root / trunk / phpBB / mcp.php
History | View | Annotate | Download (23.4 kB)
| 1 | <?php
|
|---|---|
| 2 | /**
|
| 3 | * |
| 4 | * @package mcp |
| 5 | * @copyright (c) 2005 phpBB Group |
| 6 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 |
| 7 | * |
| 8 | */ |
| 9 | |
| 10 | /**
|
| 11 | * @ignore |
| 12 | */ |
| 13 | define('IN_PHPBB', true); |
| 14 | $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; |
| 15 | $phpEx = substr(strrchr(__FILE__, '.'), 1); |
| 16 | include($phpbb_root_path . 'common.' . $phpEx); |
| 17 | include($phpbb_root_path . 'includes/functions_admin.' . $phpEx); |
| 18 | require($phpbb_root_path . 'includes/functions_module.' . $phpEx); |
| 19 | |
| 20 | // Start session management
|
| 21 | $user->session_begin();
|
| 22 | $auth->acl($user->data); |
| 23 | $user->setup('mcp'); |
| 24 | |
| 25 | $module = new p_master(); |
| 26 | |
| 27 | // Setting a variable to let the style designer know where he is...
|
| 28 | $template->assign_var('S_IN_MCP', true); |
| 29 | |
| 30 | // Basic parameter data
|
| 31 | $id = request_var('i', ''); |
| 32 | |
| 33 | $mode = request_var('mode', array('')); |
| 34 | $mode = sizeof($mode) ? array_shift($mode) : request_var('mode', ''); |
| 35 | |
| 36 | // Only Moderators can go beyond this point
|
| 37 | if (!$user->data['is_registered']) |
| 38 | {
|
| 39 | if ($user->data['is_bot']) |
| 40 | {
|
| 41 | redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
|
| 42 | } |
| 43 | |
| 44 | login_box('', $user->lang['LOGIN_EXPLAIN_MCP']); |
| 45 | } |
| 46 | |
| 47 | $quickmod = (isset($_REQUEST['quickmod'])) ? true : false; |
| 48 | $action = request_var('action', ''); |
| 49 | $action_ary = request_var('action', array('' => 0)); |
| 50 | |
| 51 | $forum_action = request_var('forum_action', ''); |
| 52 | if ($forum_action !== '' && $request->variable('sort', false, false, phpbb_request_interface::POST)) |
| 53 | {
|
| 54 | $action = $forum_action; |
| 55 | } |
| 56 | |
| 57 | if (sizeof($action_ary)) |
| 58 | {
|
| 59 | list($action, ) = each($action_ary); |
| 60 | } |
| 61 | unset($action_ary); |
| 62 | |
| 63 | if ($mode == 'topic_logs') |
| 64 | {
|
| 65 | $id = 'logs'; |
| 66 | $quickmod = false; |
| 67 | } |
| 68 | |
| 69 | $post_id = request_var('p', 0); |
| 70 | $topic_id = request_var('t', 0); |
| 71 | $forum_id = request_var('f', 0); |
| 72 | $report_id = request_var('r', 0); |
| 73 | $user_id = request_var('u', 0); |
| 74 | $username = utf8_normalize_nfc(request_var('username', '', true)); |
| 75 | |
| 76 | if ($post_id) |
| 77 | {
|
| 78 | // We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
|
| 79 | $sql = 'SELECT topic_id, forum_id |
| 80 | FROM ' . POSTS_TABLE . " |
| 81 | WHERE post_id = $post_id"; |
| 82 | $result = $db->sql_query($sql); |
| 83 | $row = $db->sql_fetchrow($result); |
| 84 | $db->sql_freeresult($result); |
| 85 | |
| 86 | $topic_id = (int) $row['topic_id']; |
| 87 | $forum_id = (int) $row['forum_id']; |
| 88 | } |
| 89 | else if ($topic_id) |
| 90 | {
|
| 91 | $sql = 'SELECT forum_id |
| 92 | FROM ' . TOPICS_TABLE . " |
| 93 | WHERE topic_id = $topic_id"; |
| 94 | $result = $db->sql_query($sql); |
| 95 | $row = $db->sql_fetchrow($result); |
| 96 | $db->sql_freeresult($result); |
| 97 | |
| 98 | $forum_id = (int) $row['forum_id']; |
| 99 | } |
| 100 | |
| 101 | // If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
|
| 102 | if (!$auth->acl_getf_global('m_')) |
| 103 | {
|
| 104 | // Except he is using one of the quickmod tools for users
|
| 105 | $user_quickmod_actions = array( |
| 106 | 'lock' => 'f_user_lock', |
| 107 | 'make_sticky' => 'f_sticky', |
| 108 | 'make_announce' => 'f_announce', |
| 109 | 'make_global' => 'f_announce', |
| 110 | 'make_normal' => array('f_announce', 'f_sticky') |
| 111 | ); |
| 112 | |
| 113 | $allow_user = false; |
| 114 | if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id)) |
| 115 | {
|
| 116 | $topic_info = get_topic_data(array($topic_id)); |
| 117 | if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id']) |
| 118 | {
|
| 119 | $allow_user = true; |
| 120 | } |
| 121 | } |
| 122 | |
| 123 | if (!$allow_user) |
| 124 | {
|
| 125 | trigger_error('NOT_AUTHORISED'); |
| 126 | } |
| 127 | } |
| 128 | |
| 129 | // if the user cannot read the forum he tries to access then we won't allow mcp access either
|
| 130 | if ($forum_id && !$auth->acl_get('f_read', $forum_id)) |
| 131 | {
|
| 132 | trigger_error('NOT_AUTHORISED'); |
| 133 | } |
| 134 | |
| 135 | if ($forum_id) |
| 136 | {
|
| 137 | $module->acl_forum_id = $forum_id; |
| 138 | } |
| 139 | |
| 140 | // Instantiate module system and generate list of available modules
|
| 141 | $module->list_modules('mcp'); |
| 142 | |
| 143 | if ($quickmod) |
| 144 | {
|
| 145 | $mode = 'quickmod'; |
| 146 | |
| 147 | switch ($action) |
| 148 | {
|
| 149 | case 'lock': |
| 150 | case 'unlock': |
| 151 | case 'lock_post': |
| 152 | case 'unlock_post': |
| 153 | case 'make_sticky': |
| 154 | case 'make_announce': |
| 155 | case 'make_global': |
| 156 | case 'make_normal': |
| 157 | case 'fork': |
| 158 | case 'move': |
| 159 | case 'delete_post': |
| 160 | case 'delete_topic': |
| 161 | $module->load('mcp', 'main', 'quickmod'); |
| 162 | return;
|
| 163 | break;
|
| 164 | |
| 165 | case 'topic_logs': |
| 166 | // Reset start parameter if we jumped from the quickmod dropdown
|
| 167 | if (request_var('start', 0)) |
| 168 | {
|
| 169 | $request->overwrite('start', 0); |
| 170 | } |
| 171 | |
| 172 | $module->set_active('logs', 'topic_logs'); |
| 173 | break;
|
| 174 | |
| 175 | case 'merge_topic': |
| 176 | $module->set_active('main', 'forum_view'); |
| 177 | break;
|
| 178 | |
| 179 | case 'split': |
| 180 | case 'merge': |
| 181 | $module->set_active('main', 'topic_view'); |
| 182 | break;
|
| 183 | |
| 184 | default:
|
| 185 | trigger_error("$action not allowed as quickmod", E_USER_ERROR); |
| 186 | break;
|
| 187 | } |
| 188 | } |
| 189 | else
|
| 190 | {
|
| 191 | // Select the active module
|
| 192 | $module->set_active($id, $mode); |
| 193 | } |
| 194 | |
| 195 | // Hide some of the options if we don't have the relevant information to use them
|
| 196 | if (!$post_id) |
| 197 | {
|
| 198 | $module->set_display('main', 'post_details', false); |
| 199 | $module->set_display('warn', 'warn_post', false); |
| 200 | } |
| 201 | |
| 202 | if ($mode == '' || $mode == 'unapproved_topics' || $mode == 'unapproved_posts') |
| 203 | {
|
| 204 | $module->set_display('queue', 'approve_details', false); |
| 205 | } |
| 206 | |
| 207 | if ($mode == '' || $mode == 'reports' || $mode == 'reports_closed' || $mode == 'pm_reports' || $mode == 'pm_reports_closed' || $mode == 'pm_report_details') |
| 208 | {
|
| 209 | $module->set_display('reports', 'report_details', false); |
| 210 | } |
| 211 | |
| 212 | if ($mode == '' || $mode == 'reports' || $mode == 'reports_closed' || $mode == 'pm_reports' || $mode == 'pm_reports_closed' || $mode == 'report_details') |
| 213 | {
|
| 214 | $module->set_display('pm_reports', 'pm_report_details', false); |
| 215 | } |
| 216 | |
| 217 | if (!$topic_id) |
| 218 | {
|
| 219 | $module->set_display('main', 'topic_view', false); |
| 220 | $module->set_display('logs', 'topic_logs', false); |
| 221 | } |
| 222 | |
| 223 | if (!$forum_id) |
| 224 | {
|
| 225 | $module->set_display('main', 'forum_view', false); |
| 226 | $module->set_display('logs', 'forum_logs', false); |
| 227 | } |
| 228 | |
| 229 | if (!$user_id && $username == '') |
| 230 | {
|
| 231 | $module->set_display('notes', 'user_notes', false); |
| 232 | $module->set_display('warn', 'warn_user', false); |
| 233 | } |
| 234 | |
| 235 | // Load and execute the relevant module
|
| 236 | $module->load_active();
|
| 237 | |
| 238 | // Assign data to the template engine for the list of modules
|
| 239 | $module->assign_tpl_vars(append_sid("{$phpbb_root_path}mcp.$phpEx")); |
| 240 | |
| 241 | // Generate urls for letting the moderation control panel being accessed in different modes
|
| 242 | $template->assign_vars(array( |
| 243 | 'U_MCP' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main'), |
| 244 | 'U_MCP_FORUM' => ($forum_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&mode=forum_view&f=$forum_id") : '', |
| 245 | 'U_MCP_TOPIC' => ($forum_id && $topic_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&mode=topic_view&t=$topic_id") : '', |
| 246 | 'U_MCP_POST' => ($forum_id && $topic_id && $post_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&mode=post_details&t=$topic_id&p=$post_id") : '', |
| 247 | )); |
| 248 | |
| 249 | // Generate the page, do not display/query online list
|
| 250 | $module->display($module->get_page_title(), false); |
| 251 | |
| 252 | /**
|
| 253 | * Functions used to generate additional URL paramters |
| 254 | */ |
| 255 | function _module__url($mode, &$module_row) |
| 256 | {
|
| 257 | return extra_url();
|
| 258 | } |
| 259 | |
| 260 | function _module_notes_url($mode, &$module_row) |
| 261 | {
|
| 262 | if ($mode == 'front') |
| 263 | {
|
| 264 | return ''; |
| 265 | } |
| 266 | |
| 267 | global $user_id; |
| 268 | return ($user_id) ? "&u=$user_id" : ''; |
| 269 | } |
| 270 | |
| 271 | function _module_warn_url($mode, &$module_row) |
| 272 | {
|
| 273 | if ($mode == 'front' || $mode == 'list') |
| 274 | {
|
| 275 | global $forum_id; |
| 276 | |
| 277 | return ($forum_id) ? "&f=$forum_id" : ''; |
| 278 | } |
| 279 | |
| 280 | if ($mode == 'warn_post') |
| 281 | {
|
| 282 | global $forum_id, $post_id; |
| 283 | |
| 284 | $url_extra = ($forum_id) ? "&f=$forum_id" : ''; |
| 285 | $url_extra .= ($post_id) ? "&p=$post_id" : ''; |
| 286 | |
| 287 | return $url_extra; |
| 288 | } |
| 289 | else
|
| 290 | {
|
| 291 | global $user_id; |
| 292 | |
| 293 | return ($user_id) ? "&u=$user_id" : ''; |
| 294 | } |
| 295 | } |
| 296 | |
| 297 | function _module_main_url($mode, &$module_row) |
| 298 | {
|
| 299 | return extra_url();
|
| 300 | } |
| 301 | |
| 302 | function _module_logs_url($mode, &$module_row) |
| 303 | {
|
| 304 | return extra_url();
|
| 305 | } |
| 306 | |
| 307 | function _module_ban_url($mode, &$module_row) |
| 308 | {
|
| 309 | return extra_url();
|
| 310 | } |
| 311 | |
| 312 | function _module_queue_url($mode, &$module_row) |
| 313 | {
|
| 314 | return extra_url();
|
| 315 | } |
| 316 | |
| 317 | function _module_reports_url($mode, &$module_row) |
| 318 | {
|
| 319 | return extra_url();
|
| 320 | } |
| 321 | |
| 322 | function extra_url() |
| 323 | {
|
| 324 | global $forum_id, $topic_id, $post_id, $report_id, $user_id; |
| 325 | |
| 326 | $url_extra = ''; |
| 327 | $url_extra .= ($forum_id) ? "&f=$forum_id" : ''; |
| 328 | $url_extra .= ($topic_id) ? "&t=$topic_id" : ''; |
| 329 | $url_extra .= ($post_id) ? "&p=$post_id" : ''; |
| 330 | $url_extra .= ($user_id) ? "&u=$user_id" : ''; |
| 331 | $url_extra .= ($report_id) ? "&r=$report_id" : ''; |
| 332 | |
| 333 | return $url_extra; |
| 334 | } |
| 335 | |
| 336 | /**
|
| 337 | * Get simple topic data |
| 338 | */ |
| 339 | function get_topic_data($topic_ids, $acl_list = false, $read_tracking = false) |
| 340 | {
|
| 341 | global $auth, $db, $config, $user; |
| 342 | static $rowset = array(); |
| 343 | |
| 344 | $topics = array(); |
| 345 | |
| 346 | if (!sizeof($topic_ids)) |
| 347 | {
|
| 348 | return array(); |
| 349 | } |
| 350 | |
| 351 | // cache might not contain read tracking info, so we can't use it if read
|
| 352 | // tracking information is requested
|
| 353 | if (!$read_tracking) |
| 354 | {
|
| 355 | $cache_topic_ids = array_intersect($topic_ids, array_keys($rowset)); |
| 356 | $topic_ids = array_diff($topic_ids, array_keys($rowset)); |
| 357 | } |
| 358 | else
|
| 359 | {
|
| 360 | $cache_topic_ids = array(); |
| 361 | } |
| 362 | |
| 363 | if (sizeof($topic_ids)) |
| 364 | {
|
| 365 | $sql_array = array( |
| 366 | 'SELECT' => 't.*, f.*', |
| 367 | |
| 368 | 'FROM' => array( |
| 369 | TOPICS_TABLE => 't', |
| 370 | ), |
| 371 | |
| 372 | 'LEFT_JOIN' => array( |
| 373 | array(
|
| 374 | 'FROM' => array(FORUMS_TABLE => 'f'), |
| 375 | 'ON' => 'f.forum_id = t.forum_id' |
| 376 | ) |
| 377 | ), |
| 378 | |
| 379 | 'WHERE' => $db->sql_in_set('t.topic_id', $topic_ids) |
| 380 | ); |
| 381 | |
| 382 | if ($read_tracking && $config['load_db_lastread']) |
| 383 | {
|
| 384 | $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time'; |
| 385 | |
| 386 | $sql_array['LEFT_JOIN'][] = array( |
| 387 | 'FROM' => array(TOPICS_TRACK_TABLE => 'tt'), |
| 388 | 'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id' |
| 389 | ); |
| 390 | |
| 391 | $sql_array['LEFT_JOIN'][] = array( |
| 392 | 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'), |
| 393 | 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id' |
| 394 | ); |
| 395 | } |
| 396 | |
| 397 | $sql = $db->sql_build_query('SELECT', $sql_array); |
| 398 | $result = $db->sql_query($sql); |
| 399 | |
| 400 | while ($row = $db->sql_fetchrow($result)) |
| 401 | {
|
| 402 | $rowset[$row['topic_id']] = $row; |
| 403 | |
| 404 | if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id'])) |
| 405 | {
|
| 406 | continue;
|
| 407 | } |
| 408 | |
| 409 | $topics[$row['topic_id']] = $row; |
| 410 | } |
| 411 | $db->sql_freeresult($result); |
| 412 | } |
| 413 | |
| 414 | foreach ($cache_topic_ids as $id) |
| 415 | {
|
| 416 | if (!$acl_list || $auth->acl_gets($acl_list, $rowset[$id]['forum_id'])) |
| 417 | {
|
| 418 | $topics[$id] = $rowset[$id]; |
| 419 | } |
| 420 | } |
| 421 | |
| 422 | return $topics; |
| 423 | } |
| 424 | |
| 425 | /**
|
| 426 | * Get simple post data |
| 427 | */ |
| 428 | function get_post_data($post_ids, $acl_list = false, $read_tracking = false) |
| 429 | {
|
| 430 | global $db, $auth, $config, $user; |
| 431 | |
| 432 | $rowset = array(); |
| 433 | |
| 434 | if (!sizeof($post_ids)) |
| 435 | {
|
| 436 | return array(); |
| 437 | } |
| 438 | |
| 439 | $sql_array = array( |
| 440 | 'SELECT' => 'p.*, u.*, t.*, f.*', |
| 441 | |
| 442 | 'FROM' => array( |
| 443 | USERS_TABLE => 'u', |
| 444 | POSTS_TABLE => 'p', |
| 445 | TOPICS_TABLE => 't', |
| 446 | ), |
| 447 | |
| 448 | 'LEFT_JOIN' => array( |
| 449 | array(
|
| 450 | 'FROM' => array(FORUMS_TABLE => 'f'), |
| 451 | 'ON' => 'f.forum_id = t.forum_id' |
| 452 | ) |
| 453 | ), |
| 454 | |
| 455 | 'WHERE' => $db->sql_in_set('p.post_id', $post_ids) . ' |
| 456 | AND u.user_id = p.poster_id |
| 457 | AND t.topic_id = p.topic_id',
|
| 458 | ); |
| 459 | |
| 460 | if ($read_tracking && $config['load_db_lastread']) |
| 461 | {
|
| 462 | $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time'; |
| 463 | |
| 464 | $sql_array['LEFT_JOIN'][] = array( |
| 465 | 'FROM' => array(TOPICS_TRACK_TABLE => 'tt'), |
| 466 | 'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id' |
| 467 | ); |
| 468 | |
| 469 | $sql_array['LEFT_JOIN'][] = array( |
| 470 | 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'), |
| 471 | 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id' |
| 472 | ); |
| 473 | } |
| 474 | |
| 475 | $sql = $db->sql_build_query('SELECT', $sql_array); |
| 476 | $result = $db->sql_query($sql); |
| 477 | unset($sql_array); |
| 478 | |
| 479 | while ($row = $db->sql_fetchrow($result)) |
| 480 | {
|
| 481 | if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id'])) |
| 482 | {
|
| 483 | continue;
|
| 484 | } |
| 485 | |
| 486 | if (!$row['post_approved'] && !$auth->acl_get('m_approve', $row['forum_id'])) |
| 487 | {
|
| 488 | // Moderators without the permission to approve post should at least not see them. ;)
|
| 489 | continue;
|
| 490 | } |
| 491 | |
| 492 | $rowset[$row['post_id']] = $row; |
| 493 | } |
| 494 | $db->sql_freeresult($result); |
| 495 | |
| 496 | return $rowset; |
| 497 | } |
| 498 | |
| 499 | /**
|
| 500 | * Get simple forum data |
| 501 | */ |
| 502 | function get_forum_data($forum_id, $acl_list = 'f_list', $read_tracking = false) |
| 503 | {
|
| 504 | global $auth, $db, $user, $config; |
| 505 | |
| 506 | $rowset = array(); |
| 507 | |
| 508 | if (!is_array($forum_id)) |
| 509 | {
|
| 510 | $forum_id = array($forum_id); |
| 511 | } |
| 512 | |
| 513 | if (!sizeof($forum_id)) |
| 514 | {
|
| 515 | return array(); |
| 516 | } |
| 517 | |
| 518 | if ($read_tracking && $config['load_db_lastread']) |
| 519 | {
|
| 520 | $read_tracking_join = ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . ' |
| 521 | AND ft.forum_id = f.forum_id)';
|
| 522 | $read_tracking_select = ', ft.mark_time'; |
| 523 | } |
| 524 | else
|
| 525 | {
|
| 526 | $read_tracking_join = $read_tracking_select = ''; |
| 527 | } |
| 528 | |
| 529 | $sql = "SELECT f.* $read_tracking_select |
| 530 | FROM " . FORUMS_TABLE . " f$read_tracking_join |
| 531 | WHERE " . $db->sql_in_set('f.forum_id', $forum_id); |
| 532 | $result = $db->sql_query($sql); |
| 533 | |
| 534 | while ($row = $db->sql_fetchrow($result)) |
| 535 | {
|
| 536 | if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id'])) |
| 537 | {
|
| 538 | continue;
|
| 539 | } |
| 540 | |
| 541 | if ($auth->acl_get('m_approve', $row['forum_id'])) |
| 542 | {
|
| 543 | $row['forum_topics'] = $row['forum_topics_real']; |
| 544 | } |
| 545 | |
| 546 | $rowset[$row['forum_id']] = $row; |
| 547 | } |
| 548 | $db->sql_freeresult($result); |
| 549 | |
| 550 | return $rowset; |
| 551 | } |
| 552 | |
| 553 | /**
|
| 554 | * Get simple pm data |
| 555 | */ |
| 556 | function get_pm_data($pm_ids) |
| 557 | {
|
| 558 | global $db, $auth, $config, $user; |
| 559 | |
| 560 | $rowset = array(); |
| 561 | |
| 562 | if (!sizeof($pm_ids)) |
| 563 | {
|
| 564 | return array(); |
| 565 | } |
| 566 | |
| 567 | $sql_array = array( |
| 568 | 'SELECT' => 'p.*, u.*', |
| 569 | |
| 570 | 'FROM' => array( |
| 571 | USERS_TABLE => 'u', |
| 572 | PRIVMSGS_TABLE => 'p', |
| 573 | ), |
| 574 | |
| 575 | 'WHERE' => $db->sql_in_set('p.msg_id', $pm_ids) . ' |
| 576 | AND u.user_id = p.author_id',
|
| 577 | ); |
| 578 | |
| 579 | $sql = $db->sql_build_query('SELECT', $sql_array); |
| 580 | $result = $db->sql_query($sql); |
| 581 | unset($sql_array); |
| 582 | |
| 583 | while ($row = $db->sql_fetchrow($result)) |
| 584 | {
|
| 585 | $rowset[$row['msg_id']] = $row; |
| 586 | } |
| 587 | $db->sql_freeresult($result); |
| 588 | |
| 589 | return $rowset; |
| 590 | } |
| 591 | |
| 592 | /**
|
| 593 | * sorting in mcp |
| 594 | * |
| 595 | * @param string $where_sql should either be WHERE (default if ommited) or end with AND or OR |
| 596 | * |
| 597 | * $mode reports and reports_closed: the $where parameters uses aliases p for posts table and r for report table |
| 598 | * $mode unapproved_posts: the $where parameters uses aliases p for posts table and t for topic table |
| 599 | */ |
| 600 | function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE') |
| 601 | {
|
| 602 | global $db, $user, $auth, $template; |
| 603 | |
| 604 | $sort_days = request_var('st', 0); |
| 605 | $min_time = ($sort_days) ? time() - ($sort_days * 86400) : 0; |
| 606 | |
| 607 | switch ($mode) |
| 608 | {
|
| 609 | case 'viewforum': |
| 610 | $type = 'topics'; |
| 611 | $default_key = 't'; |
| 612 | $default_dir = 'd'; |
| 613 | |
| 614 | $sql = 'SELECT COUNT(topic_id) AS total |
| 615 | FROM ' . TOPICS_TABLE . " |
| 616 | $where_sql forum_id = $forum_id |
| 617 | AND topic_type NOT IN (" . POST_ANNOUNCE . ', ' . POST_GLOBAL . ") |
| 618 | AND topic_last_post_time >= $min_time"; |
| 619 | |
| 620 | if (!$auth->acl_get('m_approve', $forum_id)) |
| 621 | {
|
| 622 | $sql .= 'AND topic_approved = 1'; |
| 623 | } |
| 624 | break;
|
| 625 | |
| 626 | case 'viewtopic': |
| 627 | $type = 'posts'; |
| 628 | $default_key = 't'; |
| 629 | $default_dir = 'a'; |
| 630 | |
| 631 | $sql = 'SELECT COUNT(post_id) AS total |
| 632 | FROM ' . POSTS_TABLE . " |
| 633 | $where_sql topic_id = $topic_id |
| 634 | AND post_time >= $min_time"; |
| 635 | |
| 636 | if (!$auth->acl_get('m_approve', $forum_id)) |
| 637 | {
|
| 638 | $sql .= 'AND post_approved = 1'; |
| 639 | } |
| 640 | break;
|
| 641 | |
| 642 | case 'unapproved_posts': |
| 643 | $type = 'posts'; |
| 644 | $default_key = 't'; |
| 645 | $default_dir = 'd'; |
| 646 | $where_sql .= ($topic_id) ? ' p.topic_id = ' . $topic_id . ' AND' : ''; |
| 647 | |
| 648 | $sql = 'SELECT COUNT(p.post_id) AS total |
| 649 | FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t |
| 650 | $where_sql " . $db->sql_in_set('p.forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . ' |
| 651 | AND p.post_approved = 0 |
| 652 | AND t.topic_id = p.topic_id |
| 653 | AND t.topic_first_post_id <> p.post_id';
|
| 654 | |
| 655 | if ($min_time) |
| 656 | {
|
| 657 | $sql .= ' AND post_time >= ' . $min_time; |
| 658 | } |
| 659 | break;
|
| 660 | |
| 661 | case 'unapproved_topics': |
| 662 | $type = 'topics'; |
| 663 | $default_key = 't'; |
| 664 | $default_dir = 'd'; |
| 665 | |
| 666 | $sql = 'SELECT COUNT(topic_id) AS total |
| 667 | FROM ' . TOPICS_TABLE . " |
| 668 | $where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . ' |
| 669 | AND topic_approved = 0';
|
| 670 | |
| 671 | if ($min_time) |
| 672 | {
|
| 673 | $sql .= ' AND topic_time >= ' . $min_time; |
| 674 | } |
| 675 | break;
|
| 676 | |
| 677 | case 'pm_reports': |
| 678 | case 'pm_reports_closed': |
| 679 | case 'reports': |
| 680 | case 'reports_closed': |
| 681 | $pm = (strpos($mode, 'pm_') === 0) ? true : false; |
| 682 | |
| 683 | $type = ($pm) ? 'pm_reports' : 'reports'; |
| 684 | $default_key = 't'; |
| 685 | $default_dir = 'd'; |
| 686 | $limit_time_sql = ($min_time) ? "AND r.report_time >= $min_time" : ''; |
| 687 | |
| 688 | if ($topic_id) |
| 689 | {
|
| 690 | $where_sql .= ' p.topic_id = ' . $topic_id . ' AND '; |
| 691 | } |
| 692 | else if ($forum_id) |
| 693 | {
|
| 694 | $where_sql .= ' p.forum_id = ' . $forum_id . ' AND '; |
| 695 | } |
| 696 | else if (!$pm) |
| 697 | {
|
| 698 | $where_sql .= ' ' . $db->sql_in_set('p.forum_id', get_forum_list(array('!f_read', '!m_report')), true, true) . ' AND '; |
| 699 | } |
| 700 | |
| 701 | if ($mode == 'reports' || $mode == 'pm_reports') |
| 702 | {
|
| 703 | $where_sql .= ' r.report_closed = 0 AND '; |
| 704 | } |
| 705 | else
|
| 706 | {
|
| 707 | $where_sql .= ' r.report_closed = 1 AND '; |
| 708 | } |
| 709 | |
| 710 | if ($pm) |
| 711 | {
|
| 712 | $sql = 'SELECT COUNT(r.report_id) AS total |
| 713 | FROM ' . REPORTS_TABLE . ' r, ' . PRIVMSGS_TABLE . " p |
| 714 | $where_sql r.post_id = 0 |
| 715 | AND p.msg_id = r.pm_id |
| 716 | $limit_time_sql"; |
| 717 | } |
| 718 | else
|
| 719 | {
|
| 720 | $sql = 'SELECT COUNT(r.report_id) AS total |
| 721 | FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . " p |
| 722 | $where_sql r.pm_id = 0 |
| 723 | AND p.post_id = r.post_id |
| 724 | $limit_time_sql"; |
| 725 | } |
| 726 | break;
|
| 727 | |
| 728 | case 'viewlogs': |
| 729 | $type = 'logs'; |
| 730 | $default_key = 't'; |
| 731 | $default_dir = 'd'; |
| 732 | |
| 733 | $sql = 'SELECT COUNT(log_id) AS total |
| 734 | FROM ' . LOG_TABLE . " |
| 735 | $where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_'))) . ' |
| 736 | AND log_time >= ' . $min_time . ' |
| 737 | AND log_type = ' . LOG_MOD; |
| 738 | break;
|
| 739 | } |
| 740 | |
| 741 | $sort_key = request_var('sk', $default_key); |
| 742 | $sort_dir = request_var('sd', $default_dir); |
| 743 | $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); |
| 744 | |
| 745 | switch ($type) |
| 746 | {
|
| 747 | case 'topics': |
| 748 | $limit_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); |
| 749 | $sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'tt' => $user->lang['TOPIC_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']); |
| 750 | |
| 751 | $sort_by_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'tt' => 't.topic_time', 'r' => (($auth->acl_get('m_approve', $forum_id)) ? 't.topic_replies_real' : 't.topic_replies'), 's' => 't.topic_title', 'v' => 't.topic_views'); |
| 752 | $limit_time_sql = ($min_time) ? "AND t.topic_last_post_time >= $min_time" : ''; |
| 753 | break;
|
| 754 | |
| 755 | case 'posts': |
| 756 | $limit_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); |
| 757 | $sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); |
| 758 | $sort_by_sql = array('a' => 'u.username_clean', 't' => 'p.post_time', 's' => 'p.post_subject'); |
| 759 | $limit_time_sql = ($min_time) ? "AND p.post_time >= $min_time" : ''; |
| 760 | break;
|
| 761 | |
| 762 | case 'reports': |
| 763 | $limit_days = array(0 => $user->lang['ALL_REPORTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); |
| 764 | $sort_by_text = array('a' => $user->lang['AUTHOR'], 'r' => $user->lang['REPORTER'], 'p' => $user->lang['POST_TIME'], 't' => $user->lang['REPORT_TIME'], 's' => $user->lang['SUBJECT']); |
| 765 | $sort_by_sql = array('a' => 'u.username_clean', 'r' => 'ru.username', 'p' => 'p.post_time', 't' => 'r.report_time', 's' => 'p.post_subject'); |
| 766 | break;
|
| 767 | |
| 768 | case 'pm_reports': |
| 769 | $limit_days = array(0 => $user->lang['ALL_REPORTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); |
| 770 | $sort_by_text = array('a' => $user->lang['AUTHOR'], 'r' => $user->lang['REPORTER'], 'p' => $user->lang['POST_TIME'], 't' => $user->lang['REPORT_TIME'], 's' => $user->lang['SUBJECT']); |
| 771 | $sort_by_sql = array('a' => 'u.username_clean', 'r' => 'ru.username', 'p' => 'p.message_time', 't' => 'r.report_time', 's' => 'p.message_subject'); |
| 772 | break;
|
| 773 | |
| 774 | case 'logs': |
| 775 | $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); |
| 776 | $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']); |
| 777 | |
| 778 | $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation'); |
| 779 | $limit_time_sql = ($min_time) ? "AND l.log_time >= $min_time" : ''; |
| 780 | break;
|
| 781 | } |
| 782 | |
| 783 | if (!isset($sort_by_sql[$sort_key])) |
| 784 | {
|
| 785 | $sort_key = $default_key; |
| 786 | } |
| 787 | |
| 788 | $sort_order_sql = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC'); |
| 789 | |
| 790 | $s_limit_days = $s_sort_key = $s_sort_dir = $sort_url = ''; |
| 791 | gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $sort_url); |
| 792 | |
| 793 | $template->assign_vars(array( |
| 794 | 'S_SELECT_SORT_DIR' => $s_sort_dir, |
| 795 | 'S_SELECT_SORT_KEY' => $s_sort_key, |
| 796 | 'S_SELECT_SORT_DAYS' => $s_limit_days) |
| 797 | ); |
| 798 | |
| 799 | if (($sort_days && $mode != 'viewlogs') || in_array($mode, array('reports', 'unapproved_topics', 'unapproved_posts')) || $where_sql != 'WHERE') |
| 800 | {
|
| 801 | $result = $db->sql_query($sql); |
| 802 | $total = (int) $db->sql_fetchfield('total'); |
| 803 | $db->sql_freeresult($result); |
| 804 | } |
| 805 | else
|
| 806 | {
|
| 807 | $total = -1; |
| 808 | } |
| 809 | } |
| 810 | |
| 811 | /**
|
| 812 | * Validate ids |
| 813 | * |
| 814 | * @param array &$ids The relevant ids to check |
| 815 | * @param string $table The table to find the ids in |
| 816 | * @param string $sql_id The ids relevant column name |
| 817 | * @param array $acl_list A list of permissions the user need to have |
| 818 | * @param mixed $singe_forum Limit to one forum id (int) or the first forum found (true) |
| 819 | * |
| 820 | * @return mixed False if no ids were able to be retrieved, true if at least one id left. |
| 821 | * Additionally, this value can be the forum_id assigned if $single_forum was set. |
| 822 | * Therefore checking the result for with !== false is the best method. |
| 823 | */ |
| 824 | function check_ids(&$ids, $table, $sql_id, $acl_list = false, $single_forum = false) |
| 825 | {
|
| 826 | global $db, $auth; |
| 827 | |
| 828 | if (!is_array($ids) || empty($ids)) |
| 829 | {
|
| 830 | return false; |
| 831 | } |
| 832 | |
| 833 | $sql = "SELECT $sql_id, forum_id FROM $table |
| 834 | WHERE " . $db->sql_in_set($sql_id, $ids); |
| 835 | $result = $db->sql_query($sql); |
| 836 | |
| 837 | $ids = array(); |
| 838 | $forum_id = false; |
| 839 | |
| 840 | while ($row = $db->sql_fetchrow($result)) |
| 841 | {
|
| 842 | if ($acl_list && $row['forum_id'] && !$auth->acl_gets($acl_list, $row['forum_id'])) |
| 843 | {
|
| 844 | continue;
|
| 845 | } |
| 846 | |
| 847 | if ($acl_list && !$row['forum_id'] && !$auth->acl_getf_global($acl_list)) |
| 848 | {
|
| 849 | continue;
|
| 850 | } |
| 851 | |
| 852 | // Limit forum? If not, just assign the id.
|
| 853 | if ($single_forum === false) |
| 854 | {
|
| 855 | $ids[] = $row[$sql_id]; |
| 856 | continue;
|
| 857 | } |
| 858 | |
| 859 | // Limit forum to a specific forum id?
|
| 860 | // This can get really tricky, because we do not want to create a failure on global topics. :)
|
| 861 | if ($row['forum_id']) |
| 862 | {
|
| 863 | if ($single_forum !== true && $row['forum_id'] == (int) $single_forum) |
| 864 | {
|
| 865 | $forum_id = (int) $single_forum; |
| 866 | } |
| 867 | else if ($forum_id === false) |
| 868 | {
|
| 869 | $forum_id = $row['forum_id']; |
| 870 | } |
| 871 | |
| 872 | if ($row['forum_id'] == $forum_id) |
| 873 | {
|
| 874 | $ids[] = $row[$sql_id]; |
| 875 | } |
| 876 | } |
| 877 | else
|
| 878 | {
|
| 879 | // Always add a global topic
|
| 880 | $ids[] = $row[$sql_id]; |
| 881 | } |
| 882 | } |
| 883 | $db->sql_freeresult($result); |
| 884 | |
| 885 | if (!sizeof($ids)) |
| 886 | {
|
| 887 | return false; |
| 888 | } |
| 889 | |
| 890 | // If forum id is false and ids populated we may have only global announcements selected (returning 0 because of (int) $forum_id)
|
| 891 | |
| 892 | return ($single_forum === false) ? true : (int) $forum_id; |
| 893 | } |