diff --git a/system/pages/forum/admin.php b/system/pages/forum/admin.php index d8a73eb3..6e35bba5 100644 --- a/system/pages/forum/admin.php +++ b/system/pages/forum/admin.php @@ -13,90 +13,107 @@ use MyAAC\Forum; defined('MYAAC') or exit('Direct access not allowed!'); -$canEdit = Forum::isModerator(); -if($canEdit) { - $groups = new OTS_Groups_List(); +if(!$canEdit) { + return; +} - if(!empty($action)) { - if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') - $id = $_REQUEST['id']; +$groupsList = new OTS_Groups_List(); +$groups = [ + ['id' => 0, 'name' => 'Guest'], +]; - if(isset($_REQUEST['access'])) { - $access = $_REQUEST['access']; - } +foreach ($groupsList as $group) { + $groups[] = [ + 'id' => $group->getId(), + 'name' => $group->getName() + ]; +} - if(isset($_REQUEST['guild'])) { - $guild = $_REQUEST['guild']; - } +if(!empty($action)) { + if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') + $id = $_REQUEST['id']; - if(isset($_REQUEST['name'])) { - $name = $_REQUEST['name']; - } - - if(isset($_REQUEST['description'])) { - $description = stripslashes($_REQUEST['description']); - } - - $errors = []; - - if($action == 'add_board') { - if(Forum::add_board($name, $description, $access, $guild, $errors)) { - $action = $name = $description = ''; - } - } - else if($action == 'delete_board') { - Forum::delete_board($id, $errors); - $action = ''; - } - else if($action == 'edit_board') - { - if(isset($id) && !isset($name)) { - $board = Forum::get_board($id); - $name = $board['name']; - $access = $board['access']; - $guild = $board['guild']; - $description = $board['description']; - } - else { - Forum::update_board($id, $name, $access, $guild, $description); - $action = $name = $description = ''; - $access = $guild = 0; - } - } - else if($action == 'hide_board') { - Forum::toggleHide_board($id, $errors); - $action = ''; - } - else if($action == 'moveup_board') { - Forum::move_board($id, -1, $errors); - $action = ''; - } - else if($action == 'movedown_board') { - Forum::move_board($id, 1, $errors); - $action = ''; - } - - if(!empty($errors)) { - $twig->display('error_box.html.twig', array('errors' => $errors)); - $action = ''; - } + if(isset($_REQUEST['access'])) { + $access = $_REQUEST['access']; } - if(empty($action) || $action == 'edit_board') { - $guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll(); - $twig->display('forum.add_board.html.twig', array( - 'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')), - 'action' => $action, - 'id' => isset($id) ? $id : null, - 'name' => isset($name) ? $name : null, - 'description' => isset($description) ? $description : null, - 'access' => isset($access) ? $access : 0, - 'guild' => isset($guild) ? $guild : null, - 'groups' => $groups, - 'guilds' => $guilds - )); + if(isset($_REQUEST['guild'])) { + $guild = $_REQUEST['guild']; + } - if($action == 'edit_board') - $action = ''; + if(isset($_REQUEST['name'])) { + $name = $_REQUEST['name']; + } + + if(isset($_REQUEST['description'])) { + $description = stripslashes($_REQUEST['description']); + } + + $errors = []; + + if($action == 'add_board') { + if(Forum::add_board($name, $description, $access, $guild, $errors)) { + $action = $name = $description = ''; + header('Location: ' . getLink('forum')); + } + } + else if($action == 'delete_board') { + Forum::delete_board($id, $errors); + header('Location: ' . getLink('forum')); + $action = ''; + } + else if($action == 'edit_board') + { + if(isset($id) && !isset($name)) { + $board = Forum::get_board($id); + $name = $board['name']; + $access = $board['access']; + $guild = $board['guild']; + $description = $board['description']; + } + else { + Forum::update_board($id, $name, $access, $guild, $description); + header('Location: ' . getLink('forum')); + $action = $name = $description = ''; + $access = $guild = 0; + } + } + else if($action == 'hide_board') { + Forum::toggleHide_board($id, $errors); + header('Location: ' . getLink('forum')); + $action = ''; + } + else if($action == 'moveup_board') { + Forum::move_board($id, -1, $errors); + header('Location: ' . getLink('forum')); + $action = ''; + } + else if($action == 'movedown_board') { + Forum::move_board($id, 1, $errors); + header('Location: ' . getLink('forum')); + $action = ''; + } + + if(!empty($errors)) { + $twig->display('error_box.html.twig', array('errors' => $errors)); + $action = ''; } } + +if(empty($action) || $action == 'edit_board') { + $guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll(); + $twig->display('forum.add_board.html.twig', array( + 'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')), + 'action' => $action, + 'id' => $id ?? null, + 'name' => $name ?? null, + 'description' => $description ?? null, + 'access' => $access ?? 0, + 'guild' => $guild ?? null, + 'groups' => $groups, + 'guilds' => $guilds + )); + + if($action == 'edit_board') + $action = ''; +} diff --git a/system/pages/forum/base.php b/system/pages/forum/base.php index 8da5b169..2463fa05 100644 --- a/system/pages/forum/base.php +++ b/system/pages/forum/base.php @@ -8,6 +8,9 @@ * @copyright 2021 MyAAC * @link https://my-aac.org */ + +use MyAAC\Forum; + defined('MYAAC') or die('Direct access not allowed!'); $title = 'Forum'; @@ -24,10 +27,7 @@ if(strtolower($forumSetting) != 'site') { return false; } -if(!$logged) { - echo 'You are not logged in. Log in to post on the forum.

'; - return false; -} +$canEdit = Forum::isModerator(); $sections = array(); foreach(getForumBoards() as $section) { diff --git a/system/pages/forum/edit_post.php b/system/pages/forum/edit_post.php index 042081de..bc99d84a 100644 --- a/system/pages/forum/edit_post.php +++ b/system/pages/forum/edit_post.php @@ -18,6 +18,11 @@ if ($ret === false) { return; } +if(!$logged) { + echo 'You are not logged in. Log in to post on the forum.

'; + return; +} + if(Forum::canPost($account_logged)) { $post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false; diff --git a/system/pages/forum/move_thread.php b/system/pages/forum/move_thread.php index a66ddfce..75e9da18 100644 --- a/system/pages/forum/move_thread.php +++ b/system/pages/forum/move_thread.php @@ -18,6 +18,11 @@ if ($ret === false) { return; } +if(!$logged) { + echo 'You are not logged in. Log in to post on the forum.

'; + return; +} + if(!Forum::isModerator()) { echo 'You are not logged in or you are not moderator.'; } diff --git a/system/pages/forum/new_post.php b/system/pages/forum/new_post.php index 9be11343..7a9f35e4 100644 --- a/system/pages/forum/new_post.php +++ b/system/pages/forum/new_post.php @@ -24,7 +24,7 @@ if(!$logged) { $extra_url = '&action=new_post&thread_id=' . $_GET['thread_id']; } - header('Location: ' . BASE_URL . '?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum' . $extra_url)); + echo 'You are not logged in. Log in to post on the forum.

'; return; } diff --git a/system/pages/forum/new_thread.php b/system/pages/forum/new_thread.php index 0ce1270b..dff7da12 100644 --- a/system/pages/forum/new_thread.php +++ b/system/pages/forum/new_thread.php @@ -18,6 +18,16 @@ if ($ret === false) { return; } +if(!$logged) { + $extra_url = ''; + if(isset($_GET['section_id'])) { + $extra_url = '&action=new_thread§ion_id=' . $_GET['section_id']; + } + + echo 'You are not logged in. Log in to post on the forum.

'; + return; +} + if(Forum::canPost($account_logged)) { $players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll(); $section_id = $_REQUEST['section_id'] ?? null; diff --git a/system/pages/forum/remove_post.php b/system/pages/forum/remove_post.php index 73535eae..d4926099 100644 --- a/system/pages/forum/remove_post.php +++ b/system/pages/forum/remove_post.php @@ -18,6 +18,11 @@ if ($ret === false) { return; } +if(!$logged) { + echo 'You are not logged in. Log in to post on the forum.

'; + return; +} + if(Forum::isModerator()) { $id = (int) $_REQUEST['id']; $post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch(); diff --git a/system/templates/forum.add_board.html.twig b/system/templates/forum.add_board.html.twig index 2dbfe963..39f39688 100644 --- a/system/templates/forum.add_board.html.twig +++ b/system/templates/forum.add_board.html.twig @@ -22,7 +22,7 @@ diff --git a/system/templates/forum.move_thread.html.twig b/system/templates/forum.move_thread.html.twig index 4a5981b2..be62d9c7 100644 --- a/system/templates/forum.move_thread.html.twig +++ b/system/templates/forum.move_thread.html.twig @@ -24,7 +24,7 @@ -
+ {{ csrf() }}