Viewing file:  moderation.php (28.77 KB) -rw-rw-r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/**
*
* @author Robert Johnston
*
* @package Forum Runner
* @version CVS/SVN: $Id$
* @copyright (c) 2010 End of Time Studios, LLC
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
chdir(MCWD);
chdir('../');
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
fr_set_debug();
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('mcp');
$user->page['root_script_path'] = str_replace('/forumrunner', '', $user->page['root_script_path']);
function
do_moderation ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
$module = new p_master();
// Setting a variable to let the style designer know where he is...
$template->assign_var('S_IN_MCP', true);
// Basic parameter data
$id = request_var('i', '');
if (isset($_REQUEST['mode']) && is_array($_REQUEST['mode']))
{
$mode = request_var('mode', array(''));
list($mode, ) = each($mode);
}
else
{
$mode = request_var('mode', '');
}
// Only Moderators can go beyond this point
if (!$user->data['is_registered'])
{
trigger_error('NOT_AUTHORISED');
}
$quockmod = true;
$action = request_var('do', '');
$action_ary = request_var('do', array('' => 0));
$forum_action = request_var('forum_action', '');
if ($forum_action !== '' && !empty($_POST['sort']))
{
$action = $forum_action;
}
if (sizeof($action_ary))
{
list($action, ) = each($action_ary);
}
unset($action_ary);
$post_id = request_var('postid', 0);
$topic_id = request_var('threadid', 0);
$report_id = request_var('r', 0);
$user_id = request_var('u', 0);
$username = utf8_normalize_nfc(request_var('username', '', true));
if ($post_id)
{
// We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
$sql = 'SELECT topic_id, forum_id
FROM ' . POSTS_TABLE . "
WHERE post_id = $post_id";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$topic_id = (int) $row['topic_id'];
$forum_id = (int) ($row['forum_id']) ? $row['forum_id'] : $forum_id;
}
else if ($topic_id)
{
$sql = 'SELECT forum_id
FROM ' . TOPICS_TABLE . "
WHERE topic_id = $topic_id";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$forum_id = (int) $row['forum_id'];
}
// If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
if (!$auth->acl_getf_global('m_'))
{
// Except he is using one of the quickmod tools for users
$user_quickmod_actions = array(
'lock' => 'f_user_lock',
'make_sticky' => 'f_sticky',
'make_announce' => 'f_announce',
'make_global' => 'f_announce',
'make_normal' => array('f_announce', 'f_sticky')
);
$allow_user = false;
if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
{
$topic_info = get_topic_data(array($topic_id));
if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id'])
{
$allow_user = true;
}
}
if (!$allow_user)
{
trigger_error('NOT_AUTHORISED');
}
}
// if the user cannot read the forum he tries to access then we won't allow mcp access either
if ($forum_id && !$auth->acl_get('f_read', $forum_id))
{
trigger_error('NOT_AUTHORISED');
}
if ($forum_id)
{
$module->acl_forum_id = $forum_id;
}
// Instantiate module system and generate list of available modules
$module->list_modules('mcp');
// Open/Close Thread
if ($action == 'lock' || $action == 'unlock') {
$ids = array(request_var('threadid', 0));
$table = TOPICS_TABLE;
$sql_id = 'topic_id';
$set_id = 'topic_status';
$l_prefix = 'TOPIC';
$orig_ids = $ids;
if (!check_ids($ids, $table, $sql_id, array('m_lock')))
{
// Make sure that for f_user_lock only the lock action is triggered.
if ($action != 'lock')
{
return;
}
$ids = $orig_ids;
if (!check_ids($ids, $table, $sql_id, array('f_user_lock')))
{
return;
}
}
unset($orig_ids);
$sql = "UPDATE $table
SET $set_id = " . (($action == 'lock' || $action == 'lock_post') ? ITEM_LOCKED : ITEM_UNLOCKED) . '
WHERE ' . $db->sql_in_set($sql_id, $ids);
$db->sql_query($sql);
$data = ($action == 'lock' || $action == 'unlock') ? get_topic_data($ids) : get_post_data($ids);
foreach ($data as $id => $row)
{
add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_' . strtoupper($action), $row['topic_title']);
}
}
// Stick/Unstick Thread
if ($action == 'stick' || $action == 'unstick') {
$topic_ids = array(request_var('threadid', 0));
// For changing topic types, we only allow operations in one forum.
$forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('f_announce', 'f_sticky', 'm_'), true);
if ($forum_id === false)
{
return;
}
switch ($action)
{
case 'make_announce':
$new_topic_type = POST_ANNOUNCE;
$check_acl = 'f_announce';
$l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_ANNOUNCEMENT' : 'MCP_MAKE_ANNOUNCEMENTS';
break;
case 'make_global':
$new_topic_type = POST_GLOBAL;
$check_acl = 'f_announce';
$l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_GLOBAL' : 'MCP_MAKE_GLOBALS';
break;
case 'stick':
$new_topic_type = POST_STICKY;
$check_acl = 'f_sticky';
$l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_STICKY' : 'MCP_MAKE_STICKIES';
break;
default:
$new_topic_type = POST_NORMAL;
$check_acl = '';
$l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_NORMAL' : 'MCP_MAKE_NORMALS';
break;
}
if (true)//(confirm_box(true))
{
if ($new_topic_type != POST_GLOBAL)
{
$sql = 'UPDATE ' . TOPICS_TABLE . "
SET topic_type = $new_topic_type
WHERE " . $db->sql_in_set('topic_id', $topic_ids) . '
AND forum_id <> 0';
$db->sql_query($sql);
// Reset forum id if a global topic is within the array
$to_forum_id = request_var('to_forum_id', 0);
if ($to_forum_id)
{
$sql = 'UPDATE ' . TOPICS_TABLE . "
SET topic_type = $new_topic_type, forum_id = $to_forum_id
WHERE " . $db->sql_in_set('topic_id', $topic_ids) . '
AND forum_id = 0';
$db->sql_query($sql);
// Update forum_ids for all posts
$sql = 'UPDATE ' . POSTS_TABLE . "
SET forum_id = $to_forum_id
WHERE " . $db->sql_in_set('topic_id', $topic_ids) . '
AND forum_id = 0';
$db->sql_query($sql);
// Do a little forum sync stuff
$sql = 'SELECT SUM(t.topic_replies + t.topic_approved) as topic_posts, COUNT(t.topic_approved) as topics_authed
FROM ' . TOPICS_TABLE . ' t
WHERE ' . $db->sql_in_set('t.topic_id', $topic_ids);
$result = $db->sql_query($sql);
$row_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sync_sql = array();
if ($row_data['topic_posts'])
{
$sync_sql[$to_forum_id][] = 'forum_posts = forum_posts + ' . (int) $row_data['topic_posts'];
}
if ($row_data['topics_authed'])
{
$sync_sql[$to_forum_id][] = 'forum_topics = forum_topics + ' . (int) $row_data['topics_authed'];
}
$sync_sql[$to_forum_id][] = 'forum_topics_real = forum_topics_real + ' . (int) sizeof($topic_ids);
foreach ($sync_sql as $forum_id_key => $array)
{
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET ' . implode(', ', $array) . '
WHERE forum_id = ' . $forum_id_key;
$db->sql_query($sql);
}
sync('forum', 'forum_id', $to_forum_id);
}
}
else
{
// Get away with those topics already being a global announcement by re-calculating $topic_ids
$sql = 'SELECT topic_id
FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . '
AND forum_id <> 0';
$result = $db->sql_query($sql);
$topic_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$topic_ids[] = $row['topic_id'];
}
$db->sql_freeresult($result);
if (sizeof($topic_ids))
{
// Delete topic shadows for global announcements
$sql = 'DELETE FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set('topic_moved_id', $topic_ids);
$db->sql_query($sql);
$sql = 'UPDATE ' . TOPICS_TABLE . "
SET topic_type = $new_topic_type, forum_id = 0
WHERE " . $db->sql_in_set('topic_id', $topic_ids);
$db->sql_query($sql);
// Update forum_ids for all posts
$sql = 'UPDATE ' . POSTS_TABLE . '
SET forum_id = 0
WHERE ' . $db->sql_in_set('topic_id', $topic_ids);
$db->sql_query($sql);
// Do a little forum sync stuff
$sql = 'SELECT SUM(t.topic_replies + t.topic_approved) as topic_posts, COUNT(t.topic_approved) as topics_authed
FROM ' . TOPICS_TABLE . ' t
WHERE ' . $db->sql_in_set('t.topic_id', $topic_ids);
$result = $db->sql_query($sql);
$row_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sync_sql = array();
if ($row_data['topic_posts'])
{
$sync_sql[$forum_id][] = 'forum_posts = forum_posts - ' . (int) $row_data['topic_posts'];
}
if ($row_data['topics_authed'])
{
$sync_sql[$forum_id][] = 'forum_topics = forum_topics - ' . (int) $row_data['topics_authed'];
}
$sync_sql[$forum_id][] = 'forum_topics_real = forum_topics_real - ' . (int) sizeof($topic_ids);
foreach ($sync_sql as $forum_id_key => $array)
{
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET ' . implode(', ', $array) . '
WHERE forum_id = ' . $forum_id_key;
$db->sql_query($sql);
}
sync('forum', 'forum_id', $forum_id);
}
}
$success_msg = (sizeof($topic_ids) == 1) ? 'TOPIC_TYPE_CHANGED' : 'TOPICS_TYPE_CHANGED';
if (sizeof($topic_ids))
{
$data = get_topic_data($topic_ids);
foreach ($data as $topic_id => $row)
{
add_log('mod', $forum_id, $topic_id, 'LOG_TOPIC_TYPE_CHANGED', $row['topic_title']);
}
}
}
else
{
// Global topic involved?
$global_involved = false;
if ($new_topic_type != POST_GLOBAL)
{
$sql = 'SELECT forum_id
FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . '
AND forum_id = 0';
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
$global_involved = true;
}
}
}
}
// Delete Thread
if ($action == 'deletethread') {
$user->add_lang('viewtopic');
$topic_ids = array(request_var('threadid', 0));
if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
if (!check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_delete')))
{
return;
}
$data = get_topic_data($topic_ids);
foreach ($data as $topic_id => $row)
{
if ($row['topic_moved_id'])
{
add_log('mod', $row['forum_id'], $topic_id, 'LOG_DELETE_SHADOW_TOPIC', $row['topic_title']);
}
else
{
add_log('mod', $row['forum_id'], $topic_id, 'LOG_DELETE_TOPIC', $row['topic_title'], $row['topic_first_poster_name']);
}
}
$return = delete_topics('topic_id', $topic_ids);
}
// Delete Posts
if ($action == 'deleteposts') {
$user->add_lang('posting');
$post_ids = explode(',', $_POST['postids']);
if (!sizeof($post_ids))
{
trigger_error('NO_POST_SELECTED');
}
if (!check_ids($post_ids, POSTS_TABLE, 'post_id', array('m_delete')))
{
return;
}
if (true)
{
if (!function_exists('delete_posts'))
{
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
}
// Count the number of topics that are affected
// I did not use COUNT(DISTINCT ...) because I remember having problems
// with it on older versions of MySQL -- Ashe
$sql = 'SELECT DISTINCT topic_id
FROM ' . POSTS_TABLE . '
WHERE ' . $db->sql_in_set('post_id', $post_ids);
$result = $db->sql_query($sql);
$topic_id_list = array();
while ($row = $db->sql_fetchrow($result))
{
$topic_id_list[] = $row['topic_id'];
}
$affected_topics = sizeof($topic_id_list);
$db->sql_freeresult($result);
$post_data = get_post_data($post_ids);
foreach ($post_data as $id => $row)
{
$post_username = ($row['poster_id'] == ANONYMOUS && !empty($row['post_username'])) ? $row['post_username'] : $row['username'];
add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_DELETE_POST', $row['post_subject'], $post_username);
}
// Now delete the posts, topics and forums are automatically resync'ed
delete_posts('post_id', $post_ids);
$sql = 'SELECT COUNT(topic_id) AS topics_left
FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set('topic_id', $topic_id_list);
$result = $db->sql_query_limit($sql, 1);
$deleted_topics = ($row = $db->sql_fetchrow($result)) ? ($affected_topics - $row['topics_left']) : $affected_topics;
$db->sql_freeresult($result);
}
}
if ($action == 'getforums') {
$forum_data = make_forum_select(0, $forum_id, false, true, true, true, true);
$forums = array();
foreach ($forum_data as $finfo) {
if ($finfo['disabled'] || ($finfo['forum_id'] == $forum_id)) {
continue;
}
$forums[] = array(
'id' => $finfo['forum_id'],
'title' => prepare_utf8_string($finfo['forum_name']),
);
}
return array(
'forums' => $forums,
);
}
if ($action == 'domovethread') {
$user->add_lang('viewtopic');
$topic_ids = array(request_var('threadid', 0));
if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
// Here we limit the operation to one forum only
$forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_move'), true);
if ($forum_id === false)
{
return;
}
$to_forum_id = request_var('destforumid', 0);
if ($to_forum_id)
{
$forum_data = get_forum_data($to_forum_id, 'f_post');
if (!sizeof($forum_data))
{
$additional_msg = $user->lang['FORUM_NOT_EXIST'];
}
else
{
$forum_data = $forum_data[$to_forum_id];
if ($forum_data['forum_type'] != FORUM_POST)
{
$additional_msg = $user->lang['FORUM_NOT_POSTABLE'];
}
else if (!$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id)))
{
$additional_msg = $user->lang['USER_CANNOT_POST'];
}
else if ($forum_id == $to_forum_id)
{
$additional_msg = $user->lang['CANNOT_MOVE_SAME_FORUM'];
}
}
}
else if (isset($_POST['confirm']))
{
$additional_msg = $user->lang['FORUM_NOT_EXIST'];
}
if (!$to_forum_id || $additional_msg)
{
unset($_POST['confirm']);
unset($_REQUEST['confirm_key']);
}
if (true)
{
$topic_data = get_topic_data($topic_ids);
$redirect = request_var('redirect', '');
if ($redirect == 'perm') {
$leave_shadow = true;
} else {
$leave_shadow = false;
}
$forum_sync_data = array();
$forum_sync_data[$forum_id] = current($topic_data);
$forum_sync_data[$to_forum_id] = $forum_data;
// Real topics added to target forum
$topics_moved = sizeof($topic_data);
// Approved topics added to target forum
$topics_authed_moved = 0;
// Posts (topic replies + topic post if approved) added to target forum
$topic_posts_added = 0;
// Posts (topic replies + topic post if approved and not global announcement) removed from source forum
$topic_posts_removed = 0;
// Real topics removed from source forum (all topics without global announcements)
$topics_removed = 0;
// Approved topics removed from source forum (except global announcements)
$topics_authed_removed = 0;
foreach ($topic_data as $topic_id => $topic_info)
{
if ($topic_info['topic_approved'])
{
$topics_authed_moved++;
$topic_posts_added++;
}
$topic_posts_added += $topic_info['topic_replies'];
if ($topic_info['topic_type'] != POST_GLOBAL)
{
$topics_removed++;
$topic_posts_removed += $topic_info['topic_replies'];
if ($topic_info['topic_approved'])
{
$topics_authed_removed++;
$topic_posts_removed++;
}
}
}
$db->sql_transaction('begin');
$sync_sql = array();
if ($topic_posts_added)
{
$sync_sql[$to_forum_id][] = 'forum_posts = forum_posts + ' . $topic_posts_added;
}
if ($topics_authed_moved)
{
$sync_sql[$to_forum_id][] = 'forum_topics = forum_topics + ' . (int) $topics_authed_moved;
}
$sync_sql[$to_forum_id][] = 'forum_topics_real = forum_topics_real + ' . (int) $topics_moved;
// Move topics, but do not resync yet
move_topics($topic_ids, $to_forum_id, false);
$forum_ids = array($to_forum_id);
foreach ($topic_data as $topic_id => $row)
{
// Get the list of forums to resync, add a log entry
$forum_ids[] = $row['forum_id'];
add_log('mod', $to_forum_id, $topic_id, 'LOG_MOVE', $row['forum_name'], $forum_data['forum_name']);
// If we have moved a global announcement, we need to correct the topic type
if ($row['topic_type'] == POST_GLOBAL)
{
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_type = ' . POST_ANNOUNCE . '
WHERE topic_id = ' . (int) $row['topic_id'];
$db->sql_query($sql);
}
// Leave a redirection if required and only if the topic is visible to users
if ($leave_shadow && $row['topic_approved'] && $row['topic_type'] != POST_GLOBAL)
{
$shadow = array(
'forum_id' => (int) $row['forum_id'],
'icon_id' => (int) $row['icon_id'],
'topic_attachment' => (int) $row['topic_attachment'],
'topic_approved' => 1, // a shadow topic is always approved
'topic_reported' => 0, // a shadow topic is never reported
'topic_title' => (string) $row['topic_title'],
'topic_poster' => (int) $row['topic_poster'],
'topic_time' => (int) $row['topic_time'],
'topic_time_limit' => (int) $row['topic_time_limit'],
'topic_views' => (int) $row['topic_views'],
'topic_replies' => (int) $row['topic_replies'],
'topic_replies_real' => (int) $row['topic_replies_real'],
'topic_status' => ITEM_MOVED,
'topic_type' => POST_NORMAL,
'topic_first_post_id' => (int) $row['topic_first_post_id'],
'topic_first_poster_colour'=>(string) $row['topic_first_poster_colour'],
'topic_first_poster_name'=> (string) $row['topic_first_poster_name'],
'topic_last_post_id' => (int) $row['topic_last_post_id'],
'topic_last_poster_id' => (int) $row['topic_last_poster_id'],
'topic_last_poster_colour'=>(string) $row['topic_last_poster_colour'],
'topic_last_poster_name'=> (string) $row['topic_last_poster_name'],
'topic_last_post_subject'=> (string) $row['topic_last_post_subject'],
'topic_last_post_time' => (int) $row['topic_last_post_time'],
'topic_last_view_time' => (int) $row['topic_last_view_time'],
'topic_moved_id' => (int) $row['topic_id'],
'topic_bumped' => (int) $row['topic_bumped'],
'topic_bumper' => (int) $row['topic_bumper'],
'poll_title' => (string) $row['poll_title'],
'poll_start' => (int) $row['poll_start'],
'poll_length' => (int) $row['poll_length'],
'poll_max_options' => (int) $row['poll_max_options'],
'poll_last_vote' => (int) $row['poll_last_vote']
);
$db->sql_query('INSERT INTO ' . TOPICS_TABLE . $db->sql_build_array('INSERT', $shadow));
// Shadow topics only count on new "topics" and not posts... a shadow topic alone has 0 posts
$topics_removed--;
$topics_authed_removed--;
}
}
unset($topic_data);
if ($topic_posts_removed)
{
$sync_sql[$forum_id][] = 'forum_posts = forum_posts - ' . $topic_posts_removed;
}
if ($topics_removed)
{
$sync_sql[$forum_id][] = 'forum_topics_real = forum_topics_real - ' . (int) $topics_removed;
}
if ($topics_authed_removed)
{
$sync_sql[$forum_id][] = 'forum_topics = forum_topics - ' . (int) $topics_authed_removed;
}
$success_msg = (sizeof($topic_ids) == 1) ? 'TOPIC_MOVED_SUCCESS' : 'TOPICS_MOVED_SUCCESS';
foreach ($sync_sql as $forum_id_key => $array)
{
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET ' . implode(', ', $array) . '
WHERE forum_id = ' . $forum_id_key;
$db->sql_query($sql);
}
$db->sql_transaction('commit');
sync('forum', 'forum_id', array($forum_id, $to_forum_id));
}
}
return array('success' => true);
}
function check_ids(&$ids, $table, $sql_id, $acl_list = false, $single_forum = false)
{
global $db, $auth;
if (!is_array($ids) || empty($ids))
{
return false;
}
$sql = "SELECT $sql_id, forum_id FROM $table
WHERE " . $db->sql_in_set($sql_id, $ids);
$result = $db->sql_query($sql);
$ids = array();
$forum_id = false;
while ($row = $db->sql_fetchrow($result))
{
if ($acl_list && $row['forum_id'] && !$auth->acl_gets($acl_list, $row['forum_id']))
{
continue;
}
if ($acl_list && !$row['forum_id'] && !$auth->acl_getf_global($acl_list))
{
continue;
}
// Limit forum? If not, just assign the id.
if ($single_forum === false)
{
$ids[] = $row[$sql_id];
continue;
}
// Limit forum to a specific forum id?
// This can get really tricky, because we do not want to create a failure on global topics. :)
if ($row['forum_id'])
{
if ($single_forum !== true && $row['forum_id'] == (int) $single_forum)
{
$forum_id = (int) $single_forum;
}
else if ($forum_id === false)
{
$forum_id = $row['forum_id'];
}
if ($row['forum_id'] == $forum_id)
{
$ids[] = $row[$sql_id];
}
}
else
{
// Always add a global topic
$ids[] = $row[$sql_id];
}
}
$db->sql_freeresult($result);
if (!sizeof($ids))
{
return false;
}
// If forum id is false and ids populated we may have only global announcements selected (returning 0 because of (int) $forum_id)
return ($single_forum === false) ? true : (int) $forum_id;
}
function get_topic_data($topic_ids, $acl_list = false, $read_tracking = false)
{
global $auth, $db, $config, $user;
static $rowset = array();
$topics = array();
if (!sizeof($topic_ids))
{
return array();
}
// cache might not contain read tracking info, so we can't use it if read
// tracking information is requested
if (!$read_tracking)
{
$cache_topic_ids = array_intersect($topic_ids, array_keys($rowset));
$topic_ids = array_diff($topic_ids, array_keys($rowset));
}
else
{
$cache_topic_ids = array();
}
if (sizeof($topic_ids))
{
$sql_array = array(
'SELECT' => 't.*, f.*',
'FROM' => array(
TOPICS_TABLE => 't',
),
'LEFT_JOIN' => array(
array(
'FROM' => array(FORUMS_TABLE => 'f'),
'ON' => 'f.forum_id = t.forum_id'
)
),
'WHERE' => $db->sql_in_set('t.topic_id', $topic_ids)
);
if ($read_tracking && $config['load_db_lastread'])
{
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
$sql_array['LEFT_JOIN'][] = array(
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
);
$sql_array['LEFT_JOIN'][] = array(
'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
);
}
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (!$row['forum_id'])
{
// Global Announcement?
$row['forum_id'] = request_var('f', 0);
}
$rowset[$row['topic_id']] = $row;
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
{
continue;
}
$topics[$row['topic_id']] = $row;
}
$db->sql_freeresult($result);
}
foreach ($cache_topic_ids as $id)
{
if (!$acl_list || $auth->acl_gets($acl_list, $rowset[$id]['forum_id']))
{
$topics[$id] = $rowset[$id];
}
}
return $topics;
}
/**
* Get simple post data
*/
function get_post_data($post_ids, $acl_list = false, $read_tracking = false)
{
global $db, $auth, $config, $user;
$rowset = array();
if (!sizeof($post_ids))
{
return array();
}
$sql_array = array(
'SELECT' => 'p.*, u.*, t.*, f.*',
'FROM' => array(
USERS_TABLE => 'u',
POSTS_TABLE => 'p',
TOPICS_TABLE => 't',
),
'LEFT_JOIN' => array(
array(
'FROM' => array(FORUMS_TABLE => 'f'),
'ON' => 'f.forum_id = t.forum_id'
)
),
'WHERE' => $db->sql_in_set('p.post_id', $post_ids) . '
AND u.user_id = p.poster_id
AND t.topic_id = p.topic_id',
);
if ($read_tracking && $config['load_db_lastread'])
{
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
$sql_array['LEFT_JOIN'][] = array(
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
);
$sql_array['LEFT_JOIN'][] = array(
'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
);
}
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
unset($sql_array);
while ($row = $db->sql_fetchrow($result))
{
if (!$row['forum_id'])
{
// Global Announcement?
$row['forum_id'] = request_var('f', 0);
}
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
{
continue;
}
if (!$row['post_approved'] && !$auth->acl_get('m_approve', $row['forum_id']))
{
// Moderators without the permission to approve post should at least not see them. ;)
continue;
}
$rowset[$row['post_id']] = $row;
}
$db->sql_freeresult($result);
return $rowset;
}
/**
* Get simple forum data
*/
function get_forum_data($forum_id, $acl_list = 'f_list', $read_tracking = false)
{
global $auth, $db, $user, $config;
$rowset = array();
if (!is_array($forum_id))
{
$forum_id = array($forum_id);
}
if (!sizeof($forum_id))
{
return array();
}
if ($read_tracking && $config['load_db_lastread'])
{
$read_tracking_join = ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . '
AND ft.forum_id = f.forum_id)';
$read_tracking_select = ', ft.mark_time';
}
else
{
$read_tracking_join = $read_tracking_select = '';
}
$sql = "SELECT f.* $read_tracking_select
FROM " . FORUMS_TABLE . " f$read_tracking_join
WHERE " . $db->sql_in_set('f.forum_id', $forum_id);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
{
continue;
}
if ($auth->acl_get('m_approve', $row['forum_id']))
{
$row['forum_topics'] = $row['forum_topics_real'];
}
$rowset[$row['forum_id']] = $row;
}
$db->sql_freeresult($result);
return $rowset;
}
function
do_get_spam_data ()
{
return array();
}
function
do_get_ban_data ()
{
return array();
}
function
do_ban_user ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
// If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
if (!$auth->acl_getf_global('m_') && !$auth->acl_getf_global('acl_m_ban')) {
json_error(ERR_NO_PERMISSION);
}
$user_id = request_var('userid', -1);
$reason = request_var('reason', '');
$period = request_var('period', 'PERMANENT');
// Get user...
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$member = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$member) {
trigger_error('NO_USER');
}
$out = array();
$m = array();
if ($period != 'PERMANENT') {
if (!preg_match('#^(D|M|Y)_([1-9][0-9]?)$#', $period, $m)) {
json_error(ERR_NO_PERMISSION);
}
switch ($m[1]) {
case 'D': $len = intval($m[2]); break;
case 'M': $len = intval($m[2]) * 30; break;
case 'Y': $len = intval($m[2]) * 365; break;
}
$len *= (24 * 60);
} else {
$len = 0;
}
if (!user_ban('user', $member['username'], $len, null, false, $reason, $reason)) {
json_error(ERR_NO_PERMISSION);
}
return array('success' => true);
}
?>
|