diff --git a/system/pages/forum/admin.php b/system/pages/forum/admin.php
index d8a73eb3..6e35bba5 100644
--- a/system/pages/forum/admin.php
+++ b/system/pages/forum/admin.php
@@ -13,90 +13,107 @@ use MyAAC\Forum;
defined('MYAAC') or exit('Direct access not allowed!');
-$canEdit = Forum::isModerator();
-if($canEdit) {
- $groups = new OTS_Groups_List();
+if(!$canEdit) {
+ return;
+}
- if(!empty($action)) {
- if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
- $id = $_REQUEST['id'];
+$groupsList = new OTS_Groups_List();
+$groups = [
+ ['id' => 0, 'name' => 'Guest'],
+];
- if(isset($_REQUEST['access'])) {
- $access = $_REQUEST['access'];
- }
+foreach ($groupsList as $group) {
+ $groups[] = [
+ 'id' => $group->getId(),
+ 'name' => $group->getName()
+ ];
+}
- if(isset($_REQUEST['guild'])) {
- $guild = $_REQUEST['guild'];
- }
+if(!empty($action)) {
+ if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
+ $id = $_REQUEST['id'];
- if(isset($_REQUEST['name'])) {
- $name = $_REQUEST['name'];
- }
-
- if(isset($_REQUEST['description'])) {
- $description = stripslashes($_REQUEST['description']);
- }
-
- $errors = [];
-
- if($action == 'add_board') {
- if(Forum::add_board($name, $description, $access, $guild, $errors)) {
- $action = $name = $description = '';
- }
- }
- else if($action == 'delete_board') {
- Forum::delete_board($id, $errors);
- $action = '';
- }
- else if($action == 'edit_board')
- {
- if(isset($id) && !isset($name)) {
- $board = Forum::get_board($id);
- $name = $board['name'];
- $access = $board['access'];
- $guild = $board['guild'];
- $description = $board['description'];
- }
- else {
- Forum::update_board($id, $name, $access, $guild, $description);
- $action = $name = $description = '';
- $access = $guild = 0;
- }
- }
- else if($action == 'hide_board') {
- Forum::toggleHide_board($id, $errors);
- $action = '';
- }
- else if($action == 'moveup_board') {
- Forum::move_board($id, -1, $errors);
- $action = '';
- }
- else if($action == 'movedown_board') {
- Forum::move_board($id, 1, $errors);
- $action = '';
- }
-
- if(!empty($errors)) {
- $twig->display('error_box.html.twig', array('errors' => $errors));
- $action = '';
- }
+ if(isset($_REQUEST['access'])) {
+ $access = $_REQUEST['access'];
}
- if(empty($action) || $action == 'edit_board') {
- $guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll();
- $twig->display('forum.add_board.html.twig', array(
- 'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')),
- 'action' => $action,
- 'id' => isset($id) ? $id : null,
- 'name' => isset($name) ? $name : null,
- 'description' => isset($description) ? $description : null,
- 'access' => isset($access) ? $access : 0,
- 'guild' => isset($guild) ? $guild : null,
- 'groups' => $groups,
- 'guilds' => $guilds
- ));
+ if(isset($_REQUEST['guild'])) {
+ $guild = $_REQUEST['guild'];
+ }
- if($action == 'edit_board')
- $action = '';
+ if(isset($_REQUEST['name'])) {
+ $name = $_REQUEST['name'];
+ }
+
+ if(isset($_REQUEST['description'])) {
+ $description = stripslashes($_REQUEST['description']);
+ }
+
+ $errors = [];
+
+ if($action == 'add_board') {
+ if(Forum::add_board($name, $description, $access, $guild, $errors)) {
+ $action = $name = $description = '';
+ header('Location: ' . getLink('forum'));
+ }
+ }
+ else if($action == 'delete_board') {
+ Forum::delete_board($id, $errors);
+ header('Location: ' . getLink('forum'));
+ $action = '';
+ }
+ else if($action == 'edit_board')
+ {
+ if(isset($id) && !isset($name)) {
+ $board = Forum::get_board($id);
+ $name = $board['name'];
+ $access = $board['access'];
+ $guild = $board['guild'];
+ $description = $board['description'];
+ }
+ else {
+ Forum::update_board($id, $name, $access, $guild, $description);
+ header('Location: ' . getLink('forum'));
+ $action = $name = $description = '';
+ $access = $guild = 0;
+ }
+ }
+ else if($action == 'hide_board') {
+ Forum::toggleHide_board($id, $errors);
+ header('Location: ' . getLink('forum'));
+ $action = '';
+ }
+ else if($action == 'moveup_board') {
+ Forum::move_board($id, -1, $errors);
+ header('Location: ' . getLink('forum'));
+ $action = '';
+ }
+ else if($action == 'movedown_board') {
+ Forum::move_board($id, 1, $errors);
+ header('Location: ' . getLink('forum'));
+ $action = '';
+ }
+
+ if(!empty($errors)) {
+ $twig->display('error_box.html.twig', array('errors' => $errors));
+ $action = '';
}
}
+
+if(empty($action) || $action == 'edit_board') {
+ $guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll();
+ $twig->display('forum.add_board.html.twig', array(
+ 'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')),
+ 'action' => $action,
+ 'id' => $id ?? null,
+ 'name' => $name ?? null,
+ 'description' => $description ?? null,
+ 'access' => $access ?? 0,
+ 'guild' => $guild ?? null,
+ 'groups' => $groups,
+ 'guilds' => $guilds
+ ));
+
+ if($action == 'edit_board')
+ $action = '';
+}
diff --git a/system/pages/forum/base.php b/system/pages/forum/base.php
index 8da5b169..2463fa05 100644
--- a/system/pages/forum/base.php
+++ b/system/pages/forum/base.php
@@ -8,6 +8,9 @@
* @copyright 2021 MyAAC
* @link https://my-aac.org
*/
+
+use MyAAC\Forum;
+
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Forum';
@@ -24,10 +27,7 @@ if(strtolower($forumSetting) != 'site') {
return false;
}
-if(!$logged) {
- echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
- return false;
-}
+$canEdit = Forum::isModerator();
$sections = array();
foreach(getForumBoards() as $section) {
diff --git a/system/pages/forum/edit_post.php b/system/pages/forum/edit_post.php
index 042081de..bc99d84a 100644
--- a/system/pages/forum/edit_post.php
+++ b/system/pages/forum/edit_post.php
@@ -18,6 +18,11 @@ if ($ret === false) {
return;
}
+if(!$logged) {
+ echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
+ return;
+}
+
if(Forum::canPost($account_logged))
{
$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
diff --git a/system/pages/forum/move_thread.php b/system/pages/forum/move_thread.php
index a66ddfce..75e9da18 100644
--- a/system/pages/forum/move_thread.php
+++ b/system/pages/forum/move_thread.php
@@ -18,6 +18,11 @@ if ($ret === false) {
return;
}
+if(!$logged) {
+ echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
+ return;
+}
+
if(!Forum::isModerator()) {
echo 'You are not logged in or you are not moderator.';
}
diff --git a/system/pages/forum/new_post.php b/system/pages/forum/new_post.php
index 9be11343..7a9f35e4 100644
--- a/system/pages/forum/new_post.php
+++ b/system/pages/forum/new_post.php
@@ -24,7 +24,7 @@ if(!$logged) {
$extra_url = '&action=new_post&thread_id=' . $_GET['thread_id'];
}
- header('Location: ' . BASE_URL . '?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum' . $extra_url));
+ echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum' . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
return;
}
diff --git a/system/pages/forum/new_thread.php b/system/pages/forum/new_thread.php
index 0ce1270b..dff7da12 100644
--- a/system/pages/forum/new_thread.php
+++ b/system/pages/forum/new_thread.php
@@ -18,6 +18,16 @@ if ($ret === false) {
return;
}
+if(!$logged) {
+ $extra_url = '';
+ if(isset($_GET['section_id'])) {
+ $extra_url = '&action=new_thread§ion_id=' . $_GET['section_id'];
+ }
+
+ echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum' . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
+ return;
+}
+
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
$section_id = $_REQUEST['section_id'] ?? null;
diff --git a/system/pages/forum/remove_post.php b/system/pages/forum/remove_post.php
index 73535eae..d4926099 100644
--- a/system/pages/forum/remove_post.php
+++ b/system/pages/forum/remove_post.php
@@ -18,6 +18,11 @@ if ($ret === false) {
return;
}
+if(!$logged) {
+ echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
+ return;
+}
+
if(Forum::isModerator()) {
$id = (int) $_REQUEST['id'];
$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();
diff --git a/system/templates/forum.add_board.html.twig b/system/templates/forum.add_board.html.twig
index 2dbfe963..39f39688 100644
--- a/system/templates/forum.add_board.html.twig
+++ b/system/templates/forum.add_board.html.twig
@@ -22,7 +22,7 @@
<td>
<select name="access">
{% for id, group in groups %}
- <option value="{{ group.getId() }}"{% if access == group.getId() %} selected{% endif %}>{{ group.getName() }}</option>
+ <option value="{{ group.id }}"{% if access == group.id %} selected{% endif %}>{{ group.name }}</option>
{% endfor %}
</select>
</td>
diff --git a/system/templates/forum.move_thread.html.twig b/system/templates/forum.move_thread.html.twig
index 4a5981b2..be62d9c7 100644
--- a/system/templates/forum.move_thread.html.twig
+++ b/system/templates/forum.move_thread.html.twig
@@ -24,7 +24,7 @@
</select>
<input type="submit" value="Move Thread">
</form>
- <form action="{{ section_link }}" method="post">
+ <form action="{{ section_link }}">
{{ csrf() }}
<input type="submit" value="Cancel">
</form>