| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: modcp.php 5585 2011-09-13 13:14:41Z Tomm $ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'modcp.php'); 14 15 $templatelist = "modcp_reports,modcp_reports_report,modcp_reports_multipage,modcp_reports_allreport"; 16 $templatelist .= ",modcp_reports_allnoreports,modcp_reports_noreports,modcp_banning,modcp_banning_ban"; 17 $templatelist .= ",modcp_banning_multipage,modcp_banning_nobanned,modcp_banning_auser,modcp_banning_error"; 18 $templatelist .= ",modcp_banning_edit,modcp_banning_banned_user,modcp_nav,modcp_modlogs_noresults,modcp"; 19 $templatelist .= ",modcp_no_announcements_global,modcp_announcements_global,modcp_announcements_forum,modcp_announcements"; 20 $templatelist .= ",codebuttons,smilieinsert,modcp_announcements_new,modcp_modqueue_empty,forumjump_bit,forumjump_special"; 21 $templatelist .= ",modcp_modlogs,modcp_finduser_user,modcp_finduser,usercp_profile_customfield,usercp_profile_profilefields"; 22 $templatelist .= ",modcp_editprofile,modcp_ipsearch,modcp_banuser_addusername,modcp_banuser,modcp_warninglogs_nologs"; 23 $templatelist .= ",modcp_warninglogs,modcp_modlogs_result,modcp_editprofile_signature_info,modcp_editprofile_signature_options,modcp_editprofile_signature"; 24 25 require_once "./global.php"; 26 require_once MYBB_ROOT."inc/functions_user.php"; 27 require_once MYBB_ROOT."inc/functions_upload.php"; 28 require_once MYBB_ROOT."inc/functions_modcp.php"; 29 require_once MYBB_ROOT."inc/class_parser.php"; 30 31 $parser = new postParser; 32 33 // Set up the array of ban times. 34 $bantimes = fetch_ban_times(); 35 36 // Load global language phrases 37 $lang->load("modcp"); 38 39 if($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) 40 { 41 error_no_permission(); 42 } 43 44 $errors = ''; 45 // SQL for fetching items only related to forums this user moderates 46 $moderated_forums = array(); 47 if($mybb->usergroup['issupermod'] != 1) 48 { 49 $query = $db->simple_select("moderators", "*", "(id='{$mybb->user['uid']}' AND isgroup = '0') OR (id='{$mybb->user['usergroup']}' AND isgroup = '1')"); 50 while($forum = $db->fetch_array($query)) 51 { 52 $flist .= ",'{$forum['fid']}'"; 53 54 $children = get_child_list($forum['fid']); 55 if(!empty($children)) 56 { 57 $flist .= ",'".implode("','", $children)."'"; 58 } 59 $moderated_forums[] = $forum['fid']; 60 } 61 if($flist) 62 { 63 $tflist = " AND t.fid IN (0{$flist})"; 64 $flist = " AND fid IN (0{$flist})"; 65 } 66 } 67 else 68 { 69 $flist = $tflist = ''; 70 } 71 72 // Fetch the Mod CP menu 73 eval("\$modcp_nav = \"".$templates->get("modcp_nav")."\";"); 74 75 $plugins->run_hooks("modcp_start"); 76 77 // Make navigation 78 add_breadcrumb($lang->nav_modcp, "modcp.php"); 79 80 if($mybb->input['action'] == "do_reports") 81 { 82 // Verify incoming POST request 83 verify_post_check($mybb->input['my_post_key']); 84 85 if(!is_array($mybb->input['reports'])) 86 { 87 error($lang->error_noselected_reports); 88 } 89 90 $mybb->input['reports'] = array_map("intval", $mybb->input['reports']); 91 $rids = implode($mybb->input['reports'], "','"); 92 $rids = "'0','{$rids}'"; 93 94 $plugins->run_hooks("modcp_do_reports"); 95 96 $db->update_query("reportedposts", array('reportstatus' => 1), "rid IN ({$rids}){$flist}"); 97 $cache->update_reportedposts(); 98 99 $page = intval($mybb->input['page']); 100 101 redirect("modcp.php?action=reports&page={$page}", $lang->redirect_reportsmarked); 102 } 103 104 if($mybb->input['action'] == "reports") 105 { 106 add_breadcrumb($lang->mcp_nav_reported_posts, "modcp.php?action=reports"); 107 108 if(!$mybb->settings['threadsperpage']) 109 { 110 $mybb->settings['threadsperpage'] = 20; 111 } 112 113 // Figure out if we need to display multiple pages. 114 $perpage = $mybb->settings['threadsperpage']; 115 if($mybb->input['page'] != "last") 116 { 117 $page = intval($mybb->input['page']); 118 } 119 120 $query = $db->simple_select("reportedposts", "COUNT(rid) AS count", "reportstatus ='0'"); 121 $report_count = $db->fetch_field($query, "count"); 122 123 $mybb->input['rid'] = intval($mybb->input['rid']); 124 125 if($mybb->input['rid']) 126 { 127 $query = $db->simple_select("reportedposts", "COUNT(rid) AS count", "rid <= '".$mybb->input['rid']."'"); 128 $result = $db->fetch_field($query, "count"); 129 if(($result % $perpage) == 0) 130 { 131 $page = $result / $perpage; 132 } 133 else 134 { 135 $page = intval($result / $perpage) + 1; 136 } 137 } 138 $postcount = intval($report_count); 139 $pages = $postcount / $perpage; 140 $pages = ceil($pages); 141 142 if($mybb->input['page'] == "last") 143 { 144 $page = $pages; 145 } 146 147 if($page > $pages || $page <= 0) 148 { 149 $page = 1; 150 } 151 152 if($page && $page > 0) 153 { 154 $start = ($page-1) * $perpage; 155 } 156 else 157 { 158 $start = 0; 159 $page = 1; 160 } 161 $upper = $start+$perpage; 162 163 $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=reports"); 164 if($postcount > $perpage) 165 { 166 eval("\$reportspages = \"".$templates->get("modcp_reports_multipage")."\";"); 167 } 168 169 $query = $db->simple_select("forums", "fid, name"); 170 while($forum = $db->fetch_array($query)) 171 { 172 $forums[$forum['fid']] = $forum['name']; 173 } 174 175 $plugins->run_hooks("modcp_reports_start"); 176 177 $reports = ''; 178 $query = $db->query(" 179 SELECT r.*, u.username, up.username AS postusername, up.uid AS postuid, t.subject AS threadsubject 180 FROM ".TABLE_PREFIX."reportedposts r 181 LEFT JOIN ".TABLE_PREFIX."posts p ON (r.pid=p.pid) 182 LEFT JOIN ".TABLE_PREFIX."threads t ON (p.tid=t.tid) 183 LEFT JOIN ".TABLE_PREFIX."users u ON (r.uid=u.uid) 184 LEFT JOIN ".TABLE_PREFIX."users up ON (p.uid=up.uid) 185 WHERE r.reportstatus='0' 186 ORDER BY r.dateline DESC 187 LIMIT {$start}, {$perpage} 188 "); 189 while($report = $db->fetch_array($query)) 190 { 191 $trow = alt_trow(); 192 if(is_moderator($report['fid'])) 193 { 194 $trow = 'trow_shaded'; 195 } 196 $report['postlink'] = get_post_link($report['pid'], $report['tid']); 197 $report['threadlink'] = get_thread_link($report['tid']); 198 $report['posterlink'] = get_profile_link($report['postuid']); 199 $report['reporterlink'] = get_profile_link($report['uid']); 200 $reportdate = my_date($mybb->settings['dateformat'], $report['dateline']); 201 $reporttime = my_date($mybb->settings['timeformat'], $report['dateline']); 202 $report['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($report['threadsubject'])); 203 eval("\$reports .= \"".$templates->get("modcp_reports_report")."\";"); 204 } 205 if(!$reports) 206 { 207 eval("\$reports = \"".$templates->get("modcp_reports_noreports")."\";"); 208 } 209 210 $plugins->run_hooks("modcp_reports"); 211 212 eval("\$reportedposts = \"".$templates->get("modcp_reports")."\";"); 213 output_page($reportedposts); 214 } 215 216 if($mybb->input['action'] == "allreports") 217 { 218 add_breadcrumb($lang->mcp_nav_all_reported_posts, "modcp.php?action=allreports"); 219 220 if(!$mybb->settings['threadsperpage']) 221 { 222 $mybb->settings['threadsperpage'] = 20; 223 } 224 225 // Figure out if we need to display multiple pages. 226 $perpage = $mybb->settings['threadsperpage']; 227 if($mybb->input['page'] != "last") 228 { 229 $page = intval($mybb->input['page']); 230 } 231 232 $query = $db->simple_select("reportedposts", "COUNT(rid) AS count"); 233 $warnings = $db->fetch_field($query, "count"); 234 235 if($mybb->input['rid']) 236 { 237 $mybb->input['rid'] = intval($mybb->input['rid']); 238 $query = $db->simple_select("reportedposts", "COUNT(rid) AS count", "rid <= '".$mybb->input['rid']."'"); 239 $result = $db->fetch_field($query, "count"); 240 if(($result % $perpage) == 0) 241 { 242 $page = $result / $perpage; 243 } 244 else 245 { 246 $page = intval($result / $perpage) + 1; 247 } 248 } 249 $postcount = intval($warnings); 250 $pages = $postcount / $perpage; 251 $pages = ceil($pages); 252 253 if($mybb->input['page'] == "last") 254 { 255 $page = $pages; 256 } 257 258 if($page > $pages || $page <= 0) 259 { 260 $page = 1; 261 } 262 263 if($page) 264 { 265 $start = ($page-1) * $perpage; 266 } 267 else 268 { 269 $start = 0; 270 $page = 1; 271 } 272 $upper = $start+$perpage; 273 274 $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=allreports"); 275 if($postcount > $perpage) 276 { 277 eval("\$allreportspages = \"".$templates->get("modcp_reports_multipage")."\";"); 278 } 279 280 $query = $db->simple_select("forums", "fid, name"); 281 while($forum = $db->fetch_array($query)) 282 { 283 $forums[$forum['fid']] = $forum['name']; 284 } 285 286 $plugins->run_hooks("modcp_allreports_start"); 287 288 $reports = ''; 289 $query = $db->query(" 290 SELECT r.*, u.username, up.username AS postusername, up.uid AS postuid, t.subject AS threadsubject 291 FROM ".TABLE_PREFIX."reportedposts r 292 LEFT JOIN ".TABLE_PREFIX."posts p ON (r.pid=p.pid) 293 LEFT JOIN ".TABLE_PREFIX."threads t ON (p.tid=t.tid) 294 LEFT JOIN ".TABLE_PREFIX."users u ON (r.uid=u.uid) 295 LEFT JOIN ".TABLE_PREFIX."users up ON (p.uid=up.uid) 296 ORDER BY r.dateline DESC 297 LIMIT $start, $perpage 298 "); 299 while($report = $db->fetch_array($query)) 300 { 301 $report['postlink'] = get_post_link($report['pid'], $report['tid']); 302 $report['threadlink'] = get_thread_link($report['tid']); 303 $report['posterlink'] = get_profile_link($report['postuid']); 304 $report['reporterlink'] = get_profile_link($report['uid']); 305 306 $reportdate = my_date($mybb->settings['dateformat'], $report['dateline']); 307 $reporttime = my_date($mybb->settings['timeformat'], $report['dateline']); 308 309 if($report['reportstatus'] == 0) 310 { 311 $trow = "trow_shaded"; 312 } 313 else 314 { 315 $trow = alt_trow(); 316 } 317 318 $report['postusername'] = build_profile_link($report['postusername'], $report['postuid']); 319 320 if($report['threadsubject']) 321 { 322 $report['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($report['threadsubject'])); 323 $report['threadsubject'] = "<a href=\"".get_thread_link($report['tid'])."\" target=\"_blank\">{$report['threadsubject']}</a>"; 324 } 325 else 326 { 327 $report['threadsubject'] = $lang->na; 328 } 329 330 eval("\$allreports .= \"".$templates->get("modcp_reports_allreport")."\";"); 331 } 332 333 if(!$allreports) 334 { 335 eval("\$allreports = \"".$templates->get("modcp_reports_allnoreports")."\";"); 336 } 337 338 $plugins->run_hooks("modcp_reports"); 339 340 eval("\$allreportedposts = \"".$templates->get("modcp_reports_allreports")."\";"); 341 output_page($allreportedposts); 342 } 343 344 if($mybb->input['action'] == "modlogs") 345 { 346 add_breadcrumb($lang->mcp_nav_modlogs, "modcp.php?action=modlogs"); 347 348 $perpage = intval($mybb->input['perpage']); 349 if(!$perpage || $perpage <= 0) 350 { 351 $perpage = $mybb->settings['threadsperpage']; 352 } 353 354 $where = ''; 355 356 // Searching for entries by a particular user 357 if($mybb->input['uid']) 358 { 359 $where .= " AND l.uid='".intval($mybb->input['uid'])."'"; 360 } 361 362 // Searching for entries in a specific forum 363 if($mybb->input['fid']) 364 { 365 $where .= " AND t.fid='".intval($mybb->input['fid'])."'"; 366 } 367 368 // Order? 369 switch($mybb->input['sortby']) 370 { 371 case "username": 372 $sortby = "u.username"; 373 break; 374 case "forum": 375 $sortby = "f.name"; 376 break; 377 case "thread": 378 $sortby = "t.subject"; 379 break; 380 default: 381 $sortby = "l.dateline"; 382 } 383 $order = $mybb->input['order']; 384 if($order != "asc") 385 { 386 $order = "desc"; 387 } 388 389 $plugins->run_hooks("modcp_modlogs_start"); 390 391 $query = $db->query(" 392 SELECT COUNT(l.dateline) AS count 393 FROM ".TABLE_PREFIX."moderatorlog l 394 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 395 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 396 WHERE 1=1 {$where}{$tflist} 397 "); 398 $rescount = $db->fetch_field($query, "count"); 399 400 // Figure out if we need to display multiple pages. 401 if($mybb->input['page'] != "last") 402 { 403 $page = intval($mybb->input['page']); 404 } 405 406 $postcount = intval($rescount); 407 $pages = $postcount / $perpage; 408 $pages = ceil($pages); 409 410 if($mybb->input['page'] == "last") 411 { 412 $page = $pages; 413 } 414 415 if($page > $pages || $page <= 0) 416 { 417 $page = 1; 418 } 419 420 if($page) 421 { 422 $start = ($page-1) * $perpage; 423 } 424 else 425 { 426 $start = 0; 427 $page = 1; 428 } 429 430 $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modlogs&perpage=$perpage&uid={$mybb->input['uid']}&fid={$mybb->input['fid']}&sortby={$mybb->input['sortby']}&order={$mybb->input['order']}"); 431 if($postcount > $perpage) 432 { 433 eval("\$resultspages = \"".$templates->get("modcp_modlogs_multipage")."\";"); 434 } 435 $query = $db->query(" 436 SELECT l.*, u.username, u.usergroup, u.displaygroup, t.subject AS tsubject, f.name AS fname, p.subject AS psubject 437 FROM ".TABLE_PREFIX."moderatorlog l 438 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 439 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 440 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) 441 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) 442 WHERE 1=1 {$where}{$tflist} 443 ORDER BY {$sortby} {$order} 444 LIMIT {$start}, {$perpage} 445 "); 446 while($logitem = $db->fetch_array($query)) 447 { 448 $information = ''; 449 $logitem['action'] = $logitem['action']; 450 $log_date = my_date($mybb->settings['dateformat'], $logitem['dateline']); 451 $log_time = my_date($mybb->settings['timeformat'], $logitem['dateline']); 452 $trow = alt_trow(); 453 $username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']); 454 $logitem['profilelink'] = build_profile_link($username, $logitem['uid']); 455 if($logitem['tsubject']) 456 { 457 $information = "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($logitem['tid'])."\" target=\"_blank\">".htmlspecialchars_uni($logitem['tsubject'])."</a><br />"; 458 } 459 if($logitem['fname']) 460 { 461 $information .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($logitem['fid'])."\" target=\"_blank\">{$logitem['fname']}</a><br />"; 462 } 463 if($logitem['psubject']) 464 { 465 $information .= "<strong>{$lang->post}</strong> <a href=\"".get_post_link($logitem['pid'])."#pid{$logitem['pid']}\">".htmlspecialchars_uni($logitem['psubject'])."</a>"; 466 } 467 468 // Edited a user? 469 if(!$logitem['tsubject'] || !$logitem['fname'] || !$logitem['psubject']) 470 { 471 $data = unserialize($logitem['data']); 472 if($data['uid']) 473 { 474 $information = $lang->sprintf($lang->edited_user_info, htmlspecialchars_uni($data['username']), get_profile_link($data['uid'])); 475 } 476 } 477 478 eval("\$results .= \"".$templates->get("modcp_modlogs_result")."\";"); 479 } 480 481 if(!$results) 482 { 483 eval("\$results = \"".$templates->get("modcp_modlogs_noresults")."\";"); 484 } 485 486 $plugins->run_hooks("modcp_modlogs_filter"); 487 488 // Fetch filter options 489 $sortbysel[$mybb->input['sortby']] = "selected=\"selected\""; 490 $ordersel[$mybb->input['order']] = "selected=\"selected\""; 491 $query = $db->query(" 492 SELECT DISTINCT l.uid, u.username 493 FROM ".TABLE_PREFIX."moderatorlog l 494 LEFT JOIN ".TABLE_PREFIX."users u ON (l.uid=u.uid) 495 ORDER BY u.username ASC 496 "); 497 while($user = $db->fetch_array($query)) 498 { 499 // Deleted Users 500 if(!$user['username']) 501 { 502 $user['username'] = $lang->na_deleted; 503 } 504 505 $selected = ''; 506 if($mybb->input['uid'] == $user['uid']) 507 { 508 $selected = " selected=\"selected\""; 509 } 510 $user_options .= "<option value=\"{$user['uid']}\"{$selected}>".htmlspecialchars_uni($user['username'])."</option>\n"; 511 } 512 513 $forum_select = build_forum_jump("", $mybb->input['fid'], 1, '', 0, true, '', "fid"); 514 515 eval("\$modlogs = \"".$templates->get("modcp_modlogs")."\";"); 516 output_page($modlogs); 517 } 518 519 if($mybb->input['action'] == "do_delete_announcement") 520 { 521 verify_post_check($mybb->input['my_post_key']); 522 523 $aid = intval($mybb->input['aid']); 524 $query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'"); 525 $announcement = $db->fetch_array($query); 526 527 if(!$announcement['aid']) 528 { 529 error($lang->error_invalid_announcement); 530 } 531 if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid']))) 532 { 533 error_no_permission(); 534 } 535 536 $plugins->run_hooks("modcp_do_delete_announcement"); 537 538 $db->delete_query("announcements", "aid='{$aid}'"); 539 $cache->update_forumsdisplay(); 540 541 redirect("modcp.php?action=announcements", $lang->redirect_delete_announcement); 542 } 543 544 if($mybb->input['action'] == "delete_announcement") 545 { 546 $aid = intval($mybb->input['aid']); 547 $query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'"); 548 $announcement = $db->fetch_array($query); 549 550 if(!$announcement['aid']) 551 { 552 error($lang->error_invalid_announcement); 553 } 554 if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid']))) 555 { 556 error_no_permission(); 557 } 558 559 $plugins->run_hooks("modcp_delete_announcement"); 560 561 eval("\$announcements = \"".$templates->get("modcp_announcements_delete")."\";"); 562 output_page($announcements); 563 } 564 565 if($mybb->input['action'] == "do_new_announcement") 566 { 567 verify_post_check($mybb->input['my_post_key']); 568 569 $announcement_fid = intval($mybb->input['fid']); 570 if(($mybb->usergroup['issupermod'] != 1 && $announcement_fid == -1) || ($announcement_fid != -1 && !is_moderator($announcement_fid))) 571 { 572 error_no_permission(); 573 } 574 575 if(!trim($mybb->input['title'])) 576 { 577 $errors[] = $lang->error_missing_title; 578 } 579 580 if(!trim($mybb->input['message'])) 581 { 582 $errors[] = $lang->error_missing_message; 583 } 584 585 if(!trim($mybb->input['fid'])) 586 { 587 $errors[] = $lang->error_missing_forum; 588 } 589 590 $startdate = @explode(" ", $mybb->input['starttime_time']); 591 $startdate = @explode(":", $startdate[0]); 592 $enddate = @explode(" ", $mybb->input['endtime_time']); 593 $enddate = @explode(":", $enddate[0]); 594 595 if(stristr($mybb->input['starttime_time'], "pm")) 596 { 597 $startdate[0] = 12+$startdate[0]; 598 if($startdate[0] >= 24) 599 { 600 $startdate[0] = "00"; 601 } 602 } 603 604 if(stristr($mybb->input['endtime_time'], "pm")) 605 { 606 $enddate[0] = 12+$enddate[0]; 607 if($enddate[0] >= 24) 608 { 609 $enddate[0] = "00"; 610 } 611 } 612 613 $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); 614 if(!in_array($mybb->input['starttime_month'], $months)) 615 { 616 $mybb->input['starttime_month'] = 1; 617 } 618 619 $startdate = gmmktime(intval($startdate[0]), intval($startdate[1]), 0, (int)$mybb->input['starttime_month'], intval($mybb->input['starttime_day']), intval($mybb->input['starttime_year'])); 620 621 if($startdate < 0 || $startdate == false) 622 { 623 $errors[] = $lang->error_invalid_start_date; 624 } 625 626 if($mybb->input['endtime_type'] == "2") 627 { 628 $enddate = '0'; 629 } 630 else 631 { 632 if(!in_array($mybb->input['endtime_month'], $months)) 633 { 634 $mybb->input['endtime_month'] = 1; 635 } 636 $enddate = gmmktime(intval($enddate[0]), intval($enddate[1]), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year'])); 637 if($enddate < 0 || $enddate == false) 638 { 639 $errors[] = $lang->error_invalid_end_date; 640 } 641 elseif($enddate < $startdate) 642 { 643 $errors[] = $lang->error_end_before_start; 644 } 645 } 646 647 $plugins->run_hooks("modcp_do_new_announcement_start"); 648 649 if(!$errors) 650 { 651 $insert_announcement = array( 652 'fid' => $announcement_fid, 653 'uid' => $mybb->user['uid'], 654 'subject' => $db->escape_string($mybb->input['title']), 655 'message' => $db->escape_string($mybb->input['message']), 656 'startdate' => $startdate, 657 'enddate' => $enddate, 658 'allowhtml' => $db->escape_string($mybb->input['allowhtml']), 659 'allowmycode' => $db->escape_string($mybb->input['allowmycode']), 660 'allowsmilies' => $db->escape_string($mybb->input['allowsmilies']), 661 ); 662 663 $aid = $db->insert_query("announcements", $insert_announcement); 664 665 $plugins->run_hooks("modcp_do_new_announcement_end"); 666 667 $cache->update_forumsdisplay(); 668 redirect("modcp.php?action=announcements", $lang->redirect_add_announcement); 669 } 670 else 671 { 672 $mybb->input['action'] = 'new_announcement'; 673 } 674 } 675 676 if($mybb->input['action'] == "new_announcement") 677 { 678 add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); 679 add_breadcrumb($lang->add_announcement, "modcp.php?action=new_announcements"); 680 681 $announcement_fid = intval($mybb->input['fid']); 682 683 if(($mybb->usergroup['issupermod'] != 1 && $announcement_fid == -1) || ($announcement_fid != -1 && !is_moderator($announcement_fid))) 684 { 685 error_no_permission(); 686 } 687 688 // Deal with inline errors 689 if(is_array($errors)) 690 { 691 $errors = inline_error($errors); 692 693 // Set $announcement to input stuff 694 $announcement['subject'] = $mybb->input['title']; 695 $announcement['message'] = $mybb->input['message']; 696 $announcement['allowhtml'] = $mybb->input['allowhtml']; 697 $announcement['allowmycode'] = $mybb->input['allowmycode']; 698 $announcement['allowsmilies'] = $mybb->input['allowsmilies']; 699 700 $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); 701 if(!in_array($mybb->input['starttime_month'], $months)) 702 { 703 $mybb->input['starttime_month'] = 1; 704 } 705 706 if(!in_array($mybb->input['endtime_month'], $months)) 707 { 708 $mybb->input['endtime_month'] = 1; 709 } 710 711 $startmonth = $mybb->input['starttime_month']; 712 $startdateyear = htmlspecialchars_uni($mybb->input['starttime_year']); 713 $startday = intval($mybb->input['starttime_day']); 714 $starttime_time = htmlspecialchars($mybb->input['starttime_time']); 715 $endmonth = $mybb->input['endtime_month']; 716 $enddateyear = htmlspecialchars_uni($mybb->input['endtime_year']); 717 $endday = intval($mybb->input['endtime_day']); 718 $endtime_time = htmlspecialchars($mybb->input['endtime_time']); 719 } 720 else 721 { 722 // Note: dates are in GMT timezone 723 $starttime_time = gmdate("g:i a", TIME_NOW); 724 $endtime_time = gmdate("g:i a", TIME_NOW); 725 $startday = $endday = gmdate("j", TIME_NOW); 726 $startmonth = $endmonth = gmdate("m", TIME_NOW); 727 $startdateyear = gmdate("Y", TIME_NOW); 728 729 $enddateyear = $startdateyear+1; 730 } 731 732 // Generate form elements 733 for($i = 1; $i <= 31; ++$i) 734 { 735 if($startday == $i) 736 { 737 $startdateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 738 } 739 else 740 { 741 $startdateday .= "<option value=\"$i\">$i</option>\n"; 742 } 743 744 if($endday == $i) 745 { 746 $enddateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 747 } 748 else 749 { 750 $enddateday .= "<option value=\"$i\">$i</option>\n"; 751 } 752 } 753 754 $startmonthsel = $endmonthsel = array(); 755 $startmonthsel[$startmonth] = "selected=\"selected\""; 756 $endmonthsel[$endmonth] = "selected=\"selected\""; 757 758 $startdatemonth .= "<option value=\"01\" {$startmonthsel['01']}>{$lang->january}</option>\n"; 759 $enddatemonth .= "<option value=\"01\" {$endmonthsel['01']}>{$lang->january}</option>\n"; 760 $startdatemonth .= "<option value=\"02\" {$startmonthsel['02']}>{$lang->february}</option>\n"; 761 $enddatemonth .= "<option value=\"02\" {$endmonthsel['02']}>{$lang->february}</option>\n"; 762 $startdatemonth .= "<option value=\"03\" {$startmonthsel['03']}>{$lang->march}</option>\n"; 763 $enddatemonth .= "<option value=\"03\" {$endmonthsel['03']}>{$lang->march}</option>\n"; 764 $startdatemonth .= "<option value=\"04\" {$startmonthsel['04']}>{$lang->april}</option>\n"; 765 $enddatemonth .= "<option value=\"04\" {$endmonthsel['04']}>{$lang->april}</option>\n"; 766 $startdatemonth .= "<option value=\"05\" {$startmonthsel['05']}>{$lang->may}</option>\n"; 767 $enddatemonth .= "<option value=\"05\" {$endmonthsel['05']}>{$lang->may}</option>\n"; 768 $startdatemonth .= "<option value=\"06\" {$startmonthsel['06']}>{$lang->june}</option>\n"; 769 $enddatemonth .= "<option value=\"06\" {$endmonthsel['06']}>{$lang->june}</option>\n"; 770 $startdatemonth .= "<option value=\"07\" {$startmonthsel['07']}>{$lang->july}</option>\n"; 771 $enddatemonth .= "<option value=\"07\" {$endmonthsel['07']}>{$lang->july}</option>\n"; 772 $startdatemonth .= "<option value=\"08\" {$startmonthsel['08']}>{$lang->august}</option>\n"; 773 $enddatemonth .= "<option value=\"08\" {$endmonthsel['08']}>{$lang->august}</option>\n"; 774 $startdatemonth .= "<option value=\"09\" {$startmonthsel['09']}>{$lang->september}</option>\n"; 775 $enddatemonth .= "<option value=\"09\" {$endmonthsel['09']}>{$lang->september}</option>\n"; 776 $startdatemonth .= "<option value=\"10\" {$startmonthsel['10']}>{$lang->october}</option>\n"; 777 $enddatemonth .= "<option value=\"10\" {$endmonthsel['10']}>{$lang->october}</option>\n"; 778 $startdatemonth .= "<option value=\"11\" {$startmonthsel['11']}>{$lang->november}</option>\n"; 779 $enddatemonth .= "<option value=\"11\" {$endmonthsel['11']}>{$lang->november}</option>\n"; 780 $startdatemonth .= "<option value=\"12\" {$startmonthsel['12']}>{$lang->december}</option>\n"; 781 $enddatemonth .= "<option value=\"12\" {$endmonthsel['12']}>{$lang->december}</option>\n"; 782 783 $title = htmlspecialchars_uni($announcement['subject']); 784 $message = htmlspecialchars_uni($announcement['message']); 785 786 $html_sel = $mycode_sel = $smilies_sel = array(); 787 if($mybb->input['allowhtml'] || !isset($mybb->input['allowhtml'])) 788 { 789 $html_sel['yes'] = ' checked="checked"'; 790 } 791 else 792 { 793 $html_sel['no'] = ' checked="checked"'; 794 } 795 796 if($mybb->input['allowmycode'] || !isset($mybb->input['allowmycode'])) 797 { 798 $mycode_sel['yes'] = ' checked="checked"'; 799 } 800 else 801 { 802 $mycode_sel['no'] = ' checked="checked"'; 803 } 804 805 if($mybb->input['allowsmilies'] || !isset($mybb->input['allowsmilies'])) 806 { 807 $smilies_sel['yes'] = ' checked="checked"'; 808 } 809 else 810 { 811 $smilies_sel['no'] = ' checked="checked"'; 812 } 813 814 if($mybb->input['endtime_type'] == 2 || !isset($mybb->input['endtime_type'])) 815 { 816 $end_type_sel['infinite'] = ' checked="checked"'; 817 } 818 else 819 { 820 $end_type_sel['finite'] = ' checked="checked"'; 821 } 822 823 // MyCode editor 824 $codebuttons = build_mycode_inserter(); 825 $smilieinserter = build_clickable_smilies(); 826 827 $plugins->run_hooks("modcp_new_announcement"); 828 829 eval("\$announcements = \"".$templates->get("modcp_announcements_new")."\";"); 830 output_page($announcements); 831 } 832 833 if($mybb->input['action'] == "do_edit_announcement") 834 { 835 verify_post_check($mybb->input['my_post_key']); 836 837 // Get the announcement 838 $aid = intval($mybb->input['aid']); 839 $query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'"); 840 $announcement = $db->fetch_array($query); 841 842 // Check that it exists 843 if(!$announcement['aid']) 844 { 845 error($lang->error_invalid_announcement); 846 } 847 848 // Mod has permissions to edit this announcement 849 if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid']))) 850 { 851 error_no_permission(); 852 } 853 854 // Basic error checking 855 if(!trim($mybb->input['title'])) 856 { 857 $errors[] = $lang->error_missing_title; 858 } 859 860 if(!trim($mybb->input['message'])) 861 { 862 $errors[] = $lang->error_missing_message; 863 } 864 865 if(!trim($mybb->input['fid'])) 866 { 867 $errors[] = $lang->error_missing_forum; 868 } 869 870 $startdate = @explode(" ", $mybb->input['starttime_time']); 871 $startdate = @explode(":", $startdate[0]); 872 $enddate = @explode(" ", $mybb->input['endtime_time']); 873 $enddate = @explode(":", $enddate[0]); 874 875 if(stristr($mybb->input['starttime_time'], "pm")) 876 { 877 $startdate[0] = 12+$startdate[0]; 878 if($startdate[0] >= 24) 879 { 880 $startdate[0] = "00"; 881 } 882 } 883 884 if(stristr($mybb->input['endtime_time'], "pm")) 885 { 886 $enddate[0] = 12+$enddate[0]; 887 if($enddate[0] >= 24) 888 { 889 $enddate[0] = "00"; 890 } 891 } 892 893 $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); 894 if(!in_array($mybb->input['starttime_month'], $months)) 895 { 896 $mybb->input['starttime_month'] = 1; 897 } 898 899 $startdate = gmmktime(intval($startdate[0]), intval($startdate[1]), 0, (int)$mybb->input['starttime_month'], intval($mybb->input['starttime_day']), intval($mybb->input['starttime_year'])); 900 if($startdate < 0 || $startdate == false) 901 { 902 $errors[] = $lang->error_invalid_start_date; 903 } 904 905 if($mybb->input['endtime_type'] == "2") 906 { 907 $enddate = '0'; 908 } 909 else 910 { 911 if(!in_array($mybb->input['endtime_month'], $months)) 912 { 913 $mybb->input['endtime_month'] = 1; 914 } 915 $enddate = gmmktime(intval($enddate[0]), intval($enddate[1]), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year'])); 916 if($enddate < 0 || $enddate == false) 917 { 918 $errors[] = $lang->error_invalid_end_date; 919 } 920 elseif($enddate < $startdate) 921 { 922 $errors[] = $lang->error_end_before_start; 923 } 924 } 925 926 $plugins->run_hooks("modcp_do_edit_announcement_start"); 927 928 // Proceed to update if no errors 929 if(!$errors) 930 { 931 $update_announcement = array( 932 'uid' => $mybb->user['uid'], 933 'subject' => $db->escape_string($mybb->input['title']), 934 'message' => $db->escape_string($mybb->input['message']), 935 'startdate' => $startdate, 936 'enddate' => $enddate, 937 'allowhtml' => $db->escape_string($mybb->input['allowhtml']), 938 'allowmycode' => $db->escape_string($mybb->input['allowmycode']), 939 'allowsmilies' => $db->escape_string($mybb->input['allowsmilies']), 940 ); 941 942 $db->update_query("announcements", $update_announcement, "aid='{$aid}'"); 943 944 $plugins->run_hooks("modcp_do_edit_announcement_end"); 945 946 $cache->update_forumsdisplay(); 947 redirect("modcp.php?action=announcements", $lang->redirect_edit_announcement); 948 } 949 else 950 { 951 $mybb->input['action'] = 'edit_announcement'; 952 } 953 } 954 955 if($mybb->input['action'] == "edit_announcement") 956 { 957 $announcement_fid = intval($mybb->input['fid']); 958 $aid = intval($mybb->input['aid']); 959 960 add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); 961 add_breadcrumb($lang->edit_announcement, "modcp.php?action=edit_announcements&aid={$aid}"); 962 963 // Get announcement 964 $query = $db->simple_select("announcements", "*", "aid='{$aid}'"); 965 $announcement = $db->fetch_array($query); 966 967 if(!$announcement['fid']) 968 { 969 error($lang->error_invalid_announcement); 970 } 971 if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid']))) 972 { 973 error_no_permission(); 974 } 975 976 // Deal with inline errors 977 if(is_array($errors)) 978 { 979 $errors = inline_error($errors); 980 981 // Set $announcement to input stuff 982 $announcement['subject'] = $mybb->input['title']; 983 $announcement['message'] = $mybb->input['message']; 984 $announcement['allowhtml'] = $mybb->input['allowhtml']; 985 $announcement['allowmycode'] = $mybb->input['allowmycode']; 986 $announcement['allowsmilies'] = $mybb->input['allowsmilies']; 987 988 $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); 989 if(!in_array($mybb->input['starttime_month'], $months)) 990 { 991 $mybb->input['starttime_month'] = 1; 992 } 993 994 if(!in_array($mybb->input['endtime_month'], $months)) 995 { 996 $mybb->input['endtime_month'] = 1; 997 } 998 999 $startmonth = $mybb->input['starttime_month']; 1000 $startdateyear = htmlspecialchars_uni($mybb->input['starttime_year']); 1001 $startday = intval($mybb->input['starttime_day']); 1002 $starttime_time = htmlspecialchars($mybb->input['starttime_time']); 1003 $endmonth = $mybb->input['endtime_month']; 1004 $enddateyear = htmlspecialchars_uni($mybb->input['endtime_year']); 1005 $endday = intval($mybb->input['endtime_day']); 1006 $endtime_time = htmlspecialchars($mybb->input['endtime_time']); 1007 1008 $errored = true; 1009 } 1010 else 1011 { 1012 // Note: dates are in GMT timezone 1013 $starttime_time = gmdate('g:i a', $announcement['startdate']); 1014 $endtime_time = gmdate('g:i a', $announcement['enddate']); 1015 1016 $startday = gmdate('j', $announcement['startdate']); 1017 $endday = gmdate('j', $announcement['enddate']); 1018 1019 $startmonth = gmdate('m', $announcement['startdate']); 1020 $endmonth = gmdate('m', $announcement['enddate']); 1021 1022 $startdateyear = gmdate('Y', $announcement['startdate']); 1023 $enddateyear = gmdate('Y', $announcement['enddate']); 1024 1025 $errored = false; 1026 } 1027 1028 // Generate form elements 1029 for($i = 1; $i <= 31; ++$i) 1030 { 1031 if($startday == $i) 1032 { 1033 $startdateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 1034 } 1035 else 1036 { 1037 $startdateday .= "<option value=\"$i\">$i</option>\n"; 1038 } 1039 1040 if($endday == $i) 1041 { 1042 $enddateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 1043 } 1044 else 1045 { 1046 $enddateday .= "<option value=\"$i\">$i</option>\n"; 1047 } 1048 } 1049 1050 $startmonthsel = $endmonthsel = array(); 1051 $startmonthsel[$startmonth] = "selected=\"selected\""; 1052 $endmonthsel[$endmonth] = "selected=\"selected\""; 1053 1054 $startdatemonth .= "<option value=\"01\" {$startmonthsel['01']}>{$lang->january}</option>\n"; 1055 $enddatemonth .= "<option value=\"01\" {$endmonthsel['01']}>{$lang->january}</option>\n"; 1056 $startdatemonth .= "<option value=\"02\" {$startmonthsel['02']}>{$lang->february}</option>\n"; 1057 $enddatemonth .= "<option value=\"02\" {$endmonthsel['02']}>{$lang->february}</option>\n"; 1058 $startdatemonth .= "<option value=\"03\" {$startmonthsel['03']}>{$lang->march}</option>\n"; 1059 $enddatemonth .= "<option value=\"03\" {$endmonthsel['03']}>{$lang->march}</option>\n"; 1060 $startdatemonth .= "<option value=\"04\" {$startmonthsel['04']}>{$lang->april}</option>\n"; 1061 $enddatemonth .= "<option value=\"04\" {$endmonthsel['04']}>{$lang->april}</option>\n"; 1062 $startdatemonth .= "<option value=\"05\" {$startmonthsel['05']}>{$lang->may}</option>\n"; 1063 $enddatemonth .= "<option value=\"05\" {$endmonthsel['05']}>{$lang->may}</option>\n"; 1064 $startdatemonth .= "<option value=\"06\" {$startmonthsel['06']}>{$lang->june}</option>\n"; 1065 $enddatemonth .= "<option value=\"06\" {$endmonthsel['06']}>{$lang->june}</option>\n"; 1066 $startdatemonth .= "<option value=\"07\" {$startmonthsel['07']}>{$lang->july}</option>\n"; 1067 $enddatemonth .= "<option value=\"07\" {$endmonthsel['07']}>{$lang->july}</option>\n"; 1068 $startdatemonth .= "<option value=\"08\" {$startmonthsel['08']}>{$lang->august}</option>\n"; 1069 $enddatemonth .= "<option value=\"08\" {$endmonthsel['08']}>{$lang->august}</option>\n"; 1070 $startdatemonth .= "<option value=\"09\" {$startmonthsel['09']}>{$lang->september}</option>\n"; 1071 $enddatemonth .= "<option value=\"09\" {$endmonthsel['09']}>{$lang->september}</option>\n"; 1072 $startdatemonth .= "<option value=\"10\" {$startmonthsel['10']}>{$lang->october}</option>\n"; 1073 $enddatemonth .= "<option value=\"10\" {$endmonthsel['10']}>{$lang->october}</option>\n"; 1074 $startdatemonth .= "<option value=\"11\" {$startmonthsel['11']}>{$lang->november}</option>\n"; 1075 $enddatemonth .= "<option value=\"11\" {$endmonthsel['11']}>{$lang->november}</option>\n"; 1076 $startdatemonth .= "<option value=\"12\" {$startmonthsel['12']}>{$lang->december}</option>\n"; 1077 $enddatemonth .= "<option value=\"12\" {$endmonthsel['12']}>{$lang->december}</option>\n"; 1078 1079 $title = htmlspecialchars_uni($announcement['subject']); 1080 $message = htmlspecialchars_uni($announcement['message']); 1081 1082 $html_sel = $mycode_sel = $smilies_sel = array(); 1083 if($announcement['allowhtml']) 1084 { 1085 $html_sel['yes'] = ' checked="checked"'; 1086 } 1087 else 1088 { 1089 $html_sel['no'] = ' checked="checked"'; 1090 } 1091 1092 if($announcement['allowmycode']) 1093 { 1094 $mycode_sel['yes'] = ' checked="checked"'; 1095 } 1096 else 1097 { 1098 $mycode_sel['no'] = ' checked="checked"'; 1099 } 1100 1101 if($announcement['allowsmilies']) 1102 { 1103 $smilies_sel['yes'] = ' checked="checked"'; 1104 } 1105 else 1106 { 1107 $smilies_sel['no'] = ' checked="checked"'; 1108 } 1109 1110 if(($errored && $mybb->input['endtime_type'] == 2) || (!$errored && intval($announcement['enddate']) == 0)) 1111 { 1112 $end_type_sel['infinite'] = ' checked="checked"'; 1113 } 1114 else 1115 { 1116 $end_type_sel['finite'] = ' checked="checked"'; 1117 } 1118 1119 // MyCode editor 1120 $codebuttons = build_mycode_inserter(); 1121 $smilieinserter = build_clickable_smilies(); 1122 1123 $plugins->run_hooks("modcp_edit_announcement"); 1124 1125 eval("\$announcements = \"".$templates->get("modcp_announcements_edit")."\";"); 1126 output_page($announcements); 1127 } 1128 1129 if($mybb->input['action'] == "announcements") 1130 { 1131 add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); 1132 1133 // Fetch announcements into their proper arrays 1134 $query = $db->simple_select("announcements", "aid, fid, subject, enddate"); 1135 while($announcement = $db->fetch_array($query)) 1136 { 1137 if($announcement['fid'] == -1) 1138 { 1139 $global_announcements[$announcement['aid']] = $announcement; 1140 continue; 1141 } 1142 $announcements[$announcement['fid']][$announcement['aid']] = $announcement; 1143 } 1144 1145 if($mybb->usergroup['issupermod'] == 1) 1146 { 1147 if($global_announcements && $mybb->usergroup['issupermod'] == 1) 1148 { 1149 // Get the global announcements 1150 foreach($global_announcements as $aid => $announcement) 1151 { 1152 $trow = alt_trow(); 1153 if($announcement['startdate'] > TIME_NOW || ($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0)) 1154 { 1155 $icon = "<img src=\"images/minioff.gif\" alt=\"({$lang->expired})\" title=\"{$lang->expired_announcement}\" style=\"vertical-align: middle;\" /> "; 1156 } 1157 else 1158 { 1159 $icon = "<img src=\"images/minion.gif\" alt=\"({$lang->active})\" title=\"{$lang->active_announcement}\" style=\"vertical-align: middle;\" /> "; 1160 } 1161 1162 $subject = htmlspecialchars_uni($announcement['subject']); 1163 1164 eval("\$announcements_global .= \"".$templates->get("modcp_announcements_announcement_global")."\";"); 1165 } 1166 } 1167 else 1168 { 1169 // No global announcements 1170 eval("\$announcements_global = \"".$templates->get("modcp_no_announcements_global")."\";"); 1171 } 1172 eval("\$announcements_global = \"".$templates->get("modcp_announcements_global")."\";"); 1173 } 1174 else 1175 { 1176 // Moderator is not super, so don't show global annnouncemnets 1177 $announcements_global = ''; 1178 } 1179 1180 fetch_forum_announcements(); 1181 1182 if(!$announcements_forum) 1183 { 1184 eval("\$announcements_forum = \"".$templates->get("modcp_no_announcements_forum")."\";"); 1185 } 1186 1187 $plugins->run_hooks("modcp_announcements"); 1188 1189 eval("\$announcements = \"".$templates->get("modcp_announcements")."\";"); 1190 output_page($announcements); 1191 } 1192 1193 if($mybb->input['action'] == "do_modqueue") 1194 { 1195 require_once MYBB_ROOT."inc/class_moderation.php"; 1196 $moderation = new Moderation; 1197 1198 // Verify incoming POST request 1199 verify_post_check($mybb->input['my_post_key']); 1200 1201 $plugins->run_hooks("modcp_do_modqueue_start"); 1202 1203 if(is_array($mybb->input['threads'])) 1204 { 1205 // Fetch threads 1206 $query = $db->simple_select("threads", "tid", "tid IN (".implode(",", array_map("intval", array_keys($mybb->input['threads'])))."){$flist}"); 1207 while($thread = $db->fetch_array($query)) 1208 { 1209 $action = $mybb->input['threads'][$thread['tid']]; 1210 if($action == "approve") 1211 { 1212 $threads_to_approve[] = $thread['tid']; 1213 } 1214 else if($action == "delete") 1215 { 1216 $threads_to_delete[] = $thread['tid']; 1217 } 1218 } 1219 if(!empty($threads_to_approve)) 1220 { 1221 $moderation->approve_threads($threads_to_approve); 1222 log_moderator_action(array('tids' => $threads_to_approve), $lang->multi_approve_threads); 1223 } 1224 if(!empty($threads_to_delete)) 1225 { 1226 foreach($threads_to_delete as $tid) 1227 { 1228 $moderation->delete_thread($tid); 1229 } 1230 log_moderator_action(array('tids' => $threads_to_delete), $lang->multi_delete_threads); 1231 } 1232 1233 $plugins->run_hooks("modcp_do_modqueue_end"); 1234 1235 redirect("modcp.php?action=modqueue", $lang->redirect_threadsmoderated); 1236 } 1237 else if(is_array($mybb->input['posts'])) 1238 { 1239 // Fetch posts 1240 $query = $db->simple_select("posts", "pid", "pid IN (".implode(",", array_map("intval", array_keys($mybb->input['posts'])))."){$flist}"); 1241 while($post = $db->fetch_array($query)) 1242 { 1243 $action = $mybb->input['posts'][$post['pid']]; 1244 if($action == "approve") 1245 { 1246 $posts_to_approve[] = $post['pid']; 1247 } 1248 else if($action == "delete") 1249 { 1250 $moderation->delete_post($post['pid']); 1251 } 1252 } 1253 if(is_array($posts_to_approve)) 1254 { 1255 $moderation->approve_posts($posts_to_approve); 1256 } 1257 log_moderator_action(array('pids' => $posts_to_approve), $lang->multi_approve_posts); 1258 1259 $plugins->run_hooks("modcp_do_modqueue_end"); 1260 1261 redirect("modcp.php?action=modqueue&type=posts", $lang->redirect_postsmoderated); 1262 } 1263 else if(is_array($mybb->input['attachments'])) 1264 { 1265 $query = $db->query(" 1266 SELECT a.pid, a.aid 1267 FROM ".TABLE_PREFIX."attachments a 1268 LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) 1269 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 1270 WHERE aid IN (".implode(",", array_map("intval", array_keys($mybb->input['attachments'])))."){$tflist} 1271 "); 1272 while($attachment = $db->fetch_array($query)) 1273 { 1274 $action = $mybb->input['attachments'][$attachment['aid']]; 1275 if($action == "approve") 1276 { 1277 $db->update_query("attachments", array("visible" => 1), "aid='{$attachment['aid']}'"); 1278 } 1279 else if($action == "delete") 1280 { 1281 remove_attachment($attachment['pid'], '', $attachment['aid']); 1282 } 1283 } 1284 1285 $plugins->run_hooks("modcp_do_modqueue_end"); 1286 1287 redirect("modcp.php?action=modqueue&type=attachments", $lang->redirect_attachmentsmoderated); 1288 } 1289 } 1290 1291 if($mybb->input['action'] == "modqueue") 1292 { 1293 if($mybb->input['type'] == "threads" || !$mybb->input['type']) 1294 { 1295 $forum_cache = $cache->read("forums"); 1296 1297 $query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible=0 {$flist}"); 1298 $unapproved_threads = $db->fetch_field($query, "unapprovedthreads"); 1299 1300 // Figure out if we need to display multiple pages. 1301 if($mybb->input['page'] != "last") 1302 { 1303 $page = intval($mybb->input['page']); 1304 } 1305 1306 $perpage = $mybb->settings['threadsperpage']; 1307 $pages = $unapproved_threads / $perpage; 1308 $pages = ceil($pages); 1309 1310 if($mybb->input['page'] == "last") 1311 { 1312 $page = $pages; 1313 } 1314 1315 if($page > $pages || $page <= 0) 1316 { 1317 $page = 1; 1318 } 1319 1320 if($page) 1321 { 1322 $start = ($page-1) * $perpage; 1323 } 1324 else 1325 { 1326 $start = 0; 1327 $page = 1; 1328 } 1329 1330 $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=threads"); 1331 1332 $query = $db->query(" 1333 SELECT t.tid, t.dateline, t.fid, t.subject, p.message AS postmessage, u.username AS username, t.uid 1334 FROM ".TABLE_PREFIX."threads t 1335 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=t.firstpost) 1336 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 1337 WHERE t.visible='0' {$tflist} 1338 ORDER BY t.lastpost DESC 1339 LIMIT {$start}, {$perpage} 1340 "); 1341 while($thread = $db->fetch_array($query)) 1342 { 1343 $altbg = alt_trow(); 1344 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 1345 $thread['threadlink'] = get_thread_link($thread['tid']); 1346 $thread['forumlink'] = get_forum_link($thread['fid']); 1347 $forum_name = $forum_cache[$thread['fid']]['name']; 1348 $threaddate = my_date($mybb->settings['dateformat'], $thread['dateline']); 1349 $threadtime = my_date($mybb->settings['timeformat'], $thread['dateline']); 1350 $profile_link = build_profile_link($thread['username'], $thread['uid']); 1351 $thread['postmessage'] = nl2br(htmlspecialchars_uni($thread['postmessage'])); 1352 $forum = "<strong>{$lang->meta_forum} <a href=\"{$thread['forumlink']}\">{$forum_name}</a></strong>"; 1353 eval("\$threads .= \"".$templates->get("modcp_modqueue_threads_thread")."\";"); 1354 } 1355 1356 if(!$threads && $mybb->input['type'] == "threads") 1357 { 1358 eval("\$threads = \"".$templates->get("modcp_modqueue_threads_empty")."\";"); 1359 } 1360 1361 if($threads) 1362 { 1363 add_breadcrumb($lang->mcp_nav_modqueue_threads, "modcp.php?action=modqueue&type=threads"); 1364 1365 $plugins->run_hooks("modcp_modqueue_threads_end"); 1366 1367 eval("\$mass_controls = \"".$templates->get("modcp_modqueue_masscontrols")."\";"); 1368 eval("\$threadqueue = \"".$templates->get("modcp_modqueue_threads")."\";"); 1369 output_page($threadqueue); 1370 } 1371 $type = 'threads'; 1372 } 1373 1374 if($mybb->input['type'] == "posts" || (!$mybb->input['type'] && !$threadqueue)) 1375 { 1376 $forum_cache = $cache->read("forums"); 1377 1378 $query = $db->query(" 1379 SELECT COUNT(pid) AS unapprovedposts 1380 FROM ".TABLE_PREFIX."posts p 1381 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 1382 WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid 1383 "); 1384 $unapproved_posts = $db->fetch_field($query, "unapprovedposts"); 1385 1386 // Figure out if we need to display multiple pages. 1387 if($mybb->input['page'] != "last") 1388 { 1389 $page = intval($mybb->input['page']); 1390 } 1391 1392 $perpage = $mybb->settings['postsperpage']; 1393 $pages = $unapproved_posts / $perpage; 1394 $pages = ceil($pages); 1395 1396 if($mybb->input['page'] == "last") 1397 { 1398 $page = $pages; 1399 } 1400 1401 if($page > $pages || $page <= 0) 1402 { 1403 $page = 1; 1404 } 1405 1406 if($page) 1407 { 1408 $start = ($page-1) * $perpage; 1409 } 1410 else 1411 { 1412 $start = 0; 1413 $page = 1; 1414 } 1415 1416 $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=posts"); 1417 1418 $query = $db->query(" 1419 SELECT p.pid, p.subject, p.message, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline 1420 FROM ".TABLE_PREFIX."posts p 1421 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 1422 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 1423 WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid 1424 ORDER BY p.dateline DESC 1425 LIMIT {$start}, {$perpage} 1426 "); 1427 while($post = $db->fetch_array($query)) 1428 { 1429 $altbg = alt_trow(); 1430 $post['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($post['threadsubject'])); 1431 $post['threadlink'] = get_thread_link($post['tid']); 1432 $post['forumlink'] = get_forum_link($post['fid']); 1433 $post['postlink'] = get_post_link($post['pid'], $post['tid']); 1434 $forum_name = $forum_cache[$post['fid']]['name']; 1435 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 1436 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 1437 $profile_link = build_profile_link($post['username'], $post['uid']); 1438 $thread = "<strong>{$lang->meta_thread} <a href=\"{$post['threadlink']}\">{$post['threadsubject']}</a></strong>"; 1439 $forum = "<strong>{$lang->meta_forum} <a href=\"{$post['forumlink']}\">{$forum_name}</a></strong><br />"; 1440 $post['message'] = nl2br(htmlspecialchars_uni($post['message'])); 1441 eval("\$posts .= \"".$templates->get("modcp_modqueue_posts_post")."\";"); 1442 } 1443 1444 if(!$posts && $mybb->input['type'] == "posts") 1445 { 1446 eval("\$posts = \"".$templates->get("modcp_modqueue_posts_empty")."\";"); 1447 } 1448 1449 if($posts) 1450 { 1451 add_breadcrumb($lang->mcp_nav_modqueue_posts, "modcp.php?action=modqueue&type=posts"); 1452 1453 $plugins->run_hooks("modcp_modqueue_posts_end"); 1454 1455 eval("\$mass_controls = \"".$templates->get("modcp_modqueue_masscontrols")."\";"); 1456 eval("\$postqueue = \"".$templates->get("modcp_modqueue_posts")."\";"); 1457 output_page($postqueue); 1458 } 1459 } 1460 1461 if($mybb->input['type'] == "attachments" || (!$mybb->input['type'] && !$postqueue && !$threadqueue)) 1462 { 1463 $query = $db->query(" 1464 SELECT COUNT(aid) AS unapprovedattachments 1465 FROM ".TABLE_PREFIX."attachments a 1466 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) 1467 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 1468 WHERE a.visible='0' {$tflist} 1469 "); 1470 $unapproved_attachments = $db->fetch_field($query, "unapprovedattachments"); 1471 1472 // Figure out if we need to display multiple pages. 1473 if($mybb->input['page'] != "last") 1474 { 1475 $page = intval($mybb->input['page']); 1476 } 1477 1478 $perpage = $mybb->settings['postsperpage']; 1479 $pages = $unapproved_attachments / $perpage; 1480 $pages = ceil($pages); 1481 1482 if($mybb->input['page'] == "last") 1483 { 1484 $page = $pages; 1485 } 1486 1487 if($page > $pages || $page <= 0) 1488 { 1489 $page = 1; 1490 } 1491 1492 if($page) 1493 { 1494 $start = ($page-1) * $perpage; 1495 } 1496 else 1497 { 1498 $start = 0; 1499 $page = 1; 1500 } 1501 1502 $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=attachments"); 1503 1504 $query = $db->query(" 1505 SELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject 1506 FROM ".TABLE_PREFIX."attachments a 1507 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) 1508 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 1509 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 1510 WHERE a.visible='0' 1511 ORDER BY a.dateuploaded DESC 1512 LIMIT {$start}, {$perpage} 1513 "); 1514 while($attachment = $db->fetch_array($query)) 1515 { 1516 $altbg = alt_trow(); 1517 1518 if(!$attachment['dateuploaded']) 1519 { 1520 $attachment['dateuploaded'] = $attachment['dateline']; 1521 } 1522 1523 $attachdate = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']); 1524 $attachtime = my_date($mybb->settings['timeformat'], $attachment['dateuploaded']); 1525 1526 $attachment['postsubject'] = htmlspecialchars_uni($attachment['postsubject']); 1527 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 1528 $attachment['threadsubject'] = htmlspecialchars_uni($attachment['threadsubject']); 1529 $attachment['filesize'] = get_friendly_size($attachment['filesize']); 1530 1531 $link = get_post_link($attachment['pid'], $attachment['tid']) . "#pid{$attachment['pid']}"; 1532 $thread_link = get_thread_link($attachment['tid']); 1533 $profile_link = build_profile_link($attachment['username'], $attachment['uid']); 1534 1535 eval("\$attachments .= \"".$templates->get("modcp_modqueue_attachments_attachment")."\";"); 1536 } 1537 1538 if(!$attachments && $mybb->input['type'] == "attachments") 1539 { 1540 eval("\$attachments = \"".$templates->get("modcp_modqueue_attachments_empty")."\";"); 1541 } 1542 1543 if($attachments) 1544 { 1545 add_breadcrumb($lang->mcp_nav_modqueue_attachments, "modcp.php?action=modqueue&type=attachments"); 1546 1547 $plugins->run_hooks("modcp_modqueue_attachments_end"); 1548 1549 eval("\$mass_controls = \"".$templates->get("modcp_modqueue_masscontrols")."\";"); 1550 eval("\$attachmentqueue = \"".$templates->get("modcp_modqueue_attachments")."\";"); 1551 output_page($attachmentqueue); 1552 } 1553 } 1554 1555 // Still nothing? All queues are empty! :-D 1556 if(!$threadqueue && !$postqueue && !$attachmentqueue) 1557 { 1558 add_breadcrumb($lang->mcp_nav_modqueue, "modcp.php?action=modqueue"); 1559 1560 $plugins->run_hooks("modcp_modqueue_end"); 1561 1562 eval("\$queue = \"".$templates->get("modcp_modqueue_empty")."\";"); 1563 output_page($queue); 1564 } 1565 } 1566 1567 if($mybb->input['action'] == "do_editprofile") 1568 { 1569 // Verify incoming POST request 1570 verify_post_check($mybb->input['my_post_key']); 1571 1572 $user = get_user($mybb->input['uid']); 1573 if(!$user['uid']) 1574 { 1575 error($lang->invalid_user); 1576 } 1577 1578 // Check if the current user has permission to edit this user 1579 if(!modcp_can_manage_user($user['uid'])) 1580 { 1581 error_no_permission(); 1582 } 1583 1584 $plugins->run_hooks("modcp_do_editprofile_start"); 1585 1586 // Set up user handler. 1587 require_once MYBB_ROOT."inc/datahandlers/user.php"; 1588 $userhandler = new UserDataHandler('update'); 1589 1590 // Set the data for the new user. 1591 $updated_user = array( 1592 "uid" => $mybb->input['uid'], 1593 "profile_fields" => $mybb->input['profile_fields'], 1594 "profile_fields_editable" => true, 1595 "website" => $mybb->input['website'], 1596 "icq" => $mybb->input['icq'], 1597 "aim" => $mybb->input['aim'], 1598 "yahoo" => $mybb->input['yahoo'], 1599 "msn" => $mybb->input['msn'], 1600 "signature" => $mybb->input['signature'], 1601 "usernotes" => $mybb->input['usernotes'] 1602 ); 1603 1604 $updated_user['birthday'] = array( 1605 "day" => $mybb->input['birthday_day'], 1606 "month" => $mybb->input['birthday_month'], 1607 "year" => $mybb->input['birthday_year'] 1608 ); 1609 1610 if($mybb->input['usertitle'] != '') 1611 { 1612 $updated_user['usertitle'] = $mybb->input['usertitle']; 1613 } 1614 else if($mybb->input['reverttitle']) 1615 { 1616 $updated_user['usertitle'] = ''; 1617 } 1618 1619 if($mybb->input['remove_avatar']) 1620 { 1621 $updated_user['avatarurl'] = ''; 1622 } 1623 1624 // Set the data of the user in the datahandler. 1625 $userhandler->set_data($updated_user); 1626 $errors = ''; 1627 1628 // Validate the user and get any errors that might have occurred. 1629 if(!$userhandler->validate_user()) 1630 { 1631 $errors = $userhandler->get_friendly_errors(); 1632 $mybb->input['action'] = "editprofile"; 1633 } 1634 else 1635 { 1636 // Are we removing an avatar from this user? 1637 if($mybb->input['remove_avatar']) 1638 { 1639 $extra_user_updates = array( 1640 "avatar" => "", 1641 "avatardimensions" => "", 1642 "avatartype" => "" 1643 ); 1644 remove_avatars($user['uid']); 1645 } 1646 1647 // Moderator "Options" (suspend signature, suspend/moderate posting) 1648 $moderator_options = array( 1649 1 => array( 1650 "action" => "suspendsignature", // The moderator action we're performing 1651 "period" => "action_period", // The time period we've selected from the dropdown box 1652 "time" => "action_time", // The time we've entered 1653 "update_field" => "suspendsignature", // The field in the database to update if true 1654 "update_length" => "suspendsigtime" // The length of suspension field in the database 1655 ), 1656 2 => array( 1657 "action" => "moderateposting", 1658 "period" => "modpost_period", 1659 "time" => "modpost_time", 1660 "update_field" => "moderateposts", 1661 "update_length" => "moderationtime" 1662 ), 1663 3 => array( 1664 "action" => "suspendposting", 1665 "period" => "suspost_period", 1666 "time" => "suspost_time", 1667 "update_field" => "suspendposting", 1668 "update_length" => "suspensiontime" 1669 ) 1670 ); 1671 1672 require_once MYBB_ROOT."inc/functions_warnings.php"; 1673 foreach($moderator_options as $option) 1674 { 1675 if(!$mybb->input[$option['action']]) 1676 { 1677 if($user[$option['update_field']] == 1) 1678 { 1679 // We're revoking the suspension 1680 $extra_user_updates[$option['update_field']] = 0; 1681 $extra_user_updates[$option['update_length']] = 0; 1682 } 1683 1684 // Skip this option if we haven't selected it 1685 continue; 1686 } 1687 1688 if($mybb->input[$option['action']]) 1689 { 1690 if(intval($mybb->input[$option['time']]) == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 1691 { 1692 // User has selected a type of ban, but not entered a valid time frame 1693 $string = $option['action']."_error"; 1694 $errors[] = $lang->$string; 1695 } 1696 1697 if(!is_array($errors)) 1698 { 1699 $suspend_length = fetch_time_length(intval($mybb->input[$option['time']]), $mybb->input[$option['period']]); 1700 1701 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 1702 { 1703 // We already have a suspension, but entered a new time 1704 if($suspend_length == "-1") 1705 { 1706 // Permanent ban on action 1707 $extra_user_updates[$option['update_length']] = 0; 1708 } 1709 elseif($suspend_length && $suspend_length != "-1") 1710 { 1711 // Temporary ban on action 1712 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 1713 } 1714 } 1715 elseif(!$user[$option['update_field']]) 1716 { 1717 // New suspension for this user... bad user! 1718 $extra_user_updates[$option['update_field']] = 1; 1719 if($suspend_length == "-1") 1720 { 1721 $extra_user_updates[$option['update_length']] = 0; 1722 } 1723 else 1724 { 1725 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 1726 } 1727 } 1728 } 1729 } 1730 } 1731 1732 // Those with javascript turned off will be able to select both - cheeky! 1733 // Check to make sure we're not moderating AND suspending posting 1734 if($extra_user_updates['moderateposts'] && $extra_user_updates['suspendposting']) 1735 { 1736 $errors[] = $lang->suspendmoderate_error; 1737 } 1738 1739 if(is_array($errors)) 1740 { 1741 $mybb->input['action'] = "editprofile"; 1742 } 1743 else 1744 { 1745 $plugins->run_hooks("modcp_do_editprofile_update"); 1746 1747 // Continue with the update if there is no errors 1748 $user_info = $userhandler->update_user(); 1749 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 1750 log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->edited_user); 1751 1752 $plugins->run_hooks("modcp_do_editprofile_end"); 1753 1754 redirect("modcp.php?action=finduser", $lang->redirect_user_updated); 1755 } 1756 } 1757 } 1758 1759 if($mybb->input['action'] == "editprofile") 1760 { 1761 add_breadcrumb($lang->mcp_nav_editprofile, "modcp.php?action=editprofile"); 1762 1763 $user = get_user($mybb->input['uid']); 1764 if(!$user['uid']) 1765 { 1766 error($lang->invalid_user); 1767 } 1768 1769 // Check if the current user has permission to edit this user 1770 if(!modcp_can_manage_user($user['uid'])) 1771 { 1772 error_no_permission(); 1773 } 1774 1775 if($user['website'] == "" || $user['website'] == "http://") 1776 { 1777 $user['website'] = "http://"; 1778 } 1779 1780 if($user['icq'] != "0") 1781 { 1782 $user['icq'] = intval($user['icq']); 1783 } 1784 if($user['icq'] == 0) 1785 { 1786 $user['icq'] = ""; 1787 } 1788 1789 if(!$errors) 1790 { 1791 $mybb->input = array_merge($user, $mybb->input); 1792 list($mybb->input['birthday_day'], $mybb->input['birthday_month'], $mybb->input['birthday_year']) = explode("-", $user['birthday']); 1793 } 1794 else 1795 { 1796 $errors = inline_error($errors); 1797 } 1798 1799 // Sanitize all input 1800 foreach(array('usertitle', 'website', 'icq', 'aim', 'yahoo', 'msn', 'signature', 'birthday_day', 'birthday_month', 'birthday_year') as $field) 1801 { 1802 $mybb->input[$field] = htmlspecialchars_uni($mybb->input[$field]); 1803 } 1804 1805 if($user['usertitle'] == "") 1806 { 1807 $query = $db->simple_select("usertitles", "*", "posts <='".$user['postnum']."'", array('order_by' => 'posts', 'order_dir' => 'DESC', 'limit' => 1)); 1808 $utitle = $db->fetch_array($query); 1809 $defaulttitle = $utitle['title']; 1810 } 1811 else 1812 { 1813 if(!$user['displaygroup']) 1814 { 1815 $user['displaygroup'] = $user['usergroup']; 1816 } 1817 1818 $displaygroupfields = array( 1819 "usertitle" 1820 ); 1821 $display_group = usergroup_displaygroup($user['displaygroup']); 1822 $defaulttitle = $display_group['usertitle']; 1823 } 1824 if(empty($user['usertitle'])) 1825 { 1826 $lang->current_custom_usertitle = ''; 1827 } 1828 1829 $bdaysel = ''; 1830 for($i = 1; $i <= 31; ++$i) 1831 { 1832 if($mybb->input['birthday_day'] == $i) 1833 { 1834 $bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 1835 } 1836 else 1837 { 1838 $bdaydaysel .= "<option value=\"$i\">$i</option>\n"; 1839 } 1840 } 1841 $bdaymonthsel[$mybb->input['birthday_month']] = 'selected="selected"'; 1842 1843 $plugins->run_hooks("modcp_editprofile_start"); 1844 1845 // Fetch profile fields 1846 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 1847 $user_fields = $db->fetch_array($query); 1848 1849 $requiredfields = ''; 1850 $customfields = ''; 1851 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 1852 while($profilefield = $db->fetch_array($query)) 1853 { 1854 $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); 1855 $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); 1856 $thing = explode("\n", $profilefield['type'], "2"); 1857 $type = $thing[0]; 1858 $options = $thing[1]; 1859 $field = "fid{$profilefield['fid']}"; 1860 $select = ''; 1861 if($errors) 1862 { 1863 $userfield = $mybb->input['profile_fields'][$field]; 1864 } 1865 else 1866 { 1867 $userfield = $user_fields[$field]; 1868 } 1869 if($type == "multiselect") 1870 { 1871 if($errors) 1872 { 1873 $useropts = $userfield; 1874 } 1875 else 1876 { 1877 $useropts = explode("\n", $userfield); 1878 } 1879 if(is_array($useropts)) 1880 { 1881 foreach($useropts as $key => $val) 1882 { 1883 $seloptions[$val] = $val; 1884 } 1885 } 1886 $expoptions = explode("\n", $options); 1887 if(is_array($expoptions)) 1888 { 1889 foreach($expoptions as $key => $val) 1890 { 1891 $val = trim($val); 1892 $val = str_replace("\n", "\\n", $val); 1893 1894 $sel = ""; 1895 if($val == $seloptions[$val]) 1896 { 1897 $sel = " selected=\"selected\""; 1898 } 1899 $select .= "<option value=\"$val\"$sel>$val</option>\n"; 1900 } 1901 if(!$profilefield['length']) 1902 { 1903 $profilefield['length'] = 3; 1904 } 1905 $code = "<select name=\"profile_fields[$field][]\" size=\"{$profilefield['length']}\" multiple=\"multiple\">$select</select>"; 1906 } 1907 } 1908 elseif($type == "select") 1909 { 1910 $expoptions = explode("\n", $options); 1911 if(is_array($expoptions)) 1912 { 1913 foreach($expoptions as $key => $val) 1914 { 1915 $val = trim($val); 1916 $val = str_replace("\n", "\\n", $val); 1917 $sel = ""; 1918 if($val == $userfield) 1919 { 1920 $sel = " selected=\"selected\""; 1921 } 1922 $select .= "<option value=\"$val\"$sel>$val</option>"; 1923 } 1924 if(!$profilefield['length']) 1925 { 1926 $profilefield['length'] = 1; 1927 } 1928 $code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>"; 1929 } 1930 } 1931 elseif($type == "radio") 1932 { 1933 $expoptions = explode("\n", $options); 1934 if(is_array($expoptions)) 1935 { 1936 foreach($expoptions as $key => $val) 1937 { 1938 $checked = ""; 1939 if($val == $userfield) 1940 { 1941 $checked = " checked=\"checked\""; 1942 } 1943 $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; 1944 } 1945 } 1946 } 1947 elseif($type == "checkbox") 1948 { 1949 if($errors) 1950 { 1951 $useropts = $userfield; 1952 } 1953 else 1954 { 1955 $useropts = explode("\n", $userfield); 1956 } 1957 if(is_array($useropts)) 1958 { 1959 foreach($useropts as $key => $val) 1960 { 1961 $seloptions[$val] = $val; 1962 } 1963 } 1964 $expoptions = explode("\n", $options); 1965 if(is_array($expoptions)) 1966 { 1967 foreach($expoptions as $key => $val) 1968 { 1969 $checked = ""; 1970 if($val == $seloptions[$val]) 1971 { 1972 $checked = " checked=\"checked\""; 1973 } 1974 $code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; 1975 } 1976 } 1977 } 1978 elseif($type == "textarea") 1979 { 1980 $value = htmlspecialchars_uni($userfield); 1981 $code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>"; 1982 } 1983 else 1984 { 1985 $value = htmlspecialchars_uni($userfield); 1986 $maxlength = ""; 1987 if($profilefield['maxlength'] > 0) 1988 { 1989 $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; 1990 } 1991 $code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />"; 1992 } 1993 if($profilefield['required'] == 1) 1994 { 1995 eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";"); 1996 } 1997 else 1998 { 1999 eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";"); 2000 } 2001 $altbg = alt_trow(); 2002 $code = ""; 2003 $select = ""; 2004 $val = ""; 2005 $options = ""; 2006 $expoptions = ""; 2007 $useropts = ""; 2008 $seloptions = ""; 2009 } 2010 if($customfields) 2011 { 2012 eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";"); 2013 } 2014 2015 $lang->edit_profile = $lang->sprintf($lang->edit_profile, $user['username']); 2016 $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); 2017 2018 $codebuttons = build_mycode_inserter("signature"); 2019 2020 // Do we mark the suspend signature box? 2021 if($user['suspendsignature'] || ($mybb->input['suspendsignature'] && !empty($errors))) 2022 { 2023 $checked = 1; 2024 $checked_item = "checked=\"checked\""; 2025 } 2026 else 2027 { 2028 $checked = 0; 2029 } 2030 2031 // Do we mark the moderate posts box? 2032 if($user['moderateposts'] || ($mybb->input['moderateposting'] && !empty($errors))) 2033 { 2034 $modpost_check = 1; 2035 $modpost_checked = "checked=\"checked\""; 2036 } 2037 else 2038 { 2039 $modpost_check = 0; 2040 } 2041 2042 // Do we mark the suspend posts box? 2043 if($user['suspendposting'] || ($mybb->input['suspendposting'] && !empty($errors))) 2044 { 2045 $suspost_check = 1; 2046 $suspost_checked = "checked=\"checked\""; 2047 } 2048 else 2049 { 2050 $suspost_check = 0; 2051 } 2052 2053 $moderator_options = array( 2054 1 => array( 2055 "action" => "suspendsignature", // The input action for this option 2056 "option" => "suspendsignature", // The field in the database that this option relates to 2057 "length" => "suspendsigtime", // The length of suspension field in the database 2058 "select_option" => "action" // The name of the select box of this option 2059 ), 2060 2 => array( 2061 "action" => "moderateposting", 2062 "option" => "moderateposts", 2063 "length" => "moderationtime", 2064 "select_option" => "modpost" 2065 ), 2066 3 => array( 2067 "action" => "suspendposting", 2068 "option" => "suspendposting", 2069 "length" => "suspensiontime", 2070 "select_option" => "suspost" 2071 ) 2072 ); 2073 2074 $periods = array( 2075 "hours" => $lang->expire_hours, 2076 "days" => $lang->expire_days, 2077 "weeks" => $lang->expire_weeks, 2078 "months" => $lang->expire_months, 2079 "never" => $lang->expire_permanent 2080 ); 2081 2082 foreach($moderator_options as $option) 2083 { 2084 // Display the suspension info, if this user has this option suspended 2085 if($user[$option['option']]) 2086 { 2087 if($user[$option['length']] == 0) 2088 { 2089 // User has a permanent ban 2090 $string = $option['option']."_perm"; 2091 $suspension_info = $lang->$string; 2092 } 2093 else 2094 { 2095 // User has a temporary (or limited) ban 2096 $string = $option['option']."_for"; 2097 $for_date = my_date($mybb->settings['dateformat'], $user[$option['length']]); 2098 $for_time = my_date($mybb->settings['timeformat'], $user[$option['length']]); 2099 $suspension_info = $lang->sprintf($lang->$string, $for_date, $for_time); 2100 } 2101 2102 switch($option['option']) 2103 { 2104 case "suspendsignature": 2105 eval("\$suspendsignature_info = \"".$templates->get("modcp_editprofile_suspensions_info")."\";"); 2106 break; 2107 case "moderateposts": 2108 eval("\$moderateposts_info = \"".$templates->get("modcp_editprofile_suspensions_info")."\";"); 2109 break; 2110 case "suspendposting": 2111 eval("\$suspendposting_info = \"".$templates->get("modcp_editprofile_suspensions_info")."\";"); 2112 break; 2113 } 2114 } 2115 2116 // Generate the boxes for this option 2117 $selection_options = ''; 2118 foreach($periods as $key => $value) 2119 { 2120 $string = $option['select_option']."_period"; 2121 if($mybb->input[$string] == $key) 2122 { 2123 $selected = "selected=\"selected\""; 2124 } 2125 else 2126 { 2127 $selected = ''; 2128 } 2129 2130 eval("\$selection_options .= \"".$templates->get("modcp_editprofile_select_option")."\";"); 2131 } 2132 2133 $select_name = $option['select_option']."_period"; 2134 switch($option['option']) 2135 { 2136 case "suspendsignature": 2137 eval("\$action_options = \"".$templates->get("modcp_editprofile_select")."\";"); 2138 break; 2139 case "moderateposts": 2140 eval("\$modpost_options = \"".$templates->get("modcp_editprofile_select")."\";"); 2141 break; 2142 case "suspendposting": 2143 eval("\$suspost_options = \"".$templates->get("modcp_editprofile_select")."\";"); 2144 break; 2145 } 2146 } 2147 2148 eval("\$suspend_signature = \"".$templates->get("modcp_editprofile_signature")."\";"); 2149 2150 $plugins->run_hooks("modcp_editprofile_end"); 2151 2152 eval("\$edituser = \"".$templates->get("modcp_editprofile")."\";"); 2153 output_page($edituser); 2154 } 2155 2156 if($mybb->input['action'] == "finduser") 2157 { 2158 add_breadcrumb($lang->mcp_nav_users, "modcp.php?action=finduser"); 2159 2160 $perpage = intval($mybb->input['perpage']); 2161 if(!$perpage || $perpage <= 0) 2162 { 2163 $perpage = $mybb->settings['threadsperpage']; 2164 } 2165 $where = ''; 2166 2167 if($mybb->input['username']) 2168 { 2169 $where = " AND LOWER(username) LIKE '%".my_strtolower($db->escape_string_like($mybb->input['username']))."%'"; 2170 } 2171 2172 // Sort order & direction 2173 switch($mybb->input['sortby']) 2174 { 2175 case "lastvisit": 2176 $sortby = "lastvisit"; 2177 break; 2178 case "postnum": 2179 $sortby = "postnum"; 2180 break; 2181 case "username": 2182 $sortby = "username"; 2183 break; 2184 default: 2185 $sortby = "regdate"; 2186 } 2187 $order = $mybb->input['order']; 2188 if($order != "asc") 2189 { 2190 $order = "desc"; 2191 } 2192 2193 $query = $db->simple_select("users", "COUNT(uid) AS count", "1=1 {$where}"); 2194 $user_count = $db->fetch_field($query, "count"); 2195 2196 // Figure out if we need to display multiple pages. 2197 if($mybb->input['page'] != "last") 2198 { 2199 $page = intval($mybb->input['page']); 2200 } 2201 2202 $pages = $user_count / $perpage; 2203 $pages = ceil($pages); 2204 2205 if($mybb->input['page'] == "last") 2206 { 2207 $page = $pages; 2208 } 2209 2210 if($page > $pages || $page <= 0) 2211 { 2212 $page = 1; 2213 } 2214 if($page) 2215 { 2216 $start = ($page-1) * $perpage; 2217 } 2218 else 2219 { 2220 $start = 0; 2221 $page = 1; 2222 } 2223 2224 $page_url = 'modcp.php?action=finduser'; 2225 foreach(array('username', 'sortby', 'order') as $field) 2226 { 2227 if($mybb->input[$field]) 2228 { 2229 $page_url .= "&{$field}=".htmlspecialchars_uni($mybb->input[$field]); 2230 $mybb->input[$field] = htmlspecialchars_uni($mybb->input[$field]); 2231 } 2232 } 2233 2234 $multipage = multipage($user_count, $perpage, $page, $page_url); 2235 2236 $usergroups_cache = $cache->read("usergroups"); 2237 2238 $plugins->run_hooks("modcp_finduser_start"); 2239 2240 // Fetch out results 2241 $query = $db->simple_select("users", "*", "1=1 {$where}", array("order_by" => $sortby, "order_dir" => $order, "limit" => $perpage, "limit_start" => $start)); 2242 while($user = $db->fetch_array($query)) 2243 { 2244 $alt_row = alt_trow(); 2245 $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 2246 $user['postnum'] = my_number_format($user['postnum']); 2247 $regdate = my_date($mybb->settings['dateformat'], $user['regdate']); 2248 $regtime = my_date($mybb->settings['timeformat'], $user['regdate']); 2249 $lastdate = my_date($mybb->settings['dateformat'], $user['lastvisit']); 2250 $lasttime = my_date($mybb->settings['timeformat'], $user['lastvisit']); 2251 $usergroup = $usergroups_cache[$user['usergroup']]['title']; 2252 eval("\$users .= \"".$templates->get("modcp_finduser_user")."\";"); 2253 } 2254 2255 // No results? 2256 if(!$users) 2257 { 2258 eval("\$users = \"".$templates->get("modcp_finduser_noresults")."\";"); 2259 } 2260 2261 $plugins->run_hooks("modcp_finduser_end"); 2262 2263 eval("\$finduser = \"".$templates->get("modcp_finduser")."\";"); 2264 output_page($finduser); 2265 } 2266 2267 if($mybb->input['action'] == "warninglogs") 2268 { 2269 add_breadcrumb($lang->mcp_nav_warninglogs, "modcp.php?action=warninglogs"); 2270 2271 // Filter options 2272 $where_sql = ''; 2273 if($mybb->input['filter']['username']) 2274 { 2275 $search['username'] = $db->escape_string($mybb->input['filter']['username']); 2276 $query = $db->simple_select("users", "uid", "username='{$search['username']}'"); 2277 $mybb->input['filter']['uid'] = $db->fetch_field($query, "uid"); 2278 $mybb->input['filter']['username'] = htmlspecialchars_uni($mybb->input['filter']['username']); 2279 } 2280 if($mybb->input['filter']['uid']) 2281 { 2282 $search['uid'] = intval($mybb->input['filter']['uid']); 2283 $where_sql .= " AND w.uid='{$search['uid']}'"; 2284 if(!isset($mybb->input['search']['username'])) 2285 { 2286 $user = get_user($mybb->input['search']['uid']); 2287 $mybb->input['search']['username'] = htmlspecialchars_uni($user['username']); 2288 } 2289 } 2290 if($mybb->input['filter']['mod_username']) 2291 { 2292 $search['mod_username'] = $db->escape_string($mybb->input['filter']['mod_username']); 2293 $query = $db->simple_select("users", "uid", "username='{$search['mod_username']}'"); 2294 $mybb->input['filter']['mod_uid'] = $db->fetch_field($query, "uid"); 2295 $mybb->input['filter']['mod_username'] = htmlspecialchars_uni($mybb->input['filter']['mod_username']); 2296 } 2297 if($mybb->input['filter']['mod_uid']) 2298 { 2299 $search['mod_uid'] = intval($mybb->input['filter']['mod_uid']); 2300 $where_sql .= " AND w.issuedby='{$search['mod_uid']}'"; 2301 if(!isset($mybb->input['search']['mod_username'])) 2302 { 2303 $mod_user = get_user($mybb->input['search']['uid']); 2304 $mybb->input['search']['mod_username'] = htmlspecialchars_uni($mod_user['username']); 2305 } 2306 } 2307 if($mybb->input['filter']['reason']) 2308 { 2309 $search['reason'] = $db->escape_string($mybb->input['filter']['reason']); 2310 $where_sql .= " AND (w.notes LIKE '%{$search['reason']}%' OR t.title LIKE '%{$search['reason']}%' OR w.title LIKE '%{$search['reason']}%')"; 2311 $mybb->input['filter']['reason'] = htmlspecialchars_uni($mybb->input['filter']['reason']); 2312 } 2313 $sortbysel = array(); 2314 switch($mybb->input['filter']['sortby']) 2315 { 2316 case "username": 2317 $sortby = "u.username"; 2318 $sortbysel['username'] = ' selected="selected"'; 2319 break; 2320 case "expires": 2321 $sortby = "w.expires"; 2322 $sortbysel['expires'] = ' selected="selected"'; 2323 break; 2324 case "issuedby": 2325 $sortby = "i.username"; 2326 $sortbysel['issuedby'] = ' selected="selected"'; 2327 break; 2328 default: // "dateline" 2329 $sortby = "w.dateline"; 2330 $sortbysel['dateline'] = ' selected="selected"'; 2331 } 2332 $order = $mybb->input['filter']['order']; 2333 $ordersel = array(); 2334 if($order != "asc") 2335 { 2336 $order = "desc"; 2337 $ordersel['desc'] = ' selected="selected"'; 2338 } 2339 else 2340 { 2341 $ordersel['asc'] = ' selected="selected"'; 2342 } 2343 2344 $plugins->run_hooks("modcp_warninglogs_start"); 2345 2346 // Pagination stuff 2347 $sql = " 2348 SELECT COUNT(wid) as count 2349 FROM 2350 ".TABLE_PREFIX."warnings w 2351 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (w.tid=t.tid) 2352 WHERE 1=1 2353 {$where_sql} 2354 "; 2355 $query = $db->query($sql); 2356 $total_warnings = $db->fetch_field($query, 'count'); 2357 $page = 1; 2358 if(isset($mybb->input['page']) && intval($mybb->input['page']) > 0) 2359 { 2360 $page = intval($mybb->input['page']); 2361 } 2362 $per_page = 20; 2363 if(isset($mybb->input['filter']['per_page']) && intval($mybb->input['filter']['per_page']) > 0) 2364 { 2365 $per_page = intval($mybb->input['filter']['per_page']); 2366 } 2367 $start = ($page-1) * $per_page; 2368 // Build the base URL for pagination links 2369 $url = 'modcp.php?action=warninglogs'; 2370 if(is_array($mybb->input['filter']) && count($mybb->input['filter'])) 2371 { 2372 foreach($mybb->input['filter'] as $field => $value) 2373 { 2374 $value = urlencode($value); 2375 $url .= "&filter[{$field}]={$value}"; 2376 } 2377 } 2378 $multipage = multipage($total_warnings, $per_page, $page, $url); 2379 2380 // The actual query 2381 $sql = " 2382 SELECT 2383 w.wid, w.title as custom_title, w.points, w.dateline, w.issuedby, w.expires, w.expired, w.daterevoked, w.revokedby, 2384 t.title, 2385 u.uid, u.username, u.usergroup, u.displaygroup, 2386 i.uid as mod_uid, i.username as mod_username, i.usergroup as mod_usergroup, i.displaygroup as mod_displaygroup 2387 FROM ".TABLE_PREFIX."warnings w 2388 LEFT JOIN ".TABLE_PREFIX."users u ON (w.uid=u.uid) 2389 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (w.tid=t.tid) 2390 LEFT JOIN ".TABLE_PREFIX."users i ON (i.uid=w.issuedby) 2391 WHERE 1=1 2392 {$where_sql} 2393 ORDER BY {$sortby} {$order} 2394 LIMIT {$start}, {$per_page} 2395 "; 2396 $query = $db->query($sql); 2397 2398 2399 $warning_list = ''; 2400 while($row = $db->fetch_array($query)) 2401 { 2402 $trow = alt_trow(); 2403 $username = format_name($row['username'], $row['usergroup'], $row['displaygroup']); 2404 $username_link = build_profile_link($username, $row['uid']); 2405 $mod_username = format_name($row['mod_username'], $row['mod_usergroup'], $row['mod_displaygroup']); 2406 $mod_username_link = build_profile_link($mod_username, $row['mod_uid']); 2407 $issued_date = my_date($mybb->settings['dateformat'], $row['dateline']).' '.my_date($mybb->settings['timeformat'], $row['dateline']); 2408 $revoked_text = ''; 2409 if($row['daterevoked'] > 0) 2410 { 2411 $revoked_date = my_date($mybb->settings['dateformat'], $row['daterevoked']).' '.my_date($mybb->settings['timeformat'], $row['daterevoked']); 2412 eval("\$revoked_text = \"".$templates->get("modcp_warninglogs_warning_revoked")."\";"); 2413 } 2414 if($row['expires'] > 0) 2415 { 2416 $expire_date = my_date($mybb->settings['dateformat'], $row['expires']).' '.my_date($mybb->settings['timeformat'], $row['expires']); 2417 } 2418 else 2419 { 2420 $expire_date = $lang->never; 2421 } 2422 $title = $row['title']; 2423 if(empty($row['title'])) 2424 { 2425 $title = $row['custom_title']; 2426 } 2427 $title = htmlspecialchars_uni($title); 2428 if($row['points'] >= 0) 2429 { 2430 $points = '+'.$row['points']; 2431 } 2432 2433 eval("\$warning_list .= \"".$templates->get("modcp_warninglogs_warning")."\";"); 2434 } 2435 2436 if(!$warning_list) 2437 { 2438 eval("\$warning_list = \"".$templates->get("modcp_warninglogs_nologs")."\";"); 2439 } 2440 2441 $plugins->run_hooks("modcp_warninglogs_end"); 2442 2443 eval("\$warninglogs = \"".$templates->get("modcp_warninglogs")."\";"); 2444 output_page($warninglogs); 2445 } 2446 2447 if($mybb->input['action'] == "ipsearch") 2448 { 2449 add_breadcrumb($lang->mcp_nav_ipsearch, "modcp.php?action=ipsearch"); 2450 2451 if($mybb->input['ipaddress']) 2452 { 2453 if(!is_array($groupscache)) 2454 { 2455 $groupscache = $cache->read("usergroups"); 2456 } 2457 2458 $ipaddressvalue = htmlspecialchars_uni($mybb->input['ipaddress']); 2459 2460 // Searching post IP addresses 2461 if($mybb->input['search_posts']) 2462 { 2463 // IPv6 IP 2464 if(strpos($mybb->input['ipaddress'], ":") !== false) 2465 { 2466 $post_ip_sql = "ipaddress LIKE '".$db->escape_string(str_replace("*", "%", $mybb->input['ipaddress']))."'"; 2467 } 2468 else 2469 { 2470 $ip_range = fetch_longipv4_range($mybb->input['ipaddress']); 2471 if(!is_array($ip_range)) 2472 { 2473 $post_ip_sql = "longipaddress='{$ip_range}'"; 2474 } 2475 else 2476 { 2477 $post_ip_sql = "longipaddress > '{$ip_range[0]}' AND longipaddress < '{$ip_range[1]}'"; 2478 } 2479 } 2480 $plugins->run_hooks("modcp_ipsearch_posts_start"); 2481 $query = $db->query(" 2482 SELECT COUNT(pid) AS count 2483 FROM ".TABLE_PREFIX."posts 2484 WHERE {$post_ip_sql} 2485 "); 2486 $post_results = $db->fetch_field($query, "count"); 2487 } 2488 2489 // Searching user IP addresses 2490 if($mybb->input['search_users']) 2491 { 2492 // IPv6 IP 2493 if(strpos($mybb->input['ipaddress'], ":") !== false) 2494 { 2495 $user_ip_sql = "regip LIKE '".$db->escape_string(str_replace("*", "%", $mybb->input['ipaddress']))."' OR lastip LIKE '".$db->escape_string(str_replace("*", "%", $mybb->input['ipaddress']))."'"; 2496 } 2497 else 2498 { 2499 $ip_range = fetch_longipv4_range($mybb->input['ipaddress']); 2500 if(!is_array($ip_range)) 2501 { 2502 $user_ip_sql = "longregip='{$ip_range}' OR longlastip='{$ip_range}'"; 2503 } 2504 else 2505 { 2506 $user_ip_sql = "(longregip > '{$ip_range[0]}' AND longregip < '{$ip_range[1]}') OR (longlastip > '{$ip_range[0]}' AND longlastip < '{$ip_range[1]}')"; 2507 } 2508 } 2509 $plugins->run_hooks("modcp_ipsearch_users_start"); 2510 $query = $db->query(" 2511 SELECT COUNT(uid) AS count 2512 FROM ".TABLE_PREFIX."users 2513 WHERE {$user_ip_sql} 2514 "); 2515 $user_results = $db->fetch_field($query, "count"); 2516 } 2517 2518 $total_results = $post_results+$user_results; 2519 2520 // Now we have the result counts, paginate 2521 $perpage = intval($mybb->input['perpage']); 2522 if(!$perpage || $perpage <= 0) 2523 { 2524 $perpage = $mybb->settings['threadsperpage']; 2525 } 2526 2527 // Figure out if we need to display multiple pages. 2528 if($mybb->input['page'] != "last") 2529 { 2530 $page = intval($mybb->input['page']); 2531 } 2532 2533 $pages = $total_results / $perpage; 2534 $pages = ceil($pages); 2535 2536 if($mybb->input['page'] == "last") 2537 { 2538 $page = $pages; 2539 } 2540 2541 if($page > $pages || $page <= 0) 2542 { 2543 $page = 1; 2544 } 2545 2546 if($page) 2547 { 2548 $start = ($page-1) * $perpage; 2549 } 2550 else 2551 { 2552 $start = 0; 2553 $page = 1; 2554 } 2555 2556 $page_url = "modcp.php?action=ipsearch&perpage={$perpage}"; 2557 foreach(array('ipaddress', 'search_users', 'search_posts') as $input) 2558 { 2559 if(!$mybb->input[$input]) continue; 2560 $page_url .= "&{$input}=".htmlspecialchars_uni($mybb->input[$input]); 2561 } 2562 $multipage = multipage($total_results, $perpage, $page, $page_url); 2563 2564 $post_limit = $perpage; 2565 if($mybb->input['search_users'] && $start <= $user_results) 2566 { 2567 $query = $db->query(" 2568 SELECT username, uid, regip, lastip 2569 FROM ".TABLE_PREFIX."users 2570 WHERE {$user_ip_sql} 2571 ORDER BY regdate DESC 2572 LIMIT {$start}, {$perpage} 2573 "); 2574 while($ipaddress = $db->fetch_array($query)) 2575 { 2576 $result = false; 2577 $profile_link = build_profile_link($ipaddress['username'], $ipaddress['uid']); 2578 $trow = alt_trow(); 2579 $regexp_ip = str_replace("\*", "(.*)", preg_quote($mybb->input['ipaddress'], "#")); 2580 // Reg IP matches 2581 if(preg_match("#{$regexp_ip}#i", $ipaddress['regip'])) 2582 { 2583 $ip = $ipaddress['regip']; 2584 $subject = "<strong>{$lang->ipresult_regip}</strong> {$profile_link}"; 2585 eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";"); 2586 $result = true; 2587 } 2588 // Last known IP matches 2589 if(preg_match("#{$regexp_ip}#i", $ipaddress['lastip'])) 2590 { 2591 $ip = $ipaddress['lastip']; 2592 $subject = "<strong>{$lang->ipresult_lastip}</strong> {$profile_link}"; 2593 eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";"); 2594 $result = true; 2595 } 2596 2597 if($result) 2598 { 2599 --$post_limit; 2600 } 2601 } 2602 } 2603 $post_start = 0; 2604 if($total_results > $user_results && $post_limit) 2605 { 2606 $post_start = $start-$user_results; 2607 if($post_start < 0) 2608 { 2609 $post_start = 0; 2610 } 2611 } 2612 if($mybb->input['search_posts'] && (!$mybb->input['search_users'] || ($mybb->input['search_users'] && $post_limit > 0))) 2613 { 2614 $ipaddresses = $tids = $uids = array(); 2615 $query = $db->query(" 2616 SELECT username AS postusername, uid, subject, pid, tid, ipaddress 2617 FROM ".TABLE_PREFIX."posts 2618 WHERE {$post_ip_sql} 2619 ORDER BY dateline DESC 2620 LIMIT {$post_start}, {$post_limit} 2621 "); 2622 while($ipaddress = $db->fetch_array($query)) 2623 { 2624 $tids[$ipaddress['tid']] = $ipaddress['pid']; 2625 $uids[$ipaddress['uid']] = $ipaddress['pid']; 2626 $ipaddresses[$ipaddress['pid']] = $ipaddress; 2627 } 2628 2629 if(!empty($ipaddresses)) 2630 { 2631 $query = $db->simple_select("threads", "subject, tid", "tid IN(".implode(',', array_keys($tids)).")"); 2632 while($thread = $db->fetch_array($query)) 2633 { 2634 $ipaddresses[$tids[$thread['tid']]]['threadsubject'] = $thread['subject']; 2635 } 2636 unset($tids); 2637 2638 $query = $db->simple_select("users", "username, uid", "uid IN(".implode(',', array_keys($uids)).")"); 2639 while($user = $db->fetch_array($query)) 2640 { 2641 $ipaddresses[$uids[$user['uid']]]['username'] = $user['username']; 2642 } 2643 unset($uids); 2644 2645 foreach($ipaddresses as $ipaddress) 2646 { 2647 $ip = $ipaddress['ipaddress']; 2648 if(!$ipaddress['username']) $ipaddress['username'] = $ipaddress['postusername']; // Guest username support 2649 $trow = alt_trow(); 2650 if(!$ipaddress['subject']) 2651 { 2652 $ipaddress['subject'] = "RE: {$ipaddress['threadsubject']}"; 2653 } 2654 $subject = "<strong>{$lang->ipresult_post}</strong> <a href=\"".get_post_link($ipaddress['pid'], $ipaddress['tid'])."\">".htmlspecialchars_uni($ipaddress['subject'])."</a> {$lang->by} ".build_profile_link($ipaddress['username'], $ipaddress['uid']); 2655 eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";"); 2656 } 2657 } 2658 } 2659 2660 if(!$results) 2661 { 2662 eval("\$results = \"".$templates->get("modcp_ipsearch_noresults")."\";"); 2663 } 2664 2665 if($ipaddressvalue) 2666 { 2667 $lang->ipsearch_results = $lang->sprintf($lang->ipsearch_results, $ipaddressvalue); 2668 } 2669 else 2670 { 2671 $lang->ipsearch_results = $lang->ipsearch; 2672 } 2673 2674 if(!strstr($mybb->input['ipaddress'], "*") && !strstr($mybb->input['ipaddress'], ":")) 2675 { 2676 $misc_info_link = "<div class=\"float_right\">(<a href=\"modcp.php?action=iplookup&ipaddress=".htmlspecialchars_uni($mybb->input['ipaddress'])."\" onclick=\"MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress=".htmlspecialchars_uni($mybb->input['ipaddress'])."', 'iplookup', 500, 250); return false;\">{$lang->info_on_ip}</a>)</div>"; 2677 } 2678 2679 eval("\$ipsearch_results = \"".$templates->get("modcp_ipsearch_results")."\";"); 2680 } 2681 2682 // Fetch filter options 2683 if(!$mybb->input['ipaddress']) 2684 { 2685 $mybb->input['search_posts'] = 1; 2686 $mybb->input['search_users'] = 1; 2687 } 2688 if($mybb->input['search_posts']) 2689 { 2690 $postsearchselect = "checked=\"checked\""; 2691 } 2692 if($mybb->input['search_users']) 2693 { 2694 $usersearchselect = "checked=\"checked\""; 2695 } 2696 2697 $plugins->run_hooks("modcp_ipsearch_end"); 2698 2699 eval("\$ipsearch = \"".$templates->get("modcp_ipsearch")."\";"); 2700 output_page($ipsearch); 2701 } 2702 2703 if($mybb->input['action'] == "iplookup") 2704 { 2705 $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress'])); 2706 $ipaddress_location = $lang->na; 2707 $ipaddress_host_name = $lang->na; 2708 $modcp_ipsearch_misc_info = ''; 2709 if(!strstr($mybb->input['ipaddress'], "*") && !strstr($mybb->input['ipaddress'], ":")) 2710 { 2711 // Return GeoIP information if it is available to us 2712 if(function_exists('geoip_record_by_name')) 2713 { 2714 $ip_record = @geoip_record_by_name($mybb->input['ipaddress']); 2715 if($ip_record) 2716 { 2717 $ipaddress_location = htmlspecialchars_uni($ip_record['country_name']); 2718 if($ip_record['city']) 2719 { 2720 $ipaddress_location .= $lang->comma.htmlspecialchars_uni($ip_record['city']); 2721 } 2722 } 2723 } 2724 2725 $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress'])); 2726 2727 // gethostbyaddr returns the same ip on failure 2728 if($ipaddress_host_name == $mybb->input['ipaddress']) 2729 { 2730 $ipaddress_host_name = $lang->na; 2731 } 2732 } 2733 2734 $plugins->run_hooks("modcp_iplookup_end"); 2735 2736 eval("\$iplookup = \"".$templates->get('modcp_ipsearch_misc_info')."\";"); 2737 output_page($iplookup); 2738 } 2739 2740 if($mybb->input['action'] == "banning") 2741 { 2742 add_breadcrumb($lang->mcp_nav_banning, "modcp.php?action=banning"); 2743 2744 if(!$mybb->settings['threadsperpage']) 2745 { 2746 $mybb->settings['threadsperpage'] = 20; 2747 } 2748 2749 // Figure out if we need to display multiple pages. 2750 $perpage = $mybb->settings['threadsperpage']; 2751 if($mybb->input['page'] != "last") 2752 { 2753 $page = intval($mybb->input['page']); 2754 } 2755 2756 $query = $db->simple_select("banned", "COUNT(uid) AS count"); 2757 $banned_count = $db->fetch_field($query, "count"); 2758 2759 $postcount = intval($banned_count); 2760 $pages = $postcount / $perpage; 2761 $pages = ceil($pages); 2762 2763 if($mybb->input['page'] == "last") 2764 { 2765 $page = $pages; 2766 } 2767 2768 if($page > $pages || $page <= 0) 2769 { 2770 $page = 1; 2771 } 2772 2773 if($page) 2774 { 2775 $start = ($page-1) * $perpage; 2776 } 2777 else 2778 { 2779 $start = 0; 2780 $page = 1; 2781 } 2782 $upper = $start+$perpage; 2783 2784 $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=banning"); 2785 if($postcount > $perpage) 2786 { 2787 eval("\$allbannedpages = \"".$templates->get("modcp_banning_multipage")."\";"); 2788 } 2789 2790 $plugins->run_hooks("modcp_banning_start"); 2791 2792 $query = $db->query(" 2793 SELECT b.*, a.username AS adminuser, u.username 2794 FROM ".TABLE_PREFIX."banned b 2795 LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) 2796 LEFT JOIN ".TABLE_PREFIX."users a ON (b.admin=a.uid) 2797 ORDER BY lifted ASC 2798 LIMIT {$start}, {$perpage} 2799 "); 2800 2801 // Get the banned users 2802 while($banned = $db->fetch_array($query)) 2803 { 2804 $profile_link = build_profile_link($banned['username'], $banned['uid']); 2805 2806 // Only show the edit & lift links if current user created ban, or is super mod/admin 2807 $edit_link = ''; 2808 if($mybb->user['uid'] == $banned['admin'] || !$banned['adminuser'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1) 2809 { 2810 $edit_link = "<br /><span class=\"smalltext\"><a href=\"modcp.php?action=banuser&uid={$banned['uid']}\">{$lang->edit_ban}</a> | <a href=\"modcp.php?action=liftban&uid={$banned['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></span>"; 2811 } 2812 2813 $admin_profile = build_profile_link($banned['adminuser'], $banned['admin']); 2814 2815 $trow = alt_trow(); 2816 2817 if($banned['reason']) 2818 { 2819 $banned['reason'] = htmlspecialchars_uni($parser->parse_badwords($banned['reason'])); 2820 } 2821 else 2822 { 2823 $banned['reason'] = $lang->na; 2824 } 2825 2826 if($banned['lifted'] == 'perm' || $banned['lifted'] == '' || $banned['bantime'] == 'perm' || $banned['bantime'] == '---') 2827 { 2828 $banlength = $lang->permanent; 2829 $timeremaining = $lang->na; 2830 } 2831 else 2832 { 2833 $banlength = $bantimes[$banned['bantime']]; 2834 $remaining = $banned['lifted']-TIME_NOW; 2835 2836 $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; 2837 2838 if($remaining < 3600) 2839 { 2840 $timeremaining = "<span style=\"color: red;\">({$timeremaining} {$lang->ban_remaining})</span>"; 2841 } 2842 else if($remaining < 86400) 2843 { 2844 $timeremaining = "<span style=\"color: maroon;\">({$timeremaining} {$lang->ban_remaining})</span>"; 2845 } 2846 else if($remaining < 604800) 2847 { 2848 $timeremaining = "<span style=\"color: green;\">({$timeremaining} {$lang->ban_remaining})</span>"; 2849 } 2850 else 2851 { 2852 $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; 2853 } 2854 } 2855 2856 eval("\$bannedusers .= \"".$templates->get("modcp_banning_ban")."\";"); 2857 } 2858 2859 if(!$bannedusers) 2860 { 2861 eval("\$bannedusers = \"".$templates->get("modcp_banning_nobanned")."\";"); 2862 } 2863 2864 $plugins->run_hooks("modcp_banning"); 2865 2866 eval("\$bannedpage = \"".$templates->get("modcp_banning")."\";"); 2867 output_page($bannedpage); 2868 } 2869 2870 if($mybb->input['action'] == "liftban") 2871 { 2872 // Verify incoming POST request 2873 verify_post_check($mybb->input['my_post_key']); 2874 2875 $query = $db->simple_select("banned", "*", "uid='".intval($mybb->input['uid'])."'"); 2876 $ban = $db->fetch_array($query); 2877 2878 if(!$ban['uid']) 2879 { 2880 error($lang->error_invalidban); 2881 } 2882 2883 // Permission to edit this ban? 2884 if($mybb->user['uid'] != $ban['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1) 2885 { 2886 error_no_permission(); 2887 } 2888 2889 $plugins->run_hooks("modcp_liftban_start"); 2890 2891 $updated_group = array( 2892 'usergroup' => $ban['oldgroup'], 2893 'additionalgroups' => $ban['oldadditionalgroups'], 2894 'displaygroup' => $ban['olddisplaygroup'] 2895 ); 2896 $db->update_query("users", $updated_group, "uid='{$ban['uid']}'"); 2897 $db->delete_query("banned", "uid='{$ban['uid']}'"); 2898 2899 $cache->update_banned(); 2900 $cache->update_moderators(); 2901 2902 $plugins->run_hooks("modcp_liftban_end"); 2903 2904 redirect("modcp.php?action=banning", $lang->redirect_banlifted); 2905 } 2906 2907 if($mybb->input['action'] == "do_banuser" && $mybb->request_method == "post") 2908 { 2909 // Verify incoming POST request 2910 verify_post_check($mybb->input['my_post_key']); 2911 2912 // Editing an existing ban 2913 if($mybb->input['uid']) 2914 { 2915 // Get the users info from their uid 2916 $query = $db->query(" 2917 SELECT b.*, u.uid, u.usergroup, u.additionalgroups, u.displaygroup 2918 FROM ".TABLE_PREFIX."banned b 2919 LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) 2920 WHERE b.uid='{$mybb->input['uid']}' 2921 "); 2922 $user = $db->fetch_array($query); 2923 if(!$user['uid']) 2924 { 2925 error($lang->error_invalidban); 2926 } 2927 2928 // Permission to edit this ban? 2929 if($mybb->user['uid'] != $user['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1) 2930 { 2931 error_no_permission(); 2932 } 2933 } 2934 // Creating a new ban 2935 else 2936 { 2937 // Get the users info from their Username 2938 $query = $db->simple_select("users", "uid, usergroup, additionalgroups, displaygroup", "username = '".$db->escape_string($mybb->input['username'])."'", array('limit' => 1)); 2939 $user = $db->fetch_array($query); 2940 if(!$user['uid']) 2941 { 2942 $errors[] = $lang->invalid_username; 2943 } 2944 } 2945 2946 if($user['uid'] == $mybb->user['uid']) 2947 { 2948 $errors[] = $lang->error_cannotbanself; 2949 } 2950 2951 // Have permissions to ban this user? 2952 if(!modcp_can_manage_user($user['uid'])) 2953 { 2954 $errors[] = $lang->error_cannotbanuser; 2955 } 2956 2957 // Check for an incoming reason 2958 if(!$mybb->input['banreason']) 2959 { 2960 $errors[] = $lang->error_nobanreason; 2961 } 2962 2963 // Check banned group 2964 $query = $db->simple_select("usergroups", "gid", "isbannedgroup=1 AND gid='".intval($mybb->input['usergroup'])."'"); 2965 if(!$db->fetch_field($query, "gid")) 2966 { 2967 $errors[] = $lang->error_nobangroup; 2968 } 2969 2970 // If this is a new ban, we check the user isn't already part of a banned group 2971 if(!$mybb->input['uid'] && $user['uid']) 2972 { 2973 $query = $db->simple_select("banned", "uid", "uid='{$user['uid']}'"); 2974 if($db->fetch_field($query, "uid")) 2975 { 2976 $errors[] = $lang->error_useralreadybanned; 2977 } 2978 } 2979 2980 $plugins->run_hooks("modcp_do_banuser_start"); 2981 2982 // Still no errors? Ban the user 2983 if(!$errors) 2984 { 2985 // Ban the user 2986 if($mybb->input['liftafter'] == '---') 2987 { 2988 $lifted = 0; 2989 } 2990 else 2991 { 2992 $lifted = ban_date2timestamp($mybb->input['liftafter'], $user['dateline']); 2993 } 2994 2995 if($mybb->input['uid']) 2996 { 2997 $update_array = array( 2998 'gid' => intval($mybb->input['usergroup']), 2999 'admin' => intval($mybb->user['uid']), 3000 'dateline' => TIME_NOW, 3001 'bantime' => $db->escape_string($mybb->input['liftafter']), 3002 'lifted' => $db->escape_string($lifted), 3003 'reason' => $db->escape_string($mybb->input['banreason']) 3004 ); 3005 3006 $db->update_query('banned', $update_array, "uid='{$user['uid']}'"); 3007 } 3008 else 3009 { 3010 $insert_array = array( 3011 'uid' => $user['uid'], 3012 'gid' => intval($mybb->input['usergroup']), 3013 'oldgroup' => $user['usergroup'], 3014 'oldadditionalgroups' => $user['additionalgroups'], 3015 'olddisplaygroup' => $user['displaygroup'], 3016 'admin' => intval($mybb->user['uid']), 3017 'dateline' => TIME_NOW, 3018 'bantime' => $db->escape_string($mybb->input['liftafter']), 3019 'lifted' => $db->escape_string($lifted), 3020 'reason' => $db->escape_string($mybb->input['banreason']) 3021 ); 3022 3023 $db->insert_query('banned', $insert_array); 3024 } 3025 3026 // Move the user to the banned group 3027 $update_array = array( 3028 'usergroup' => intval($mybb->input['usergroup']), 3029 'displaygroup' => 0, 3030 'additionalgroups' => '', 3031 ); 3032 $db->update_query('users', $update_array, "uid = {$user['uid']}"); 3033 3034 $cache->update_banned(); 3035 3036 $plugins->run_hooks("modcp_do_banuser_end"); 3037 3038 if($mybb->input['uid']) 3039 { 3040 redirect("modcp.php?action=banning", $lang->redirect_banuser_updated); 3041 } 3042 else 3043 { 3044 redirect("modcp.php?action=banning", $lang->redirect_banuser); 3045 } 3046 } 3047 // Otherwise has errors, throw back to ban page 3048 else 3049 { 3050 $mybb->input['action'] = "banuser"; 3051 } 3052 } 3053 3054 if($mybb->input['action'] == "banuser") 3055 { 3056 add_breadcrumb($lang->mcp_nav_banning, "modcp.php?action=banning"); 3057 3058 if($mybb->input['uid']) 3059 { 3060 add_breadcrumb($lang->mcp_nav_ban_user); 3061 } 3062 else 3063 { 3064 add_breadcrumb($lang->mcp_nav_editing_ban); 3065 } 3066 3067 $plugins->run_hooks("modcp_banuser_start"); 3068 3069 // If incoming user ID, we are editing a ban 3070 if($mybb->input['uid']) 3071 { 3072 $query = $db->query(" 3073 SELECT b.*, u.username, u.uid 3074 FROM ".TABLE_PREFIX."banned b 3075 LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) 3076 WHERE b.uid='{$mybb->input['uid']}' 3077 "); 3078 $banned = $db->fetch_array($query); 3079 if($banned['username']) 3080 { 3081 $username = htmlspecialchars_uni($banned['username']); 3082 $banreason = htmlspecialchars_uni($banned['reason']); 3083 $uid = $mybb->input['uid']; 3084 $user = get_user($banned['uid']); 3085 $lang->ban_user = $lang->edit_ban; // Swap over lang variables 3086 eval("\$banuser_username = \"".$templates->get("modcp_banuser_editusername")."\";"); 3087 } 3088 } 3089 3090 // New ban! 3091 if(!$banuser_username) 3092 { 3093 if($mybb->input['uid']) 3094 { 3095 $user = get_user($mybb->input['uid']); 3096 $username = $user['username']; 3097 } 3098 else 3099 { 3100 $username = htmlspecialchars_uni($mybb->input['username']); 3101 } 3102 eval("\$banuser_username = \"".$templates->get("modcp_banuser_addusername")."\";"); 3103 } 3104 3105 // Coming back to this page from an error? 3106 if($errors) 3107 { 3108 $errors = inline_error($errors); 3109 $banned = array( 3110 "bantime" => $mybb->input['liftafter'], 3111 "reason" => $mybb->input['reason'], 3112 "gid" => $mybb->input['gid'] 3113 ); 3114 $banreason = htmlspecialchars_uni($mybb->input['banreason']); 3115 } 3116 3117 // Generate the banned times dropdown 3118 foreach($bantimes as $time => $title) 3119 { 3120 $liftlist .= "<option value=\"{$time}\""; 3121 if($banned['bantime'] == $time) 3122 { 3123 $liftlist .= " selected=\"selected\""; 3124 } 3125 $thatime = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time, $banned['dateline'])); 3126 if($time == '---') 3127 { 3128 $liftlist .= ">{$title}</option>\n"; 3129 } 3130 else 3131 { 3132 $liftlist .= ">{$title} ({$thatime})</option>\n"; 3133 } 3134 } 3135 3136 $bangroups = ''; 3137 $query = $db->simple_select("usergroups", "gid, title", "isbannedgroup=1"); 3138 while($item = $db->fetch_array($query)) 3139 { 3140 $selected = ""; 3141 if($banned['gid'] == $item['gid']) 3142 { 3143 $selected = " selected=\"selected\""; 3144 } 3145 $bangroups .= "<option value=\"{$item['gid']}\"{$selected}>".htmlspecialchars_uni($item['title'])."</option>\n"; 3146 } 3147 3148 $lift_link = "<div class=\"float_right\"><a href=\"modcp.php?action=liftban&uid={$user['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></div>"; 3149 3150 $plugins->run_hooks("modcp_banuser_end"); 3151 3152 eval("\$banuser = \"".$templates->get("modcp_banuser")."\";"); 3153 output_page($banuser); 3154 } 3155 3156 if($mybb->input['action'] == "do_modnotes") 3157 { 3158 // Verify incoming POST request 3159 verify_post_check($mybb->input['my_post_key']); 3160 3161 $plugins->run_hooks("modcp_do_modnotes_start"); 3162 3163 // Update Moderator Notes cache 3164 $update_cache = array( 3165 "modmessage" => $mybb->input['modnotes'] 3166 ); 3167 $cache->update("modnotes", $update_cache); 3168 3169 $plugins->run_hooks("modcp_do_modnotes_end"); 3170 3171 redirect("modcp.php", $lang->redirect_modnotes); 3172 } 3173 3174 if(!$mybb->input['action']) 3175 { 3176 $query = $db->query(" 3177 SELECT COUNT(aid) AS unapprovedattachments 3178 FROM ".TABLE_PREFIX."attachments a 3179 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) 3180 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 3181 WHERE a.visible='0' {$tflist} 3182 "); 3183 $unapproved_attachments = $db->fetch_field($query, "unapprovedattachments"); 3184 3185 if($unapproved_attachments > 0) 3186 { 3187 $query = $db->query(" 3188 SELECT t.tid, p.pid, p.uid, t.username, a.filename, a.dateuploaded 3189 FROM ".TABLE_PREFIX."attachments a 3190 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) 3191 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 3192 WHERE a.visible='0' {$tflist} 3193 ORDER BY a.dateuploaded DESC 3194 LIMIT 1 3195 "); 3196 $attachment = $db->fetch_array($query); 3197 $attachment['date'] = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']); 3198 $attachment['time'] = my_date($mybb->settings['timeformat'], $attachment['dateuploaded']); 3199 $attachment['profilelink'] = build_profile_link($attachment['username'], $attachment['uid']); 3200 $attachment['link'] = get_post_link($attachment['pid'], $attachment['tid']); 3201 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 3202 3203 eval("\$latest_attachment = \"".$templates->get("modcp_lastattachment")."\";"); 3204 } 3205 else 3206 { 3207 $latest_attachment = "<span style=\"text-align: center;\">{$lang->lastpost_never}</span>"; 3208 } 3209 3210 $query = $db->query(" 3211 SELECT COUNT(pid) AS unapprovedposts 3212 FROM ".TABLE_PREFIX."posts p 3213 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 3214 WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid 3215 "); 3216 $unapproved_posts = $db->fetch_field($query, "unapprovedposts"); 3217 3218 if($unapproved_posts > 0) 3219 { 3220 $query = $db->query(" 3221 SELECT p.pid, p.tid, p.subject, p.uid, p.username, p.dateline 3222 FROM ".TABLE_PREFIX."posts p 3223 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 3224 WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid 3225 ORDER BY p.dateline DESC 3226 LIMIT 1 3227 "); 3228 $post = $db->fetch_array($query); 3229 $post['date'] = my_date($mybb->settings['dateformat'], $post['dateline']); 3230 $post['time'] = my_date($mybb->settings['timeformat'], $post['dateline']); 3231 $post['profilelink'] = build_profile_link($post['username'], $post['uid']); 3232 $post['link'] = get_post_link($post['pid'], $post['tid']); 3233 $post['subject'] = $post['fullsubject'] = $parser->parse_badwords($post['subject']); 3234 if(my_strlen($post['subject']) > 25) 3235 { 3236 $post['subject'] = my_substr($post['subject'], 0, 25)."..."; 3237 } 3238 $post['subject'] = htmlspecialchars_uni($post['subject']); 3239 $post['fullsubject'] = htmlspecialchars_uni($post['fullsubject']); 3240 3241 eval("\$latest_post = \"".$templates->get("modcp_lastpost")."\";"); 3242 } 3243 else 3244 { 3245 $latest_post = "<span style=\"text-align: center;\">{$lang->lastpost_never}</span>"; 3246 } 3247 3248 $query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible=0 {$flist}"); 3249 $unapproved_threads = $db->fetch_field($query, "unapprovedthreads"); 3250 3251 if($unapproved_threads > 0) 3252 { 3253 $query = $db->simple_select("threads", "tid, subject, uid, username, dateline", "visible=0 {$flist}", array('order_by' => 'dateline', 'order_dir' => 'DESC', 'limit' => 1)); 3254 $thread = $db->fetch_array($query); 3255 $thread['date'] = my_date($mybb->settings['dateformat'], $thread['dateline']); 3256 $thread['time'] = my_date($mybb->settings['timeformat'], $thread['dateline']); 3257 $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); 3258 $thread['link'] = get_thread_link($thread['tid']); 3259 $thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']); 3260 if(my_strlen($thread['subject']) > 25) 3261 { 3262 $post['subject'] = my_substr($thread['subject'], 0, 25)."..."; 3263 } 3264 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 3265 $thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']); 3266 3267 eval("\$latest_thread = \"".$templates->get("modcp_lastthread")."\";"); 3268 } 3269 else 3270 { 3271 $latest_thread = "<span style=\"text-align: center;\">{$lang->lastpost_never}</span>"; 3272 } 3273 3274 $query = $db->query(" 3275 SELECT l.*, u.username, u.usergroup, u.displaygroup, t.subject AS tsubject, f.name AS fname, p.subject AS psubject 3276 FROM ".TABLE_PREFIX."moderatorlog l 3277 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 3278 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 3279 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) 3280 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) 3281 ORDER BY l.dateline DESC 3282 LIMIT 5 3283 "); 3284 while($logitem = $db->fetch_array($query)) 3285 { 3286 $information = ''; 3287 $logitem['action'] = $logitem['action']; 3288 $log_date = my_date($mybb->settings['dateformat'], $logitem['dateline']); 3289 $log_time = my_date($mybb->settings['timeformat'], $logitem['dateline']); 3290 $trow = alt_trow(); 3291 $username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']); 3292 $logitem['profilelink'] = build_profile_link($username, $logitem['uid']); 3293 if($logitem['tsubject']) 3294 { 3295 $information = "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($logitem['tid'])."\" target=\"_blank\">".htmlspecialchars_uni($logitem['tsubject'])."</a><br />"; 3296 } 3297 if($logitem['fname']) 3298 { 3299 $information .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($logitem['fid'])."\" target=\"_blank\">".htmlspecialchars_uni($logitem['fname'])."</a><br />"; 3300 } 3301 if($logitem['psubject']) 3302 { 3303 $information .= "<strong>{$lang->post}</strong> <a href=\"".get_post_link($logitem['pid'])."#pid{$logitem['pid']}\">".htmlspecialchars_uni($logitem['psubject'])."</a>"; 3304 } 3305 3306 // Edited a user? 3307 if(!$logitem['tsubject'] || !$logitem['fname'] || !$logitem['psubject']) 3308 { 3309 $data = unserialize($logitem['data']); 3310 if($data['uid']) 3311 { 3312 $information = $lang->sprintf($lang->edited_user_info, htmlspecialchars_uni($data['username']), get_profile_link($data['uid'])); 3313 } 3314 } 3315 3316 eval("\$modlogresults .= \"".$templates->get("modcp_modlogs_result")."\";"); 3317 } 3318 3319 if(!$modlogresults) 3320 { 3321 eval("\$modlogresults = \"".$templates->get("modcp_modlogs_noresults")."\";"); 3322 } 3323 3324 $query = $db->query(" 3325 SELECT b.*, a.username AS adminuser, u.username, (b.lifted-".TIME_NOW.") AS remaining 3326 FROM ".TABLE_PREFIX."banned b 3327 LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) 3328 LEFT JOIN ".TABLE_PREFIX."users a ON (b.admin=a.uid) 3329 WHERE b.bantime != '---' AND b.bantime != 'perm' 3330 ORDER BY remaining ASC 3331 LIMIT 5 3332 "); 3333 3334 // Get the banned users 3335 while($banned = $db->fetch_array($query)) 3336 { 3337 $profile_link = build_profile_link($banned['username'], $banned['uid']); 3338 3339 // Only show the edit & lift links if current user created ban, or is super mod/admin 3340 $edit_link = ''; 3341 if($mybb->user['uid'] == $banned['admin'] || !$banned['adminuser'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1) 3342 { 3343 $edit_link = "<br /><span class=\"smalltext\"><a href=\"modcp.php?action=banuser&uid={$banned['uid']}\">{$lang->edit_ban}</a> | <a href=\"modcp.php?action=liftban&uid={$banned['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></span>"; 3344 } 3345 3346 $admin_profile = build_profile_link($banned['adminuser'], $banned['admin']); 3347 3348 $trow = alt_trow(); 3349 3350 if($banned['reason']) 3351 { 3352 $banned['reason'] = htmlspecialchars_uni($parser->parse_badwords($banned['reason'])); 3353 } 3354 else 3355 { 3356 $banned['reason'] = $lang->na; 3357 } 3358 3359 if($banned['lifted'] == 'perm' || $banned['lifted'] == '' || $banned['bantime'] == 'perm' || $banned['bantime'] == '---') 3360 { 3361 $banlength = $lang->permanent; 3362 $timeremaining = $lang->na; 3363 } 3364 else 3365 { 3366 $banlength = $bantimes[$banned['bantime']]; 3367 $remaining = $banned['remaining']; 3368 3369 $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; 3370 3371 if($remaining <= 0) 3372 { 3373 $timeremaining = "<span style=\"color: red;\">({$lang->ban_ending_imminently})</span>"; 3374 } 3375 else if($remaining < 3600) 3376 { 3377 $timeremaining = "<span style=\"color: red;\">({$timeremaining} {$lang->ban_remaining})</span>"; 3378 } 3379 else if($remaining < 86400) 3380 { 3381 $timeremaining = "<span style=\"color: maroon;\">({$timeremaining} {$lang->ban_remaining})</span>"; 3382 } 3383 else if($remaining < 604800) 3384 { 3385 $timeremaining = "<span style=\"color: green;\">({$timeremaining} {$lang->ban_remaining})</span>"; 3386 } 3387 else 3388 { 3389 $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; 3390 } 3391 } 3392 3393 eval("\$bannedusers .= \"".$templates->get("modcp_banning_ban")."\";"); 3394 } 3395 3396 if(!$bannedusers) 3397 { 3398 eval("\$bannedusers = \"".$templates->get("modcp_banning_nobanned")."\";"); 3399 } 3400 3401 $modnotes = $cache->read("modnotes"); 3402 $modnotes = htmlspecialchars_uni($modnotes['modmessage']); 3403 3404 $plugins->run_hooks("modcp_end"); 3405 3406 eval("\$modcp = \"".$templates->get("modcp")."\";"); 3407 output_page($modcp); 3408 } 3409 3410 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |