5 * Copyright 1999-2001 (c) VA Linux Systems
6 * Copyright 2002-2004 (c) GForge Team
7 * Copyright 2005 (c) Daniel Perez
8 * Copyright 2010 (c) Franck Villaume - Capgemini
9 * Copyright (C) 2010-2012 Alain Peyrat - Alcatel-Lucent
10 * Copyright 2014, Franck Villaume - TrivialDev
11 * http://fusionforge.org/
13 * This file is part of FusionForge. FusionForge is free software;
14 * you can redistribute it and/or modify it under the terms of the
15 * GNU General Public License as published by the Free Software
16 * Foundation; either version 2 of the Licence, or (at your option)
19 * FusionForge is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License along
25 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
26 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
29 require_once $gfcommon.'forum/Forum.class.php';
30 require_once $gfcommon.'forum/ForumMessage.class.php';
31 require_once $gfcommon.'forum/AttachManager.class.php';
33 class ForumAdmin extends FFError {
37 function __construct($group_id) {
38 parent::__construct();
39 $this->group_id = $group_id;
41 $this->group_id = $group_id;
42 $this->g = group_get_object($group_id);
43 $this->p =& $this->g->getPermission();
44 if (!$this->g->usesForum()) {
45 $this->setError(sprintf(_('%s does not use the Forum tool.'), $this->g->getPublicName()));
51 * PrintAdminMessageOptions - prints the different administrator options for a message
53 * @param int $msg_id The Message ID
54 * @param int $group_id The Project ID
55 * @param int $thread_id The Thread ID : to return to the message if the user cancels (forumhtml only, not message.php)
56 * @param int $forum_id The Forum ID : to return to the message if the user cancels (forumhtml only, not message.php)
57 * @param int $return_to_message
58 * @return string The HTML output
60 function PrintAdminMessageOptions($msg_id,$group_id,$thread_id=0,$forum_id=0,$return_to_message=0) {
62 $return = util_make_link('/forum/admin/?movethread='.$thread_id.'&msg_id='.$msg_id.'&group_id='.$group_id.'&forum_id='.$forum_id.'&return_to_message='.$return_to_message, html_image('ic/forum_move.png', 16, 18, array('alt' => _('Move Thread'))));
64 // Following code (if ...) is to keep old implementation but need to be cleaned
65 if ($return_to_message) {
69 $return .= util_make_link('/forum/admin/?editmsg='.$msg_id.'&group_id='.$group_id.'&thread_id='.$thread_id.'&forum_id='.$forum_id, html_image('ic/forum_edit.png', 16, 18, array('alt' => _("Edit"))));
70 $return .= util_make_link('/forum/admin/?deletemsg='.$msg_id.'&group_id='.$group_id.'&thread_id='.$thread_id.'&forum_id='.$forum_id, html_image('ic/forum_delete.png', 16, 18, array('alt'=>_("Delete"))));
75 * PrintAdminOptions - prints the different administrator option for the forums (heading).
78 function PrintAdminOptions() {
80 echo html_e('p', array(), util_make_link('/forum/admin/?group_id='.$group_id.'&add_forum=1', _('Add Forum')).
81 ' | '.util_make_link('/forum/admin/pending.php?action=view_pending&group_id='.$group_id, _('Manage Pending Messages')).'<br />');
85 * PrintAdminOptions - prints the administrator option for an individual forum, to link to the pending messages management
87 * @param int $forum_id The Forum ID.
89 function PrintAdminPendingOption($forum_id) {
90 echo html_e('p', array(), util_make_link('/forum/admin/pending.php?action=view_pending&group_id='.$this->group_id.'&forum_id='.$forum_id, _('Manage Pending Messages')).'<br />');
94 * GetPermission - Gets the permission for the user
96 * @return object The permission
98 function &GetPermission() {
103 * GetGroupObject - Gets the group object of the forum
105 * @return object The group obj
107 function &GetGroupObject() {
112 * isGroupAdmin - checks whether the authorized user is a group admin for the forums. The user must be authenticated
115 function isGroupAdmin() {
116 return forge_check_perm ('forum_admin', $this->group_id) ;
120 * Authorized - authorizes and returns true if the user is authorized for the group, or false.
122 * @param string $group_id The group id.
125 function Authorized($group_id) {
127 $this->setGroupIdError();
130 if (!session_loggedin()) {
131 $this->setPermissionDeniedError();
134 $this->group_id = $group_id;
135 $this->g = group_get_object($group_id);
136 if (!$this->g || !is_object($this->g) || $this->g->isError()) {
137 $this->setGroupIdError();
140 $this->p =& $this->g->getPermission();
141 if (!$this->p || !is_object($this->p) || $this->p->isError()) {
142 $this->setPermissionDeniedError();
149 * ExecuteAction - Executes the action passed as parameter
151 * @param string $action action to execute.
154 function ExecuteAction($action) {
158 if ($action == "change_status") { //change a forum
159 $forum_name = getStringFromRequest('forum_name');
160 $description = getStringFromRequest('description');
161 $send_all_posts_to = getStringFromRequest('send_all_posts_to');
162 $group_forum_id = getIntFromRequest('group_forum_id');
166 $f = new Forum($this->g, $group_forum_id);
167 if (!$f || !is_object($f)) {
168 exit_error(_('Error getting Forum'), 'forums');
169 } elseif ($f->isError()) {
170 exit_error($f->getErrorMessage(), 'forums');
173 session_require_perm('forum_admin', $f->Group->getID());
175 if (!$f->update($forum_name,$description,$send_all_posts_to)) {
176 exit_error($f->getErrorMessage(),'forums');
178 $feedback = _('Forum Info Updated Successfully');
182 if ($action == "add_forum") { //add forum
183 $forum_name = getStringFromRequest('forum_name');
184 $description = getStringFromRequest('description');
185 $send_all_posts_to = getStringFromRequest('send_all_posts_to');
187 Adding forums to this group
189 if (!forge_check_perm ('forum_admin', $this->g->getID())) {
190 form_release_key(getStringFromRequest("form_key"));
191 exit_permission_denied('forums');
193 $f = new Forum($this->g);
194 if (!$f || !is_object($f)) {
195 form_release_key(getStringFromRequest("form_key"));
196 exit_error(_('Error getting Forum'),'forums');
197 } elseif ($f->isError()) {
198 form_release_key(getStringFromRequest("form_key"));
199 exit_error($f->getErrorMessage(),'forums');
201 if (!$f->create($forum_name,$description,$send_all_posts_to,1)) {
202 form_release_key(getStringFromRequest("form_key"));
203 exit_error($f->getErrorMessage(),'forums');
205 $feedback = _('Forum added successfully');
209 if ($action == "delete") { //Deleting messages or threads
210 $msg_id = getIntFromRequest('deletemsg');
211 $forum_id = getIntFromRequest('forum_id');
212 $f = new Forum($this->g,$forum_id);
213 if (!$f || !is_object($f)) {
214 exit_error(_('Error getting Forum'),'forums');
215 } elseif ($f->isError()) {
216 exit_error($f->getErrorMessage(),'forums');
219 session_require_perm ('forum_admin', $f->Group->getID()) ;
221 $fm = new ForumMessage($f, $msg_id);
222 if (!$fm || !is_object($fm)) {
223 exit_error(_('Error Getting ForumMessage'),'forums');
224 } elseif ($fm->isError()) {
225 exit_error($fm->getErrorMessage(),'forums');
227 $count=$fm->delete();
228 if (!$count || $fm->isError()) {
229 exit_error($fm->getErrorMessage(),'forums');
231 $feedback = sprintf(ngettext('%s message deleted', '%s messages deleted', $count), $count);
235 if ($action == "delete_forum") { //delete the forum
237 Deleting entire forum
239 $group_forum_id = getIntFromRequest('group_forum_id');
240 $f = new Forum($this->g, $group_forum_id);
241 if (!$f || !is_object($f)) {
242 exit_error(_('Error getting Forum'),'forums');
243 } elseif ($f->isError()) {
244 exit_error($f->getErrorMessage(),'forums');
247 session_require_perm('forum_admin', $f->Group->getID()) ;
249 if (!$f->delete(getStringFromRequest('sure'),getStringFromRequest('really_sure'))) {
250 exit_error($f->getErrorMessage(),'forums');
252 $feedback = _('Successfully Deleted.');
256 if ($action=="view_pending") {
257 //show the pending messages, awaiting moderation
258 $group_id = $this->group_id;
259 $forum_id = getStringFromRequest("forum_id");
260 if ($this->isGroupAdmin()) {
261 $this->PrintAdminOptions();
263 $res = db_query_params('SELECT fgl.forum_name, fgl.group_forum_id FROM forum_group_list fgl, forum_pending_messages fpm WHERE fgl.group_id=$1 AND fpm.group_forum_id = fgl.group_forum_id GROUP BY fgl.forum_name, fgl.group_forum_id',
270 $moderated_forums = array();
271 for ($i=0;$i<db_numrows($res);$i++) {
272 $aux = db_fetch_array($res);
273 $moderated_forums[$aux[1]] = $aux[0];
276 if (empty($moderated_forums)) {
277 echo $HTML->feedback(_('No forums are moderated for this group'));
283 $keys = array_keys($moderated_forums);
284 $forum_id = $keys[0];
288 <script type="text/javascript">/* <![CDATA[ */
290 function confirmDel() {
291 var agree=confirm("' . _('Proceed? Actions are permanent!') . '");
299 echo $HTML->openForm(array('name' => 'pending', 'action' => '/forum/admin/pending.php', 'method' => 'post'));
301 <input type="hidden" name="action" value="update_pending" />
302 <input type="hidden" name="form_key" value="' . form_generate_key() . '" />
303 <input type="hidden" name="group_id" value="' . getIntFromRequest("group_id") . '" />
304 <input type="hidden" name="forum_id" value="' . $forum_id . '" />
307 echo html_build_select_box_from_assoc($moderated_forums,'forum_id',$forum_id);
308 echo ' <input name="Go" type="submit" value="Go" />';
311 $title[] = _('Forum Name');
312 $title[] = _('Message');
313 $title[] = _('Action');
315 $res = db_query_params('SELECT msg_id,subject,pm.group_forum_id,gl.forum_name FROM forum_pending_messages pm, forum_group_list gl WHERE pm.group_forum_id=$1 AND pm.group_forum_id=gl.group_forum_id AND gl.group_forum_id=$2',
323 //array with the supported actions
324 $options = array("1" => _("No action"),
326 "3" => _("Release"));
327 //i'll make a hidden variable, helps to determine when the user updates the info, which action corresponds to which msgID
329 for($i=0;$i<db_numrows($res);$i++) {
330 $ids .= db_result($res,$i,'msg_id') . ",";
333 echo $HTML->listTableTop($title);
334 while ($onemsg = db_fetch_array($res)) {
337 <td>$onemsg[forum_name]</td>
338 <td><a href=\"#\" onclick=\"window.open('pendingmsgdetail.php?msg_id=$onemsg[msg_id]&forum_id=$onemsg[group_forum_id]&group_id=$group_id','PendingMessageDetail','width=800,height=600,status=no,resizable=yes');\">$onemsg[subject]</a></td>
339 <td><div class=\"align-right\">" . html_build_select_box_from_assoc($options,"doaction[]",1) . "</div></td>
343 echo $HTML->listTableBottom();
345 <input type="hidden" name="msgids" value="' . $ids . '" />
346 <p class="align-right"><input type="submit" onclick="return confirmDel();" name="update" value="' . _('Update') . '" /></p>
348 echo $HTML->closeForm();
350 if ($action == "update_pending") {
351 $forum_id = getIntFromRequest("forum_id");
352 $msgids = getStringFromRequest("msgids");//the message ids to update
353 $doaction = getArrayFromRequest("doaction"); //the actions for the messages
355 $msgids = explode(",", $msgids);
356 array_pop($msgids);//this last one is empty
358 for($i=0;$i<count($msgids);$i++) {
359 switch ($doaction[$i]) {
367 $res_pa = db_query_params('SELECT attachmentid FROM forum_pending_attachment WHERE msg_id=$1',
369 while ($pa = db_fetch_array($res_pa)) {
370 ForumPendingStorage::instance()->delete($pa['attachmentid']);
371 db_query_params('DELETE FROM forum_pending_attachment WHERE attachmentid=$1', array($pa['attachmentid']));
373 if (!db_query_params('DELETE FROM forum_pending_messages WHERE msg_id=$1',
374 array ($msgids[$i]))) {
375 $error_msg = "DB Error: ". db_error();
377 ForumPendingStorage::instance()->rollback();
381 ForumPendingStorage::instance()->commit();
382 $feedback .= _('Forum deleted');
387 $res1 = db_query_params ('SELECT * FROM forum_pending_messages WHERE msg_id=$1',
388 array ($msgids[$i]));
390 $error_msg = "DB Error " . db_error() . "<br />";
393 $res2 = db_query_params ('SELECT * FROM forum_pending_attachment WHERE msg_id=$1',
394 array ($msgids[$i]));
396 $error_msg = "DB Error " . db_error() . "<br />";
399 $f = new Forum($this->g,$forum_id);
400 if (!$f || !is_object($f)) {
401 exit_error(_('Error getting new Forum'),'forums');
402 } elseif ($f->isError()) {
403 exit_error($f->getErrorMessage(),'forums');
405 $fm = new ForumMessage($f); // pending = false
406 if (!$fm || !is_object($fm)) {
407 exit_error(_('Error getting new forum message'),'forums');
408 } elseif ($fm->isError()) {
409 exit_error(_('Error getting new forum message')._(': ').$fm->getErrorMessage(),'forums');
411 $group_forum_id = db_result($res1,0,"group_forum_id");
412 $subject = db_result($res1,0,"subject");
413 $body = db_result($res1,0,"body");
414 $post_date = db_result($res1,0,"post_date");
415 $thread_id = db_result($res1,0,"thread_id");
416 $is_followup_to = db_result($res1,0,"is_followup_to");
417 $posted_by = db_result($res1,0,"posted_by");
418 if ($fm->insertreleasedmsg($group_forum_id,$subject, $body,$post_date, $thread_id, $is_followup_to,$posted_by,time())) {
419 $feedback .= "($subject) " . _('Pending message released') . "<br />";
420 if (db_numrows($res2)>0) {
421 //if there's an attachment
422 $am = new AttachManager();//object that will handle and insert the attachment into the db
423 $am->SetForumMsg($fm);
424 $userid = db_result($res2,0,"userid");
425 $dateline = db_result($res2,0,"dateline");
426 $filename = db_result($res2,0,"filename");
427 $filedata = ForumPendingStorage::instance()->get_storage(db_result($res2,0,"attachmentid"));
428 $filesize = db_result($res2,0,"filesize");
429 $visible = db_result($res2,0,"visible");
430 $msg_id = db_result($res2,0,"msg_id");
431 $filehash = db_result($res2,0,"filehash");
432 $mimetype = db_result($res2,0,"mimetype");
433 $am->AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype);
434 foreach ($am->Getmessages() as $item) {
435 $feedback .= "$msg_id - " . $item . "<br />";
440 if ($fm->isError()) {
441 if ( $fm->getErrorMessage() == (_('Could not Update Master Thread parent with current time')) ) {
442 //the thread which the message was replying to doesn't exist any more
443 $feedback .= "( " . $subject . " ) " . _('The thread which the message was posted to doesn\'t exist anymore, please delete the message.') . "<br />";
445 $error_msg .= "$msg_id - " . $fm->getErrorMessage() . "<br />";
451 if ( isset($am) && (is_object($am)) ) {
452 //if there was an attach, check if it was uploaded ok
453 if (!$am->isError()) {
456 //undo the changes to the forum table
458 if (!db_query_params ('DELETE FROM forum WHERE msg_id=$1',
459 array ($fm->getID()))) {
460 $error_msg .= "DB Error: ". db_error();
470 // delete the message
471 // delete attachments (in the DB only, files already moved by FileStorage::store)
473 if (!db_query_params ('DELETE FROM forum_pending_attachment WHERE msg_id=$1',
474 array ($msgids[$i]))) {
475 $error_msg = "DB Error: ". db_error();
479 if (!db_query_params ('DELETE FROM forum_pending_messages WHERE msg_id=$1',
480 array ($msgids[$i]))) {
481 $error_msg = "DB Error: ". db_error();
490 html_feedback_top($feedback);
491 $this->ExecuteAction("view_pending");
498 // c-file-style: "bsd"