diff --git a/e107_plugins/forum/forum_class.php b/e107_plugins/forum/forum_class.php
index 0f81a11e9d..41c101e85c 100644
--- a/e107_plugins/forum/forum_class.php
+++ b/e107_plugins/forum/forum_class.php
@@ -366,32 +366,139 @@ public function ajaxTrack()
exit;
}
-
-
+
+
+ /**
+ * Allow a user to delete their own post, if it is the last post in the thread.
+ */
+ function usersLastPostDeletion()
+ {
+ $ret = array('hide' => false, 'msg' => LAN_FORUM_7008, 'status' => 'error');
+ $actionAllowed = false;
+
+ if (isset($_POST['post']) && is_numeric($_POST['post']))
+ {
+ $postId = intval($_POST['post']);
+ $sql = e107::getDb();
+ $query = "SELECT fp.post_user
+ FROM #forum_post AS fp
+ WHERE fp.post_id = ". $postId;
+ if ($sql->gen($query) > 0)
+ {
+ $row = $sql->fetch();
+ if (USERID == $row['post_user']) $actionAllowed = true;
+ }
+ }
+
+ if ($actionAllowed && $_POST['action'] == 'deletepost')
+ {
+ if ($this->postDelete($postId))
+ {
+ $ret['msg'] = ''.LAN_FORUM_8021.' #'.$postId;
+ $ret['hide'] = true;
+ $ret['status'] = 'ok';
+ }
+ else
+ {
+ $ret['msg'] = "".LAN_FORUM_8021." #".$postId;
+ $ret['status'] = 'error';
+ }
+ }
+ echo json_encode($ret);
+ exit();
+ }
+
+
+ /**
+ * get user ids with moderator permissions for the given $postId
+ * @param $postId id of a forum post
+ * @return an array with user ids how have moderator permissions for the $postId
+ */
+ public function getModeratorUserIdsByPostId($postId)
+ {
+ $sql = e107::getDb();
+ $query = "SELECT f.forum_moderators
+ FROM #forum AS f
+ INNER JOIN #forum_thread AS ft ON f.forum_id = ft.thread_forum_id
+ INNER JOIN #forum_post AS fp ON ft.thread_id = fp.post_thread
+ WHERE fp.post_id = ". $postId;
+ if ($sql->gen($query) > 0)
+ {
+ $row = $sql->fetch();
+ return array_keys($this->forumGetMods($row['forum_moderators']));
+ }
+ return array();
+ }
+
+
+ /**
+ * get user ids with moderator permissions for the given $threadId
+ * @param $threadId id of a forum thread
+ * @return an array with user ids how have moderator permissions for the $threadId
+ */
+ public function getModeratorUserIdsByThreadId($threadId)
+ {
+ // get moderator-class for the thread to check permissions of the user
+ $sql = e107::getDb();
+ $query = "SELECT f.forum_moderators
+ FROM #forum AS f
+ INNER JOIN #forum_thread AS ft ON f.forum_id = ft.thread_forum_id
+ WHERE ft.thread_id = ". $threadId;
+ if ($sql->gen($query) > 0)
+ {
+ $row = $sql->fetch();
+ return array_keys($this->forumGetMods($row['forum_moderators']));
+ }
+ return array();
+ }
+
+
+ /**
+ * get user ids with moderator permissions for the given $forumId
+ * @param $forumId id of a forum
+ * @return an array with user ids how have moderator permissions for the $forumId
+ */
+ public function getModeratorUserIdsByForumId($forumId)
+ {
+ // get moderator-class for the thread to check permissions of the user
+ $sql = e107::getDb();
+ $query = "SELECT f.forum_moderators
+ FROM #forum AS f
+ WHERE f.forum_id = ". $forumId;
+ if ($sql->gen($query) > 0)
+ {
+ $row = $sql->fetch();
+ return array_keys($this->forumGetMods($row['forum_moderators']));
+ }
+ return array();
+ }
+
+
public function ajaxModerate()
{
$ret = array('hide' => false, 'msg' => 'unkown', 'status' => 'error');
- $modArray = array();
+ $moderatorUserIds = array();
- // get moderator-class for the thread to check permissions of the user
- if (isset($_POST['thread']))
+ if (isset($_POST['thread']) && is_numeric($_POST['thread']))
{
$threadId = intval($_POST['thread']);
+ $moderatorUserIds = $this->getModeratorUserIdsByThreadId($threadId);
+ }
- $sql = e107::getDb();
- $query = "SELECT f.forum_moderators
- FROM #forum AS f
- INNER JOIN #forum_thread AS ft ON f.forum_id = ft.thread_forum_id
- WHERE ft.thread_id = ". $threadId;
- $sql->gen($query);
- $row = $sql->fetch();
- $modArray = $this->forumGetMods($row[forum_moderators]);
+ /* If both, a thread-operation and a post-operation is submitted, the
+ * thread-permissions MUST be overwritten by the post-permissions!
+ * Otherwise it is possible that a moderator can transfer his
+ * permissions from one forum to another forum, where he has no permissions. */
+ if (isset($_POST['post']) && is_numeric($_POST['post']))
+ {
+ $postId = intval($_POST['post']);
+ $moderatorUserIds = $this->getModeratorUserIdsByPostId($postId);
}
// Check if user has moderator permissions for this thread
- if(!in_array(USERID, array_keys($modArray)))
+ if(!in_array(USERID, $moderatorUserIds))
{
- $ret['msg'] = ''.LAN_FORUM_8030.' '. json_encode($_POST);
+ $ret['msg'] = ''.LAN_FORUM_8030.'';
$ret['hide'] = false;
$ret['status'] = 'error';
}
@@ -414,7 +521,7 @@ public function ajaxModerate()
break;
case 'deletepost':
- if(!$postId = vartrue($_POST['post']))
+ if(!$postId)
{
// echo "No Post";
// exit;
@@ -2420,27 +2527,24 @@ function threadDelete($threadId, $updateForumLastpost = true)
* Delete a Post
* @param $postId integer
* @param $updateCounts boolean
- *
+ * @return "null" if this post does not exist, "true" if post could deleted, otherwise "false"
*/
function postDelete($postId, $updateCounts = true)
{
$postId = (int)$postId;
- $e107 = e107::getInstance();
+
$sql = e107::getDb();
$deleted = false;
$postInfo = $sql->retrieve('forum_post', '*', 'post_id = '.$postId);
- //if(!$sql->select('forum_post', '*', 'post_id = '.$postId))
+
if(!is_array($postInfo) || empty($postInfo))
{
- echo 'NOT FOUND!'; return;
+ return null;
}
-
-
- $row = $sql->fetch();
//delete attachments if they exist
- if($row['post_attachments'])
+ if($postInfo['post_attachments'])
{
$this->postDeleteAttachments('post', $postId);
}
@@ -2456,24 +2560,24 @@ function postDelete($postId, $updateCounts = true)
if($updateCounts)
{
// decrement user post counts
- if ($row['post_user'])
+ if ($postInfo['post_user'])
{
- $sql->update('user_extended', 'user_plugin_forum_posts=GREATEST(user_plugin_forum_posts-1,0) WHERE user_extended_id='.$row['post_user']);
+ $sql->update('user_extended', 'user_plugin_forum_posts=GREATEST(user_plugin_forum_posts-1,0) WHERE user_extended_id='.$postInfo['post_user']);
}
// update thread with correct reply counts
- $sql->update('forum_thread', "thread_total_replies=GREATEST(thread_total_replies-1,0) WHERE thread_id=".$row['post_thread']);
+ $sql->update('forum_thread', "thread_total_replies=GREATEST(thread_total_replies-1,0) WHERE thread_id=".$postInfo['post_thread']);
// update forum with correct thread/reply counts
- $sql->update('forum', "forum_replies=GREATEST(forum_replies-1,0) WHERE forum_id=".$row['post_forum']);
+ $sql->update('forum', "forum_replies=GREATEST(forum_replies-1,0) WHERE forum_id=".$postInfo['post_forum']);
// update thread lastpost info
- $this->forumUpdateLastpost('thread', $row['post_thread']);
+ $this->forumUpdateLastpost('thread', $postInfo['post_thread']);
// update forum lastpost info
- $this->forumUpdateLastpost('forum', $row['post_forum']);
+ $this->forumUpdateLastpost('forum', $postInfo['post_forum']);
}
- return $deleted; // return boolean. $threadInfo['thread_total_replies'];
+ return $deleted;
}
diff --git a/e107_plugins/forum/forum_post.php b/e107_plugins/forum/forum_post.php
index e9f58c1de6..8fc08480d3 100644
--- a/e107_plugins/forum/forum_post.php
+++ b/e107_plugins/forum/forum_post.php
@@ -66,8 +66,9 @@ function __construct()
$this->id = (int) $_GET['id']; // forum thread/topic id.
$this->post = (int) $_GET['post']; // post ID if needed.
- define('MODERATOR', USER && $this->forumObj->isModerator(USERID));
+ $moderatorUserIds = $forum->getModeratorUserIdsByPostId($this->post);
+ define('MODERATOR', (USER && in_array(USERID, $moderatorUserIds)));
$this->data = $this->processGet();
diff --git a/e107_plugins/forum/forum_viewforum.php b/e107_plugins/forum/forum_viewforum.php
index e74993d98a..5e5dc75cae 100644
--- a/e107_plugins/forum/forum_viewforum.php
+++ b/e107_plugins/forum/forum_viewforum.php
@@ -200,21 +200,15 @@
), 250, '...'));
}
-//define('MODERATOR', $forum_info['forum_moderators'] != '' && check_class($forum_info['forum_moderators']));
-//$modArray = $forum->forum_getmods($forum_info['forum_moderators']);
+$moderatorUserIds = $forum->getModeratorUserIdsByForumId($forumId);
+define('MODERATOR', (USER && in_array(USERID, $moderatorUserIds)));
-// $thread???
-$modArray = $forum->forumGetMods($thread->forum_info['forum_moderators']);
-define('MODERATOR', (USER && is_array($modArray) && in_array(USERID, array_keys($modArray))));
-
-//----$message = '';
if (MODERATOR)
{
if ($_POST)
{
require_once(e_PLUGIN.'forum/forum_mod.php');
-//-- $message = forum_thread_moderate($_POST);
- $forumSCvars['message']=forum_thread_moderate($_POST);
+ $forumSCvars['message'] = forum_thread_moderate($_POST);
}
}
diff --git a/e107_plugins/forum/forum_viewtopic.php b/e107_plugins/forum/forum_viewtopic.php
index 85d5e5cacc..57eb63827e 100644
--- a/e107_plugins/forum/forum_viewtopic.php
+++ b/e107_plugins/forum/forum_viewtopic.php
@@ -69,9 +69,27 @@
exit;
}
+if (isset($_GET['last']))
+{
+ $_GET['f'] = 'last';
+}
+
+if(isset($_GET['f']) && $_GET['f'] == 'post')
+{
+ $thread->processFunction();
+}
+
+$thread->init();
+
+
+/* Check if use has moderator permissions for this thread */
+$moderatorUserIds = $forum->getModeratorUserIdsByThreadId($thread->threadInfo['thread_id']);
+define('MODERATOR', (USER && in_array(USERID, $moderatorUserIds)));
+
+
if(e_AJAX_REQUEST)
{
- if(varset($_POST['action']) == 'quickreply')
+ if(varset($_POST['action']) == 'quickreply')
{
$forum->ajaxQuickReply();
}
@@ -85,22 +103,12 @@
{
$forum->ajaxModerate();
}
-
-}
-
-
-if (isset($_GET['last']))
-{
- $_GET['f'] = 'last';
-}
-
-if(isset($_GET['f']) && $_GET['f'] == 'post')
-{
- $thread->processFunction();
+ else if(varset($_POST['action']) == 'deletepost')
+ {
+ $forum->usersLastPostDeletion();
+ }
}
-$thread->init();
-
/*
if(isset($_POST['track_toggle']))
@@ -142,8 +150,9 @@
}
define('e_PAGETITLE', strip_tags($tp->toHTML($thread->threadInfo['thread_name'], true, 'no_hook, emotes_off')).' / '.$tp->toHTML($thread->threadInfo['forum_name'], true, 'no_hook, emotes_off').' / '.LAN_FORUM_1001);
+
$forum->modArray = $forum->forumGetMods($thread->threadInfo['forum_moderators']);
-define('MODERATOR', (USER && $forum->isModerator(USERID)));
+
e107::getScBatch('view', 'forum')->setScVar('forum', $forum);
//var_dump(e107::getScBatch('forum', 'forum'));
@@ -481,6 +490,8 @@ function forumbuttons($thread)
$sc->wrapper('forum_viewtopic/end');
$forend = $tp->parseTemplate($FORUMEND, true, $sc);
+$lastPostDetectionCounter = count($postList);
+$sc->setScVar('thisIsTheLastPost', false);
foreach ($postList as $c => $postInfo)
{
@@ -490,6 +501,9 @@ function forumbuttons($thread)
}
$loop_uid = (int)$postInfo['post_user'];
+ $lastPostDetectionCounter--;
+ if ($lastPostDetectionCounter == 0) $sc->setScVar('thisIsTheLastPost', true);
+
//---- Orphan $tnum????
$tnum = $i;
diff --git a/e107_plugins/forum/shortcodes/batch/view_shortcodes.php b/e107_plugins/forum/shortcodes/batch/view_shortcodes.php
index 956f7db93c..079e497db3 100644
--- a/e107_plugins/forum/shortcodes/batch/view_shortcodes.php
+++ b/e107_plugins/forum/shortcodes/batch/view_shortcodes.php
@@ -859,6 +859,17 @@ function sc_postoptions()
}
+ // Delete own post, if it is the last in the thread
+ if($this->thisIsTheLastPost && USER && $this->thread->threadInfo['thread_lastuser'] == USERID)
+ {
+ /* only show delete button when post is not the initial post of the topic
+ * AND if this post is the last post in the thread */
+ if($this->thread->threadInfo['thread_active'] && empty($this->postInfo['thread_start']) )
+ {
+ $text .= "" . LAN_DELETE . " " . $tp->toGlyph('trash') . "";
+ }
+ }
+
if($this->forum->checkperm($this->postInfo['post_forum'], 'post'))
{
$url = e107::url('forum', 'post') . "?f=quote&id=" . $this->postInfo['post_thread'] . "&post=" . $this->postInfo['post_id'];
@@ -889,7 +900,7 @@ function sc_postoptions()
// if(!$this->forum->threadDetermineInitialPost($this->postInfo['post_id']))
if(empty($this->postInfo['thread_start']))
{
- $text .= "" . LAN_DELETE . " " . $tp->toGlyph('trash') . "";
+ $text .= "" . LAN_DELETE . " " . $tp->toGlyph('trash') . "";
}
if($type == 'thread')
diff --git a/e107_plugins/forum/shortcodes/batch/viewforum_shortcodes.php b/e107_plugins/forum/shortcodes/batch/viewforum_shortcodes.php
index b0d60be223..e869e3b22c 100644
--- a/e107_plugins/forum/shortcodes/batch/viewforum_shortcodes.php
+++ b/e107_plugins/forum/shortcodes/batch/viewforum_shortcodes.php
@@ -971,18 +971,18 @@ function sc_admin_icons()
function sc_adminoptions()
{
- /*--
- if(!deftrue('BOOTSTRAP'))
- {
- return $this->sc_admin_icons;
- }
- if (MODERATOR)
- {
- return fadminoptions($this->var);
- }
- return '';
- --*/
- return (!deftrue('BOOTSTRAP') ? $this->sc_admin_icons() : ((MODERATOR) ? fadminoptions($this->var) : ''));
+ if(!deftrue('BOOTSTRAP'))
+ {
+ return $this->sc_admin_icons();
+ }
+ else if (MODERATOR)
+ {
+ return fadminoptions($this->var);
+ }
+ else
+ {
+ return '';
+ }
}