function add_feedback_form_submit(Pieform $form, $values)
{
global $view, $artefact, $USER;
$data = (object) array('title' => get_string('Comment', 'artefact.comment'), 'description' => $values['message']);
if ($artefact) {
$data->onartefact = $artefact->get('id');
$data->owner = $artefact->get('owner');
$data->group = $artefact->get('group');
$data->institution = $artefact->get('institution');
} else {
$data->onview = $view->get('id');
$data->owner = $view->get('owner');
$data->group = $view->get('group');
$data->institution = $view->get('institution');
}
if ($author = $USER->get('id')) {
$anonymous = false;
$data->author = $author;
} else {
$anonymous = true;
$data->authorname = $values['authorname'];
}
if (isset($values['moderate']) && $values['ispublic'] && !$USER->can_edit_view($view)) {
$data->private = 1;
$data->requestpublic = 'author';
$moderated = true;
} else {
$data->private = (int) (!$values['ispublic']);
$moderated = false;
}
$private = $data->private;
if (get_config('licensemetadata')) {
$data->license = $values['license'];
$data->licensor = $values['licensor'];
$data->licensorurl = $values['licensorurl'];
}
if (isset($values['rating'])) {
$data->rating = valid_rating($values['rating']);
}
$comment = new ArtefactTypeComment(0, $data);
db_begin();
$comment->commit();
$url = $comment->get_view_url($view->get('id'), true, false);
$goto = get_config('wwwroot') . $url;
if (isset($data->requestpublic) && $data->requestpublic === 'author' && $data->owner) {
$arg = $author ? display_name($USER, null, true) : $data->authorname;
$moderatemsg = (object) array('subject' => false, 'message' => false, 'strings' => (object) array('subject' => (object) array('key' => 'makepublicrequestsubject', 'section' => 'artefact.comment', 'args' => array()), 'message' => (object) array('key' => 'makepublicrequestbyauthormessage', 'section' => 'artefact.comment', 'args' => array(hsc($arg))), 'urltext' => (object) array('key' => 'Comment', 'section' => 'artefact.comment')), 'users' => array($data->owner), 'url' => $url);
}
if (!empty($values['attachments']) && is_array($values['attachments']) && !empty($data->author)) {
require_once get_config('libroot') . 'uploadmanager.php';
safe_require('artefact', 'file');
$ownerlang = empty($data->owner) ? get_config('lang') : get_user_language($data->owner);
$folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'artefact.comment'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'artefact.comment'), null, true, $data->owner, $data->group, $data->institution);
$attachment = (object) array('owner' => $data->owner, 'group' => $data->group, 'institution' => $data->institution, 'author' => $data->author, 'allowcomments' => 0, 'parent' => $folderid, 'description' => get_string_from_language($ownerlang, 'feedbackonviewbyuser', 'artefact.comment', $view->get('title'), display_name($USER)));
foreach ($values['attachments'] as $filesindex) {
$originalname = $_FILES[$filesindex]['name'];
$attachment->title = ArtefactTypeFileBase::get_new_file_title($originalname, $folderid, $data->owner, $data->group, $data->institution);
try {
$fileid = ArtefactTypeFile::save_uploaded_file($filesindex, $attachment);
} catch (QuotaExceededException $e) {
if ($data->owner == $USER->get('id')) {
$form->reply(PIEFORM_ERR, array('message' => $e->getMessage()));
}
redirect($goto);
} catch (UploadException $e) {
$form->reply(PIEFORM_ERR, array('message' => $e->getMessage()));
redirect($goto);
}
$comment->attach($fileid);
}
}
require_once 'activity.php';
$data = (object) array('commentid' => $comment->get('id'), 'viewid' => $view->get('id'));
activity_occurred('feedback', $data, 'artefact', 'comment');
if (isset($moderatemsg)) {
activity_occurred('maharamessage', $moderatemsg);
}
db_commit();
$newlist = ArtefactTypeComment::get_comments(10, 0, 'last', $view, $artefact);
// If you're anonymous and your message is moderated or private, then you won't
// be able to tell what happened to it. So we'll provide some more explanation in
// the feedback message.
if ($anonymous && $moderated) {
$message = get_string('feedbacksubmittedmoderatedanon', 'artefact.comment');
} else {
if ($anonymous && $private) {
$message = get_string('feedbacksubmittedprivateanon', 'artefact.comment');
} else {
$message = get_string('feedbacksubmitted', 'artefact.comment');
}
}
$form->reply(PIEFORM_OK, array('message' => $message, 'goto' => $goto, 'data' => $newlist));
}
public function default_parent_for_copy(&$view, &$template, $artefactstoignore)
{
static $folderid;
if (!empty($folderid)) {
return $folderid;
}
$viewfilesfolder = ArtefactTypeFolder::get_folder_id(get_string('viewfilesdirname', 'view'), get_string('viewfilesdirdesc', 'view'), null, true, $view->get('owner'), $view->get('group'), $view->get('institution'), $artefactstoignore);
$foldername = $view->get('id');
$existing = get_column_sql("\n SELECT title\n FROM {artefact}\n WHERE parent = ? AND title LIKE ? || '%'", array($viewfilesfolder, $foldername));
$sep = '';
$ext = '';
if ($existing) {
while (in_array($foldername . $sep . $ext, $existing)) {
$sep = '-';
$ext++;
}
}
$data = (object) array('title' => $foldername . $sep . $ext, 'description' => get_string('filescopiedfromviewtemplate', 'view', $template->get('title')), 'owner' => $view->get('owner'), 'group' => $view->get('group'), 'institution' => $view->get('institution'), 'parent' => $viewfilesfolder);
$folder = new ArtefactTypeFolder(0, $data);
$folder->commit();
$folderid = $folder->get('id');
return $folderid;
}
/**
* Grab a delegate object for auth stuff
*/
public function request_user_authorise($token, $remotewwwroot)
{
global $USER, $SESSION;
$this->must_be_ready();
$peer = get_peer($remotewwwroot);
if ($peer->deleted != 0 || $this->config['theyssoin'] != 1) {
throw new XmlrpcClientException('We don\'t accept SSO connections from ' . institution_display_name($peer->institution));
}
$client = new Client();
$client->set_method('auth/mnet/auth.php/user_authorise')->add_param($token)->add_param(sha1($_SERVER['HTTP_USER_AGENT']))->send($remotewwwroot);
$remoteuser = (object) $client->response;
if (empty($remoteuser) or !property_exists($remoteuser, 'username')) {
// Caught by land.php
throw new AccessDeniedException();
}
$create = false;
$update = false;
if ('1' == $this->config['updateuserinfoonlogin']) {
$update = true;
}
// Retrieve a $user object. If that fails, create a blank one.
try {
$user = new User();
if (get_config('usersuniquebyusername')) {
// When turned on, this setting means that it doesn't matter
// which other application the user SSOs from, they will be
// given the same account in Mahara.
//
// This setting is one that has security implications unless
// only turned on by people who know what they're doing. In
// particular, every system linked to Mahara should be making
// sure that same username == same person. This happens for
// example if two Moodles are using the same LDAP server for
// authentication.
//
// If this setting is on, it must NOT be possible to self
// register on the site for ANY institution - otherwise users
// could simply pick usernames of people's accounts they wished
// to steal.
if ($institutions = get_column('institution', 'name', 'registerallowed', '1')) {
log_warn("usersuniquebyusername is turned on but registration is allowed for an institution. " . "No institution can have registration allowed for it, for security reasons.\n" . "The following institutions have registration enabled:\n " . join("\n ", $institutions));
throw new AccessDeniedException();
}
if (!get_config('usersallowedmultipleinstitutions')) {
log_warn("usersuniquebyusername is turned on but usersallowedmultipleinstitutions is off. " . "This makes no sense, as users will then change institution every time they log in from " . "somewhere else. Please turn this setting on in Site Options");
throw new AccessDeniedException();
}
$user->find_by_username($remoteuser->username);
} else {
$user->find_by_instanceid_username($this->instanceid, $remoteuser->username, true);
}
if ($user->get('suspendedcusr')) {
die_info(get_string('accountsuspended', 'mahara', strftime(get_string('strftimedaydate'), $user->get('suspendedctime')), $user->get('suspendedreason')));
}
} catch (AuthUnknownUserException $e) {
if (!empty($this->config['weautocreateusers'])) {
$institution = new Institution($this->institution);
if ($institution->isFull()) {
$institution->send_admin_institution_is_full_message();
throw new XmlrpcClientException('SSO attempt from ' . $institution->displayname . ' failed - institution is full');
}
$user = new User();
$create = true;
} else {
log_debug("User authorisation request from {$remotewwwroot} failed - " . "remote user '{$remoteuser->username}' is unknown to us and auto creation of users is turned off");
return false;
}
}
/*******************************************/
if ($create) {
$user->passwordchange = 1;
$user->active = 1;
$user->deleted = 0;
//TODO: import institution's expiry?:
//$institution = new Institution($peer->institution);
$user->expiry = null;
$user->expirymailsent = 0;
$user->lastlogin = time();
$user->firstname = $remoteuser->firstname;
$user->lastname = $remoteuser->lastname;
$user->email = $remoteuser->email;
$imported = array('firstname', 'lastname', 'email');
//TODO: import institution's per-user-quota?:
//$user->quota = $userrecord->quota;
$user->authinstance = empty($this->config['parent']) ? $this->instanceid : $this->parent;
db_begin();
$user->username = get_new_username($remoteuser->username);
$user->id = create_user($user, array(), $this->institution, $this, $remoteuser->username);
$locked = $this->import_user_settings($user, $remoteuser);
$locked = array_merge($imported, $locked);
/*
* We need to convert the object to a stdclass with its own
* custom method because it uses overloaders in its implementation
* and its properties wouldn't be visible to a simple cast operation
* like (array)$user
*/
$userobj = $user->to_stdclass();
$userarray = (array) $userobj;
db_commit();
// Now we have fired the create event, we need to re-get the data
// for this user
$user = new User();
$user->find_by_id($userobj->id);
} elseif ($update) {
$imported = array('firstname', 'lastname', 'email');
foreach ($imported as $field) {
if ($user->{$field} != $remoteuser->{$field}) {
$user->{$field} = $remoteuser->{$field};
set_profile_field($user->id, $field, $user->{$field});
}
}
if (isset($remoteuser->idnumber)) {
if ($user->studentid != $remoteuser->idnumber) {
$user->studentid = $remoteuser->idnumber;
set_profile_field($user->id, 'studentid', $user->studentid);
}
$imported[] = 'studentid';
}
$locked = $this->import_user_settings($user, $remoteuser);
$locked = array_merge($imported, $locked);
$user->lastlastlogin = $user->lastlogin;
$user->lastlogin = time();
//TODO: import institution's per-user-quota?:
//$user->quota = $userrecord->quota;
$user->commit();
}
if (get_config('usersuniquebyusername')) {
// Add them to the institution they have SSOed in by
$user->join_institution($peer->institution);
}
// See if we need to create/update a profile Icon image
if ($create || $update) {
$client->set_method('auth/mnet/auth.php/fetch_user_image')->add_param($remoteuser->username)->send($remotewwwroot);
$imageobject = (object) $client->response;
$u = preg_replace('/[^A-Za-z0-9 ]/', '', $user->username);
$filename = get_config('dataroot') . 'temp/mpi_' . intval($this->instanceid) . '_' . $u;
if (array_key_exists('f1', $client->response)) {
$imagecontents = base64_decode($client->response['f1']);
if (file_put_contents($filename, $imagecontents)) {
$imageexists = false;
$icons = false;
if ($update) {
$newchecksum = sha1_file($filename);
$icons = get_records_select_array('artefact', 'artefacttype = \'profileicon\' AND owner = ? ', array($user->id), '', 'id');
if (false != $icons) {
foreach ($icons as $icon) {
$iconfile = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $icon->id % 256 . '/' . $icon->id;
$checksum = sha1_file($iconfile);
if ($newchecksum == $checksum) {
$imageexists = true;
unlink($filename);
break;
}
}
}
}
if (false == $imageexists) {
$filesize = filesize($filename);
if (!$user->quota_allowed($filesize)) {
$error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot'));
}
require_once 'file.php';
$imagesize = getimagesize($filename);
if (!$imagesize || !is_image_type($imagesize[2])) {
$error = get_string('filenotimage');
}
$mime = $imagesize['mime'];
$width = $imagesize[0];
$height = $imagesize[1];
$imagemaxwidth = get_config('imagemaxwidth');
$imagemaxheight = get_config('imagemaxheight');
if ($width > $imagemaxwidth || $height > $imagemaxheight) {
$error = get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight);
}
try {
$user->quota_add($filesize);
} catch (QuotaException $qe) {
$error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot'));
}
require_once get_config('docroot') . '/artefact/lib.php';
require_once get_config('docroot') . '/artefact/file/lib.php';
// Entry in artefact table
$artefact = new ArtefactTypeProfileIcon();
$artefact->set('owner', $user->id);
$artefact->set('parent', ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $user->id));
$artefact->set('title', ArtefactTypeFileBase::get_new_file_title(get_string('profileicon', 'artefact.file'), (int) $artefact->get('parent'), $user->id));
// unique title
$artefact->set('description', get_string('uploadedprofileicon', 'artefact.file'));
$artefact->set('note', get_string('profileicon', 'artefact.file'));
$artefact->set('size', $filesize);
$artefact->set('filetype', $mime);
$artefact->set('width', $width);
$artefact->set('height', $height);
$artefact->commit();
$id = $artefact->get('id');
// Move the file into the correct place.
$directory = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $id % 256 . '/';
check_dir_exists($directory);
rename($filename, $directory . $id);
if ($create || empty($icons)) {
$user->profileicon = $id;
}
}
$user->commit();
} else {
log_warn(get_string('cantcreatetempprofileiconfile', 'artefact.file', $filename));
}
}
if ($update) {
$locked[] = 'profileicon';
}
}
/*******************************************/
// We know who our user is now. Bring her back to life.
$USER->reanimate($user->id, $this->instanceid);
// Set session variables to let the application know this session was
// initiated by MNET. Don't forget that users could initiate their
// sessions without MNET sometimes, which is why this data is stored in
// the session object.
$SESSION->set('mnetuser', $user->id);
$SESSION->set('authinstance', $this->instanceid);
if (isset($_SERVER['HTTP_REFERER'])) {
$SESSION->set('mnetuserfrom', $_SERVER['HTTP_REFERER']);
}
if ($update && isset($locked)) {
$SESSION->set('lockedfields', $locked);
}
return true;
}
function add_feedback_form_submit(Pieform $form, $values)
{
global $view, $artefact, $USER;
$data = new StdClass();
$data->view = $view->get('id');
if ($artefact) {
$data->artefact = $artefact->get('id');
$table = 'artefact_feedback';
} else {
$table = 'view_feedback';
}
$data->message = $values['message'];
$data->public = (int) $values['ispublic'];
$data->author = $USER->get('id');
if (!$data->author) {
unset($data->author);
$data->authorname = $values['authorname'];
}
$data->ctime = db_format_timestamp(time());
db_begin();
if (is_array($values['attachment'])) {
require_once get_config('libroot') . 'group.php';
require_once get_config('libroot') . 'uploadmanager.php';
safe_require('artefact', 'file');
$groupid = $view->get('submittedgroup');
if (group_user_can_assess_submitted_views($groupid, $USER->get('id'))) {
$um = new upload_manager('attachment');
if ($error = $um->preprocess_file()) {
throw new UploadException($error);
}
$owner = $view->get('owner');
$ownerlang = get_user_language($owner);
$folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'view'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'view'), null, true, $owner);
$attachment = (object) array('owner' => $owner, 'parent' => $folderid, 'title' => ArtefactTypeFileBase::get_new_file_title($values['attachment']['name'], $folderid, $owner), 'size' => $values['attachment']['size'], 'filetype' => $values['attachment']['type'], 'oldextensin' => $um->original_filename_extension(), 'description' => get_string_from_language($ownerlang, 'feedbackonviewbytutorofgroup', 'view', $view->get('title'), display_name($USER), get_field('group', 'name', 'id', $groupid)));
try {
$data->attachment = ArtefactTypeFile::save_uploaded_file('attachment', $attachment);
} catch (QuotaExceededException $e) {
}
}
}
insert_record($table, $data, 'id', true);
require_once 'activity.php';
unset($data->id);
activity_occurred('feedback', $data);
db_commit();
if ($artefact) {
$goto = get_config('wwwroot') . 'view/artefact.php?artefact=' . $artefact->get('id') . '&view=' . $view->get('id');
} else {
$goto = get_config('wwwroot') . 'view/view.php?id=' . $view->get('id');
}
$form->reply(PIEFORM_OK, array('message' => get_string('feedbacksubmitted', 'view'), 'goto' => $goto));
}
function upload_submit(Pieform $form, $values)
{
global $USER, $filesize;
safe_require('artefact', 'file');
try {
$USER->quota_add($filesize);
} catch (QuotaException $qe) {
$form->json_reply(PIEFORM_ERR, array('message' => get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot'))));
}
// Entry in artefact table
$data = new stdClass();
$data->owner = $USER->id;
$data->parent = ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $USER->id);
$data->title = $values['title'] ? $values['title'] : $values['file']['name'];
$data->title = ArtefactTypeFileBase::get_new_file_title($data->title, (int) $data->parent, $USER->id);
// unique title
$data->note = $values['file']['name'];
$data->size = $filesize;
$imageinfo = getimagesize($values['file']['tmp_name']);
$data->width = $imageinfo[0];
$data->height = $imageinfo[1];
$data->filetype = $imageinfo['mime'];
$data->description = get_string('uploadedprofileicon', 'artefact.file');
$artefact = new ArtefactTypeProfileIcon(0, $data);
if (preg_match("/\\.([^\\.]+)\$/", $values['file']['name'], $saved)) {
$artefact->set('oldextension', $saved[1]);
}
$artefact->commit();
$id = $artefact->get('id');
// Move the file into the correct place.
$directory = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $id % 256 . '/';
check_dir_exists($directory);
move_uploaded_file($values['file']['tmp_name'], $directory . $id);
$USER->commit();
$form->json_reply(PIEFORM_OK, get_string('profileiconaddedtoimagesfolder', 'artefact.file', get_string('imagesdir', 'artefact.file')));
}
public function add_artefacts()
{
// we're just adding them as files into an 'incoming' directory in the user's file area.
safe_require('artefact', 'file');
try {
$this->importdir = ArtefactTypeFolder::get_folder_id('incoming', get_string('incomingfolderdesc'), null, true, $this->get('usr'));
} catch (Exception $e) {
throw new ImportException($e->getMessage());
}
$savedfiles = array();
// to put files into so we can delete them should we encounter an exception
foreach ($this->files as $f) {
try {
$data = (object) array('title' => $f->wantsfilename, 'description' => $f->wantsfilename . ' (' . get_string('importedfrom', 'mahara', $this->get('importertransport')->get_description()) . ')', 'parent' => $this->importdir, 'owner' => $this->get('usr'), 'container' => 0, 'locked' => 0);
if ($imagesize = getimagesize($this->tempdir . 'extract/' . $f->actualfilename)) {
$mime = $imagesize['mime'];
$data->filetype = $mime;
}
$id = ArtefactTypeFile::save_file($this->tempdir . 'extract/' . $f->actualfilename, $data, $this->get('usrobj'), true);
if (empty($id)) {
throw new ImportException("Failed to create new artefact for {$f->sha1}");
}
$savedfiles[] = $id;
} catch (Exception $e) {
foreach ($savedfiles as $fileid) {
$tmp = artefact_instance_from_id($fileid);
$tmp->delete();
}
throw new ImportException('Failed to create some new artefacts');
}
}
$this->artefacts = $savedfiles;
}
/**
* Logic shared by create_file_from_request() and create_file(). This actually takes the data and processes it into a file artefact
* @param object $data
* @param PluginImportLeap $importer
* @param int $parent
* @param SimplexMLElement $entry
* @param unknown_type $entry_request
* @return PluginArtefactFile
* @throws ImportException
*/
private static function create_file_from_entry_data($data, PluginImportLeap $importer, $entryid, $fromrequest = false)
{
global $USER;
if ($fromrequest) {
$usr = $USER;
} else {
$usr = $importer->get('usrobj');
}
$data->oldextension = end(explode('.', $data->title));
// This API sucks, but that's not my problem
if (!($id = ArtefactTypeFile::save_file($data->pathname, $data, $usr, true))) {
$importer->trace("WARNING: the file for entry {$entryid} does not exist in the import (path={$data->pathname})");
return false;
}
$artefact = artefact_instance_from_id($id);
$artefact->set('tags', $data->tags);
if ($fromrequest) {
$artefact->set('mtime', $data->mtime);
} else {
// Work around that save_file doesn't let us set the mtime
$artefact->set('mtime', strtotime($data->mtime));
}
// Now that we've actually imported the file, let's check to see whether it was an image, before making it a real profile icon
$isprofileicon = $data->isprofileicon && $artefact->get('artefacttype') == 'image';
if ($isprofileicon) {
$artefact->set('artefacttype', 'profileicon');
// Put profile pic in 'profile pics' folder
$artefact->set('parent', ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $importer->get('usr')));
// Sadly the process for creating a profile icon is a bit dumb. To
// be honest, it shouldn't even be a separate artefact type
$basedir = get_config('dataroot') . 'artefact/file/';
$olddir = 'originals/' . $id % 256 . '/';
$newdir = 'profileicons/originals/' . $id % 256 . '/';
check_dir_exists($basedir . $newdir);
if (!rename($basedir . $olddir . $id, $basedir . $newdir . $id)) {
throw new ImportException($importer, 'TODO: get_string: was unable to move profile icon');
}
}
$artefact->commit();
return $artefact;
}
function add_feedback_form_submit(Pieform $form, $values)
{
global $view, $artefact, $USER;
require_once 'embeddedimage.php';
$data = (object) array('title' => get_string('Comment', 'artefact.comment'), 'description' => $values['message']);
if ($artefact) {
$data->onartefact = $artefact->get('id');
$data->owner = $artefact->get('owner');
$data->group = $artefact->get('group');
$data->institution = $artefact->get('institution');
$onvieworartefactstr = "onartefact = {$data->onartefact}";
} else {
$data->onview = $view->get('id');
$data->owner = $view->get('owner');
$data->group = $view->get('group');
$data->institution = $view->get('institution');
$onvieworartefactstr = "onview = {$data->onview}";
}
$owner = $data->owner;
$author = null;
if ($author = $USER->get('id')) {
$anonymous = false;
$data->author = $author;
} else {
$anonymous = true;
$data->authorname = $values['authorname'];
}
if (isset($values['moderate']) && $values['ispublic'] && !$USER->can_edit_view($view)) {
$data->private = 1;
$data->requestpublic = 'author';
$moderated = true;
} else {
$data->private = (int) (!$values['ispublic']);
$moderated = false;
}
$private = $data->private;
if (get_config('licensemetadata')) {
$data->license = $values['license'];
$data->licensor = $values['licensor'];
$data->licensorurl = $values['licensorurl'];
}
if (isset($values['rating'])) {
$data->rating = valid_rating($values['rating']);
}
if ($values['replyto'] && ($pcomment = artefact_instance_from_id($values['replyto']))) {
$data->parent = $pcomment->get('id');
$grandparentid = $pcomment->get('parent');
// Find the position for the new comment
// Find the last offspring of the parent
$parentid = $data->parent;
$data->threadedposition = $pcomment->get('threadedposition');
while ($lastchild = get_records_sql_array('
SELECT c.artefact, c.threadedposition
FROM {artefact_comment_comment} c
INNER JOIN {artefact} a ON a.id = c.artefact
WHERE
' . $onvieworartefactstr . '
AND a.parent = ?
ORDER BY c.threadedposition DESC
LIMIT 1', array($parentid))) {
$parentid = $lastchild[0]->artefact;
$data->threadedposition = $lastchild[0]->threadedposition;
}
$data->threadedposition++;
// Increase the threaded position of following comments by 1
execute_sql('
UPDATE {artefact_comment_comment}
SET threadedposition = threadedposition + 1
WHERE
' . $onvieworartefactstr . '
AND threadedposition >= ?', array($data->threadedposition));
}
if (!isset($data->threadedposition)) {
$lastcomment = get_record_sql('
SELECT max(threadedposition) AS lastposition
FROM {artefact_comment_comment} c
WHERE
' . $onvieworartefactstr);
$data->threadedposition = $lastcomment->lastposition ? $lastcomment->lastposition + 1 : 1;
}
$comment = new ArtefactTypeComment(0, $data);
db_begin();
$comment->commit();
$newdescription = EmbeddedImage::prepare_embedded_images($values['message'], 'comment', $comment->get('id'), $data->group);
if ($newdescription !== $values['message']) {
$updatedcomment = new stdClass();
$updatedcomment->id = $comment->get('id');
$updatedcomment->description = $newdescription;
update_record('artefact', $updatedcomment, 'id');
}
$url = $comment->get_view_url($view->get('id'), true, false);
$goto = get_config('wwwroot') . $url;
if (isset($data->requestpublic) && $data->requestpublic === 'author' && $data->owner) {
$arg = $author ? display_name($USER, null, true) : $data->authorname;
$moderatemsg = (object) array('subject' => false, 'message' => false, 'strings' => (object) array('subject' => (object) array('key' => 'makepublicrequestsubject', 'section' => 'artefact.comment', 'args' => array()), 'message' => (object) array('key' => 'makepublicrequestbyauthormessage', 'section' => 'artefact.comment', 'args' => array(hsc($arg))), 'urltext' => (object) array('key' => 'Comment', 'section' => 'artefact.comment')), 'users' => array($data->owner), 'url' => $url);
}
if (!empty($values['attachments']) && is_array($values['attachments']) && !empty($data->author)) {
require_once get_config('libroot') . 'uploadmanager.php';
safe_require('artefact', 'file');
$ownerlang = empty($data->owner) ? get_config('lang') : get_user_language($data->owner);
$folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'artefact.comment'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'artefact.comment'), null, true, $data->owner, $data->group, $data->institution);
$attachment = (object) array('owner' => $data->owner, 'group' => $data->group, 'institution' => $data->institution, 'author' => $data->author, 'allowcomments' => 0, 'parent' => $folderid, 'description' => get_string_from_language($ownerlang, 'feedbackonviewbyuser', 'artefact.comment', $view->get('title'), display_name($USER)));
foreach ($values['attachments'] as $filesindex) {
$originalname = $_FILES[$filesindex]['name'];
$attachment->title = ArtefactTypeFileBase::get_new_file_title($originalname, $folderid, $data->owner, $data->group, $data->institution);
try {
$fileid = ArtefactTypeFile::save_uploaded_file($filesindex, $attachment);
} catch (QuotaExceededException $e) {
if ($data->owner == $USER->get('id')) {
$form->reply(PIEFORM_ERR, array('message' => $e->getMessage()));
}
redirect($goto);
} catch (UploadException $e) {
$form->reply(PIEFORM_ERR, array('message' => $e->getMessage()));
redirect($goto);
}
$comment->attach($fileid);
}
}
require_once 'activity.php';
$data = (object) array('commentid' => $comment->get('id'), 'viewid' => $view->get('id'));
// We want to add the user placing the comment to the watchlist so they
// can get notified about future comments to the page.
// @TODO Add a site/institution preference to override this.
$updatelink = false;
if (!get_field('usr_watchlist_view', 'ctime', 'usr', $author, 'view', $view->get('id')) && $author != $owner) {
insert_record('usr_watchlist_view', (object) array('usr' => $author, 'view' => $view->get('id'), 'ctime' => db_format_timestamp(time())));
$updatelink = $artefact ? get_string('removefromwatchlistartefact', 'view', $view->get('title')) : get_string('removefromwatchlist', 'view');
}
activity_occurred('feedback', $data, 'artefact', 'comment');
if (isset($moderatemsg)) {
activity_occurred('maharamessage', $moderatemsg);
}
db_commit();
$commentoptions = ArtefactTypeComment::get_comment_options();
$commentoptions->showcomment = $comment->get('id');
$commentoptions->view = $view;
$commentoptions->artefact = $artefact;
$newlist = ArtefactTypeComment::get_comments($commentoptions);
$newlist->updatelink = $updatelink;
// If you're anonymous and your message is moderated or private, then you won't
// be able to tell what happened to it. So we'll provide some more explanation in
// the feedback message.
if ($anonymous && $moderated) {
$message = get_string('feedbacksubmittedmoderatedanon', 'artefact.comment');
} else {
if ($anonymous && $private) {
$message = get_string('feedbacksubmittedprivateanon', 'artefact.comment');
} else {
$message = get_string('feedbacksubmitted', 'artefact.comment');
}
}
$form->reply(PIEFORM_OK, array('message' => $message, 'goto' => $goto, 'data' => $newlist));
}
