/**
* Delete Forum.
* If Forum has Sub Forum, deletion will give you a move form.
* If Forum has no Sub Forum, it will prune itself and delete itself.
*
*/
private function validate_forum_removal()
{
global $aidlink;
if (isset($_GET['forum_id']) && isnum($_GET['forum_id']) && isset($_GET['forum_cat']) && isnum($_GET['forum_cat'])) {
$forum_count = dbcount("('forum_id')", DB_FORUMS, "forum_cat='" . $_GET['forum_id'] . "'");
if ($forum_count >= 1) {
// Delete forum
/**
* $action_data
* 'forum_id' - current forum id
* 'forum_branch' - the branch id
* 'threads_to_forum' - target destination where all threads should move to
* 'delete_threads' - if delete threads are checked
* 'subforum_to_forum' - target destination where all subforums should move to
* 'delete_forum' - if delete all subforums are checked
*/
if (isset($_POST['forum_remove'])) {
$action_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, 'forum_id') : 0, 'forum_branch' => isset($_POST['forum_branch']) ? form_sanitizer($_POST['forum_branch'], 0, 'forum_branch') : 0, 'threads_to_forum' => isset($_POST['move_threads']) ? form_sanitizer($_POST['move_threads'], 0, 'move_threads') : '', 'delete_threads' => isset($_POST['delete_threads']) ? 1 : 0, 'subforums_to_forum' => isset($_POST['move_forums']) ? form_sanitizer($_POST['move_forums'], 0, 'move_forums') : '', 'delete_forums' => isset($_POST['delete_forums']) ? 1 : 0);
if (self::verify_forum($action_data['forum_id'])) {
// Threads and Posts action
if (!$action_data['delete_threads'] && $action_data['threads_to_forum']) {
//dbquery("UPDATE ".DB_FORUM_THREADS." SET forum_id='".$action_data['threads_to_forum']."' WHERE forum_id='".$action_data['forum_id']."'");
dbquery("UPDATE " . DB_FORUM_POSTS . " SET forum_id='" . $action_data['threads_to_forum'] . "' WHERE forum_id='" . $action_data['forum_id'] . "'");
} elseif ($action_data['delete_threads']) {
// remove all threads and all posts in this forum.
self::prune_attachment($action_data['forum_id']);
// wipe
self::prune_posts($action_data['forum_id']);
// wipe
self::prune_threads($action_data['forum_id']);
// wipe
self::recalculate_post($action_data['forum_id']);
// wipe
} else {
\defender::stop();
addNotice('danger', self::$locale['forum_notice_na']);
}
// Subforum action
if (!$action_data['delete_forums'] && $action_data['subforums_to_forum']) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_cat='" . $action_data['subforums_to_forum'] . "', forum_branch='" . get_hkey(DB_FORUMS, 'forum_id', 'forum_cat', $action_data['subforums_to_forum']) . "'\n\t\t\t\t" . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " forum_cat='" . $action_data['forum_id'] . "'");
} elseif (!$action_data['delete_forums']) {
\defender::stop();
addNotice('danger', self::$locale['forum_notice_na']);
}
} else {
\defender::stop();
addNotice('error', self::$locale['forum_notice_na']);
}
self::prune_forums($action_data['forum_id']);
addNotice('info', self::$locale['forum_notice_5']);
redirect(FUSION_SELF . $aidlink);
}
self::display_forum_move_form();
} else {
self::prune_attachment($_GET['forum_id']);
self::prune_posts($_GET['forum_id']);
self::prune_threads($_GET['forum_id']);
self::recalculate_post($_GET['forum_id']);
dbquery("DELETE FROM " . DB_FORUMS . " WHERE forum_id='" . intval($_GET['forum_id']) . "'");
addNotice('info', self::$locale['forum_notice_5']);
redirect(FUSION_SELF . $aidlink);
}
}
}
function get_hkey($db, $id_col, $cat_col, $parent_id)
{
$hkey =& $hkey;
$query = "SELECT {$id_col}, {$cat_col} FROM " . $db . " WHERE {$id_col} = '{$parent_id}' LIMIT 1";
//echo $query;
$result = dbquery($query);
if (dbrows($result) > 0) {
$data = dbarray($result);
if ($data[$cat_col] > 0) {
$hkey = get_hkey($db, $id_col, $cat_col, $data[$cat_col]);
} else {
$hkey = $data[$id_col];
}
} else {
// predict current row.
$rows = dbrows(dbquery("SELECT {$id_col} FROM " . $db . ""));
$hkey = $rows + 1;
}
return $hkey;
}
private function _delete_category()
{
global $aidlink;
$this->locale = fusion_get_locale();
$this->debug = FALSE;
$data = array();
if (isset($_POST['cancel'])) {
redirect(FUSION_SELF . $aidlink);
}
if (isset($_GET['action']) && $_GET['action'] == 'cat_delete' && isset($_GET['cat_id']) && self::validate_fieldCat($_GET['cat_id'])) {
// do action of the interior form
if (isset($_POST['delete_cat'])) {
// get root node
$target_database = '';
$field_list = array();
if (isset($_POST['delete_subcat']) or isset($_POST['delete_field'])) {
if (in_array($_GET['cat_id'], $this->page_list)) {
// this is root.
$result = dbquery("\n SELECT field_cat_id, field_parent, field_cat_db FROM " . $this->category_db . "\n WHERE field_cat_id='" . intval($_GET['cat_id']) . "'\n ");
} else {
// is is not a root.
$result = dbquery("\n SELECT uf.field_cat_id, root.field_cat_db FROM " . $this->category_db . " uf\n\t\t\t\t\t\tLEFT JOIN " . $this->category_db . " root ON uf.field_parent = root.field_cat_id\n\t\t\t\t\t\tWHERE uf.field_cat_id='" . intval($_GET['cat_id']) . "'\n\t\t\t\t\t\t");
}
if ($result == NULL) {
die("no result");
}
if (dbrows($result) > 0) {
$data += dbarray($result);
$target_database = $data['field_cat_db'] ? DB_PREFIX . $data['field_cat_db'] : DB_USERS;
$field_list = fieldgenerator($target_database);
}
if ($this->debug) {
print_p($field_list);
print_p($target_database);
}
}
if (isset($_POST['delete_subcat'])) {
// When deletion of a master page and involving all subcategories
if ($this->debug) {
print_p($this->page[$_GET['cat_id']]);
}
// execute removal on child fields and cats
foreach ($this->page[$_GET['cat_id']] as $arr => $field_category) {
$result = dbquery("\n SELECT field_id, field_name FROM " . $this->field_db . "\n WHERE field_cat='" . $field_category['field_cat_id'] . "'\n ");
// find all child > 1
if (dbrows($result) > 0) {
while ($data = dbarray($result)) {
// remove column from db , and fields
if (in_array($data['field_name'], $field_list)) {
// verify table integrity
if ($this->debug) {
print_p("DROP " . $data['field_name'] . " FROM " . $target_database);
print_p("DELETE " . $data['field_id'] . " FROM " . $this->field_db);
} else {
dbquery("DELETE FROM " . $this->field_db . " WHERE field_id='" . $data['field_id'] . "'");
if (!empty($target_database) && !empty($data['field_name'])) {
self::drop_column($target_database, $data['field_name']);
}
}
}
// remove category.
if ($this->debug) {
print_p("DELETE " . $field_category['field_cat_id'] . " FROM " . $this->category_db);
} else {
dbquery("DELETE FROM " . $this->category_db . " WHERE field_cat_id='" . $field_category['field_cat_id'] . "'");
}
}
// end while
}
}
} elseif (isset($_POST['move_subcat']) && $_POST['move_subcat'] > 0) {
// When deletion to move subcategory
foreach ($this->page[$_GET['cat_id']] as $arr => $field_category) {
$new_parent = form_sanitizer($_POST['move_subcat'], 0, 'move_subcat');
if ($this->debug) {
print_p("MOVED " . $field_category['field_cat_id'] . " TO category " . $new_parent);
print_p("DELETE " . $_GET['cat_id'] . " FROM " . $this->category_db);
} else {
dbquery("UPDATE " . $this->category_db . " SET field_parent='" . $new_parent . "' WHERE field_cat_id='" . $field_category['field_cat_id'] . "'");
}
}
} elseif (isset($_POST['delete_field']) && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
// Delete fields
$this->debug = FALSE;
if ($this->debug) {
print_p('Delete Fields');
}
// Delete Fields - Bug with Isset errors
$result = dbquery("SELECT field_id, field_name FROM " . $this->field_db . " WHERE field_cat='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
while ($data = dbarray($result)) {
if (in_array($data['field_name'], $field_list)) {
// verify table integrity
if ($this->debug) {
print_p("DROP " . $data['field_name'] . " FROM " . $target_database);
print_p("DELETE " . $data['field_id'] . " FROM " . $this->field_db);
} else {
$field_del_sql = "DELETE FROM " . $this->field_db . " WHERE field_id='" . $data['field_id'] . "'";
$field_count = $this->validate_field($data['field_id']);
if ($field_count) {
dbquery($field_del_sql);
}
// drop a column
if (!empty($target_database)) {
self::drop_column($target_database, $data['field_name']);
}
}
}
}
addNotice('success', $this->locale['field_0200']);
redirect(FUSION_SELF . $aidlink);
}
} elseif (!isset($_POST['delete_field']) && isset($_POST['move_field']) && $_POST['move_field'] > 0) {
$rows = dbcount("(field_id)", $this->field_db, "field_cat='" . intval($_GET['cat_id']) . "'");
if ($rows) {
$new_parent = form_sanitizer($_POST['move_field'], 0, 'move_field');
dbquery("UPDATE " . $this->field_db . " SET field_cat='" . intval($new_parent) . "' WHERE field_cat='" . intval($_GET['cat_id']) . "'");
}
}
// Delete the current category
$delete_cat_sql = "DELETE FROM " . $this->category_db . " WHERE field_cat_id='" . intval($_GET['cat_id']) . "'";
if ($this->debug) {
print_p($delete_cat_sql);
} else {
dbquery($delete_cat_sql);
addNotice('success', $this->locale['field_0200']);
redirect(FUSION_SELF . $aidlink);
}
} else {
// show interior form
$field_list = array();
$form_action = FUSION_SELF . $aidlink . "&action=cat_delete&cat_id=" . $_GET['cat_id'];
$result = dbquery("SELECT * FROM " . $this->category_db . " WHERE field_cat_id='" . $_GET['cat_id'] . "' OR field_cat_id='" . get_hkey($this->category_db, "field_cat_id", "field_parent", $_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
$data += dbarray($result);
// get field list - populate child fields of a category.
$result = dbquery("SELECT field_id, field_name, field_cat FROM " . $this->field_db . " WHERE field_cat='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
// get field list.
while ($data = dbarray($result)) {
$field_list[$data['field_cat']][$data['field_id']] = $data['field_name'];
}
}
if (isset($this->page[$data['field_parent']]) or !empty($field_list) && $field_list[$_GET['cat_id']] > 0) {
ob_start();
echo openmodal("delete", $this->locale['fields_0313'], array('class' => 'modal-lg modal-center', 'static' => TRUE));
echo openform('delete_cat_form', 'post', $form_action);
if (isset($this->page[$_GET['cat_id']])) {
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-6'>\n<span class='strong'>" . sprintf($this->locale['fields_0600'], count($this->page[$_GET['cat_id']])) . "</span><br/>\n";
echo "<div class='alert alert-info m-t-10'>\n";
echo "<ol style='list-style:inherit !important; margin-bottom:0;'>\n";
foreach ($this->page[$_GET['cat_id']] as $arr => $field_category) {
echo "<li style='list-style-type:decimal;'>" . self::parse_label($field_category['field_cat_name']) . "</li>\n";
}
echo "</ol>\n";
echo "</div>\n";
echo "</div>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n";
$page_list = $this->page_list;
unset($page_list[$_GET['cat_id']]);
if (count($page_list) > 0) {
echo form_select('move_subcat', $this->locale['fields_0314'], '', array("options" => $page_list));
}
echo form_checkbox('delete_subcat', $this->locale['fields_0315'], count($page_list) < 1 ? TRUE : FALSE);
echo "</div></div>";
}
if (isset($field_list[$_GET['cat_id']])) {
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n<span class='strong'>" . sprintf($this->locale['fields_0601'], count($field_list[$_GET['cat_id']])) . "</span><br/>\n";
echo "<div class='well strong m-t-10'>\n";
foreach ($field_list[$_GET['cat_id']] as $arr => $field) {
echo "- " . $field . "<br/>\n";
}
echo "</div>\n";
echo "</div>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n";
$exclude_list[] = $_GET['cat_id'];
foreach ($this->page_list as $page_id => $page_name) {
$exclude_list[] = $page_id;
}
echo form_select_tree('move_field', $this->locale['fields_0316'], '', array('no_root' => 1, 'disable_opts' => $exclude_list), $this->category_db, 'field_cat_name', 'field_cat_id', 'field_parent');
echo form_checkbox('delete_field', $this->locale['fields_0317'], '');
echo "</div></div>";
}
echo form_button('delete_cat', $this->locale['fields_0313'], $this->locale['fields_0313'], array('class' => 'btn-danger btn-sm'));
echo form_button('cancel', $this->locale['cancel'], $this->locale['cancel'], array('class' => 'btn-default m-l-10 btn-sm'));
echo closeform();
echo closemodal();
add_to_footer(ob_get_contents());
ob_end_clean();
}
} else {
if ($this->debug) {
notify('Cat ID was not found. Please check again.', 'Category ID was not found. Please check again.');
} else {
redirect(FUSION_SELF . $aidlink);
}
}
}
}
}
/**
* MYSQL update and save forum
*/
private function set_forumDB()
{
global $aidlink, $locale;
if (isset($_POST['save_forum'])) {
$this->data = array('forum_id' => form_sanitizer($_POST['forum_id'], 0, 'forum_id'), 'forum_name' => form_sanitizer($_POST['forum_name'], '', 'forum_name'), 'forum_description' => form_sanitizer($_POST['forum_description'], '', 'forum_description'), 'forum_cat' => form_sanitizer($_POST['forum_cat'], 0, 'forum_cat'), 'forum_type' => form_sanitizer($_POST['forum_type'], '', 'forum_type'), 'forum_language' => form_sanitizer($_POST['forum_language'], '', 'forum_language'), 'forum_alias' => form_sanitizer($_POST['forum_alias'], '', 'forum_alias'), 'forum_meta' => form_sanitizer($_POST['forum_meta'], '', 'forum_meta'), 'forum_rules' => form_sanitizer($_POST['forum_rules'], '', 'forum_rules'), 'forum_image_enable' => isset($_POST['forum_image_enable']) ? 1 : 0, 'forum_merge' => isset($_POST['forum_merge']) ? 1 : 0, 'forum_allow_attach' => isset($_POST['forum_allow_attach']) ? 1 : 0, 'forum_quick_edit' => isset($_POST['forum_quick_edit']) ? 1 : 0, 'forum_allow_poll' => isset($_POST['forum_allow_poll']) ? 1 : 0, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_users' => isset($_POST['forum_users']) ? 1 : 0, 'forum_lock' => isset($_POST['forum_lock']) ? 1 : 0, 'forum_permissions' => isset($_POST['forum_permissions']) ? form_sanitizer($_POST['forum_permissions'], 0, 'forum_permissions') : 0, 'forum_order' => isset($_POST['forum_order']) ? form_sanitizer($_POST['forum_order']) : '', 'forum_branch' => get_hkey(DB_FORUMS, 'forum_id', 'forum_cat', $this->data['forum_cat']), 'forum_image' => '', 'forum_mods' => "");
$this->data['forum_alias'] = $this->data['forum_alias'] ? str_replace(' ', '-', $this->data['forum_alias']) : '';
// Checks for unique forum alias
if ($this->data['forum_alias']) {
if ($this->data['forum_id']) {
$alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "' AND alias_item_id !='" . $this->data['forum_id'] . "'");
} else {
$alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "'");
}
if ($alias_check) {
\defender::stop();
addNotice('warning', $locale['forum_error_6']);
}
}
// check forum name unique
$this->data['forum_name'] = self::check_validForumName($this->data['forum_name'], $this->data['forum_id']);
// Uploads or copy forum image or use back the forum image existing
if (!empty($_FILES) && is_uploaded_file($_FILES['forum_image']['tmp_name'])) {
$upload = form_sanitizer($_FILES['forum_image'], '', 'forum_image');
if ($upload['error'] == 0) {
if (!empty($upload['thumb1_name'])) {
$this->data['forum_image'] = $upload['thumb1_name'];
} else {
$this->data['forum_image'] = $upload['image_name'];
}
}
} elseif (isset($_POST['forum_image_url']) && $_POST['forum_image_url'] != "") {
require_once INCLUDES . "photo_functions_include.php";
// if forum_image_header is not empty
$type_opts = array('0' => BASEDIR, '1' => '');
// the url
$this->data['forum_image'] = $type_opts[intval($_POST['forum_image_header'])] . form_sanitizer($_POST['forum_image_url'], '', 'forum_image_url');
$upload = copy_file($this->data['forum_image'], FORUM . "images/");
if ($upload['error'] == TRUE) {
\defender::stop();
addNotice('danger', $locale['forum_error_9']);
} else {
$this->data['forum_image'] = $upload['name'];
}
} else {
$this->data['forum_image'] = isset($_POST['forum_image']) ? form_sanitizer($_POST['forum_image'], '', 'forum_image') : "";
}
if (!$this->data['forum_id']) {
$this->data += array('forum_access' => USER_LEVEL_PUBLIC, 'forum_post' => USER_LEVEL_MEMBER, 'forum_reply' => USER_LEVEL_MEMBER, 'forum_post_ratings' => USER_LEVEL_MEMBER, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_vote' => USER_LEVEL_MEMBER, 'forum_mods' => "");
}
// Set last order
if (!$this->data['forum_order']) {
$this->data['forum_order'] = dbresult(dbquery("SELECT MAX(forum_order) FROM " . DB_FORUMS . " " . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " forum_cat='" . $this->data['forum_cat'] . "'"), 0) + 1;
}
if (\defender::safe()) {
if (self::verify_forum($this->data['forum_id'])) {
$result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', $this->data['forum_id'], 'forum_id', $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'update');
if ($result) {
dbquery_insert(DB_FORUMS, $this->data, 'update');
}
addNotice('success', $locale['forum_notice_9']);
redirect(FUSION_SELF . $aidlink . $this->ext);
} else {
$new_forum_id = 0;
$result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', FALSE, FALSE, $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'save');
if ($result) {
dbquery_insert(DB_FORUMS, $this->data, 'save');
$new_forum_id = dblastid();
}
if ($this->data['forum_cat'] == 0) {
redirect(FUSION_SELF . $aidlink . "&action=p_edit&forum_id=" . $new_forum_id . "&parent_id=0");
} else {
switch ($this->data['forum_type']) {
case '1':
addNotice('success', $locale['forum_notice_1']);
break;
case '2':
addNotice('success', $locale['forum_notice_2']);
break;
case '3':
addNotice('success', $locale['forum_notice_3']);
break;
case '4':
addNotice('success', $locale['forum_notice_4']);
break;
}
redirect(FUSION_SELF . $aidlink . $this->ext);
}
}
}
}
}
/**
* Get Tree Root ID of a child via SQL
* Alternative function to get a root of a specific item when dbtree is not available
* @param $db
* @param $id_col
* @param $cat_col
* @param $parent_id
* @return int
*/
function get_hkey($db, $id_col, $cat_col, $parent_id)
{
$hkey =& $hkey;
$result = dbquery("SELECT {$id_col}, {$cat_col} FROM " . $db . " WHERE {$id_col} = '{$parent_id}' LIMIT 1");
if (dbrows($result) > 0) {
$data = dbarray($result);
if ($data[$cat_col] > 0) {
$hkey = get_hkey($db, $id_col, $cat_col, $data[$cat_col]);
} else {
$hkey = $data[$id_col];
}
} else {
// predict current row.
$rows = dbarray(dbquery("SELECT MAX({$id_col}) as row FROM " . $db . ""));
$rows = $rows['row'];
$hkey = $rows + 1;
}
return (int) $hkey;
}
