<?php
// +----------------------------------------------------------------------+
// | OpenConf |
// +----------------------------------------------------------------------+
// | Copyright (c) 2002-2016 Zakon Group LLC. All Rights Reserved. |
// +----------------------------------------------------------------------+
// | This source file is subject to the OpenConf License, available on |
// | the OpenConf web site: www.OpenConf.com |
// +----------------------------------------------------------------------+
$OC_DISCUSSION_showPosts = 10; // # of latest postings to show
oc_addCSS('oc_discussion.css','oc_discussion');
$hdr = oc_('Post Comment');
require_once 'oc_discussion/validate.inc';
// Post?
$err = '';
if (isset($_POST['oc_discussion_post']) && ($_POST['oc_discussion_post'] == oc_('Post Comment'))) {
$err = array();
if (!preg_match("/\w/", $_POST['oc_discussion_comment'])) {
$err = oC_('Comment needs to include some text');
}
if (empty($err)) {
// add comment
$q = "INSERT INTO `" . OCC_TABLE_MODULE_OC_DISCUSSION_POST . "` SET " .
"`paperid`='" . safeSQLstr($_REQUEST['thread']) . "', " .
"`accountid`='" . safeSQLstr($uid) . "', " .
"`time`='" . safeSQLstr(time()) . "', " .
"`content`='" . safeSQLstr($_POST['oc_discussion_comment']) . "'";
$r = ocsql_query($q) or err('Unable to post comment');
$postid = ocsql_insert_id();
$location = 'http' . ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on')) ? 's' : '') . '://' . safeHTMLstr($_SERVER['SERVER_NAME']) . (ctype_digit($_SERVER['SERVER_PORT']) && (($_SERVER['SERVER_PORT'] != '80')) ? (':' . $_SERVER['SERVER_PORT']) : '') . $_SERVER['PHP_SELF'] . '?module=oc_discussion&action=show_thread.php&thread=' . safeHTMLstr($_REQUEST['thread']) . '&access=2#post' . $postid;
// email notification
$emailAR = array();
// if reviewer access enabled, get reviewers except for one posting
if ($OC_configAR['OC_DISCUSSION_reviewerAccess']) {
$q = "SELECT `" . OCC_TABLE_REVIEWER . "`.`email` FROM `" . OCC_TABLE_REVIEWER . "`, `" . OCC_TABLE_PAPERREVIEWER . "` WHERE `" . OCC_TABLE_PAPERREVIEWER . "`.`paperid`='" . safeSQLstr($_REQUEST['thread']) . "' AND `" . OCC_TABLE_PAPERREVIEWER . "`.`reviewerid`!='" . safeSQLstr($uid) . "' AND `" . OCC_TABLE_PAPERREVIEWER . "`.`reviewerid`=`" . OCC_TABLE_REVIEWER . "`.`reviewerid`";
if ($r = ocsql_query($q)) {
while ($l = ocsql_fetch_assoc($r)) {
$emailAR[] = $l['email'];
}
}
}
// get advocates except for one posting
if ($OC_configAR['OC_paperAdvocates']) {
$q = "SELECT `" . OCC_TABLE_REVIEWER . "`.`email` FROM `" . OCC_TABLE_REVIEWER . "`, `" . OCC_TABLE_PAPERADVOCATE . "` WHERE `" . OCC_TABLE_PAPERADVOCATE . "`.`paperid`='" . safeSQLstr($_REQUEST['thread']) . "' AND `" . OCC_TABLE_PAPERADVOCATE . "`.`advocateid`!='" . safeSQLstr($uid) . "' AND `" . OCC_TABLE_PAPERADVOCATE . "`.`advocateid`=`" . OCC_TABLE_REVIEWER . "`.`reviewerid`";
if ($r = ocsql_query($q)) {
while ($l = ocsql_fetch_assoc($r)) {
if (!in_array($l['email'], $emailAR)) {
$emailAR[] = $l['email'];
}
}
}
}
// get list of reviewers that have requested not to be notified
$emailSkipAR = array();
$q = "SELECT `" . OCC_TABLE_REVIEWER . "`.`email` FROM `" . OCC_TABLE_REVIEWER . "`, `" . OCC_TABLE_MODULE_OC_DISCUSSION_NOTIFICATION . "` WHERE `" . OCC_TABLE_MODULE_OC_DISCUSSION_NOTIFICATION . "`.`notification`=0 AND `" . OCC_TABLE_MODULE_OC_DISCUSSION_NOTIFICATION . "`.`accountid`=`" . OCC_TABLE_REVIEWER . "`.`reviewerid`";
if ($r = ocsql_query($q)) {
while ($l = ocsql_fetch_assoc($r)) {
$emailSkipAR[] = $l['email'];
}
}
// finally send out notification
$subj = '[' . $OC_configAR['OC_confName'] . '] ' . oc_('Discussion Post Notification');
$body = oc_('A new post has been made in the discussion of submission:') . "\n\n" .
$_REQUEST['thread'] . '. ' . $paper['title'] . "\n\n" .
oc_('If you are already signed into OpenConf, you may view and reply to the post at:') . "\n\n" .
$location . "\n\n" .
oc_('Note that if the above web address is broken across multiple lines, you will need to copy/paste into one line.') . "\n\n" .
oc_('The post follows below.') . "\n\n" .
"------------------------------------------------------------------------\n\n" .
$_POST['oc_discussion_comment'] . "\n\n";
if ($OC_configAR['OC_reviewerSeeOtherReviewers']) {
$body .= '- ';
if ($uid == 0) {
$body .= oc_('Chair');
} else {
$body .= $_SESSION[OCC_SESSION_VAR_NAME]['name'];
}
}
foreach ($emailAR as $emailAddress) {
if (!in_array($emailAddress, $emailSkipAR)) {
oc_mail($emailAddress, $subj, $body);
}
}
// redirect
if ($access != 2) {
$location = preg_replace("/access=2/", "access=" . urlencode($access), $location);
}
header('Location: ' . $location);
exit;
}
}
$OC_displayTop = '
<a href="' . $_SERVER['PHP_SELF'] . '?module=oc_discussion&action=list_threads.php&access=' . $access . '">' . oc_('All Threads') . '</a> »
<a href="' . $_SERVER['PHP_SELF'] . '?module=oc_discussion&action=show_thread.php&thread=' . safeHTMLstr($_REQUEST['thread']) . '&access=' . $access . '">' . sprintf(oc_('Submission ID %d Discussion'), safeHTMLstr($_REQUEST['thread'])) . '</a> »
';
printHeader($hdr, $access);
// Display paper info
print '<p class="oc_discussion_paper_info">' . safeHTMLstr($_REQUEST['thread']) . '. ' . safeHTMLstr($paper['title']) . '</p>';
// Error?
if (!empty($err)) {
print '<p class="warn" style="text-align: center">' . safeHTMLstr($err) . '</p>';
}
// Display preview?
if (isset($_POST['oc_discussion_post']) && ($_POST['oc_discussion_post'] != oc_('Post Comment'))) {
print '
<div class="oc_discussion_post">
<div class="oc_discussion_post_header">
<div class="oc_discussion_post_author">' . oc_('Preview Post') . '</div>
</div>
<div class="oc_discussion_post_content">' . nl2br(safeHTMLstr($_POST['oc_discussion_comment'])) . '</div>
</div>
';
}
// Display post form
print '
<form method="post" action="' . OCC_SELF . '">
<div class="oc_discussion_reply">
<div class="oc_discussion_reply_input"><textarea name="oc_discussion_comment" id="oc_discussion_comment" rows="5" cols="60">' . (isset($_POST['oc_discussion_comment']) ? safeHTMLstr($_POST['oc_discussion_comment']) : '') . '</textarea></div>
<div class="oc_discussion_reply_submit"><input type="submit" name="oc_discussion_post" value="' . oc_('Post Comment') . '" /> <input type="submit" name="oc_discussion_post" value="' . oc_('Preview Comment') . '" /></div>
</div>
</form>
';
// Get last 5 posts
$q = "SELECT `" . OCC_TABLE_MODULE_OC_DISCUSSION_POST . "`.*, CONCAT_WS(' ',`" . OCC_TABLE_REVIEWER . "`.`name_first`, `" . OCC_TABLE_REVIEWER . "`.`name_last`) AS `name`, `" . OCC_TABLE_REVIEWER . "`.`email` FROM `" . OCC_TABLE_MODULE_OC_DISCUSSION_POST . "` LEFT JOIN (`" . OCC_TABLE_REVIEWER . "`) ON (`" . OCC_TABLE_MODULE_OC_DISCUSSION_POST . "`.`accountid`=`" . OCC_TABLE_REVIEWER . "`.`reviewerid`) WHERE `" . OCC_TABLE_MODULE_OC_DISCUSSION_POST . "`.`paperid`='" . safeSQLstr($_REQUEST['thread']) . "' ORDER BY `" . OCC_TABLE_MODULE_OC_DISCUSSION_POST . "`.`time` DESC LIMIT " . $OC_DISCUSSION_showPosts;
$r = ocsql_query($q) or err('Unable to retrieve posts');
// Display posts
while ($l = ocsql_fetch_assoc($r)) {
print '
<div class="oc_discussion_post">
<div class="oc_discussion_post_header">
<div class="oc_discussion_post_time">' . oc_strftime('%c',$l['time']) . ' </div>
<div class="oc_discussion_post_author">';
// Chair? - special set up
if (empty($l['accountid']) || ($l['accountid'] == 0)) {
$name = oc_('Chair');
$l['email'] = $OC_configAR['OC_pcemail'];
} elseif ($OC_configAR['OC_reviewerSeeOtherReviewers'] || ($_SESSION[OCC_SESSION_VAR_NAME]['acpc'] == 'T') || isset($_SESSION[OCC_SESSION_VAR_NAME]['chairlast'])) {
$name = $l['name'];
} else {
//T: %d = review/program committee member ID
$name = sprintf(oc_('Member ID %d'), $l['accountid']);
}
print safeHTMLstr($name) . '</div>
</div>
<div class="oc_discussion_post_content">' . nl2br(safeHTMLstr($l['content'])) . '</div>
</div>
';
}
//T: %1$s = UTC offset (e.g., -0400); %2$s = time
print '<div class="oc_discussion_current_time">' . sprintf(oc_('All times are UTC %1$s. The time now is %2$s'), date('O'), oc_strftime('%X')) . '</div>';
printFooter();