public function composewall() { $ta = TahunAjaran::ta(); $typ = isset($_GET['typ']) ? addslashes($_GET['typ']) : ''; $klsid = isset($_GET['klsid']) ? addslashes($_GET['klsid']) : ''; $cmd = isset($_GET['cmd']) ? addslashes($_GET['cmd']) : 'form'; if ($typ == "") { die('Type must be defined'); } if ($typ == "kelas" && $klsid == "") { die("Kelas must be defined"); } $return['webClass'] = __CLASS__; $return['method'] = __FUNCTION__; if ($cmd == "form") { $return["typ"] = $typ; $return["klsid"] = $klsid; $return['id'] = Wall::createID(); Mold::both("wall/compose", $return); } if ($cmd == "add") { $json['bool'] = 0; $json['err'] = ''; if (isset($_POST['wall_msg'])) { $wall_msg = trim(rtrim($_POST['wall_msg'])); } if ($wall_msg == '') { $json['err'] .= Lang::t('Message is empty'); } $id = isset($_GET['id']) ? addslashes($_GET['id']) : ''; if ($id == '') { $json['err'] .= Lang::t('Id is empty'); } if ($json['err'] == '') { //$wall_msg = addslashes(strip_tags(trim(rtrim ($_POST['wall_msg'])),'<p><a><br><b><i><img><hr>')); // am 01.10.2014,insert <embed><iframe> vom Efindi $wall_msg = strip_tags(trim(rtrim($_POST['wall_msg'])), '<p><a><br><b><i><img><hr><embed><iframe>'); if ($typ == "kelas") { $wall = new MuridWall(); $wall->wall_id = $id; $wall->wall_msg = $wall_msg; $wall->wall_from = Account::getMyIDwithCheck(); $wall->wall_kelas_id = $klsid; $wall->wall_role = Account::getMyRole(); $wall->wall_ta_id = $ta; $tgl = Wall::getDateTime(); $wall->wall_date = $tgl; $wall->wall_update = $tgl; $json['bool'] = $wall->save(); } if ($typ == "school") { $wall2 = new SchoolWall(); $wall2->wall_id = $id; $wall2->wall_msg = $wall_msg; $wall2->wall_from = Account::getMyIDwithCheck(); $wall2->wall_role = Account::getMyRole(); Auth::checkRole("supervisor"); $wall2->wall_kls_ta = "school"; $tgl = Wall::getDateTime(); $wall2->wall_date = $tgl; // echo "in"; // die($wall_msg); $json['bool'] = $wall2->save(); } } die(json_encode($json)); } }