root / tags / milestone_3 / phpBB / report.php
History | View | Annotate | Download (11.7 kB)
| 1 | <?php
|
|---|---|
| 2 | /**
|
| 3 | * |
| 4 | * @package phpBB3 |
| 5 | * @version $Id: report.php 5255 2005-10-04 21:39:47Z acydburn $ |
| 6 | * @copyright (c) 2005 phpBB Group |
| 7 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 8 | * |
| 9 | */ |
| 10 | |
| 11 | /**
|
| 12 | */ |
| 13 | define('IN_PHPBB', true); |
| 14 | $phpbb_root_path = './'; |
| 15 | $phpEx = substr(strrchr(__FILE__, '.'), 1); |
| 16 | include($phpbb_root_path . 'common.'.$phpEx); |
| 17 | include($phpbb_root_path . 'includes/functions_display.'.$phpEx); |
| 18 | |
| 19 | // Start session management
|
| 20 | $user->session_begin();
|
| 21 | $auth->acl($user->data); |
| 22 | $user->setup('mcp'); |
| 23 | |
| 24 | // Report PM or Post?
|
| 25 | $id = request_var('p', request_var('pm', 0)); |
| 26 | $report_post = (request_var('p', 0)) ? true : false; |
| 27 | $reason_id = request_var('reason_id', 0); |
| 28 | $user_notify = (!empty($_REQUEST['notify']) && $user->data['is_registered']) ? true : false; |
| 29 | $report_text = request_var('report_text', ''); |
| 30 | |
| 31 | if (!$id) |
| 32 | {
|
| 33 | trigger_error('INVALID_MODE'); |
| 34 | } |
| 35 | |
| 36 | $redirect_url = ($report_post) ? "{$phpbb_root_path}viewtopic.$phpEx$SID&p=$id#$id" : "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&p=$id"; |
| 37 | |
| 38 | // Has the report been cancelled?
|
| 39 | if (isset($_POST['cancel'])) |
| 40 | {
|
| 41 | redirect($redirect_url);
|
| 42 | } |
| 43 | |
| 44 | // Grab all relevant data
|
| 45 | if ($report_post) |
| 46 | {
|
| 47 | $sql = 'SELECT f.*, t.*, p.* |
| 48 | FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f |
| 49 | WHERE p.post_id = $id |
| 50 | AND p.topic_id = t.topic_id |
| 51 | AND p.forum_id = f.forum_id";
|
| 52 | } |
| 53 | else
|
| 54 | {
|
| 55 | // Only the user itself is able to report his Private Messages
|
| 56 | $sql = 'SELECT p.*, t.* |
| 57 | FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . " t |
| 58 | WHERE t.msg_id = $id |
| 59 | AND t.user_id = " . $user->data['user_id'] . ' |
| 60 | AND t.msg_id = p.msg_id';
|
| 61 | } |
| 62 | $result = $db->sql_query($sql); |
| 63 | |
| 64 | if (!($report_data = $db->sql_fetchrow($result))) |
| 65 | {
|
| 66 | $message = ($report_post) ? $user->lang['POST_NOT_EXIST'] : $user->lang['PM_NOT_EXIST']; |
| 67 | trigger_error($message); |
| 68 | } |
| 69 | |
| 70 | if ($report_post) |
| 71 | {
|
| 72 | $forum_id = $report_data['forum_id']; |
| 73 | $topic_id = $report_data['topic_id']; |
| 74 | |
| 75 | // Check required permissions
|
| 76 | $acl_check_ary = array('f_list' => 'POST_NOT_EXIST', 'f_read' => 'USER_CANNOT_READ', 'f_report' => 'USER_CANNOT_REPORT'); |
| 77 | |
| 78 | foreach ($acl_check_ary as $acl => $error) |
| 79 | {
|
| 80 | if (!$auth->acl_get($acl, $forum_id)) |
| 81 | {
|
| 82 | trigger_error($error); |
| 83 | } |
| 84 | } |
| 85 | unset($acl_check_ary); |
| 86 | } |
| 87 | else
|
| 88 | {
|
| 89 | if (!$config['auth_report_pm'] || !$auth->acl_get('u_pm_report')) |
| 90 | {
|
| 91 | trigger_error('USER_CANNOT_REPORT'); |
| 92 | } |
| 93 | } |
| 94 | |
| 95 | // Check if the post has already been reported by this user
|
| 96 | $sql = 'SELECT * |
| 97 | FROM ' . REPORTS_TABLE . ' |
| 98 | WHERE ' . (($report_post) ? "post_id = $id" : "msg_id = $id") . ' |
| 99 | AND user_id = ' . $user->data['user_id']; |
| 100 | $result = $db->sql_query($sql); |
| 101 | |
| 102 | if ($row = $db->sql_fetchrow($result)) |
| 103 | {
|
| 104 | if ($user->data['is_registered']) |
| 105 | {
|
| 106 | // A report exists, extract $row if we're going to display the form
|
| 107 | if ($reason_id) |
| 108 | {
|
| 109 | $report_id = (int) $row['report_id']; |
| 110 | } |
| 111 | else
|
| 112 | {
|
| 113 | // Overwrite set variables
|
| 114 | extract($row); |
| 115 | } |
| 116 | } |
| 117 | else
|
| 118 | {
|
| 119 | trigger_error($user->lang['ALREADY_REPORTED'] . '<br /><br />' . sprintf($user->lang[(($report_post) ? 'RETURN_TOPIC' : 'RETURN_MESSAGE')], '<a href="' . $redirect_url . '">', '</a>')); |
| 120 | } |
| 121 | } |
| 122 | else
|
| 123 | {
|
| 124 | $report_id = 0; |
| 125 | } |
| 126 | |
| 127 | // Has the report been confirmed?
|
| 128 | if (isset($_POST['submit']) && $reason_id) |
| 129 | {
|
| 130 | $sql = 'SELECT reason_name |
| 131 | FROM ' . REASONS_TABLE . " |
| 132 | WHERE reason_id = $reason_id"; |
| 133 | $result = $db->sql_query($sql); |
| 134 | |
| 135 | if (!($row = $db->sql_fetchrow($result)) || (!$report_text && $row['reason_name'] == 'other')) |
| 136 | {
|
| 137 | trigger_error('EMPTY_REPORT'); |
| 138 | } |
| 139 | $db->sql_freeresult($result); |
| 140 | |
| 141 | $reason_desc = (!empty($user->lang['report_reasons']['DESCRIPTION'][$row['reason_name']])) ? $user->lang['report_reasons']['DESCRIPTION'][$row['reason_name']] : $row['reason_name']; |
| 142 | |
| 143 | $sql_ary = array( |
| 144 | 'reason_id' => (int) $reason_id, |
| 145 | 'post_id' => ($report_post) ? $id : 0, |
| 146 | 'msg_id' => ($report_post) ? 0 : $id, |
| 147 | 'user_id' => (int) $user->data['user_id'], |
| 148 | 'user_notify' => (int) $user_notify, |
| 149 | 'report_time' => (int) time(), |
| 150 | 'report_text' => (string) $report_text |
| 151 | ); |
| 152 | |
| 153 | if ($report_id) |
| 154 | {
|
| 155 | $sql = 'UPDATE ' . REPORTS_TABLE . ' |
| 156 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' |
| 157 | WHERE report_id = ' . $report_id; |
| 158 | $db->sql_query($sql); |
| 159 | } |
| 160 | else
|
| 161 | {
|
| 162 | $sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . |
| 163 | $db->sql_build_array('INSERT', $sql_ary); |
| 164 | $db->sql_query($sql); |
| 165 | $report_id = $db->sql_nextid(); |
| 166 | } |
| 167 | |
| 168 | if ($report_post) |
| 169 | {
|
| 170 | if (!$report_data['post_reported']) |
| 171 | {
|
| 172 | $sql = 'UPDATE ' . POSTS_TABLE . ' |
| 173 | SET post_reported = 1 |
| 174 | WHERE post_id = ' . $id; |
| 175 | $db->sql_query($sql); |
| 176 | } |
| 177 | |
| 178 | if (!$report_data['topic_reported']) |
| 179 | {
|
| 180 | $sql = 'UPDATE ' . TOPICS_TABLE . ' |
| 181 | SET topic_reported = 1 |
| 182 | WHERE topic_id = ' . $report_data['topic_id']; |
| 183 | $db->sql_query($sql); |
| 184 | } |
| 185 | } |
| 186 | else
|
| 187 | {
|
| 188 | if (!$report_data['message_reported']) |
| 189 | {
|
| 190 | $sql = 'UPDATE ' . PRIVMSGS_TABLE . " |
| 191 | SET message_reported = 1 |
| 192 | WHERE msg_id = $id"; |
| 193 | $db->sql_query($sql); |
| 194 | } |
| 195 | } |
| 196 | |
| 197 | // Send Notifications
|
| 198 | // PM: Reported Post is put into all admin's boxes (not notifying about 'this' PM)
|
| 199 | // All persons get notified about a new report, if notified by PM, send out email notifications too
|
| 200 | |
| 201 | // Send notifications to moderators
|
| 202 | $acl_list = ($report_post) ? $auth->acl_get_list(false, array('m_', 'a_'), array(0, $report_data['forum_id'])) : $auth->acl_get_list(false, 'a_', 0); |
| 203 | $notify_user = ($report_post) ? $acl_list[$report_data['forum_id']]['m_'] : array(); |
| 204 | $notify_user = array_unique(array_merge($notify_user, $acl_list[0]['a_'])); |
| 205 | unset($acl_list); |
| 206 | |
| 207 | // Send reported PM to responsible persons (admins)
|
| 208 | if (!$report_post) |
| 209 | {
|
| 210 | foreach ($notify_user as $user_id) |
| 211 | {
|
| 212 | $db->sql_query('INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', array( |
| 213 | 'msg_id' => (int) $id, |
| 214 | 'user_id' => (int) $user_id, |
| 215 | 'author_id' => (int) $report_data['author_id'], |
| 216 | 'folder_id' => PRIVMSGS_NO_BOX, |
| 217 | 'new' => 1, |
| 218 | 'unread' => 1, |
| 219 | 'forwarded' => 0)) |
| 220 | ); |
| 221 | } |
| 222 | |
| 223 | // Update Status
|
| 224 | $sql = 'UPDATE ' . USERS_TABLE . ' |
| 225 | SET user_new_privmsg = user_new_privmsg + 1, user_unread_privmsg = user_unread_privmsg + 1 |
| 226 | WHERE user_id IN (' . implode(', ', $notify_user) . ')'; |
| 227 | $db->sql_query($sql); |
| 228 | } |
| 229 | |
| 230 | // How to notify them?
|
| 231 | $sql = 'SELECT user_id, username, user_options, user_lang, user_email, user_notify_type, user_jabber |
| 232 | FROM ' . USERS_TABLE . ' |
| 233 | WHERE user_id IN (' . implode(', ', $notify_user) . ')'; |
| 234 | $result = $db->sql_query($sql); |
| 235 | |
| 236 | $notify_user = array(); |
| 237 | while ($row = $db->sql_fetchrow($result)) |
| 238 | {
|
| 239 | $notify_user[$row['user_id']] = array( |
| 240 | 'name' => $row['username'], |
| 241 | 'email' => $row['user_email'], |
| 242 | 'jabber'=> $row['user_jabber'], |
| 243 | 'lang' => $row['user_lang'], |
| 244 | 'notify_type' => $row['user_notify_type'], |
| 245 | |
| 246 | 'pm' => $user->optionget('report_pm_notify', $row['user_options']) |
| 247 | ); |
| 248 | } |
| 249 | $db->sql_freeresult($result); |
| 250 | |
| 251 | $report_data = array( |
| 252 | 'id' => $id, |
| 253 | 'report_id' => $report_id, |
| 254 | 'reporter' => $user->data['username'], |
| 255 | 'reason' => $reason_desc, |
| 256 | 'text' => $report_text, |
| 257 | 'subject' => ($report_post) ? $report_data['post_subject'] : $report_data['message_subject'], |
| 258 | 'view_post' => ($report_post) ? "viewtopic.$phpEx?f={$report_data['forum_id']}&t={$report_data['topic_id']}&p=$id&e=$id" : '' |
| 259 | ); |
| 260 | |
| 261 | report_notification($notify_user, $report_post, $report_data); |
| 262 | |
| 263 | meta_refresh(3, $redirect_url); |
| 264 | |
| 265 | $message = $user->lang[(($report_post) ? 'POST' : 'MESSAGE') . '_REPORTED_SUCCESS'] . '<br /><br />' . sprintf($user->lang[(($report_post) ? 'RETURN_TOPIC' : 'RETURN_MESSAGE')], '<a href="' . $redirect_url . '">', '</a>'); |
| 266 | trigger_error($message); |
| 267 | } |
| 268 | |
| 269 | |
| 270 | // Generate the form
|
| 271 | $sql = 'SELECT * |
| 272 | FROM ' . REASONS_TABLE . ' |
| 273 | ORDER BY reason_priority ASC';
|
| 274 | $result = $db->sql_query($sql); |
| 275 | |
| 276 | while ($row = $db->sql_fetchrow($result)) |
| 277 | {
|
| 278 | $row['reason_name'] = strtoupper($row['reason_name']); |
| 279 | |
| 280 | $reason_title = (!empty($user->lang['report_reasons']['TITLE'][$row['reason_name']])) ? $user->lang['report_reasons']['TITLE'][$row['reason_name']] : ucwords(str_replace('_', ' ', $row['reason_name'])); |
| 281 | |
| 282 | $reason_desc = (!empty($user->lang['report_reasons']['DESCRIPTION'][$row['reason_name']])) ? $user->lang['report_reasons']['DESCRIPTION'][$row['reason_name']] : $row['reason_description']; |
| 283 | |
| 284 | $template->assign_block_vars('reason', array( |
| 285 | 'ID' => $row['reason_id'], |
| 286 | 'NAME' => htmlspecialchars($reason_title), |
| 287 | 'DESCRIPTION' => htmlspecialchars($reason_desc), |
| 288 | 'S_SELECTED' => ($row['reason_id'] == $reason_id) ? true : false) |
| 289 | ); |
| 290 | } |
| 291 | |
| 292 | $u_report = ($report_post) ? "p=$id" : "pm=$id"; |
| 293 | |
| 294 | $template->assign_vars(array( |
| 295 | 'REPORT_TEXT' => $report_text, |
| 296 | 'S_REPORT_ACTION' => "{$phpbb_root_path}report.$phpEx$SID&$u_report" . (($report_id) ? "&report_id=$report_id" : ''), |
| 297 | |
| 298 | 'S_NOTIFY' => (!empty($user_notify)) ? true : false, |
| 299 | 'S_CAN_NOTIFY' => ($user->data['is_registered']) ? true : false, |
| 300 | 'S_REPORT_POST' => $report_post) |
| 301 | ); |
| 302 | |
| 303 | if ($report_post) |
| 304 | {
|
| 305 | generate_forum_nav($report_data);
|
| 306 | } |
| 307 | |
| 308 | // Start output of page
|
| 309 | $page_title = ($report_post) ? $user->lang['REPORT_POST'] : $user->lang['REPORT_MESSAGE']; |
| 310 | page_header($page_title);
|
| 311 | |
| 312 | $template->set_filenames(array( |
| 313 | 'body' => 'report_body.html') |
| 314 | ); |
| 315 | |
| 316 | page_footer(); |
| 317 | |
| 318 | function report_notification($notify_user, $report_post, $report_data) |
| 319 | {
|
| 320 | global $config, $phpbb_root_path, $phpEx; |
| 321 | |
| 322 | include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); |
| 323 | include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); |
| 324 | $messenger = new messenger(); |
| 325 | |
| 326 | $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); |
| 327 | $email_template = ($report_post) ? 'new_report_post' : 'new_report_pm'; |
| 328 | $view_report_url = ($report_post) ? "mcp.$phpEx?i=queue&r=" . $report_data['report_id'] : "ucp.$phpEx?i=pm&p=" . $report_data['id'] . "&r=" . $report_data['report_id']; |
| 329 | |
| 330 | foreach ($notify_user as $user_id => $notify_row) |
| 331 | {
|
| 332 | // Send notification by email
|
| 333 | if (!$notify_row['pm']) |
| 334 | {
|
| 335 | $messenger->to($notify_row['email'], $notify_row['name']); |
| 336 | $messenger->im($notify_row['jabber'], $notify_row['name']); |
| 337 | $messenger->replyto($config['board_email']); |
| 338 | |
| 339 | $messenger->template($email_template, $notify_row['lang']); |
| 340 | |
| 341 | $messenger->assign_vars(array( |
| 342 | 'EMAIL_SIG' => $email_sig, |
| 343 | 'SITENAME' => $config['sitename'], |
| 344 | 'USERNAME' => $notify_row['name'], |
| 345 | 'SUBJECT' => $report_data['subject'], |
| 346 | 'REPORTER' => $report_data['reporter'], |
| 347 | |
| 348 | 'REPORT_REASON' => $report_data['reason'], |
| 349 | 'REPORT_TEXT' => $report_data['text'], |
| 350 | |
| 351 | 'U_VIEW_REPORT' => generate_board_url() . '/' . $view_report_url, |
| 352 | 'U_VIEW_POST' => generate_board_url() . '/' . $report_data['view_post']) |
| 353 | ); |
| 354 | |
| 355 | $messenger->send($notify_row['notify_type']); |
| 356 | $messenger->reset(); |
| 357 | |
| 358 | $messenger->save_queue();
|
| 359 | } |
| 360 | else
|
| 361 | {
|
| 362 | // Use messenger for getting the correct message, we use the email template
|
| 363 | $messenger->template($email_template, $notify_row['lang']); |
| 364 | |
| 365 | $messenger->assign_vars(array( |
| 366 | 'EMAIL_SIG' => $email_sig, |
| 367 | 'SITENAME' => $config['sitename'], |
| 368 | 'USERNAME' => $notify_row['name'], |
| 369 | 'SUBJECT' => $report_data['subject'], |
| 370 | 'REPORTER' => $report_data['reporter'], |
| 371 | |
| 372 | 'REPORT_REASON' => $report_data['reason'], |
| 373 | 'REPORT_TEXT' => $report_data['text'], |
| 374 | |
| 375 | 'U_VIEW_REPORT' => generate_board_url() . '/' . $view_report_url) |
| 376 | ); |
| 377 | |
| 378 | // break the sending process...
|
| 379 | $messenger->send(false, true); |
| 380 | $messenger->reset(); |
| 381 | |
| 382 | // do not put in reporters outbox
|
| 383 | submit_pm('post', $report_data['subject'], '', array(), array(), array( |
| 384 | 'address_list' => array('u' => array($user_id => 'to')), |
| 385 | 'from_user_id' => $user->data['user_id'], |
| 386 | 'from_user_ip' => $user->ip, |
| 387 | 'from_username' => $user->data['username'], |
| 388 | 'icon_id' => 0, |
| 389 | 'enable_bbcode' => 0, |
| 390 | 'enable_html' => 0, |
| 391 | 'enable_smilies' => 0, |
| 392 | 'enable_magic_url' => 1, |
| 393 | 'enable_sig' => 0, |
| 394 | 'message_md5' => md5($messenger->msg), |
| 395 | 'bbcode_bitfield' => 0, |
| 396 | 'bbcode_uid' => 0, |
| 397 | 'attachment_data' => array(), |
| 398 | 'filename_data' => array(), |
| 399 | 'message' => $messenger->msg |
| 400 | ), true, false); |
| 401 | } |
| 402 | } |
| 403 | unset($messenger); |
| 404 | } |
| 405 | |
| 406 | ?> |