diff options
-rw-r--r-- | mod/groups/actions/forums/deletetopic.php | 19 | ||||
-rw-r--r-- | mod/groups/actions/forums/editpost.php | 13 |
2 files changed, 12 insertions, 20 deletions
diff --git a/mod/groups/actions/forums/deletetopic.php b/mod/groups/actions/forums/deletetopic.php index 1095fc44a..313e87199 100644 --- a/mod/groups/actions/forums/deletetopic.php +++ b/mod/groups/actions/forums/deletetopic.php @@ -9,34 +9,31 @@ * @copyright Curverider Ltd 2008-2010 * @link http://elgg.org/ */ - - // Make sure we're logged in; forward to the front page if not - if (!isloggedin()) forward(); - // Check the user is a group member $group_entity = get_entity(get_input('group')); - if (!$group_entity->isMember($vars['user'])) forward(); // Get input data $topic_guid = (int) get_input('topic'); $group_guid = (int) get_input('group'); - // Make sure we actually have permission to edit $topic = get_entity($topic_guid); if ($topic->getSubtype() == "groupforumtopic") { - - // Get owning user - // $owner = get_entity($topic->getOwner()); + + // Make sure we actually have permission to edit + if (!$topic->canEdit()) { + register_error(elgg_echo("groupstopic:notdeleted")); + forward(REFERER); + } + // Delete it! $rowsaffected = $topic->delete(); if ($rowsaffected > 0) { // Success message system_message(elgg_echo("groupstopic:deleted")); } else { - system_message(elgg_echo("groupstopic:notdeleted")); + register_error(elgg_echo("groupstopic:notdeleted")); } // Forward to the group forum page - global $CONFIG; $url = $CONFIG->wwwroot . "pg/groups/forum/{$group_guid}/"; forward($url); diff --git a/mod/groups/actions/forums/editpost.php b/mod/groups/actions/forums/editpost.php index d30fad31f..5ce1fac13 100644 --- a/mod/groups/actions/forums/editpost.php +++ b/mod/groups/actions/forums/editpost.php @@ -10,13 +10,9 @@ * @link http://elgg.com/ */ - // Make sure we're logged in (send us to the front page if not) - if (!isloggedin()) forward(); - // Check the user is a group member $group_guid = get_input('group'); $group_entity = get_entity($group_guid); - if (!$group_entity->isMember($vars['user'])) forward(); //get the required variables $post = get_input("post"); @@ -27,25 +23,24 @@ $access_id = $annotation->access_id; $topic = get_input("topic"); - if($annotation){ + if ($annotation) { //can edit? Either the comment owner or admin can - if(groups_can_edit_discussion($annotation, page_owner_entity()->owner_guid)){ + if (groups_can_edit_discussion($annotation, page_owner_entity()->owner_guid)) { update_annotation($post, "group_topic_post", $post_comment, "",$commentOwner, $access_id); system_message(elgg_echo("groups:forumpost:edited")); - }else{ + } else { system_message(elgg_echo("groups:forumpost:error")); } - }else{ + } else { system_message(elgg_echo("groups:forumpost:error")); } // Forward to the group forum page - global $CONFIG; $url = $CONFIG->wwwroot . "mod/groups/topicposts.php?topic={$topic}&group_guid={$group_guid}/"; forward($url); |