| 1 |
<?php
|
| 2 |
/**
|
| 3 |
*
|
| 4 |
* @package mcp
|
| 5 |
* @version $Id: mcp.php 9064 2008-11-13 13:04:54Z toonarmy $
|
| 6 |
* @copyright (c) 2005 phpBB Group
|
| 7 |
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
| 8 |
*
|
| 9 |
*/
|
| 10 |
|
| 11 |
/**
|
| 12 |
* @ignore
|
| 13 |
*/
|
| 14 |
define('IN_PHPBB', true);
|
| 15 |
if (!defined('PHPBB_ROOT_PATH')) define('PHPBB_ROOT_PATH', './');
|
| 16 |
if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
|
| 17 |
include(PHPBB_ROOT_PATH . 'common.' . PHP_EXT);
|
| 18 |
include(PHPBB_ROOT_PATH . 'includes/functions_admin.' . PHP_EXT);
|
| 19 |
require(PHPBB_ROOT_PATH . 'includes/functions_module.' . PHP_EXT);
|
| 20 |
|
| 21 |
// Start session management
|
| 22 |
$user->session_begin();
|
| 23 |
$auth->acl($user->data);
|
| 24 |
$user->setup('mcp');
|
| 25 |
|
| 26 |
$module = new p_master();
|
| 27 |
|
| 28 |
// Setting a variable to let the style designer know where he is...
|
| 29 |
$template->assign_var('S_IN_MCP', true);
|
| 30 |
|
| 31 |
// Basic parameter data
|
| 32 |
$id = request_var('i', '');
|
| 33 |
|
| 34 |
if (isset($_REQUEST['mode']) && is_array($_REQUEST['mode']))
|
| 35 |
{
|
| 36 |
$mode = request_var('mode', array(''));
|
| 37 |
list($mode, ) = each($mode);
|
| 38 |
}
|
| 39 |
else
|
| 40 |
{
|
| 41 |
$mode = request_var('mode', '');
|
| 42 |
}
|
| 43 |
|
| 44 |
// Only Moderators can go beyond this point
|
| 45 |
if (!$user->data['is_registered'])
|
| 46 |
{
|
| 47 |
if ($user->data['is_bot'])
|
| 48 |
{
|
| 49 |
redirect(append_sid(PHPBB_ROOT_PATH . 'index.' . PHP_EXT));
|
| 50 |
}
|
| 51 |
|
| 52 |
login_box('', $user->lang['LOGIN_EXPLAIN_MCP']);
|
| 53 |
}
|
| 54 |
|
| 55 |
$quickmod = (isset($_REQUEST['quickmod'])) ? true : false;
|
| 56 |
$action = request_var('action', '');
|
| 57 |
$action_ary = request_var('action', array('' => 0));
|
| 58 |
|
| 59 |
$forum_action = request_var('forum_action', '');
|
| 60 |
if ($forum_action !== '' && !empty($_POST['sort']))
|
| 61 |
{
|
| 62 |
$action = $forum_action;
|
| 63 |
}
|
| 64 |
|
| 65 |
if (sizeof($action_ary))
|
| 66 |
{
|
| 67 |
list($action, ) = each($action_ary);
|
| 68 |
}
|
| 69 |
unset($action_ary);
|
| 70 |
|
| 71 |
if ($mode == 'topic_logs')
|
| 72 |
{
|
| 73 |
$id = 'logs';
|
| 74 |
$quickmod = false;
|
| 75 |
}
|
| 76 |
|
| 77 |
$post_id = request_var('p', 0);
|
| 78 |
$topic_id = request_var('t', 0);
|
| 79 |
$forum_id = request_var('f', 0);
|
| 80 |
$user_id = request_var('u', 0);
|
| 81 |
$username = utf8_normalize_nfc(request_var('username', '', true));
|
| 82 |
|
| 83 |
if ($post_id)
|
| 84 |
{
|
| 85 |
// We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
|
| 86 |
$sql = 'SELECT topic_id, forum_id
|
| 87 |
FROM ' . POSTS_TABLE . "
|
| 88 |
WHERE post_id = $post_id";
|
| 89 |
$result = $db->sql_query($sql);
|
| 90 |
$row = $db->sql_fetchrow($result);
|
| 91 |
$db->sql_freeresult($result);
|
| 92 |
|
| 93 |
$topic_id = (int) $row['topic_id'];
|
| 94 |
$forum_id = (int) ($row['forum_id']) ? $row['forum_id'] : $forum_id;
|
| 95 |
}
|
| 96 |
else if ($topic_id)
|
| 97 |
{
|
| 98 |
$sql = 'SELECT forum_id
|
| 99 |
FROM ' . TOPICS_TABLE . "
|
| 100 |
WHERE topic_id = $topic_id";
|
| 101 |
$result = $db->sql_query($sql);
|
| 102 |
$row = $db->sql_fetchrow($result);
|
| 103 |
$db->sql_freeresult($result);
|
| 104 |
|
| 105 |
$forum_id = (int) $row['forum_id'];
|
| 106 |
}
|
| 107 |
|
| 108 |
// If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
|
| 109 |
if (!$auth->acl_getf_global('m_'))
|
| 110 |
{
|
| 111 |
// Except he is using one of the quickmod tools for users
|
| 112 |
$user_quickmod_actions = array(
|
| 113 |
'lock' => 'f_user_lock',
|
| 114 |
'make_sticky' => 'f_sticky',
|
| 115 |
'make_announce' => 'f_announce',
|
| 116 |
'make_global' => 'f_announce',
|
| 117 |
'make_normal' => array('f_announce', 'f_sticky')
|
| 118 |
);
|
| 119 |
|
| 120 |
$allow_user = false;
|
| 121 |
if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
|
| 122 |
{
|
| 123 |
$topic_info = get_topic_data(array($topic_id));
|
| 124 |
if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id'])
|
| 125 |
{
|
| 126 |
$allow_user = true;
|
| 127 |
}
|
| 128 |
}
|
| 129 |
|
| 130 |
if (!$allow_user)
|
| 131 |
{
|
| 132 |
trigger_error('NOT_AUTHORISED');
|
| 133 |
}
|
| 134 |
}
|
| 135 |
|
| 136 |
// if the user cannot read the forum he tries to access then we won't allow mcp access either
|
| 137 |
if ($forum_id && !$auth->acl_get('f_read', $forum_id))
|
| 138 |
{
|
| 139 |
trigger_error('NOT_AUTHORISED');
|
| 140 |
}
|
| 141 |
|
| 142 |
if ($forum_id)
|
| 143 |
{
|
| 144 |
$module->acl_forum_id = $forum_id;
|
| 145 |
}
|
| 146 |
|
| 147 |
// Instantiate module system and generate list of available modules
|
| 148 |
$module->list_modules('mcp');
|
| 149 |
|
| 150 |
if ($quickmod)
|
| 151 |
{
|
| 152 |
$mode = 'quickmod';
|
| 153 |
|
| 154 |
switch ($action)
|
| 155 |
{
|
| 156 |
case 'lock':
|
| 157 |
case 'unlock':
|
| 158 |
case 'lock_post':
|
| 159 |
case 'unlock_post':
|
| 160 |
case 'make_sticky':
|
| 161 |
case 'make_announce':
|
| 162 |
case 'make_global':
|
| 163 |
case 'make_normal':
|
| 164 |
case 'fork':
|
| 165 |
case 'move':
|
| 166 |
case 'delete_post':
|
| 167 |
case 'delete_topic':
|
| 168 |
$module->load('mcp', 'main', 'quickmod');
|
| 169 |
return;
|
| 170 |
break;
|
| 171 |
|
| 172 |
case 'topic_logs':
|
| 173 |
$module->set_active('logs', 'topic_logs');
|
| 174 |
break;
|
| 175 |
|
| 176 |
case 'merge_topic':
|
| 177 |
$module->set_active('main', 'forum_view');
|
| 178 |
break;
|
| 179 |
|
| 180 |
case 'split':
|
| 181 |
case 'merge':
|
| 182 |
$module->set_active('main', 'topic_view');
|
| 183 |
break;
|
| 184 |
|
| 185 |
default:
|
| 186 |
trigger_error("$action not allowed as quickmod", E_USER_ERROR);
|
| 187 |
break;
|
| 188 |
}
|
| 189 |
}
|
| 190 |
else
|
| 191 |
{
|
| 192 |
// Select the active module
|
| 193 |
$module->set_active($id, $mode);
|
| 194 |
}
|
| 195 |
|
| 196 |
// Hide some of the options if we don't have the relevant information to use them
|
| 197 |
if (!$post_id)
|
| 198 |
{
|
| 199 |
$module->set_display('main', 'post_details', false);
|
| 200 |
$module->set_display('warn', 'warn_post', false);
|
| 201 |
}
|
| 202 |
|
| 203 |
if ($mode == '' || $mode == 'unapproved_topics' || $mode == 'unapproved_posts')
|
| 204 |
{
|
| 205 |
$module->set_display('queue', 'approve_details', false);
|
| 206 |
}
|
| 207 |
|
| 208 |
if ($mode == '' || $mode == 'reports' || $mode == 'reports_closed')
|
| 209 |
{
|
| 210 |
$module->set_display('reports', 'report_details', false);
|
| 211 |
}
|
| 212 |
|
| 213 |
if (!$topic_id)
|
| 214 |
{
|
| 215 |
$module->set_display('main', 'topic_view', false);
|
| 216 |
$module->set_display('logs', 'topic_logs', false);
|
| 217 |
}
|
| 218 |
|
| 219 |
if (!$forum_id)
|
| 220 |
{
|
| 221 |
$module->set_display('main', 'forum_view', false);
|
| 222 |
$module->set_display('logs', 'forum_logs', false);
|
| 223 |
}
|
| 224 |
|
| 225 |
if (!$user_id && $username == '')
|
| 226 |
{
|
| 227 |
$module->set_display('notes', 'user_notes', false);
|
| 228 |
$module->set_display('warn', 'warn_user', false);
|
| 229 |
}
|
| 230 |
|
| 231 |
// Load and execute the relevant module
|
| 232 |
$module->load_active();
|
| 233 |
|
| 234 |
// Assign data to the template engine for the list of modules
|
| 235 |
$module->assign_tpl_vars(append_sid(PHPBB_ROOT_PATH . 'mcp.' . PHP_EXT));
|
| 236 |
|
| 237 |
// Generate urls for letting the moderation control panel being accessed in different modes
|
| 238 |
$template->assign_vars(array(
|
| 239 |
'U_MCP' => append_sid('mcp', 'i=main'),
|
| 240 |
'U_MCP_FORUM' => ($forum_id) ? append_sid('mcp', "i=main&mode=forum_view&f=$forum_id") : '',
|
| 241 |
'U_MCP_TOPIC' => ($forum_id && $topic_id) ? append_sid('mcp', "i=main&mode=topic_view&t=$topic_id") : '',
|
| 242 |
'U_MCP_POST' => ($forum_id && $topic_id && $post_id) ? append_sid('mcp', "i=main&mode=post_details&t=$topic_id&p=$post_id") : '',
|
| 243 |
));
|
| 244 |
|
| 245 |
// Generate the page, do not display/query online list
|
| 246 |
$module->display($module->get_page_title(), false);
|
| 247 |
|
| 248 |
/**
|
| 249 |
* Functions used to generate additional URL paramters
|
| 250 |
*/
|
| 251 |
function _module__url($mode, &$module_row)
|
| 252 |
{
|
| 253 |
return extra_url();
|
| 254 |
}
|
| 255 |
|
| 256 |
function _module_notes_url($mode, &$module_row)
|
| 257 |
{
|
| 258 |
if ($mode == 'front')
|
| 259 |
{
|
| 260 |
return '';
|
| 261 |
}
|
| 262 |
|
| 263 |
global $user_id;
|
| 264 |
return ($user_id) ? "&u=$user_id" : '';
|
| 265 |
}
|
| 266 |
|
| 267 |
function _module_warn_url($mode, &$module_row)
|
| 268 |
{
|
| 269 |
if ($mode == 'front' || $mode == 'list')
|
| 270 |
{
|
| 271 |
global $forum_id;
|
| 272 |
|
| 273 |
return ($forum_id) ? "&f=$forum_id" : '';
|
| 274 |
}
|
| 275 |
|
| 276 |
if ($mode == 'warn_post')
|
| 277 |
{
|
| 278 |
global $forum_id, $post_id;
|
| 279 |
|
| 280 |
$url_extra = ($forum_id) ? "&f=$forum_id" : '';
|
| 281 |
$url_extra .= ($post_id) ? "&p=$post_id" : '';
|
| 282 |
|
| 283 |
return $url_extra;
|
| 284 |
}
|
| 285 |
else
|
| 286 |
{
|
| 287 |
global $user_id;
|
| 288 |
|
| 289 |
return ($user_id) ? "&u=$user_id" : '';
|
| 290 |
}
|
| 291 |
}
|
| 292 |
|
| 293 |
function _module_main_url($mode, &$module_row)
|
| 294 |
{
|
| 295 |
return extra_url();
|
| 296 |
}
|
| 297 |
|
| 298 |
function _module_logs_url($mode, &$module_row)
|
| 299 |
{
|
| 300 |
return extra_url();
|
| 301 |
}
|
| 302 |
|
| 303 |
function _module_ban_url($mode, &$module_row)
|
| 304 |
{
|
| 305 |
return extra_url();
|
| 306 |
}
|
| 307 |
|
| 308 |
function _module_queue_url($mode, &$module_row)
|
| 309 |
{
|
| 310 |
return extra_url();
|
| 311 |
}
|
| 312 |
|
| 313 |
function _module_reports_url($mode, &$module_row)
|
| 314 |
{
|
| 315 |
return extra_url();
|
| 316 |
}
|
| 317 |
|
| 318 |
function extra_url()
|
| 319 |
{
|
| 320 |
global $forum_id, $topic_id, $post_id, $user_id;
|
| 321 |
|
| 322 |
$url_extra = '';
|
| 323 |
$url_extra .= ($forum_id) ? "&f=$forum_id" : '';
|
| 324 |
$url_extra .= ($topic_id) ? "&t=$topic_id" : '';
|
| 325 |
$url_extra .= ($post_id) ? "&p=$post_id" : '';
|
| 326 |
$url_extra .= ($user_id) ? "&u=$user_id" : '';
|
| 327 |
|
| 328 |
return $url_extra;
|
| 329 |
}
|
| 330 |
|
| 331 |
/**
|
| 332 |
* Get simple topic data
|
| 333 |
*/
|
| 334 |
function get_topic_data($topic_ids, $acl_list = false, $read_tracking = false)
|
| 335 |
{
|
| 336 |
global $auth, $db, $config, $user;
|
| 337 |
static $rowset = array();
|
| 338 |
|
| 339 |
$topics = array();
|
| 340 |
|
| 341 |
if (!sizeof($topic_ids))
|
| 342 |
{
|
| 343 |
return array();
|
| 344 |
}
|
| 345 |
|
| 346 |
// cache might not contain read tracking info, so we can't use it if read
|
| 347 |
// tracking information is requested
|
| 348 |
if (!$read_tracking)
|
| 349 |
{
|
| 350 |
$cache_topic_ids = array_intersect($topic_ids, array_keys($rowset));
|
| 351 |
$topic_ids = array_diff($topic_ids, array_keys($rowset));
|
| 352 |
}
|
| 353 |
else
|
| 354 |
{
|
| 355 |
$cache_topic_ids = array();
|
| 356 |
}
|
| 357 |
|
| 358 |
if (sizeof($topic_ids))
|
| 359 |
{
|
| 360 |
$sql_array = array(
|
| 361 |
'SELECT' => 't.*, f.*',
|
| 362 |
|
| 363 |
'FROM' => array(
|
| 364 |
TOPICS_TABLE => 't',
|
| 365 |
),
|
| 366 |
|
| 367 |
'LEFT_JOIN' => array(
|
| 368 |
array(
|
| 369 |
'FROM' => array(FORUMS_TABLE => 'f'),
|
| 370 |
'ON' => 'f.forum_id = t.forum_id'
|
| 371 |
)
|
| 372 |
),
|
| 373 |
|
| 374 |
'WHERE' => $db->sql_in_set('t.topic_id', $topic_ids)
|
| 375 |
);
|
| 376 |
|
| 377 |
if ($read_tracking && $config['load_db_lastread'])
|
| 378 |
{
|
| 379 |
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
|
| 380 |
|
| 381 |
$sql_array['LEFT_JOIN'][] = array(
|
| 382 |
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
|
| 383 |
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
|
| 384 |
);
|
| 385 |
|
| 386 |
$sql_array['LEFT_JOIN'][] = array(
|
| 387 |
'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
|
| 388 |
'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
|
| 389 |
);
|
| 390 |
}
|
| 391 |
|
| 392 |
$sql = $db->sql_build_query('SELECT', $sql_array);
|
| 393 |
$result = $db->sql_query($sql);
|
| 394 |
|
| 395 |
while ($row = $db->sql_fetchrow($result))
|
| 396 |
{
|
| 397 |
if (!$row['forum_id'])
|
| 398 |
{
|
| 399 |
// Global Announcement?
|
| 400 |
$row['forum_id'] = request_var('f', 0);
|
| 401 |
}
|
| 402 |
|
| 403 |
$rowset[$row['topic_id']] = $row;
|
| 404 |
|
| 405 |
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
|
| 406 |
{
|
| 407 |
continue;
|
| 408 |
}
|
| 409 |
|
| 410 |
$topics[$row['topic_id']] = $row;
|
| 411 |
}
|
| 412 |
$db->sql_freeresult($result);
|
| 413 |
}
|
| 414 |
|
| 415 |
foreach ($cache_topic_ids as $id)
|
| 416 |
{
|
| 417 |
if (!$acl_list || $auth->acl_gets($acl_list, $rowset[$id]['forum_id']))
|
| 418 |
{
|
| 419 |
$topics[$id] = $rowset[$id];
|
| 420 |
}
|
| 421 |
}
|
| 422 |
|
| 423 |
return $topics;
|
| 424 |
}
|
| 425 |
|
| 426 |
/**
|
| 427 |
* Get simple post data
|
| 428 |
*/
|
| 429 |
function get_post_data($post_ids, $acl_list = false, $read_tracking = false)
|
| 430 |
{
|
| 431 |
global $db, $auth, $config, $user;
|
| 432 |
|
| 433 |
$rowset = array();
|
| 434 |
|
| 435 |
if (!sizeof($post_ids))
|
| 436 |
{
|
| 437 |
return array();
|
| 438 |
}
|
| 439 |
|
| 440 |
$sql_array = array(
|
| 441 |
'SELECT' => 'p.*, u.*, t.*, f.*',
|
| 442 |
|
| 443 |
'FROM' => array(
|
| 444 |
USERS_TABLE => 'u',
|
| 445 |
POSTS_TABLE => 'p',
|
| 446 |
TOPICS_TABLE => 't',
|
| 447 |
),
|
| 448 |
|
| 449 |
'LEFT_JOIN' => array(
|
| 450 |
array(
|
| 451 |
'FROM' => array(FORUMS_TABLE => 'f'),
|
| 452 |
'ON' => 'f.forum_id = t.forum_id'
|
| 453 |
)
|
| 454 |
),
|
| 455 |
|
| 456 |
'WHERE' => $db->sql_in_set('p.post_id', $post_ids) . '
|
| 457 |
AND u.user_id = p.poster_id
|
| 458 |
AND t.topic_id = p.topic_id',
|
| 459 |
);
|
| 460 |
|
| 461 |
if ($read_tracking && $config['load_db_lastread'])
|
| 462 |
{
|
| 463 |
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
|
| 464 |
|
| 465 |
$sql_array['LEFT_JOIN'][] = array(
|
| 466 |
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
|
| 467 |
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
|
| 468 |
);
|
| 469 |
|
| 470 |
$sql_array['LEFT_JOIN'][] = array(
|
| 471 |
'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
|
| 472 |
'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
|
| 473 |
);
|
| 474 |
}
|
| 475 |
|
| 476 |
$sql = $db->sql_build_query('SELECT', $sql_array);
|
| 477 |
$result = $db->sql_query($sql);
|
| 478 |
unset($sql_array);
|
| 479 |
|
| 480 |
while ($row = $db->sql_fetchrow($result))
|
| 481 |
{
|
| 482 |
if (!$row['forum_id'])
|
| 483 |
{
|
| 484 |
// Global Announcement?
|
| 485 |
$row['forum_id'] = request_var('f', 0);
|
| 486 |
}
|
| 487 |
|
| 488 |
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
|
| 489 |
{
|
| 490 |
continue;
|
| 491 |
}
|
| 492 |
|
| 493 |
if (!$row['post_approved'] && !$auth->acl_get('m_approve', $row['forum_id']))
|
| 494 |
{
|
| 495 |
// Moderators without the permission to approve post should at least not see them. ;)
|
| 496 |
continue;
|
| 497 |
}
|
| 498 |
|
| 499 |
$rowset[$row['post_id']] = $row;
|
| 500 |
}
|
| 501 |
$db->sql_freeresult($result);
|
| 502 |
|
| 503 |
return $rowset;
|
| 504 |
}
|
| 505 |
|
| 506 |
/**
|
| 507 |
* Get simple forum data
|
| 508 |
*/
|
| 509 |
function get_forum_data($forum_id, $acl_list = 'f_list', $read_tracking = false)
|
| 510 |
{
|
| 511 |
global $auth, $db, $user, $config;
|
| 512 |
|
| 513 |
$rowset = array();
|
| 514 |
|
| 515 |
if (!is_array($forum_id))
|
| 516 |
{
|
| 517 |
$forum_id = array($forum_id);
|
| 518 |
}
|
| 519 |
|
| 520 |
if (!sizeof($forum_id))
|
| 521 |
{
|
| 522 |
return array();
|
| 523 |
}
|
| 524 |
|
| 525 |
if ($read_tracking && $config['load_db_lastread'])
|
| 526 |
{
|
| 527 |
$read_tracking_join = ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . '
|
| 528 |
AND ft.forum_id = f.forum_id)';
|
| 529 |
$read_tracking_select = ', ft.mark_time';
|
| 530 |
}
|
| 531 |
else
|
| 532 |
{
|
| 533 |
$read_tracking_join = $read_tracking_select = '';
|
| 534 |
}
|
| 535 |
|
| 536 |
$sql = "SELECT f.* $read_tracking_select
|
| 537 |
FROM " . FORUMS_TABLE . " f$read_tracking_join
|
| 538 |
WHERE " . $db->sql_in_set('f.forum_id', $forum_id);
|
| 539 |
$result = $db->sql_query($sql);
|
| 540 |
|
| 541 |
while ($row = $db->sql_fetchrow($result))
|
| 542 |
{
|
| 543 |
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
|
| 544 |
{
|
| 545 |
continue;
|
| 546 |
}
|
| 547 |
|
| 548 |
if ($auth->acl_get('m_approve', $row['forum_id']))
|
| 549 |
{
|
| 550 |
$row['forum_topics'] = $row['forum_topics_real'];
|
| 551 |
}
|
| 552 |
|
| 553 |
$rowset[$row['forum_id']] = $row;
|
| 554 |
}
|
| 555 |
$db->sql_freeresult($result);
|
| 556 |
|
| 557 |
return $rowset;
|
| 558 |
}
|
| 559 |
|
| 560 |
/**
|
| 561 |
* sorting in mcp
|
| 562 |
*
|
| 563 |
* @param string $where_sql should either be WHERE (default if ommited) or end with AND or OR
|
| 564 |
*/
|
| 565 |
function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE')
|
| 566 |
{
|
| 567 |
global $db, $user, $auth, $template;
|
| 568 |
|
| 569 |
$sort_days = request_var('st', 0);
|
| 570 |
$min_time = ($sort_days) ? time() - ($sort_days * 86400) : 0;
|
| 571 |
|
| 572 |
switch ($mode)
|
| 573 |
{
|
| 574 |
case 'viewforum':
|
| 575 |
$type = 'topics';
|
| 576 |
$default_key = 't';
|
| 577 |
$default_dir = 'd';
|
| 578 |
|
| 579 |
$sql = 'SELECT COUNT(topic_id) AS total
|
| 580 |
FROM ' . TOPICS_TABLE . "
|
| 581 |
$where_sql forum_id = $forum_id
|
| 582 |
AND topic_type NOT IN (" . POST_ANNOUNCE . ', ' . POST_GLOBAL . ")
|
| 583 |
AND topic_last_post_time >= $min_time";
|
| 584 |
|
| 585 |
if (!$auth->acl_get('m_approve', $forum_id))
|
| 586 |
{
|
| 587 |
$sql .= 'AND topic_approved = 1';
|
| 588 |
}
|
| 589 |
break;
|
| 590 |
|
| 591 |
case 'viewtopic':
|
| 592 |
$type = 'posts';
|
| 593 |
$default_key = 't';
|
| 594 |
$default_dir = 'a';
|
| 595 |
|
| 596 |
$sql = 'SELECT COUNT(post_id) AS total
|
| 597 |
FROM ' . POSTS_TABLE . "
|
| 598 |
$where_sql topic_id = $topic_id
|
| 599 |
AND post_time >= $min_time";
|
| 600 |
|
| 601 |
if (!$auth->acl_get('m_approve', $forum_id))
|
| 602 |
{
|
| 603 |
$sql .= 'AND post_approved = 1';
|
| 604 |
}
|
| 605 |
break;
|
| 606 |
|
| 607 |
case 'unapproved_posts':
|
| 608 |
$type = 'posts';
|
| 609 |
$default_key = 't';
|
| 610 |
$default_dir = 'd';
|
| 611 |
$where_sql .= ($topic_id) ? ' topic_id = ' . $topic_id . ' AND' : '';
|
| 612 |
|
| 613 |
$sql = 'SELECT COUNT(post_id) AS total
|
| 614 |
FROM ' . POSTS_TABLE . "
|
| 615 |
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . '
|
| 616 |
AND post_approved = 0';
|
| 617 |
|
| 618 |
if ($min_time)
|
| 619 |
{
|
| 620 |
$sql .= ' AND post_time >= ' . $min_time;
|
| 621 |
}
|
| 622 |
break;
|
| 623 |
|
| 624 |
case 'unapproved_topics':
|
| 625 |
$type = 'topics';
|
| 626 |
$default_key = 't';
|
| 627 |
$default_dir = 'd';
|
| 628 |
|
| 629 |
$sql = 'SELECT COUNT(topic_id) AS total
|
| 630 |
FROM ' . TOPICS_TABLE . "
|
| 631 |
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . '
|
| 632 |
AND topic_approved = 0';
|
| 633 |
|
| 634 |
if ($min_time)
|
| 635 |
{
|
| 636 |
$sql .= ' AND topic_time >= ' . $min_time;
|
| 637 |
}
|
| 638 |
break;
|
| 639 |
|
| 640 |
case 'reports':
|
| 641 |
case 'reports_closed':
|
| 642 |
$type = 'reports';
|
| 643 |
$default_key = 't';
|
| 644 |
$default_dir = 'd';
|
| 645 |
$limit_time_sql = ($min_time) ? "AND r.report_time >= $min_time" : '';
|
| 646 |
|
| 647 |
if ($topic_id)
|
| 648 |
{
|
| 649 |
$where_sql .= ' p.topic_id = ' . $topic_id;
|
| 650 |
}
|
| 651 |
else if ($forum_id)
|
| 652 |
{
|
| 653 |
$where_sql .= ' p.forum_id = ' . $forum_id;
|
| 654 |
}
|
| 655 |
else
|
| 656 |
{
|
| 657 |
$where_sql .= ' ' . $db->sql_in_set('p.forum_id', get_forum_list(array('!f_read', '!m_report')), true, true);
|
| 658 |
}
|
| 659 |
|
| 660 |
if ($mode == 'reports')
|
| 661 |
{
|
| 662 |
$where_sql .= ' AND r.report_closed = 0';
|
| 663 |
}
|
| 664 |
else
|
| 665 |
{
|
| 666 |
$where_sql .= ' AND r.report_closed = 1';
|
| 667 |
}
|
| 668 |
|
| 669 |
$sql = 'SELECT COUNT(r.report_id) AS total
|
| 670 |
FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . " p
|
| 671 |
$where_sql
|
| 672 |
AND p.post_id = r.post_id
|
| 673 |
$limit_time_sql";
|
| 674 |
break;
|
| 675 |
|
| 676 |
case 'viewlogs':
|
| 677 |
$type = 'logs';
|
| 678 |
$default_key = 't';
|
| 679 |
$default_dir = 'd';
|
| 680 |
|
| 681 |
$sql = 'SELECT COUNT(log_id) AS total
|
| 682 |
FROM ' . LOG_TABLE . "
|
| 683 |
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_'))) . '
|
| 684 |
AND log_time >= ' . $min_time . '
|
| 685 |
AND log_type = ' . LOG_MOD;
|
| 686 |
break;
|
| 687 |
}
|
| 688 |
|
| 689 |
$sort_key = request_var('sk', $default_key);
|
| 690 |
$sort_dir = request_var('sd', $default_dir);
|
| 691 |
$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
|
| 692 |
|
| 693 |
switch ($type)
|
| 694 |
{
|
| 695 |
case 'topics':
|
| 696 |
$limit_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
| 697 |
$sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'tt' => $user->lang['TOPIC_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
|
| 698 |
|
| 699 |
$sort_by_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'tt' => 't.topic_time', 'r' => (($auth->acl_get('m_approve', $forum_id)) ? 't.topic_replies_real' : 't.topic_replies'), 's' => 't.topic_title', 'v' => 't.topic_views');
|
| 700 |
$limit_time_sql = ($min_time) ? "AND t.topic_last_post_time >= $min_time" : '';
|
| 701 |
break;
|
| 702 |
|
| 703 |
case 'posts':
|
| 704 |
$limit_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
| 705 |
$sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
|
| 706 |
$sort_by_sql = array('a' => 'u.username_clean', 't' => 'p.post_time', 's' => 'p.post_subject');
|
| 707 |
$limit_time_sql = ($min_time) ? "AND p.post_time >= $min_time" : '';
|
| 708 |
break;
|
| 709 |
|
| 710 |
case 'reports':
|
| 711 |
$limit_days = array(0 => $user->lang['ALL_REPORTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
| 712 |
$sort_by_text = array('a' => $user->lang['AUTHOR'], 'r' => $user->lang['REPORTER'], 'p' => $user->lang['POST_TIME'], 't' => $user->lang['REPORT_TIME'], 's' => $user->lang['SUBJECT']);
|
| 713 |
$sort_by_sql = array('a' => 'u.username_clean', 'r' => 'ru.username', 'p' => 'p.post_time', 't' => 'r.report_time', 's' => 'p.post_subject');
|
| 714 |
break;
|
| 715 |
|
| 716 |
case 'logs':
|
| 717 |
$limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
| 718 |
$sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
|
| 719 |
|
| 720 |
$sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
|
| 721 |
$limit_time_sql = ($min_time) ? "AND l.log_time >= $min_time" : '';
|
| 722 |
break;
|
| 723 |
}
|
| 724 |
|
| 725 |
if (!isset($sort_by_sql[$sort_key]))
|
| 726 |
{
|
| 727 |
$sort_key = $default_key;
|
| 728 |
}
|
| 729 |
|
| 730 |
$sort_order_sql = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
|
| 731 |
|
| 732 |
$s_limit_days = $s_sort_key = $s_sort_dir = $sort_url = '';
|
| 733 |
gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $sort_url);
|
| 734 |
|
| 735 |
$template->assign_vars(array(
|
| 736 |
'S_SELECT_SORT_DIR' => $s_sort_dir,
|
| 737 |
'S_SELECT_SORT_KEY' => $s_sort_key,
|
| 738 |
'S_SELECT_SORT_DAYS' => $s_limit_days)
|
| 739 |
);
|
| 740 |
|
| 741 |
if (($sort_days && $mode != 'viewlogs') || in_array($mode, array('reports', 'unapproved_topics', 'unapproved_posts')) || $where_sql != 'WHERE')
|
| 742 |
{
|
| 743 |
$result = $db->sql_query($sql);
|
| 744 |
$total = (int) $db->sql_fetchfield('total');
|
| 745 |
$db->sql_freeresult($result);
|
| 746 |
}
|
| 747 |
else
|
| 748 |
{
|
| 749 |
$total = -1;
|
| 750 |
}
|
| 751 |
}
|
| 752 |
|
| 753 |
/**
|
| 754 |
* Validate ids
|
| 755 |
*
|
| 756 |
* @param array &$ids The relevant ids to check
|
| 757 |
* @param string $table The table to find the ids in
|
| 758 |
* @param string $sql_id The ids relevant column name
|
| 759 |
* @param array $acl_list A list of permissions the user need to have
|
| 760 |
* @param mixed $singe_forum Limit to one forum id (int) or the first forum found (true)
|
| 761 |
*
|
| 762 |
* @return mixed False if no ids were able to be retrieved, true if at least one id left.
|
| 763 |
* Additionally, this value can be the forum_id assigned if $single_forum was set.
|
| 764 |
* Therefore checking the result for with !== false is the best method.
|
| 765 |
*/
|
| 766 |
function check_ids(&$ids, $table, $sql_id, $acl_list = false, $single_forum = false)
|
| 767 |
{
|
| 768 |
global $db, $auth;
|
| 769 |
|
| 770 |
if (!is_array($ids) || empty($ids))
|
| 771 |
{
|
| 772 |
return false;
|
| 773 |
}
|
| 774 |
|
| 775 |
$sql = "SELECT $sql_id, forum_id FROM $table
|
| 776 |
WHERE " . $db->sql_in_set($sql_id, $ids);
|
| 777 |
$result = $db->sql_query($sql);
|
| 778 |
|
| 779 |
$ids = array();
|
| 780 |
$forum_id = false;
|
| 781 |
|
| 782 |
while ($row = $db->sql_fetchrow($result))
|
| 783 |
{
|
| 784 |
if ($acl_list && $row['forum_id'] && !$auth->acl_gets($acl_list, $row['forum_id']))
|
| 785 |
{
|
| 786 |
continue;
|
| 787 |
}
|
| 788 |
|
| 789 |
if ($acl_list && !$row['forum_id'] && !$auth->acl_getf_global($acl_list))
|
| 790 |
{
|
| 791 |
continue;
|
| 792 |
}
|
| 793 |
|
| 794 |
// Limit forum? If not, just assign the id.
|
| 795 |
if ($single_forum === false)
|
| 796 |
{
|
| 797 |
$ids[] = $row[$sql_id];
|
| 798 |
continue;
|
| 799 |
}
|
| 800 |
|
| 801 |
// Limit forum to a specific forum id?
|
| 802 |
// This can get really tricky, because we do not want to create a failure on global topics. :)
|
| 803 |
if ($row['forum_id'])
|
| 804 |
{
|
| 805 |
if ($single_forum !== true && $row['forum_id'] == (int) $single_forum)
|
| 806 |
{
|
| 807 |
$forum_id = (int) $single_forum;
|
| 808 |
}
|
| 809 |
else if ($forum_id === false)
|
| 810 |
{
|
| 811 |
$forum_id = $row['forum_id'];
|
| 812 |
}
|
| 813 |
|
| 814 |
if ($row['forum_id'] == $forum_id)
|
| 815 |
{
|
| 816 |
$ids[] = $row[$sql_id];
|
| 817 |
}
|
| 818 |
}
|
| 819 |
else
|
| 820 |
{
|
| 821 |
// Always add a global topic
|
| 822 |
$ids[] = $row[$sql_id];
|
| 823 |
}
|
| 824 |
}
|
| 825 |
$db->sql_freeresult($result);
|
| 826 |
|
| 827 |
if (!sizeof($ids))
|
| 828 |
{
|
| 829 |
return false;
|
| 830 |
}
|
| 831 |
|
| 832 |
// If forum id is false and ids populated we may have only global announcements selected (returning 0 because of (int) $forum_id)
|
| 833 |
|
| 834 |
return ($single_forum === false) ? true : (int) $forum_id;
|
| 835 |
}
|
| 836 |
|
| 837 |
?> |