| [ Index ] |
PHP Cross Reference of MyBB 1.6.7 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: moderation.php 5587 2011-09-13 14:48:33Z Tomm $ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'moderation.php'); 14 15 $templatelist = 'changeuserbox'; 16 17 require_once "./global.php"; 18 require_once MYBB_ROOT."inc/functions_post.php"; 19 require_once MYBB_ROOT."inc/functions_upload.php"; 20 require_once MYBB_ROOT."inc/class_parser.php"; 21 $parser = new postParser; 22 require_once MYBB_ROOT."inc/class_moderation.php"; 23 $moderation = new Moderation; 24 25 // Load global language phrases 26 $lang->load("moderation"); 27 28 $plugins->run_hooks("moderation_start"); 29 30 // Get some navigation if we need it 31 switch($mybb->input['action']) 32 { 33 case "reports": 34 add_breadcrumb($lang->reported_posts); 35 break; 36 case "allreports": 37 add_breadcrumb($lang->all_reported_posts); 38 break; 39 40 } 41 $tid = intval($mybb->input['tid']); 42 $pid = intval($mybb->input['pid']); 43 $fid = intval($mybb->input['fid']); 44 45 if($pid) 46 { 47 $post = get_post($pid); 48 $tid = $post['tid']; 49 if(!$post['pid']) 50 { 51 error($lang->error_invalidpost); 52 } 53 } 54 55 if($tid) 56 { 57 $thread = get_thread($tid); 58 $fid = $thread['fid']; 59 if(!$thread['tid']) 60 { 61 error($lang->error_invalidthread); 62 } 63 } 64 65 if($fid) 66 { 67 $modlogdata['fid'] = $fid; 68 $forum = get_forum($fid); 69 70 // Make navigation 71 build_forum_breadcrumb($fid); 72 } 73 74 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 75 76 if($tid) 77 { 78 add_breadcrumb($thread['subject'], get_thread_link($thread['tid'])); 79 $modlogdata['tid'] = $tid; 80 } 81 82 // Get our permissions all nice and setup 83 $permissions = forum_permissions($fid); 84 85 if($fid) 86 { 87 // Check if this forum is password protected and we have a valid password 88 check_forum_password($forum['fid']); 89 } 90 91 if($mybb->user['uid'] != 0) 92 { 93 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 94 } 95 else 96 { 97 eval("\$loginbox = \"".$templates->get("loginbox")."\";"); 98 } 99 100 $allowable_moderation_actions = array("getip", "cancel_delayedmoderation", "delayedmoderation"); 101 102 if($mybb->request_method != "post" && !in_array($mybb->input['action'], $allowable_moderation_actions)) 103 { 104 error_no_permission(); 105 } 106 107 // Begin! 108 switch($mybb->input['action']) 109 { 110 // Delayed Moderation 111 case "cancel_delayedmoderation": 112 // Verify incoming POST request 113 verify_post_check($mybb->input['my_post_key']); 114 115 add_breadcrumb($lang->delayed_moderation); 116 if(!is_moderator($fid, "canmanagethreads")) 117 { 118 error_no_permission(); 119 } 120 121 $db->delete_query("delayedmoderation", "did='".intval($mybb->input['did'])."'"); 122 123 if($tid == 0) 124 { 125 moderation_redirect(get_forum_link($fid), $lang->redirect_delayed_moderation_cancelled); 126 } 127 else 128 { 129 moderation_redirect("moderation.php?action=delayedmoderation&tid={$tid}&my_post_key={$mybb->post_code}", $lang->redirect_delayed_moderation_cancelled); 130 } 131 break; 132 case "do_delayedmoderation": 133 case "delayedmoderation": 134 // Verify incoming POST request 135 verify_post_check($mybb->input['my_post_key']); 136 137 add_breadcrumb($lang->delayed_moderation); 138 139 if(!is_moderator($fid, "canmanagethreads")) 140 { 141 error_no_permission(); 142 } 143 144 $errors = array(); 145 $customthreadtools = ""; 146 147 $allowed_types = array('openclosethread', 'deletethread', 'move', 'stick', 'merge', 'removeredirects', 'removesubscriptions', 'approveunapprovethread'); 148 149 switch($db->type) 150 { 151 case "pgsql": 152 case "sqlite": 153 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 154 break; 155 default: 156 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 157 } 158 while($tool = $db->fetch_array($query)) 159 { 160 $allowed_types[] = "modtool_".$tool['tid']; 161 162 $tool['name'] = htmlspecialchars_uni($tool['name']); 163 164 $checked = ""; 165 if($mybb->input['type'] == "modtool_".$tool['tid']) 166 { 167 $checked = "checked=\"checked\""; 168 } 169 170 eval("\$customthreadtools .= \"".$templates->get("moderation_delayedmoderation_custommodtool")."\";"); 171 } 172 173 if($mybb->input['tid']) 174 { 175 $mybb->input['tids'] = $mybb->input['tid']; 176 } 177 else 178 { 179 if($mybb->input['inlinetype'] == 'search') 180 { 181 $tids = getids($mybb->input['searchid'], 'search'); 182 } 183 else 184 { 185 $fid = $mybb->input['fid']; 186 $tids = getids($fid, "forum"); 187 } 188 if(count($tids) < 1) 189 { 190 error($lang->error_inline_nothreadsselected); 191 } 192 193 $mybb->input['tids'] = $tids; 194 } 195 196 if($mybb->input['action'] == "do_delayedmoderation" && $mybb->request_method == "post") 197 { 198 if(!in_array($mybb->input['type'], $allowed_types)) 199 { 200 $mybb->input['type'] = ''; 201 $errors[] = $lang->error_delayedmoderation_unsupported_type; 202 } 203 204 if($mybb->input['type'] == 'move' && !in_array($mybb->input['delayedmoderation']['method'], array('move', 'redirect', 'copy'))) 205 { 206 $mybb->input['delayedmoderation']['method'] = ''; 207 $errors[] = $lang->error_delayedmoderation_unsupported_method; 208 } 209 210 if($mybb->input['type'] == 'move') 211 { 212 $query = $db->simple_select("forums", "*", "fid='{$fid}'"); 213 $newforum = $db->fetch_array($query); 214 if($newforum['type'] != 'f') 215 { 216 $errors[] = $lang->error_invalidforum; 217 } 218 } 219 220 if($mybb->input['delay'] < 1) 221 { 222 $mybb->input['delay'] = 1; 223 $errors[] = $lang->error_delayedmoderation_invalid_delay; 224 } 225 226 if(!$errors) 227 { 228 if(is_array($mybb->input['tids'])) 229 { 230 $mybb->input['tids'] = implode(',' , $mybb->input['tids']); 231 } 232 $db->insert_query("delayedmoderation", array( 233 'type' => $db->escape_string($mybb->input['type']), 234 'delaydateline' => TIME_NOW+(intval($mybb->input['delay'])*24*60*60), 235 'uid' => $mybb->user['uid'], 236 'tids' => $db->escape_string($mybb->input['tids']), 237 'fid' => $fid, 238 'dateline' => TIME_NOW, 239 'inputs' => $db->escape_string(serialize($mybb->input['delayedmoderation'])) 240 )); 241 242 $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, intval($mybb->input['delay'])); 243 244 if($mybb->input['tid']) 245 { 246 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread); 247 } 248 else 249 { 250 if($mybb->input['inlinetype'] == 'search') 251 { 252 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $mybb->input['delay'])); 253 } 254 else 255 { 256 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $mybb->input['delay'])); 257 } 258 } 259 } 260 else 261 { 262 $type_selected = array($mybb->input['type'] => "checked=\"checked\""); 263 $method_selected = array($mybb->input['delayedmoderation']['method'] => "checked=\"checked\""); 264 265 $mybb->input['delay'] = intval($mybb->input['delay']); 266 $mybb->input['delayedmoderation']['redirect_expire'] = intval($mybb->input['delayedmoderation']['redirect_expire']); 267 $mybb->input['delayedmoderation']['new_forum'] = intval($mybb->input['delayedmoderation']['new_forum']); 268 $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']); 269 $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']); 270 271 $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]"); 272 } 273 } 274 else 275 { 276 $type_selected = array('openclosethread' => "checked=\"checked\""); 277 $method_selected = array('move' => "checked=\"checked\""); 278 279 $mybb->input['delay'] = 1; 280 $mybb->input['delayedmoderation']['redirect_expire'] = ''; 281 $mybb->input['delayedmoderation']['subject'] = $thread['subject']; 282 $mybb->input['delayedmoderation']['threadurl'] = ''; 283 284 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]"); 285 } 286 287 if(count($errors) > 0) 288 { 289 $display_errors = inline_error($errors); 290 } 291 292 $forum_cache = $cache->read("forums"); 293 294 $actions = array( 295 'openclosethread' => $lang->open_close_thread, 296 'deletethread' => $lang->delete_thread, 297 'move' => $lang->move_copy_thread, 298 'stick' => $lang->stick_unstick_thread, 299 'merge' => $lang->merge_threads, 300 'removeredirects' => $lang->remove_redirects, 301 'removesubscriptions' => $lang->remove_subscriptions, 302 'approveunapprovethread' => $lang->approve_unapprove_thread 303 ); 304 305 switch($db->type) 306 { 307 case "pgsql": 308 case "sqlite": 309 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 310 break; 311 default: 312 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 313 } 314 while($tool = $db->fetch_array($query)) 315 { 316 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 317 } 318 319 $delayedmods = ''; 320 $trow = alt_trow(1); 321 if($tid == 0) 322 { 323 // Inline thread moderation is used 324 if($mybb->input['inlinetype'] == 'search') 325 { 326 $tids = getids($mybb->input['searchid'], 'search'); 327 } 328 else 329 { 330 $tids = getids($fid, "forum"); 331 } 332 $where_array = array(); 333 switch($db->type) 334 { 335 case "pgsql": 336 case "sqlite": 337 foreach($tids as $like) 338 { 339 $where_array[] = "','||d.tids||',' LIKE '%,".$db->escape_string($like).",%'"; 340 } 341 $where_statement = implode(" OR ", $where_array); 342 $query = $db->query(" 343 SELECT d.*, u.username, t.subject AS tsubject, f.name AS fname 344 FROM ".TABLE_PREFIX."delayedmoderation d 345 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 346 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=d.tids) 347 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 348 WHERE ".$where_statement." 349 ORDER BY d.dateline DESC 350 LIMIT 0, 20 351 "); 352 break; 353 default: 354 foreach($tids as $like) 355 { 356 $where_array[] = "CONCAT(',',d.tids,',') LIKE '%,".$db->escape_string($like).",%'"; 357 } 358 $where_statement = implode(" OR ", $where_array); 359 $query = $db->query(" 360 SELECT d.*, u.username, t.subject AS tsubject, f.name AS fname 361 FROM ".TABLE_PREFIX."delayedmoderation d 362 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 363 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=d.tids) 364 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 365 WHERE ".$where_statement." 366 ORDER BY d.dateline DESC 367 LIMIT 0, 20 368 "); 369 } 370 } 371 else 372 { 373 switch($db->type) 374 { 375 case "pgsql": 376 case "sqlite": 377 $query = $db->query(" 378 SELECT d.*, u.username, t.subject AS tsubject, f.name AS fname 379 FROM ".TABLE_PREFIX."delayedmoderation d 380 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 381 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=d.tids) 382 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 383 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 384 ORDER BY d.dateline DESC 385 LIMIT 0, 20 386 "); 387 break; 388 default: 389 $query = $db->query(" 390 SELECT d.*, u.username, t.subject AS tsubject, f.name AS fname 391 FROM ".TABLE_PREFIX."delayedmoderation d 392 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 393 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=d.tids) 394 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 395 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 396 ORDER BY d.dateline DESC 397 LIMIT 0, 20 398 "); 399 } 400 } 401 while($delayedmod = $db->fetch_array($query)) 402 { 403 $delayedmod['dateline'] = my_date("jS M Y, G:i", $delayedmod['delaydateline']); 404 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 405 $delayedmod['action'] = $actions[$delayedmod['type']]; 406 $info = ''; 407 if($delayedmod['tsubject'] && strpos($delayedmod['tids'], ',') === false) 408 { 409 $info .= "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($delayedmod['tids'])."\">".htmlspecialchars_uni($delayedmod['tsubject'])."</a><br />"; 410 } 411 else 412 { 413 $info .= "<strong>{$lang->thread}</strong> {$lang->multiple_threads}<br />"; 414 } 415 416 if($delayedmod['fname']) 417 { 418 $info .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($delayedmod['fid'])."\">".htmlspecialchars_uni($delayedmod['fname'])."</a><br />"; 419 } 420 $delayedmod['inputs'] = unserialize($delayedmod['inputs']); 421 422 if($delayedmod['type'] == 'move') 423 { 424 $info .= "<strong>{$lang->new_forum}</strong> <a href=\"".get_forum_link($delayedmod['inputs']['new_forum'])."\">".htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name'])."</a><br />"; 425 if($delayedmod['inputs']['method'] == "redirect") 426 { 427 if(intval($delayedmod['inputs']['redirect_expire']) == 0) 428 { 429 $redirect_expire_bit = $lang->redirect_forever; 430 } 431 else 432 { 433 $redirect_expire_bit = intval($delayedmod['inputs']['redirect_expire'])." {$lang->days}"; 434 } 435 $info .= "<strong>{$lang->leave_redirect_for}</strong> {$redirect_expire_bit}<br />"; 436 } 437 } 438 else if($delayedmod['type'] == 'merge') 439 { 440 $info .= "<strong>{$lang->new_subject}</strong> ".htmlspecialchars_uni($delayedmod['inputs']['subject'])."<br />"; 441 $info .= "<strong>{$lang->thread_to_merge_with}</strong> <a href=\"".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."\">".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."</a><br />"; 442 } 443 444 eval("\$delayedmods .= \"".$templates->get("moderation_delayedmodaction_notes")."\";"); 445 $trow = alt_trow(); 446 } 447 if(!$delayedmods) 448 { 449 $delayedmods = "<tr><td class=\"trow1\" colspan=\"5\">{$lang->no_delayed_mods}</td></tr>"; 450 } 451 452 $url = ''; 453 if($mybb->input['tid']) 454 { 455 $lang->threads = $lang->thread; 456 $threads = "<a href=\"".get_thread_link($tid)."\">{$thread['subject']}</a>"; 457 eval("\$moderation_delayedmoderation_merge = \"".$templates->get("moderation_delayedmoderation_merge")."\";"); 458 } 459 else 460 { 461 if($mybb->input['inlinetype'] == 'search') 462 { 463 $tids = getids($mybb->input['searchid'], 'search'); 464 $url = htmlspecialchars_uni($mybb->input['url']); 465 } 466 else 467 { 468 $tids = getids($fid, "forum"); 469 } 470 if(count($tids) < 1) 471 { 472 error($lang->error_inline_nothreadsselected); 473 } 474 475 $threads = $lang->sprintf($lang->threads_selected, count($tids)); 476 } 477 eval("\$moderation_delayedmoderation_move = \"".$templates->get("moderation_delayedmoderation_move")."\";"); 478 479 $plugins->run_hooks("moderation_delayedmoderation"); 480 481 eval("\$delayedmoderation = \"".$templates->get("moderation_delayedmoderation")."\";"); 482 output_page($delayedmoderation); 483 break; 484 // Open or close a thread 485 case "openclosethread": 486 // Verify incoming POST request 487 verify_post_check($mybb->input['my_post_key']); 488 489 if(!is_moderator($fid, "canopenclosethreads")) 490 { 491 error_no_permission(); 492 } 493 494 if($thread['closed'] == 1) 495 { 496 $openclose = $lang->opened; 497 $redirect = $lang->redirect_openthread; 498 $moderation->open_threads($tid); 499 } 500 else 501 { 502 $openclose = $lang->closed; 503 $redirect = $lang->redirect_closethread; 504 $moderation->close_threads($tid); 505 } 506 507 $lang->mod_process = $lang->sprintf($lang->mod_process, $openclose); 508 509 log_moderator_action($modlogdata, $lang->mod_process); 510 511 moderation_redirect(get_thread_link($thread['tid']), $redirect); 512 break; 513 514 // Stick or unstick that post to the top bab! 515 case "stick"; 516 // Verify incoming POST request 517 verify_post_check($mybb->input['my_post_key']); 518 519 if(!is_moderator($fid, "canmanagethreads")) 520 { 521 error_no_permission(); 522 } 523 524 $plugins->run_hooks("moderation_stick"); 525 526 if($thread['sticky'] == 1) 527 { 528 $stuckunstuck = $lang->unstuck; 529 $redirect = $lang->redirect_unstickthread; 530 $moderation->unstick_threads($tid); 531 } 532 else 533 { 534 $stuckunstuck = $lang->stuck; 535 $redirect = $lang->redirect_stickthread; 536 $moderation->stick_threads($tid); 537 } 538 539 $lang->mod_process = $lang->sprintf($lang->mod_process, $stuckunstuck); 540 541 log_moderator_action($modlogdata, $lang->mod_process); 542 543 moderation_redirect(get_thread_link($thread['tid']), $redirect); 544 break; 545 546 // Remove redirects to a specific thread 547 case "removeredirects": 548 549 // Verify incoming POST request 550 verify_post_check($mybb->input['my_post_key']); 551 552 if(!is_moderator($fid, "canmanagethreads")) 553 { 554 error_no_permission(); 555 } 556 557 $plugins->run_hooks("moderation_removeredirects"); 558 559 $moderation->remove_redirects($tid); 560 561 log_moderator_action($modlogdata, $lang->redirects_removed); 562 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_redirectsremoved); 563 break; 564 565 // Delete thread confirmation page 566 case "deletethread": 567 568 add_breadcrumb($lang->nav_deletethread); 569 570 if(!is_moderator($fid, "candeleteposts")) 571 { 572 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 573 { 574 error_no_permission(); 575 } 576 } 577 578 $plugins->run_hooks("moderation_deletethread"); 579 580 eval("\$deletethread = \"".$templates->get("moderation_deletethread")."\";"); 581 output_page($deletethread); 582 break; 583 584 // Delete the actual thread here 585 case "do_deletethread": 586 587 // Verify incoming POST request 588 verify_post_check($mybb->input['my_post_key']); 589 590 if(!is_moderator($fid, "candeleteposts")) 591 { 592 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 593 { 594 error_no_permission(); 595 } 596 } 597 598 $plugins->run_hooks("moderation_do_deletethread"); 599 600 // Log the subject of the deleted thread 601 $modlogdata['thread_subject'] = $thread['subject']; 602 603 $thread['subject'] = $db->escape_string($thread['subject']); 604 $lang->thread_deleted = $lang->sprintf($lang->thread_deleted, $thread['subject']); 605 log_moderator_action($modlogdata, $lang->thread_deleted); 606 607 $moderation->delete_thread($tid); 608 609 mark_reports($tid, "thread"); 610 moderation_redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 611 break; 612 613 // Delete the poll from a thread confirmation page 614 case "deletepoll": 615 add_breadcrumb($lang->nav_deletepoll); 616 617 if(!is_moderator($fid, "candeleteposts")) 618 { 619 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 620 { 621 error_no_permission(); 622 } 623 } 624 625 $plugins->run_hooks("moderation_deletepoll"); 626 627 $query = $db->simple_select("polls", "*", "tid='$tid'"); 628 $poll = $db->fetch_array($query); 629 if(!$poll['pid']) 630 { 631 error($lang->error_invalidpoll); 632 } 633 634 eval("\$deletepoll = \"".$templates->get("moderation_deletepoll")."\";"); 635 output_page($deletepoll); 636 break; 637 638 // Delete the actual poll here! 639 case "do_deletepoll": 640 641 // Verify incoming POST request 642 verify_post_check($mybb->input['my_post_key']); 643 644 if(!$mybb->input['delete']) 645 { 646 error($lang->redirect_pollnotdeleted); 647 } 648 if(!is_moderator($fid, "candeleteposts")) 649 { 650 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 651 { 652 error_no_permission(); 653 } 654 } 655 $query = $db->simple_select("polls", "*", "tid='$tid'"); 656 $poll = $db->fetch_array($query); 657 if(!$poll['pid']) 658 { 659 error($lang->error_invalidpoll); 660 } 661 662 $plugins->run_hooks("moderation_do_deletepoll"); 663 664 $lang->poll_deleted = $lang->sprintf($lang->poll_deleted, $thread['subject']); 665 log_moderator_action($modlogdata, $lang->poll_deleted); 666 667 $moderation->delete_poll($poll['pid']); 668 669 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_polldeleted); 670 break; 671 672 // Approve a thread 673 case "approvethread": 674 675 // Verify incoming POST request 676 verify_post_check($mybb->input['my_post_key']); 677 678 if(!is_moderator($fid, "canopenclosethreads")) 679 { 680 error_no_permission(); 681 } 682 $query = $db->simple_select("threads", "*", "tid='$tid'"); 683 $thread = $db->fetch_array($query); 684 685 $plugins->run_hooks("moderation_approvethread"); 686 687 $lang->thread_approved = $lang->sprintf($lang->thread_approved, $thread['subject']); 688 log_moderator_action($modlogdata, $lang->thread_approved); 689 690 $moderation->approve_threads($tid, $fid); 691 692 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadapproved); 693 break; 694 695 // Unapprove a thread 696 case "unapprovethread": 697 698 // Verify incoming POST request 699 verify_post_check($mybb->input['my_post_key']); 700 701 if(!is_moderator($fid, "canopenclosethreads")) 702 { 703 error_no_permission(); 704 } 705 $query = $db->simple_select("threads", "*", "tid='$tid'"); 706 $thread = $db->fetch_array($query); 707 708 $plugins->run_hooks("moderation_unapprovethread"); 709 710 $lang->thread_unapproved = $lang->sprintf($lang->thread_unapproved, $thread['subject']); 711 log_moderator_action($modlogdata, $lang->thread_unapproved); 712 713 $moderation->unapprove_threads($tid, $fid); 714 715 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadunapproved); 716 break; 717 718 // Delete selective posts in a thread 719 case "deleteposts": 720 add_breadcrumb($lang->nav_deleteposts); 721 if(!is_moderator($fid, "candeleteposts")) 722 { 723 error_no_permission(); 724 } 725 $posts = ""; 726 $query = $db->query(" 727 SELECT p.*, u.* 728 FROM ".TABLE_PREFIX."posts p 729 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 730 WHERE tid='$tid' 731 ORDER BY dateline ASC 732 "); 733 $altbg = "trow1"; 734 while($post = $db->fetch_array($query)) 735 { 736 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 737 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 738 739 $parser_options = array( 740 "allow_html" => $forum['allowhtml'], 741 "allow_mycode" => $forum['allowmycode'], 742 "allow_smilies" => $forum['allowsmilies'], 743 "allow_imgcode" => $forum['allowimgcode'], 744 "allow_videocode" => $forum['allowvideocode'], 745 "filter_badwords" => 1 746 ); 747 if($post['smilieoff'] == 1) 748 { 749 $parser_options['allow_smilies'] = 0; 750 } 751 752 $message = $parser->parse_message($post['message'], $parser_options); 753 eval("\$posts .= \"".$templates->get("moderation_deleteposts_post")."\";"); 754 $altbg = alt_trow(); 755 } 756 757 $plugins->run_hooks("moderation_deleteposts"); 758 759 eval("\$deleteposts = \"".$templates->get("moderation_deleteposts")."\";"); 760 output_page($deleteposts); 761 break; 762 763 // Lets delete those selected posts! 764 case "do_deleteposts": 765 766 // Verify incoming POST request 767 verify_post_check($mybb->input['my_post_key']); 768 769 if(!is_moderator($fid, "candeleteposts")) 770 { 771 error_no_permission(); 772 } 773 774 $plugins->run_hooks("moderation_do_deleteposts"); 775 776 $deletethread = "1"; 777 $deletepost = $mybb->input['deletepost']; 778 $query = $db->simple_select("posts", "*", "tid='$tid'"); 779 while($post = $db->fetch_array($query)) 780 { 781 if($deletepost[$post['pid']] == 1) 782 { 783 $moderation->delete_post($post['pid']); 784 $deletecount++; 785 $plist[] = $post['pid']; 786 } 787 else 788 { 789 $deletethread = "0"; 790 } 791 } 792 if($deletethread) 793 { 794 $moderation->delete_thread($tid); 795 $url = get_forum_link($fid); 796 mark_reports($plist, "posts"); 797 } 798 else 799 { 800 $url = get_thread_link($thread['tid']); 801 mark_reports($tid, "thread"); 802 } 803 $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount); 804 log_moderator_action($modlogdata, $lang->deleted_selective_posts); 805 moderation_redirect($url, $lang->redirect_postsdeleted); 806 break; 807 808 // Merge selected posts selection screen 809 case "mergeposts": 810 add_breadcrumb($lang->nav_mergeposts); 811 812 if(!is_moderator($fid, "canmanagethreads")) 813 { 814 error_no_permission(); 815 } 816 $posts = ""; 817 $query = $db->query(" 818 SELECT p.*, u.* 819 FROM ".TABLE_PREFIX."posts p 820 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 821 WHERE tid='$tid' 822 ORDER BY dateline ASC 823 "); 824 $altbg = "trow1"; 825 while($post = $db->fetch_array($query)) 826 { 827 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 828 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 829 $parser_options = array( 830 "allow_html" => $forum['allowhtml'], 831 "allow_mycode" => $forum['allowmycode'], 832 "allow_smilies" => $forum['allowsmilies'], 833 "allow_imgcode" => $forum['allowimgcode'], 834 "allow_videocode" => $forum['allowvideocode'], 835 "filter_badwords" => 1 836 ); 837 if($post['smilieoff'] == 1) 838 { 839 $parser_options['allow_smilies'] = 0; 840 } 841 842 $message = $parser->parse_message($post['message'], $parser_options); 843 eval("\$posts .= \"".$templates->get("moderation_mergeposts_post")."\";"); 844 $altbg = alt_trow(); 845 } 846 847 $plugins->run_hooks("moderation_mergeposts"); 848 849 eval("\$mergeposts = \"".$templates->get("moderation_mergeposts")."\";"); 850 output_page($mergeposts); 851 break; 852 853 // Lets merge those selected posts! 854 case "do_mergeposts": 855 856 // Verify incoming POST request 857 verify_post_check($mybb->input['my_post_key']); 858 859 if(!is_moderator($fid, "canmanagethreads")) 860 { 861 error_no_permission(); 862 } 863 864 $plugins->run_hooks("moderation_do_mergeposts"); 865 866 $mergepost = $mybb->input['mergepost']; 867 if(count($mergepost) <= 1) 868 { 869 error($lang->error_nomergeposts); 870 } 871 872 foreach($mergepost as $pid => $yes) 873 { 874 $plist[] = intval($pid); 875 } 876 $masterpid = $moderation->merge_posts($plist, $tid, $mybb->input['sep']); 877 878 mark_reports($plist, "posts"); 879 log_moderator_action($modlogdata, $lang->merged_selective_posts); 880 moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_mergeposts); 881 break; 882 883 // Move a thread 884 case "move": 885 add_breadcrumb($lang->nav_move); 886 if(!is_moderator($fid, "canmanagethreads")) 887 { 888 error_no_permission(); 889 } 890 891 $plugins->run_hooks("moderation_move"); 892 893 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 894 eval("\$movethread = \"".$templates->get("moderation_move")."\";"); 895 output_page($movethread); 896 break; 897 898 // Lets get this thing moving! 899 case "do_move": 900 901 // Verify incoming POST request 902 verify_post_check($mybb->input['my_post_key']); 903 904 $moveto = intval($mybb->input['moveto']); 905 $method = $mybb->input['method']; 906 907 if(!is_moderator($fid, "canmanagethreads")) 908 { 909 error_no_permission(); 910 } 911 // Check if user has moderator permission to move to destination 912 if(!is_moderator($moveto, "canmanagethreads") && !is_moderator($fid, "canmovetononmodforum")) 913 { 914 error_no_permission(); 915 } 916 $newperms = forum_permissions($moveto); 917 if($newperms['canview'] == 0 && !is_moderator($fid, "canmovetononmodforum")) 918 { 919 error_no_permission(); 920 } 921 922 $query = $db->simple_select("forums", "*", "fid='$moveto'"); 923 $newforum = $db->fetch_array($query); 924 if($newforum['type'] != "f") 925 { 926 error($lang->error_invalidforum); 927 } 928 if($method != "copy" && $thread['fid'] == $moveto) 929 { 930 error($lang->error_movetosameforum); 931 } 932 933 $expire = 0; 934 if(intval($mybb->input['redirect_expire']) > 0) 935 { 936 $expire = TIME_NOW + (intval($mybb->input['redirect_expire']) * 86400); 937 } 938 939 $the_thread = $tid; 940 941 $newtid = $moderation->move_thread($tid, $moveto, $method, $expire); 942 943 switch($method) 944 { 945 case "copy": 946 log_moderator_action($modlogdata, $lang->thread_copied); 947 break; 948 default: 949 case "move": 950 case "redirect": 951 log_moderator_action($modlogdata, $lang->thread_moved); 952 break; 953 } 954 955 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadmoved); 956 break; 957 958 // Thread notes editor 959 case "threadnotes": 960 add_breadcrumb($lang->nav_threadnotes); 961 if(!is_moderator($fid, "canmanagethreads")) 962 { 963 error_no_permission(); 964 } 965 $thread['notes'] = htmlspecialchars_uni($parser->parse_badwords($thread['notes'])); 966 $trow = alt_trow(1); 967 $query = $db->query(" 968 SELECT l.*, u.username, t.subject AS tsubject, f.name AS fname, p.subject AS psubject 969 FROM ".TABLE_PREFIX."moderatorlog l 970 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 971 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 972 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) 973 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) 974 WHERE t.tid='$tid' 975 ORDER BY l.dateline DESC 976 LIMIT 0, 20 977 "); 978 while($modaction = $db->fetch_array($query)) 979 { 980 $modaction['dateline'] = my_date("jS M Y, G:i", $modaction['dateline']); 981 $modaction['profilelink'] = build_profile_link($modaction['username'], $modaction['uid']); 982 $info = ''; 983 if($modaction['tsubject']) 984 { 985 $info .= "<strong>$lang->thread</strong> <a href=\"".get_thread_link($modaction['tid'])."\">".htmlspecialchars_uni($modaction['tsubject'])."</a><br />"; 986 } 987 if($modaction['fname']) 988 { 989 $info .= "<strong>$lang->forum</strong> <a href=\"".get_forum_link($modaction['fid'])."\">".htmlspecialchars_uni($modaction['fname'])."</a><br />"; 990 } 991 if($modaction['psubject']) 992 { 993 $info .= "<strong>$lang->post</strong> <a href=\"".get_post_link($modaction['pid'])."#pid".$modaction['pid']."\">".htmlspecialchars_uni($modaction['psubject'])."</a>"; 994 } 995 996 eval("\$modactions .= \"".$templates->get("moderation_threadnotes_modaction")."\";"); 997 $trow = alt_trow(); 998 } 999 if(!$modactions) 1000 { 1001 $modactions = "<tr><td class=\"trow1\" colspan=\"4\">$lang->no_mod_options</td></tr>"; 1002 } 1003 1004 $actions = array( 1005 'openclosethread' => $lang->open_close_thread, 1006 'deletethread' => $lang->delete_thread, 1007 'move' => $lang->move_copy_thread, 1008 'stick' => $lang->stick_unstick_thread, 1009 'merge' => $lang->merge_threads, 1010 'removeredirects' => $lang->remove_redirects, 1011 'removesubscriptions' => $lang->remove_subscriptions, 1012 'approveunapprovethread' => $lang->approve_unapprove_thread 1013 ); 1014 1015 switch($db->type) 1016 { 1017 case "pgsql": 1018 case "sqlite": 1019 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 1020 break; 1021 default: 1022 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 1023 } 1024 while($tool = $db->fetch_array($query)) 1025 { 1026 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 1027 } 1028 1029 $forum_cache = $cache->read("forums"); 1030 1031 $trow = alt_trow(1); 1032 switch($db->type) 1033 { 1034 case "pgsql": 1035 case "sqlite": 1036 $query = $db->query(" 1037 SELECT d.*, u.username, t.subject AS tsubject, f.name AS fname 1038 FROM ".TABLE_PREFIX."delayedmoderation d 1039 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1040 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=d.tids) 1041 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1042 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 1043 ORDER BY d.dateline DESC 1044 LIMIT 0, 20 1045 "); 1046 break; 1047 default: 1048 $query = $db->query(" 1049 SELECT d.*, u.username, t.subject AS tsubject, f.name AS fname 1050 FROM ".TABLE_PREFIX."delayedmoderation d 1051 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1052 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=d.tids) 1053 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1054 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 1055 ORDER BY d.dateline DESC 1056 LIMIT 0, 20 1057 "); 1058 } 1059 while($delayedmod = $db->fetch_array($query)) 1060 { 1061 $delayedmod['dateline'] = my_date("jS M Y, G:i", $delayedmod['dateline']+($delayedmod['delay']*24*60*60)); 1062 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 1063 $delayedmod['action'] = $actions[$delayedmod['type']]; 1064 $info = ''; 1065 if($delayedmod['tsubject'] && strpos($delayedmod['tids'], ',') === false) 1066 { 1067 $info .= "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($delayedmod['tids'])."\">".htmlspecialchars_uni($delayedmod['tsubject'])."</a><br />"; 1068 } 1069 else 1070 { 1071 $info .= "<strong>{$lang->thread}</strong> {$lang->multiple_threads}<br />"; 1072 } 1073 1074 if($delayedmod['fname']) 1075 { 1076 $info .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($delayedmod['fid'])."\">".htmlspecialchars_uni($delayedmod['fname'])."</a><br />"; 1077 } 1078 $delayedmod['inputs'] = unserialize($delayedmod['inputs']); 1079 1080 if($delayedmod['type'] == 'move') 1081 { 1082 $info .= "<strong>{$lang->new_forum}</strong> <a href=\"".get_forum_link($delayedmod['inputs']['new_forum'])."\">".htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name'])."</a><br />"; 1083 if($delayedmod['inputs']['method'] == "redirect") 1084 { 1085 $info .= "<strong>{$lang->leave_redirect_for}</strong> ".intval($delayedmod['inputs']['redirect_expire'])." {$lang->days}<br />"; 1086 } 1087 } 1088 else if($delayedmod['type'] == 'merge') 1089 { 1090 $info .= "<strong>{$lang->new_subject}</strong> ".htmlspecialchars_uni($delayedmod['inputs']['subject'])."<br />"; 1091 $info .= "<strong>{$lang->thread_to_merge_with}</strong> <a href=\"".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."\">".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."</a><br />"; 1092 } 1093 1094 eval("\$delayedmods .= \"".$templates->get("moderation_threadnotes_delayedmodaction")."\";"); 1095 $trow = alt_trow(); 1096 } 1097 if(!$delayedmods) 1098 { 1099 $delayedmods = "<tr><td class=\"trow1\" colspan=\"4\">{$lang->no_delayed_mods}</td></tr>"; 1100 } 1101 1102 $plugins->run_hooks("moderation_threadnotes"); 1103 1104 eval("\$threadnotes = \"".$templates->get("moderation_threadnotes")."\";"); 1105 output_page($threadnotes); 1106 break; 1107 1108 // Update the thread notes! 1109 case "do_threadnotes": 1110 1111 // Verify incoming POST request 1112 verify_post_check($mybb->input['my_post_key']); 1113 1114 if(!is_moderator($fid, "canmanagethreads")) 1115 { 1116 error_no_permission(); 1117 } 1118 1119 $plugins->run_hooks("moderation_do_threadnotes"); 1120 1121 log_moderator_action($modlogdata, $lang->thread_notes_edited); 1122 $sqlarray = array( 1123 "notes" => $db->escape_string($mybb->input['threadnotes']), 1124 ); 1125 $db->update_query("threads", $sqlarray, "tid='$tid'"); 1126 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadnotesupdated); 1127 break; 1128 1129 // Lets look up the ip address of a post 1130 case "getip": 1131 add_breadcrumb($lang->nav_getip); 1132 if(!is_moderator($fid, "canviewips")) 1133 { 1134 error_no_permission(); 1135 } 1136 1137 $hostname = @gethostbyaddr($post['ipaddress']); 1138 if(!$hostname || $hostname == $post['ipaddress']) 1139 { 1140 $hostname = $lang->resolve_fail; 1141 } 1142 1143 // Moderator options 1144 $modoptions = ""; 1145 if($mybb->usergroup['canmodcp'] == 1) 1146 { 1147 eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";"); 1148 } 1149 1150 eval("\$getip = \"".$templates->get("moderation_getip")."\";"); 1151 output_page($getip); 1152 break; 1153 1154 // Merge threads 1155 case "merge": 1156 add_breadcrumb($lang->nav_merge); 1157 if(!is_moderator($fid, "canmanagethreads")) 1158 { 1159 error_no_permission(); 1160 } 1161 1162 $plugins->run_hooks("moderation_merge"); 1163 1164 eval("\$merge = \"".$templates->get("moderation_merge")."\";"); 1165 output_page($merge); 1166 break; 1167 1168 // Lets get those threads together baby! (Merge threads) 1169 case "do_merge": 1170 1171 // Verify incoming POST request 1172 verify_post_check($mybb->input['my_post_key']); 1173 1174 if(!is_moderator($fid, "canmanagethreads")) 1175 { 1176 error_no_permission(); 1177 } 1178 1179 $plugins->run_hooks("moderation_do_merge"); 1180 1181 // explode at # sign in a url (indicates a name reference) and reassign to the url 1182 $realurl = explode("#", $mybb->input['threadurl']); 1183 $mybb->input['threadurl'] = $realurl[0]; 1184 1185 // Are we using an SEO URL? 1186 if(substr($mybb->input['threadurl'], -4) == "html") 1187 { 1188 // Get thread to merge's tid the SEO way 1189 preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch); 1190 preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch); 1191 1192 if($threadmatch[1]) 1193 { 1194 $parameters['tid'] = $threadmatch[1]; 1195 } 1196 1197 if($postmatch[1]) 1198 { 1199 $parameters['pid'] = $postmatch[1]; 1200 } 1201 } 1202 else 1203 { 1204 // Get thread to merge's tid the normal way 1205 $splitloc = explode(".php", $mybb->input['threadurl']); 1206 $temp = explode("&", my_substr($splitloc[1], 1)); 1207 1208 if(!empty($temp)) 1209 { 1210 for($i = 0; $i < count($temp); $i++) 1211 { 1212 $temp2 = explode("=", $temp[$i], 2); 1213 $parameters[$temp2[0]] = $temp2[1]; 1214 } 1215 } 1216 else 1217 { 1218 $temp2 = explode("=", $splitloc[1], 2); 1219 $parameters[$temp2[0]] = $temp2[1]; 1220 } 1221 } 1222 1223 if($parameters['pid'] && !$parameters['tid']) 1224 { 1225 $query = $db->simple_select("posts", "*", "pid='".intval($parameters['pid'])."'"); 1226 $post = $db->fetch_array($query); 1227 $mergetid = $post['tid']; 1228 } 1229 elseif($parameters['tid']) 1230 { 1231 $mergetid = $parameters['tid']; 1232 } 1233 $mergetid = intval($mergetid); 1234 $query = $db->simple_select("threads", "*", "tid='".intval($mergetid)."'"); 1235 $mergethread = $db->fetch_array($query); 1236 if(!$mergethread['tid']) 1237 { 1238 error($lang->error_badmergeurl); 1239 } 1240 if($mergetid == $tid) 1241 { // sanity check 1242 error($lang->error_mergewithself); 1243 } 1244 if(!is_moderator($mergethread['fid'], "canmanagethreads")) 1245 { 1246 error_no_permission(); 1247 } 1248 if($mybb->input['subject']) 1249 { 1250 $subject = $mybb->input['subject']; 1251 } 1252 else 1253 { 1254 $subject = $thread['subject']; 1255 } 1256 1257 $moderation->merge_threads($mergetid, $tid, $subject); 1258 1259 log_moderator_action($modlogdata, $lang->thread_merged); 1260 1261 moderation_redirect("showthread.php?tid=$tid", $lang->redirect_threadsmerged); 1262 break; 1263 1264 // Divorce the posts in this thread (Split!) 1265 case "split": 1266 add_breadcrumb($lang->nav_split); 1267 if(!is_moderator($fid, "canmanagethreads")) 1268 { 1269 error_no_permission(); 1270 } 1271 $query = $db->query(" 1272 SELECT p.*, u.* 1273 FROM ".TABLE_PREFIX."posts p 1274 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 1275 WHERE tid='$tid' 1276 ORDER BY dateline ASC 1277 "); 1278 $numposts = $db->num_rows($query); 1279 if($numposts <= "1") 1280 { 1281 error($lang->error_cantsplitonepost); 1282 } 1283 1284 $altbg = "trow1"; 1285 $posts = ''; 1286 while($post = $db->fetch_array($query)) 1287 { 1288 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 1289 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 1290 $parser_options = array( 1291 "allow_html" => $forum['allowhtml'], 1292 "allow_mycode" => $forum['allowmycode'], 1293 "allow_smilies" => $forum['allowsmilies'], 1294 "allow_imgcode" => $forum['allowimgcode'], 1295 "allow_videocode" => $forum['allowvideocode'], 1296 "filter_badwords" => 1 1297 ); 1298 if($post['smilieoff'] == 1) 1299 { 1300 $parser_options['allow_smilies'] = 0; 1301 } 1302 1303 $message = $parser->parse_message($post['message'], $parser_options); 1304 eval("\$posts .= \"".$templates->get("moderation_split_post")."\";"); 1305 $altbg = alt_trow(); 1306 } 1307 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 1308 1309 $plugins->run_hooks("moderation_split"); 1310 1311 eval("\$split = \"".$templates->get("moderation_split")."\";"); 1312 output_page($split); 1313 break; 1314 1315 // Lets break them up buddy! (Do the split) 1316 case "do_split": 1317 1318 // Verify incoming POST request 1319 verify_post_check($mybb->input['my_post_key']); 1320 1321 if(!is_moderator($fid, "canmanagethreads")) 1322 { 1323 error_no_permission(); 1324 } 1325 1326 $plugins->run_hooks("moderation_do_split"); 1327 1328 if(!is_array($mybb->input['splitpost'])) 1329 { 1330 error($lang->error_nosplitposts); 1331 } 1332 $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'"); 1333 $count = $db->fetch_array($query); 1334 1335 if($count['totalposts'] == 1) 1336 { 1337 error($lang->error_cantsplitonepost); 1338 } 1339 1340 if($count['totalposts'] == count($mybb->input['splitpost'])) 1341 { 1342 error($lang->error_cantsplitall); 1343 } 1344 1345 if($mybb->input['moveto']) 1346 { 1347 $moveto = intval($mybb->input['moveto']); 1348 } 1349 else 1350 { 1351 $moveto = $fid; 1352 } 1353 $query = $db->simple_select("forums", "fid", "fid='$moveto'", array('limit' => 1)); 1354 if($db->num_rows($query) == 0) 1355 { 1356 error($lang->error_invalidforum); 1357 } 1358 1359 // move the selected posts over 1360 $query = $db->simple_select("posts", "pid", "tid='$tid'"); 1361 while($post = $db->fetch_array($query)) 1362 { 1363 if($mybb->input['splitpost'][$post['pid']] == 1) 1364 { 1365 $pids[] = $post['pid']; 1366 } 1367 mark_reports($post['pid'], "post"); 1368 } 1369 1370 $newtid = $moderation->split_posts($pids, $tid, $moveto, $mybb->input['newsubject']); 1371 1372 log_moderator_action($modlogdata, $lang->thread_split); 1373 1374 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 1375 break; 1376 1377 // Delete Thread Subscriptions 1378 case "removesubscriptions": 1379 if(!is_moderator($fid, "canmanagethreads")) 1380 { 1381 error_no_permission(); 1382 } 1383 1384 $plugins->run_hooks("moderation_removesubscriptions"); 1385 1386 $moderation->remove_thread_subscriptions($tid, true); 1387 1388 log_moderator_action($modlogdata, $lang->removed_subscriptions); 1389 1390 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_removed_subscriptions); 1391 break; 1392 1393 // Delete Threads - Inline moderation 1394 case "multideletethreads": 1395 add_breadcrumb($lang->nav_multi_deletethreads); 1396 1397 if(!empty($mybb->input['searchid'])) 1398 { 1399 // From search page 1400 $threads = getids($mybb->input['searchid'], 'search'); 1401 if(!is_moderator_by_tids($threads, 'candeleteposts')) 1402 { 1403 error_no_permission(); 1404 } 1405 } 1406 else 1407 { 1408 $threads = getids($fid, 'forum'); 1409 if(!is_moderator($fid, 'candeleteposts')) 1410 { 1411 error_no_permission(); 1412 } 1413 } 1414 if(count($threads) < 1) 1415 { 1416 error($lang->error_inline_nothreadsselected); 1417 } 1418 1419 $inlineids = implode("|", $threads); 1420 if($mybb->input['inlinetype'] == 'search') 1421 { 1422 clearinline($mybb->input['searchid'], 'search'); 1423 } 1424 else 1425 { 1426 clearinline($fid, 'forum'); 1427 } 1428 $return_url = htmlspecialchars_uni($mybb->input['url']); 1429 eval("\$multidelete = \"".$templates->get("moderation_inline_deletethreads")."\";"); 1430 output_page($multidelete); 1431 break; 1432 1433 // Actually delete the threads - Inline moderation 1434 case "do_multideletethreads": 1435 1436 // Verify incoming POST request 1437 verify_post_check($mybb->input['my_post_key']); 1438 1439 $threadlist = explode("|", $mybb->input['threads']); 1440 if(!is_moderator_by_tids($threadlist, "candeleteposts")) 1441 { 1442 error_no_permission(); 1443 } 1444 foreach($threadlist as $tid) 1445 { 1446 $tid = intval($tid); 1447 $moderation->delete_thread($tid); 1448 $tlist[] = $tid; 1449 } 1450 log_moderator_action($modlogdata, $lang->multi_deleted_threads); 1451 if($mybb->input['inlinetype'] == 'search') 1452 { 1453 clearinline($mybb->input['searchid'], 'search'); 1454 } 1455 else 1456 { 1457 clearinline($fid, 'forum'); 1458 } 1459 mark_reports($tlist, "threads"); 1460 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsdeleted); 1461 break; 1462 1463 // Open threads - Inline moderation 1464 case "multiopenthreads": 1465 1466 // Verify incoming POST request 1467 verify_post_check($mybb->input['my_post_key']); 1468 1469 if(!empty($mybb->input['searchid'])) 1470 { 1471 // From search page 1472 $threads = getids($mybb->input['searchid'], 'search'); 1473 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1474 { 1475 error_no_permission(); 1476 } 1477 } 1478 else 1479 { 1480 $threads = getids($fid, 'forum'); 1481 if(!is_moderator($fid, 'canopenclosethreads')) 1482 { 1483 error_no_permission(); 1484 } 1485 } 1486 1487 if(count($threads) < 1) 1488 { 1489 error($lang->error_inline_nothreadsselected); 1490 } 1491 1492 $moderation->open_threads($threads); 1493 1494 log_moderator_action($modlogdata, $lang->multi_opened_threads); 1495 if($mybb->input['inlinetype'] == 'search') 1496 { 1497 clearinline($mybb->input['searchid'], 'search'); 1498 } 1499 else 1500 { 1501 clearinline($fid, 'forum'); 1502 } 1503 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsopened); 1504 break; 1505 1506 // Close threads - Inline moderation 1507 case "multiclosethreads": 1508 1509 // Verify incoming POST request 1510 verify_post_check($mybb->input['my_post_key']); 1511 1512 if(!empty($mybb->input['searchid'])) 1513 { 1514 // From search page 1515 $threads = getids($mybb->input['searchid'], 'search'); 1516 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1517 { 1518 error_no_permission(); 1519 } 1520 } 1521 else 1522 { 1523 $threads = getids($fid, 'forum'); 1524 if(!is_moderator($fid, 'canmanagethreads')) 1525 { 1526 error_no_permission(); 1527 } 1528 } 1529 if(count($threads) < 1) 1530 { 1531 error($lang->error_inline_nothreadsselected); 1532 } 1533 1534 $moderation->close_threads($threads); 1535 1536 log_moderator_action($modlogdata, $lang->multi_closed_threads); 1537 if($mybb->input['inlinetype'] == 'search') 1538 { 1539 clearinline($mybb->input['searchid'], 'search'); 1540 } 1541 else 1542 { 1543 clearinline($fid, 'forum'); 1544 } 1545 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsclosed); 1546 break; 1547 1548 // Approve threads - Inline moderation 1549 case "multiapprovethreads": 1550 1551 // Verify incoming POST request 1552 verify_post_check($mybb->input['my_post_key']); 1553 1554 if(!empty($mybb->input['searchid'])) 1555 { 1556 // From search page 1557 $threads = getids($mybb->input['searchid'], 'search'); 1558 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1559 { 1560 error_no_permission(); 1561 } 1562 } 1563 else 1564 { 1565 $threads = getids($fid, 'forum'); 1566 if(!is_moderator($fid, 'canmanagethreads')) 1567 { 1568 error_no_permission(); 1569 } 1570 } 1571 if(count($threads) < 1) 1572 { 1573 error($lang->error_inline_nothreadsselected); 1574 } 1575 1576 $moderation->approve_threads($threads, $fid); 1577 1578 log_moderator_action($modlogdata, $lang->multi_approved_threads); 1579 if($mybb->input['inlinetype'] == 'search') 1580 { 1581 clearinline($mybb->input['searchid'], 'search'); 1582 } 1583 else 1584 { 1585 clearinline($fid, 'forum'); 1586 } 1587 $cache->update_stats(); 1588 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsapproved); 1589 break; 1590 1591 // Unapprove threads - Inline moderation 1592 case "multiunapprovethreads": 1593 1594 // Verify incoming POST request 1595 verify_post_check($mybb->input['my_post_key']); 1596 1597 if(!empty($mybb->input['searchid'])) 1598 { 1599 // From search page 1600 $threads = getids($mybb->input['searchid'], 'search'); 1601 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1602 { 1603 error_no_permission(); 1604 } 1605 } 1606 else 1607 { 1608 $threads = getids($fid, 'forum'); 1609 if(!is_moderator($fid, 'canmanagethreads')) 1610 { 1611 error_no_permission(); 1612 } 1613 } 1614 if(count($threads) < 1) 1615 { 1616 error($lang->error_inline_nothreadsselected); 1617 } 1618 1619 $moderation->unapprove_threads($threads, $fid); 1620 1621 log_moderator_action($modlogdata, $lang->multi_unapproved_threads); 1622 if($mybb->input['inlinetype'] == 'search') 1623 { 1624 clearinline($mybb->input['searchid'], 'search'); 1625 } 1626 else 1627 { 1628 clearinline($fid, 'forum'); 1629 } 1630 $cache->update_stats(); 1631 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunapproved); 1632 break; 1633 1634 // Stick threads - Inline moderation 1635 case "multistickthreads": 1636 1637 // Verify incoming POST request 1638 verify_post_check($mybb->input['my_post_key']); 1639 1640 if(!empty($mybb->input['searchid'])) 1641 { 1642 // From search page 1643 $threads = getids($mybb->input['searchid'], 'search'); 1644 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1645 { 1646 error_no_permission(); 1647 } 1648 } 1649 else 1650 { 1651 $threads = getids($fid, 'forum'); 1652 if(!is_moderator($fid, 'canopenclosethreads')) 1653 { 1654 error_no_permission(); 1655 } 1656 } 1657 if(count($threads) < 1) 1658 { 1659 error($lang->error_inline_nothreadsselected); 1660 } 1661 1662 $moderation->stick_threads($threads); 1663 1664 log_moderator_action($modlogdata, $lang->multi_stuck_threads); 1665 if($mybb->input['inlinetype'] == 'search') 1666 { 1667 clearinline($mybb->input['searchid'], 'search'); 1668 } 1669 else 1670 { 1671 clearinline($fid, 'forum'); 1672 } 1673 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsstuck); 1674 break; 1675 1676 // Unstick threads - Inline moderaton 1677 case "multiunstickthreads": 1678 1679 // Verify incoming POST request 1680 verify_post_check($mybb->input['my_post_key']); 1681 1682 if(!empty($mybb->input['searchid'])) 1683 { 1684 // From search page 1685 $threads = getids($mybb->input['searchid'], 'search'); 1686 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1687 { 1688 error_no_permission(); 1689 } 1690 } 1691 else 1692 { 1693 $threads = getids($fid, 'forum'); 1694 if(!is_moderator($fid, 'canopenclosethreads')) 1695 { 1696 error_no_permission(); 1697 } 1698 } 1699 if(count($threads) < 1) 1700 { 1701 error($lang->error_inline_nothreadsselected); 1702 } 1703 1704 $moderation->unstick_threads($threads); 1705 1706 log_moderator_action($modlogdata, $lang->multi_unstuck_threads); 1707 if($mybb->input['inlinetype'] == 'search') 1708 { 1709 clearinline($mybb->input['searchid'], 'search'); 1710 } 1711 else 1712 { 1713 clearinline($fid, 'forum'); 1714 } 1715 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunstuck); 1716 break; 1717 1718 // Move threads - Inline moderation 1719 case "multimovethreads": 1720 add_breadcrumb($lang->nav_multi_movethreads); 1721 1722 if(!empty($mybb->input['searchid'])) 1723 { 1724 // From search page 1725 $threads = getids($mybb->input['searchid'], 'search'); 1726 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1727 { 1728 error_no_permission(); 1729 } 1730 } 1731 else 1732 { 1733 $threads = getids($fid, 'forum'); 1734 if(!is_moderator($fid, 'canmanagethreads')) 1735 { 1736 error_no_permission(); 1737 } 1738 } 1739 1740 if(count($threads) < 1) 1741 { 1742 error($lang->error_inline_nothreadsselected); 1743 } 1744 $inlineids = implode("|", $threads); 1745 if($mybb->input['inlinetype'] == 'search') 1746 { 1747 clearinline($mybb->input['searchid'], 'search'); 1748 } 1749 else 1750 { 1751 clearinline($fid, 'forum'); 1752 } 1753 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 1754 $return_url = htmlspecialchars_uni($mybb->input['url']); 1755 eval("\$movethread = \"".$templates->get("moderation_inline_movethreads")."\";"); 1756 output_page($movethread); 1757 break; 1758 1759 // Actually move the threads in Inline moderation 1760 case "do_multimovethreads": 1761 1762 // Verify incoming POST request 1763 verify_post_check($mybb->input['my_post_key']); 1764 1765 $moveto = intval($mybb->input['moveto']); 1766 $threadlist = explode("|", $mybb->input['threads']); 1767 if(!is_moderator_by_tids($threadlist, 'canmanagethreads')) 1768 { 1769 error_no_permission(); 1770 } 1771 foreach($threadlist as $tid) 1772 { 1773 $tids[] = intval($tid); 1774 } 1775 // Make sure moderator has permission to move to the new forum 1776 $newperms = forum_permissions($moveto); 1777 if(($newperms['canview'] == 0 || !is_moderator($moveto, 'canmanagethreads')) && !is_moderator_by_tids($tids, 'canmovetononmodforum')) 1778 { 1779 error_no_permission(); 1780 } 1781 1782 $newforum = get_forum($moveto); 1783 if($newforum['type'] != "f") 1784 { 1785 error($lang->error_invalidforum); 1786 } 1787 1788 $moderation->move_threads($tids, $moveto); 1789 1790 log_moderator_action($modlogdata, $lang->multi_moved_threads); 1791 1792 moderation_redirect(get_forum_link($moveto), $lang->redirect_inline_threadsmoved); 1793 break; 1794 1795 // Delete posts - Inline moderation 1796 case "multideleteposts": 1797 add_breadcrumb($lang->nav_multi_deleteposts); 1798 1799 if($mybb->input['inlinetype'] == 'search') 1800 { 1801 $posts = getids($mybb->input['searchid'], 'search'); 1802 } 1803 else 1804 { 1805 $posts = getids($tid, 'thread'); 1806 } 1807 1808 if(count($posts) < 1) 1809 { 1810 error($lang->error_inline_nopostsselected); 1811 } 1812 if(!is_moderator_by_pids($posts, "candeleteposts")) 1813 { 1814 error_no_permission(); 1815 } 1816 $inlineids = implode("|", $posts); 1817 if($mybb->input['inlinetype'] == 'search') 1818 { 1819 clearinline($mybb->input['searchid'], 'search'); 1820 } 1821 else 1822 { 1823 clearinline($tid, 'thread'); 1824 } 1825 1826 $return_url = htmlspecialchars_uni($mybb->input['url']); 1827 1828 eval("\$multidelete = \"".$templates->get("moderation_inline_deleteposts")."\";"); 1829 output_page($multidelete); 1830 break; 1831 1832 // Actually delete the posts in inline moderation 1833 case "do_multideleteposts": 1834 1835 // Verify incoming POST request 1836 verify_post_check($mybb->input['my_post_key']); 1837 1838 $postlist = explode("|", $mybb->input['posts']); 1839 if(!is_moderator_by_pids($postlist, "candeleteposts")) 1840 { 1841 error_no_permission(); 1842 } 1843 $postlist = array_map('intval', $postlist); 1844 $pids = implode(',', $postlist); 1845 1846 $tids = array(); 1847 if($pids) 1848 { 1849 $query = $db->simple_select("threads", "tid", "firstpost IN({$pids})"); 1850 while($threadid = $db->fetch_field($query, "tid")) 1851 { 1852 $tids[] = $threadid; 1853 } 1854 } 1855 1856 $deletecount = 0; 1857 foreach($postlist as $pid) 1858 { 1859 $pid = intval($pid); 1860 $moderation->delete_post($pid); 1861 $plist[] = $pid; 1862 $deletecount++; 1863 } 1864 1865 // If we have multiple threads, we must be coming from the search 1866 if(!empty($tids)) 1867 { 1868 foreach($tids as $tid) 1869 { 1870 $moderation->delete_thread($tid); 1871 mark_reports($tid, "thread"); 1872 $url = get_forum_link($fid); 1873 } 1874 } 1875 // Otherwise we're just deleting from showthread.php 1876 else 1877 { 1878 $query = $db->simple_select("posts", "*", "tid='$tid'"); 1879 $numposts = $db->num_rows($query); 1880 if(!$numposts) 1881 { 1882 $moderation->delete_thread($tid); 1883 mark_reports($tid, "thread"); 1884 $url = get_forum_link($fid); 1885 } 1886 else 1887 { 1888 mark_reports($plist, "posts"); 1889 $url = get_thread_link($thread['tid']); 1890 } 1891 } 1892 1893 $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount); 1894 log_moderator_action($modlogdata, $lang->deleted_selective_posts); 1895 moderation_redirect($url, $lang->redirect_postsdeleted); 1896 break; 1897 1898 // Merge posts - Inline moderation 1899 case "multimergeposts": 1900 add_breadcrumb($lang->nav_multi_mergeposts); 1901 1902 if($mybb->input['inlinetype'] == 'search') 1903 { 1904 $posts = getids($mybb->input['searchid'], 'search'); 1905 } 1906 else 1907 { 1908 $posts = getids($tid, 'thread'); 1909 } 1910 1911 // Add the selected posts from other threads 1912 foreach($mybb->cookies as $key => $value) 1913 { 1914 if(strpos($key, "inlinemod_thread") !== false && $key != "inlinemod_thread$tid") 1915 { 1916 $inlinepostlist = explode("|", $mybb->cookies[$key]); 1917 foreach($inlinepostlist as $p) 1918 { 1919 $p = intval($p); 1920 1921 if(!empty($p)) 1922 { 1923 $posts[] = intval($p); 1924 } 1925 } 1926 // Remove the cookie once its data is retrieved 1927 my_unsetcookie($key); 1928 } 1929 } 1930 1931 if(empty($posts)) 1932 { 1933 error($lang->error_inline_nopostsselected); 1934 } 1935 1936 if(!is_moderator_by_pids($posts, "canmanagethreads")) 1937 { 1938 error_no_permission(); 1939 } 1940 1941 $postlist = ""; 1942 $query = $db->query(" 1943 SELECT p.*, u.* 1944 FROM ".TABLE_PREFIX."posts p 1945 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 1946 WHERE pid IN (".implode($posts, ",").") 1947 ORDER BY dateline ASC 1948 "); 1949 $altbg = "trow1"; 1950 while($post = $db->fetch_array($query)) 1951 { 1952 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 1953 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 1954 $parser_options = array( 1955 "allow_html" => $forum['allowhtml'], 1956 "allow_mycode" => $forum['allowmycode'], 1957 "allow_smilies" => $forum['allowsmilies'], 1958 "allow_imgcode" => $forum['allowimgcode'], 1959 "allow_videocode" => $forum['allowvideocode'], 1960 "filter_badwords" => 1 1961 ); 1962 if($post['smilieoff'] == 1) 1963 { 1964 $parser_options['allow_smilies'] = 0; 1965 } 1966 1967 $message = $parser->parse_message($post['message'], $parser_options); 1968 eval("\$postlist .= \"".$templates->get("moderation_mergeposts_post")."\";"); 1969 $altbg = alt_trow(); 1970 } 1971 1972 $inlineids = implode("|", $posts); 1973 if($mybb->input['inlinetype'] == 'search') 1974 { 1975 clearinline($mybb->input['searchid'], 'search'); 1976 } 1977 else 1978 { 1979 clearinline($tid, 'thread'); 1980 } 1981 1982 $return_url = htmlspecialchars_uni($mybb->input['url']); 1983 1984 eval("\$multimerge = \"".$templates->get("moderation_inline_mergeposts")."\";"); 1985 output_page($multimerge); 1986 break; 1987 1988 // Actually merge the posts - Inline moderation 1989 case "do_multimergeposts": 1990 1991 // Verify incoming POST request 1992 verify_post_check($mybb->input['my_post_key']); 1993 1994 $mergepost = $mybb->input['mergepost']; 1995 if(count($mergepost) <= 1) 1996 { 1997 error($lang->error_nomergeposts); 1998 } 1999 2000 foreach($mergepost as $pid => $yes) 2001 { 2002 $postlist[] = intval($pid); 2003 } 2004 2005 if(!is_moderator_by_pids($postlist, "canmanagethreads")) 2006 { 2007 error_no_permission(); 2008 } 2009 2010 foreach($postlist as $pid) 2011 { 2012 $pid = intval($pid); 2013 $plist[] = $pid; 2014 } 2015 2016 $masterpid = $moderation->merge_posts($plist, $tid, $mybb->input['sep']); 2017 2018 mark_reports($plist, "posts"); 2019 log_moderator_action($modlogdata, $lang->merged_selective_posts); 2020 moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_inline_postsmerged); 2021 break; 2022 2023 // Split posts - Inline moderation 2024 case "multisplitposts": 2025 add_breadcrumb($lang->nav_multi_splitposts); 2026 2027 if($mybb->input['inlinetype'] == 'search') 2028 { 2029 $posts = getids($mybb->input['searchid'], 'search'); 2030 } 2031 else 2032 { 2033 $posts = getids($tid, 'thread'); 2034 } 2035 2036 if(count($posts) < 1) 2037 { 2038 error($lang->error_inline_nopostsselected); 2039 } 2040 2041 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2042 { 2043 error_no_permission(); 2044 } 2045 $posts = array_map('intval', $posts); 2046 $pidin = implode(',', $posts); 2047 2048 // Make sure that we are not splitting a thread with one post 2049 // Select number of posts in each thread that the splitted post is in 2050 $query = $db->query(" 2051 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2052 FROM ".TABLE_PREFIX."posts p 2053 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2054 WHERE p.pid IN ($pidin) 2055 GROUP BY p.tid, p.pid 2056 "); 2057 $threads = $pcheck = array(); 2058 while($tcheck = $db->fetch_array($query)) 2059 { 2060 if(intval($tcheck['count']) <= 1) 2061 { 2062 error($lang->error_cantsplitonepost); 2063 } 2064 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2065 } 2066 2067 // Make sure that we are not splitting all posts in the thread 2068 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2069 $query = $db->query(" 2070 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2071 FROM ".TABLE_PREFIX."posts p 2072 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2073 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2074 GROUP BY p.tid, p.pid 2075 "); 2076 $pcheck2 = array(); 2077 while($tcheck = $db->fetch_array($query)) 2078 { 2079 if($tcheck['count'] > 0) 2080 { 2081 $pcheck2[] = $tcheck['tid']; 2082 } 2083 } 2084 if(count($pcheck2) != count($pcheck)) 2085 { 2086 // One or more threads do not have posts after splitting 2087 error($lang->error_cantsplitall); 2088 } 2089 2090 $inlineids = implode("|", $posts); 2091 if($mybb->input['inlinetype'] == 'search') 2092 { 2093 clearinline($mybb->input['searchid'], 'search'); 2094 } 2095 else 2096 { 2097 clearinline($tid, 'thread'); 2098 } 2099 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 2100 eval("\$splitposts = \"".$templates->get("moderation_inline_splitposts")."\";"); 2101 output_page($splitposts); 2102 break; 2103 2104 // Actually split the posts - Inline moderation 2105 case "do_multisplitposts": 2106 2107 // Verify incoming POST request 2108 verify_post_check($mybb->input['my_post_key']); 2109 2110 $postlist = explode("|", $mybb->input['posts']); 2111 foreach($postlist as $pid) 2112 { 2113 $pid = intval($pid); 2114 $plist[] = $pid; 2115 } 2116 2117 if(!is_moderator_by_pids($plist, "canmanagethreads")) 2118 { 2119 error_no_permission(); 2120 } 2121 2122 if($mybb->input['moveto']) 2123 { 2124 $moveto = intval($mybb->input['moveto']); 2125 } 2126 else 2127 { 2128 $moveto = $fid; 2129 } 2130 $query = $db->simple_select("forums", "COUNT(fid) as count", "fid='$moveto'"); 2131 if($db->fetch_field($query, 'count') == 0) 2132 { 2133 error($lang->error_invalidforum); 2134 } 2135 $newsubject = $mybb->input['newsubject']; 2136 2137 $newtid = $moderation->split_posts($plist, $tid, $moveto, $newsubject); 2138 2139 $pid_list = implode(', ', $plist); 2140 $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid); 2141 log_moderator_action($modlogdata, $lang->split_selective_posts); 2142 2143 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 2144 break; 2145 2146 // Approve posts - Inline moderation 2147 case "multiapproveposts": 2148 2149 // Verify incoming POST request 2150 verify_post_check($mybb->input['my_post_key']); 2151 2152 if($mybb->input['inlinetype'] == 'search') 2153 { 2154 $posts = getids($mybb->input['searchid'], 'search'); 2155 } 2156 else 2157 { 2158 $posts = getids($tid, 'thread'); 2159 } 2160 if(count($posts) < 1) 2161 { 2162 error($lang->error_inline_nopostsselected); 2163 } 2164 2165 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2166 { 2167 error_no_permission(); 2168 } 2169 2170 $pids = array(); 2171 foreach($posts as $pid) 2172 { 2173 $pids[] = intval($pid); 2174 } 2175 2176 $moderation->approve_posts($pids); 2177 2178 log_moderator_action($modlogdata, $lang->multi_approve_posts); 2179 if($mybb->input['inlinetype'] == 'search') 2180 { 2181 clearinline($mybb->input['searchid'], 'search'); 2182 } 2183 else 2184 { 2185 clearinline($tid, 'thread'); 2186 } 2187 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsapproved); 2188 break; 2189 2190 // Unapprove posts - Inline moderation 2191 case "multiunapproveposts": 2192 2193 // Verify incoming POST request 2194 verify_post_check($mybb->input['my_post_key']); 2195 2196 if($mybb->input['inlinetype'] == 'search') 2197 { 2198 $posts = getids($mybb->input['searchid'], 'search'); 2199 } 2200 else 2201 { 2202 $posts = getids($tid, 'thread'); 2203 } 2204 2205 if(count($posts) < 1) 2206 { 2207 error($lang->error_inline_nopostsselected); 2208 } 2209 $pids = array(); 2210 2211 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2212 { 2213 error_no_permission(); 2214 } 2215 foreach($posts as $pid) 2216 { 2217 $pids[] = intval($pid); 2218 } 2219 2220 $moderation->unapprove_posts($pids); 2221 2222 log_moderator_action($modlogdata, $lang->multi_unapprove_posts); 2223 if($mybb->input['inlinetype'] == 'search') 2224 { 2225 clearinline($mybb->input['searchid'], 'search'); 2226 } 2227 else 2228 { 2229 clearinline($tid, 'thread'); 2230 } 2231 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsunapproved); 2232 break; 2233 default: 2234 require_once MYBB_ROOT."inc/class_custommoderation.php"; 2235 $custommod = new CustomModeration; 2236 $tool = $custommod->tool_info(intval($mybb->input['action'])); 2237 if($tool !== false) 2238 { 2239 // Verify incoming POST request 2240 verify_post_check($mybb->input['my_post_key']); 2241 2242 if($tool['type'] == 't' && $mybb->input['modtype'] == 'inlinethread') 2243 { 2244 if($mybb->input['inlinetype'] == 'search') 2245 { 2246 $tids = getids($mybb->input['searchid'], 'search'); 2247 } 2248 else 2249 { 2250 $tids = getids($fid, "forum"); 2251 } 2252 if(count($tids) < 1) 2253 { 2254 error($lang->error_inline_nopostsselected); 2255 } 2256 if(!is_moderator_by_tids($tids)) 2257 { 2258 error_no_permission(); 2259 } 2260 2261 $thread_options = unserialize($tool['threadoptions']); 2262 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 2263 { 2264 error($lang->error_movetocategory); 2265 } 2266 2267 $custommod->execute(intval($mybb->input['action']), $tids); 2268 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 2269 log_moderator_action($modlogdata, $lang->custom_tool); 2270 if($mybb->input['inlinetype'] == 'search') 2271 { 2272 clearinline($mybb->input['searchid'], 'search'); 2273 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 2274 $return_url = htmlspecialchars_uni($mybb->input['url']); 2275 redirect($return_url, $lang->redirect_customtool_search); 2276 } 2277 else 2278 { 2279 clearinline($fid, "forum"); 2280 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 2281 redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 2282 } 2283 break; 2284 } 2285 elseif($tool['type'] == 't' && $mybb->input['modtype'] == 'thread') 2286 { 2287 if(!is_moderator_by_tids($tid)) 2288 { 2289 error_no_permission(); 2290 } 2291 2292 $thread_options = unserialize($tool['threadoptions']); 2293 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 2294 { 2295 error($lang->error_movetocategory); 2296 } 2297 2298 $ret = $custommod->execute(intval($mybb->input['action']), $tid); 2299 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 2300 log_moderator_action($modlogdata, $lang->custom_tool); 2301 if($ret == 'forum') 2302 { 2303 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 2304 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 2305 } 2306 else 2307 { 2308 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 2309 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_customtool_thread); 2310 } 2311 break; 2312 } 2313 elseif($tool['type'] == 'p' && $mybb->input['modtype'] == 'inlinepost') 2314 { 2315 if($mybb->input['inlinetype'] == 'search') 2316 { 2317 $pids = getids($mybb->input['searchid'], 'search'); 2318 } 2319 else 2320 { 2321 $pids = getids($tid, 'thread'); 2322 } 2323 2324 if(count($pids) < 1) 2325 { 2326 error($lang->error_inline_nopostsselected); 2327 } 2328 if(!is_moderator_by_pids($pids)) 2329 { 2330 error_no_permission(); 2331 } 2332 2333 // Get threads which are associated with the posts 2334 $tids = array(); 2335 $options = array( 2336 'order_by' => 'dateline', 2337 'order_dir' => 'asc' 2338 ); 2339 $query = $db->simple_select("posts", "DISTINCT tid", "pid IN (".implode(',',$pids).")", $options); 2340 while($row = $db->fetch_array($query)) 2341 { 2342 $tids[] = $row['tid']; 2343 } 2344 2345 $ret = $custommod->execute(intval($mybb->input['action']), $tids, $pids); 2346 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 2347 log_moderator_action($modlogdata, $lang->custom_tool); 2348 if($mybb->input['inlinetype'] == 'search') 2349 { 2350 clearinline($mybb->input['searchid'], 'search'); 2351 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 2352 $return_url = htmlspecialchars_uni($mybb->input['url']); 2353 redirect($return_url, $lang->redirect_customtool_search); 2354 } 2355 else 2356 { 2357 clearinline($tid, 'thread'); 2358 if($ret == 'forum') 2359 { 2360 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 2361 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 2362 } 2363 else 2364 { 2365 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 2366 moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread); 2367 } 2368 } 2369 2370 break; 2371 } 2372 } 2373 error_no_permission(); 2374 break; 2375 } 2376 2377 // Some little handy functions for our inline moderation 2378 function getids($id, $type) 2379 { 2380 global $mybb; 2381 2382 $newids = array(); 2383 $cookie = "inlinemod_".$type.$id; 2384 $cookie_ids = explode("|", $mybb->cookies[$cookie]); 2385 2386 foreach($cookie_ids as $cookie_id) 2387 { 2388 if(empty($cookie_id)) 2389 { 2390 continue; 2391 } 2392 2393 if($cookie_id == 'ALL') 2394 { 2395 $newids += getallids($id, $type); 2396 } 2397 else 2398 { 2399 $newids[] = intval($cookie_id); 2400 } 2401 } 2402 2403 return $newids; 2404 } 2405 2406 function getallids($id, $type) 2407 { 2408 global $db, $mybb; 2409 2410 $ids = array(); 2411 2412 // Get any removed threads (after our user hit 'all') 2413 $removed_ids = array(); 2414 $cookie = "inlinemod_".$type.$id."_removed"; 2415 if($mybb->cookies[$cookie]) 2416 { 2417 $removed_ids = explode("|", $mybb->cookies[$cookie]); 2418 2419 if(!is_array($removed_ids)) 2420 { 2421 $removed_ids = array(); 2422 } 2423 } 2424 2425 // "Select all Threads in this forum" only supported by forumdisplay and search 2426 if($type == 'forum') 2427 { 2428 $query = $db->simple_select("threads", "tid", "fid='".intval($id)."'"); 2429 while($tid = $db->fetch_field($query, "tid")) 2430 { 2431 if(in_array($tid, $removed_ids)) 2432 { 2433 continue; 2434 } 2435 2436 $ids[] = $tid; 2437 } 2438 } 2439 else if($type == 'search') 2440 { 2441 $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($id)."' AND uid='{$mybb->user['uid']}'", 1); 2442 $searchlog = $db->fetch_array($query); 2443 if($searchlog['resulttype'] == 'posts') 2444 { 2445 $ids = explode(',', $searchlog['posts']); 2446 } 2447 else 2448 { 2449 $ids = explode(',', $searchlog['threads']); 2450 } 2451 2452 if(is_array($ids)) 2453 { 2454 foreach($ids as $key => $tid) 2455 { 2456 if(in_array($tid, $removed_ids)) 2457 { 2458 unset($ids[$key]); 2459 } 2460 } 2461 } 2462 } 2463 2464 return $ids; 2465 } 2466 2467 function clearinline($id, $type) 2468 { 2469 my_unsetcookie("inlinemod_".$type.$id); 2470 my_unsetcookie("inlinemod_".$type.$id."_removed"); 2471 } 2472 2473 function extendinline($id, $type) 2474 { 2475 global $mybb; 2476 2477 my_setcookie("inlinemod_$type$id", '', TIME_NOW+3600); 2478 my_setcookie("inlinemod_$type$id_removed", '', TIME_NOW+3600); 2479 } 2480 2481 /** 2482 * Checks if the current user is a moderator of all the posts specified 2483 * 2484 * Note: If no posts are specified, this function will return true. It is the 2485 * responsibility of the calling script to error-check this case if necessary. 2486 * 2487 * @param array Array of post IDs 2488 * @param string Permission to check 2489 * @returns bool True if moderator of all; false otherwise 2490 */ 2491 function is_moderator_by_pids($posts, $permission='') 2492 { 2493 global $db, $mybb; 2494 2495 // Speedy determination for supermods/admins and guests 2496 if($mybb->usergroup['issupermod']) 2497 { 2498 return true; 2499 } 2500 elseif(!$mybb->user['uid']) 2501 { 2502 return false; 2503 } 2504 // Make an array of threads if not an array 2505 if(!is_array($posts)) 2506 { 2507 $posts = array($posts); 2508 } 2509 // Validate input 2510 $posts = array_map('intval', $posts); 2511 $posts[] = 0; 2512 // Get forums 2513 $posts_string = implode(',', $posts); 2514 $query = $db->simple_select("posts", "DISTINCT fid", "pid IN ($posts_string)"); 2515 while($forum = $db->fetch_array($query)) 2516 { 2517 if(!is_moderator($forum['fid'], $permission)) 2518 { 2519 return false; 2520 } 2521 } 2522 return true; 2523 } 2524 2525 /** 2526 * Checks if the current user is a moderator of all the threads specified 2527 * 2528 * Note: If no threads are specified, this function will return true. It is the 2529 * responsibility of the calling script to error-check this case if necessary. 2530 * 2531 * @param array Array of thread IDs 2532 * @param string Permission to check 2533 * @returns bool True if moderator of all; false otherwise 2534 */ 2535 function is_moderator_by_tids($threads, $permission='') 2536 { 2537 global $db, $mybb; 2538 2539 // Speedy determination for supermods/admins and guests 2540 if($mybb->usergroup['issupermod']) 2541 { 2542 return true; 2543 } 2544 elseif(!$mybb->user['uid']) 2545 { 2546 return false; 2547 } 2548 // Make an array of threads if not an array 2549 if(!is_array($threads)) 2550 { 2551 $threads = array($threads); 2552 } 2553 // Validate input 2554 $threads = array_map('intval', $threads); 2555 $threads[] = 0; 2556 // Get forums 2557 $threads_string = implode(',', $threads); 2558 $query = $db->simple_select("threads", "DISTINCT fid", "tid IN ($threads_string)"); 2559 while($forum = $db->fetch_array($query)) 2560 { 2561 if(!is_moderator($forum['fid'], $permission)) 2562 { 2563 return false; 2564 } 2565 } 2566 return true; 2567 } 2568 2569 /** 2570 * Special redirect that takes a return URL into account 2571 * @param string URL 2572 * @param string Message 2573 * @param string Title 2574 */ 2575 function moderation_redirect($url, $message="", $title="") 2576 { 2577 global $mybb; 2578 if(!empty($mybb->input['url'])) 2579 { 2580 redirect(htmlentities($mybb->input['url']), $message, $title); 2581 } 2582 redirect($url, $message, $title); 2583 } 2584 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sat Mar 31 17:55:03 2012 | Cross-referenced by PHPXref 0.7.1 |