/**
* Check if the current user is allowed to edit the topic
* denoted by the passed id
*
* @staticvar array $perms
*
* @param string $topic_id the id for the topic to check for
*
* @return bool true if the user has the necessary perms, false otherwise
*/
static function hasEditPerms($topic_id)
{
static $perms = array();
if (!$perms[$topic_id]) {
// find out if the posting is the last in the thread
$constraints = ForumEntry::getConstraints($topic_id);
$stmt = DBManager::get()->prepare("SELECT user_id, seminar_id\n FROM forum_entries WHERE topic_id = ?");
$stmt->execute(array($topic_id));
$data = $stmt->fetch();
$closed = ForumEntry::isClosed($topic_id);
$perms[$topic_id] = ($GLOBALS['user']->id == $data['user_id'] && $GLOBALS['user']->id != 'nobody' || ForumPerm::has('edit_entry', $constraints['seminar_id'])) && (!$closed || $closed && ForumPerm::has('edit_closed', $constraints['seminar_id']));
}
return $perms[$topic_id];
}
/**
* Show new-entry-form for submitted topic
*
* @param string $topic_id hte id of the entry to add to
*/
function new_entry_action($topic_id)
{
ForumPerm::check('add_entry', $this->getId(), $topic_id);
if (ForumEntry::isClosed($topic_id) && !ForumPerm::has('edit_closed')) {
throw new AccessDeniedException(_('Sie dürfen keinen Beitrag in einem geschlossenen Thema erstellen!'));
}
$this->flash['edit_entry'] = true;
$this->redirect(PluginEngine::getLink('coreforum/index/index/' . $topic_id . '#create'));
}
<? if (!is_array($highlight)) $highlight = array(); ?>
<? $is_new = ((isset($visitdate) && $post['mkdate'] >= $visitdate) || !(isset($visitdate))) ?>
<? if (!$constraint) $constraint = ForumEntry::getConstraints (ForumEntry::getParentTopicId($post['topic_id'])) ?>
<? $can_edit_closed = !ForumEntry::isClosed($constraint['topic_id'])
|| (ForumEntry::isClosed($constraint['topic_id']) && ForumPerm::has('edit_closed', $constraint['seminar_id'])) ?>
<? $perms = array(
'edit' => ForumPerm::hasEditPerms($post['topic_id']),
'edit_closed' => ForumPerm::has('edit_closed', $constraint['seminar_id']),
'remove_entry' => ForumPerm::has('remove_entry', $constraint['seminar_id']),
) ?>
<!-- Anker, um zu diesem Posting springen zu können -->
<a name="<?php
echo $post['topic_id'];
?>
"></a>
<form method="post" data-topicid="<?php
echo $post['topic_id'];
?>
" action="<?php
echo PluginEngine::getLink('coreforum/index/update_entry/' . $post['topic_id']);
?>
">
<?php
echo CSRFProtection::tokenTag();
?>
<div class="posting<?php
