/** * This function stores the forum in the database. The new forum is added to the end. * * @param array $values * @param array $courseInfo * @param bool $returnId * @return string language variable * * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function store_forum($values, $courseInfo = array(), $returnId = false) { $courseInfo = empty($courseInfo) ? api_get_course_info() : $courseInfo; $course_id = $courseInfo['real_id']; $session_id = api_get_session_id(); if (isset($values['group_id']) && !empty($values['group_id'])) { $group_id = $values['group_id']; } else { $group_id = api_get_group_id(); } $table_forums = Database::get_course_table(TABLE_FORUM); // Find the max forum_order for the given category. The new forum is added at the end => max cat_order + & if (is_null($values['forum_category'])) { $new_max = null; } else { $sql = "SELECT MAX(forum_order) as sort_max\n FROM " . $table_forums . "\n WHERE\n c_id = {$course_id} AND\n forum_category='" . Database::escape_string($values['forum_category']) . "'"; $result = Database::query($sql); $row = Database::fetch_array($result); $new_max = $row['sort_max'] + 1; } // Forum images $image_moved = false; if (!empty($_FILES['picture']['name'])) { $upload_ok = process_uploaded_file($_FILES['picture']); $has_attachment = true; } else { $image_moved = true; } // Remove existing picture if it was requested. if (!empty($_POST['remove_picture'])) { delete_forum_image($values['forum_id']); } $new_file_name = ''; if (isset($upload_ok)) { if ($has_attachment) { $course_dir = $courseInfo['path'] . '/upload/forum/images'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path . $course_dir; // Try to add an extension to the file if it hasn't one. $new_file_name = add_ext_on_mime(Database::escape_string($_FILES['picture']['name']), $_FILES['picture']['type']); if (!filter_extension($new_file_name)) { //Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); $image_moved = false; } else { $file_extension = explode('.', $_FILES['picture']['name']); $file_extension = strtolower($file_extension[sizeof($file_extension) - 1]); $new_file_name = uniqid('') . '.' . $file_extension; $new_path = $updir . '/' . $new_file_name; $result = @move_uploaded_file($_FILES['picture']['tmp_name'], $new_path); // Storing the attachments if any if ($result) { $image_moved = true; } } } } if (isset($values['forum_id'])) { $sql_image = isset($sql_image) ? $sql_image : ''; $new_file_name = isset($new_file_name) ? $new_file_name : ''; if ($image_moved) { if (empty($_FILES['picture']['name'])) { $sql_image = ""; } else { $sql_image = $new_file_name; delete_forum_image($values['forum_id']); } } // Storing after edition. $params = ['forum_title' => $values['forum_title'], 'forum_image' => $sql_image, 'forum_comment' => isset($values['forum_comment']) ? $values['forum_comment'] : null, 'forum_category' => isset($values['forum_category']) ? $values['forum_category'] : null, 'allow_anonymous' => isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null, 'allow_edit' => isset($values['students_can_edit_group']['students_can_edit']) ? $values['students_can_edit_group']['students_can_edit'] : null, 'approval_direct_post' => isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null, 'allow_attachments' => isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null, 'allow_new_threads' => isset($values['allow_new_threads_group']['allow_new_threads']) ? $values['allow_new_threads_group']['allow_new_threads'] : null, 'default_view' => isset($values['default_view_type_group']['default_view_type']) ? $values['default_view_type_group']['default_view_type'] : null, 'forum_of_group' => isset($values['group_forum']) ? $values['group_forum'] : null, 'forum_group_public_private' => isset($values['public_private_group_forum_group']['public_private_group_forum']) ? $values['public_private_group_forum_group']['public_private_group_forum'] : null, 'forum_order' => isset($new_max) ? $new_max : null, 'session_id' => $session_id, 'lp_id' => isset($values['lp_id']) ? intval($values['lp_id']) : 0]; Database::update($table_forums, $params, ['c_id = ? AND forum_id = ?' => [$course_id, $values['forum_id']]]); api_item_property_update($courseInfo, TOOL_FORUM, Database::escape_string($values['forum_id']), 'ForumUpdated', api_get_user_id(), $group_id); $return_message = get_lang('ForumEdited'); } else { if ($image_moved) { $new_file_name = isset($new_file_name) ? $new_file_name : ''; } $params = ['c_id' => $course_id, 'forum_title' => $values['forum_title'], 'forum_image' => $new_file_name, 'forum_comment' => isset($values['forum_comment']) ? $values['forum_comment'] : null, 'forum_category' => isset($values['forum_category']) ? $values['forum_category'] : null, 'allow_anonymous' => isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null, 'allow_edit' => isset($values['students_can_edit_group']['students_can_edit']) ? $values['students_can_edit_group']['students_can_edit'] : null, 'approval_direct_post' => isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null, 'allow_attachments' => isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null, 'allow_new_threads' => isset($values['allow_new_threads_group']['allow_new_threads']) ? $values['allow_new_threads_group']['allow_new_threads'] : null, 'default_view' => isset($values['default_view_type_group']['default_view_type']) ? $values['default_view_type_group']['default_view_type'] : null, 'forum_of_group' => isset($values['group_forum']) ? $values['group_forum'] : null, 'forum_group_public_private' => isset($values['public_private_group_forum_group']['public_private_group_forum']) ? $values['public_private_group_forum_group']['public_private_group_forum'] : null, 'forum_order' => isset($new_max) ? $new_max : null, 'session_id' => $session_id, 'lp_id' => isset($values['lp_id']) ? intval($values['lp_id']) : 0]; $last_id = Database::insert($table_forums, $params); if ($last_id > 0) { $sql = "UPDATE {$table_forums} SET forum_id = iid WHERE iid = {$last_id}"; Database::query($sql); api_item_property_update($courseInfo, TOOL_FORUM, $last_id, 'ForumAdded', api_get_user_id(), $group_id); api_set_default_visibility($last_id, TOOL_FORUM, $group_id, $courseInfo); } $return_message = get_lang('ForumAdded'); if ($returnId) { return $last_id; } } return $return_message; }
/** * This function stores the forum in the database. The new forum is added to the end. * * @param array * @return string language variable * * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function store_forum($values) { $_course = api_get_course_info(); $course_id = api_get_course_int_id(); $session_id = api_get_session_id(); if (isset($values['group_id']) && !empty($values['group_id'])) { $group_id = $values['group_id']; } else { $group_id = api_get_group_id(); } $table_forums = Database::get_course_table(TABLE_FORUM); // Find the max forum_order for the given category. The new forum is added at the end => max cat_order + & if (is_null($values['forum_category'])) { $new_max = null; } else { $sql = "SELECT MAX(forum_order) as sort_max\n FROM " . $table_forums . "\n WHERE\n c_id = {$course_id} AND\n forum_category='" . Database::escape_string($values['forum_category']) . "'"; $result = Database::query($sql); $row = Database::fetch_array($result); $new_max = $row['sort_max'] + 1; } $clean_title = Database::escape_string($values['forum_title']); // Forum images $image_moved = false; if (!empty($_FILES['picture']['name'])) { $upload_ok = process_uploaded_file($_FILES['picture']); $has_attachment = true; } else { $image_moved = true; } // Remove existing picture if it was requested. if (!empty($_POST['remove_picture'])) { delete_forum_image($values['forum_id']); } if (isset($upload_ok)) { if ($has_attachment) { $course_dir = $_course['path'] . '/upload/forum/images'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path . $course_dir; // Try to add an extension to the file if it hasn't one. $new_file_name = add_ext_on_mime(Database::escape_string($_FILES['picture']['name']), $_FILES['picture']['type']); if (!filter_extension($new_file_name)) { //Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); $image_moved = false; } else { $file_extension = explode('.', $_FILES['picture']['name']); $file_extension = strtolower($file_extension[sizeof($file_extension) - 1]); $new_file_name = uniqid('') . '.' . $file_extension; $new_path = $updir . '/' . $new_file_name; $result = @move_uploaded_file($_FILES['picture']['tmp_name'], $new_path); // Storing the attachments if any if ($result) { $image_moved = true; } } } } if (isset($values['forum_id'])) { $sql_image = isset($sql_image) ? $sql_image : ''; $new_file_name = isset($new_file_name) ? $new_file_name : ''; if ($image_moved) { if (empty($_FILES['picture']['name'])) { $sql_image = " "; } else { $sql_image = " forum_image='" . Database::escape_string($new_file_name) . "', "; delete_forum_image($values['forum_id']); } } // Storing after edition. $sql = "UPDATE " . $table_forums . " SET\n forum_title='" . $clean_title . "',\n " . $sql_image . "\n forum_comment='" . Database::escape_string(stripslashes($values['forum_comment'])) . "',\n forum_category='" . Database::escape_string(stripslashes($values['forum_category'])) . "',\n allow_anonymous='" . Database::escape_string(isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null) . "',\n allow_edit='" . Database::escape_string($values['students_can_edit_group']['students_can_edit']) . "',\n approval_direct_post='" . Database::escape_string(isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null) . "',\n allow_attachments='" . Database::escape_string(isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null) . "',\n allow_new_threads='" . Database::escape_string($values['allow_new_threads_group']['allow_new_threads']) . "',\n forum_group_public_private='" . Database::escape_string($values['public_private_group_forum_group']['public_private_group_forum']) . "',\n default_view='" . Database::escape_string($values['default_view_type_group']['default_view_type']) . "',\n forum_of_group='" . Database::escape_string($values['group_forum']) . "'\n WHERE c_id = {$course_id} AND forum_id = " . intval($values['forum_id']) . ""; Database::query($sql); api_item_property_update($_course, TOOL_FORUM, Database::escape_string($values['forum_id']), 'ForumUpdated', api_get_user_id(), $group_id); $return_message = get_lang('ForumEdited'); } else { $sql_image = ''; if ($image_moved) { $new_file_name = isset($new_file_name) ? $new_file_name : ''; $sql_image = "'" . $new_file_name . "', "; } $b = isset($values['forum_comment']) ? $values['forum_comment'] : null; $sql = "INSERT INTO " . $table_forums . " (c_id, forum_title, forum_image, forum_comment, forum_category, allow_anonymous, allow_edit, approval_direct_post, allow_attachments, allow_new_threads, default_view, forum_of_group, forum_group_public_private, forum_order, session_id)\n VALUES (\n " . $course_id . ",\n '" . $clean_title . "',\n " . $sql_image . "\n '" . Database::escape_string(isset($values['forum_comment']) ? $values['forum_comment'] : null) . "',\n '" . Database::escape_string(isset($values['forum_category']) ? $values['forum_category'] : null) . "',\n '" . Database::escape_string(isset($values['allow_anonymous_group']['allow_anonymous']) ? $values['allow_anonymous_group']['allow_anonymous'] : null) . "',\n '" . Database::escape_string(isset($values['students_can_edit_group']['students_can_edit']) ? $values['students_can_edit_group']['students_can_edit'] : null) . "',\n '" . Database::escape_string(isset($values['approval_direct_group']['approval_direct']) ? $values['approval_direct_group']['approval_direct'] : null) . "',\n '" . Database::escape_string(isset($values['allow_attachments_group']['allow_attachments']) ? $values['allow_attachments_group']['allow_attachments'] : null) . "',\n '" . Database::escape_string(isset($values['allow_new_threads_group']['allow_new_threads']) ? $values['allow_new_threads_group']['allow_new_threads'] : null) . "',\n '" . Database::escape_string(isset($values['default_view_type_group']['default_view_type']) ? $values['default_view_type_group']['default_view_type'] : null) . "',\n '" . Database::escape_string(isset($values['group_forum']) ? $values['group_forum'] : null) . "',\n '" . Database::escape_string(isset($values['public_private_group_forum_group']['public_private_group_forum']) ? $values['public_private_group_forum_group']['public_private_group_forum'] : null) . "',\n '" . Database::escape_string(isset($new_max) ? $new_max : null) . "',\n " . intval($session_id) . ")"; Database::query($sql); $last_id = Database::insert_id(); if ($last_id > 0) { api_item_property_update($_course, TOOL_FORUM, $last_id, 'ForumAdded', api_get_user_id(), $group_id); api_set_default_visibility($last_id, TOOL_FORUM, $group_id); } $return_message = get_lang('ForumAdded'); } return $return_message; }