5 * Copyright 1999-2001 (c) VA Linux Systems
6 * Copyright 2002-2004 (c) GForge Team
7 * Copyright 2005 (c) Daniel Perez
8 * Copyright 2010 (c) Franck Villaume - Capgemini
9 * Copyright (C) 2010-2012 Alain Peyrat - Alcatel-Lucent
10 * http://fusionforge.org/
12 * This file is part of FusionForge. FusionForge is free software;
13 * you can redistribute it and/or modify it under the terms of the
14 * GNU General Public License as published by the Free Software
15 * Foundation; either version 2 of the Licence, or (at your option)
18 * FusionForge is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License along
24 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 class ForumAdmin extends Error {
32 function __construct($group_id) {
34 $this->group_id = $group_id;
36 $this->group_id = $group_id;
37 $this->g = group_get_object($group_id);
38 $this->p =& $this->g->getPermission();
39 if (!$this->g->usesForum()) {
40 $this->setError(sprintf(_('%s does not use the Forum tool.'),
41 $this->g->getPublicName()));
48 * PrintAdminMessageOptions - prints the different administrator options for a message
50 * @param int $msg_id The Message ID
51 * @param int $group_id The Project ID
52 * @param int $thread_id The Thread ID : to return to the message if the user cancels (forumhtml only, not message.php)
53 * @param int $forum_id The Forum ID : to return to the message if the user cancels (forumhtml only, not message.php)
54 * @param int $return_to_message
55 * @return string The HTML output
58 function PrintAdminMessageOptions($msg_id,$group_id,$thread_id=0,$forum_id=0,$return_to_message=0) {
60 $return = '<a href="admin/index.php?movethread=' . $thread_id . '&msg_id=' . $msg_id . '&group_id=' . $group_id . '&forum_id=' . $forum_id .
61 '&return_to_message=' . $return_to_message . '">' . html_image('ic/forum_move.gif','37','15',array('alt'=>_('Move Thread'))). "</a>";
63 // Following code (if ...) is to keep old implementation but need to be cleaned
64 if ($return_to_message) {
68 $return .= ' <a href="admin/index.php?editmsg=' . $msg_id . '&group_id=' . $group_id . '&thread_id=' . $thread_id. '&forum_id=' . $forum_id . '">' . html_image('ic/forum_edit.gif','37','15',array('alt'=>_("Edit"))) . "</a>";
69 $return .= ' <a href="admin/index.php?deletemsg=' . $msg_id . '&group_id=' . $group_id . '&thread_id=' . $thread_id. '&forum_id=' . $forum_id . '">' . html_image('ic/forum_delete.gif','16','18',array('alt'=>_("Delete"))) . "</a>";
70 // $return .= "<br />";
75 * PrintAdminOptions - prints the different administrator option for the forums (heading).
79 function PrintAdminOptions() {
80 global $group_id,$forum_id;
84 <a href="index.php?group_id='.$group_id.'&add_forum=1">'._('Add Forum').'</a>';
86 | <a href="pending.php?action=view_pending&group_id=' . $group_id . '">' . _('Manage Pending Messages').'</a><br /></p>';
90 * PrintAdminOptions - prints the administrator option for an individual forum, to link to the pending messages management
92 * @param int $forum_id The Forum ID.
95 function PrintAdminPendingOption($forum_id) {
98 <a href="pending.php?action=view_pending&group_id=' . $this->group_id . '&forum_id=' . $forum_id . '">' . _('Manage Pending Messages').'</a><br /></p>';
102 * GetPermission - Gets the permission for the user
104 * @return object The permission
106 function &GetPermission() {
111 * GetGroupObject - Gets the group object of the forum
113 * @return object The group obj
115 function &GetGroupObject() {
120 * isGroupAdmin - checks whether the authorized user is a group admin for the forums. The user must be authenticated
123 function isGroupAdmin() {
124 return forge_check_perm ('forum_admin', $this->group_id) ;
128 * Authorized - authorizes and returns true if the user is authorized for the group, or false.
130 * @param string $group_id The group id.
134 function Authorized($group_id) {
136 $this->setGroupIdError();
139 if (!session_loggedin()) {
140 $this->setPermissionDeniedError();
143 $this->group_id = $group_id;
144 $this->g = group_get_object($group_id);
145 if (!$this->g || !is_object($this->g) || $this->g->isError()) {
146 $this->setGroupIdError();
149 $this->p =& $this->g->getPermission();
150 if (!$this->p || !is_object($this->p) || $this->p->isError()) {
151 $this->setPermissionDeniedError();
158 * ExecuteAction - Executes the action passed as parameter
160 * @param string $action action to execute.
163 function ExecuteAction ($action) {
167 if ($action == "change_status") { //change a forum
168 $forum_name = getStringFromRequest('forum_name');
169 $description = getStringFromRequest('description');
170 $send_all_posts_to = getStringFromRequest('send_all_posts_to');
171 $group_forum_id = getIntFromRequest('group_forum_id');
175 $f=new Forum($this->g,$group_forum_id);
176 if (!$f || !is_object($f)) {
177 exit_error(_('Error getting Forum'),'forums');
178 } elseif ($f->isError()) {
179 exit_error($f->getErrorMessage(),'forums');
182 session_require_perm ('forum_admin', $f->Group->getID()) ;
184 if (!$f->update($forum_name,$description,$send_all_posts_to)) {
185 $this->setError($f->getErrorMessage());
187 $feedback = _('Forum Info Updated Successfully');
191 if ($action == "add_forum") { //add forum
192 $forum_name = getStringFromRequest('forum_name');
193 $description = getStringFromRequest('description');
194 $send_all_posts_to = getStringFromRequest('send_all_posts_to');
196 Adding forums to this group
198 if (!forge_check_perm ('forum_admin', $this->g->getID())) {
199 form_release_key(getStringFromRequest("form_key"));
200 exit_permission_denied('forums');
202 $f=new Forum($this->g);
203 if (!$f || !is_object($f)) {
204 form_release_key(getStringFromRequest("form_key"));
205 exit_error(_('Error getting Forum'),'forums');
206 } elseif ($f->isError()) {
207 form_release_key(getStringFromRequest("form_key"));
208 exit_error($f->getErrorMessage(),'forums');
210 if (!$f->create($forum_name,$description,$send_all_posts_to,1)) {
211 form_release_key(getStringFromRequest("form_key"));
212 $this->setError($f->getErrorMessage());
214 $feedback = _('Forum added successfully');
218 if ($action == "delete") { //Deleting messages or threads
219 $msg_id = getIntFromRequest('deletemsg');
220 $forum_id = getIntFromRequest('forum_id');
221 $f=new Forum($this->g,$forum_id);
222 if (!$f || !is_object($f)) {
223 exit_error(_('Error getting Forum'),'forums');
224 } elseif ($f->isError()) {
225 exit_error($f->getErrorMessage(),'forums');
228 session_require_perm ('forum_admin', $f->Group->getID()) ;
230 $fm=new ForumMessage($f,$msg_id);
231 if (!$fm || !is_object($fm)) {
232 exit_error(_('Error Getting ForumMessage'),'forums');
233 } elseif ($fm->isError()) {
234 exit_error($fm->getErrorMessage(),'forums');
236 $count=$fm->delete();
237 if (!$count || $fm->isError()) {
238 exit_error($fm->getErrorMessage(),'forums');
240 $feedback = sprintf(ngettext('%s message deleted', '%s messages deleted', $count), $count);
244 if ($action == "delete_forum") { //delete the forum
246 Deleting entire forum
248 $group_forum_id = getIntFromRequest('group_forum_id');
249 $f=new Forum($this->g,$group_forum_id);
250 if (!$f || !is_object($f)) {
251 exit_error(_('Error getting Forum'),'forums');
252 } elseif ($f->isError()) {
253 exit_error($f->getErrorMessage(),'forums');
256 session_require_perm ('forum_admin', $f->Group->getID()) ;
258 if (!$f->delete(getStringFromRequest('sure'),getStringFromRequest('really_sure'))) {
259 exit_error($f->getErrorMessage(),'forums');
261 $feedback = _('Successfully Deleted.');
265 if ($action=="view_pending") {
266 //show the pending messages, awaiting moderation
267 $group_id = $this->group_id;
268 $forum_id = getStringFromRequest("forum_id");
269 if ($this->isGroupAdmin()) {
270 $this->PrintAdminOptions();
272 $res = db_query_params ('SELECT fgl.forum_name, fgl.group_forum_id FROM forum_group_list fgl, forum_pending_messages fpm WHERE fgl.group_id=$1 AND fpm.group_forum_id = fgl.group_forum_id GROUP BY fgl.forum_name, fgl.group_forum_id',
279 $moderated_forums = array();
280 for ($i=0;$i<db_numrows($res);$i++) {
281 $aux = db_fetch_array($res);
282 $moderated_forums[$aux[1]] = $aux[0];
285 if (count($moderated_forums)==0) {
286 echo $HTML->feedback(_('No forums are moderated for this group'));
287 forum_footer(array());
292 $keys = array_keys($moderated_forums);
293 $forum_id = $keys[0];
297 <script type="text/javascript">/* <![CDATA[ */
299 function confirmDel() {
300 var agree=confirm("' . _('Proceed? Actions are permanent!') . '");
308 <form name="pending" action="pending.php" method="post">
309 <input type="hidden" name="action" value="update_pending" />
310 <input type="hidden" name="form_key" value="' . form_generate_key() . '" />
311 <input type="hidden" name="group_id" value="' . getIntFromRequest("group_id") . '" />
312 <input type="hidden" name="forum_id" value="' . $forum_id . '" />
316 echo html_build_select_box_from_assoc($moderated_forums,'forum_id',$forum_id);
317 echo ' <input name="Go" type="submit" value="Go" />';
320 $title[] = _('Forum Name');
321 $title[] = _('Message');
324 $res = db_query_params ('SELECT msg_id,subject,pm.group_forum_id,gl.forum_name FROM forum_pending_messages pm, forum_group_list gl WHERE pm.group_forum_id=$1 AND pm.group_forum_id=gl.group_forum_id AND gl.group_forum_id=$2',
332 //array with the supported actions
333 $options = array("1" => _("No action"),
335 "3" => _("Release"));
336 //i'll make a hidden variable, helps to determine when the user updates the info, which action corresponds to which msgID
338 for($i=0;$i<db_numrows($res);$i++) {
339 $ids .= db_result($res,$i,'msg_id') . ",";
343 echo $HTML->listTableTop($title);
344 while ($onemsg = db_fetch_array($res)) {
346 //$url = 'pendingmsgdetail.php?msg_id=' . $onemsg[msg_id];
347 //<a href=\"javascript:msgdetail('$url');\">$onemsg[subject]</a>
348 $url = "http://www.google.com";
350 <tr " . $HTML->boxGetAltRowStyle($i++). ">
351 <td>$onemsg[forum_name]</td>
352 <td><a href=\"#\" onclick=\"window.open('pendingmsgdetail.php?msg_id=$onemsg[msg_id]&forum_id=$onemsg[group_forum_id]&group_id=$group_id','PendingMessageDetail','width=800,height=600,status=no,resizable=yes');\">$onemsg[subject]</a></td>
353 <td><div class=\"align-right\">" . html_build_select_box_from_assoc($options,"doaction[]",1) . "</div></td>
357 echo $HTML->listTableBottom();
359 <input type="hidden" name="msgids" value="' . $ids . '" />
360 <p class="align-right"><input type="submit" onclick="return confirmDel();" name="update" value="' . _('Update') . '" /></p>
364 if ($action == "update_pending") {
365 $group_id = getIntFromRequest("group_id");
366 $forum_id = getIntFromRequest("forum_id");
367 $msgids = getStringFromRequest("msgids");//the message ids to update
368 $doaction = getArrayFromRequest("doaction"); //the actions for the messages
370 $msgids = explode(",",$msgids);
371 array_pop($msgids);//this last one is empty
373 /*if ($this->isGroupAdmin()) {
374 $this->PrintAdminOptions();
377 $results = array(); //messages
378 for($i=0;$i<count($msgids);$i++) {
379 switch ($doaction[$i]) {
387 if (!db_query_params ('DELETE FROM forum_pending_attachment WHERE msg_id=$1',
388 array ($msgids[$i]))) {
389 $error_msg .= "DB Error: ". db_error();
393 if (!db_query_params ('DELETE FROM forum_pending_messages WHERE msg_id=$1',
394 array ($msgids[$i]))) {
395 $error_msg .= "DB Error: ". db_error();
400 $feedback .= _('Forum deleted');
405 $res1 = db_query_params ('SELECT * FROM forum_pending_messages WHERE msg_id=$1',
406 array ($msgids[$i]));
408 $error_msg .= "DB Error " . db_error() . "<br />";
411 $res2 = db_query_params ('SELECT * FROM forum_pending_attachment WHERE msg_id=$1',
412 array ($msgids[$i]));
414 $error_msg .= "DB Error " . db_error() . "<br />";
417 $f = new Forum($this->g,$forum_id);
418 if (!$f || !is_object($f)) {
419 exit_error(_('Error getting new Forum'),'forums');
420 } elseif ($f->isError()) {
421 exit_error($f->getErrorMessage(),'forums');
423 $fm = new ForumMessage($f); // pending = false
424 if (!$fm || !is_object($fm)) {
425 exit_error(_('Error getting new ForumMessage'),'forums');
426 } elseif ($fm->isError()) {
427 exit_error(_('Error getting new ForumMessage')._(': ').$fm->getErrorMessage(),'forums');
429 $group_forum_id = db_result($res1,0,"group_forum_id");
430 $subject = db_result($res1,0,"subject");
431 $body = db_result($res1,0,"body");
432 $post_date = db_result($res1,0,"post_date");
433 $thread_id = db_result($res1,0,"thread_id");
434 $is_followup_to = db_result($res1,0,"is_followup_to");
435 $posted_by = db_result($res1,0,"posted_by");
436 $has_followups = db_result($res1,0,"has_followups");
437 $most_recent_date = db_result($res1,0,"most_recent_date");
438 if ($fm->insertreleasedmsg($group_forum_id,$subject, $body,$post_date, $thread_id, $is_followup_to,$posted_by,$has_followups,time())) {
439 $feedback .= "($subject) " . _('Pending message released') . "<br />";
440 if (db_numrows($res2)>0) {
441 //if there's an attachment
442 $am = NEW AttachManager();//object that will handle and insert the attachment into the db
443 $am->SetForumMsg($fm);
444 $userid = db_result($res2,0,"userid");
445 $dateline = db_result($res2,0,"dateline");
446 $filename = db_result($res2,0,"filename");
447 $filedata = db_result($res2,0,"filedata");
448 $filesize = db_result($res2,0,"filesize");
449 $visible = db_result($res2,0,"visible");
450 $msg_id = db_result($res2,0,"msg_id");
451 $filehash = db_result($res2,0,"filehash");
452 $mimetype = db_result($res2,0,"mimetype");
453 $am->AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype);
454 foreach ($am->Getmessages() as $item) {
455 $feedback .= "$msg_id - " . $item . "<br />";
460 if ($fm->isError()) {
461 if ( $fm->getErrorMessage() == (_('Could not Update Master Thread parent with current time')) ) {
462 //the thread which the message was replying to doesn't exist any more
463 $feedback .= "( " . $subject . " ) " . _('The thread which the message was posted to doesn\'t exist anymore, please delete the message.') . "<br />";
465 $error_msg .= "$msg_id - " . $fm->getErrorMessage() . "<br />";
471 if ( isset($am) && (is_object($am)) ) {
472 //if there was an attach, check if it was uploaded ok
473 if ((!$am->isError())) {
476 //undo the changes to the forum table
478 if (!db_query_params ('DELETE FROM forum WHERE msg_id=$1',
479 array ($fm->getID()))) {
480 $error_msg .= "DB Error ". db_error();
490 //delete the message and attach
492 if (!db_query_params ('DELETE FROM forum_pending_attachment WHERE msg_id=$1',
493 array ($msgids[$i]))) {
494 $error_msg .= "DB Error: ". db_error();
498 if (!db_query_params ('DELETE FROM forum_pending_messages WHERE msg_id=$1',
499 array ($msgids[$i]))) {
500 $error_msg .= "DB Error: ". db_error();
509 html_feedback_top($feedback);
511 $this->ExecuteAction("view_pending");
518 // c-file-style: "bsd"