function add_feedback_form_submit(Pieform $form, $values) { global $view, $artefact, $USER; $data = (object) array('title' => get_string('Comment', 'artefact.comment'), 'description' => $values['message']); if ($artefact) { $data->onartefact = $artefact->get('id'); $data->owner = $artefact->get('owner'); $data->group = $artefact->get('group'); $data->institution = $artefact->get('institution'); } else { $data->onview = $view->get('id'); $data->owner = $view->get('owner'); $data->group = $view->get('group'); $data->institution = $view->get('institution'); } if ($author = $USER->get('id')) { $anonymous = false; $data->author = $author; } else { $anonymous = true; $data->authorname = $values['authorname']; } if (isset($values['moderate']) && $values['ispublic'] && !$USER->can_edit_view($view)) { $data->private = 1; $data->requestpublic = 'author'; $moderated = true; } else { $data->private = (int) (!$values['ispublic']); $moderated = false; } $private = $data->private; if (get_config('licensemetadata')) { $data->license = $values['license']; $data->licensor = $values['licensor']; $data->licensorurl = $values['licensorurl']; } if (isset($values['rating'])) { $data->rating = valid_rating($values['rating']); } $comment = new ArtefactTypeComment(0, $data); db_begin(); $comment->commit(); $url = $comment->get_view_url($view->get('id'), true, false); $goto = get_config('wwwroot') . $url; if (isset($data->requestpublic) && $data->requestpublic === 'author' && $data->owner) { $arg = $author ? display_name($USER, null, true) : $data->authorname; $moderatemsg = (object) array('subject' => false, 'message' => false, 'strings' => (object) array('subject' => (object) array('key' => 'makepublicrequestsubject', 'section' => 'artefact.comment', 'args' => array()), 'message' => (object) array('key' => 'makepublicrequestbyauthormessage', 'section' => 'artefact.comment', 'args' => array(hsc($arg))), 'urltext' => (object) array('key' => 'Comment', 'section' => 'artefact.comment')), 'users' => array($data->owner), 'url' => $url); } if (!empty($values['attachments']) && is_array($values['attachments']) && !empty($data->author)) { require_once get_config('libroot') . 'uploadmanager.php'; safe_require('artefact', 'file'); $ownerlang = empty($data->owner) ? get_config('lang') : get_user_language($data->owner); $folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'artefact.comment'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'artefact.comment'), null, true, $data->owner, $data->group, $data->institution); $attachment = (object) array('owner' => $data->owner, 'group' => $data->group, 'institution' => $data->institution, 'author' => $data->author, 'allowcomments' => 0, 'parent' => $folderid, 'description' => get_string_from_language($ownerlang, 'feedbackonviewbyuser', 'artefact.comment', $view->get('title'), display_name($USER))); foreach ($values['attachments'] as $filesindex) { $originalname = $_FILES[$filesindex]['name']; $attachment->title = ArtefactTypeFileBase::get_new_file_title($originalname, $folderid, $data->owner, $data->group, $data->institution); try { $fileid = ArtefactTypeFile::save_uploaded_file($filesindex, $attachment); } catch (QuotaExceededException $e) { if ($data->owner == $USER->get('id')) { $form->reply(PIEFORM_ERR, array('message' => $e->getMessage())); } redirect($goto); } catch (UploadException $e) { $form->reply(PIEFORM_ERR, array('message' => $e->getMessage())); redirect($goto); } $comment->attach($fileid); } } require_once 'activity.php'; $data = (object) array('commentid' => $comment->get('id'), 'viewid' => $view->get('id')); activity_occurred('feedback', $data, 'artefact', 'comment'); if (isset($moderatemsg)) { activity_occurred('maharamessage', $moderatemsg); } db_commit(); $newlist = ArtefactTypeComment::get_comments(10, 0, 'last', $view, $artefact); // If you're anonymous and your message is moderated or private, then you won't // be able to tell what happened to it. So we'll provide some more explanation in // the feedback message. if ($anonymous && $moderated) { $message = get_string('feedbacksubmittedmoderatedanon', 'artefact.comment'); } else { if ($anonymous && $private) { $message = get_string('feedbacksubmittedprivateanon', 'artefact.comment'); } else { $message = get_string('feedbacksubmitted', 'artefact.comment'); } } $form->reply(PIEFORM_OK, array('message' => $message, 'goto' => $goto, 'data' => $newlist)); }
public function default_parent_for_copy(&$view, &$template, $artefactstoignore) { static $folderid; if (!empty($folderid)) { return $folderid; } $viewfilesfolder = ArtefactTypeFolder::get_folder_id(get_string('viewfilesdirname', 'view'), get_string('viewfilesdirdesc', 'view'), null, true, $view->get('owner'), $view->get('group'), $view->get('institution'), $artefactstoignore); $foldername = $view->get('id'); $existing = get_column_sql("\n SELECT title\n FROM {artefact}\n WHERE parent = ? AND title LIKE ? || '%'", array($viewfilesfolder, $foldername)); $sep = ''; $ext = ''; if ($existing) { while (in_array($foldername . $sep . $ext, $existing)) { $sep = '-'; $ext++; } } $data = (object) array('title' => $foldername . $sep . $ext, 'description' => get_string('filescopiedfromviewtemplate', 'view', $template->get('title')), 'owner' => $view->get('owner'), 'group' => $view->get('group'), 'institution' => $view->get('institution'), 'parent' => $viewfilesfolder); $folder = new ArtefactTypeFolder(0, $data); $folder->commit(); $folderid = $folder->get('id'); return $folderid; }
/** * Grab a delegate object for auth stuff */ public function request_user_authorise($token, $remotewwwroot) { global $USER, $SESSION; $this->must_be_ready(); $peer = get_peer($remotewwwroot); if ($peer->deleted != 0 || $this->config['theyssoin'] != 1) { throw new XmlrpcClientException('We don\'t accept SSO connections from ' . institution_display_name($peer->institution)); } $client = new Client(); $client->set_method('auth/mnet/auth.php/user_authorise')->add_param($token)->add_param(sha1($_SERVER['HTTP_USER_AGENT']))->send($remotewwwroot); $remoteuser = (object) $client->response; if (empty($remoteuser) or !property_exists($remoteuser, 'username')) { // Caught by land.php throw new AccessDeniedException(); } $create = false; $update = false; if ('1' == $this->config['updateuserinfoonlogin']) { $update = true; } // Retrieve a $user object. If that fails, create a blank one. try { $user = new User(); if (get_config('usersuniquebyusername')) { // When turned on, this setting means that it doesn't matter // which other application the user SSOs from, they will be // given the same account in Mahara. // // This setting is one that has security implications unless // only turned on by people who know what they're doing. In // particular, every system linked to Mahara should be making // sure that same username == same person. This happens for // example if two Moodles are using the same LDAP server for // authentication. // // If this setting is on, it must NOT be possible to self // register on the site for ANY institution - otherwise users // could simply pick usernames of people's accounts they wished // to steal. if ($institutions = get_column('institution', 'name', 'registerallowed', '1')) { log_warn("usersuniquebyusername is turned on but registration is allowed for an institution. " . "No institution can have registration allowed for it, for security reasons.\n" . "The following institutions have registration enabled:\n " . join("\n ", $institutions)); throw new AccessDeniedException(); } if (!get_config('usersallowedmultipleinstitutions')) { log_warn("usersuniquebyusername is turned on but usersallowedmultipleinstitutions is off. " . "This makes no sense, as users will then change institution every time they log in from " . "somewhere else. Please turn this setting on in Site Options"); throw new AccessDeniedException(); } $user->find_by_username($remoteuser->username); } else { $user->find_by_instanceid_username($this->instanceid, $remoteuser->username, true); } if ($user->get('suspendedcusr')) { die_info(get_string('accountsuspended', 'mahara', strftime(get_string('strftimedaydate'), $user->get('suspendedctime')), $user->get('suspendedreason'))); } } catch (AuthUnknownUserException $e) { if (!empty($this->config['weautocreateusers'])) { $institution = new Institution($this->institution); if ($institution->isFull()) { $institution->send_admin_institution_is_full_message(); throw new XmlrpcClientException('SSO attempt from ' . $institution->displayname . ' failed - institution is full'); } $user = new User(); $create = true; } else { log_debug("User authorisation request from {$remotewwwroot} failed - " . "remote user '{$remoteuser->username}' is unknown to us and auto creation of users is turned off"); return false; } } /*******************************************/ if ($create) { $user->passwordchange = 1; $user->active = 1; $user->deleted = 0; //TODO: import institution's expiry?: //$institution = new Institution($peer->institution); $user->expiry = null; $user->expirymailsent = 0; $user->lastlogin = time(); $user->firstname = $remoteuser->firstname; $user->lastname = $remoteuser->lastname; $user->email = $remoteuser->email; $imported = array('firstname', 'lastname', 'email'); //TODO: import institution's per-user-quota?: //$user->quota = $userrecord->quota; $user->authinstance = empty($this->config['parent']) ? $this->instanceid : $this->parent; db_begin(); $user->username = get_new_username($remoteuser->username); $user->id = create_user($user, array(), $this->institution, $this, $remoteuser->username); $locked = $this->import_user_settings($user, $remoteuser); $locked = array_merge($imported, $locked); /* * We need to convert the object to a stdclass with its own * custom method because it uses overloaders in its implementation * and its properties wouldn't be visible to a simple cast operation * like (array)$user */ $userobj = $user->to_stdclass(); $userarray = (array) $userobj; db_commit(); // Now we have fired the create event, we need to re-get the data // for this user $user = new User(); $user->find_by_id($userobj->id); } elseif ($update) { $imported = array('firstname', 'lastname', 'email'); foreach ($imported as $field) { if ($user->{$field} != $remoteuser->{$field}) { $user->{$field} = $remoteuser->{$field}; set_profile_field($user->id, $field, $user->{$field}); } } if (isset($remoteuser->idnumber)) { if ($user->studentid != $remoteuser->idnumber) { $user->studentid = $remoteuser->idnumber; set_profile_field($user->id, 'studentid', $user->studentid); } $imported[] = 'studentid'; } $locked = $this->import_user_settings($user, $remoteuser); $locked = array_merge($imported, $locked); $user->lastlastlogin = $user->lastlogin; $user->lastlogin = time(); //TODO: import institution's per-user-quota?: //$user->quota = $userrecord->quota; $user->commit(); } if (get_config('usersuniquebyusername')) { // Add them to the institution they have SSOed in by $user->join_institution($peer->institution); } // See if we need to create/update a profile Icon image if ($create || $update) { $client->set_method('auth/mnet/auth.php/fetch_user_image')->add_param($remoteuser->username)->send($remotewwwroot); $imageobject = (object) $client->response; $u = preg_replace('/[^A-Za-z0-9 ]/', '', $user->username); $filename = get_config('dataroot') . 'temp/mpi_' . intval($this->instanceid) . '_' . $u; if (array_key_exists('f1', $client->response)) { $imagecontents = base64_decode($client->response['f1']); if (file_put_contents($filename, $imagecontents)) { $imageexists = false; $icons = false; if ($update) { $newchecksum = sha1_file($filename); $icons = get_records_select_array('artefact', 'artefacttype = \'profileicon\' AND owner = ? ', array($user->id), '', 'id'); if (false != $icons) { foreach ($icons as $icon) { $iconfile = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $icon->id % 256 . '/' . $icon->id; $checksum = sha1_file($iconfile); if ($newchecksum == $checksum) { $imageexists = true; unlink($filename); break; } } } } if (false == $imageexists) { $filesize = filesize($filename); if (!$user->quota_allowed($filesize)) { $error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot')); } require_once 'file.php'; $imagesize = getimagesize($filename); if (!$imagesize || !is_image_type($imagesize[2])) { $error = get_string('filenotimage'); } $mime = $imagesize['mime']; $width = $imagesize[0]; $height = $imagesize[1]; $imagemaxwidth = get_config('imagemaxwidth'); $imagemaxheight = get_config('imagemaxheight'); if ($width > $imagemaxwidth || $height > $imagemaxheight) { $error = get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight); } try { $user->quota_add($filesize); } catch (QuotaException $qe) { $error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot')); } require_once get_config('docroot') . '/artefact/lib.php'; require_once get_config('docroot') . '/artefact/file/lib.php'; // Entry in artefact table $artefact = new ArtefactTypeProfileIcon(); $artefact->set('owner', $user->id); $artefact->set('parent', ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $user->id)); $artefact->set('title', ArtefactTypeFileBase::get_new_file_title(get_string('profileicon', 'artefact.file'), (int) $artefact->get('parent'), $user->id)); // unique title $artefact->set('description', get_string('uploadedprofileicon', 'artefact.file')); $artefact->set('note', get_string('profileicon', 'artefact.file')); $artefact->set('size', $filesize); $artefact->set('filetype', $mime); $artefact->set('width', $width); $artefact->set('height', $height); $artefact->commit(); $id = $artefact->get('id'); // Move the file into the correct place. $directory = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $id % 256 . '/'; check_dir_exists($directory); rename($filename, $directory . $id); if ($create || empty($icons)) { $user->profileicon = $id; } } $user->commit(); } else { log_warn(get_string('cantcreatetempprofileiconfile', 'artefact.file', $filename)); } } if ($update) { $locked[] = 'profileicon'; } } /*******************************************/ // We know who our user is now. Bring her back to life. $USER->reanimate($user->id, $this->instanceid); // Set session variables to let the application know this session was // initiated by MNET. Don't forget that users could initiate their // sessions without MNET sometimes, which is why this data is stored in // the session object. $SESSION->set('mnetuser', $user->id); $SESSION->set('authinstance', $this->instanceid); if (isset($_SERVER['HTTP_REFERER'])) { $SESSION->set('mnetuserfrom', $_SERVER['HTTP_REFERER']); } if ($update && isset($locked)) { $SESSION->set('lockedfields', $locked); } return true; }
function add_feedback_form_submit(Pieform $form, $values) { global $view, $artefact, $USER; $data = new StdClass(); $data->view = $view->get('id'); if ($artefact) { $data->artefact = $artefact->get('id'); $table = 'artefact_feedback'; } else { $table = 'view_feedback'; } $data->message = $values['message']; $data->public = (int) $values['ispublic']; $data->author = $USER->get('id'); if (!$data->author) { unset($data->author); $data->authorname = $values['authorname']; } $data->ctime = db_format_timestamp(time()); db_begin(); if (is_array($values['attachment'])) { require_once get_config('libroot') . 'group.php'; require_once get_config('libroot') . 'uploadmanager.php'; safe_require('artefact', 'file'); $groupid = $view->get('submittedgroup'); if (group_user_can_assess_submitted_views($groupid, $USER->get('id'))) { $um = new upload_manager('attachment'); if ($error = $um->preprocess_file()) { throw new UploadException($error); } $owner = $view->get('owner'); $ownerlang = get_user_language($owner); $folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'view'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'view'), null, true, $owner); $attachment = (object) array('owner' => $owner, 'parent' => $folderid, 'title' => ArtefactTypeFileBase::get_new_file_title($values['attachment']['name'], $folderid, $owner), 'size' => $values['attachment']['size'], 'filetype' => $values['attachment']['type'], 'oldextensin' => $um->original_filename_extension(), 'description' => get_string_from_language($ownerlang, 'feedbackonviewbytutorofgroup', 'view', $view->get('title'), display_name($USER), get_field('group', 'name', 'id', $groupid))); try { $data->attachment = ArtefactTypeFile::save_uploaded_file('attachment', $attachment); } catch (QuotaExceededException $e) { } } } insert_record($table, $data, 'id', true); require_once 'activity.php'; unset($data->id); activity_occurred('feedback', $data); db_commit(); if ($artefact) { $goto = get_config('wwwroot') . 'view/artefact.php?artefact=' . $artefact->get('id') . '&view=' . $view->get('id'); } else { $goto = get_config('wwwroot') . 'view/view.php?id=' . $view->get('id'); } $form->reply(PIEFORM_OK, array('message' => get_string('feedbacksubmitted', 'view'), 'goto' => $goto)); }
function upload_submit(Pieform $form, $values) { global $USER, $filesize; safe_require('artefact', 'file'); try { $USER->quota_add($filesize); } catch (QuotaException $qe) { $form->json_reply(PIEFORM_ERR, array('message' => get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot')))); } // Entry in artefact table $data = new stdClass(); $data->owner = $USER->id; $data->parent = ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $USER->id); $data->title = $values['title'] ? $values['title'] : $values['file']['name']; $data->title = ArtefactTypeFileBase::get_new_file_title($data->title, (int) $data->parent, $USER->id); // unique title $data->note = $values['file']['name']; $data->size = $filesize; $imageinfo = getimagesize($values['file']['tmp_name']); $data->width = $imageinfo[0]; $data->height = $imageinfo[1]; $data->filetype = $imageinfo['mime']; $data->description = get_string('uploadedprofileicon', 'artefact.file'); $artefact = new ArtefactTypeProfileIcon(0, $data); if (preg_match("/\\.([^\\.]+)\$/", $values['file']['name'], $saved)) { $artefact->set('oldextension', $saved[1]); } $artefact->commit(); $id = $artefact->get('id'); // Move the file into the correct place. $directory = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $id % 256 . '/'; check_dir_exists($directory); move_uploaded_file($values['file']['tmp_name'], $directory . $id); $USER->commit(); $form->json_reply(PIEFORM_OK, get_string('profileiconaddedtoimagesfolder', 'artefact.file', get_string('imagesdir', 'artefact.file'))); }
public function add_artefacts() { // we're just adding them as files into an 'incoming' directory in the user's file area. safe_require('artefact', 'file'); try { $this->importdir = ArtefactTypeFolder::get_folder_id('incoming', get_string('incomingfolderdesc'), null, true, $this->get('usr')); } catch (Exception $e) { throw new ImportException($e->getMessage()); } $savedfiles = array(); // to put files into so we can delete them should we encounter an exception foreach ($this->files as $f) { try { $data = (object) array('title' => $f->wantsfilename, 'description' => $f->wantsfilename . ' (' . get_string('importedfrom', 'mahara', $this->get('importertransport')->get_description()) . ')', 'parent' => $this->importdir, 'owner' => $this->get('usr'), 'container' => 0, 'locked' => 0); if ($imagesize = getimagesize($this->tempdir . 'extract/' . $f->actualfilename)) { $mime = $imagesize['mime']; $data->filetype = $mime; } $id = ArtefactTypeFile::save_file($this->tempdir . 'extract/' . $f->actualfilename, $data, $this->get('usrobj'), true); if (empty($id)) { throw new ImportException("Failed to create new artefact for {$f->sha1}"); } $savedfiles[] = $id; } catch (Exception $e) { foreach ($savedfiles as $fileid) { $tmp = artefact_instance_from_id($fileid); $tmp->delete(); } throw new ImportException('Failed to create some new artefacts'); } } $this->artefacts = $savedfiles; }
/** * Logic shared by create_file_from_request() and create_file(). This actually takes the data and processes it into a file artefact * @param object $data * @param PluginImportLeap $importer * @param int $parent * @param SimplexMLElement $entry * @param unknown_type $entry_request * @return PluginArtefactFile * @throws ImportException */ private static function create_file_from_entry_data($data, PluginImportLeap $importer, $entryid, $fromrequest = false) { global $USER; if ($fromrequest) { $usr = $USER; } else { $usr = $importer->get('usrobj'); } $data->oldextension = end(explode('.', $data->title)); // This API sucks, but that's not my problem if (!($id = ArtefactTypeFile::save_file($data->pathname, $data, $usr, true))) { $importer->trace("WARNING: the file for entry {$entryid} does not exist in the import (path={$data->pathname})"); return false; } $artefact = artefact_instance_from_id($id); $artefact->set('tags', $data->tags); if ($fromrequest) { $artefact->set('mtime', $data->mtime); } else { // Work around that save_file doesn't let us set the mtime $artefact->set('mtime', strtotime($data->mtime)); } // Now that we've actually imported the file, let's check to see whether it was an image, before making it a real profile icon $isprofileicon = $data->isprofileicon && $artefact->get('artefacttype') == 'image'; if ($isprofileicon) { $artefact->set('artefacttype', 'profileicon'); // Put profile pic in 'profile pics' folder $artefact->set('parent', ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $importer->get('usr'))); // Sadly the process for creating a profile icon is a bit dumb. To // be honest, it shouldn't even be a separate artefact type $basedir = get_config('dataroot') . 'artefact/file/'; $olddir = 'originals/' . $id % 256 . '/'; $newdir = 'profileicons/originals/' . $id % 256 . '/'; check_dir_exists($basedir . $newdir); if (!rename($basedir . $olddir . $id, $basedir . $newdir . $id)) { throw new ImportException($importer, 'TODO: get_string: was unable to move profile icon'); } } $artefact->commit(); return $artefact; }
function add_feedback_form_submit(Pieform $form, $values) { global $view, $artefact, $USER; require_once 'embeddedimage.php'; $data = (object) array('title' => get_string('Comment', 'artefact.comment'), 'description' => $values['message']); if ($artefact) { $data->onartefact = $artefact->get('id'); $data->owner = $artefact->get('owner'); $data->group = $artefact->get('group'); $data->institution = $artefact->get('institution'); $onvieworartefactstr = "onartefact = {$data->onartefact}"; } else { $data->onview = $view->get('id'); $data->owner = $view->get('owner'); $data->group = $view->get('group'); $data->institution = $view->get('institution'); $onvieworartefactstr = "onview = {$data->onview}"; } $owner = $data->owner; $author = null; if ($author = $USER->get('id')) { $anonymous = false; $data->author = $author; } else { $anonymous = true; $data->authorname = $values['authorname']; } if (isset($values['moderate']) && $values['ispublic'] && !$USER->can_edit_view($view)) { $data->private = 1; $data->requestpublic = 'author'; $moderated = true; } else { $data->private = (int) (!$values['ispublic']); $moderated = false; } $private = $data->private; if (get_config('licensemetadata')) { $data->license = $values['license']; $data->licensor = $values['licensor']; $data->licensorurl = $values['licensorurl']; } if (isset($values['rating'])) { $data->rating = valid_rating($values['rating']); } if ($values['replyto'] && ($pcomment = artefact_instance_from_id($values['replyto']))) { $data->parent = $pcomment->get('id'); $grandparentid = $pcomment->get('parent'); // Find the position for the new comment // Find the last offspring of the parent $parentid = $data->parent; $data->threadedposition = $pcomment->get('threadedposition'); while ($lastchild = get_records_sql_array(' SELECT c.artefact, c.threadedposition FROM {artefact_comment_comment} c INNER JOIN {artefact} a ON a.id = c.artefact WHERE ' . $onvieworartefactstr . ' AND a.parent = ? ORDER BY c.threadedposition DESC LIMIT 1', array($parentid))) { $parentid = $lastchild[0]->artefact; $data->threadedposition = $lastchild[0]->threadedposition; } $data->threadedposition++; // Increase the threaded position of following comments by 1 execute_sql(' UPDATE {artefact_comment_comment} SET threadedposition = threadedposition + 1 WHERE ' . $onvieworartefactstr . ' AND threadedposition >= ?', array($data->threadedposition)); } if (!isset($data->threadedposition)) { $lastcomment = get_record_sql(' SELECT max(threadedposition) AS lastposition FROM {artefact_comment_comment} c WHERE ' . $onvieworartefactstr); $data->threadedposition = $lastcomment->lastposition ? $lastcomment->lastposition + 1 : 1; } $comment = new ArtefactTypeComment(0, $data); db_begin(); $comment->commit(); $newdescription = EmbeddedImage::prepare_embedded_images($values['message'], 'comment', $comment->get('id'), $data->group); if ($newdescription !== $values['message']) { $updatedcomment = new stdClass(); $updatedcomment->id = $comment->get('id'); $updatedcomment->description = $newdescription; update_record('artefact', $updatedcomment, 'id'); } $url = $comment->get_view_url($view->get('id'), true, false); $goto = get_config('wwwroot') . $url; if (isset($data->requestpublic) && $data->requestpublic === 'author' && $data->owner) { $arg = $author ? display_name($USER, null, true) : $data->authorname; $moderatemsg = (object) array('subject' => false, 'message' => false, 'strings' => (object) array('subject' => (object) array('key' => 'makepublicrequestsubject', 'section' => 'artefact.comment', 'args' => array()), 'message' => (object) array('key' => 'makepublicrequestbyauthormessage', 'section' => 'artefact.comment', 'args' => array(hsc($arg))), 'urltext' => (object) array('key' => 'Comment', 'section' => 'artefact.comment')), 'users' => array($data->owner), 'url' => $url); } if (!empty($values['attachments']) && is_array($values['attachments']) && !empty($data->author)) { require_once get_config('libroot') . 'uploadmanager.php'; safe_require('artefact', 'file'); $ownerlang = empty($data->owner) ? get_config('lang') : get_user_language($data->owner); $folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'artefact.comment'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'artefact.comment'), null, true, $data->owner, $data->group, $data->institution); $attachment = (object) array('owner' => $data->owner, 'group' => $data->group, 'institution' => $data->institution, 'author' => $data->author, 'allowcomments' => 0, 'parent' => $folderid, 'description' => get_string_from_language($ownerlang, 'feedbackonviewbyuser', 'artefact.comment', $view->get('title'), display_name($USER))); foreach ($values['attachments'] as $filesindex) { $originalname = $_FILES[$filesindex]['name']; $attachment->title = ArtefactTypeFileBase::get_new_file_title($originalname, $folderid, $data->owner, $data->group, $data->institution); try { $fileid = ArtefactTypeFile::save_uploaded_file($filesindex, $attachment); } catch (QuotaExceededException $e) { if ($data->owner == $USER->get('id')) { $form->reply(PIEFORM_ERR, array('message' => $e->getMessage())); } redirect($goto); } catch (UploadException $e) { $form->reply(PIEFORM_ERR, array('message' => $e->getMessage())); redirect($goto); } $comment->attach($fileid); } } require_once 'activity.php'; $data = (object) array('commentid' => $comment->get('id'), 'viewid' => $view->get('id')); // We want to add the user placing the comment to the watchlist so they // can get notified about future comments to the page. // @TODO Add a site/institution preference to override this. $updatelink = false; if (!get_field('usr_watchlist_view', 'ctime', 'usr', $author, 'view', $view->get('id')) && $author != $owner) { insert_record('usr_watchlist_view', (object) array('usr' => $author, 'view' => $view->get('id'), 'ctime' => db_format_timestamp(time()))); $updatelink = $artefact ? get_string('removefromwatchlistartefact', 'view', $view->get('title')) : get_string('removefromwatchlist', 'view'); } activity_occurred('feedback', $data, 'artefact', 'comment'); if (isset($moderatemsg)) { activity_occurred('maharamessage', $moderatemsg); } db_commit(); $commentoptions = ArtefactTypeComment::get_comment_options(); $commentoptions->showcomment = $comment->get('id'); $commentoptions->view = $view; $commentoptions->artefact = $artefact; $newlist = ArtefactTypeComment::get_comments($commentoptions); $newlist->updatelink = $updatelink; // If you're anonymous and your message is moderated or private, then you won't // be able to tell what happened to it. So we'll provide some more explanation in // the feedback message. if ($anonymous && $moderated) { $message = get_string('feedbacksubmittedmoderatedanon', 'artefact.comment'); } else { if ($anonymous && $private) { $message = get_string('feedbacksubmittedprivateanon', 'artefact.comment'); } else { $message = get_string('feedbacksubmitted', 'artefact.comment'); } } $form->reply(PIEFORM_OK, array('message' => $message, 'goto' => $goto, 'data' => $newlist)); }