aboutsummaryrefslogtreecommitdiff
path: root/mod/groups
diff options
context:
space:
mode:
Diffstat (limited to 'mod/groups')
-rw-r--r--mod/groups/actions/forums/deletetopic.php19
-rw-r--r--mod/groups/actions/forums/editpost.php13
2 files changed, 12 insertions, 20 deletions
diff --git a/mod/groups/actions/forums/deletetopic.php b/mod/groups/actions/forums/deletetopic.php
index 1095fc44a..313e87199 100644
--- a/mod/groups/actions/forums/deletetopic.php
+++ b/mod/groups/actions/forums/deletetopic.php
@@ -9,34 +9,31 @@
* @copyright Curverider Ltd 2008-2010
* @link http://elgg.org/
*/
-
- // Make sure we're logged in; forward to the front page if not
- if (!isloggedin()) forward();
- // Check the user is a group member
$group_entity = get_entity(get_input('group'));
- if (!$group_entity->isMember($vars['user'])) forward();
// Get input data
$topic_guid = (int) get_input('topic');
$group_guid = (int) get_input('group');
- // Make sure we actually have permission to edit
$topic = get_entity($topic_guid);
if ($topic->getSubtype() == "groupforumtopic") {
-
- // Get owning user
- // $owner = get_entity($topic->getOwner());
+
+ // Make sure we actually have permission to edit
+ if (!$topic->canEdit()) {
+ register_error(elgg_echo("groupstopic:notdeleted"));
+ forward(REFERER);
+ }
+
// Delete it!
$rowsaffected = $topic->delete();
if ($rowsaffected > 0) {
// Success message
system_message(elgg_echo("groupstopic:deleted"));
} else {
- system_message(elgg_echo("groupstopic:notdeleted"));
+ register_error(elgg_echo("groupstopic:notdeleted"));
}
// Forward to the group forum page
- global $CONFIG;
$url = $CONFIG->wwwroot . "pg/groups/forum/{$group_guid}/";
forward($url);
diff --git a/mod/groups/actions/forums/editpost.php b/mod/groups/actions/forums/editpost.php
index d30fad31f..5ce1fac13 100644
--- a/mod/groups/actions/forums/editpost.php
+++ b/mod/groups/actions/forums/editpost.php
@@ -10,13 +10,9 @@
* @link http://elgg.com/
*/
- // Make sure we're logged in (send us to the front page if not)
- if (!isloggedin()) forward();
- // Check the user is a group member
$group_guid = get_input('group');
$group_entity = get_entity($group_guid);
- if (!$group_entity->isMember($vars['user'])) forward();
//get the required variables
$post = get_input("post");
@@ -27,25 +23,24 @@
$access_id = $annotation->access_id;
$topic = get_input("topic");
- if($annotation){
+ if ($annotation) {
//can edit? Either the comment owner or admin can
- if(groups_can_edit_discussion($annotation, page_owner_entity()->owner_guid)){
+ if (groups_can_edit_discussion($annotation, page_owner_entity()->owner_guid)) {
update_annotation($post, "group_topic_post", $post_comment, "",$commentOwner, $access_id);
system_message(elgg_echo("groups:forumpost:edited"));
- }else{
+ } else {
system_message(elgg_echo("groups:forumpost:error"));
}
- }else{
+ } else {
system_message(elgg_echo("groups:forumpost:error"));
}
// Forward to the group forum page
- global $CONFIG;
$url = $CONFIG->wwwroot . "mod/groups/topicposts.php?topic={$topic}&group_guid={$group_guid}/";
forward($url);