include/lib/forums.inc.php

   1 <?php
   2 /****************************************************************************/
   3 /* ATutor                                                                                                                                       */
   4 /****************************************************************************/
   5 /* Copyright (c) 2002-2008 by Greg Gay, Joel Kronenberg & Heidi Hazelton        */
   6 /* Adaptive Technology Resource Centre / University of Toronto                          */
   7 /* http://atutor.ca                                                                                                                     */
   8 /*                                                                                                                                                      */
   9 /* This program is free software. You can redistribute it and/or                        */
  10 /* modify it under the terms of the GNU General Public License                          */
  11 /* as published by the Free Software Foundation.                                                        */
  12 /****************************************************************************/
  13 // $Id$
  14
  15 if (!defined('AT_INCLUDE_PATH')) { exit; }
  16
  17 /**
  18 * Returns an array of (shared and non-shared) forums belonging to the given course
  19 * @access  public
  20 * @param   integer $course              id of the course
  21 * @return  string array                 each row is a forum
  22 * @see     $db                                  in include/vitals.inc.php
  23 * @see     is_shared_forum()
  24 * @author  Heidi Hazelton
  25 * @author  Joel Kronenberg
  26 */
  27 function get_forums($course) {
  28         global $db;
  29
  30         if ($course) {
  31                 $sql    = "SELECT F.*, DATE_FORMAT(F.last_post, '%Y-%m-%d %H:%i:%s') AS last_post FROM ".TABLE_PREFIX."forums_courses FC INNER JOIN ".TABLE_PREFIX."forums F USING (forum_id) WHERE FC.course_id=$course GROUP BY FC.forum_id ORDER BY F.title";
  32         } else {
  33                 $sql    = "SELECT F.*, FC.course_id, DATE_FORMAT(F.last_post, '%Y-%m-%d %H:%i:%s') AS last_post FROM ".TABLE_PREFIX."forums_courses FC INNER JOIN ".TABLE_PREFIX."forums F USING (forum_id) GROUP BY FC.forum_id ORDER BY F.title";
  34         }
  35
  36         // 'nonshared' forums are always listed first:
  37         $forums['nonshared'] = array();
  38         $forums['shared']    = array();
  39         $forums['group']     = array();
  40
  41         $result = mysql_query($sql, $db);
  42         while ($row = mysql_fetch_assoc($result)) {
  43                 // for each forum, check if it's shared or not:
  44
  45                 if (is_shared_forum($row['forum_id'])) {
  46                         $forums['shared'][] = $row;
  47                 } else {
  48                         $forums['nonshared'][] = $row;
  49                 }
  50         }
  51
  52         // retrieve the group forums:
  53
  54         if (!$_SESSION['groups']) {
  55                 return $forums;
  56         }
  57
  58         $groups =  implode(',',$_SESSION['groups']);
  59
  60         $sql = "SELECT F.*, G.group_id FROM ".TABLE_PREFIX."forums_groups G INNER JOIN ".TABLE_PREFIX."forums F USING (forum_id) WHERE G.group_id IN ($groups) ORDER BY F.title";
  61         $result = mysql_query($sql, $db);
  62         while ($row = mysql_fetch_assoc($result)) {
  63                 $row['title'] = get_group_title($row['group_id']);
  64                 $forums['group'][] = $row;
  65         }
  66
  67         return $forums;
  68 }
  69
  70 /**
  71 * Returns true/false whether or not this forum is shared.
  72 * @access  public
  73 * @param   integer $forum_id    id of the forum
  74 * @return  boolean                              true if this forum is shared, false otherwise
  75 * @see     $db                                  in include/vitals.inc.php
  76 * @author  Joel Kronenberg
  77 */
  78 function is_shared_forum($forum_id) {
  79         global $db;
  80
  81         $sql = "SELECT COUNT(*) AS cnt FROM ".TABLE_PREFIX."forums_courses WHERE forum_id=$forum_id";
  82         $result = mysql_query($sql, $db);
  83         $row = mysql_fetch_assoc($result);
  84
  85         if ($row['cnt'] > 1) {
  86                 return TRUE;
  87         } // else:
  88
  89         return FALSE;
  90 }
  91
  92
  93 /**
  94 * Returns forum information for given forum_id
  95 * @access  public
  96 * @param   integer $forum_id    id of the forum
  97 * @param   integer $course              id of the course (for non-admins)
  98 * @return  string array                 each row is a forum
  99 * @see     $db                                  in include/vitals.inc.php
 100 * @author  Heidi Hazelton
 101 */
 102 function get_forum($forum_id, $course = '') {
 103         global $db;
 104
 105         if (!empty($course)) {
 106                 $sql    = "SELECT * FROM ".TABLE_PREFIX."forums_courses fc, ".TABLE_PREFIX."forums f WHERE (fc.course_id=$course OR fc.course_id=0) AND fc.forum_id=f.forum_id and fc.forum_id=$forum_id ORDER BY title";
 107                 $result = mysql_query($sql, $db);
 108                 $forum = mysql_fetch_assoc($result);
 109         } else if (empty($course)) {    //only admins should be retrieving forums w/o a course!  add this check
 110                 $sql = "SELECT * FROM ".TABLE_PREFIX."forums WHERE forum_id=$forum_id";
 111                 $result = mysql_query($sql, $db);
 112                 $forum = mysql_fetch_assoc($result);
 113         } else {
 114
 115                 return;
 116         }
 117
 118         return $forum;
 119 }
 120
 121 /**
 122 * Checks to see if signed in member is allowed to view the forum page
 123 * @access  public
 124 * @param   integer $forum_id    id of the forum
 125 * @return  boolean                              view (true) or not view (false)
 126 * @see     $db                                  in include/vitals.inc.php
 127 * @author  Heidi Hazelton
 128 */
 129 function valid_forum_user($forum_id) {
 130         global $db;
 131
 132         $sql    = "SELECT forum_id FROM ".TABLE_PREFIX."forums_courses WHERE (course_id=$_SESSION[course_id] OR course_id=0) AND forum_id=$forum_id";
 133         $result = mysql_query($sql, $db);
 134         $row = mysql_fetch_assoc($result);
 135
 136         if (empty($row)) {
 137                 // not a course forum, let's check group:
 138                 if (!empty($_SESSION['groups'])){
 139                         $groups = implode(',', $_SESSION['groups']);
 140                         $sql    = "SELECT forum_id FROM ".TABLE_PREFIX."forums_groups WHERE group_id IN ($groups) AND forum_id=$forum_id";
 141                         $result = mysql_query($sql, $db);
 142                         if ($row = mysql_fetch_assoc($result)) {
 143                                 return TRUE;
 144                         }
 145                 }
 146
 147                 return FALSE;
 148         }
 149
 150         return TRUE;
 151 }
 152
 153 /**
 154 * Adds a forum
 155 * @access  public
 156 * @param   array $_POST                 add-forum form variables
 157 * @see     $db                                  in include/vitals.inc.php
 158 * @see     $addslashes                  in include/vitals.inc.php
 159 * @author  Heidi Hazelton
 160 */
 161 function add_forum($_POST) {
 162         global $db;
 163         global $addslashes;
 164
 165         $_POST['title'] = $addslashes($_POST['title']);
 166         $_POST['body']  = $addslashes($_POST['body']);
 167         $_POST['edit']  = intval($_POST['edit']);
 168
 169         $sql    = "INSERT INTO ".TABLE_PREFIX."forums VALUES (NULL,'$_POST[title]', '$_POST[body]', 0, 0, NOW(), $_POST[edit])";
 170         $result = mysql_query($sql,$db);
 171
 172         $sql    = "INSERT INTO ".TABLE_PREFIX."forums_courses VALUES (LAST_INSERT_ID(),  $_SESSION[course_id])";
 173         $result = mysql_query($sql,$db);
 174
 175         return;
 176 }
 177
 178 /**
 179 * Edits a forum
 180 * @access  public
 181 * @param   array $_POST                 add-forum form variables
 182 * @see     $db                                  in include/vitals.inc.php
 183 * @see     $addslashes                  in include/vitals.inc.php
 184 * @author  Heidi Hazelton
 185 */
 186 function edit_forum($_POST) {
 187         global $db;
 188         global $addslashes;
 189
 190         $_POST['title']  = $addslashes($_POST['title']);
 191         $_POST['body']   = $addslashes($_POST['body']);
 192
 193         $_POST['fid']    = intval($_POST['fid']);
 194         $_POST['edit']    = intval($_POST['edit']);
 195
 196         $sql    = "UPDATE ".TABLE_PREFIX."forums SET title='$_POST[title]', description='$_POST[body]', last_post=last_post, mins_to_edit=$_POST[edit] WHERE forum_id=$_POST[fid]";
 197         $result = mysql_query($sql,$db);
 198
 199         return;
 200 }
 201
 202 /**
 203 * Deletes a forum (checks if its shared).
 204 * Assumes the forum is not shared.
 205 * Assumes the user has the priv to delete this forum.
 206 * @access  public
 207 * @param   array $_POST                 add-forum form variables
 208 * @see     $db                                  in include/vitals.inc.php
 209 * @see     $addslashes                  in include/vitals.inc.php
 210 * @author  Heidi Hazelton
 211 */
 212 function delete_forum($forum_id) {
 213         global $db;
 214
 215         $sql    = "SELECT post_id FROM ".TABLE_PREFIX."forums_threads WHERE forum_id=$forum_id";
 216         $result = mysql_query($sql, $db);
 217         while ($row = mysql_fetch_array($result)) {
 218                 $sql     = "DELETE FROM ".TABLE_PREFIX."forums_accessed WHERE post_id=$row[post_id]";
 219                 $result2 = mysql_query($sql, $db);
 220         }
 221
 222         $sql    = "DELETE FROM ".TABLE_PREFIX."forums_subscriptions WHERE forum_id=$forum_id";
 223         $result = mysql_query($sql, $db);
 224
 225         $sql    = "DELETE FROM ".TABLE_PREFIX."forums_threads WHERE forum_id=$forum_id";
 226         $result = mysql_query($sql, $db);
 227
 228         $sql = "DELETE FROM ".TABLE_PREFIX."forums_courses WHERE forum_id=$forum_id";
 229         $result = mysql_query($sql, $db);
 230
 231         $sql    = "DELETE FROM ".TABLE_PREFIX."forums WHERE forum_id=$forum_id";
 232         $result = mysql_query($sql, $db);
 233
 234         $sql = "OPTIMIZE TABLE ".TABLE_PREFIX."forums_threads";
 235         $result = mysql_query($sql, $db);
 236
 237 }
 238
 239 function print_entry($row) {
 240         global $page,$system_courses, $forum_info;
 241         static $counter;
 242         $counter++;
 243
 244         $reply_link = '<a href="forum/view.php?fid='.$row['forum_id'].SEP.'pid=';
 245         if ($row['parent_id'] == 0) {
 246                 $reply_link .= $row['post_id'];
 247         } else {
 248                 $reply_link .= $row['parent_id'];
 249         }
 250         $reply_link .= SEP.'reply='.$row['post_id'].SEP.'page='.$page.'#post" >'._AT('reply').'</a>';
 251
 252 ?>
 253
 254         <li class="<?php if ($counter %2) { echo 'odd'; } else { echo 'even'; } ?>">
 255                 <a name="<?php echo $row['post_id']; ?>"></a>
 256                 <div class="forum-post-author">
 257                         <a href="profile.php?id=<?php echo $row['member_id']; ?>" class="title"><?php echo htmlspecialchars(get_display_name($row['member_id'])); ?></a><br />
 258                         <?php print_profile_img($row['member_id']); ?>
 259                 </div>
 260
 261                 <div class="forum-post-content">
 262                         <h3><?php echo AT_Print(htmlspecialchars($row['subject'], ENT_COMPAT, "UTF-8"), 'forums_threads.subject'); ?></h3>
 263                         <div>
 264                                 <div class="forum-post-ctrl">
 265                                         <?php if (authenticate(AT_PRIV_FORUMS, AT_PRIV_RETURN)): ?>
 266                                                 <?php echo $reply_link; ?> | <a href="editor/edit_post.php?fid=<?php echo $row['forum_id'].SEP.'pid='.$row['post_id']; ?>"><?php echo _AT('edit'); ?></a> | <a href="forum/delete_thread.php?fid=<?php echo $row['forum_id'].SEP.'pid='.$row['post_id'].SEP.'ppid='.$row['parent_id'].SEP; ?>nest=1"><?php echo _AT('delete'); ?></a>
 267                                         <?php elseif (($row['member_id'] == $_SESSION['member_id']) && (($row['udate'] + $forum_info['mins_to_edit'] * 60) > time())): ?>
 268                                                 <?php echo $reply_link; ?> | <a href="editor/edit_post.php?fid=<?php echo $row['forum_id'].SEP.'pid='.$row['post_id']; ?>"><?php echo _AT('edit'); ?></a> <span>(<?php echo _AT('edit_for_minutes', round((($row['udate'] + $forum_info['mins_to_edit'] * 60) - time())/60)); ?>)</span>
 269                                         <?php elseif ($_SESSION['valid_user']): ?>
 270                                                 <?php echo $reply_link; ?>
 271                                         <?php endif; ?>
 272                                 </div>
 273                                 <p class="date">&nbsp;&nbsp;<?php echo AT_date(_AT('forum_date_format'), $row['date'], AT_DATE_MYSQL_DATETIME); ?></p>
 274
 275                         </div>
 276
 277                         <div class="body">
 278                                 <p><?php echo AT_print(htmlspecialchars($row['body'], ENT_COMPAT, "UTF-8"), 'forums_threads.body'); ?></p>
 279                         </div>
 280                 </div>
 281         </li>
 282 <?php
 283 }
 284 ?>