*
* Copyright 1999-2001, Tim Perdue - Sourceforge
* Copyright 2002, Tim Perdue - GForge, LLC
- * Copyright 2010 (c) Franck Villaume - Capgemini
+ * Copyright 2010-2011, Franck Villaume - Capgemini
+ * Copyright (C) 2010-2011 Alain Peyrat - Alcatel-Lucent
* http://fusionforge.org
*
* This file is part of FusionForge. FusionForge is free software;
require_once('../env.inc.php');
require_once $gfcommon.'include/pre.php';
-require_once $gfwww.'forum/include/ForumHTML.class.php';
+require_once $gfcommon.'forum/ForumHTML.class.php';
require_once $gfcommon.'forum/Forum.class.php';
require_once $gfcommon.'forum/ForumFactory.class.php';
require_once $gfcommon.'forum/ForumMessageFactory.class.php';
require_once $gfcommon.'forum/ForumMessage.class.php';
-require_once $gfwww.'forum/include/AttachManager.class.php'; //attachent manager
+require_once $gfcommon.'forum/AttachManager.class.php'; //attachent manager
require_once $gfcommon.'include/TextSanitizer.class.php'; // to make the HTML input by the user safe to store
$forum_id = getIntFromRequest('forum_id');
$offset = getIntFromRequest('offset');
$max_rows = getIntFromRequest('max_rows');
$set = getStringFromRequest('set');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
if ($forum_id) {
/*
Get the group_id based on this forum_id
*/
- $result=db_query_params ('SELECT group_id
+ $result=db_query_params('SELECT group_id
FROM forum_group_list
WHERE group_forum_id=$1',
array($forum_id));
if (!$result || db_numrows($result) < 1) {
- exit_error(_('Error forum not found: ').db_error(),'forums');
+ exit_error(_('Error forum not found: ').db_error(), 'forums');
}
- $group_id=db_result($result,0,'group_id');
+ $group_id = db_result($result,0,'group_id');
//
// Set up local objects
//
- $g =& group_get_object($group_id);
+ $g = group_get_object($group_id);
if (!$g || !is_object($g) || $g->isError()) {
exit_no_group();
}
- $f=new Forum($g,$forum_id);
+ $f=new Forum($g, $forum_id);
if (!$f || !is_object($f)) {
- exit_error(_('Error getting new Forum'),'forums');
+ exit_error(_('Error getting new Forum'), 'forums');
} elseif ($f->isError()) {
- exit_error($f->getErrorMessage(),'forums');
+ exit_error($f->getErrorMessage(), 'forums');
}
/*
$body = getStringFromRequest('body');
$is_followup_to = getStringFromRequest('is_followup_to');
- $fm=new ForumMessage($f);
+ $fm = new ForumMessage($f);
if (!$fm || !is_object($fm)) {
form_release_key(getStringFromRequest("form_key"));
- exit_error(_('Error getting new ForumMessage'),'forums');
+ exit_error(_('Error getting new ForumMessage'), 'forums');
} elseif ($fm->isError()) {
form_release_key(getStringFromRequest("form_key"));
- exit_error(_('Error getting new ForumMessage:'.' '.$fm->getErrorMessage()),'forums');
+ exit_error(_('Error getting new ForumMessage:'.' '.$fm->getErrorMessage()), 'forums');
}
- $sanitizer = new TextSanitizer();
- $body = $sanitizer->SanitizeHtml($body);
+ if (getStringFromRequest('_body_content_type') == 'html') {
+ $body = TextSanitizer::purify($body);
+ } else {
+ $body = htmlspecialchars($body);
+ }
$attach = getUploadedFile("attachment1");
if ($attach['size']) {
if (!$fm->create($subject, $body, $thread_id, $is_followup_to,$has_attach) || $fm->isError()) {
form_release_key(getStringFromRequest("form_key"));
- exit_error(_('Error creating ForumMessage:').' '.$fm->getErrorMessage(),'forums');
+ exit_error(_('Error creating ForumMessage:').' '.$fm->getErrorMessage(), 'forums');
} else {
if ($fm->isPending() ) {
- $feedback=_('Message Queued for moderation -> Please wait until the admin approves/rejects it');
+ $feedback = _('Message Queued for moderation -> Please wait until the admin approves/rejects it');
} else {
- $feedback=_('Message Posted Successfully');
+ $feedback = _('Message Posted Successfully');
}
- $am = NEW AttachManager();//object that will handle and insert the attachment into the db
+ $am = new AttachManager();//object that will handle and insert the attachment into the db
$am->SetForumMsg($fm);
- $am->attach($attach,$group_id,0,$fm->getID());
+ $am->attach($attach, $group_id, 0, $fm->getID());
foreach ($am->Getmessages() as $item) {
$feedback .= "<br />" . $item;
}
$fmf = new ForumMessageFactory($f);
if (!$fmf || !is_object($fmf)) {
form_release_key(getStringFromRequest("form_key"));
- exit_error(_('Error getting new ForumMessageFactory'),'forums');
+ exit_error(_('Error getting new ForumMessageFactory'), 'forums');
} elseif ($fmf->isError()) {
form_release_key(getStringFromRequest("form_key"));
- exit_error($fmf->getErrorMessage(),'forums');
+ exit_error($fmf->getErrorMessage(), 'forums');
}
//echo "<br /> style: $style|max_rows: $max_rows|offset: $offset+";
- $fmf->setUp($offset,$style,$max_rows,$set);
+ $fmf->setUp($offset, $style, $max_rows, $set);
$style=$fmf->getStyle();
$max_rows=$fmf->max_rows;
$fh = new ForumHTML($f);
if (!$fh || !is_object($fh)) {
- exit_error(_('Error getting new ForumHTML'),'forums');
+ exit_error(_('Error getting new ForumHTML'), 'forums');
} elseif ($fh->isError()) {
- exit_error($fh->getErrorMessage(),'forums');
+ exit_error($fh->getErrorMessage(), 'forums');
}
- forum_header(array('title'=>_('Forum: ') . $f->getName(),'forum_id'=>$forum_id));
+ forum_header(array('title'=>_('Forum: ') . $f->getName(), 'forum_id'=>$forum_id));
/**
*
//now show the popup boxes in a form
$ret_val = '
<form action="'. getStringFromServer('PHP_SELF') .'" method="get">
+ <table border="0" width="33%">
+ <tr><td>
<input type="hidden" name="set" value="custom" />
<input type="hidden" name="forum_id" value="'.$forum_id.'" />
- <table border="0" width="33%">
- <tr><td>'. $options_popup .
+ '. $options_popup .
'</td><td>'. $max_row_popup .
'</td><td><input type="submit" name="submit" value="'.
_('Change View').'" />
</td></tr>
- </table></form>
- <p> </p>';
+ </table></form>';
+
$am = new AttachManager();
$ret_val .= $am->PrintHelperFunctions();
if ($style=='nested') {
$ret_val .= '<tr '. $GLOBALS['HTML']->boxGetAltRowStyle($total_rows) .'>
<td><a href="'.util_make_url ('/forum/message.php?msg_id='.$msg->getID().
'&group_id='.$group_id).'&reply=0">'.
- html_image('ic/msg.png',"10","12").' ';
+ html_image('ic/msg.png').' ';
/*
See if this message is new or not
If so, highlite it in bold
$title_arr[]=_('Topic Starter');
$title_arr[]=_('Replies');
$title_arr[]=_('Last Post');
-
+
$ret_val .= $GLOBALS['HTML']->listTableTop ($title_arr);
$i=0;
while (($row=db_fetch_array($result)) && ($i < $max_rows)) {
$ret_val .= '
- <tr '. $GLOBALS['HTML']->boxGetAltRowStyle($i) .'><td><a href="'.util_make_url ('/forum/forum.php?thread_id='.
+ <tr '. $GLOBALS['HTML']->boxGetAltRowStyle($i) .'><td><a href="'.util_make_uri('/forum/forum.php?thread_id='.
$row['thread_id'].'&forum_id='.$forum_id.'&group_id='.$group_id).'">'.
- html_image('ic/cfolder15.png',"15","13") . ' ';
+ html_image('ic/cfolder15.png') . ' ';
/*
See if this message is new or not
If so, highlite it in bold
/*
This code puts the nice next/prev.
*/
- $ret_val .= '<table width="100%" border="0">
- <tr class="tablecontent"><td width="50%">';
- if ($offset != 0) {
- $ret_val .= '<span class="prev">
- <a href="javascript:history.back()"><strong>' .
- html_image('t2.png',"15","15") ._('Newer Messages').'</strong></a></span>';
- } else {
- $ret_val .= ' ';
- }
+ if (($offset != 0) or ($avail_rows > $max_rows)) {
+ $ret_val .= '<table width="100%" border="0">
+ <tr class="tablecontent"><td width="50%">';
+ if ($offset != 0) {
+ $ret_val .= '<span class="prev">
+ <a href="javascript:history.back()"><strong>' .
+ html_image('t2.png',"15","15") ._('Newer Messages').'</strong></a></span>';
+ } else {
+ $ret_val .= ' ';
+ }
- $ret_val .= '</td><td> </td><td align="right" width="50%">';
+ $ret_val .= '</td><td> </td><td align="right" width="50%">';
- if ($avail_rows > $max_rows) {
- $ret_val .= '<span class="next">
- <a href="'.util_make_url ('/forum/forum.php?max_rows='.$max_rows.'&style='.$style.'&offset='.($offset+$i).
- '&forum_id='.$forum_id.'&group_id='.$group_id).'">
- <strong> '._('Older Messages') .
- html_image('t.png',"15","15") . '</strong></a></span>';
- } else {
- $ret_val .= ' ';
+ if ($avail_rows > $max_rows) {
+ $ret_val .= '<span class="next">
+ <a href="'.util_make_uri('/forum/forum.php?max_rows='.$max_rows.'&style='.$style.'&offset='.($offset+$i).
+ '&forum_id='.$forum_id.'&group_id='.$group_id).'">
+ <strong> '._('Older Messages') .
+ html_image('t.png',"15","15") . '</strong></a></span>';
+ } else {
+ $ret_val .= ' ';
+ }
+ $ret_val .= '</td></tr></table>';
}
- $ret_val .= '</td></tr></table>';
echo $ret_val;
/*