3 * GForge Forums Facility
5 * Copyright 2002 GForge, LLC
13 By Tim Perdue, Sourceforge, 11/99
15 Massive rewrite by Tim Perdue 7/2000 (nested/views/save)
17 Complete OO rewrite by Tim Perdue 12/2002
19 Heavy RBAC changes 3/17/2004
22 require_once('../../env.inc.php');
23 require_once $gfwww.'include/pre.php';
24 require_once $gfwww.'forum/include/ForumHTML.class.php';
25 require_once $gfcommon.'forum/Forum.class.php';
26 require_once $gfwww.'forum/admin/ForumAdmin.class.php';
27 require_once $gfcommon.'forum/ForumFactory.class.php';
28 require_once $gfcommon.'forum/ForumMessageFactory.class.php';
29 require_once $gfcommon.'forum/ForumMessage.class.php';
30 require_once $gfcommon.'include/TextSanitizer.class.php'; // to make the HTML input by the user safe to store
32 $group_id = getIntFromRequest('group_id');
33 $group_forum_id = getIntFromRequest('group_forum_id');
34 $deleteforum = getStringFromRequest('deleteforum');
35 $feedback = getStringFromRequest('feedback');
41 // Set up local objects
43 $g =& group_get_object($group_id);
44 if (!$g || !is_object($g) || $g->isError()) {
48 $p =& $g->getPermission( session_get_user() );
49 if (!$p || !is_object($p) || $p->isError()) {
50 exit_permission_denied();
53 if (getStringFromRequest('post_changes')) {
55 Update the DB to reflect the changes
62 $fa = new ForumAdmin($group_id);
63 $feedback .= $fa->ExecuteAction("delete_forum");
66 } else if (getStringFromRequest('add_forum')) {
67 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
68 exit_form_double_submit();
70 $fa = new ForumAdmin($group_id);
71 $feedback .= $fa->ExecuteAction("add_forum");
72 } else if (getStringFromRequest('change_status')) {
73 $fa = new ForumAdmin($group_id);
74 $feedback .= $fa->ExecuteAction("change_status");
78 if (getStringFromRequest('add_forum')) {
80 Show the form for adding forums
82 forum_header(array('title'=>_('Add forum')));
86 <form method="post" action="'.getStringFromServer('PHP_SELF').'">
87 <input type="hidden" name="post_changes" value="y" />
88 <input type="hidden" name="add_forum" value="y" />
89 <input type="hidden" name="group_id" value="'.$group_id.'" />
90 <input type="hidden" name="form_key" value="' . form_generate_key() . '" />
91 <strong>'._('Forum Name').':</strong><br />
92 <input type="text" name="forum_name" value="" size="20" maxlength="30" /><br />
93 <strong>'._('Description').':</strong><br />
94 <input type="text" name="description" value="" size="40" maxlength="80" /><br />
95 <strong>'._('Is Public?').'</strong><br />
96 <input type="radio" name="is_public" value="1" checked="checked" />'._('Yes').' <br />
97 <input type="radio" name="is_public" value="0" />'._('No').'
99 <strong>'._('Allow Anonymous Posts?').'</strong><br />
100 <input type="radio" name="allow_anonymous" value="1" />'._('Yes').'<br />
101 <input type="radio" name="allow_anonymous" value="0" checked="checked" />'._('No').'
103 html_build_select_box_from_assoc(array("0" => _('No Moderation') ,"1" => _('Moderated Level 1'),"2" => _('Moderated Level 2') ),"moderation_level",0) . '
104 <br />' . _('Moderated Level 1') . ': ' . _('To moderate anonymous posts (if allowed in public forum) and posts from non-member users.') . '<br />' . _('Moderated Level 2') . ': ' . _('To moderate ALL posts.') . '<p>
106 <strong>'._('Email All Posts To:').'</strong><br />
107 <input type="text" name="send_all_posts_to" value="" size="60" />
109 <input type="submit" name="submit" value="'._('Add This Forum').'" />
113 forum_footer(array());
115 } else if (getStringFromRequest('change_status')) {
120 $f = new Forum ($g,$group_forum_id);
121 if (!$f || !is_object($f)) {
122 exit_error('Error','Could Not Get Forum Object');
123 } elseif ($f->isError()) {
124 exit_error('Error',$f->getErrorMessage());
125 } elseif (!$f->userIsAdmin()) {
126 exit_permission_denied();
129 forum_header(array('title'=>_('Change forum status')));
130 echo '<p>'._('You can adjust forum features from here. Please note that private forums can still be viewed by members of your project, not the general public.').'</p>';
131 $fa = new ForumAdmin();
132 if ($fa->Authorized($group_id)) {
133 if ($fa->isForumAdmin($group_forum_id)) {
134 $fa->PrintAdminPendingOption($group_forum_id);
139 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
140 <input type="hidden" name="post_changes" value="y" />
141 <input type="hidden" name="change_status" value="y" />
142 <input type="hidden" name="group_forum_id" value="'. $f->getID() .'" />
143 <input type="hidden" name="group_id" value="'.$group_id.'" />
145 <strong>'._('Allow Anonymous Posts?').'</strong><br />
146 <input type="radio" name="allow_anonymous" value="1"'.(($f->AllowAnonymous() == 1)?' checked="checked"':'').' /> '._('Yes').'<br />
147 <input type="radio" name="allow_anonymous" value="0"'.(($f->AllowAnonymous() == 0)?' checked="checked"':'').'/> '._('No').'<br />
150 <strong>'._('Is Public?').'</strong><br />
151 <input type="radio" name="is_public" value="1"'.(($f->isPublic() == 1)?' checked="checked"':'').' /> '._('Yes').'<br />
152 <input type="radio" name="is_public" value="0"'.(($f->isPublic() == 0)?' checked="checked"':'').' /> '._('No').'<br />
153 <input type="radio" name="is_public" value="9"'.(($f->isPublic() == 9)?' checked="checked"':'').' />'._('Suspended').'<br />
155 html_build_select_box_from_assoc(array("0" => _('No Moderation') ,"1" => _('Moderated Level 1'),"2" => _('Moderated Level 2') ),"moderation_level",$f->getModerationLevel()) . '
156 <br />' . _('Moderated Level 1') . ': ' . _('To moderate anonymous posts (if allowed in public forum) and posts from non-member users.') . '<br />' . _('Moderated Level 2') . ': ' . _('To moderate ALL posts.') . '<p>
159 <strong>'._('Forum Name').':</strong><br />
160 <input type="text" name="forum_name" value="'. $f->getName() .'" size="20" maxlength="30" />
162 <strong>'._('Email All Posts To:').'</strong><br />
163 <input type="text" name="send_all_posts_to" value="'. $f->getSendAllPostsTo() .'" size="60" />
165 <strong>'._('Description').':</strong><br />
166 <input type="text" name="description" value="'. $f->getDescription() .'" size="60" maxlength="80" /><br />
168 <input type="submit" name="submit" value="'._('Update').'" />
170 //echo '<a href="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&group_forum_id='.$group_forum_id.'&delete=1">'._('Delete Message').'</a><br />';
171 echo '<a href="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&group_forum_id='.$group_forum_id.'&deleteforum=1">'._('Delete entire forum and all content').'</a><br />';
172 forum_footer(array());
174 } elseif ($deleteforum && $group_forum_id) {
176 $f = new Forum ($g,$group_forum_id);
177 if (!$f || !is_object($f)) {
178 exit_error('Error','Could Not Get Forum Object');
179 } elseif ($f->isError()) {
180 exit_error('Error',$f->getErrorMessage());
181 } elseif (!$f->userIsAdmin()) {
182 exit_permission_denied();
184 forum_header(array('title'=>_('Delete')));
186 <strong>'._('You are about to permanently and irretrievably delete this entire forum and all its contents!').'</strong><br />
188 <form method="post" action="'.getStringFromServer('PHP_SELF').'">
189 <input type="hidden" name="post_changes" value="y" />
190 <input type="hidden" name="deleteforum" value="y" />
191 <input type="hidden" name="group_id" value="'.$group_id.'" />
192 <input type="hidden" name="group_forum_id" value="'.$group_forum_id.'" />
193 <input type="checkbox" name="sure" value="1" />'._('I\'m Sure').'<br />
194 <input type="checkbox" name="really_sure" value="1" />'._('I\'m Really Sure').'<br />
195 <input type="submit" name="submit" value="'._('Delete').'" />
197 forum_footer(array());
199 } elseif ( getStringFromRequest("deletemsg") ) {
200 // delete message handling
202 $fa = new ForumAdmin();
203 if ($fa->Authorized($group_id)) {
204 $forum_id = getStringFromRequest("forum_id");
205 $thread_id = getStringFromRequest("thread_id");
206 $msg_id = getStringFromRequest("deletemsg");
207 if ($fa->isForumAdmin($forum_id)) {
208 if (getStringFromRequest("ok")) {
209 //actually delete the message
210 $feedback .= $fa->ExecuteAction("delete");
211 forum_header(array('title'=>_('Delete a Message')));
212 echo '<p>'.util_make_link ('/forum/forum.php?forum_id=' . $forum_id, _("Return to the forum")) ;
213 forum_footer(array());
214 } elseif (getStringFromRequest("cancel")) {
215 // the user cancelled the request, go back to forum
216 //if thread_id is 0, then we came from message.php. else, we came from forum.php
218 header("Location: /forum/message.php?msg_id=$msg_id");
220 header("Location: /forum/forum.php?thread_id=$thread_id&forum_id=$forum_id");
224 //print the delete message confirmation
225 forum_header(array('title'=>_('Delete a Message')));
227 <form action="'.getStringFromServer('PHP_SELF').'" method="post">
228 <h3>' . _('WARNING! You are about to permanently delete a message and all of its followups!!') . '</h3><p>
230 <input type="submit" name="ok" value="' . _('Yes') . '" />
231 <input type="submit" name="cancel" value="' . _('No') . '" />
232 <input type="hidden" name="deletemsg" value="'.$msg_id.'" />
233 <input type="hidden" name="group_id" value="'.$group_id.'" />
234 <input type="hidden" name="forum_id" value="'.$forum_id.'" />
235 <input type="hidden" name="thread_id" value="'.$thread_id.'" />
239 forum_footer(array());
242 exit_permission_denied();
246 if ($fa->isGroupIdError()) {
248 } elseif ($fa->isPermissionDeniedError()) {
249 exit_permission_denied();
252 } elseif (getStringFromRequest("editmsg")) {
253 // edit message handling
254 $forum_id = getStringFromRequest("forum_id");
255 $thread_id = getStringFromRequest("thread_id");
256 $msg_id = getStringFromRequest("editmsg");
257 $fa = new ForumAdmin();
258 if ($fa->Authorized($group_id)) {
259 if ($fa->isForumAdmin($forum_id)) {
260 if (getStringFromRequest("ok")) {
261 //actually finish editing the message and save the contents
262 $f = new Forum ($fa->GetGroupObject(),$forum_id);
263 if (!$f || !is_object($f)) {
264 exit_error('Error','Error Getting Forum');
265 } elseif ($f->isError()) {
266 exit_error('Error',$f->getErrorMessage());
268 $fm=new ForumMessage($f,$msg_id,false,false);
269 if (!$fm || !is_object($fm)) {
270 exit_error(_('Error'),_('Error getting new forum message'));
271 } elseif ($fm->isError()) {
272 exit_error(_('Error'),$fm->getErrorMessage());
274 $subject = getStringFromRequest('subject');
275 $body = getStringFromRequest('body');
277 $sanitizer = new TextSanitizer();
278 $body = $sanitizer->SanitizeHtml($body);
280 $is_followup_to = getStringFromRequest('is_followup_to');
281 $form_key = getStringFromRequest('form_key');
282 $posted_by = getStringFromRequest('posted_by');
283 $post_date = getStringFromRequest('post_date');
284 $is_followup_to = getStringFromRequest('is_followup_to');
285 $has_followups = getStringFromRequest('has_followups');
286 $most_recent_date = getStringFromRequest('most_recent_date');
287 if ($fm->updatemsg($forum_id,$posted_by,$subject,$body,$post_date,$is_followup_to,$thread_id,$has_followups,$most_recent_date)) {
288 $feedback .= _('Message Edited Successfully');
290 $feedback .= $fm->getErrorMessage();
292 forum_header(array('title'=>_('Edit a Message')));
293 echo '<p>'.util_make_link ('/forum/forum.php?forum_id=' . $forum_id, _("Return to the forum")) ;
294 forum_footer(array());
295 } elseif (getStringFromRequest("cancel")) {
296 // the user cancelled the request, go back to forum
297 header("Location: /forum/message.php?msg_id=$msg_id");
300 //print the edit message confirmation
302 $f = new Forum ($fa->GetGroupObject(),$forum_id);
303 if (!$f || !is_object($f)) {
304 exit_error('Error','Error Getting Forum');
305 } elseif ($f->isError()) {
306 exit_error('Error',$f->getErrorMessage());
309 $fm=new ForumMessage($f,$msg_id,false,false);
310 if (!$fm || !is_object($fm)) {
311 exit_error(_('Error'),_('Error Getting ForumMessage'));
312 } elseif ($fm->isError()) {
313 exit_error(_('Error'),$fm->getErrorMessage());
316 $fh = new ForumHTML($f);
317 if (!$fh || !is_object($fh)) {
318 exit_error(_('Error'),_('Error Getting ForumHTML'));
319 } elseif ($fh->isError()) {
320 exit_error(_('Error'),$fh->getErrorMessage());
323 forum_header(array('title'=>_('Edit a Message')));
324 $fh->showEditForm($fm);
325 forum_footer(array());
328 exit_permission_denied();
332 if ($fa->isGroupIdError()) {
334 } elseif ($fa->isPermissionDeniedError()) {
335 exit_permission_denied();
340 Show main page for choosing
341 either moderator or delete
343 forum_header(array('title'=>_('Forums: Administration')));
348 if ($p->isForumAdmin()) {
349 $fa = new ForumAdmin();
350 $fa->PrintAdminOptions();
353 // Get existing forums
355 $ff=new ForumFactory($g);
356 if (!$ff || !is_object($ff) || $ff->isError()) {
357 exit_error(_('Error'),$ff->getErrorMessage());
360 $farr =& $ff->getForumsAdmin();
362 if ($ff->isError()) {
363 echo '<h1>'.sprintf(_('No Forums Found For %1$s'), $g->getPublicName()) .'</h1>';
364 echo $ff->getErrorMessage();
365 forum_footer(array());
370 List the existing forums so they can be edited.
373 for ($j = 0; $j < count($farr); $j++) {
374 if (!is_object($farr[$j])) {
375 //just skip it - this object should never have been placed here
376 } elseif ($farr[$j]->isError()) {
377 echo $farr[$j]->getErrorMessage();
379 echo '<p><a href="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&change_status=1&group_forum_id='. $farr[$j]->getID() .'">'.
380 $farr[$j]->getName() .'</a><br />'.$farr[$j]->getDescription().'<br /><a href="monitor.php?group_id='.$group_id.'&group_forum_id='. $farr[$j]->getID() .'">'.
381 _('Monitoring Users').'</a></p>';
385 forum_footer(array());
390 Not logged in or insufficient privileges
395 exit_permission_denied();