/** * This function sends the notification mails to everybody who stated that they wanted to be informed when a new post * was added to a given thread. * * @param array reply information * @return void * * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function send_notification_mails($thread_id, $reply_info) { $table = Database::get_course_table(TABLE_FORUM_MAIL_QUEUE); // First we need to check if // 1. the forum category is visible // 2. the forum is visible // 3. the thread is visible // 4. the reply is visible (=when there is) $current_thread = get_thread_information($thread_id); $current_forum = get_forum_information($current_thread['forum_id']); $current_forum_category = null; if (isset($current_forum['forum_category'])) { $current_forum_category = get_forumcategory_information($current_forum['forum_category']); } if ($current_thread['visibility'] == '1' && $current_forum['visibility'] == '1' && ($current_forum_category && $current_forum_category['visibility'] == '1') && $current_forum['approval_direct_post'] != '1') { $send_mails = true; } else { $send_mails = false; } // The forum category, the forum, the thread and the reply are visible to the user if ($send_mails) { if (isset($current_thread['forum_id'])) { send_notifications($current_thread['forum_id'], $thread_id); } } else { $table_notification = Database::get_course_table(TABLE_FORUM_NOTIFICATION); if (isset($current_forum['forum_id'])) { $sql = "SELECT * FROM {$table_notification}\n WHERE\n c_id = " . api_get_course_int_id() . " AND\n (\n forum_id = '" . intval($current_forum['forum_id']) . "' OR\n thread_id = '" . intval($thread_id) . "'\n ) "; $result = Database::query($sql); $user_id = api_get_user_id(); while ($row = Database::fetch_array($result)) { $sql = "INSERT INTO {$table} (c_id, thread_id, post_id, user_id)\n VALUES (" . api_get_course_int_id() . ", '" . intval($thread_id) . "', '" . intval($reply_info['new_post_id']) . "', '{$user_id}' )"; Database::query($sql); } } } }
$origin = Security::remove_XSS($_GET['origin']); $origin_string = '&origin=' . $origin; } /* Including necessary files */ require 'forumconfig.inc.php'; require_once 'forumfunction.inc.php'; $userid = api_get_user_id(); /* MAIN DISPLAY SECTION */ $groupId = api_get_group_id(); $my_forum = isset($_GET['forum']) ? $_GET['forum'] : ''; // Note: This has to be validated that it is an existing forum. $current_forum = get_forum_information($my_forum); if (empty($current_forum)) { api_not_allowed(); } $current_forum_category = get_forumcategory_information($current_forum['forum_category']); $is_group_tutor = false; if (!empty($groupId)) { //Group info & group category info $group_properties = GroupManager::get_group_properties($groupId); //User has access in the group? $user_has_access_in_group = GroupManager::user_has_access($userid, $groupId, GroupManager::GROUP_TOOL_FORUM); $is_group_tutor = GroupManager::is_tutor_of_group(api_get_user_id(), $groupId); //Course if (!api_is_allowed_to_edit(false, true) and ($current_forum_category && $current_forum_category['visibility'] == 0 or $current_forum['visibility'] == 0 or !$user_has_access_in_group)) { api_not_allowed(); } } else { //Course if (!api_is_allowed_to_edit(false, true) and ($current_forum_category && $current_forum_category['visibility'] == 0 or $current_forum['visibility'] == 0)) { api_not_allowed();
$origin = Security::remove_XSS($_GET['origin']); $origin_string = '&origin=' . $origin; } /* Including necessary files */ require_once 'forumconfig.inc.php'; require_once 'forumfunction.inc.php'; /* MAIN DISPLAY SECTION */ /* Retrieving forum and forum categorie information */ // We are getting all the information about the current forum and forum category. // Note pcool: I tried to use only one sql statement (and function) for this, // but the problem is that the visibility of the forum AND forum cateogory are stored in the item_property table. $current_thread = get_thread_information($_GET['thread']); // Note: This has to be validated that it is an existing thread. $current_forum = get_forum_information($current_thread['forum_id']); // Note: This has to be validated that it is an existing forum. $current_forum_category = get_forumcategory_information(Security::remove_XSS($current_forum['forum_category'])); /* Is the user allowed here? */ // The user is not allowed here if // 1. the forumcategory, forum or thread is invisible (visibility==0 // 2. the forumcategory, forum or thread is locked (locked <>0) // 3. if anonymous posts are not allowed // The only exception is the course manager // I have split this is several pieces for clarity. //if (!api_is_allowed_to_edit() AND (($current_forum_category['visibility'] == 0 OR $current_forum['visibility'] == 0) OR ($current_forum_category['locked'] <> 0 OR $current_forum['locked'] <> 0 OR $current_thread['locked'] <> 0))) { if (!api_is_allowed_to_edit(false, true) and ($current_forum_category && $current_forum_category['visibility'] == 0 or $current_forum['visibility'] == 0)) { api_not_allowed(); } if (!api_is_allowed_to_edit(false, true) and ($current_forum_category && $current_forum_category['locked'] != 0 or $current_forum['locked'] != 0 or $current_thread['locked'] != 0)) { api_not_allowed(); } if (!$_user['user_id'] and $current_forum['allow_anonymous'] == 0) {