Exemplo n.º 1
0
 /**
  * Check if the current user is allowed to edit the topic
  *  denoted by the passed id
  * 
  * @staticvar array $perms
  * 
  * @param string $topic_id the id for the topic to check for
  * 
  * @return bool true if the user has the necessary perms, false otherwise
  */
 static function hasEditPerms($topic_id)
 {
     static $perms = array();
     if (!$perms[$topic_id]) {
         // find out if the posting is the last in the thread
         $constraints = ForumEntry::getConstraints($topic_id);
         $stmt = DBManager::get()->prepare("SELECT user_id, seminar_id\n                FROM forum_entries WHERE topic_id = ?");
         $stmt->execute(array($topic_id));
         $data = $stmt->fetch();
         $closed = ForumEntry::isClosed($topic_id);
         $perms[$topic_id] = ($GLOBALS['user']->id == $data['user_id'] && $GLOBALS['user']->id != 'nobody' || ForumPerm::has('edit_entry', $constraints['seminar_id'])) && (!$closed || $closed && ForumPerm::has('edit_closed', $constraints['seminar_id']));
     }
     return $perms[$topic_id];
 }
Exemplo n.º 2
0
 /**
  * Show new-entry-form for submitted topic
  * 
  * @param string $topic_id hte id of the entry to add to
  */
 function new_entry_action($topic_id)
 {
     ForumPerm::check('add_entry', $this->getId(), $topic_id);
     if (ForumEntry::isClosed($topic_id) && !ForumPerm::has('edit_closed')) {
         throw new AccessDeniedException(_('Sie dürfen keinen Beitrag in einem geschlossenen Thema erstellen!'));
     }
     $this->flash['edit_entry'] = true;
     $this->redirect(PluginEngine::getLink('coreforum/index/index/' . $topic_id . '#create'));
 }
Exemplo n.º 3
0
<? if (!is_array($highlight)) $highlight = array(); ?>
<? $is_new =  ((isset($visitdate) && $post['mkdate'] >= $visitdate) || !(isset($visitdate))) ?>
<? if (!$constraint) $constraint = ForumEntry::getConstraints (ForumEntry::getParentTopicId($post['topic_id'])) ?>

<? $can_edit_closed = !ForumEntry::isClosed($constraint['topic_id'])
        || (ForumEntry::isClosed($constraint['topic_id']) && ForumPerm::has('edit_closed', $constraint['seminar_id'])) ?>

<? $perms = array(
    'edit'         => ForumPerm::hasEditPerms($post['topic_id']),
    'edit_closed'  => ForumPerm::has('edit_closed', $constraint['seminar_id']),
    'remove_entry' => ForumPerm::has('remove_entry', $constraint['seminar_id']),
) ?>

<!-- Anker, um zu diesem Posting springen zu können -->
<a name="<?php 
echo $post['topic_id'];
?>
"></a>

<form method="post" data-topicid="<?php 
echo $post['topic_id'];
?>
" action="<?php 
echo PluginEngine::getLink('coreforum/index/update_entry/' . $post['topic_id']);
?>
">
    <?php 
echo CSRFProtection::tokenTag();
?>
    
<div class="posting<?php