| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package mcp 5 * @version $Id$ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @ignore 13 */ 14 if (!defined('IN_PHPBB')) 15 { 16 exit; 17 } 18 19 /** 20 * Handling actions in post details screen 21 */ 22 function mcp_post_details($id, $mode, $action) 23 { 24 global $phpEx, $phpbb_root_path, $config; 25 global $template, $db, $user, $auth, $cache; 26 27 $user->add_lang('posting'); 28 29 $post_id = request_var('p', 0); 30 $start = request_var('start', 0); 31 32 // Get post data 33 $post_info = get_post_data(array($post_id), false, true); 34 35 add_form_key('mcp_post_details'); 36 37 if (!sizeof($post_info)) 38 { 39 trigger_error('POST_NOT_EXIST'); 40 } 41 42 $post_info = $post_info[$post_id]; 43 $url = append_sid("{$phpbb_root_path}mcp.$phpEx?" . extra_url()); 44 45 switch ($action) 46 { 47 case 'whois': 48 49 if ($auth->acl_get('m_info', $post_info['forum_id'])) 50 { 51 $ip = request_var('ip', ''); 52 include($phpbb_root_path . 'includes/functions_user.' . $phpEx); 53 54 $template->assign_vars(array( 55 'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&p=$post_id") . '">', '</a>'), 56 'U_RETURN_POST' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&p=$post_id"), 57 'L_RETURN_POST' => sprintf($user->lang['RETURN_POST'], '', ''), 58 'WHOIS' => user_ipwhois($ip), 59 )); 60 } 61 62 // We're done with the whois page so return 63 return; 64 65 break; 66 67 case 'chgposter': 68 case 'chgposter_ip': 69 70 if ($action == 'chgposter') 71 { 72 $username = request_var('username', '', true); 73 $sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; 74 } 75 else 76 { 77 $new_user_id = request_var('u', 0); 78 $sql_where = 'user_id = ' . $new_user_id; 79 } 80 81 $sql = 'SELECT * 82 FROM ' . USERS_TABLE . ' 83 WHERE ' . $sql_where; 84 $result = $db->sql_query($sql); 85 $row = $db->sql_fetchrow($result); 86 $db->sql_freeresult($result); 87 88 if (!$row) 89 { 90 trigger_error('NO_USER'); 91 } 92 93 if ($auth->acl_get('m_chgposter', $post_info['forum_id'])) 94 { 95 if (check_form_key('mcp_post_details')) 96 { 97 change_poster($post_info, $row); 98 } 99 else 100 { 101 trigger_error('FORM_INVALID'); 102 } 103 } 104 105 break; 106 } 107 108 // Set some vars 109 $users_ary = $usernames_ary = array(); 110 $attachments = $extensions = array(); 111 $post_id = $post_info['post_id']; 112 $topic_tracking_info = array(); 113 114 // Get topic tracking info 115 if ($config['load_db_lastread']) 116 { 117 $tmp_topic_data = array($post_info['topic_id'] => $post_info); 118 $topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time'])); 119 unset($tmp_topic_data); 120 } 121 else 122 { 123 $topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']); 124 } 125 126 $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false; 127 128 // Process message, leave it uncensored 129 $message = $post_info['post_text']; 130 131 if ($post_info['bbcode_bitfield']) 132 { 133 include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); 134 $bbcode = new bbcode($post_info['bbcode_bitfield']); 135 $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']); 136 } 137 138 $message = bbcode_nl2br($message); 139 $message = smiley_text($message); 140 141 if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) 142 { 143 $extensions = $cache->obtain_attach_extensions($post_info['forum_id']); 144 145 $sql = 'SELECT * 146 FROM ' . ATTACHMENTS_TABLE . ' 147 WHERE post_msg_id = ' . $post_id . ' 148 AND in_message = 0 149 ORDER BY filetime DESC, post_msg_id ASC'; 150 $result = $db->sql_query($sql); 151 152 while ($row = $db->sql_fetchrow($result)) 153 { 154 $attachments[] = $row; 155 } 156 $db->sql_freeresult($result); 157 158 if (sizeof($attachments)) 159 { 160 $update_count = array(); 161 parse_attachments($post_info['forum_id'], $message, $attachments, $update_count); 162 } 163 164 // Display not already displayed Attachments for this post, we already parsed them. ;) 165 if (!empty($attachments)) 166 { 167 $template->assign_var('S_HAS_ATTACHMENTS', true); 168 169 foreach ($attachments as $attachment) 170 { 171 $template->assign_block_vars('attachment', array( 172 'DISPLAY_ATTACHMENT' => $attachment) 173 ); 174 } 175 } 176 } 177 178 $template->assign_vars(array( 179 'U_MCP_ACTION' => "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters 180 'U_POST_ACTION' => "$url&i=$id&mode=post_details", // Use this for action parameters 181 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"), 182 183 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 184 'S_CAN_CHGPOSTER' => $auth->acl_get('m_chgposter', $post_info['forum_id']), 185 'S_CAN_LOCK_POST' => $auth->acl_get('m_lock', $post_info['forum_id']), 186 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']), 187 188 'S_POST_REPORTED' => ($post_info['post_reported']) ? true : false, 189 'S_POST_UNAPPROVED' => (!$post_info['post_approved']) ? true : false, 190 'S_POST_LOCKED' => ($post_info['post_edit_locked']) ? true : false, 191 'S_USER_NOTES' => true, 192 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, 193 194 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', 195 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp_chgposter&field=username&select_single=true'), 196 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 197 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 198 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), 199 'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', 200 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']), 201 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']), 202 203 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 204 205 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f={$post_info['forum_id']}&p=$post_id") . "#p$post_id\">", '</a>'), 206 'RETURN_FORUM' => sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", "f={$post_info['forum_id']}&start={$start}") . '">', '</a>'), 207 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 208 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 209 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 210 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']), 211 212 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 213 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 214 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 215 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 216 217 'POST_PREVIEW' => $message, 218 'POST_SUBJECT' => $post_info['post_subject'], 219 'POST_DATE' => $user->format_date($post_info['post_time']), 220 'POST_IP' => $post_info['poster_ip'], 221 'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '', 222 'POST_ID' => $post_info['post_id'], 223 224 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '', 225 'U_WHOIS' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '', 226 )); 227 228 // Get User Notes 229 $log_data = array(); 230 $log_count = false; 231 view_log('user', $log_data, $log_count, $config['posts_per_page'], 0, 0, 0, $post_info['user_id']); 232 233 if (!empty($log_data)) 234 { 235 $template->assign_var('S_USER_NOTES', true); 236 237 foreach ($log_data as $row) 238 { 239 $template->assign_block_vars('usernotes', array( 240 'REPORT_BY' => $row['username_full'], 241 'REPORT_AT' => $user->format_date($row['time']), 242 'ACTION' => $row['action'], 243 'ID' => $row['id']) 244 ); 245 } 246 } 247 248 // Get Reports 249 if ($auth->acl_get('m_report', $post_info['forum_id'])) 250 { 251 $sql = 'SELECT r.*, re.*, u.user_id, u.username 252 FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re 253 WHERE r.post_id = $post_id 254 AND r.reason_id = re.reason_id 255 AND u.user_id = r.user_id 256 ORDER BY r.report_time DESC"; 257 $result = $db->sql_query($sql); 258 259 if ($row = $db->sql_fetchrow($result)) 260 { 261 $template->assign_var('S_SHOW_REPORTS', true); 262 263 do 264 { 265 // If the reason is defined within the language file, we will use the localized version, else just use the database entry... 266 if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) 267 { 268 $row['reson_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]; 269 $row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]; 270 } 271 272 $template->assign_block_vars('reports', array( 273 'REPORT_ID' => $row['report_id'], 274 'REASON_TITLE' => $row['reason_title'], 275 'REASON_DESC' => $row['reason_description'], 276 'REPORTER' => ($row['user_id'] != ANONYMOUS) ? $row['username'] : $user->lang['GUEST'], 277 'U_REPORTER' => ($row['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']) : '', 278 'USER_NOTIFY' => ($row['user_notify']) ? true : false, 279 'REPORT_TIME' => $user->format_date($row['report_time']), 280 'REPORT_TEXT' => bbcode_nl2br(trim($row['report_text'])), 281 )); 282 } 283 while ($row = $db->sql_fetchrow($result)); 284 } 285 $db->sql_freeresult($result); 286 } 287 288 // Get IP 289 if ($auth->acl_get('m_info', $post_info['forum_id'])) 290 { 291 $rdns_ip_num = request_var('rdns', ''); 292 293 if ($rdns_ip_num != 'all') 294 { 295 $template->assign_vars(array( 296 'U_LOOKUP_ALL' => "$url&i=main&mode=post_details&rdns=all") 297 ); 298 } 299 300 // Get other users who've posted under this IP 301 $sql = 'SELECT poster_id, COUNT(poster_id) as postings 302 FROM ' . POSTS_TABLE . " 303 WHERE poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "' 304 GROUP BY poster_id 305 ORDER BY postings DESC"; 306 $result = $db->sql_query($sql); 307 308 while ($row = $db->sql_fetchrow($result)) 309 { 310 // Fill the user select list with users who have posted under this IP 311 if ($row['poster_id'] != $post_info['poster_id']) 312 { 313 $users_ary[$row['poster_id']] = $row; 314 } 315 } 316 $db->sql_freeresult($result); 317 318 if (sizeof($users_ary)) 319 { 320 // Get the usernames 321 $sql = 'SELECT user_id, username 322 FROM ' . USERS_TABLE . ' 323 WHERE ' . $db->sql_in_set('user_id', array_keys($users_ary)); 324 $result = $db->sql_query($sql); 325 326 while ($row = $db->sql_fetchrow($result)) 327 { 328 $users_ary[$row['user_id']]['username'] = $row['username']; 329 $usernames_ary[utf8_clean_string($row['username'])] = $users_ary[$row['user_id']]; 330 } 331 $db->sql_freeresult($result); 332 333 foreach ($users_ary as $user_id => $user_row) 334 { 335 $template->assign_block_vars('userrow', array( 336 'USERNAME' => ($user_id == ANONYMOUS) ? $user->lang['GUEST'] : $user_row['username'], 337 'NUM_POSTS' => $user_row['postings'], 338 'L_POST_S' => ($user_row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'], 339 340 'U_PROFILE' => ($user_id == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $user_id), 341 'U_SEARCHPOSTS' => append_sid("{$phpbb_root_path}search.$phpEx", 'author_id=' . $user_id . '&sr=topics')) 342 ); 343 } 344 } 345 346 // Get other IP's this user has posted under 347 348 // A compound index on poster_id, poster_ip (posts table) would help speed up this query a lot, 349 // but the extra size is only valuable if there are persons having more than a thousands posts. 350 // This is better left to the really really big forums. 351 352 $sql = 'SELECT poster_ip, COUNT(poster_ip) AS postings 353 FROM ' . POSTS_TABLE . ' 354 WHERE poster_id = ' . $post_info['poster_id'] . " 355 GROUP BY poster_ip 356 ORDER BY postings DESC"; 357 $result = $db->sql_query($sql); 358 359 while ($row = $db->sql_fetchrow($result)) 360 { 361 $hostname = (($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') && $row['poster_ip']) ? @gethostbyaddr($row['poster_ip']) : ''; 362 363 $template->assign_block_vars('iprow', array( 364 'IP' => $row['poster_ip'], 365 'HOSTNAME' => $hostname, 366 'NUM_POSTS' => $row['postings'], 367 'L_POST_S' => ($row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'], 368 369 'U_LOOKUP_IP' => ($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? '' : "$url&i=$id&mode=post_details&rdns={$row['poster_ip']}#ip", 370 'U_WHOIS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$row['poster_ip']}")) 371 ); 372 } 373 $db->sql_freeresult($result); 374 375 $user_select = ''; 376 377 if (sizeof($usernames_ary)) 378 { 379 ksort($usernames_ary); 380 381 foreach ($usernames_ary as $row) 382 { 383 $user_select .= '<option value="' . $row['poster_id'] . '">' . $row['username'] . "</option>\n"; 384 } 385 } 386 387 $template->assign_var('S_USER_SELECT', $user_select); 388 } 389 390 } 391 392 /** 393 * Change a post's poster 394 */ 395 function change_poster(&$post_info, $userdata) 396 { 397 global $auth, $db, $config, $phpbb_root_path, $phpEx; 398 399 if (empty($userdata) || $userdata['user_id'] == $post_info['user_id']) 400 { 401 return; 402 } 403 404 $post_id = $post_info['post_id']; 405 406 $sql = 'UPDATE ' . POSTS_TABLE . " 407 SET poster_id = {$userdata['user_id']} 408 WHERE post_id = $post_id"; 409 $db->sql_query($sql); 410 411 // Resync topic/forum if needed 412 if ($post_info['topic_last_post_id'] == $post_id || $post_info['forum_last_post_id'] == $post_id || $post_info['topic_first_post_id'] == $post_id) 413 { 414 sync('topic', 'topic_id', $post_info['topic_id'], false, false); 415 sync('forum', 'forum_id', $post_info['forum_id'], false, false); 416 } 417 418 // Adjust post counts... only if the post is approved (else, it was not added the users post count anyway) 419 if ($post_info['post_postcount'] && $post_info['post_approved']) 420 { 421 $sql = 'UPDATE ' . USERS_TABLE . ' 422 SET user_posts = user_posts - 1 423 WHERE user_id = ' . $post_info['user_id'] .' 424 AND user_posts > 0'; 425 $db->sql_query($sql); 426 427 $sql = 'UPDATE ' . USERS_TABLE . ' 428 SET user_posts = user_posts + 1 429 WHERE user_id = ' . $userdata['user_id']; 430 $db->sql_query($sql); 431 } 432 433 // Add posted to information for this topic for the new user 434 markread('post', $post_info['forum_id'], $post_info['topic_id'], time(), $userdata['user_id']); 435 436 // Remove the dotted topic option if the old user has no more posts within this topic 437 if ($config['load_db_track'] && $post_info['user_id'] != ANONYMOUS) 438 { 439 $sql = 'SELECT topic_id 440 FROM ' . POSTS_TABLE . ' 441 WHERE topic_id = ' . $post_info['topic_id'] . ' 442 AND poster_id = ' . $post_info['user_id']; 443 $result = $db->sql_query_limit($sql, 1); 444 $topic_id = (int) $db->sql_fetchfield('topic_id'); 445 $db->sql_freeresult($result); 446 447 if (!$topic_id) 448 { 449 $sql = 'DELETE FROM ' . TOPICS_POSTED_TABLE . ' 450 WHERE user_id = ' . $post_info['user_id'] . ' 451 AND topic_id = ' . $post_info['topic_id']; 452 $db->sql_query($sql); 453 } 454 } 455 456 // change the poster_id within the attachments table, else the data becomes out of sync and errors displayed because of wrong ownership 457 if ($post_info['post_attachment']) 458 { 459 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 460 SET poster_id = ' . $userdata['user_id'] . ' 461 WHERE poster_id = ' . $post_info['user_id'] . ' 462 AND post_msg_id = ' . $post_info['post_id'] . ' 463 AND topic_id = ' . $post_info['topic_id']; 464 $db->sql_query($sql); 465 } 466 467 // refresh search cache of this post 468 $search_type = basename($config['search_type']); 469 470 if (file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) 471 { 472 require("{$phpbb_root_path}includes/search/$search_type.$phpEx"); 473 474 // We do some additional checks in the module to ensure it can actually be utilised 475 $error = false; 476 $search = new $search_type($error); 477 478 if (!$error && method_exists($search, 'destroy_cache')) 479 { 480 $search->destroy_cache(array(), array($post_info['user_id'], $userdata['user_id'])); 481 } 482 } 483 484 $from_username = $post_info['username']; 485 $to_username = $userdata['username']; 486 487 // Renew post info 488 $post_info = get_post_data(array($post_id), false, true); 489 490 if (!sizeof($post_info)) 491 { 492 trigger_error('POST_NOT_EXIST'); 493 } 494 495 $post_info = $post_info[$post_id]; 496 497 // Now add log entry 498 add_log('mod', $post_info['forum_id'], $post_info['topic_id'], 'LOG_MCP_CHANGE_POSTER', $post_info['topic_title'], $from_username, $to_username); 499 } 500 501 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Oct 2 15:03:47 2013 | Cross-referenced by PHPXref 0.7.1 |