projects / atutor.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
remove old readme
[atutor.git] / docs / mods / _standard / file_storage / comments.php
1 <?php\r
2 /****************************************************************/\r
3 /* ATutor                                                                                                               */\r
4 /****************************************************************/\r
5 /* Copyright (c) 2002-2010                                      */\r
6 /* Inclusive Design Institute                                   */\r
7 /* http://atutor.ca                                                                                             */\r
8 /*                                                              */\r
9 /* This program is free software. You can redistribute it and/or*/\r
10 /* modify it under the terms of the GNU General Public License  */\r
11 /* as published by the Free Software Foundation.                                */\r
12 /****************************************************************/\r
13 // $Id$\r
14 \r
15 define('AT_INCLUDE_PATH', '../../../include/');\r
16 require(AT_INCLUDE_PATH.'vitals.inc.php');\r
17 require(AT_INCLUDE_PATH.'../mods/_standard/file_storage/file_storage.inc.php');\r
18 \r
19 $owner_type = abs($_REQUEST['ot']);\r
20 $owner_id   = abs($_REQUEST['oid']);\r
21 $owner_arg_prefix = '?ot='.$owner_type.SEP.'oid='.$owner_id. SEP;\r
22 if (!fs_authenticate($owner_type, $owner_id)) { \r
23         $msg->addError('ACCESS_DENIED');\r
24         header('Location: '.url_rewrite('mods/_standard/file_storage/index.php', AT_PRETTY_URL_IS_HEADER));\r
25         exit;\r
26 }\r
27 \r
28 if (isset($_GET['done'])) {\r
29         header('Location: '.url_rewrite('mods/_standard/file_storage/index.php'.$owner_arg_prefix.'folder='.abs($_GET['folder']), AT_PRETTY_URL_IS_HEADER));\r
30         exit;\r
31 } else if (isset($_GET['cancel'])) {\r
32         $msg->addFeedback('CANCELLED');\r
33         header('Location: '.url_rewrite('mods/_standard/file_storage/index.php'.$owner_arg_prefix.'folder='.abs($_GET['folder']), AT_PRETTY_URL_IS_HEADER));\r
34         exit;\r
35 } else if (isset($_POST['edit_cancel'])) {\r
36         $msg->addFeedback('CANCELLED');\r
37         header('Location: '.url_rewrite('mods/_standard/file_storage/comments.php'.$owner_arg_prefix.'id='.$_GET['id'], AT_PRETTY_URL_IS_HEADER));\r
38         exit;\r
39 } else if (isset($_POST['edit_submit'])) {\r
40         $_POST['comment'] = trim($_POST['comment']);\r
41         $_POST['comment_id'] = abs($_POST['comment_id']);\r
42 \r
43         if (!$_POST['edit_comment']) {\r
44                 $msg->addError(array('EMPTY_FIELDS', _AT('comments')));\r
45         }\r
46 \r
47         if (!$msg->containsErrors()) {\r
48                 $_POST['edit_comment'] = $addslashes($_POST['edit_comment']);\r
49 \r
50                 $sql = "UPDATE ".TABLE_PREFIX."files_comments SET comment='$_POST[edit_comment]', date=date WHERE member_id=$_SESSION[member_id] AND comment_id=$_POST[comment_id]";\r
51                 mysql_query($sql, $db);\r
52                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');\r
53                 header('Location: '.url_rewrite('mods/_standard/file_storage/comments.php'.$owner_arg_prefix.'id='.$_GET['id'], AT_PRETTY_URL_IS_HEADER));\r
54                 exit;\r
55         }\r
56 } else if (isset($_POST['cancel'])) {\r
57         $msg->addFeedback('CANCELLED');\r
58         header('Location: '.url_rewrite('mods/_standard/file_storage/index.php'.$owner_arg_prefix.'folder='.$_POST['folder'], AT_PRETTY_URL_IS_HEADER));\r
59         exit;\r
60 } else if (isset($_POST['submit'])) {\r
61         $_POST['comment'] = trim($_POST['comment']);\r
62         $_POST['id'] = abs($_POST['id']);\r
63 \r
64         if (!$_POST['comment']) {\r
65                 $msg->addError(array('EMPTY_FIELDS', _AT('comments')));\r
66         }\r
67 \r
68         if (!$msg->containsErrors()) {\r
69                 $_POST['comment'] = $addslashes($_POST['comment']);\r
70 \r
71                 $sql = "INSERT INTO ".TABLE_PREFIX."files_comments VALUES (NULL, $_POST[id], $_SESSION[member_id], NOW(), '$_POST[comment]')";\r
72                 if (mysql_query($sql, $db)) {\r
73                         $sql = "UPDATE ".TABLE_PREFIX."files SET num_comments=num_comments+1, date=date WHERE file_id=$_POST[id]";\r
74                         mysql_query($sql, $db);\r
75                 }\r
76 \r
77                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');\r
78                 header('Location: '.url_rewrite('mods/_standard/file_storage/comments.php'.$owner_arg_prefix.'id='.$_POST['id'], AT_PRETTY_URL_IS_HEADER));\r
79                 exit;\r
80         }\r
81         $_GET['id'] = $_POST['id'];\r
82 }\r
83 \r
84 if (isset($_GET['comment_id'])) {\r
85         $onload = 'document.form.edit_comment.focus();';\r
86 }\r
87 \r
88 require(AT_INCLUDE_PATH.'header.inc.php');\r
89 \r
90 $id = abs($_GET['id']);\r
91 \r
92 $files = fs_get_revisions($id, $owner_type, $owner_id);\r
93 if (!$files) {\r
94         $msg->printErrors('FILE_NOT_FOUND');\r
95         require(AT_INCLUDE_PATH.'footer.inc.php');\r
96         exit;\r
97 }\r
98 ?>\r
99 \r
100 <?php if ($_config['fs_versioning']): ?>\r
101         <form method="get" action="<?php echo 'mods/_standard/file_storage/comments.php'\r
102         //@harris echo $_SERVER['PHP_SELF']; ?>">\r
103         <input type="hidden" name="ot" value="<?php echo $owner_type; ?>" />\r
104         <input type="hidden" name="oid" value="<?php echo $owner_id; ?>" />\r
105         <div class="input-form" style="width: 95%">\r
106                 <div class="row">\r
107                         <select name="id" size="<?php echo min(count($files), 5);?>">\r
108                                 <?php foreach ($files as $file): ?>\r
109                                         <?php\r
110                                                 $selected = '';\r
111                                                 if ($file['file_id'] == $id) {\r
112                                                         $current_file = $file;\r
113                                                         $selected = ' selected="selected"';\r
114                                                 }\r
115                                         ?>\r
116                                         <option value="<?php echo $file['file_id'];?>" <?php echo $selected; ?>><?php echo _AT('revision'); ?> <?php echo $file['num_revisions']; ?>. <?php echo htmlentities_utf8($file['file_name']); ?> - <?php echo $file['num_comments']; ?> <?php echo _AT('comments'); ?></option>\r
117                                 <?php endforeach; ?>\r
118                         </select>\r
119                 </div>\r
120                 <div class="row buttons">\r
121                         <input type="submit" name="comments" value="<?php echo _AT('comments'); ?>" />\r
122                         <input type="submit" name="done" value="<?php echo _AT('done'); ?>" />\r
123                 </div>\r
124         </div>\r
125         <input type="hidden" name="folder" value="<?php echo $current_file['folder_id']; ?>" />\r
126         </form>\r
127 <?php else: ?>\r
128         <?php $current_file = current($files); ?>\r
129 <?php endif; ?>\r
130 \r
131 <div class="input-form">\r
132         <div class="row">\r
133                 <h3><?php echo htmlentities_utf8($current_file['file_name']); ?> <small> - <?php echo _AT('revision'); ?> <?php echo $current_file['num_revisions']; ?></small></h3>\r
134                 <span style="font-size: small"><?php echo get_display_name($current_file['member_id']); ?> - <?php echo AT_date(_AT('filemanager_date_format'), $current_file['date'], AT_DATE_MYSQL_DATETIME); ?></span>\r
135                 <p><?php echo nl2br(htmlspecialchars($current_file['description'])); ?></p>\r
136         </div>\r
137 </div>\r
138 \r
139 <?php\r
140 $_GET['comment_id'] = isset($_GET['comment_id']) ? intval($_GET['comment_id']) : 0;\r
141         $sql = "SELECT * FROM ".TABLE_PREFIX."files_comments WHERE file_id=$id ORDER BY date ASC";\r
142         $result = mysql_query($sql, $db);\r
143 if ($row = mysql_fetch_assoc($result)): ?>\r
144         <?php do { ?>\r
145                 <div class="input-form">\r
146                         <?php if (($row['member_id'] == $_SESSION['member_id']) && ($row['comment_id'] == $_GET['comment_id'])): ?>\r
147                                 <form method="post" action="mods/_standard/file_storage/comments.php<?php echo $owner_arg_prefix.'id='.$id;?>" name="form">\r
148                                 <input type="hidden" name="comment_id" value="<?php echo $row['comment_id']; ?>" />\r
149                                 <div class="row">\r
150                                         <a name="c<?php echo $row['comment_id']; ?>"></a><h4><?php echo get_display_name($row['member_id']); ?> - <?php echo AT_DATE(_AT('server_date_format'), $row['date'], AT_DATE_MYSQL_DATETIME); ?></h4>\r
151                                         <textarea rows="4" cols="40" name="edit_comment"><?php echo htmlspecialchars($row['comment']); ?></textarea>\r
152                                 </div>\r
153                                 <div class="row buttons">\r
154                                         <input type="submit" name="edit_submit" value="<?php echo _AT('save'); ?>" />\r
155                                         <input type="submit" name="edit_cancel" value="<?php echo _AT('cancel'); ?>" />\r
156                                 </div>\r
157                                 </form>\r
158                                                 \r
159                         <?php else: ?>\r
160                                 <div class="row">\r
161                                         <h4><?php echo get_display_name($row['member_id']); ?> - <?php echo AT_date(_AT('filemanager_date_format'), $row['date'], AT_DATE_MYSQL_DATETIME); ?></h4>\r
162                                         <p><?php echo nl2br(htmlspecialchars($row['comment'])); ?></p>\r
163                                                 <?php if ($row['member_id'] == $_SESSION['member_id'] || $current_file['member_id'] == $_SESSION['member_id']): ?>\r
164                                                         <div style="text-align:right; font-size: smaller">\r
165                                                                 <a href="<?php echo url_rewrite('mods/_standard/file_storage/comments.php'.$owner_arg_prefix.'id='.$id.SEP.'comment_id='.$row['comment_id'].'#c'.$row['comment_id']); ?>"><?php echo _AT('edit'); ?></a> | <a href="mods/_standard/file_storage/delete_comment.php<?php echo $owner_arg_prefix . 'file_id='.$id.SEP; ?>id=<?php echo $row['comment_id']; ?>"><?php echo _AT('delete'); ?></a>\r
166                                                         </div>\r
167                                                 <?php endif; ?>\r
168                                 </div>\r
169                         <?php endif; ?>\r
170                 </div>\r
171         <?php } while ($row = mysql_fetch_assoc($result)); ?>\r
172 <?php elseif(0): ?>\r
173         <div class="input-form">\r
174                 <div class="row">\r
175                         <p><?php echo _AT('none_found'); ?></p>\r
176                 </div>\r
177         </div>\r
178 <?php endif; ?>\r
179 \r
180 <?php if ($_SESSION['is_guest'] == 0): ?>\r
181 <form method="post" action="<?php echo $_SERVER['PHP_SELF'].$owner_arg_prefix; ?>id=<?php echo $id; ?>">\r
182 <input type="hidden" name="id" value="<?php echo $id; ?>" />\r
183 <input type="hidden" name="folder" value="<?php echo $current_file['folder_id']; ?>" />\r
184 <div class="input-form">\r
185         <div class="row">\r
186                 <span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="comment"><?php echo _AT('comment'); ?></label><br />\r
187                 <textarea cols="40" rows="4" id="comment" name="comment"></textarea>\r
188         </div>\r
189 \r
190         <div class="row buttons">\r
191                 <input type="submit" name="submit" value="<?php echo _AT('post'); ?>" />\r
192                 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />\r
193         </div>\r
194 </div>\r
195 </form>\r
196 <?php endif; ?>\r
197 \r
198 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>\r
Course Management Learning Management Tools