PageRenderTime 52ms CodeModel.GetById 23ms RepoModel.GetById 1ms app.codeStats 0ms

/root/includes/mcp/mcp_infractions.php

https://github.com/Nelsaidi/phpBB-Infractions
PHP | 801 lines | 524 code | 171 blank | 106 comment | 80 complexity | 2fe8e8ac1f57a839d98dd66b1df0763f MD5 | raw file
Possible License(s): GPL-2.0
  1. <?php
  2. /**
  3. * phpBB Infraction System
  4. * @copyright (c) 2012 Nelsaidi
  5. * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  6. *
  7. * This program is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  20. *
  21. */
  22. /**
  23. * @ignore
  24. */
  25. if (!defined('IN_PHPBB'))
  26. {
  27. exit;
  28. }
  29. class mcp_infractions
  30. {
  31. public $p_master;
  32. public $u_action;
  33. public function main($id, $mode)
  34. {
  35. global $auth, $db, $user, $template;
  36. global $config, $phpbb_root_path, $phpEx;
  37. $action = request_var('action', '');
  38. add_form_key('mcp_infractions');
  39. $template->assign_vars(array(
  40. 'S_IN_INFRACTIONS' => 1,
  41. 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=mcp&amp;field=username&amp;select_single=true'),
  42. ));
  43. switch($mode)
  44. {
  45. case 'issue':
  46. $this->issue_infraction();
  47. $this->tpl_name = 'mcp_infractions_issue';
  48. $this->page_title = 'INFRACTION_ISSUE';
  49. break;
  50. case 'view':
  51. if($action == 'delete')
  52. {
  53. $this->delete_infraction();
  54. }
  55. $user_id = request_var('user_id', 0);
  56. $username = request_var('username', '');
  57. if($username != '')
  58. {
  59. $sql = 'SELECT user_id FROM ' . USERS_TABLE . ' WHERE username_clean = "' . $db->sql_escape(utf8_clean_string($username)) . '"';
  60. $result = $db->sql_query($sql);
  61. $user_row = $db->sql_fetchrow($result);
  62. $db->sql_freeresult($result);
  63. if(!isset($user_row['user_id']))
  64. {
  65. trigger_error('INFRACTION_USER_NOT_EXIST');
  66. }
  67. redirect(append_sid("{$phpbb_root_path}mcp.$phpEx", "i=infractions&mode=view&user_id={$user_row['user_id']}"));
  68. }
  69. if($user_id > 0)
  70. {
  71. $this->view_infractions_user();
  72. $this->tpl_name = 'mcp_infractions_user';
  73. $this->page_title = 'INFRACTIONS'; // append username to this
  74. }
  75. else
  76. {
  77. $this->view_infractions();
  78. $this->tpl_name = 'mcp_infractions_index';
  79. $this->page_title = 'INFRACTIONS';
  80. }
  81. break;
  82. }
  83. }
  84. /**
  85. * This function is responsible for displaying the form for issuing an infraction
  86. * And then processing the infraction and issuing it
  87. */
  88. public function issue_infraction()
  89. {
  90. global $auth, $db, $user, $template;
  91. global $config, $phpbb_root_path, $phpEx;
  92. // Check if the user can issue an infraction
  93. if(!$auth->acl_get('m_infractions_issue'))
  94. {
  95. trigger_error('NOT_AUTHORISED');
  96. }
  97. $username = request_var('username', '');
  98. $user_id = request_var('user_id', 0);
  99. $post_id = request_var('post_id', 0);
  100. $type = request_var('type', 0);
  101. if($user_id == 0 && $post_id == 0 && $username == '')
  102. {
  103. $template->assign_var('S_INFRACTIONS_NO_USER' , 1);
  104. return;
  105. }
  106. if($user_id == ANONYMOUS)
  107. {
  108. trigger_error('INFRACTION_ISSUE_GUEST');
  109. }
  110. // Get the user ID of the selected user, and redirect to a URL with the id appended
  111. if($username != '')
  112. {
  113. $sql = 'SELECT user_id FROM ' . USERS_TABLE . ' WHERE username_clean = "' . $db->sql_escape(utf8_clean_string($username)) . '"';
  114. $result = $db->sql_query($sql);
  115. $user_row = $db->sql_fetchrow($result);
  116. $db->sql_freeresult($result);
  117. if(!isset($user_row['user_id']))
  118. {
  119. trigger_error('INFRACTION_USER_NOT_EXIST');
  120. }
  121. redirect(append_sid("{$phpbb_root_path}mcp.$phpEx", "i=infractions&mode=issue&user_id={$user_row['user_id']}"));
  122. exit;
  123. }
  124. // Get post data
  125. if($post_id != 0)
  126. {
  127. $post_row = $this->get_post_for_infraction($post_id);
  128. if(!is_array($post_row))
  129. {
  130. trigger_error($post_row);
  131. }
  132. $user_id = (int) $post_row['poster_id'];
  133. }
  134. $sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE user_id = $user_id";
  135. $result = $db->sql_query($sql);
  136. $user_row = $db->sql_fetchrow($result);
  137. $db->sql_freeresult($result);
  138. if(!isset($user_row['user_id']))
  139. {
  140. trigger_error('INFRACTION_USER_NOT_EXIST');
  141. }
  142. if($user->data['user_id'] == $user_row['user_id'])
  143. {
  144. trigger_error('INFRACTION_ISSUE_YOURSELF');
  145. }
  146. // Check if the form has been submitted, if not, display the form to issue an infraction
  147. if(!isset($_POST['submit']))
  148. {
  149. $template->assign_vars(array(
  150. 'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=infractions&amp;mode=issue&amp;user_id=' . $user_id . '&amp;post_id=' . $post_id),
  151. 'INFRACTION_USER_ID' => $user_row['user_id'],
  152. 'INFRACTION_TYPE' => $type,
  153. ));
  154. // Get user information such as avatar and rank
  155. if (!function_exists('get_user_avatar'))
  156. {
  157. include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  158. }
  159. $rank_title = $rank_img = '';
  160. $avatar_img = get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']);
  161. $template->assign_vars(array(
  162. // 'U_POST_ACTION' => $this->u_action,
  163. 'U_VIEW_INFRACTIONS' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=infractions&amp;mode=view&amp;user_id=' . $user_id),
  164. 'RANK_TITLE' => $rank_title,
  165. 'JOINED' => $user->format_date($user_row['user_regdate']),
  166. 'POSTS' => $user_row['user_posts'],
  167. 'INFRACTION_POINTS' => $user_row['infraction_points'] ,
  168. 'USERNAME' => $user_row['username'],
  169. 'USER_PROFILE' => get_username_string('full', $user_row['user_id'], $user_row['username'], $user_row['user_colour']),
  170. 'AVATAR_IMG' => $avatar_img,
  171. 'RANK_IMG' => $rank_img,
  172. ));
  173. // Is the infraction for a post?
  174. if(isset($post_row))
  175. {
  176. // Get the mssage and parse it, for display
  177. $message = censor_text($post_row['post_text']);
  178. if ($post_row['bbcode_bitfield'])
  179. {
  180. if(!class_exists('bbcode'))
  181. {
  182. include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
  183. }
  184. $bbcode = new bbcode($post_row['bbcode_bitfield']);
  185. $bbcode->bbcode_second_pass($message, $post_row['bbcode_uid'], $post_row['bbcode_bitfield']);
  186. }
  187. $message = bbcode_nl2br($message);
  188. $message = smiley_text($message);
  189. $template->assign_vars(array(
  190. 'INFRACTION_POST' => true,
  191. 'POST_TEXT' => $message,
  192. ));
  193. }
  194. // Load infraction templates to be put in the form
  195. $sql = 'SELECT * FROM ' . INFRACTION_TEMPLATES_TABLE . ' ORDER BY position ASC';
  196. $result = $db->sql_query($sql);
  197. while($row = $db->sql_fetchrow($result))
  198. {
  199. $template->assign_block_vars('infraction_templates', array(
  200. 'NAME' => $row['name'],
  201. 'TEMPLATE_ID' => $row['template_id'],
  202. ));
  203. }
  204. $db->sql_freeresult($result);
  205. return true;
  206. }
  207. /** We are issuing an infraction **/
  208. // Populate infraction details with already known stuff
  209. $infraction = array(
  210. 'user_id' => $user_id,
  211. 'issuer_id' => $user->data['user_id'],
  212. 'issue_time' => time(),
  213. );
  214. // Assign a post ID if it exists
  215. if(isset($post_row))
  216. {
  217. $infraction['post_id'] = $post_row['post_id'];
  218. $infraction['forum_id'] = $post_row['forum_id'];
  219. }
  220. $infraction_template = request_var('infraction_template', 0);
  221. // Load data from template if selected
  222. if($infraction_template != 0)
  223. {
  224. $sql = 'SELECT * FROM ' . INFRACTION_TEMPLATES_TABLE . " WHERE template_id = $infraction_template";
  225. $result = $db->sql_query($sql);
  226. $template_row = $db->sql_fetchrow($result);
  227. $db->sql_freeresult($result);
  228. if(sizeof($template_row) == 0)
  229. {
  230. trigger_error('INFRACTION_OOPS');
  231. }
  232. $infraction = array_merge($infraction, array(
  233. 'infraction_points' => $template_row['infraction_points'],
  234. 'duration' => $template_row['duration'],
  235. 'reason' => $template_row['reason']
  236. ));
  237. }
  238. else
  239. {
  240. $infraction = array_merge($infraction, array(
  241. 'infraction_points' => request_var('infraction_points', 0),
  242. 'duration' => request_var('duration', ''),
  243. 'reason' => utf8_normalize_nfc(request_var('reason', '', true)),
  244. ));
  245. }
  246. // Validate infraction details
  247. if($infraction['infraction_points'] < 0)
  248. {
  249. trigger_error('INFRACTION_NEGATIVE_POINTS');
  250. }
  251. // Load custom time
  252. if($infraction['duration'] == '-1')
  253. {
  254. $infraction['duration'] = request_var('duration_custom', '');
  255. }
  256. if($infraction['duration'] == '0')
  257. {
  258. // Permanent
  259. $infraction['expire_time'] = 0;
  260. $infraction['duration'] = 0; // For typcast reasons
  261. }
  262. else
  263. {
  264. $infraction['expire_time'] = strtotime('+' . $infraction['duration']);
  265. if($infraction['expire_time'] < time())
  266. {
  267. trigger_error('INFRACTION_INVALID_DATE');
  268. }
  269. else
  270. {
  271. $infraction['duration'] = $infraction['expire_time'] - time(); // Great, duration is good
  272. }
  273. }
  274. $sql = 'INSERT INTO ' . INFRACTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $infraction);
  275. $db->sql_query($sql);
  276. // Update infraction_points in users table
  277. if($infraction['infraction_points'] > 0)
  278. {
  279. $sql = 'UPDATE ' . USERS_TABLE . " SET infraction_points = infraction_points + {$infraction['infraction_points']} WHERE user_id = {$user_row['user_id']}";
  280. $db->sql_query($sql);
  281. }
  282. include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
  283. include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
  284. include($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/infractions.$phpEx");
  285. $message_parser = new parse_message();
  286. // Append post topic
  287. if(!empty($infraction['post_id']))
  288. {
  289. $infraction['reason'] = "[url=" . generate_board_url () . "/viewtopic.php?p={$infraction['post_id']}#p{$infraction['post_id']}][b]{$post_row['post_subject']}[/b][/url]\n{$infraction['reason']}";
  290. }
  291. $message_parser->message = sprintf($lang['INFRACTION_PM_BODY'], $user_row['username'], $infraction['reason'], $infraction['infraction_points'], $infraction['infraction_points'] + $user_row['infraction_points'], sprintf($config['infractions_pm_sig'], $user->data['username']));
  292. $message_parser->parse(true, true, false, false, false, true, true);
  293. $pm_data = array(
  294. 'from_user_id' => $user->data['user_id'],
  295. 'from_user_ip' => $user->ip,
  296. 'from_username' => $user->data['username'], // Why does it need this?
  297. 'enable_sig' => false,
  298. 'enable_bbcode' => true,
  299. 'enable_smilies' => true,
  300. 'enable_urls' => true,
  301. 'icon_id' => 0,
  302. 'bbcode_bitfield' => $message_parser->bbcode_bitfield,
  303. 'bbcode_uid' => $message_parser->bbcode_uid,
  304. 'message' => $message_parser->message,
  305. 'address_list' => array('u' => array($user_row['user_id'] => 'to')),
  306. );
  307. submit_pm('post', $lang['INFRACTION_PM_SUBJECT'], $pm_data, false);
  308. add_log('mod', 0, 0, "Issued an infraction to {$user_row['username']}"); // Do this using languages is not possible?
  309. // TODO RUN HOOK: infraction_issued !!
  310. // User chose to edit post, redirect
  311. if(request_var('edit_post', 0) == 1)
  312. {
  313. redirect(append_sid("{$phpbb_root_path}posting.php", "mode=edit&amp;f={$infraction['forum_id']}&amp;p={$infraction['post_id']}"));
  314. }
  315. // Redirec to topic after issuing an infraction
  316. if(isset($post_row))
  317. {
  318. redirect(append_sid("{$phpbb_root_path}viewtopic.php", "p={$infraction['post_id']}#p{$infraction['post_id']}"));
  319. }
  320. // Redirect to infractions page for instantness
  321. redirect(append_sid("{$phpbb_root_path}mcp.$phpEx", "i=infractions"));
  322. exit;
  323. }
  324. /**
  325. * This function deals with the deletion and thus reversal of infractions,
  326. * If infraction id is NOT supplied, it will get it from the URI
  327. * And then redirect
  328. *
  329. *
  330. * Needs to be seperated out once actions are implemented, and do the below.
  331. * Optimisations - modify the users table only once if multiple deletes?
  332. * A batch user table update perhaps, so store all point modifications in an array
  333. */
  334. public function delete_infraction($infraction_id = false)
  335. {
  336. global $auth, $db, $user, $template;
  337. global $config, $phpbb_root_path, $phpEx;
  338. if(!$auth->acl_get('m_infractions_delete'))
  339. {
  340. trigger_error('NOT_AUTHORISED');
  341. }
  342. if(!confirm_box(true))
  343. {
  344. $s_hidden_fields = build_hidden_fields(array(
  345. 'submit' => true,
  346. 'action' => 'delete',
  347. 'infraction_id' => request_var('infraction_id', 0),
  348. 'user_id' => request_var('user_id', 0),
  349. 'start' => request_var('start', 0),
  350. )
  351. );
  352. //display mode
  353. confirm_box(false, 'INFRACTION_DELETE', $s_hidden_fields);
  354. return;
  355. }
  356. $infraction_id = request_var('infraction_id', 0);
  357. if($infraction_id == 0 || !is_numeric($infraction_id))
  358. {
  359. trigger_error('INFRACTION_NOT_EXIST');
  360. }
  361. // Get a copy of the infraction to allow for full reversal
  362. $sql = 'SELECT * FROM ' . INFRACTIONS_TABLE . " WHERE infraction_id = $infraction_id";
  363. $result = $db->sql_query($sql);
  364. $infraction = $db->sql_fetchrow($result);
  365. $db->sql_freeresult($result);
  366. if(empty($infraction))
  367. {
  368. trigger_error('INFRACTION_NOT_EXIST');
  369. }
  370. if($infraction['void'] == 1)
  371. {
  372. trigger_error('INFRACTION_NOT_EXIST');
  373. }
  374. if($config['infractions_hard_delete'] == 1)
  375. {
  376. // Delete it fully out of the DB
  377. $removal_sql = 'DELETE FROM ' . INFRACTIONS_TABLE . " WHERE infraction_id = $infraction_id";
  378. }
  379. else
  380. {
  381. $removal_sql = 'UPDATE ' . INFRACTIONS_TABLE . ' SET void = 1, deleted_time = ' . time() . " WHERE infraction_id = $infraction_id";
  382. }
  383. $db->sql_query($removal_sql);
  384. unset($removal_sql);
  385. // Infraction now doesnt exist, lets reverse its actions
  386. $user_id = (int) $infraction['user_id']; // Lets not trust the DB too
  387. $infraction_points = (int) $infraction['infraction_points'];
  388. // Remove added points from the user
  389. if($infraction_points > 0)
  390. {
  391. $sql = 'UPDATE ' . USERS_TABLE . " SET infraction_points = infraction_points - {$infraction_points} WHERE user_id = {$user_id}";
  392. $db->sql_query($sql);
  393. }
  394. // Get the username for listing in log
  395. $sql = 'SELECT username FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id;
  396. $result = $db->sql_query($sql);
  397. $username = $db->sql_fetchfield('username', 0, $result);
  398. $db->sql_freeresult($result);
  399. add_log('mod', 0, 0, "Deleted an infraction issued to {$username}");
  400. return true;
  401. }
  402. /**
  403. * Infractions index
  404. * So recent infractions
  405. */
  406. public function view_infractions()
  407. {
  408. global $auth, $db, $user, $template;
  409. global $config, $phpbb_root_path, $phpEx;
  410. clear_expired_infractions();
  411. $start = request_var('start', 0);
  412. $infractions_list = $this->get_infractions(25, $start, 0, 0, false, true);
  413. if(!$infractions_list)
  414. {
  415. $template->assign_var('S_INFRACTIONS_NONE', 1);
  416. return;
  417. }
  418. $total_infractions = $this->last_get_infraction_total();
  419. $pagination_url = append_sid($phpbb_root_path . 'mcp.' . $phpEx, array('i' => 'infractions', 'mode' => 'view'));
  420. $template->assign_vars(array(
  421. 'PAGINATION' => generate_pagination($pagination_url, $total_infractions, 25, $start),
  422. 'PAGE_NUMBER' => on_page($total_infractions, 25, $start),
  423. 'TOTAL_INFRACTIONS' => $total_infractions . ' Infractions',
  424. ));
  425. foreach($infractions_list as $infraction)
  426. {
  427. $template->assign_block_vars('infraction', array(
  428. 'INFRACTION_ID' => $infraction['infraction_id'],
  429. 'POST_ID' => $infraction['post_id'],
  430. 'ISSUE_TIME' => $user->format_date($infraction['issue_time']),
  431. 'EXPIRE_TIME' => (($infraction['expire_time'] == 0) ? $user->lang['INFRACTION_NEVER'] : $user->format_date($infraction['expire_time'])),
  432. 'USERNAME' => $infraction['username'],
  433. 'USER_PROFILE' => get_username_string('full', $infraction['user_id'], $infraction['username'], $infraction['user_colour']),
  434. 'USER_ID' => $infraction['user_id'],
  435. 'REASON' => (!empty($infraction['topic_id']) ? "<strong><a href=\"./viewtopic.php?p={$infraction['post_id']}#p{$infraction['post_id']}\">{$infraction['post_subject']}</a></strong><br/>{$infraction['reason']}" : $infraction['reason']),
  436. 'POINTS_ISSUED' => $infraction['infraction_points'],
  437. 'TOTAL_POINTS' => $infraction['total_points'],
  438. 'ACTIONS' => '',
  439. 'DELETE_LINK' => (($auth->acl_get('m_infractions_delete') && $infraction['void'] == 0) ? append_sid($this->u_action . '&action=delete&infraction_id=' . $infraction['infraction_id']) : ''),
  440. ));
  441. }
  442. }
  443. /**
  444. * View infractions for a user
  445. * To show user details, more detail about infractions
  446. */
  447. public function view_infractions_user()
  448. {
  449. global $auth, $db, $user, $template;
  450. global $config, $phpbb_root_path, $phpEx;
  451. $user_id = request_var('user_id', 0);
  452. clear_expired_infractions($user_id);
  453. $start = request_var('start', 0);
  454. // Load avatars, colours, etc
  455. $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id;
  456. $result = $db->sql_query($sql);
  457. $user_row = $db->sql_fetchrow($result);
  458. $db->sql_freeresult($result);
  459. if (!function_exists('get_user_avatar'))
  460. {
  461. include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  462. }
  463. $rank_title = $rank_img = '';
  464. $avatar_img = get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']);
  465. $template->assign_vars(array(
  466. 'U_ISSUE_INFRACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=infractions&amp;mode=issue&amp;user_id=' . $user_id),
  467. 'U_VIEW_INFRACTIONS' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=infractions&amp;mode=view&amp;user_id=' . $user_id),
  468. 'RANK_TITLE' => $rank_title,
  469. 'JOINED' => $user->format_date($user_row['user_regdate']),
  470. 'POSTS' => $user_row['user_posts'],
  471. 'INFRACTION_POINTS' => $user_row['infraction_points'] ,
  472. 'USERNAME' => $user_row['username'],
  473. 'USER_PROFILE' => get_username_string('full', $user_row['user_id'], $user_row['username'], $user_row['user_colour']),
  474. 'AVATAR_IMG' => $avatar_img,
  475. 'RANK_IMG' => $rank_img,
  476. ));
  477. // Get infractions
  478. $infractions_list = $this->get_infractions(25, $start, 0, $user_id, false, true);
  479. if(!$infractions_list)
  480. {
  481. $template->assign_var('S_INFRACTIONS_NONE', 1);
  482. return;
  483. }
  484. foreach($infractions_list as $infraction)
  485. {
  486. $template->assign_block_vars('infraction', array(
  487. 'INFRACTION_ID' => $infraction['infraction_id'],
  488. 'POST_ID' => $infraction['post_id'],
  489. 'ISSUE_TIME' => $user->format_date($infraction['issue_time']),
  490. 'EXPIRE_TIME' => (($infraction['expire_time'] == 0) ? $user->lang['INFRACTION_NEVER'] : $user->format_date($infraction['expire_time'])),
  491. 'USERNAME' => $infraction['username'],
  492. 'USER_PROFILE' => get_username_string('full', $infraction['user_id'], $infraction['username'], $infraction['user_colour']),
  493. 'USER_ID' => $infraction['user_id'],
  494. 'REASON' => (!empty($infraction['topic_id']) ? "<strong><a href=\"./viewtopic.php?p={$infraction['post_id']}#p{$infraction['post_id']}\">{$infraction['post_subject']}</a></strong><br/>{$infraction['reason']}" : $infraction['reason']),
  495. 'POINTS_ISSUED' => $infraction['infraction_points'],
  496. 'TOTAL_POINTS' => $infraction['total_points'],
  497. 'VOID' => $infraction['void'],
  498. 'DELETE_LINK' => (($auth->acl_get('m_infractions_delete') && $infraction['void'] == 0) ? append_sid($this->u_action . '&action=delete&infraction_id=' . $infraction['infraction_id'] . '&user_id=' . $user_id . '&start=' . $start) : ''),
  499. // TODO actions
  500. ));
  501. }
  502. // Pagination
  503. $total_infractions = $this->last_get_infraction_total();
  504. $pagination_url = append_sid($phpbb_root_path . 'mcp.' . $phpEx, array('i' => 'infractions', 'mode' => 'view', 'user_id' => $user_id));
  505. $template->assign_vars(array(
  506. 'PAGINATION' => generate_pagination($pagination_url, $total_infractions, 25, $start),
  507. 'PAGE_NUMBER' => on_page($total_infractions, 25, $start),
  508. 'TOTAL_INFRACTIONS' => $total_infractions . ' Infractions',
  509. ));
  510. }
  511. /**
  512. * Load the data for a post, checking that the user has read permissions for it too
  513. * @param int post id
  514. * @return mixed - array success, else string error
  515. */
  516. public function get_post_for_infraction($post_id)
  517. {
  518. global $auth, $db, $user, $template;
  519. global $config, $phpbb_root_path, $phpEx;
  520. // Check if the user has already been warned for this post
  521. // TODO
  522. if(!is_numeric($post_id))
  523. {
  524. return 'POST_NOT_EXIST';
  525. }
  526. $sql = "SELECT * FROM " . POSTS_TABLE . " WHERE post_id = $post_id";
  527. $result = $db->sql_query($sql); // Do we cache it for ~60 seconds, saves querying again but maybe another mod updates the post?
  528. $post_row = $db->sql_fetchrow($result);
  529. $db->sql_freeresult($result);
  530. if(sizeof($post_row) == 0)
  531. {
  532. return 'POST_NOT_EXIST';
  533. }
  534. // Check the user has issue warning rights too it
  535. // TODO
  536. // just read rights for now, let infractions be global?
  537. // Check if the user can read the post
  538. if(!$auth->acl_get('f_read', $post_row['forum_id']))
  539. {
  540. return 'NO_PERMISIONS';
  541. }
  542. // TODO - is there a better way to check permisions? - maybe first, since we already have the forum id from the infraction!
  543. return $post_row;
  544. }
  545. /**
  546. * Get the infractions
  547. * Underlying function
  548. *
  549. * @param $user_id User ID to select for - false for non specific (so all)
  550. * @param $forum_id - forum id to sele
  551. * @return array infractions demanded
  552. */
  553. public function get_infractions($limit = 25, $offset = 0, $start_date = 0, $user_id = false, $forum_id = false, $show_void = false)
  554. {
  555. global $auth, $db, $user, $template;
  556. global $config, $phpbb_root_path, $phpEx;
  557. $sql_array = array(
  558. 'SELECT' => 'i.*, p.post_subject, u.username, u.user_colour, u.infraction_points AS total_points, p.topic_id',
  559. 'FROM' => array(
  560. INFRACTIONS_TABLE => 'i',
  561. ),
  562. 'LEFT_JOIN' => array(
  563. array(
  564. 'FROM' => array(POSTS_TABLE => 'p'),
  565. 'ON' => 'i.post_id = p.post_id'
  566. ),
  567. array(
  568. 'FROM' => array(USERS_TABLE => 'u'),
  569. 'ON' => 'i.user_id = u.user_id',
  570. ),
  571. ),
  572. 'WHERE' => array(),
  573. 'ORDER_BY' => 'issue_time DESC',
  574. );
  575. if($show_void === false)
  576. {
  577. $sql_array['WHERE'][] = ' void = 0 ';
  578. }
  579. if(is_numeric($user_id) && $user_id > 0)
  580. {
  581. $sql_array['WHERE'][] = " i.user_id = $user_id ";
  582. }
  583. if(is_numeric($forum_id) && $forum_id > 0)
  584. {
  585. $sql_array['WHERE'][] = " i.forum_id = $forum_id ";
  586. }
  587. // Build our WHERE part as needed
  588. $sql_array['WHERE'] = implode($sql_array['WHERE'], 'AND');
  589. // Store the array so we can select count total to use for pagination
  590. $this->last_sql_array = $sql_array;
  591. $sql = $db->sql_build_query('SELECT', $sql_array);
  592. $result = $db->sql_query_limit($sql, $limit, $offset);
  593. $infractions = $db->sql_fetchrowset($result);
  594. $db->sql_freeresult($result);
  595. $row_count = sizeof($infractions);
  596. $this->last_get_infraction_count = $row_count; // Total rows returned
  597. // If we got less rows than our limit, then this is our total rows
  598. if($row_count < $limit)
  599. {
  600. $this->last_get_infraction_total = $row_count;
  601. }
  602. if($row_count == 0)
  603. {
  604. return false;
  605. }
  606. return $infractions;
  607. }
  608. /**
  609. * A function to get total row count for last infraction view select
  610. */
  611. public function last_get_infraction_total()
  612. {
  613. global $auth, $db, $user, $template;
  614. global $config, $phpbb_root_path, $phpEx;
  615. // NOTE - if the return was less than the limit, then that is our total rows - performance!!
  616. // Argh this is messing with my mind - its getting VERY messy, need to optimise approach
  617. if($this->last_get_infraction_count == 0)
  618. {
  619. return 0;
  620. }
  621. $sql_array = $this->last_sql_array;
  622. $sql_array['SELECT'] = 'count(i.infraction_id) AS total_infractions';
  623. $sql = $db->sql_build_query('SELECT', $sql_array);
  624. $result = $db->sql_query($sql);
  625. $total_infractions = $db->sql_fetchfield('total_infractions');
  626. $db->sql_freeresult($result);
  627. return $total_infractions;
  628. }
  629. }
  630. // EOF