docs/mods/_standard/forums/admin/forum_edit.php

   1 <?php
   2 /************************************************************************/
   3 /* ATutor                                                                                                                               */
   4 /************************************************************************/
   5 /* Copyright (c) 2002-2010                                              */
   6 /* Inclusive Design Institute                                           */
   7 /* http://atutor.ca                                                     */
   8 /* This program is free software. You can redistribute it and/or        */
   9 /* modify it under the terms of the GNU General Public License          */
  10 /* as published by the Free Software Foundation.                        */
  11 /************************************************************************/
  12 // $Id$
  13
  14 define('AT_INCLUDE_PATH', '../../../../include/');
  15 require(AT_INCLUDE_PATH.'vitals.inc.php');
  16
  17 admin_authenticate(AT_ADMIN_PRIV_FORUMS);
  18
  19 include(AT_INCLUDE_PATH.'../mods/_standard/forums/lib/forums.inc.php');
  20
  21 if (isset($_POST['cancel'])) {
  22         $msg->addFeedback('CANCELLED');
  23         header('Location: '.AT_BASE_HREF.'mods/_standard/forums/admin/forums.php');
  24         exit;
  25 } else if (isset($_POST['edit_forum'])) {
  26         $missing_fields = array();
  27         if (empty($_POST['title'])) {
  28                 $missing_fields[] = _AT('title');
  29         }
  30
  31         if (empty($_POST['courses'])) {
  32                 $missing_fields[] = _AT('courses');
  33         }
  34
  35         if ($missing_fields) {
  36                 $missing_fields = implode(', ', $missing_fields);
  37                 $msg->addError(array('EMPTY_FIELDS', $missing_fields));
  38         }
  39
  40         if (!($msg->containsErrors())) {
  41
  42                 //update forum
  43                 $forum_id = intval($_POST['forum']);
  44                 $_POST['title']  = $addslashes($_POST['title']);
  45                 $_POST['edit'] = intval($_POST['edit']);
  46                 $_POST['description']  = $addslashes($_POST['description']);
  47
  48                 $sql    = "UPDATE ".TABLE_PREFIX."forums SET title='" . $_POST['title'] . "', description='" . $_POST['description'] . "', last_post=last_post, mins_to_edit=$_POST[edit] WHERE forum_id=".$forum_id;
  49                 $result = mysql_query($sql, $db);
  50                 write_to_log(AT_ADMIN_LOG_UPDATE, 'forums', mysql_affected_rows($db), $sql);
  51
  52                 // unsubscribe all the members who are NOT in $_POST['courses']
  53                 $courses_list = implode(',', $_POST['courses']);
  54
  55                 // list of all the students who are in other courses as well
  56                 $sql     = "SELECT member_id FROM ".TABLE_PREFIX."course_enrollment WHERE course_id IN ($courses_list)";
  57                 $result2 = mysql_query($sql, $db);
  58                 while ($row2 = mysql_fetch_assoc($result2)) {
  59                         $students[] = $row2['member_id'];
  60                 }
  61
  62                 // list of students who must REMAIN subscribed!
  63                 $students_list = implode(',', $students);
  64
  65                 if ($students_list) {
  66                         // remove the subscriptions
  67                         $sql    = "SELECT post_id FROM ".TABLE_PREFIX."forums_threads WHERE forum_id=$forum_id";
  68                         $result2 = mysql_query($sql, $db);
  69                         while ($row2 = mysql_fetch_assoc($result2)) {
  70                                 $sql     = "DELETE FROM ".TABLE_PREFIX."forums_accessed WHERE post_id=$row2[post_id] AND member_id NOT IN ($students_list)";
  71                                 $result3 = mysql_query($sql, $db);
  72                         }
  73
  74                         $sql     = "DELETE FROM ".TABLE_PREFIX."forums_subscriptions WHERE forum_id=$forum_id AND member_id NOT IN ($students_list)";
  75                         $result3 = mysql_query($sql, $db);
  76                 }
  77
  78                 $sql = "DELETE FROM ".TABLE_PREFIX."forums_courses WHERE forum_id=$forum_id AND course_id NOT IN ($courses_list)";
  79                 $result = mysql_query($sql, $db);
  80                 write_to_log(AT_ADMIN_LOG_DELETE, 'forums_courses', mysql_affected_rows($db), $sql);
  81
  82                 //update forums_courses
  83                 if (in_array('0', $_POST['courses'])) {
  84                         //general course - used by all.  put one entry in forums_courses w/ course_id=0
  85                         $sql    = "REPLACE INTO ".TABLE_PREFIX."forums_courses VALUES (" . $_POST['forum'] . ", 0)";
  86                         $result = mysql_query($sql, $db);
  87                         write_to_log(AT_ADMIN_LOG_REPLACE, 'forums_courses', mysql_affected_rows($db), $sql);
  88                 } else {
  89                         foreach ($_POST['courses'] as $course) {
  90                                 $sql    = "REPLACE INTO ".TABLE_PREFIX."forums_courses VALUES (" . $_POST['forum'] . "," . $course . ")";
  91                                 $result = mysql_query($sql, $db);
  92                                 write_to_log(AT_ADMIN_LOG_REPLACE, 'forums_courses', mysql_affected_rows($db), $sql);
  93                         }
  94                 }
  95                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  96                 header('Location: '.AT_BASE_HREF.'mods/_standard/forums/admin/forums.php');
  97                 exit;
  98         }
  99 }
 100
 101 require(AT_INCLUDE_PATH.'header.inc.php');
 102
 103 if (!($forum = @get_forum($_GET['forum']))) {
 104         //no such forum
 105         $msg->addError('FORUM_NOT_FOUND');
 106         $msg->printAll();
 107 } else {
 108         $msg->printAll();
 109
 110         $sql    = "SELECT * FROM ".TABLE_PREFIX."forums_courses WHERE forum_id=$forum[forum_id]";
 111         $result = mysql_query($sql, $db);
 112         while ($row = mysql_fetch_assoc($result)) {
 113                 $courses[] = $row['course_id'];
 114         }
 115 ?>
 116         <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form">
 117         <input type="hidden" name="edit_forum" value="true">
 118         <input type="hidden" name="forum" value="<?php echo $_REQUEST['forum']; ?>">
 119
 120 <div class="input-form">
 121         <div class="row">
 122                 <label for="title"><span class="required" title="<?php echo _AT('required_field'); ?>">*</span><?php  echo _AT('title'); ?></label><br />
 123                 <input type="text" name="title" size="40" id="title" value="<?php echo htmlentities_utf8($forum['title']); ?>" />
 124         </div>
 125
 126         <div class="row">
 127                 <label for="body"><?php echo _AT('description'); ?></label><br />
 128                 <textarea name="description" cols="45" rows="5" id="body" wrap="wrap"><?php echo htmlentities_utf8($forum['description']); ?></textarea>
 129         </div>
 130
 131         <div class="row">
 132                 <label for="edit"><?php echo _AT('allow_editing'); ?></label><br />
 133                 <input type="text" name="edit" size="3" id="edit" value="<?php echo intval($forum['mins_to_edit']); ?>" /> <?php echo _AT('in_minutes'); ?>
 134         </div>
 135
 136         <div class="row">
 137                 <label for="courses"><span class="required" title="<?php echo _AT('required_field'); ?>">*</span><?php echo _AT('courses'); ?></label><br />
 138                 <select name="courses[]" id="courses" multiple="multiple" size="5"><?php
 139                         /*
 140                         echo '<option value="0"';
 141                         if ($courses[0] == 0) {
 142                                 echo ' selected="selected"';
 143                         }
 144                         echo '> '._AT('all').' </option>';
 145                         */
 146                         $sql = "SELECT course_id, title FROM ".TABLE_PREFIX."courses ORDER BY title";
 147                         $result = mysql_query($sql, $db);
 148                         while ($row = mysql_fetch_assoc($result)) {
 149                                 if (in_array($row['course_id'], $courses) ) {
 150                                         echo '<option value="'.$row['course_id'].'" selected="selected">'.htmlentities_utf8($row['title']).'</option>';
 151                                 } else {
 152                                         echo '<option value="'.$row['course_id'].'">'.$row['title'].'</option>';
 153                                 }
 154                         }
 155                         ?></select>
 156         </div>
 157         <div class="row buttons">
 158                 <input type="submit" name="submit" value="<?php  echo _AT('submit'); ?>" accesskey="s" /> <input type="submit" name="cancel" value="<?php  echo _AT('cancel'); ?>" />
 159         </div>
 160 </div>
 161         </form>
 162 <?php
 163 }
 164
 165 require(AT_INCLUDE_PATH.'footer.inc.php');
 166 ?>