/upload/includes/report_module.php
PHP | 191 lines | 143 code | 27 blank | 21 comment | 27 complexity | b46639ac528f0c158b0f301092324621 MD5 | raw file
- <?php
- if (!defined('BB_ROOT')) die(basename(__FILE__));
- class report_module
- {
- var $subjects_auth = array();
- //
- // Returns module info for the ACP
- //
- function info()
- {
- return array(
- 'title' => $this->lang['MODULE_TITLE'],
- 'explain' => $this->lang['MODULE_EXPLAIN']);
- }
- //
- // Generates a return link based on the subject_url() method
- //
- function return_link($id)
- {
- global $lang;
- if (method_exists($this, 'subject_url') && isset($this->lang['CLICK_RETURN']))
- {
- return '<br /><br />' . sprintf($this->lang['CLICK_RETURN'], '<a href="' . $this->subject_url($id) . '">', '</a>');
- }
- else
- {
- return '';
- }
- }
- //
- // Returns report reasons of the module
- //
- function reasons_obtain()
- {
- global $lang;
- $sql = 'SELECT report_reason_id, report_reason_desc
- FROM ' . BB_REPORTS_REASONS . '
- WHERE report_module_id = ' . (int) $this->id . '
- ORDER BY report_reason_order';
- if (!$result = DB()->sql_query($sql))
- {
- message_die(GENERAL_ERROR, 'Could not obtain report reasons', '', __LINE__, __FILE__, $sql);
- }
- $rows = array();
- while ($row = DB()->sql_fetchrow($result))
- {
- $rows[$row['report_reason_id']] = (isset($lang[$row['report_reason_desc']])) ? $lang[$row['report_reason_desc']] : $row['report_reason_desc'];
- }
- DB()->sql_freeresult($result);
- return (!empty($rows)) ? $rows : false;
- }
- //
- // Checks module authorisation
- //
- function auth_check($auth_names, $userdata = null)
- {
- if (!isset($userdata))
- {
- global $userdata;
- }
- if ($userdata['user_id'] == GUEST_UID)
- {
- return false;
- }
- //
- // Set "virtual" column
- //
- if (!isset($this->data['auth_delete_view']))
- {
- if ($this->data['auth_delete'] == REPORT_AUTH_CONFIRM)
- {
- $this->data['auth_delete_view'] = REPORT_AUTH_MOD;
- }
- else
- {
- $this->data['auth_delete_view'] = $this->data['auth_delete'];
- }
- }
- switch ($userdata['user_level'])
- {
- case ADMIN:
- return true;
- break;
- case MOD:
- $auth_value = REPORT_AUTH_MOD;
- break;
- case GROUP_MEMBER:
- case USER:
- $auth_value = REPORT_AUTH_USER;
- break;
- default:
- return false;
- break;
- }
- if (!is_array($auth_names))
- {
- $auth_names = array($auth_names);
- }
- //
- // Check authorisation
- //
- foreach ($auth_names as $auth_name)
- {
- if ($this->data[$auth_name] > $auth_value)
- {
- return false;
- }
- }
- return true;
- }
- //
- // Checks the authorisation to view the specified report subjects
- //
- function subjects_auth_check(&$report_subjects, $userdata = null)
- {
- if (!method_exists($this, 'subjects_auth_obtain') || empty($report_subjects))
- {
- return true;
- }
- if (!isset($userdata))
- {
- global $userdata;
- }
- if ($userdata['user_level'] == ADMIN)
- {
- return true;
- }
- else if ($userdata['user_level'] != MOD)
- {
- return false;
- }
- report_prepare_subjects($report_subjects);
- $user_id = $userdata['user_id'];
- if (!isset($this->subject_auth[$user_id]))
- {
- $this->subject_auth[$user_id] = array();
- $this->subjects_auth_obtain($user_id, $report_subjects);
- }
- else
- {
- $check_ids = array();
- foreach ($report_subjects as $report_id => $report_subject)
- {
- if (!isset($this->subjects_auth[$user_id][$report_subject[0]]))
- {
- $check_ids[] = $report_subjects[$report_id];
- }
- }
- if (!empty($check_ids))
- {
- $this->subjects_auth_obtain($user_id, $check_ids);
- }
- }
- $subjects_count = count($report_subjects);
- foreach ($report_subjects as $report_id => $report_subject)
- {
- if (!$this->subjects_auth[$user_id][$report_subject[0]])
- {
- unset($report_subjects[$report_id]);
- }
- }
- return ($subjects_count == count($report_subjects));
- }
- }