<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2004 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/****************************************************************************************/
// $Id: new_thread.php 453 2005-03-08 17:45:39Z shozubq $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN, USER_ADMIN);
$fid = intval($_REQUEST['fid']);
if ($_POST['cancel']) {
header('Location: forum.php?fid='.$fid);
exit;
}
$forum_info = get_forum_info($fid);
if ($_POST['submit']) {
$_POST['subject'] = str_replace('<','<', trim($_POST['subject']));
$_POST['body'] = str_replace('<','<', trim($_POST['body']));
$_POST['parent_id'] = intval($_POST['parent_id']);
$_POST['fid'] = intval($_POST['fid']);
$_POST['page'] = intval($_POST['page']);
$_POST['reply'] = intval($_POST['reply']);
$_POST['parent_name'] = trim($_POST['parent_name']);
$_POST['replytext'] = trim($_POST['replytext']);
if ($_POST['subject'] == '') {
$errors[] = E_THREAD_SUBJECT_EMPTY;
}
if ($_POST['body'] == '') {
$errors[] = E_THREAD_BODY_EMPTY;
}
if (!$errors) {
if ($_POST['replytext'] != '') {
$_POST['body'] .= "\n\n".'[reply][b]'._AC('in_reply_to').': [/b]'."\n";
if (strlen($_POST['replytext']) > 200) {
$_POST['body'] .= substr($_POST['replytext'], 0, 200).'...';
} else {
$_POST['body'] .= $_POST['replytext'];
}
$num_open_replies = substr_count($_POST['body'], '[reply]');
$num_close_replies = substr_count($_POST['body'], '[/reply]');
$num_replies_add = $num_open_replies - $num_close_replies - 1;
for ($i=0; $i < $num_replies_add; $i++) {
$_POST['body'] .= '[/reply]';
}
$_POST['body'] .= "\n".'[op]forums/view.php?fid='.$_POST['fid'].SEP.'pid='.$_POST['parent_id'].SEP.'page='.$_POST['page'].'#'.$_POST['reply'];
$_POST['body'] .= '[/op][/reply]';
}
/* use this value instead of NOW(), because we want the parent post to have the exact */
/* same date. and not a second off if that may happen */
$now = date('Y-m-d H:i:s');
$_POST['subject'] = $addslashes($_POST['subject']);
$_POST['body'] = $addslashes($_POST['body']);
$sql = "INSERT INTO ".TABLE_PREFIX."forums_threads VALUES(0, $_POST[parent_id], $_SESSION[member_id], $_POST[fid], '$_SESSION[login]', '$now', 0, '$_POST[subject]', '$_POST[body]', '$now', 0, 0, ',')";
$result = mysql_query($sql, $db);
$this_id = mysql_insert_id();
//get a list of users subscribed to this forum
$sql = "SELECT member_id FROM ".TABLE_PREFIX."forums_subscriptions WHERE forum_id=$fid";
$result = mysql_query($sql, $db);
while($row = mysql_fetch_assoc($result)){
$subscriber_list .= $row['member_id'] . ',';
}
if ($_POST['parent_id']) {
$sql = "SELECT subscribers FROM ".TABLE_PREFIX."forums_threads WHERE post_id=$_POST[parent_id]";
$result = mysql_query($sql, $db);
$row = mysql_fetch_assoc($result);
$subscriber_list .= $row['subscribers'];
}
/* FIX: problem was that acollab 1.1 did not remove "," from the db table. This fix parses the list to
ignore all the ","'s and consider only the actual member ids */
$subscriber_list = explode(",",$subscriber_list);
foreach($subscriber_list as $subs) {
if ($subs != '')
$sub_list .= $subs . ',';
}
$subscriber_list = substr($sub_list, 0, -1);
/*END FIX*/
if ($subscriber_list != '') {
$sql = "SELECT email FROM ".TABLE_PREFIX."members WHERE member_id IN ($subscriber_list) AND member_id <> $_SESSION[member_id]";
$result = mysql_query($sql, $db);
while ($row = mysql_fetch_assoc($result)) {
$subscriber_email_list[] = array('email'=> $row['email']);
}
}
//send notifications to alert users for reply to thread
if ($subscriber_email_list) {
$my_group = get_group($_SESSION['group_id']);
require(AC_INCLUDE_PATH . 'classes/acollabmailer.class.php');
$mail = new ACollabMailer;
$mail->From = ADMIN_EMAIL;
$mail->FromName = _AC('group_admin');
$mail->Subject = _AC('thread_subscription');
$mail->Body = _AC('forum_new_submsg', $forum_info['title'], $my_group['title']);
foreach($subscriber_email_list as $subscriber) {
$bcc = true;
$mail->AddBCC($subscriber['email']);
}
if ($bcc) {
if(!$mail->Send()) {
echo "Message could not be sent. <p>";
echo "Mailer Error: " . $mail->ErrorInfo;
exit;
}
}
}
if ($_POST['parent_id'] == 0) {
/* this is a new thread */
$sql = "UPDATE ".TABLE_PREFIX."forums SET num_posts=num_posts+1, num_topics=num_topics+1, last_post='$now' WHERE forum_id=$fid";
mysql_query($sql, $db);
Header('Location: forum.php?fid='.$fid.SEP.'f='.F_THREAD_STARTED);
exit;
} else {
/* this is a reply */
$sql = "UPDATE ".TABLE_PREFIX."forums_threads SET num_comments=num_comments+1, last_comment='$now' WHERE post_id=$_POST[parent_id]";
mysql_query($sql, $db);
$sql = "UPDATE ".TABLE_PREFIX."forums SET num_posts=num_posts+1, last_post='$now' WHERE forum_id=$fid";
mysql_query($sql, $db);
header('Location: forum.php?fid='.$fid.SEP.'f='.F_THREAD_REPLY);
exit;
}
}
}
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('forums');
$_SECTION[1][1] = 'forums/';
/* check if this forum exists */
if (!$forum_info) {
$errors[] = E_FORUM_NOT_FOUND;
$_SECTION[2][0] = _AC('forum_not_found');
require(AC_INCLUDE_PATH.'header.inc.php');
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
}
$_SECTION[2][0] = _AC('forum').': '.$forum_info['title'];
$_SECTION[2][1] = 'forums/forum.php?fid='.$fid;
if ($_REQUEST['parent_id'] == 0) {
$_SECTION[3][0] = _AC('new_thread');
} else {
$_SECTION[3][0] = _AC('reply');
}
$_SECTION[3][1] = 'forums/new_thread.php';
require(AC_INCLUDE_PATH.'header.inc.php');
$parent_id = 0;
require('include/new_thread.inc.php');
require(AC_INCLUDE_PATH.'footer.inc.php');
?>