::isXhr()) { $this->render_text(json_encode(array('name' => studip_utf8encode(htmlReady($name)), 'content' => studip_utf8encode(formatReady($content))))); } else { $this->redirect(PluginEngine::getLink('coreforum/index/index/' . $topic_id . '#' . $topic_id)); } }
/** * Delete an entry * * @delete /forum_entry/:entry_id */ public function deleteForumEntry($entry_id) { $entry = $this->findEntry($entry_id); $cid = $parent['course_id']; if (!\ForumPerm::hasEditPerms($entry_id) || !\ForumPerm::has('remove_entry', $cid)) { $this->error(401); } \ForumEntry::delete($entry_id); $this->status(204); }
<? if (!is_array($highlight)) $highlight = array(); ?> <? $is_new = ((isset($visitdate) && $post['mkdate'] >= $visitdate) || !(isset($visitdate))) ?> <? if (!$constraint) $constraint = ForumEntry::getConstraints (ForumEntry::getParentTopicId($post['topic_id'])) ?> <? $can_edit_closed = !ForumEntry::isClosed($constraint['topic_id']) || (ForumEntry::isClosed($constraint['topic_id']) && ForumPerm::has('edit_closed', $constraint['seminar_id'])) ?> <? $perms = array( 'edit' => ForumPerm::hasEditPerms($post['topic_id']), 'edit_closed' => ForumPerm::has('edit_closed', $constraint['seminar_id']), 'remove_entry' => ForumPerm::has('remove_entry', $constraint['seminar_id']), ) ?> <!-- Anker, um zu diesem Posting springen zu können --> <a name="<?php echo $post['topic_id']; ?> "></a> <form method="post" data-topicid="<?php echo $post['topic_id']; ?> " action="<?php echo PluginEngine::getLink('coreforum/index/update_entry/' . $post['topic_id']); ?> "> <?php echo CSRFProtection::tokenTag(); ?> <div class="posting<?php