PageRenderTime 48ms CodeModel.GetById 17ms RepoModel.GetById 1ms app.codeStats 0ms

/phpBB/includes/mcp/mcp_reports.php

https://github.com/Jipem/phpbb
PHP | 720 lines | 579 code | 113 blank | 28 comment | 93 complexity | ed9bfa5c52918767f540e358fbd3fd61 MD5 | raw file
Possible License(s): AGPL-1.0
  1. <?php
  2. /**
  3. *
  4. * This file is part of the phpBB Forum Software package.
  5. *
  6. * @copyright (c) phpBB Limited <https://www.phpbb.com>
  7. * @license GNU General Public License, version 2 (GPL-2.0)
  8. *
  9. * For full copyright and license information, please see
  10. * the docs/CREDITS.txt file.
  11. *
  12. */
  13. /**
  14. * @ignore
  15. */
  16. if (!defined('IN_PHPBB'))
  17. {
  18. exit;
  19. }
  20. /**
  21. * mcp_reports
  22. * Handling the reports queue
  23. */
  24. class mcp_reports
  25. {
  26. var $p_master;
  27. var $u_action;
  28. function mcp_reports(&$p_master)
  29. {
  30. $this->p_master = &$p_master;
  31. }
  32. function main($id, $mode)
  33. {
  34. global $auth, $db, $user, $template, $cache;
  35. global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
  36. include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
  37. $forum_id = request_var('f', 0);
  38. $start = request_var('start', 0);
  39. $this->page_title = 'MCP_REPORTS';
  40. switch ($action)
  41. {
  42. case 'close':
  43. case 'delete':
  44. include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
  45. $report_id_list = request_var('report_id_list', array(0));
  46. if (!sizeof($report_id_list))
  47. {
  48. trigger_error('NO_REPORT_SELECTED');
  49. }
  50. close_report($report_id_list, $mode, $action);
  51. break;
  52. }
  53. switch ($mode)
  54. {
  55. case 'report_details':
  56. $user->add_lang(array('posting', 'viewforum', 'viewtopic'));
  57. $post_id = request_var('p', 0);
  58. // closed reports are accessed by report id
  59. $report_id = request_var('r', 0);
  60. $sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
  61. FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
  62. WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . '
  63. AND rr.reason_id = r.reason_id
  64. AND r.user_id = u.user_id
  65. AND r.pm_id = 0
  66. ORDER BY report_closed ASC';
  67. $result = $db->sql_query_limit($sql, 1);
  68. $report = $db->sql_fetchrow($result);
  69. $db->sql_freeresult($result);
  70. if (!$report)
  71. {
  72. trigger_error('NO_REPORT');
  73. }
  74. $phpbb_notifications = $phpbb_container->get('notification_manager');
  75. $phpbb_notifications->mark_notifications_read('report_post', $post_id, $user->data['user_id']);
  76. if (!$report_id && $report['report_closed'])
  77. {
  78. trigger_error('REPORT_CLOSED');
  79. }
  80. $post_id = $report['post_id'];
  81. $report_id = $report['report_id'];
  82. $parse_post_flags = $report['reported_post_enable_bbcode'] ? OPTION_FLAG_BBCODE : 0;
  83. $parse_post_flags += $report['reported_post_enable_smilies'] ? OPTION_FLAG_SMILIES : 0;
  84. $parse_post_flags += $report['reported_post_enable_magic_url'] ? OPTION_FLAG_LINKS : 0;
  85. $post_info = get_post_data(array($post_id), 'm_report', true);
  86. if (!sizeof($post_info))
  87. {
  88. trigger_error('NO_REPORT_SELECTED');
  89. }
  90. $post_info = $post_info[$post_id];
  91. $reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']);
  92. if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])]))
  93. {
  94. $reason['description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])];
  95. $reason['title'] = $user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])];
  96. }
  97. if (topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
  98. {
  99. $template->assign_vars(array(
  100. 'S_TOPIC_REVIEW' => true,
  101. 'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'],
  102. 'TOPIC_TITLE' => $post_info['topic_title'],
  103. 'REPORTED_POST_ID' => $post_id,
  104. ));
  105. }
  106. $topic_tracking_info = $extensions = $attachments = array();
  107. // Get topic tracking info
  108. if ($config['load_db_lastread'])
  109. {
  110. $tmp_topic_data = array($post_info['topic_id'] => $post_info);
  111. $topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
  112. unset($tmp_topic_data);
  113. }
  114. else
  115. {
  116. $topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
  117. }
  118. $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
  119. $message = generate_text_for_display(
  120. $report['reported_post_text'],
  121. $report['reported_post_uid'],
  122. $report['reported_post_bitfield'],
  123. $parse_post_flags,
  124. false
  125. );
  126. $report['report_text'] = make_clickable(bbcode_nl2br($report['report_text']));
  127. if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
  128. {
  129. $sql = 'SELECT *
  130. FROM ' . ATTACHMENTS_TABLE . '
  131. WHERE post_msg_id = ' . $post_id . '
  132. AND in_message = 0
  133. AND filetime <= ' . (int) $report['report_time'] . '
  134. ORDER BY filetime DESC';
  135. $result = $db->sql_query($sql);
  136. while ($row = $db->sql_fetchrow($result))
  137. {
  138. $attachments[] = $row;
  139. }
  140. $db->sql_freeresult($result);
  141. if (sizeof($attachments))
  142. {
  143. $update_count = array();
  144. parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
  145. }
  146. // Display not already displayed Attachments for this post, we already parsed them. ;)
  147. if (!empty($attachments))
  148. {
  149. $template->assign_var('S_HAS_ATTACHMENTS', true);
  150. foreach ($attachments as $attachment)
  151. {
  152. $template->assign_block_vars('attachment', array(
  153. 'DISPLAY_ATTACHMENT' => $attachment)
  154. );
  155. }
  156. }
  157. }
  158. $template->assign_vars(array(
  159. 'S_MCP_REPORT' => true,
  160. 'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
  161. 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
  162. 'S_POST_REPORTED' => $post_info['post_reported'],
  163. 'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE,
  164. 'S_POST_LOCKED' => $post_info['post_edit_locked'],
  165. 'S_REPORT_CLOSED' => $report['report_closed'],
  166. 'S_USER_NOTES' => true,
  167. 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '',
  168. 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
  169. 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
  170. 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $report['user_id']),
  171. 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']),
  172. 'U_MCP_WARN_REPORTER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $report['user_id']) : '',
  173. 'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '',
  174. 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $post_info['forum_id']),
  175. 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
  176. 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']),
  177. 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
  178. 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
  179. 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
  180. 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports' . (($post_info['post_reported']) ? '&amp;mode=reports' : '&amp;mode=reports_closed') . '&amp;start=' . $start . '&amp;f=' . $post_info['forum_id']) . '">', '</a>'),
  181. 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
  182. 'REPORT_DATE' => $user->format_date($report['report_time']),
  183. 'REPORT_ID' => $report_id,
  184. 'REPORT_REASON_TITLE' => $reason['title'],
  185. 'REPORT_REASON_DESCRIPTION' => $reason['description'],
  186. 'REPORT_TEXT' => $report['report_text'],
  187. 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
  188. 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
  189. 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
  190. 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
  191. 'REPORTER_FULL' => get_username_string('full', $report['user_id'], $report['username'], $report['user_colour']),
  192. 'REPORTER_COLOUR' => get_username_string('colour', $report['user_id'], $report['username'], $report['user_colour']),
  193. 'REPORTER_NAME' => get_username_string('username', $report['user_id'], $report['username'], $report['user_colour']),
  194. 'U_VIEW_REPORTER_PROFILE' => get_username_string('profile', $report['user_id'], $report['username'], $report['user_colour']),
  195. 'POST_PREVIEW' => $message,
  196. 'POST_SUBJECT' => ($post_info['post_subject']) ? $post_info['post_subject'] : $user->lang['NO_SUBJECT'],
  197. 'POST_DATE' => $user->format_date($post_info['post_time']),
  198. 'POST_IP' => $post_info['poster_ip'],
  199. 'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
  200. 'POST_ID' => $post_info['post_id'],
  201. 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? $this->u_action . '&amp;r=' . $report_id . '&amp;p=' . $post_id . '&amp;f=' . $forum_id . '&amp;lookup=' . $post_info['poster_ip'] . '#ip' : '',
  202. ));
  203. $this->tpl_name = 'mcp_post';
  204. break;
  205. case 'reports':
  206. case 'reports_closed':
  207. $topic_id = request_var('t', 0);
  208. $forum_info = array();
  209. $forum_list_reports = get_forum_list('m_report', false, true);
  210. $forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
  211. // Remove forums we cannot read
  212. foreach ($forum_list_reports as $k => $forum_data)
  213. {
  214. if (!isset($forum_list_read[$forum_data['forum_id']]))
  215. {
  216. unset($forum_list_reports[$k]);
  217. }
  218. }
  219. unset($forum_list_read);
  220. if ($topic_id)
  221. {
  222. $topic_info = get_topic_data(array($topic_id));
  223. if (!sizeof($topic_info))
  224. {
  225. trigger_error('TOPIC_NOT_EXIST');
  226. }
  227. if ($forum_id != $topic_info[$topic_id]['forum_id'])
  228. {
  229. $topic_id = 0;
  230. }
  231. else
  232. {
  233. $topic_info = $topic_info[$topic_id];
  234. $forum_id = (int) $topic_info['forum_id'];
  235. }
  236. }
  237. $forum_list = array();
  238. if (!$forum_id)
  239. {
  240. foreach ($forum_list_reports as $row)
  241. {
  242. $forum_list[] = $row['forum_id'];
  243. }
  244. if (!sizeof($forum_list))
  245. {
  246. trigger_error('NOT_MODERATOR');
  247. }
  248. $global_id = $forum_list[0];
  249. $sql = 'SELECT SUM(forum_topics_approved) as sum_forum_topics
  250. FROM ' . FORUMS_TABLE . '
  251. WHERE ' . $db->sql_in_set('forum_id', $forum_list);
  252. $result = $db->sql_query($sql);
  253. $forum_info['forum_topics_approved'] = (int) $db->sql_fetchfield('sum_forum_topics');
  254. $db->sql_freeresult($result);
  255. }
  256. else
  257. {
  258. $forum_info = get_forum_data(array($forum_id), 'm_report');
  259. if (!sizeof($forum_info))
  260. {
  261. trigger_error('NOT_MODERATOR');
  262. }
  263. $forum_info = $forum_info[$forum_id];
  264. $forum_list = array($forum_id);
  265. }
  266. $forum_list[] = 0;
  267. $forum_data = array();
  268. $pagination = $phpbb_container->get('pagination');
  269. $forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
  270. foreach ($forum_list_reports as $row)
  271. {
  272. $forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('&nbsp; &nbsp;', $row['padding']) . $row['forum_name'] . '</option>';
  273. $forum_data[$row['forum_id']] = $row;
  274. }
  275. unset($forum_list_reports);
  276. $sort_days = $total = 0;
  277. $sort_key = $sort_dir = '';
  278. $sort_by_sql = $sort_order_sql = array();
  279. mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
  280. $forum_topics = ($total == -1) ? $forum_info['forum_topics_approved'] : $total;
  281. $limit_time_sql = ($sort_days) ? 'AND r.report_time >= ' . (time() - ($sort_days * 86400)) : '';
  282. if ($mode == 'reports')
  283. {
  284. $report_state = 'AND p.post_reported = 1 AND r.report_closed = 0';
  285. }
  286. else
  287. {
  288. $report_state = 'AND r.report_closed = 1';
  289. }
  290. $sql = 'SELECT r.report_id
  291. FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . REPORTS_TABLE . ' r ' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . (($sort_order_sql[0] == 'r') ? ', ' . USERS_TABLE . ' ru' : '') . '
  292. WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . "
  293. $report_state
  294. AND r.post_id = p.post_id
  295. " . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
  296. ' . (($sort_order_sql[0] == 'r') ? 'AND ru.user_id = r.user_id' : '') . '
  297. ' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
  298. AND t.topic_id = p.topic_id
  299. AND r.pm_id = 0
  300. $limit_time_sql
  301. ORDER BY $sort_order_sql";
  302. $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
  303. $i = 0;
  304. $report_ids = array();
  305. while ($row = $db->sql_fetchrow($result))
  306. {
  307. $report_ids[] = $row['report_id'];
  308. $row_num[$row['report_id']] = $i++;
  309. }
  310. $db->sql_freeresult($result);
  311. if (sizeof($report_ids))
  312. {
  313. $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour, r.user_id as reporter_id, ru.username as reporter_name, ru.user_colour as reporter_colour, r.report_time, r.report_id
  314. FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u, ' . USERS_TABLE . ' ru
  315. WHERE ' . $db->sql_in_set('r.report_id', $report_ids) . '
  316. AND t.topic_id = p.topic_id
  317. AND r.post_id = p.post_id
  318. AND u.user_id = p.poster_id
  319. AND ru.user_id = r.user_id
  320. AND r.pm_id = 0
  321. ORDER BY ' . $sort_order_sql;
  322. $result = $db->sql_query($sql);
  323. $report_data = $rowset = array();
  324. while ($row = $db->sql_fetchrow($result))
  325. {
  326. $template->assign_block_vars('postrow', array(
  327. 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
  328. 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . '#p' . $row['post_id'],
  329. 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&amp;start=$start&amp;mode=report_details&amp;f={$row['forum_id']}&amp;r={$row['report_id']}"),
  330. 'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
  331. 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
  332. 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
  333. 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
  334. 'REPORTER_FULL' => get_username_string('full', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
  335. 'REPORTER_COLOUR' => get_username_string('colour', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
  336. 'REPORTER' => get_username_string('username', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
  337. 'U_REPORTER' => get_username_string('profile', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
  338. 'FORUM_NAME' => $forum_data[$row['forum_id']]['forum_name'],
  339. 'POST_ID' => $row['post_id'],
  340. 'POST_SUBJECT' => ($row['post_subject']) ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
  341. 'POST_TIME' => $user->format_date($row['post_time']),
  342. 'REPORT_ID' => $row['report_id'],
  343. 'REPORT_TIME' => $user->format_date($row['report_time']),
  344. 'TOPIC_TITLE' => $row['topic_title'],
  345. 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '',
  346. ));
  347. }
  348. $db->sql_freeresult($result);
  349. unset($report_ids, $row);
  350. }
  351. $base_url = $this->u_action . "&amp;f=$forum_id&amp;t=$topic_id&amp;st=$sort_days&amp;sk=$sort_key&amp;sd=$sort_dir";
  352. $pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
  353. // Now display the page
  354. $template->assign_vars(array(
  355. 'L_EXPLAIN' => ($mode == 'reports') ? $user->lang['MCP_REPORTS_OPEN_EXPLAIN'] : $user->lang['MCP_REPORTS_CLOSED_EXPLAIN'],
  356. 'L_TITLE' => ($mode == 'reports') ? $user->lang['MCP_REPORTS_OPEN'] : $user->lang['MCP_REPORTS_CLOSED'],
  357. 'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
  358. 'S_MCP_ACTION' => $this->u_action,
  359. 'S_FORUM_OPTIONS' => $forum_options,
  360. 'S_CLOSED' => ($mode == 'reports_closed') ? true : false,
  361. 'TOPIC_ID' => $topic_id,
  362. 'TOTAL' => $total,
  363. 'TOTAL_REPORTS' => $user->lang('LIST_REPORTS', (int) $total),
  364. )
  365. );
  366. $this->tpl_name = 'mcp_reports';
  367. break;
  368. }
  369. }
  370. }
  371. /**
  372. * Closes a report
  373. */
  374. function close_report($report_id_list, $mode, $action, $pm = false)
  375. {
  376. global $db, $template, $user, $config, $auth;
  377. global $phpEx, $phpbb_root_path, $phpbb_container;
  378. $pm_where = ($pm) ? ' AND r.post_id = 0 ' : ' AND r.pm_id = 0 ';
  379. $id_column = ($pm) ? 'pm_id' : 'post_id';
  380. $module = ($pm) ? 'pm_reports' : 'reports';
  381. $pm_prefix = ($pm) ? 'PM_' : '';
  382. $sql = "SELECT r.$id_column
  383. FROM " . REPORTS_TABLE . ' r
  384. WHERE ' . $db->sql_in_set('r.report_id', $report_id_list) . $pm_where;
  385. $result = $db->sql_query($sql);
  386. $post_id_list = array();
  387. while ($row = $db->sql_fetchrow($result))
  388. {
  389. $post_id_list[] = $row[$id_column];
  390. }
  391. $post_id_list = array_unique($post_id_list);
  392. if ($pm)
  393. {
  394. if (!$auth->acl_getf_global('m_report'))
  395. {
  396. trigger_error('NOT_AUTHORISED');
  397. }
  398. }
  399. else
  400. {
  401. if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_report')))
  402. {
  403. trigger_error('NOT_AUTHORISED');
  404. }
  405. }
  406. if ($action == 'delete' && strpos($user->data['session_page'], 'mode=report_details') !== false)
  407. {
  408. $redirect = request_var('redirect', build_url(array('mode', 'r', 'quickmod')) . '&amp;mode=reports');
  409. }
  410. else if ($action == 'delete' && strpos($user->data['session_page'], 'mode=pm_report_details') !== false)
  411. {
  412. $redirect = request_var('redirect', build_url(array('mode', 'r', 'quickmod')) . '&amp;mode=pm_reports');
  413. }
  414. else if ($action == 'close' && !request_var('r', 0))
  415. {
  416. $redirect = request_var('redirect', build_url(array('mode', 'p', 'quickmod')) . '&amp;mode=' . $module);
  417. }
  418. else
  419. {
  420. $redirect = request_var('redirect', build_url(array('quickmod')));
  421. }
  422. $success_msg = '';
  423. $forum_ids = array();
  424. $topic_ids = array();
  425. $s_hidden_fields = build_hidden_fields(array(
  426. 'i' => $module,
  427. 'mode' => $mode,
  428. 'report_id_list' => $report_id_list,
  429. 'action' => $action,
  430. 'redirect' => $redirect)
  431. );
  432. if (confirm_box(true))
  433. {
  434. $post_info = ($pm) ? get_pm_data($post_id_list) : get_post_data($post_id_list, 'm_report');
  435. $sql = "SELECT r.report_id, r.$id_column, r.report_closed, r.user_id, r.user_notify, u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type
  436. FROM " . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u
  437. WHERE ' . $db->sql_in_set('r.report_id', $report_id_list) . '
  438. ' . (($action == 'close') ? 'AND r.report_closed = 0' : '') . '
  439. AND r.user_id = u.user_id' . $pm_where;
  440. $result = $db->sql_query($sql);
  441. $reports = $close_report_posts = $close_report_topics = $notify_reporters = $report_id_list = array();
  442. while ($report = $db->sql_fetchrow($result))
  443. {
  444. $reports[$report['report_id']] = $report;
  445. $report_id_list[] = $report['report_id'];
  446. if (!$report['report_closed'])
  447. {
  448. $close_report_posts[] = $report[$id_column];
  449. if (!$pm)
  450. {
  451. $close_report_topics[] = $post_info[$report['post_id']]['topic_id'];
  452. }
  453. }
  454. if ($report['user_notify'] && !$report['report_closed'])
  455. {
  456. $notify_reporters[$report['report_id']] = &$reports[$report['report_id']];
  457. }
  458. }
  459. $db->sql_freeresult($result);
  460. if (sizeof($reports))
  461. {
  462. $close_report_posts = array_unique($close_report_posts);
  463. $close_report_topics = array_unique($close_report_topics);
  464. if (!$pm && sizeof($close_report_posts))
  465. {
  466. // Get a list of topics that still contain reported posts
  467. $sql = 'SELECT DISTINCT topic_id
  468. FROM ' . POSTS_TABLE . '
  469. WHERE ' . $db->sql_in_set('topic_id', $close_report_topics) . '
  470. AND post_reported = 1
  471. AND ' . $db->sql_in_set('post_id', $close_report_posts, true);
  472. $result = $db->sql_query($sql);
  473. $keep_report_topics = array();
  474. while ($row = $db->sql_fetchrow($result))
  475. {
  476. $keep_report_topics[] = $row['topic_id'];
  477. }
  478. $db->sql_freeresult($result);
  479. $close_report_topics = array_diff($close_report_topics, $keep_report_topics);
  480. unset($keep_report_topics);
  481. }
  482. $db->sql_transaction('begin');
  483. if ($action == 'close')
  484. {
  485. $sql = 'UPDATE ' . REPORTS_TABLE . '
  486. SET report_closed = 1
  487. WHERE ' . $db->sql_in_set('report_id', $report_id_list);
  488. }
  489. else
  490. {
  491. $sql = 'DELETE FROM ' . REPORTS_TABLE . '
  492. WHERE ' . $db->sql_in_set('report_id', $report_id_list);
  493. }
  494. $db->sql_query($sql);
  495. if (sizeof($close_report_posts))
  496. {
  497. if ($pm)
  498. {
  499. $sql = 'UPDATE ' . PRIVMSGS_TABLE . '
  500. SET message_reported = 0
  501. WHERE ' . $db->sql_in_set('msg_id', $close_report_posts);
  502. $db->sql_query($sql);
  503. if ($action == 'delete')
  504. {
  505. delete_pm(ANONYMOUS, $close_report_posts, PRIVMSGS_INBOX);
  506. }
  507. }
  508. else
  509. {
  510. $sql = 'UPDATE ' . POSTS_TABLE . '
  511. SET post_reported = 0
  512. WHERE ' . $db->sql_in_set('post_id', $close_report_posts);
  513. $db->sql_query($sql);
  514. if (sizeof($close_report_topics))
  515. {
  516. $sql = 'UPDATE ' . TOPICS_TABLE . '
  517. SET topic_reported = 0
  518. WHERE ' . $db->sql_in_set('topic_id', $close_report_topics) . '
  519. OR ' . $db->sql_in_set('topic_moved_id', $close_report_topics);
  520. $db->sql_query($sql);
  521. }
  522. }
  523. }
  524. $db->sql_transaction('commit');
  525. }
  526. unset($close_report_posts, $close_report_topics);
  527. $phpbb_notifications = $phpbb_container->get('notification_manager');
  528. foreach ($reports as $report)
  529. {
  530. if ($pm)
  531. {
  532. add_log('mod', 0, 0, 'LOG_PM_REPORT_' . strtoupper($action) . 'D', $post_info[$report['pm_id']]['message_subject']);
  533. $phpbb_notifications->delete_notifications('report_pm', $report['pm_id']);
  534. }
  535. else
  536. {
  537. add_log('mod', $post_info[$report['post_id']]['forum_id'], $post_info[$report['post_id']]['topic_id'], 'LOG_REPORT_' . strtoupper($action) . 'D', $post_info[$report['post_id']]['post_subject']);
  538. $phpbb_notifications->delete_notifications('report_post', $report['post_id']);
  539. }
  540. }
  541. // Notify reporters
  542. if (sizeof($notify_reporters))
  543. {
  544. foreach ($notify_reporters as $report_id => $reporter)
  545. {
  546. if ($reporter['user_id'] == ANONYMOUS)
  547. {
  548. continue;
  549. }
  550. $post_id = $reporter[$id_column];
  551. if ($pm)
  552. {
  553. $phpbb_notifications->add_notifications('report_pm_closed', array_merge($post_info[$post_id], array(
  554. 'reporter' => $reporter['user_id'],
  555. 'closer_id' => $user->data['user_id'],
  556. 'from_user_id' => $post_info[$post_id]['author_id'],
  557. )));
  558. }
  559. else
  560. {
  561. $phpbb_notifications->add_notifications('report_post_closed', array_merge($post_info[$post_id], array(
  562. 'reporter' => $reporter['user_id'],
  563. 'closer_id' => $user->data['user_id'],
  564. )));
  565. }
  566. }
  567. }
  568. if (!$pm)
  569. {
  570. foreach ($post_info as $post)
  571. {
  572. $forum_ids[$post['forum_id']] = $post['forum_id'];
  573. $topic_ids[$post['topic_id']] = $post['topic_id'];
  574. }
  575. }
  576. unset($notify_reporters, $post_info, $reports);
  577. $success_msg = (sizeof($report_id_list) == 1) ? "{$pm_prefix}REPORT_" . strtoupper($action) . 'D_SUCCESS' : "{$pm_prefix}REPORTS_" . strtoupper($action) . 'D_SUCCESS';
  578. }
  579. else
  580. {
  581. confirm_box(false, $user->lang[strtoupper($action) . "_{$pm_prefix}REPORT" . ((sizeof($report_id_list) == 1) ? '' : 'S') . '_CONFIRM'], $s_hidden_fields);
  582. }
  583. $redirect = request_var('redirect', "index.$phpEx");
  584. $redirect = reapply_sid($redirect);
  585. if (!$success_msg)
  586. {
  587. redirect($redirect);
  588. }
  589. else
  590. {
  591. meta_refresh(3, $redirect);
  592. $return_forum = '';
  593. $return_topic = '';
  594. if (!$pm)
  595. {
  596. if (sizeof($forum_ids) === 1)
  597. {
  598. $return_forum = sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />';
  599. }
  600. if (sizeof($topic_ids) === 1)
  601. {
  602. $return_topic = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . current($topic_ids) . '&amp;f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />';
  603. }
  604. }
  605. trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_forum . $return_topic . sprintf($user->lang['RETURN_PAGE'], "<a href=\"$redirect\">", '</a>'));
  606. }
  607. }