public function display($tpl = null) { $session =& JFactory::getSession(); $this->userData =& JFactory::getUser(); $this->boardId = $session->get('quipforum_board_id', '1'); $this->userAccessLevel = comQuipForumHelper::getUserAccessLevel($this->boardId); if (!$this->userAccessLevel) { return JError::raiseWarning(403, JText::_('JERROR_ALERTNOAUTHOR')); } if (JRequest::getVar("id")) { $this->postData = $this->get('PostData'); if (!$this->userData->id) { return JError::raiseWarning(403, JText::_('JERROR_ALERTNOAUTHOR')); } if ($this->postData->user_id != $this->userData->id && !$this->userData->authorise('core.manage', 'com_quipforum') && $this->userAccessLevel < 4) { return JError::raiseWarning(403, JText::_('JERROR_ALERTNOAUTHOR')); } } else { $this->postData =& JTable::getInstance('posts', 'Table'); $this->postData->load(); } $this->boardData = $this->get('BoardData'); parent::display($tpl); }
public function save() { $option = JRequest::getCmd('option'); $userData = JFactory::getUser(); $userAccessLevel = comQuipForumHelper::getUserAccessLevel(JRequest::getVar('board_id')); if ($userAccessLevel < 2) { return JError::raiseWarning(403, JText::_('JERROR_ALERTNOAUTHOR')); } JRequest::checkToken() or jexit('Invalid Token'); $rowPost =& JTable::getInstance('posts', 'Table'); if (!$rowPost->bind(JRequest::get('post'))) { JError::raiseError(500, $rowPost->getError()); } if ($userAccessLevel == 2 && !$rowPost->thread_id) { return JError::raiseWarning(403, JText::_('JERROR_ALERTNOAUTHOR')); } $rowPost->ip_address = $_SERVER['REMOTE_ADDR']; $rowPost->post_date = comQuipForumHelper::sqlDateTime(); if (!trim(strip_tags($rowPost->body))) { $rowPost->no_text = 1; } if (!$rowPost->id) { $status = "created"; } else { $status = "edited"; } if (!$rowPost->store()) { JError::raiseError(500, $rowPost->getError()); } $urls = array(); if ($urls = comQuipForumHelper::parseUrlsFromText($rowPost->body)) { $noTextTester = $rowPost->body; foreach ((array) $urls as $key => $value) { $noTextTester = str_replace($value, "", $noTextTester); $rowLinks =& JTable::getInstance('links', 'Table'); $rowLinks->url = $value; $rowLinks->post_id = $rowPost->id; $rowLinks->user_id = $rowPost->user_id; if (!$rowLinks->store()) { JError::raiseError(500, $rowLinks->getError()); } $rowPost->links++; } if (!trim(strip_tags($noTextTester))) { $rowPost->no_text = 1; } # update with # of links if (!$rowPost->store()) { JError::raiseError(500, $rowPost->getError()); } } if (!($parent_id = JRequest::getVar('parent_id'))) { $rowPost->thread_id = $rowPost->id; $rowPostRefs =& JTable::getInstance('postreferences', 'Table'); $rowPostRefs->load($rowPost->reference_key_id); $rowPostRefs->board_id = JRequest::getVar('board_id'); $rowPostRefs->id = $rowPost->id; if (!$rowPostRefs->store()) { JError::raiseError(500, $rowPostRefs->getError()); } $rowPost->reference_key_id = $rowPostRefs->key_id; if (!$rowPost->store()) { JError::raiseError(500, $rowPost->getError()); } } $threadWeaver = new QuipForumThreadWeaver(); $threadWeaver->weaveThread($rowPost->thread_id); if ($userData->id) { comQuipForumHelper::logIt(" <span class='qforum-log-post-" . $status . "'>Post " . $status . " by " . $userData->name . "(" . $userData->id . ") at " . $rowPost->post_date . ".</span>", $rowPost->id); } else { comQuipForumHelper::logIt(" <span class='qforum-log-post-" . $status . "'>Post " . $status . " by " . $rowPost->user_alt_name . "(guest from IP: " . $rowPost->ip_address . ") at " . $rowPost->post_date . ".</span>", $rowPost->id); } $this->setRedirect(JRoute::_('index.php?option=' . $option . '&view=post&id=' . $rowPost->id), 'Post saved, here it is!'); }