/** * Creates a new model. * If creation is successful, the browser will be redirected to the 'view' page. */ public function actionCreate() { $model = new MessageBoard(); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['MessageBoard'])) { $model->attributes = $_POST['MessageBoard']; if ($model->save()) { $this->redirect(array('view', 'id' => $model->rec_id)); } } $this->render('create', array('model' => $model)); }
echo "This script has huge security problems, so has been disabled. It's also not used in the Beta theme, so you should never get here."; exit; $login_required = TRUE; include "includes/page.php"; require_once "../api/MessageBoard/MessageBoard.php"; $back = $_REQUEST['back_page']; //print_r($_REQUEST);exit; $mid = trim($_REQUEST['message_id']); if ($_REQUEST['do'] == 'edit') { filter_all_post($_REQUEST); $title = trim($_REQUEST['edit_title']); $body = trim($_REQUEST['edit_body']); $m = new MessageBoard(); $m->title = $title; $m->body = $body; $m->boardmessage_id = $mid; $id = $m->save($uid=NULL,$is_insert=0); } if ($_REQUEST['do'] == 'delete') { MessageBoard::delete_all_in_parent($mid,PARENT_TYPE_MESSAGE); } if ($_REQUEST['groupurl']) { $url = $_REQUEST['groupurl']; header("Location:$url"); exit; } header("location:$back");exit; ?>
function edit_forum_topic($_form) { filter_all_post($_POST); $error = FALSE; $msg = ''; $title = trim($_POST['forum_title']); $body = trim($_POST['forum_contents']); if (empty($title)) { $error = TRUE; $msg .= "Please specify a title for the forum topic"; } if (empty($body)) { $error = TRUE; $msg .= "Please enter small description of the topic"; } if (!$error) { $request_info = load_info(); $cat_obj = new MessageBoard(); $cat_obj->title = $title; $cat_obj->body = $body; $cat_obj->boardmessage_id = $_REQUEST['mid']; if ($_POST['chk_allow_anonymous'] != ALLOW_ANONYMOUS) { $cat_obj->allow_anonymous = 0; } else { $cat_obj->allow_anonymous = 1; } try { $mid = $cat_obj->save($login_uid, NULL); } catch (PAException $e) { $msg = "Error occured in saving data"; $error = TRUE; } } $msg_array = array(); $msg_array['failure_msg'] = $msg; $msg_array['success_msg'] = NULL; $return_array = array('msg' => $msg_array); return $return_array; }
$error = TRUE; $msg .= "<br><font color=\"red\">Please enter contents</font>"; } if (!$error) { $cat_obj = new MessageBoard(); $cat_obj->set_parent($parent_id, $parent_type); $cat_obj->title = $title; $cat_obj->body = $body; $cat_obj->user_id = $uid; if (!$_POST['chk_allow_anonymous']) { $cat_obj->allow_anonymous = 0; } else { $cat_obj->allow_anonymous = 1; } try { $mid = $cat_obj->save(); } catch (PAException $e) { $msg = "Error occured in saving thread\n"; $msg .= "<br><center><font color=\"red\">" . $e->message . "</font></center>"; $error = TRUE; } } if ($mid) { if ($_GET['gid']) { header("Location: {$base_url}/forum_messages.php?mid={$mid}&ccid=" . $_GET['gid']); } exit; } } else { if (isset($_POST['submit']) && $_POST['content_type'] != 'media' && !Group::member_exists((int) $_REQUEST['gid'], (int) $login_uid)) { $group_top_mesg = "You are not a member of " . stripslashes($group->title) . " group.";
$cat_obj->set_category_id($parent_id); } else { if ($group_id) { $cat_obj->set_collection_id($group_id); } } $cat_obj->title = $txt_title; $cat_obj->body = $textarea_contents; $cat_obj->user_id = $uid; if (!$_POST['chk_allow_anonymous']) { $cat_obj->allow_anonymous = 0; } else { $cat_obj->allow_anonymous = 1; } try { $cat_obj->save(); } catch (PAException $e) { $msg = "Error occured in saving thread\n"; $msg .= "<br><center><font color=\"red\">" . $e->message . "</font></center>"; $post_error = TRUE; } } if (!$post_error) { if ($parent_id) { $url = $base_url . '/threads.php?cid=' . $parent_id; } elseif ($group_id) { $url = $base_url . '/group_threads.php?gid=' . $group_id; } header("Location: {$url}"); exit; }
function peopleaggregator_newBoardMessage($args) { if ($args['authToken']) { $user = User::from_auth_token($args['authToken']); } else { $user = NULL; } $context = $args['context']; $title = $args['title']; $body = $args['content']; $allow_anon = $args['allowAnonymous']; if (preg_match("/^group:(\\d+)\$/", $context, $m)) { // posting a new topic to a group $parent_id = $m[1]; $parent_type = "collection"; //FIXME: check that we can access the group. or does MessageBoard do this? } else { if (preg_match("/^msg:(\\d+)\$/", $context, $m)) { // replying to an existing topic $parent_id = $m[1]; $parent_type = "message"; //FIXME: load parent, make sure it is a topic //FIXME: check if we are allowed to access this group } else { throw new PAException(INVALID_ID, "You can only post a message to a group or a topic. Parent ID '{$context}' is not allowed."); } } // create topic $cat_obj = new MessageBoard(); $cat_obj->set_parent($parent_id, $parent_type); $cat_obj->title = $title; $cat_obj->body = $body; $cat_obj->user_id = $user ? $user->user_id : NULL; $cat_obj->allow_anonymous = $allow_anon ? 1 : 0; $mid = $cat_obj->save($cat_obj->user_id); return array('success' => TRUE, 'id' => "msg:" . $mid); }
} if (!$error) { $cat_obj = new MessageBoard(); $cat_obj->set_parent($parent_id, $parent_type); $cat_obj->title = $title; $cat_obj->body = $body; $cat_obj->user_id = $uid; $cat_obj->user_name = $name; $cat_obj->email = $email; if (!$_POST['chk_allow_anonymous']) { $cat_obj->allow_anonymous = 0; } else { $cat_obj->allow_anonymous = 1; } try { $mid = $cat_obj->save($_SESSION['user']['id']); } catch (PAException $e) { $msg = "Error occured in saving thread\n"; $msg .= "<br><center><font color=\"red\">" . $e->message . "</font></center>"; $error = TRUE; } } if ($mid) { //echo 'data has been saved'; if ($_GET['ccid']) { header("Location: {$base_url}/forum_messages.php?mid={$parent_id}&ccid=" . $_GET['ccid']); } else { header("Location: {$base_url}/forum_messages.php?mid={$parent_id}"); } exit; }