3 * GForge Forums Facility
5 * Copyright 2002 GForge, LLC
13 By Tim Perdue, Sourceforge, 11/99
15 Massive rewrite by Tim Perdue 7/2000 (nested/views/save)
17 Complete OO rewrite by Tim Perdue 12/2002
19 Heavy RBAC changes 3/17/2004
22 require_once('../../env.inc.php');
23 require_once $gfwww.'include/pre.php';
24 require_once $gfwww.'forum/include/ForumHTML.class.php';
25 require_once $gfcommon.'forum/Forum.class.php';
26 require_once $gfwww.'forum/admin/ForumAdmin.class.php';
27 require_once $gfcommon.'forum/ForumFactory.class.php';
28 require_once $gfcommon.'forum/ForumMessageFactory.class.php';
29 require_once $gfcommon.'forum/ForumMessage.class.php';
30 require_once $gfcommon.'include/TextSanitizer.class.php'; // to make the HTML input by the user safe to store
32 $group_id = getIntFromRequest('group_id');
33 $group_forum_id = getIntFromRequest('group_forum_id');
34 $deleteforum = getStringFromRequest('deleteforum');
35 $feedback = getStringFromRequest('feedback');
41 // Set up local objects
43 $g =& group_get_object($group_id);
44 if (!$g || !is_object($g) || $g->isError()) {
48 $p =& $g->getPermission( session_get_user() );
49 if (!$p || !is_object($p) || $p->isError()) {
50 exit_permission_denied();
53 if (getStringFromRequest('post_changes')) {
55 Update the DB to reflect the changes
62 $fa = new ForumAdmin($group_id);
63 $feedback .= $fa->ExecuteAction("delete_forum");
66 } else if (getStringFromRequest('add_forum')) {
67 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
68 exit_form_double_submit();
71 if (check_email_available($g, $g->getUnixName() . '-' . getStringFromRequest('forum_name'), $error_msg)) {
72 $fa = new ForumAdmin($group_id);
73 $feedback .= $fa->ExecuteAction("add_forum");
75 } else if (getStringFromRequest('change_status')) {
76 $fa = new ForumAdmin($group_id);
77 $feedback .= $fa->ExecuteAction("change_status");
81 if (getStringFromRequest('add_forum')) {
83 Show the form for adding forums
85 forum_header(array('title'=>_('Add forum')));
89 <form method="post" action="'.getStringFromServer('PHP_SELF').'">
90 <input type="hidden" name="post_changes" value="y" />
91 <input type="hidden" name="add_forum" value="y" />
92 <input type="hidden" name="group_id" value="'.$group_id.'" />
93 <input type="hidden" name="form_key" value="' . form_generate_key() . '" />
94 <strong>'._('Forum Name').':</strong><br />
95 <input type="text" name="forum_name" value="" size="20" maxlength="30" /><br />
96 <strong>'._('Description').':</strong><br />
97 <input type="text" name="description" value="" size="40" maxlength="80" /><br />
98 <strong>'._('Is Public?').'</strong><br />
99 <input type="radio" name="is_public" value="1" checked="checked" />'._('Yes').' <br />
100 <input type="radio" name="is_public" value="0" />'._('No').'
102 <strong>'._('Allow Anonymous Posts?').'</strong><br />
103 <input type="radio" name="allow_anonymous" value="1" />'._('Yes').'<br />
104 <input type="radio" name="allow_anonymous" value="0" checked="checked" />'._('No').'
106 html_build_select_box_from_assoc(array("0" => _('No Moderation') ,"1" => _('Moderated Level 1'),"2" => _('Moderated Level 2') ),"moderation_level",0) . '
107 <br />' . _('Moderated Level 1') . ': ' . _('To moderate anonymous posts (if allowed in public forum) and posts from non-member users.') . '<br />' . _('Moderated Level 2') . ': ' . _('To moderate ALL posts.') . '<p>
109 <strong>'._('Email All Posts To:').'</strong><br />
110 <input type="text" name="send_all_posts_to" value="" size="60" />
112 <input type="submit" name="submit" value="'._('Add This Forum').'" />
116 forum_footer(array());
118 } else if (getStringFromRequest('change_status')) {
123 $f = new Forum ($g,$group_forum_id);
124 if (!$f || !is_object($f)) {
125 exit_error('Error','Could Not Get Forum Object');
126 } elseif ($f->isError()) {
127 exit_error('Error',$f->getErrorMessage());
128 } elseif (!$f->userIsAdmin()) {
129 exit_permission_denied();
132 forum_header(array('title'=>_('Change forum status')));
133 echo '<p>'._('You can adjust forum features from here. Please note that private forums can still be viewed by members of your project, not the general public.').'</p>';
134 $fa = new ForumAdmin();
135 if ($fa->Authorized($group_id)) {
136 if ($fa->isForumAdmin($group_forum_id)) {
137 $fa->PrintAdminPendingOption($group_forum_id);
142 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
143 <input type="hidden" name="post_changes" value="y" />
144 <input type="hidden" name="change_status" value="y" />
145 <input type="hidden" name="group_forum_id" value="'. $f->getID() .'" />
146 <input type="hidden" name="group_id" value="'.$group_id.'" />
148 <strong>'._('Allow Anonymous Posts?').'</strong><br />
149 <input type="radio" name="allow_anonymous" value="1"'.(($f->AllowAnonymous() == 1)?' checked="checked"':'').' /> '._('Yes').'<br />
150 <input type="radio" name="allow_anonymous" value="0"'.(($f->AllowAnonymous() == 0)?' checked="checked"':'').'/> '._('No').'<br />
153 <strong>'._('Is Public?').'</strong><br />
154 <input type="radio" name="is_public" value="1"'.(($f->isPublic() == 1)?' checked="checked"':'').' /> '._('Yes').'<br />
155 <input type="radio" name="is_public" value="0"'.(($f->isPublic() == 0)?' checked="checked"':'').' /> '._('No').'<br />
156 <input type="radio" name="is_public" value="9"'.(($f->isPublic() == 9)?' checked="checked"':'').' />'._('Suspended').'<br />
158 html_build_select_box_from_assoc(array("0" => _('No Moderation') ,"1" => _('Moderated Level 1'),"2" => _('Moderated Level 2') ),"moderation_level",$f->getModerationLevel()) . '
159 <br />' . _('Moderated Level 1') . ': ' . _('To moderate anonymous posts (if allowed in public forum) and posts from non-member users.') . '<br />' . _('Moderated Level 2') . ': ' . _('To moderate ALL posts.') . '<p>
162 <strong>'._('Forum Name').':</strong><br />
163 <input type="text" name="forum_name" value="'. $f->getName() .'" size="20" maxlength="30" />
165 <strong>'._('Email All Posts To:').'</strong><br />
166 <input type="text" name="send_all_posts_to" value="'. $f->getSendAllPostsTo() .'" size="60" />
168 <strong>'._('Description').':</strong><br />
169 <input type="text" name="description" value="'. $f->getDescription() .'" size="60" maxlength="80" /><br />
171 <input type="submit" name="submit" value="'._('Update').'" />
173 //echo '<a href="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&group_forum_id='.$group_forum_id.'&delete=1">'._('Delete Message').'</a><br />';
174 echo '<a href="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&group_forum_id='.$group_forum_id.'&deleteforum=1">'._('Delete entire forum and all content').'</a><br />';
175 forum_footer(array());
177 } elseif ($deleteforum && $group_forum_id) {
179 $f = new Forum ($g,$group_forum_id);
180 if (!$f || !is_object($f)) {
181 exit_error('Error','Could Not Get Forum Object');
182 } elseif ($f->isError()) {
183 exit_error('Error',$f->getErrorMessage());
184 } elseif (!$f->userIsAdmin()) {
185 exit_permission_denied();
187 forum_header(array('title'=>_('Delete')));
189 <strong>'._('You are about to permanently and irretrievably delete this entire forum and all its contents!').'</strong><br />
191 <form method="post" action="'.getStringFromServer('PHP_SELF').'">
192 <input type="hidden" name="post_changes" value="y" />
193 <input type="hidden" name="deleteforum" value="y" />
194 <input type="hidden" name="group_id" value="'.$group_id.'" />
195 <input type="hidden" name="group_forum_id" value="'.$group_forum_id.'" />
196 <input type="checkbox" name="sure" value="1" />'._('I\'m Sure').'<br />
197 <input type="checkbox" name="really_sure" value="1" />'._('I\'m Really Sure').'<br />
198 <input type="submit" name="submit" value="'._('Delete').'" />
200 forum_footer(array());
202 } elseif ( getStringFromRequest("deletemsg") ) {
203 // delete message handling
205 $fa = new ForumAdmin();
206 if ($fa->Authorized($group_id)) {
207 $forum_id = getStringFromRequest("forum_id");
208 $thread_id = getStringFromRequest("thread_id");
209 $msg_id = getStringFromRequest("deletemsg");
210 if ($fa->isForumAdmin($forum_id)) {
211 if (getStringFromRequest("ok")) {
212 //actually delete the message
213 $feedback .= $fa->ExecuteAction("delete");
214 forum_header(array('title'=>_('Delete a Message')));
215 echo '<p>'.util_make_link ('/forum/forum.php?forum_id=' . $forum_id, _("Return to the forum")) . '</p>';
216 forum_footer(array());
217 } elseif (getStringFromRequest("cancel")) {
218 // the user cancelled the request, go back to forum
219 //if thread_id is 0, then we came from message.php. else, we came from forum.php
221 header("Location: /forum/message.php?msg_id=$msg_id");
223 header("Location: /forum/forum.php?thread_id=$thread_id&forum_id=$forum_id");
227 //print the delete message confirmation
228 forum_header(array('title'=>_('Delete a Message')));
230 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
231 <h3>' . _('WARNING! You are about to permanently delete a message and all of its followups!!') . '</h3><p>
233 <input type="submit" name="ok" value="' . _('Yes') . '" />
234 <input type="submit" name="cancel" value="' . _('No') . '" />
235 <input type="hidden" name="deletemsg" value="'.$msg_id.'" />
236 <input type="hidden" name="group_id" value="'.$group_id.'" />
237 <input type="hidden" name="forum_id" value="'.$forum_id.'" />
238 <input type="hidden" name="thread_id" value="'.$thread_id.'" />
242 forum_footer(array());
245 exit_permission_denied();
249 if ($fa->isGroupIdError()) {
251 } elseif ($fa->isPermissionDeniedError()) {
252 exit_permission_denied();
255 } elseif (getStringFromRequest("editmsg")) {
256 // edit message handling
257 $forum_id = getStringFromRequest("forum_id");
258 $thread_id = getStringFromRequest("thread_id");
259 $msg_id = getStringFromRequest("editmsg");
260 $fa = new ForumAdmin();
261 if ($fa->Authorized($group_id)) {
262 if ($fa->isForumAdmin($forum_id)) {
263 if (getStringFromRequest("ok")) {
264 //actually finish editing the message and save the contents
265 $f = new Forum ($fa->GetGroupObject(),$forum_id);
266 if (!$f || !is_object($f)) {
267 exit_error('Error','Error Getting Forum');
268 } elseif ($f->isError()) {
269 exit_error('Error',$f->getErrorMessage());
271 $fm=new ForumMessage($f,$msg_id,false,false);
272 if (!$fm || !is_object($fm)) {
273 exit_error(_('Error'),_('Error getting new forum message'));
274 } elseif ($fm->isError()) {
275 exit_error(_('Error'),$fm->getErrorMessage());
277 $subject = getStringFromRequest('subject');
278 $body = getStringFromRequest('body');
280 $sanitizer = new TextSanitizer();
281 $body = $sanitizer->SanitizeHtml($body);
283 $is_followup_to = getStringFromRequest('is_followup_to');
284 $form_key = getStringFromRequest('form_key');
285 $posted_by = getStringFromRequest('posted_by');
286 $post_date = getStringFromRequest('post_date');
287 $is_followup_to = getStringFromRequest('is_followup_to');
288 $has_followups = getStringFromRequest('has_followups');
289 $most_recent_date = getStringFromRequest('most_recent_date');
290 if ($fm->updatemsg($forum_id,$posted_by,$subject,$body,$post_date,$is_followup_to,$thread_id,$has_followups,$most_recent_date)) {
291 $feedback .= _('Message Edited Successfully');
293 $feedback .= $fm->getErrorMessage();
295 forum_header(array('title'=>_('Edit a Message')));
296 echo '<p>'.util_make_link ('/forum/forum.php?forum_id=' . $forum_id, _("Return to the forum")) ;
297 forum_footer(array());
298 } elseif (getStringFromRequest("cancel")) {
299 // the user cancelled the request, go back to forum
300 header("Location: /forum/message.php?msg_id=$msg_id");
303 //print the edit message confirmation
305 $f = new Forum ($fa->GetGroupObject(),$forum_id);
306 if (!$f || !is_object($f)) {
307 exit_error('Error','Error Getting Forum');
308 } elseif ($f->isError()) {
309 exit_error('Error',$f->getErrorMessage());
312 $fm=new ForumMessage($f,$msg_id,false,false);
313 if (!$fm || !is_object($fm)) {
314 exit_error(_('Error'),_('Error Getting ForumMessage'));
315 } elseif ($fm->isError()) {
316 exit_error(_('Error'),$fm->getErrorMessage());
319 $fh = new ForumHTML($f);
320 if (!$fh || !is_object($fh)) {
321 exit_error(_('Error'),_('Error Getting ForumHTML'));
322 } elseif ($fh->isError()) {
323 exit_error(_('Error'),$fh->getErrorMessage());
326 forum_header(array('title'=>_('Edit a Message')));
327 $fh->showEditForm($fm);
328 forum_footer(array());
331 exit_permission_denied();
335 if ($fa->isGroupIdError()) {
337 } elseif ($fa->isPermissionDeniedError()) {
338 exit_permission_denied();
341 } elseif (getStringFromRequest("movethread")) {
342 $thread_id = getIntFromRequest("movethread");
343 $msg_id = getStringFromRequest("msg_id");
344 $forum_id = getIntFromRequest("forum_id");
345 $return_to_message = getIntFromRequest("return_to_message");
346 $new_forum_id = getIntFromRequest("new_forum_id");
347 $fa = new ForumAdmin();
348 if ($fa->Authorized($group_id)) {
349 if ($fa->isForumAdmin($forum_id)) {
350 if (getStringFromRequest("ok")) {
351 if ($forum_id == $new_forum_id) {
352 $feedback .= _('Thread not moved');
355 // Move message in another forum
356 $f_from = new Forum ($fa->GetGroupObject(),$forum_id);
357 if (!$f_from || !is_object($f_from)) {
358 exit_error('Error','Could Not Get Forum Object');
359 } elseif ($f_from->isError()) {
360 exit_error('Error',$f_from->getErrorMessage());
362 $f_to = new Forum ($fa->GetGroupObject(),$new_forum_id);
363 if (!$f_to || !is_object($f_to)) {
364 exit_error('Error','Could Not Get Forum Object');
365 } elseif ($f_to->isError()) {
366 exit_error('Error',$f_to->getErrorMessage());
369 $ff = new ForumFactory($g);
370 if (!$ff || !is_object($ff) || $ff->isError()) {
371 exit_error(_('Error'),$ff->getErrorMessage());
374 if ($ff->moveThread($new_forum_id,$thread_id,$forum_id)) {
375 $feedback .= sprintf(_('Thread successfully moved from %1$s forum to %2$s forum'), $f_from->getName(),$f_to->getName());
377 $feedback .= $ff->getErrorMessage();
381 forum_header(array('title'=>_('Edit a Message')));
382 echo '<p><a href="/forum/forum.php?forum_id=' . $new_forum_id . '">Return to the forum</a></p>';
383 echo '<p><a href="/forum/forum.php?thread_id='.$thread_id.'&forum_id=' . $new_forum_id . '">Return to the thread</a></p>';
384 forum_footer(array());
385 } elseif (getStringFromRequest("cancel")) {
386 // the user cancelled the request, go back to forum
387 if ($return_to_message) {
388 header("Location: /forum/message.php?msg_id=$msg_id");
390 header("Location: /forum/forum.php?thread_id=$thread_id&forum_id=$forum_id");
394 // Display select box to select new forum
396 forum_header(array('title'=>_('Forums: Administration')));
398 $ff = new ForumFactory($g);
399 if (!$ff || !is_object($ff) || $ff->isError()) {
400 exit_error(_("Error"),$ff->getErrorMessage());
403 $farr =& $ff->getForums();
405 if ($ff->isError()) {
406 echo '<h1>'.sprintf(_('No Forums Found For %s'), $g->getPublicName()) .'</h1>';
407 echo $ff->getErrorMessage();
408 forum_footer(array());
413 List the existing forums so they can be edited.
417 for ($j = 0; $j < count($farr); $j++) {
418 if (!is_object($farr[$j])) {
419 //just skip it - this object should never have been placed here
420 } elseif ($farr[$j]->isError()) {
421 echo $farr[$j]->getErrorMessage();
423 $forums[$farr[$j]->getID()] = $farr[$j]->getName();
427 $f_from = new Forum ($fa->GetGroupObject(),$forum_id);
428 if (!$f_from || !is_object($f_from)) {
429 exit_error('Error','Could Not Get Forum Object');
430 } elseif ($f_from->isError()) {
431 exit_error('Error',$f_from->getErrorMessage());
435 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
436 <h3>' . sprintf(_('Move thread from %s forum to the following forum:'), $f_from->getName()) . '</h3>
438 <input type="hidden" name="movethread" value="'.$thread_id.'" />
439 <input type="hidden" name="group_id" value="'.$group_id.'" />
440 <input type="hidden" name="forum_id" value="'.$forum_id.'" />
441 <input type="hidden" name="msg_id" value="'.$msg_id.'" />
442 <input type="hidden" name="return_to_message" value="'.$return_to_message.'" />' .
443 html_build_select_box_from_assoc($forums,'new_forum_id',$forum_id) .
445 <input type="submit" name="ok" value="' . _("Submit") . '" />
446 <input type="submit" name="cancel" value="' . _("Cancel") . '" />
451 forum_footer(array());
454 exit_permission_denied();
458 if ($fa->isGroupIdError()) {
461 elseif ($fa->isPermissionDeniedError()) {
462 exit_permission_denied();
471 Show main page for choosing
472 either moderator or delete
474 forum_header(array('title'=>_('Forums: Administration')));
479 if ($p->isForumAdmin()) {
480 $fa = new ForumAdmin();
481 $fa->PrintAdminOptions();
484 // Get existing forums
486 $ff=new ForumFactory($g);
487 if (!$ff || !is_object($ff) || $ff->isError()) {
488 exit_error(_('Error'),$ff->getErrorMessage());
491 $farr =& $ff->getForumsAdmin();
493 if ($ff->isError()) {
494 echo '<h1>'.sprintf(_('No Forums Found For %1$s'), $g->getPublicName()) .'</h1>';
495 echo $ff->getErrorMessage();
496 forum_footer(array());
501 List the existing forums so they can be edited.
504 for ($j = 0; $j < count($farr); $j++) {
505 if (!is_object($farr[$j])) {
506 //just skip it - this object should never have been placed here
507 } elseif ($farr[$j]->isError()) {
508 echo $farr[$j]->getErrorMessage();
510 echo '<p><a href="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&change_status=1&group_forum_id='. $farr[$j]->getID() .'">'.
511 $farr[$j]->getName() .'</a><br />'.$farr[$j]->getDescription().'<br /><a href="monitor.php?group_id='.$group_id.'&group_forum_id='. $farr[$j]->getID() .'">'.
512 _('Monitoring Users').'</a></p>';
516 forum_footer(array());
521 Not logged in or insufficient privileges
526 exit_permission_denied();