PageRenderTime 56ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 1ms

/objects/discussion.inc.php

https://github.com/adamfranco/segue-1.x
PHP | 1103 lines | 687 code | 184 blank | 232 comment | 234 complexity | a3668c25ac0075a3c179cb2a198556d5 MD5 | raw file
    

  1. <? /* $Id$ */
    2. 

  2. 

  3. //echo "bla";
    4. 

  4. class discussion {
    5. 

  5. 	var $storyid,$parentid,$id;
    6. 

  6. 	var $detail;
    7. 

  7. //	var $author = array("id"=>0,"uname"=>"","fname"=>"");
    8. 

  8. 	var $authorid=0,$authoruname,$authorfname,$authoremail;
    9. 

  9. 	
    10. 

  10. 	var $libraryfilename,$libraryfileid,$media_tag,$media_size;
    11. 

  11. 	var $tstamp,$content,$subject,$order;
    12. 

  12. 	var $rating = NULL;
    13. 

  13. 	
    14. 

  14. 	var $children=array();
    15. 

  15. 	var $numchildren=0,$pointer=-1,$direction=1;
    16. 

  16. 	
    17. 

  17. 	var $flat=false;
    18. 

  18. 	var $recent=false;
    19. 

  19. 	var $dis_order="recentlast";
    20. 

  20. 	var $opt = array(
    21. 

  21. 			"showcontent"=>false,
    22. 

  22. 			"showsubject"=>true,
    23. 

  23. 			"showauthor"=>true,
    24. 

  24. 			"showtstamp"=>true,
    25. 

  25. 			"useoptforchildren"=>false
    26. 

  26. 			);
    27. 

  27. 	var $getinfo;
    28. 

  28. 	var $storyObj;
    29. 

  29. 

  30. /******************************************************************************
    31. 

  31.  * sets discussion options variables from $opt array
    32. 

  32.  ******************************************************************************/
    33. 

  33. 							
    34. 

  34. 	function opt($key,$val=NULL) {
    35. 

  35. 		if ($val!=NULL) { // they're setting the option
    36. 

  36. 			$this->opt[$key] = $val;
    37. 

  37. 			return $val;
    38. 

  38. 		}
    39. 

  39. 		
    40. 

  40. 		if (is_array($key)) {
    41. 

  41. 			$this->opt = $key;
    42. 

  42. 			return true;
    43. 

  43. 		}
    44. 

  44. 		
    45. 

  45. 		return $this->opt[$key];
    46. 

  46. 	}
    47. 

  47. 	
    48. 

  48. /******************************************************************************
    49. 

  49.  * called from fetchchilden, passed $a = array
    50. 

  50.  *    (FK_parent,discussion_subject,discussion_id,FK_author,discussion_tstamp,
    51. 

  51.  *    discussion_content,discussion_rate,FK_story,media_tag,discussion_order,
    52. 

  52.  *    user_uname,user_fname,user_last_name,user_email)
    53. 

  53.  * if discussion posts exist, parse post info from database
    54. 

  54.  * calls _parseDBline which creates discussion post variables for each discussion post
    55. 

  55.  * (discussion posts are displayed by outputAll called from fullstory.inc.php)
    56. 

  56.  ******************************************************************************/
    57. 

  57. 	
    58. 

  58. 	function discussion(& $story,$a=NULL,$parent=0) {
    59. 

  59. 		if (is_array($a)) $this->_parseDBline($a);
    60. 

  60. 		if (is_numeric($a)) $this->id = $a;
    61. 

  61. 		if (is_object($story)) { 
    62. 

  62. 			$this->storyObj =& $story; 
    63. 

  63. 			$this->storyid = $story->id;
    64. 

  64. 		}
    65. 

  65. 		
    66. 

  66. 		if (is_numeric($story)) $this->storyid = $story;
    67. 

  67. 		if ($parent) $this->parentid = $parent;
    68. 

  68. 	}
    69. 

  69. 

  70. /******************************************************************************
    71. 

  71.  * gets next post
    72. 

  72.  ******************************************************************************/
    73. 

  73. 	
    74. 

  74. 	function getNext() {
    75. 

  75. 		$this->pointer+=$this->direction;
    76. 

  76. 		// if we're out of range, return false
    77. 

  77. 		if (($this->direction > 0 && $this->pointer >= $this->numchildren) || ($this->direction < 0 && $this->pointer <= -1)) return false;
    78. 

  78. 		return $this->children[$this->pointer];
    79. 

  79. 	}
    80. 

  80. 

  81. /******************************************************************************
    82. 

  82.  * delete post
    83. 

  83.  ******************************************************************************/
    84. 

  84. 	
    85. 

  85. 	function _del() {
    86. 

  86. 		global $site_owner;
    87. 

  87. //		print "$site_owner";
    88. 

  88. 		if ($_SESSION['auser'] != $site_owner && $this->authorid != $_SESSION['aid']) return false;
    89. 

  89. 		if (!$this->id) return false;
    90. 

  90. 		if ($this->count() || $this->dbcount()) {
    91. 

  91. 			$this->_fetchchildren();
    92. 

  92. 			for ($i = 0; $i < $this->numchildren; $i++) {
    93. 

  93. 				$this->children[$i]->_del();
    94. 

  94. 			}
    95. 

  95. 			$this->numchildren=0;
    96. 

  96. 		}
    97. 

  97. 		discussion::delID($this->id);
    98. 

  98. 	}
    99. 

  99. 	
    100. 

  100. 	function delID($id) {
    101. 

  101. //		print "deleting $id.<br />";
    102. 

  102. 		$query = "
    103. 

  103. 			DELETE FROM
    104. 

  104. 				discussion
    105. 

  105. 			WHERE
    106. 

  106. 				discussion_id='".addslashes($id)."'
    107. 

  107. 		";
    108. 

  108. 		
    109. 

  109. 		db_query($query);
    110. 

  110. 		//log_entry("discussion","$_SESSION[auser] deleted story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");					
    111. 

  111. 		// done;
    112. 

  112. 	}
    113. 

  113. 

  114. /******************************************************************************
    115. 

  115.  * stats on # of posts, last post, timestamp, etc.
    116. 

  116.  ******************************************************************************/
    117. 

  117. 	
    118. 

  118. 	function generateStatistics($story) {
    119. 

  119. 		if (is_object($story)) $storyid = $story->id;
    120. 

  120. 		if (is_numeric($story)) $storyid = $story;
    121. 

  121. 		
    122. 

  122. 		// get the count:
    123. 

  123. 		$count = discussion::getCount($storyid);
    124. 

  124. 		if ($count) $lastPostData = discussion::getLastPostData($storyid);
    125. 

  125. 		else {return "No posts yet.";}
    126. 

  126. 		$posts = ($count==1)?"post":"posts";
    127. 

  127. 		$str = '';
    128. 

  128. 		$str .= "$count $posts, last post on ";
    129. 

  129. 		$str .= timestamp2usdate($lastPostData['timestamp']);
    130. 

  130. 		//$str .= ' by ';
    131. 

  131. 		//$str .= $lastPostData['fullname'];
    132. 

  132. 		return $str;
    133. 

  133. 	}
    134. 

  134. 	
    135. 

  135. 	function getCount($storyid) {
    136. 

  136. 		$query = "
    137. 

  137. 			SELECT
    138. 

  138. 				COUNT(*) as count
    139. 

  139. 			FROM
    140. 

  140. 				discussion
    141. 

  141. 			WHERE
    142. 

  142. 				FK_story='".addslashes($storyid)."'
    143. 

  143. 		";
    144. 

  144. 		
    145. 

  145. 		$r = db_query($query);
    146. 

  146. 		$a = db_fetch_assoc($r);
    147. 

  147. 		return $a['count'];		
    148. 

  148. 	}
    149. 

  149. 	
    150. 

  150. 	function getLastPostData($storyid) {
    151. 

  151. 		$query = "
    152. 

  152. 			SELECT
    153. 

  153. 				user_fname AS fullname,discussion_tstamp AS timestamp
    154. 

  154. 			FROM
    155. 

  155. 				discussion
    156. 

  156. 				INNER JOIN
    157. 

  157. 					user
    158. 

  158. 				ON
    159. 

  159. 					FK_author=user_id
    160. 

  160. 			WHERE
    161. 

  161. 				FK_story = '".addslashes($storyid)."'
    162. 

  162. 			ORDER BY
    163. 

  163. 				discussion_tstamp DESC
    164. 

  164. 			LIMIT 1
    165. 

  165. 		";
    166. 

  166. 		$r = db_query($query);
    167. 

  167. 		if (db_num_rows($r)) {
    168. 

  168. 			return db_fetch_assoc($r);
    169. 

  169. 		}
    170. 

  170. 		return null;
    171. 

  171. 	}
    172. 

  172. 	
    173. 

  173. 	function rewind() { $this->pointer = -1; }
    174. 

  174. 	function reverse() { $this->direction*=-1; }
    175. 

  175. 	function setstep($s) { $this->direction=$s; }
    176. 

  176. 	function end() { $this->pointer = $this->numchildren; }
    177. 

  177. 	function startfrombeginning() { $this->rewind(); $this->setstep(1); }
    178. 

  178. 	function startfromend() { $this->end(); $this->setstep(-1); }
    179. 

  179. 

  180. /******************************************************************************
    181. 

  181.  * flat or threaded
    182. 

  182.  ******************************************************************************/
    183. 

  183. 	
    184. 

  184. 	function flat() { $this->flat = true; }
    185. 

  185. 	function threaded() { $this->flat = false; }
    186. 

  186. 

  187. /******************************************************************************
    188. 

  188.  * discussion sort order
    189. 

  189.  ******************************************************************************/
    190. 

  190. 	
    191. 

  191. 	function recentfirst() { $this->dis_order = "recentfirst"; }
    192. 

  192. 	function recentlast() { $this->dis_order = "recentlast"; }
    193. 

  193. 	function rating() { $this->dis_order = "rating"; }
    194. 

  194. 	function author() { $this->dis_order = "author"; }
    195. 

  195. 	
    196. 

  196. /******************************************************************************
    197. 

  197.  * number of posts (children)
    198. 

  198.  ******************************************************************************/
    199. 

  199. 	
    200. 

  200. 	function count() { return $this->numchildren; }
    201. 

  201. 	function dbcount() {
    202. 

  202. 		if ($this->numchildren) return $this->numchildren;
    203. 

  203. 		$query = "
    204. 

  204. 			SELECT
    205. 

  205. 				COUNT(*) as count
    206. 

  206. 			FROM
    207. 

  207. 				discussion
    208. 

  208. 			WHERE
    209. 

  209. 				FK_story='".addslashes($this->storyid)."'"
    210. 

  210. 				.(($this->id)?" and FK_parent='".addslashes($this->id)."'":"");
    211. 

  211. 		
    212. 

  212. 		
    213. 

  213. 		$r = db_query($query);
    214. 

  214. 		$a = db_fetch_assoc($r);
    215. 

  215. 		return $a['count'];
    216. 

  216. 	}
    217. 

  217. 	
    218. 

  218. 	function fetchID($id) {
    219. 

  219. 		$this->id = $id;
    220. 

  220. 		$this->_fetch();
    221. 

  221. 	}
    222. 

  222. 	
    223. 

  223. 	function fetch() { $this->_fetch(); }
    224. 

  224. 	function fetchchildren() { $this->_fetchchildren(); }
    225. 

  225. 

  226. /******************************************************************************
    227. 

  227.  * called from discussion
    228. 

  228.  * parses DB line from query for discussion post info
    229. 

  229.  * creates $_f array of discussion post variables:
    230. 

  230.  *    (FK_parent,discussion_subject,discussion_id,FK_author,discussion_tstamp,
    231. 

  231.  *    discussion_content,discussion_rate,FK_story,media_tag,discussion_order,
    232. 

  232.  *    user_uname,user_fname,user_last_name,user_email)
    233. 

  233.  * creates variables for each item in $_f array
    234. 

  234.  ******************************************************************************/
    235. 

  235. 	
    236. 

  236. 	function _parseDBline($a) {
    237. 

  237. 		$_f = array("discussion_subject"=>"subject","FK_parent"=>"parentid","FK_author"=>"authorid","FK_story"=>"storyid","media_tag"=>"media_tag","media_size"=>"media_size","discussion_id"=>"id","discussion_tstamp"=>"tstamp","discussion_content"=>"content","discussion_rate"=>"rating","discussion_order"=>"order","user_uname"=>"authoruname","user_fname"=>"authorfname","user_email"=>"authoremail");
    238. 

  238. 		foreach ($_f as $f=>$v) {
    239. 

  239. 			if (isset($a[$f])) $this->$v = $a[$f];
    240. 

  240. 		}
    241. 

  241. 		if ($this->content) $this->content = urldecode($this->content);
    242. 

  242. 		if ($this->subject) $this->subject = urldecode($this->subject);
    243. 

  243. 		
    244. 

  244. 		// :: hack for anonymous posts
    245. 

  245. 		if (!$this->authorfname) {
    246. 

  246. 			$this->authorfname = $this->authoruname = "Anonymous";
    247. 

  247. 			$this->authorid = 0;
    248. 

  248. 		}
    249. 

  249. 	}
    250. 

  250. 

  251. /******************************************************************************
    252. 

  252.  * not sure when this is called...?
    253. 

  253.  ******************************************************************************/
    254. 

  254. 	
    255. 

  255. 	function _fetch() {
    256. 

  256. 		if (!$this->id) return false;
    257. 

  257. 		
    258. 

  258. 		$query = "
    259. 

  259. 			SELECT
    260. 

  260. 				discussion_tstamp,discussion_content,discussion_subject,discussion_rate,user_uname,user_fname,FK_story,FK_author,FK_parent,media_tag,media_size
    261. 

  261. 			FROM
    262. 

  262. 				discussion
    263. 

  263. 			INNER JOIN
    264. 

  264. 				user
    265. 

  265. 			ON
    266. 

  266. 				FK_author = user_id
    267. 

  267. 			LEFT JOIN
    268. 

  268. 				media
    269. 

  269. 			ON
    270. 

  270. 				FK_media = media_id
    271. 

  271. 			WHERE
    272. 

  272. 				discussion_id='".addslashes($this->id)."'
    273. 

  273. 		";
    274. 

    275. 

  275. 		$r = db_query($query);
    276. 

  276. 		$a = db_fetch_assoc($r);
    277. 

  277. 		$this->_parseDBline($a);
    278. 

  278. 		return true;
    279. 

  279. 	}
    280. 

  280. 

  281. /******************************************************************************
    282. 

  282.  * get all discussion posts
    283. 

  283.  ******************************************************************************/
    284. 

  284. 	
    285. 

  285. 	function _fetchchildren() {
    286. 

  286. 		if (!$this->storyid) return false;
    287. 

  287. 		if ($this->numchildren) return false; // they've already called _fetchchildren();
    288. 

  288. 		$this->_commithttpdata();
    289. 

  289. 		
    290. 

  290. 		if ($this->dis_order == "recentfirst") {
    291. 

  291. 			$order = " discussion_tstamp DESC";
    292. 

  292. 		} else if ($this->dis_order == "recentlast") {
    293. 

  293. 			$order = " discussion_tstamp ASC";
    294. 

  294. 		} else if ($this->dis_order == "rating") {
    295. 

  295. 			$order = " discussion_rate DESC";
    296. 

  296. 		} else if ($this->dis_order == "author") {
    297. 

  297. 			$order = " user_fname ASC";
    298. 

  298. 		}
    299. 

  299. 	
    300. 

  300. 	//$order = " discussion_rate DESC";
    301. 

  301. 	//	printpre($order);
    302. 

  302. 				
    303. 

  303. 		$query = "
    304. 

  304. 			SELECT
    305. 

  305. 				FK_parent,discussion_subject,discussion_id,FK_author,discussion_tstamp,discussion_content,discussion_rate,FK_story,media_tag,media_size,discussion_order,user_uname,user_fname,user_last_name,user_email
    306. 

  306. 			FROM
    307. 

  307. 				discussion
    308. 

  308. 				LEFT JOIN
    309. 

  309. 					user
    310. 

  310. 				ON
    311. 

  311. 					FK_author = user_id
    312. 

  312. 				LEFT JOIN
    313. 

  313. 					media
    314. 

  314. 				ON
    315. 

  315. 					FK_media = media_id
    316. 

  316. 			WHERE
    317. 

  317. 				FK_story = '".addslashes($this->storyid)."' ".
    318. 

  318. 				// check if we're not top-level - if !flat disc, fetch all children, otherwise fetch all discussions
    319. 

  319. 				(($this->flat)?"":" and FK_parent<=>".(($this->id)?"'".addslashes($this->id)."'":"NULL"))."
    320. 

  320. 				
    321. 

  321. 			ORDER BY
    322. 

  322. 				".$order;
    323. 

  323. 		
    324. 

  324. 		//print $query;
    325. 

  325. 		
    326. 

  326. 		$r = db_query($query);
    327. 

  327. 		
    328. 

  328. 		/******************************************************************************
    329. 

  329. 		 * instantiate a discussion object for each post (child) to this story's discussion
    330. 

  330. 		 * pass discussion object $a = array of discussion posts
    331. 

  331. 		 * (FK_parent,discussion_subject,discussion_id,FK_author,discussion_tstamp,
    332. 

  332. 		 * discussion_content,discussion_rate,FK_story,media_tag,discussion_order,
    333. 

  333. 		 * user_uname,user_fname,user_last_name,user_email)
    334. 

  334. 		 ******************************************************************************/
    335. 

  335. 		
    336. 

  336. 		while($a = db_fetch_assoc($r)) {
    337. 

  337. 			if ($this->storyObj)
    338. 

  338. 				$this->children[] = &new discussion($this->storyObj,$a);
    339. 

  339. 			else
    340. 

  340. 				$this->children[] = &new discussion($this->storyid,$a);
    341. 

  341. 			$this->numchildren++;
    342. 

  342. 		}
    343. 

  343. 		return true;
    344. 

  344. 	}
    345. 

  345. 	
    346. 

  346. /******************************************************************************
    347. 

  347.  * insert new posts into discussion table
    348. 

  348.  ******************************************************************************/
    349. 

  349. 	
    350. 

  350. 	function _insert() {
    351. 

  351. 		$query = "
    352. 

  352. 			SELECT
    353. 

  353. 				COUNT(*) as count
    354. 

  354. 			FROM
    355. 

  355. 				discussion
    356. 

  356. 			WHERE
    357. 

  357. 				FK_story='".addslashes($this->storyid)."'
    358. 

  358. 		";
    359. 

  359. 			
    360. 

  360. 			$a = db_fetch_assoc(db_query($query));
    361. 

  361. 			$this->order = $a['count'];
    362. 

  362. 			
    363. 

  363. 			
    364. 

  364. 			$query = "
    365. 

  365. 				INSERT INTO
    366. 

  366. 					discussion
    367. 

  367. 				SET
    368. 

  368. 					".$this->_generateSQLdata();
    369. 

  369. 			
    370. 

  370. 		// If we've set a timestamp before saving, we probably want to keep it.
    371. 

  371. 		//if ($this->tstamp) $query .= ",discussion_tstamp='".$this->tstamp."'";
    372. 

  372. 

  373. 		db_query($query);
    374. 

  374. 		//printc($query);
    375. 

  375. 		$this->id = lastid();
    376. 

  376. 		
    377. 

  377. 		return $this->id;
    378. 

  378. 	}
    379. 

  379. 	
    380. 

  380. 	
    381. 

  381. /******************************************************************************
    382. 

  382.  * update posts in discussion table
    383. 

  383.  ******************************************************************************/
    384. 

  384. 	
    385. 

  385. 	function _update() {
    386. 

  386. 		if (!$this->id) return false;
    387. 

  387. 		$query = "
    388. 

  388. 			UPDATE
    389. 

  389. 				discussion
    390. 

  390. 			SET
    391. 

  391. 				".$this->_generateSQLdata()."
    392. 

  392. 			WHERE
    393. 

  393. 				discussion_id='".addslashes($this->id)."'
    394. 

  394. 		";
    395. 

  395. 		
    396. 

  396. //		printc ($query);
    397. 

  397. 		db_query($query);
    398. 

  398. 		//$newid = lastid();
    399. 

  399. 		return true;
    400. 

  400. 	}
    401. 

  401. 	
    402. 

  402. 	function insert() { 
    403. 

  403. 		$newid = $this->_insert(); 
    404. 

  404. 		return $newid;
    405. 

  405. 	}
    406. 

  406. 	function update() { $this->_update(); }
    407. 

  407. 	
    408. 

  408. 	function _generateSQLdata() {
    409. 

  409. 		$query = "FK_author=".$this->authorid;
    410. 

  410. 		if ($this->parentid) $query .= ",FK_parent=".$this->parentid;
    411. 

  411. 		if ($this->libraryfileid) {
    412. 

  412. 			$media_id = $this->libraryfileid;
    413. 

  413. 			$query .= ",FK_media=".$media_id;
    414. 

  414. 		}
    415. 

  415. 		
    416. 

  416. 		$query .= ",discussion_content='".urlencode(stripslashes($this->content))."'";
    417. 

  417. 		$query .= ",discussion_subject='".urlencode(stripslashes($this->subject))."'";
    418. 

  418. 		if (is_numeric($this->rating)) {
    419. 

  419. 			$query .= ",discussion_rate=".$this->rating;
    420. 

  420. 		} else {
    421. 

  421. 			$query .= ",discussion_rate=NULL";
    422. 

  422. 		}
    423. 

  423. 		$query .= ",FK_story=".$this->storyid;
    424. 

  424. 		// If we've set a timestamp before saving, we probably want to keep it.
    425. 

  425. 		if ($this->tstamp) $query .= ",discussion_tstamp='".$this->tstamp."'";
    426. 

  426. 

  427. 		//if ($this->order) $query .= $this->order;
    428. 

  428. 		return $query;
    429. 

  429. 	}
    430. 

  430. 	
    431. 

  431. /******************************************************************************
    432. 

  432.  * Threaded dicussion: outputs new post link and calls _output function
    433. 

  433.  * for all children of current post
    434. 

  434.  * $cr=can reply (ie has permission), $o=owner, $top=parent
    435. 

  435.  ******************************************************************************/
    436. 

  436. 	
    437. 

  437. 	function outputAll($cr=false,$o=false,$top=false,$showposts=1,$showallauthors=1,$mailposts=0) {
    438. 

  438. 		global $sid,$content, $cfg;
    439. 

  439. 		// debug
    440. 

  440. //		print "outputAll($canreply,$owner,$copt)<br />";
    441. 

  441. 		// spider down and output every one
    442. 

  442. 		if ($top) {
    443. 

  443. //			print_r($this->storyObj->permissions);
    444. 

  444. //			$cand = $this->storyObj->hasPermission("discuss");
    445. 

  445. 			$newpostbar='';
    446. 

  446. 			$newpostbar.="<tr><td>\n";
    447. 

  447. 			
    448. 

  448. 			/******************************************************************************
    449. 

  449. 			 * if user can reply (cr) (ie has permission
    450. 

  450. 			 ******************************************************************************/	
    451. 

  451. 			if ($cr) {
    452. 

  452. 				// just in case...
    453. 

  453. 				$this->_commithttpdata();
    454. 

  454. 				printc ("<tr><td>\n");
    455. 

  455. 				printerr2();
    456. 

  456. 				printc ("</td></tr>\n");
    457. 

  457. 				
    458. 

  458. 				if ($_REQUEST['discuss'] == 'newpost' && ($cfg['disable_discussion'] != TRUE || $_SESSION['ltype'] == 'admin')) {
    459. 

  459. 					$this->_outputform('newpost');
    460. 

  460. 				} else {
    461. 

  461. 					//$newpostbar='';
    462. 

  462. 					//$newpostbar.="<tr><td align='right'>";
    463. 

  463. 					if (!$_SESSION[auser] && $showposts != 1) {	
    464. 

  464. 						$newpostbar.="You must be logged in to do this assessment.\n";
    465. 

  465. 					} else {
    466. 

  466. 						if ($cfg['disable_discussion'] == TRUE && $_SESSION['ltype'] != 'admin') {
    467. 

  467. 							$newpostbar.="<div align='right'>Discussion posting has been disabled</div>";
    468. 

  468. 						} else {
    469. 

  469. 							$newpostbar.="<div align='right'><a href='".$_SERVER['SCRIPT_NAME']."?$sid&amp;".$this->getinfo."&amp;action=site&amp;discuss=newpost#new'>new post</a></div>\n";
    470. 

  470. 						}
    471. 

  471. 					}
    472. 

  472. 				//	$newpostbar.="</td></tr>";
    473. 

  473. 				}
    474. 

  474. 			
    475. 

  475. 			/******************************************************************************
    476. 

  476. 			 * if user doesn't have permission....
    477. 

  477. 			 ******************************************************************************/
    478. 

  478. 

  479. 			} else {
    480. 

  480. 				if (!$_SESSION[auser]) {
    481. 

  481. 					$newpostbar.="You must be logged in to contribute to this discussion.\n";
    482. 

  482. 				} else {
    483. 

  483. 					$newpostbar.="Only specified groups or individuals can participant.\n";
    484. 

  484. 				}
    485. 

  485. 			}
    486. 

  486. 			$newpostbar.="</td></tr>\n";
    487. 

  487. 			printc ($newpostbar);
    488. 

  488. 		}
    489. 

  489. 		
    490. 

  490. 		/******************************************************************************
    491. 

  491. 		 * output a discussion post
    492. 

  492. 		 ******************************************************************************/
    493. 

  493. 				
    494. 

  494. 		if ($this->id) $this->_output($cr,$o);
    495. 

  495. 		
    496. 

  496. 		/******************************************************************************
    497. 

  497. 		 * output all discussion of current post's thread (children)
    498. 

  498. 		 ******************************************************************************/
    499. 

  499. 		
    500. 

  500. 		$this->_outputChildren($cr,$o,(($top)?$this->opt:NULL));
    501. 

  501. 		
    502. 

  502. 		if ($this->numchildren && $showposts == 1) printc ($newpostbar);
    503. 

  503. 	}
    504. 

  504. 	
    505. 

  505. /******************************************************************************
    506. 

  506.  * Threaded discussion: calls _fetchchildren to get all threads of current post
    507. 

  507.  * for each post (child) calls outputAll (threaded) or _output (flat) to display
    508. 

  508.  ******************************************************************************/
    509. 

  509. 	
    510. 

  510. 	function _outputChildren($cr,$o,$opt=NULL) {
    511. 

  511. 		$this->_fetchchildren();
    512. 

  512. 		if ($this->numchildren) {
    513. 

  513. 			if (is_array($opt)) $p = 0;
    514. 

  514. 			else $p = 1;
    515. 

  515. 			if ($p) {
    516. 

  516. 				printc ("<tr><td style='padding: 0px'><table align='right' width='95%' style='padding-left:".$p."px' cellspacing='0px'>\n");
    517. 

  517. 			} else {
    518. 

  518. 				printc ("<tr><td style='padding: 0px'><table width='100%' style='padding-left:".$p."px' cellspacing='0px'>\n");
    519. 

  519. 			}
    520. 

  520. 			for ($i=0;$i<$this->numchildren;$i++) {
    521. 

  521. 				if (is_array($opt)) $this->children[$i]->opt($opt);
    522. 

  522. 				if ($this->opt("useoptforchildren")) $this->children[$i]->opt($this->opt);
    523. 

  523. 				$this->children[$i]->getinfo = $this->getinfo;
    524. 

  524. 				
    525. 

  525. 				if ($this->flat) 
    526. 

  526. 					$this->children[$i]->_output($cr,$o);
    527. 

  527. 				else 
    528. 

  528. 					$this->children[$i]->outputAll($cr,$o);
    529. 

  529. 			}
    530. 

  530. 			printc ("</table></td></tr>\n");
    531. 

  531. 		}
    532. 

  532. 	}
    533. 

  533. 	
    534. 

  534. 	
    535. 

  535. /******************************************************************************
    536. 

  536.  * outputs discussion table
    537. 

  537.  ******************************************************************************/
    538. 

  538. 	
    539. 

  539. 	function output($canreply=false,$owner=false) {
    540. 

  540. 		// print a small table that will house the discussion
    541. 

  541. 		printc ("<table width='100%' style='padding:0' cellspacing='0px'>\n");
    542. 

  542. 		$this->_output($canreply,$owner);
    543. 

  543. 		printc ("</table>\n");
    544. 

  544. 	}
    545. 

  545. 

  546. /******************************************************************************
    547. 

  547.  * commits data from posting form
    548. 

  548.  ******************************************************************************/
    549. 

  549. 	
    550. 

  550. 	function _commithttpdata() {
    551. 

  551. 		global $sid,$error,$_full_uri;
    552. 

  552. 		global $mailposts, $cfg;
    553. 

  553. 		
    554. 

  554. 		//require_once("htmleditor/editor.inc.php");
    555. 

  555. 		if ($_REQUEST['commit'] && ($cfg['disable_discussion'] != TRUE || $_SESSION['ltype'] == 'admin')) { // indeed, we are supposed to commit
    556. 

  556. 			$site = $_REQUEST['site'];
    557. 

  557. 			$action = $_REQUEST['action'];
    558. 

  558. 			$a = $_REQUEST['discuss'];
    559. 

  559. 			if (!$_REQUEST['subject']) error("You must enter a subject.\n");
    560. 

  560. 			if (!$_REQUEST['content']) error("You must enter some text to post.\n");
    561. 

  561. 			if (isset($_REQUEST['rating']) && !is_numeric($_REQUEST['rating']) && $_REQUEST['rating'] != "") $error = "Post rating must be numeric.\n";
    562. 

  562. 			
    563. 

  563. 			if ($error) { unset($_REQUEST['commit']); return false; }
    564. 

  564. 			
    565. 

  565. 			/******************************************************************************
    566. 

  566. 			 * if public discussion and no log in then add user to user table
    567. 

  567. 			 * uname = email address, type = visitor
    568. 

  568. 			 ******************************************************************************/
    569. 

  569. 			
    570. 

  570. 			if (!$_SESSION[auser]) {
    571. 

  571. 				if (user::userEmailExists($_REQUEST['visitor_email'])) {
    572. 

  572. 					 error("A user with that email address already exists.  Please log in before posting.");
    573. 

  573. 				}
    574. 

  574. 				
    575. 

  575. 				/******************************************************************************
    576. 

  576. 				 * Visitor account validation:
    577. 

  577. 				 * check that a name has been entered
    578. 

  578. 				 * check that the email enter doesn't already exist in Segue and 
    579. 

  579. 				 * is not part of the $cfg[visitor_email_excludes] specified in the config
    580. 

  580. 				 ******************************************************************************/
    581. 

  581. 				
    582. 

  582. 				if (!$_REQUEST['visitor_name']) error("You must enter a username.");
    583. 

  583. 				if (!$_REQUEST['visitor_email'] || !ereg("@", $_REQUEST['visitor_email'])) {
    584. 

  584. 					error("You must enter a valid email address.");
    585. 

  585. 					
    586. 

  586. 				} else if ($_REQUEST['visitor_email'] ) {
    587. 

  587. 					foreach ($cfg[visitor_email_excludes] as $visitor_email_exclude) {
    588. 

  588. 						if ($exclude = ereg($visitor_email_exclude, $_REQUEST['visitor_email'])) {
    589. 

  589. 							error("Please log in above with your $cfg[inst_name] account.");
    590. 

  590. 						}
    591. 

  591. 					}
    592. 

  592. 				}
    593. 

  593. 								
    594. 

  594. 				// all good
    595. 

  595. 				if (!$error) {
    596. 

  596. 					$obj = &new user();
    597. 

  597. 					$obj->uname = $_REQUEST['visitor_email'];
    598. 

  598. 					$obj->fname = $_REQUEST['visitor_name'];
    599. 

  599. 					$obj->email = $_REQUEST['visitor_email'];
    600. 

  600. 					$obj->type = "visitor";
    601. 

  601. 					$obj->authtype = 'db';
    602. 

  602. 					$obj->randpass(5,3);
    603. 

  603. 					$obj->insertDB();
    604. 

  604. 					$obj->sendemail();
    605. 

  605. 					$visitor_id = lastid();
    606. 

  606. 				}			
    607. 

  607. 			}
    608. 

  608. 			
    609. 

  609. 			if ($error) { unset($_REQUEST['commit']); return false; }
    610. 

  610. 

  611. 			
    612. 

  612. 			if ($a=='edit') {
    613. 

  613. 				$d = & new discussion($_REQUEST['story']);
    614. 

  614. 				$d->fetchID($_REQUEST['id']);
    615. 

  615. 				if ($_SESSION['auser'] != $d->authoruname) return false;
    616. 

  616. 				$d->subject = $_REQUEST['subject'];
    617. 

  617. 				
    618. 

  618. 				$d->content = cleanEditorText($_REQUEST['content']);
    619. 

  619. 				$d->content = convertInteralLinksToTags($site, $d->content);
    620. 

  620. 				
    621. 

  621. 				$d->update();
    622. 

  622. 				//log_entry("discussion","$_SESSION[auser] edited story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");					
    623. 

  623. 				
    624. 

  624. 				unset($_REQUEST['discuss'],$_REQUEST['commit']);
    625. 

  625. 				//unset($d);
    626. 

  626. 			}
    627. 

  627. 			
    628. 

  628. 			if ($a=='rate') {
    629. 

  629. 				$d = & new discussion($_REQUEST['story']);
    630. 

  630. 				$d->fetchID($_REQUEST['id']);
    631. 

  631. 				$d->rating = $_REQUEST['rating'];
    632. 

  632. 				
    633. 

  633. 				$d->update();
    634. 

  634. 				//log_entry("discussion","$_SESSION[auser] edited story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");					
    635. 

  635. 				
    636. 

  636. 				unset($_REQUEST['discuss'],$_REQUEST['commit']);
    637. 

  637. 				// unset($d);
    638. 

  638. 			}
    639. 

  639. 			
    640. 

  640. 			if ($a=='reply'|| $a=='newpost') {
    641. 

  641. 				$d = & new discussion($_REQUEST['story']);
    642. 

  642. 				$d->subject = $_REQUEST['subject'];
    643. 

  643. 				
    644. 

  644. 				// Lets pass the cleaning of editor text off to the editor.
    645. 

  645. 				$d->content = cleanEditorText($_REQUEST['content']);
    646. 

  646. 				$d->content = convertInteralLinksToTags($site, $d->content);
    647. 

  647. 					
    648. 

  648. 				if ($a=='reply') {
    649. 

  649. 					$d->parentid = $_REQUEST['replyto'];
    650. 

  650. 					//log_entry("discussion","$_SESSION[auser] replied to story ".$_REQUEST['story']." discussion post id ".$_REQUEST['replyto']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");					
    651. 

  651. 				} else {
    652. 

  652. 					//log_entry("discussion","$_SESSION[auser] posted to story ".$_REQUEST['story']." discussion in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");				
    653. 

  653. 				}
    654. 

  654. 				$d->authorid = ($_SESSION['aid'])?$_SESSION['aid']:$visitor_id;
    655. 

  655. 				$d->authorfname = ($_SESSION['afname'])?$_SESSION['afname']:$_REQUEST['visitor_name'];
    656. 

  656. 				$d->libraryfileid = $_REQUEST['libraryfileid'];
    657. 

  657. 				$newid = $d->insert();
    658. 

  658. 			}
    659. 

  659. 			/******************************************************************************
    660. 

  660.  			* gather data for sendmail function
    661. 

  661. 			 ******************************************************************************/
    662. 

  662. 

  663. 			
    664. 

  664. 			if ($mailposts == 1) {
    665. 

  665. 				//printpre("email sending...");
    666. 

  666. 				$this->sendemail($newid);
    667. 

  667. 			}
    668. 

  668. 

  669. 			unset($_REQUEST['discuss'],$_REQUEST['commit']);
    670. 

  670. 		}
    671. 

  671. 	}
    672. 

  672. 	
    673. 

  673. /******************************************************************************
    674. 

  674.  * outputs posting form (new post, edit, reply)
    675. 

  675.  * add editor options here...
    676. 

  676.  ******************************************************************************/
    677. 

  677. 

  678. 	
    679. 

  679. 	function _outputform($t) { // outputs a post form of type $t (newpost,edit,reply)
    680. 

  680. 		global $sid,$error,$site_owner,$_full_uri, $cfg;
    681. 

  681. 		//$script = $_SERVER['SCRIPT_NAME'];
    682. 

  682. 		//printpre ("fulluri: ".$_full_uri);
    683. 

  683. 		//printpre ("thisinfo: ".$this->getinfo);
    684. 

  684. 		
    685. 

  685. 		if ($t == 'edit') {
    686. 

  686. 			$b = 'update';
    687. 

  687. 			$d = "You are editing your post &quot;<a name='".$this->id."'>".$this->subject."</a>&quot;\n";
    688. 

  688. 			$c = ($_REQUEST['content'])?$_REQUEST['content']:$this->content;
    689. 

  689. 			$s = ($_REQUEST['subject'])?$_REQUEST['subject']:$this->subject;
    690. 

  690. 		}
    691. 

  691. 		if ($t == 'reply' || $t == 'newpost') {
    692. 

  692. 			$b = 'post';
    693. 

  693. 			$d = "<a name='new'>You are posting a new entry.</a>\n";
    694. 

  694. 			$c = $_REQUEST['content'];
    695. 

  695. 			if ($t == 'reply') {
    696. 

  696. 				$d = "You are replying to &quot;<a name='reply' href='#'".$this->id.">".$this->subject."</a>&quot;";
    697. 

  697. 				if (!$_REQUEST['subject'] && !ereg("^Re:",$this->subject))
    698. 

  698. 					$s = "Re: ". $this->subject;
    699. 

  699. 				else $s = $this->subject;
    700. 

  700. 			}
    701. 

  701. 			else $s = $_REQUEST['subject'];
    702. 

  702. 		}
    703. 

  703. 		if ($t == 'rate') {
    704. 

  704. 			$b = 'rate';
    705. 

  705. 			//$d = "<a name='".$this->id."'>You are editing your post &quot;".$this->subject."&quot;</a>";
    706. 

  706. 			$s = ($_REQUEST['subject'])?$_REQUEST['subject']:$this->subject;
    707. 

  707. 			$a = "by <span class='subject'>".$this->authorfname."</span>\n";
    708. 

  708. 			$a .= " posted on ";
    709. 

  709. 			$a .= timestamp2usdate($this->tstamp);
    710. 

  710. 			$c = ($_REQUEST['content'])?$_REQUEST['content']:$this->content;						
    711. 

  711. 		}
    712. 

  712. 				
    713. 

  713. 		$p = ($t=='reply')?" style='padding-left: 15px'":'';
    714. 

  714. 		
    715. 

  715. 		printc ("\n<form action='".$_full_uri."/index.php?$sid&amp;action=site&amp;".$this->getinfo."#".$this->id."' method='post' name='addform'>\n");
    716. 

  716. 		printc ("<tr><td$p><b>$d</b></td></tr>\n");
    717. 

  717. 		printc ("<tr><td$p>\n");
    718. 

  718. 		printc ("<table width='100%'  cellspacing='0px'>\n");
    719. 

  719. 		
    720. 

  720. 		if ($t == 'rate') {	
    721. 

  721. 			//printc ("Subject: <input type='text' size='50' name='subject' value='".spchars($s)."' readonly />");
    722. 

  722. 			if ($this->rating && isnumeric($this->rating)) {
    723. 

  723. 				$rating_value = $this->rating;
    724. 

  724. 			} else {
    725. 

  725. 				$rating_value = "";
    726. 

  726. 			}
    727. 

  727. 			
    728. 

  728. 			printc ("<td class='dheader3'>\n");
    729. 

  729. 							
    730. 

  730. 			printc ("<table width='100%' cellspacing='0px'>\n");
    731. 

  731. 			printc ("<tr><td align='left'>\n");
    732. 

  732. 			printc ("<span class='subject'><a name='".$this->id."'>\n");
    733. 

  733. 			printc ($s);
    734. 

  734. 			printc ("</a><input type='hidden' name='subject' value='".spchars($s)."' />\n");
    735. 

  735. 			printc (" (<input type='text' size='3' class='textfield small' name='rating' value='".$rating_value."' />\n");
    736. 

  736. 			printc("<input type='submit' class='button small' value='rate' />");
    737. 

  737. 			printc(" <a href='".$_full_uri."/index.php?$sid&amp;action=site&amp;".$this->getinfo."#".$this->id."'><input type='button' class='button small' value='cancel' /></a>\n");
    738. 

  738. 			printc(" numeric only");
    739. 

  739. 			printc(")\n");
    740. 

  740. 			printc ("</span></td>\n");
    741. 

  741. 			
    742. 

  742. 			printc ("<td align='right'></td>\n");
    743. 

  743. 			printc ("</tr><tr>\n");
    744. 

  744. 			printc ("<td align='left'>\n");
    745. 

  745. 			printc ($a);
    746. 

  746. 			if ($this->media_tag) {
    747. 

  747. 				$media_link = "<a href='".$uploadurl."/".$_REQUEST[site]."/".$this->media_tag."' target='media'>".$this->media_tag."</a>\n";
    748. 

  748. 				printc ("<br />attached: $media_link\n");
    749. 

  749. 			}				
    750. 

  750. 			printc ("</td>\n");
    751. 

  751. 			printc ("<td align='right' valign='bottom'></td></tr>\n"); 
    752. 

  752. 			printc("</table>\n");
    753. 

  753. 			
    754. 

  754. 			printc ("</td>\n");
    755. 

  755. 						
    756. 

  756. 		} else {
    757. 

  757. 			printc ("<tr><td align='left'>\n");
    758. 

  758. 			printc ("<table>");
    759. 

  759. 			
    760. 

  760. 			/******************************************************************************
    761. 

  761.  			* If public discussion and not logged in
    762. 

  762.  			* add fields for visitor name and email
    763. 

  763. 			 ******************************************************************************/
    764. 

  764. 

  765. 			if (!$_SESSION[auser]) {
    766. 

  766. 				printc ("<tr><td colspan = 2><div style='font-size: 9px'>If you part of the ".$cfg[inst_name]);
    767. 

  767. 				printc (" community or have posted to a public forum here and received a visitor user account, please log in <b>before</b> posting.");
    768. 

  768. 				printc ("  If you do not yet have a user account, please register below.</div></td></tr>\n");
    769. 

  769. 				//printc ("<tr><td>Full Name:</td><td><input type='text' size='50' name='visitor_name' value='".$_REQUEST['visitor_name']."' /></td></tr>\n");
    770. 

  770. 				//printc ("<tr><td>Email:</td><td><div style='font-size: 9px'><input type='text' size='25' name='visitor_email' value='".$_REQUEST['visitor_email']."' />\n");
    771. 

  771. 				printc ("<tr><td  colspan = 2 align = center><div style='font-size: 10px'>");
    772. 

  772. 				printc ("<a href='passwd.php?action=login' target='password' onclick='doWindow(\"password\",400,300)'>Login</a> | ");
    773. 

  773. 				printc ("<a href='passwd.php?action=register' target='password' onclick='doWindow(\"password\",400,300)'>Register</a> | ");
    774. 

  774. 				printc ("<a href='passwd.php?action=reset' target='password' onclick='doWindow(\"password\",400,300)'>Forget your password?</a></div>");
    775. 

  775. 				printc ("</td></tr>");
    776. 

  776. 			}
    777. 

  777. 			
    778. 

  778. 			if ($_SESSION[auser]) {			
    779. 

  779. 				printc ("<tr><td>Subject:</td><td><input type='text' class='textfield small' size='50' name='subject' value='".spchars($s)."' /></td></tr>\n");
    780. 

  780. 			//	printc ("<tr><td></td><td></td></tr>\n");
    781. 

  781. 				
    782. 

  782. 			}
    783. 

  783. 			printc ("</table>\n");
    784. 

  784. 		}
    785. 

  785. 		printc ("</td><td align='right'>\n");
    786. 

  786. 		
    787. 

  787. 		// if not rate, print edit, update or post
    788. 

  788. 		if ($t != 'rate' && $_SESSION[auser]) {
    789. 

  789. 			printc("<input type='submit' class='button small' value='$b' />\n");
    790. 

  790. 			printc("<a href='".$_full_uri."/index.php?$sid&amp;action=site&amp;".$this->getinfo."#".$this->id."'><input type='button' class='button small' value='cancel' /></a>\n");
    791. 

  791. 		}
    792. 

  792. 		printc ("</td></tr></table>\n");
    793. 

  793. 		printc ("</td></tr>\n");
    794. 

  794. 		
    795. 

  795. 		// print out post content
    796. 

  796. 		//printc ("<tr><td class='content$p'>");
    797. 

  797. 		
    798. 

  798. 		/******************************************************************************
    799. 

  799. 		 * print out editor here... (if editing post or adding new or not rating)
    800. 

  800. 		 ******************************************************************************/
    801. 

  801. 

  802. 		if ($t != 'rate' && $_SESSION[auser]) {			
    803. 

  803. 			printc ("<td class='content$p'>\n");
    804. 

  804. 			$c = convertTagsToInteralLinks ($_REQUEST[site], $c);
    805. 

  805. 			addeditor ("content",60,20,$c,"discuss");
    806. 

  806. 		} else {
    807. 

  807. 			printc ("<td>".$c."<br /><br />\n");
    808. 

  808. 			printc ("<input type='hidden' name='content' value='".$c."' />\n");
    809. 

  809. 		}
    810. 

  810. 		
    811. 

  811. 		/******************************************************************************
    812. 

  812. 		 * 	print hidden fields
    813. 

  813. 		 ******************************************************************************/
    814. 

  814. 		 
    815. 

  815. 		printc ("<input type='hidden' name='discuss' value='".$_REQUEST['discuss']."' />\n");
    816. 

  816. 		//added fullstory action for posting form
    817. 

  817. 		printc ("<input type='hidden' name='action' value='".$_REQUEST['action']."' />\n");
    818. 

  818. 		//added site variable for discussion logging
    819. 

  819. 		printc ("<input type='hidden' name='site' value='".$_REQUEST['site']."' />\n");	
    820. 

  820. 		printc ("<input type='hidden' name='libraryfileid' value='".$_REQUEST['libraryfileid']."' />\n");	
    821. 

  821. 		printc ("<input type='hidden' name='dis_order' value='".$this->dis_order."' />\n");
    822. 

  822. 		printc ("<input type='hidden' name='commit' value='1' />\n");
    823. 

  823. 		if ($t=='edit' || $t=='rate') printc ("<input type='hidden' name='id' value=".$_REQUEST['id']." />\n");
    824. 

  824. 		if ($t=='reply') printc ("<input type='hidden' name='replyto' value=".$_REQUEST['replyto']." />\n");
    825. 

  825. 		$site = $_REQUEST[site];
    826. 

  826. 		
    827. 

  827. 		/******************************************************************************
    828. 

  828. 		 * print file upload UI
    829. 

  829. 		 ******************************************************************************/
    830. 

  830. 		 
    831. 

  831. 		if ($t != 'rate'  && $_SESSION[auser]) {	
    832. 

  832. 			printc ("<br />Upload a File:<input type='text' class='textfield small' name='libraryfilename' value='".$_REQUEST['libraryfilename']."' size='25' readonly />\n<input type='button' class='button small' name='browsefiles' value='Browse...' onclick='sendWindow(\"filebrowser\",700,600,\"filebrowser.php?site=$site&amp;source=discuss&amp;owner=$site_owner&amp;editor=none\")' target='filebrowser' style='text-decoration: none' />\n\n");
    833. 

  833. 			if ($_SESSION['aid']) printc ("<br />You will be able to edit your post as long as no-one replies to it.\n");
    834. 

  834. 			else printc ("<br />Once submitted, you will not be able to modify your post.\n");
    835. 

  835. 		}
    836. 

  836. 		printc ("</form>\n");
    837. 

  837. 		printc ("</td></tr>\n");
    838. 

  838. 		
    839. 

  839. 	}
    840. 

  840. 		
    841. 

  841. /******************************************************************************
    842. 

  842.  * determines what kind of output to do (edit, del) and what to display
    843. 

  843.  ******************************************************************************/
    844. 

  844. 	
    845. 

  845. 	function _output($cr,$o) {
    846. 

  846. 		global $sid,$error,$showallauthors,$showposts,$uploadurl,$site_owner,$_full_uri;
    847. 

  847. 		
    848. 

  848. 		$siteOwnerId = db_get_value("user","user_id","user_uname='".addslashes($site_owner)."'");
    849. 

  849. 		$parentAuthorId = db_get_value("discussion","FK_author","discussion_id='".addslashes($this->parentid)."'");
    850. 

  850. 		//print $siteOwnerId;
    851. 

  851. 		//printc("author=".$parentAuthorId);
    852. 

  852. 

  853. 		$siteObj =& $this->storyObj->owningSiteObj;
    854. 

  854. 		$siteLevelEditors = $siteObj->getSiteLevelEditors();
    855. 

  855. 		$isSiteEditor = in_array($_SESSION[auser], $siteLevelEditors);
    856. 

  856. 

  857. 		
    858. 

  858. 		
    859. 

  859. 		if (
    860. 

  860. 			// Discussion mode, not assement
    861. 

  861. 			$showposts == 1 
    862. 

  862. 			// In assemment mode and one of the users that can view this post
    863. 

  863. 			|| (
    864. 

  864. 				// You are the author of the post
    865. 

  865. 				($_SESSION[auser] == $this->authoruname
    866. 

  866. 				// you are the site_owner
    867. 

  867. 				|| $o == 1
    868. 

  868. 				// you are a site-level editor
    869. 

  869. 				|| $isSiteEditor
    870. 

  870. 				// This is a reply to your post by the site owner
    871. 

  871. 				|| ($site_owner == $this->authoruname && $_SESSION[aid] == $parentAuthorId && $_SESSION[auser])
    872. 

  872. 				// This is a reply to your post by a site-level editor
    873. 

  873. 				|| (in_array($this->authoruname, $siteLevelEditors) && $_SESSION[aid] == $parentAuthorId && $_SESSION[auser])
    874. 

  874. 			)
    875. 

  875. 		)) {
    876. 

  876. 			// check to see if we have any info to commit
    877. 

  877. 			$this->_commithttpdata();
    878. 

  878. 			
    879. 

  879. 			if ($_REQUEST['discuss'] == 'edit' && $_REQUEST['id'] == $this->id) {
    880. 

  880. 				$this->_outputform('edit');
    881. 

  881. 				return true;
    882. 

  882. 			}
    883. 

  883. 			
    884. 

  884. 			if ($_REQUEST['discuss'] == 'del' && $_REQUEST['id'] == $this->id) {
    885. 

  885. 				$this->_del();
    886. 

  886. 				return true;
    887. 

  887. 			}
    888. 

  888. 			
    889. 

  889. 			if ($_REQUEST['discuss'] == 'rate' && $_REQUEST['id'] == $this->id) {
    890. 

  890. 				$this->_outputform('rate');
    891. 

  891. 				return true;
    892. 

  892. 			}
    893. 

  893. 			
    894. 

  894. 			//$script = $_SERVER['SCRIPT_NAME'];
    895. 

  895. 			
    896. 

  896. 			/******************************************************************************
    897. 

  897. 			 * 	Outputs html for displaying posts
    898. 

  898. 			 * outputs discussion post info
    899. 

  899. 			 ******************************************************************************/
    900. 

  900. 

  901. 			if (!$this->id) return false;
    902. 

  902. 			printc ("\n<tr>");			
    903. 

  903. 			$s = "<a href='".$_full_uri."/index.php?$sid&amp;action=site&amp;".$this->getinfo."&amp;expand=".$this->id."' name='".$this->id."'>".$this->subject."</a>\n";
    904. 

  904. 		//	printc ("</form>");
    905. 

  905. 	//		$s = $this->subject;
    906. 

  906. 			//printpre($_SESSION);
    907. 

  907. 			$a = "";
    908. 

  908. 			if ($showallauthors == 1 || ($_SESSION[auser] && ($o || $_SESSION[auser] == $this->authoruname || $site_owner == $this->authoruname && $_SESSION[aid] == $parentAuthorId))) {
    909. 

  909. 				if ($this->opt("showauthor")) $a .= "by <span class='subject'>".$this->authorfname."</span>\n";
    910. 

  910. 				if ($this->opt("showauthor") && $this->opt("showtstamp")) $a .= " on ";
    911. 

  911. 			} else {
    912. 

  912. 				$a .= "posted on ";
    913. 

  913. 			}
    914. 

  914. 			if ($this->opt("showtstamp")) $a .= timestamp2usdate($this->tstamp);
    915. 

  915. 			
    916. 

  916. 			// Wiki-markup example
    917. 

  917. 			global $storyObj;
    918. 

  918. 			$a .= WikiResolver::getMarkupExample($storyObj->getField("title"), $this->id);
    919. 

  919. 			
    920. 

  920. 			/******************************************************************************
    921. 

  921. 			 * 	 collect possible actions to current post (rely | del | edit | rate)
    922. 

  922. 			 ******************************************************************************/
    923. 

  923. 			$b = array();
    924. 

  924. 			if ($cfg['disable_discussion'] != TRUE && ($cfg['disable_discussion'] != TRUE && $_SESSION['ltype'] == 'admin')) {
    925. 

  925. 				if ($cr) 
    926. 

  926. 					$b[] = "<a href='".$_full_uri."/index.php?$sid".$this->getinfo."&amp;replyto=".$this->id."&amp;action=site&amp;discuss=reply#reply'>reply</a>\n";
    927. 

  927. 					
    928. 

  928. 				if ($o || ($_SESSION[auser] == $this->authoruname && !$this->dbcount())) 
    929. 

  929. 					$b[] = "| <a href='".$_full_uri."/index.php?$sid".$this->getinfo."&amp;action=site&amp;discuss=del&amp;id=".$this->id."'>delete</a>\n";
    930. 

  930. 					
    931. 

  931. 				if ($_SESSION[auser] == $this->authoruname && !$this->dbcount()) 
    932. 

  932. 					$b[] = " | <a href='".$_full_uri."/index.php?$sid".$this->getinfo."&amp;id=".$this->id."&amp;action=site&amp;discuss=edit#".$this->id."'>edit</a>\n";
    933. 

  933. 					
    934. 

  934. 				if ($o) 
    935. 

  935. 					$ratelink = "<a href='".$_full_uri."/index.php?$sid".$this->getinfo."&amp;id=".$this->id."&amp;action=site&amp;discuss=rate#".$this->id."'>rate</a>\n";
    936. 

  936. 			}
    937. 

  937. 			
    938. 

  938. 			/******************************************************************************
    939. 

  939. 			 * if there are dicussion actions (reply | del | edit | rate) then print 
    940. 

  940. 			 ******************************************************************************/
    941. 

  941. 	
    942. 

  942. 			if ($a != "" || count($b)) {
    943. 

  943. 				$c = '';
    944. 

  944. 				if (count($b)) $c .= implode(" ",$b);
    945. 

  945. 				
    946. 

  946. 				/******************************************************************************
    947. 

  947. 				 * discussion post header info (subject=$s, author and timestamp=$a, options=$c)
    948. 

  948. 				 ******************************************************************************/
    949. 

  949. 				//printc ("<table width='100%' cellspacing='0px'>\n"); 
    950. 

  950. 				printc ("\n<td class='dheader3'>\n");
    951. 

  951. 				
    952. 

  952. 				printc ("<table width='100%' cellspacing='0px'>\n");
    953. 

  953. 				printc ("<tr><td align='left'>\n");
    954. 

  954. 				printc ("<span class='subject'>\n");
    955. 

  955. 				// subject
    956. 

  956. 				printc ($s);
    957. 

  957. 				// rating
    958. 

  958. 				if ($this->rating !== NULL) 
    959. 

  959. 					printc (" (Rating: ".$this->rating.")");
    960. 

  960. 				printc ("</span></td>\n");
    961. 

  961. 				// link for rating
    962. 

  962. 				printc ("<td align='right'>$ratelink</td>\n");
    963. 

  963. 				printc ("</tr><tr>\n");
    964. 

  964. 

  965. 				printc ("<td>$a\n");
    966. 

  966. 				printc ("</td>\n");						
    967. 

  967. 				printc ("<td align='right' valign='bottom'>$c</td>"); 					
    968. 

  968. 

  969. 				printc("</tr>\n</table>\n");
    970. 

  970. 				
    971. 

  971. 			/******************************************************************************
    972. 

  972. 			 * if there are no dicussion actions (rely | del | edit | rate) then 
    973. 

  973. 			 * print subject only
    974. 

  974. 			 ******************************************************************************/
    975. 

  975. 				
    976. 

  976. 			} else printc ($s);
    977. 

  977. 			
    978. 

  978. 			printc ("</td></tr>");
    979. 

  979. 		
    980. 

  980. 			/******************************************************************************
    981. 

  981. 			 * 	print discussion post content
    982. 

  982. 			 ******************************************************************************/
    983. 

  983. 			if ($this->opt("showcontent")) {
    984. 

  984. 				printc ("<tr><td class='dtext'>");
    985. 

  985. 				
    986. 

  986. 				if ($this->media_tag) {
    987. 

  987. 					
    988. 

  988. 					$media_link = "<a href='".$uploadurl."/".$_REQUEST[site]."/".$this->media_tag."' target='media'>".$this->media_tag."</a>\n";					
    989. 

  989. 					$mediaRow[media_tag] = $this->media_tag;
    990. 

  990. 					$mediaRow[slot_name] = $_REQUEST[site];
    991. 

  991. 					$mediaRow[media_size] = $this->media_size;
    992. 

  992. 

  993. 					$audioplayer = printMediaPlayer($mediaRow);
    994. 

  994. 					$downloadlink = printDownloadLink($mediaRow);
    995. 

  995. //					$citation = printCitation($mediaRow);
    996. 

  996. 					
    997. 

  997. 					// if attached file is an .mp3 print out audio player
    998. 

  998. 					if ($audioplayer) {
    999. 

  999. 						printc ("<table width='100%' cellpadding='2' border='0'>");
    1000. 

  1000. 						printc ("<tr><td>");
    1001. 

  1001. 						printc ($downloadlink."\n");
    1002. 

  1002. 						printc ($audioplayer."\n");
    1003. 

  1003. 						
    1004. 

  1004. //						printc ("<div style='clear: left; font-size: smaller; margin-bottom: 10px; '>");
    1005. 

  1005. //						printc ($citation."\n");
    1006. 

  1006. //						printc ("</div>");
    1007. 

  1007. 						
    1008. 

  1008. 						printc ("</td></tr>");
    1009. 

  1009. 						printc ("</table>");
    1010. 

  1010. 									
    1011. 

  1011. 					// if attached file not .mp3 print out download link only
    1012. 

  1012. 					} else {
    1013. 

  1013. 						printc ("<table width='100%' cellpadding='2' border='0'>");
    1014. 

  1014. 						printc ("<tr><td>");
    1015. 

  1015. 						printc ("<div style='clear: left; float: left; '>$media_link</div>\n");
    1016. 

  1016. 						printc ($downloadlink."\n");
    1017. 

  1017. 						printc ("</td></tr>");
    1018. 

  1018. 						printc ("</table>");
    1019. 

  1019. 					}
    1020. 

  1020. 				}
    1021. 

  1021. 				
    1022. 

  1022. 				$content = convertTagsToInteralLinks ($_REQUEST[site], stripslashes($this->content));
    1023. 

  1023. 				$wikiResolver =& WikiResolver::instance();
    1024. 

  1024. 				$content = $wikiResolver->parseText($content, $_REQUEST[site], $_REQUEST[section],$_REQUEST[page]);
    1025. 

  1025. 				printc ("<div style='clear: both;'>\n");
    1026. 

  1026. 				printc($content);
    1027. 

  1027. 				printc ("</div>\n");
    1028. 

  1028. 				
    1029. 

  1029. 				//printc ("- [ $c]</td></tr>\n");
    1030. 

  1030. 				//printc ("<tr><td align='right'>$c</td></tr>\n"); 
    1031. 

  1031. 			}
    1032. 

  1032. 			// done
    1033. 

  1033. 			
    1034. 

  1034. 			// now check if we're replying to this post
    1035. 

  1035. 			if ($_REQUEST['discuss'] == 'reply' && $_REQUEST['replyto'] == $this->id) $this->_outputform('reply');
    1036. 

  1036. 			//if ($_REQUEST['discuss'] == 'rate' && $_REQUEST['replyto'] == $this->id) $this->_outputform('rate');
    1037. 

  1037. 			
    1038. 

  1038. 			printc ("</td></tr>");
    1039. 

  1039. 		}
    1040. 

  1040. 	}
    1041. 

  1041. 	
    1042. 

  1042. /******************************************************************************
    1043. 

  1043.  * Emails site owner discussion posts
    1044. 

  1044.  ******************************************************************************/
    1045. 

  1045. 

  1046. 	function sendemail($newid=0,$emaillist=0) {
    1047. 

  1047. 		global $sid,$error;
    1048. 

  1048. 		global $_full_uri;
    1049. 

  1049. 		//printpre("email sending...");
    1050. 

  1050. 		//$script = $_SERVER['SCRIPT_NAME'];
    1051. 

  1051. 		$site =& new site($_REQUEST[site]);
    1052. 

  1052. 		$siteowneremail = $site->owneremail;
    1053. 

  1053. 		$siteownerfname = $site->ownerfname;
    1054. 

  1054. 		$sitetitle = $site->title;
    1055. 

  1055. 		
    1056. 

  1056. 		$pageObj =& new page($_REQUEST[site],$_REQUEST[section],$_REQUEST[page], $sectionObj);
    1057. 

  1057. 		$pagetitle = $pageObj->getField('title');		
    1058. 

  1058. 		$storyObj =& new story($_REQUEST[site],$_REQUEST[section],$_REQUEST[page],$_REQUEST[story], $pageObj);
    1059. 

  1059. 		$storytext = $storyObj->getField('shorttext');
    1060. 

  1060. 		
    1061. 

  1061. 		// send an email to the siteowner
    1062. 

  1062. 		$html = 1;
    1063. 

  1063. 		$emaillist = array();
    1064. 

  1064. 		$subject = "Segue: ".$_REQUEST['subject'];
    1065. 

  1065. 		
    1066. 

  1066. 		$to = $siteownerfname."<".$siteowneremail.">\n";
    1067. 

  1067. 		//$to = $siteowneremail;
    1068. 

  1068. 		if ($html == 1) {
    1069. 

  1069. 			$from = $_SESSION['afname']."<".$_SESSION['aemail'].">\nContent-Type: text/html\n";
    1070. 

  1070. 		} else {
    1071. 

  1071. 			$from = $_SESSION['afname']."<".$_SESSION['aemail'].">\n";
    1072. 

  1072. 		}
    1073. 

  1073. 		$discussurl = "/index.php?$sid&amp;action=site&amp;site=".$_REQUEST['site']."&amp;section=".$_REQUEST['section']."&amp;page=".$_REQUEST['page']."&amp;story=".$_REQUEST['story']."&amp;detail=".$_REQUEST['detail']."#".$newid;
    1074. 

  1074. 

  1075. 		if ($html == 1) {
    1076. 

  1076. 			$body = $siteownerfname.", There has been a discussion posting from the following Segue site:<br />\n";			
    1077. 

  1077. 			$body .= "<a href='".$_full_uri.$discussurl."'>".$sitetitle." > ".$pagetitle."</a><br /><br />\n";			
    1078. 

  1078. 			$body .= "<table cellpadding='0' cellspacing='0' border='0'>";
    1079. 

  1079. 			$body .= "<tr><td>subject: </td><td>".$_REQUEST['subject']."</td></tr>\n";
    1080. 

  1080. 			$body .= "<tr><td>author: </td><td>".$_SESSION['afname']."</td></tr></table><br />\n";
    1081. 

  1081. 			$body .= $_REQUEST['content']."<br /><br />\n";
    1082. 

  1082. 			$body .= "For complete discussion, see:<br />";
    1083. 

  1083. 			$body .= "<a href='".$_full_uri.$discussurl."'>".$sitetitle." > ".$pagetitle."</a><br /><br />\n";			
    1084. 

  1084. 		} else {
    1085. 

  1085. 			$body = "site: ".$sitetitle."\n";
    1086. 

  1086. 			//$body .= "topic: ".$this->story."\n";	
    1087. 

  1087. 			$body .= "subject: ".$_REQUEST['subject']."\n";		
    1088. 

  1088. 			$body .= "author: ".$_SESSION['afname']."\n";
    1089. 

  1089. 			$body .= $_REQUEST['content']."\n\n";
    1090. 

  1090. 			$body .= "For complete discussion, see:\n";
    1091. 

  1091. 			$discussurl2 = "/index.php?$sid&amp;action=site&amp;site=".$_REQUEST['site']."&amp;section=".$_REQUEST['section']."&amp;page=".$_REQUEST['page']."&amp;story=".$_REQUEST['story']."&amp;detail=".$_REQUEST['detail']."#".$newid;
    1092. 

  1092. 			$body .= $_full_uri.$discussurl2."\n";
    1093. 

  1093. 		}
    1094. 

  1094. 		
    1095. 

  1095. 		// send it!
    1096. 

  1096. 		if (!mail($to,$subject,$body,"From: $from"))
    1097. 

  1097. 			print "ERROR: Sending message, '$subject', to '$to' failed.";
    1098. 

  1098. 	}
    1099. 

  1099. 		
    1100. 

  1100. }
    1101. 

  1101. 

  1102. 

  1103. 

  1104.