| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'moderation.php'); 14 15 $templatelist = 'changeuserbox,loginbox,moderation_delayedmoderation_custommodtool,moderation_delayedmodaction_notes,moderation_delayedmoderation_merge,moderation_delayedmoderation_move'; 16 $templatelist .= ',moderation_delayedmoderation,moderation_deletethread,moderation_deletepoll,moderation_deleteposts_post,moderation_deleteposts,moderation_mergeposts_post,moderation_mergeposts'; 17 $templatelist .= ',moderation_move,moderation_threadnotes_modaction,moderation_threadnotes_delayedmodaction,moderation_threadnotes,moderation_getip_modoptions,moderation_getip,moderation_merge'; 18 $templatelist .= ',moderation_split_post,moderation_split,moderation_inline_deletethreads,moderation_inline_movethreads,moderation_inline_deleteposts,moderation_inline_mergeposts'; 19 $templatelist .= ',moderation_inline_splitposts,forumjump_bit,forumjump_special,forumjump_advanced,forumdisplay_password_wrongpass,forumdisplay_password'; 20 21 require_once "./global.php"; 22 require_once MYBB_ROOT."inc/functions_post.php"; 23 require_once MYBB_ROOT."inc/functions_upload.php"; 24 require_once MYBB_ROOT."inc/class_parser.php"; 25 $parser = new postParser; 26 require_once MYBB_ROOT."inc/class_moderation.php"; 27 $moderation = new Moderation; 28 29 // Load global language phrases 30 $lang->load("moderation"); 31 32 $plugins->run_hooks("moderation_start"); 33 34 // Get some navigation if we need it 35 switch($mybb->input['action']) 36 { 37 case "reports": 38 add_breadcrumb($lang->reported_posts); 39 break; 40 case "allreports": 41 add_breadcrumb($lang->all_reported_posts); 42 break; 43 44 } 45 $tid = intval($mybb->input['tid']); 46 $pid = intval($mybb->input['pid']); 47 $fid = intval($mybb->input['fid']); 48 49 if($pid) 50 { 51 $post = get_post($pid); 52 $tid = $post['tid']; 53 if(!$post['pid']) 54 { 55 error($lang->error_invalidpost); 56 } 57 } 58 59 if($tid) 60 { 61 $thread = get_thread($tid); 62 $fid = $thread['fid']; 63 if(!$thread['tid']) 64 { 65 error($lang->error_invalidthread); 66 } 67 } 68 69 if($fid) 70 { 71 $modlogdata['fid'] = $fid; 72 $forum = get_forum($fid); 73 74 // Make navigation 75 build_forum_breadcrumb($fid); 76 } 77 78 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 79 80 if($tid) 81 { 82 add_breadcrumb($thread['subject'], get_thread_link($thread['tid'])); 83 $modlogdata['tid'] = $tid; 84 } 85 86 // Get our permissions all nice and setup 87 $permissions = forum_permissions($fid); 88 89 if($fid) 90 { 91 // Check if this forum is password protected and we have a valid password 92 check_forum_password($forum['fid']); 93 } 94 95 if($mybb->user['uid'] != 0) 96 { 97 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 98 } 99 else 100 { 101 eval("\$loginbox = \"".$templates->get("loginbox")."\";"); 102 } 103 104 $allowable_moderation_actions = array("getip", "cancel_delayedmoderation", "delayedmoderation"); 105 106 if($mybb->request_method != "post" && !in_array($mybb->input['action'], $allowable_moderation_actions)) 107 { 108 error_no_permission(); 109 } 110 111 // Begin! 112 switch($mybb->input['action']) 113 { 114 // Delayed Moderation 115 case "cancel_delayedmoderation": 116 // Verify incoming POST request 117 verify_post_check($mybb->input['my_post_key']); 118 119 add_breadcrumb($lang->delayed_moderation); 120 if(!is_moderator($fid, "canmanagethreads")) 121 { 122 error_no_permission(); 123 } 124 125 $db->delete_query("delayedmoderation", "did='".intval($mybb->input['did'])."'"); 126 127 if($tid == 0) 128 { 129 moderation_redirect(get_forum_link($fid), $lang->redirect_delayed_moderation_cancelled); 130 } 131 else 132 { 133 moderation_redirect("moderation.php?action=delayedmoderation&tid={$tid}&my_post_key={$mybb->post_code}", $lang->redirect_delayed_moderation_cancelled); 134 } 135 break; 136 case "do_delayedmoderation": 137 case "delayedmoderation": 138 // Verify incoming POST request 139 verify_post_check($mybb->input['my_post_key']); 140 141 add_breadcrumb($lang->delayed_moderation); 142 143 if(!is_moderator($fid, "canmanagethreads")) 144 { 145 error_no_permission(); 146 } 147 148 $errors = array(); 149 $customthreadtools = ""; 150 151 $allowed_types = array('openclosethread', 'deletethread', 'move', 'stick', 'merge', 'removeredirects', 'removesubscriptions', 'approveunapprovethread'); 152 153 switch($db->type) 154 { 155 case "pgsql": 156 case "sqlite": 157 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 158 break; 159 default: 160 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 161 } 162 while($tool = $db->fetch_array($query)) 163 { 164 $allowed_types[] = "modtool_".$tool['tid']; 165 166 $tool['name'] = htmlspecialchars_uni($tool['name']); 167 168 $checked = ""; 169 if($mybb->input['type'] == "modtool_".$tool['tid']) 170 { 171 $checked = "checked=\"checked\""; 172 } 173 174 eval("\$customthreadtools .= \"".$templates->get("moderation_delayedmoderation_custommodtool")."\";"); 175 } 176 177 if($mybb->input['tid']) 178 { 179 $mybb->input['tids'] = $mybb->input['tid']; 180 } 181 else 182 { 183 if($mybb->input['inlinetype'] == 'search') 184 { 185 $tids = getids($mybb->input['searchid'], 'search'); 186 } 187 else 188 { 189 $fid = $mybb->input['fid']; 190 $tids = getids($fid, "forum"); 191 } 192 if(count($tids) < 1) 193 { 194 error($lang->error_inline_nothreadsselected); 195 } 196 197 $mybb->input['tids'] = $tids; 198 } 199 200 if($mybb->input['action'] == "do_delayedmoderation" && $mybb->request_method == "post") 201 { 202 if(!in_array($mybb->input['type'], $allowed_types)) 203 { 204 $mybb->input['type'] = ''; 205 $errors[] = $lang->error_delayedmoderation_unsupported_type; 206 } 207 208 if($mybb->input['type'] == 'move' && !in_array($mybb->input['delayedmoderation']['method'], array('move', 'redirect', 'copy'))) 209 { 210 $mybb->input['delayedmoderation']['method'] = ''; 211 $errors[] = $lang->error_delayedmoderation_unsupported_method; 212 } 213 214 if($mybb->input['type'] == 'move') 215 { 216 $newforum = get_forum($fid); 217 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 218 { 219 $errors[] = $lang->error_invalidforum; 220 } 221 } 222 223 if($mybb->input['delay'] < 1) 224 { 225 $mybb->input['delay'] = 1; 226 $errors[] = $lang->error_delayedmoderation_invalid_delay; 227 } 228 229 if(!$errors) 230 { 231 if(is_array($mybb->input['tids'])) 232 { 233 $mybb->input['tids'] = implode(',' , $mybb->input['tids']); 234 } 235 $db->insert_query("delayedmoderation", array( 236 'type' => $db->escape_string($mybb->input['type']), 237 'delaydateline' => TIME_NOW+(intval($mybb->input['delay'])*24*60*60), 238 'uid' => $mybb->user['uid'], 239 'tids' => $db->escape_string($mybb->input['tids']), 240 'fid' => $fid, 241 'dateline' => TIME_NOW, 242 'inputs' => $db->escape_string(serialize($mybb->input['delayedmoderation'])) 243 )); 244 245 $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, intval($mybb->input['delay'])); 246 247 if($mybb->input['tid']) 248 { 249 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread); 250 } 251 else 252 { 253 if($mybb->input['inlinetype'] == 'search') 254 { 255 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $mybb->input['delay'])); 256 } 257 else 258 { 259 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $mybb->input['delay'])); 260 } 261 } 262 } 263 else 264 { 265 $type_selected = array($mybb->input['type'] => "checked=\"checked\""); 266 $method_selected = array($mybb->input['delayedmoderation']['method'] => "checked=\"checked\""); 267 268 $mybb->input['delay'] = intval($mybb->input['delay']); 269 $mybb->input['delayedmoderation']['redirect_expire'] = intval($mybb->input['delayedmoderation']['redirect_expire']); 270 $mybb->input['delayedmoderation']['new_forum'] = intval($mybb->input['delayedmoderation']['new_forum']); 271 $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']); 272 $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']); 273 274 $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]"); 275 } 276 } 277 else 278 { 279 $type_selected = array('openclosethread' => "checked=\"checked\""); 280 $method_selected = array('move' => "checked=\"checked\""); 281 282 $mybb->input['delay'] = 1; 283 $mybb->input['delayedmoderation']['redirect_expire'] = ''; 284 $mybb->input['delayedmoderation']['subject'] = $thread['subject']; 285 $mybb->input['delayedmoderation']['threadurl'] = ''; 286 287 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]"); 288 } 289 290 if(count($errors) > 0) 291 { 292 $display_errors = inline_error($errors); 293 } 294 295 $forum_cache = $cache->read("forums"); 296 297 $actions = array( 298 'openclosethread' => $lang->open_close_thread, 299 'deletethread' => $lang->delete_thread, 300 'move' => $lang->move_copy_thread, 301 'stick' => $lang->stick_unstick_thread, 302 'merge' => $lang->merge_threads, 303 'removeredirects' => $lang->remove_redirects, 304 'removesubscriptions' => $lang->remove_subscriptions, 305 'approveunapprovethread' => $lang->approve_unapprove_thread 306 ); 307 308 switch($db->type) 309 { 310 case "pgsql": 311 case "sqlite": 312 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 313 break; 314 default: 315 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 316 } 317 while($tool = $db->fetch_array($query)) 318 { 319 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 320 } 321 322 $delayedmods = ''; 323 $trow = alt_trow(1); 324 if($tid == 0) 325 { 326 // Inline thread moderation is used 327 if($mybb->input['inlinetype'] == 'search') 328 { 329 $tids = getids($mybb->input['searchid'], 'search'); 330 } 331 else 332 { 333 $tids = getids($fid, "forum"); 334 } 335 $where_array = array(); 336 switch($db->type) 337 { 338 case "pgsql": 339 case "sqlite": 340 foreach($tids as $like) 341 { 342 $where_array[] = "','||d.tids||',' LIKE '%,".$db->escape_string($like).",%'"; 343 } 344 $where_statement = implode(" OR ", $where_array); 345 break; 346 default: 347 foreach($tids as $like) 348 { 349 $where_array[] = "CONCAT(',',d.tids,',') LIKE '%,".$db->escape_string($like).",%'"; 350 } 351 $where_statement = implode(" OR ", $where_array); 352 } 353 $query = $db->query(" 354 SELECT d.*, u.username, f.name AS fname 355 FROM ".TABLE_PREFIX."delayedmoderation d 356 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 357 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 358 WHERE ".$where_statement." 359 ORDER BY d.dateline DESC 360 LIMIT 0, 20 361 "); 362 } 363 else 364 { 365 switch($db->type) 366 { 367 case "pgsql": 368 case "sqlite": 369 $query = $db->query(" 370 SELECT d.*, u.username, f.name AS fname 371 FROM ".TABLE_PREFIX."delayedmoderation d 372 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 373 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 374 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 375 ORDER BY d.dateline DESC 376 LIMIT 0, 20 377 "); 378 break; 379 default: 380 $query = $db->query(" 381 SELECT d.*, u.username, f.name AS fname 382 FROM ".TABLE_PREFIX."delayedmoderation d 383 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 384 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 385 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 386 ORDER BY d.dateline DESC 387 LIMIT 0, 20 388 "); 389 } 390 } 391 while($delayedmod = $db->fetch_array($query)) 392 { 393 $delayedmod['dateline'] = my_date("jS M Y, G:i", $delayedmod['delaydateline']); 394 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 395 $delayedmod['action'] = $actions[$delayedmod['type']]; 396 $info = ''; 397 if(strpos($delayedmod['tids'], ',') === false) 398 { 399 $delayed_thread = get_thread($delayedmod['tids']); 400 $info .= "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($delayedmod['tids'])."\">".htmlspecialchars_uni($delayed_thread['subject'])."</a><br />"; 401 } 402 else 403 { 404 $info .= "<strong>{$lang->thread}</strong> {$lang->multiple_threads}<br />"; 405 } 406 407 if($delayedmod['fname']) 408 { 409 $info .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($delayedmod['fid'])."\">".htmlspecialchars_uni($delayedmod['fname'])."</a><br />"; 410 } 411 $delayedmod['inputs'] = unserialize($delayedmod['inputs']); 412 413 if($delayedmod['type'] == 'move') 414 { 415 $info .= "<strong>{$lang->new_forum}</strong> <a href=\"".get_forum_link($delayedmod['inputs']['new_forum'])."\">".htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name'])."</a><br />"; 416 if($delayedmod['inputs']['method'] == "redirect") 417 { 418 if(intval($delayedmod['inputs']['redirect_expire']) == 0) 419 { 420 $redirect_expire_bit = $lang->redirect_forever; 421 } 422 else 423 { 424 $redirect_expire_bit = intval($delayedmod['inputs']['redirect_expire'])." {$lang->days}"; 425 } 426 $info .= "<strong>{$lang->leave_redirect_for}</strong> {$redirect_expire_bit}<br />"; 427 } 428 } 429 else if($delayedmod['type'] == 'merge') 430 { 431 $info .= "<strong>{$lang->new_subject}</strong> ".htmlspecialchars_uni($delayedmod['inputs']['subject'])."<br />"; 432 $info .= "<strong>{$lang->thread_to_merge_with}</strong> <a href=\"".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."\">".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."</a><br />"; 433 } 434 435 eval("\$delayedmods .= \"".$templates->get("moderation_delayedmodaction_notes")."\";"); 436 $trow = alt_trow(); 437 } 438 if(!$delayedmods) 439 { 440 $delayedmods = "<tr><td class=\"trow1\" colspan=\"5\">{$lang->no_delayed_mods}</td></tr>"; 441 } 442 443 $url = ''; 444 if($mybb->input['tid']) 445 { 446 $lang->threads = $lang->thread; 447 $threads = "<a href=\"".get_thread_link($tid)."\">{$thread['subject']}</a>"; 448 eval("\$moderation_delayedmoderation_merge = \"".$templates->get("moderation_delayedmoderation_merge")."\";"); 449 } 450 else 451 { 452 if($mybb->input['inlinetype'] == 'search') 453 { 454 $tids = getids($mybb->input['searchid'], 'search'); 455 $url = htmlspecialchars_uni($mybb->input['url']); 456 } 457 else 458 { 459 $tids = getids($fid, "forum"); 460 } 461 if(count($tids) < 1) 462 { 463 error($lang->error_inline_nothreadsselected); 464 } 465 466 $threads = $lang->sprintf($lang->threads_selected, count($tids)); 467 } 468 eval("\$moderation_delayedmoderation_move = \"".$templates->get("moderation_delayedmoderation_move")."\";"); 469 470 $plugins->run_hooks("moderation_delayedmoderation"); 471 472 eval("\$delayedmoderation = \"".$templates->get("moderation_delayedmoderation")."\";"); 473 output_page($delayedmoderation); 474 break; 475 // Open or close a thread 476 case "openclosethread": 477 // Verify incoming POST request 478 verify_post_check($mybb->input['my_post_key']); 479 480 if(!is_moderator($fid, "canopenclosethreads")) 481 { 482 error_no_permission(); 483 } 484 485 if($thread['closed'] == 1) 486 { 487 $openclose = $lang->opened; 488 $redirect = $lang->redirect_openthread; 489 $moderation->open_threads($tid); 490 } 491 else 492 { 493 $openclose = $lang->closed; 494 $redirect = $lang->redirect_closethread; 495 $moderation->close_threads($tid); 496 } 497 498 $lang->mod_process = $lang->sprintf($lang->mod_process, $openclose); 499 500 log_moderator_action($modlogdata, $lang->mod_process); 501 502 moderation_redirect(get_thread_link($thread['tid']), $redirect); 503 break; 504 505 // Stick or unstick that post to the top bab! 506 case "stick"; 507 // Verify incoming POST request 508 verify_post_check($mybb->input['my_post_key']); 509 510 if(!is_moderator($fid, "canmanagethreads")) 511 { 512 error_no_permission(); 513 } 514 515 $plugins->run_hooks("moderation_stick"); 516 517 if($thread['sticky'] == 1) 518 { 519 $stuckunstuck = $lang->unstuck; 520 $redirect = $lang->redirect_unstickthread; 521 $moderation->unstick_threads($tid); 522 } 523 else 524 { 525 $stuckunstuck = $lang->stuck; 526 $redirect = $lang->redirect_stickthread; 527 $moderation->stick_threads($tid); 528 } 529 530 $lang->mod_process = $lang->sprintf($lang->mod_process, $stuckunstuck); 531 532 log_moderator_action($modlogdata, $lang->mod_process); 533 534 moderation_redirect(get_thread_link($thread['tid']), $redirect); 535 break; 536 537 // Remove redirects to a specific thread 538 case "removeredirects": 539 540 // Verify incoming POST request 541 verify_post_check($mybb->input['my_post_key']); 542 543 if(!is_moderator($fid, "canmanagethreads")) 544 { 545 error_no_permission(); 546 } 547 548 $plugins->run_hooks("moderation_removeredirects"); 549 550 $moderation->remove_redirects($tid); 551 552 log_moderator_action($modlogdata, $lang->redirects_removed); 553 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_redirectsremoved); 554 break; 555 556 // Delete thread confirmation page 557 case "deletethread": 558 559 add_breadcrumb($lang->nav_deletethread); 560 561 if(!is_moderator($fid, "candeleteposts")) 562 { 563 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 564 { 565 error_no_permission(); 566 } 567 } 568 569 $plugins->run_hooks("moderation_deletethread"); 570 571 eval("\$deletethread = \"".$templates->get("moderation_deletethread")."\";"); 572 output_page($deletethread); 573 break; 574 575 // Delete the actual thread here 576 case "do_deletethread": 577 578 // Verify incoming POST request 579 verify_post_check($mybb->input['my_post_key']); 580 581 if(!is_moderator($fid, "candeleteposts")) 582 { 583 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 584 { 585 error_no_permission(); 586 } 587 } 588 589 $plugins->run_hooks("moderation_do_deletethread"); 590 591 // Log the subject of the deleted thread 592 $modlogdata['thread_subject'] = $thread['subject']; 593 594 $thread['subject'] = $db->escape_string($thread['subject']); 595 $lang->thread_deleted = $lang->sprintf($lang->thread_deleted, $thread['subject']); 596 log_moderator_action($modlogdata, $lang->thread_deleted); 597 598 $moderation->delete_thread($tid); 599 600 mark_reports($tid, "thread"); 601 moderation_redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 602 break; 603 604 // Delete the poll from a thread confirmation page 605 case "deletepoll": 606 add_breadcrumb($lang->nav_deletepoll); 607 608 if(!is_moderator($fid, "candeleteposts")) 609 { 610 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 611 { 612 error_no_permission(); 613 } 614 } 615 616 $plugins->run_hooks("moderation_deletepoll"); 617 618 $query = $db->simple_select("polls", "*", "tid='$tid'"); 619 $poll = $db->fetch_array($query); 620 if(!$poll['pid']) 621 { 622 error($lang->error_invalidpoll); 623 } 624 625 eval("\$deletepoll = \"".$templates->get("moderation_deletepoll")."\";"); 626 output_page($deletepoll); 627 break; 628 629 // Delete the actual poll here! 630 case "do_deletepoll": 631 632 // Verify incoming POST request 633 verify_post_check($mybb->input['my_post_key']); 634 635 if(!$mybb->input['delete']) 636 { 637 error($lang->redirect_pollnotdeleted); 638 } 639 if(!is_moderator($fid, "candeleteposts")) 640 { 641 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 642 { 643 error_no_permission(); 644 } 645 } 646 $query = $db->simple_select("polls", "*", "tid='$tid'"); 647 $poll = $db->fetch_array($query); 648 if(!$poll['pid']) 649 { 650 error($lang->error_invalidpoll); 651 } 652 653 $plugins->run_hooks("moderation_do_deletepoll"); 654 655 $lang->poll_deleted = $lang->sprintf($lang->poll_deleted, $thread['subject']); 656 log_moderator_action($modlogdata, $lang->poll_deleted); 657 658 $moderation->delete_poll($poll['pid']); 659 660 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_polldeleted); 661 break; 662 663 // Approve a thread 664 case "approvethread": 665 666 // Verify incoming POST request 667 verify_post_check($mybb->input['my_post_key']); 668 669 if(!is_moderator($fid, "canopenclosethreads")) 670 { 671 error_no_permission(); 672 } 673 $query = $db->simple_select("threads", "*", "tid='$tid'"); 674 $thread = $db->fetch_array($query); 675 676 $plugins->run_hooks("moderation_approvethread"); 677 678 $lang->thread_approved = $lang->sprintf($lang->thread_approved, $thread['subject']); 679 log_moderator_action($modlogdata, $lang->thread_approved); 680 681 $moderation->approve_threads($tid, $fid); 682 683 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadapproved); 684 break; 685 686 // Unapprove a thread 687 case "unapprovethread": 688 689 // Verify incoming POST request 690 verify_post_check($mybb->input['my_post_key']); 691 692 if(!is_moderator($fid, "canopenclosethreads")) 693 { 694 error_no_permission(); 695 } 696 $query = $db->simple_select("threads", "*", "tid='$tid'"); 697 $thread = $db->fetch_array($query); 698 699 $plugins->run_hooks("moderation_unapprovethread"); 700 701 $lang->thread_unapproved = $lang->sprintf($lang->thread_unapproved, $thread['subject']); 702 log_moderator_action($modlogdata, $lang->thread_unapproved); 703 704 $moderation->unapprove_threads($tid, $fid); 705 706 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadunapproved); 707 break; 708 709 // Delete selective posts in a thread 710 case "deleteposts": 711 add_breadcrumb($lang->nav_deleteposts); 712 if(!is_moderator($fid, "candeleteposts")) 713 { 714 error_no_permission(); 715 } 716 $posts = ""; 717 $query = $db->query(" 718 SELECT p.*, u.* 719 FROM ".TABLE_PREFIX."posts p 720 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 721 WHERE tid='$tid' 722 ORDER BY dateline ASC 723 "); 724 $altbg = "trow1"; 725 while($post = $db->fetch_array($query)) 726 { 727 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 728 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 729 730 $parser_options = array( 731 "allow_html" => $forum['allowhtml'], 732 "allow_mycode" => $forum['allowmycode'], 733 "allow_smilies" => $forum['allowsmilies'], 734 "allow_imgcode" => $forum['allowimgcode'], 735 "allow_videocode" => $forum['allowvideocode'], 736 "filter_badwords" => 1 737 ); 738 if($post['smilieoff'] == 1) 739 { 740 $parser_options['allow_smilies'] = 0; 741 } 742 743 $message = $parser->parse_message($post['message'], $parser_options); 744 eval("\$posts .= \"".$templates->get("moderation_deleteposts_post")."\";"); 745 $altbg = alt_trow(); 746 } 747 748 $plugins->run_hooks("moderation_deleteposts"); 749 750 eval("\$deleteposts = \"".$templates->get("moderation_deleteposts")."\";"); 751 output_page($deleteposts); 752 break; 753 754 // Lets delete those selected posts! 755 case "do_deleteposts": 756 757 // Verify incoming POST request 758 verify_post_check($mybb->input['my_post_key']); 759 760 if(!is_moderator($fid, "candeleteposts")) 761 { 762 error_no_permission(); 763 } 764 765 $plugins->run_hooks("moderation_do_deleteposts"); 766 767 $deletethread = "1"; 768 $deletepost = $mybb->input['deletepost']; 769 $query = $db->simple_select("posts", "*", "tid='$tid'"); 770 while($post = $db->fetch_array($query)) 771 { 772 if($deletepost[$post['pid']] == 1) 773 { 774 $moderation->delete_post($post['pid']); 775 $deletecount++; 776 $plist[] = $post['pid']; 777 } 778 else 779 { 780 $deletethread = "0"; 781 } 782 } 783 if($deletethread) 784 { 785 $moderation->delete_thread($tid); 786 $url = get_forum_link($fid); 787 mark_reports($plist, "posts"); 788 } 789 else 790 { 791 $url = get_thread_link($thread['tid']); 792 mark_reports($tid, "thread"); 793 } 794 $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount); 795 log_moderator_action($modlogdata, $lang->deleted_selective_posts); 796 moderation_redirect($url, $lang->redirect_postsdeleted); 797 break; 798 799 // Merge selected posts selection screen 800 case "mergeposts": 801 add_breadcrumb($lang->nav_mergeposts); 802 803 if(!is_moderator($fid, "canmanagethreads")) 804 { 805 error_no_permission(); 806 } 807 $posts = ""; 808 $query = $db->query(" 809 SELECT p.*, u.* 810 FROM ".TABLE_PREFIX."posts p 811 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 812 WHERE tid='$tid' 813 ORDER BY dateline ASC 814 "); 815 $altbg = "trow1"; 816 while($post = $db->fetch_array($query)) 817 { 818 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 819 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 820 $parser_options = array( 821 "allow_html" => $forum['allowhtml'], 822 "allow_mycode" => $forum['allowmycode'], 823 "allow_smilies" => $forum['allowsmilies'], 824 "allow_imgcode" => $forum['allowimgcode'], 825 "allow_videocode" => $forum['allowvideocode'], 826 "filter_badwords" => 1 827 ); 828 if($post['smilieoff'] == 1) 829 { 830 $parser_options['allow_smilies'] = 0; 831 } 832 833 $message = $parser->parse_message($post['message'], $parser_options); 834 eval("\$posts .= \"".$templates->get("moderation_mergeposts_post")."\";"); 835 $altbg = alt_trow(); 836 } 837 838 $plugins->run_hooks("moderation_mergeposts"); 839 840 eval("\$mergeposts = \"".$templates->get("moderation_mergeposts")."\";"); 841 output_page($mergeposts); 842 break; 843 844 // Lets merge those selected posts! 845 case "do_mergeposts": 846 847 // Verify incoming POST request 848 verify_post_check($mybb->input['my_post_key']); 849 850 if(!is_moderator($fid, "canmanagethreads")) 851 { 852 error_no_permission(); 853 } 854 855 $plugins->run_hooks("moderation_do_mergeposts"); 856 857 $mergepost = $mybb->input['mergepost']; 858 if(count($mergepost) <= 1) 859 { 860 error($lang->error_nomergeposts); 861 } 862 863 foreach($mergepost as $pid => $yes) 864 { 865 $plist[] = intval($pid); 866 } 867 $masterpid = $moderation->merge_posts($plist, $tid, $mybb->input['sep']); 868 869 mark_reports($plist, "posts"); 870 log_moderator_action($modlogdata, $lang->merged_selective_posts); 871 moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_mergeposts); 872 break; 873 874 // Move a thread 875 case "move": 876 add_breadcrumb($lang->nav_move); 877 if(!is_moderator($fid, "canmanagethreads")) 878 { 879 error_no_permission(); 880 } 881 882 $plugins->run_hooks("moderation_move"); 883 884 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 885 eval("\$movethread = \"".$templates->get("moderation_move")."\";"); 886 output_page($movethread); 887 break; 888 889 // Lets get this thing moving! 890 case "do_move": 891 892 // Verify incoming POST request 893 verify_post_check($mybb->input['my_post_key']); 894 895 $moveto = intval($mybb->input['moveto']); 896 $method = $mybb->input['method']; 897 898 if(!is_moderator($fid, "canmanagethreads")) 899 { 900 error_no_permission(); 901 } 902 // Check if user has moderator permission to move to destination 903 if(!is_moderator($moveto, "canmanagethreads") && !is_moderator($fid, "canmovetononmodforum")) 904 { 905 error_no_permission(); 906 } 907 $newperms = forum_permissions($moveto); 908 if($newperms['canview'] == 0 && !is_moderator($fid, "canmovetononmodforum")) 909 { 910 error_no_permission(); 911 } 912 913 $newforum = get_forum($moveto); 914 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 915 { 916 error($lang->error_invalidforum); 917 } 918 if($method != "copy" && $thread['fid'] == $moveto) 919 { 920 error($lang->error_movetosameforum); 921 } 922 923 $expire = 0; 924 if(intval($mybb->input['redirect_expire']) > 0) 925 { 926 $expire = TIME_NOW + (intval($mybb->input['redirect_expire']) * 86400); 927 } 928 929 $the_thread = $tid; 930 931 $newtid = $moderation->move_thread($tid, $moveto, $method, $expire); 932 933 switch($method) 934 { 935 case "copy": 936 log_moderator_action($modlogdata, $lang->thread_copied); 937 break; 938 default: 939 case "move": 940 case "redirect": 941 log_moderator_action($modlogdata, $lang->thread_moved); 942 break; 943 } 944 945 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadmoved); 946 break; 947 948 // Thread notes editor 949 case "threadnotes": 950 add_breadcrumb($lang->nav_threadnotes); 951 if(!is_moderator($fid, "canmanagethreads")) 952 { 953 error_no_permission(); 954 } 955 $thread['notes'] = htmlspecialchars_uni($parser->parse_badwords($thread['notes'])); 956 $trow = alt_trow(1); 957 $query = $db->query(" 958 SELECT l.*, u.username, t.subject AS tsubject, f.name AS fname, p.subject AS psubject 959 FROM ".TABLE_PREFIX."moderatorlog l 960 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 961 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 962 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) 963 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) 964 WHERE t.tid='$tid' 965 ORDER BY l.dateline DESC 966 LIMIT 0, 20 967 "); 968 while($modaction = $db->fetch_array($query)) 969 { 970 $modaction['dateline'] = my_date("jS M Y, G:i", $modaction['dateline']); 971 $modaction['profilelink'] = build_profile_link($modaction['username'], $modaction['uid']); 972 $modaction['action'] = htmlspecialchars_uni($modaction['action']); 973 $info = ''; 974 if($modaction['tsubject']) 975 { 976 $info .= "<strong>$lang->thread</strong> <a href=\"".get_thread_link($modaction['tid'])."\">".htmlspecialchars_uni($modaction['tsubject'])."</a><br />"; 977 } 978 if($modaction['fname']) 979 { 980 $info .= "<strong>$lang->forum</strong> <a href=\"".get_forum_link($modaction['fid'])."\">".htmlspecialchars_uni($modaction['fname'])."</a><br />"; 981 } 982 if($modaction['psubject']) 983 { 984 $info .= "<strong>$lang->post</strong> <a href=\"".get_post_link($modaction['pid'])."#pid".$modaction['pid']."\">".htmlspecialchars_uni($modaction['psubject'])."</a>"; 985 } 986 987 eval("\$modactions .= \"".$templates->get("moderation_threadnotes_modaction")."\";"); 988 $trow = alt_trow(); 989 } 990 if(!$modactions) 991 { 992 $modactions = "<tr><td class=\"trow1\" colspan=\"4\">$lang->no_mod_options</td></tr>"; 993 } 994 995 $actions = array( 996 'openclosethread' => $lang->open_close_thread, 997 'deletethread' => $lang->delete_thread, 998 'move' => $lang->move_copy_thread, 999 'stick' => $lang->stick_unstick_thread, 1000 'merge' => $lang->merge_threads, 1001 'removeredirects' => $lang->remove_redirects, 1002 'removesubscriptions' => $lang->remove_subscriptions, 1003 'approveunapprovethread' => $lang->approve_unapprove_thread 1004 ); 1005 1006 switch($db->type) 1007 { 1008 case "pgsql": 1009 case "sqlite": 1010 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 1011 break; 1012 default: 1013 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 1014 } 1015 while($tool = $db->fetch_array($query)) 1016 { 1017 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 1018 } 1019 1020 $forum_cache = $cache->read("forums"); 1021 1022 $trow = alt_trow(1); 1023 switch($db->type) 1024 { 1025 case "pgsql": 1026 case "sqlite": 1027 $query = $db->query(" 1028 SELECT d.*, u.username, f.name AS fname 1029 FROM ".TABLE_PREFIX."delayedmoderation d 1030 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1031 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1032 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 1033 ORDER BY d.dateline DESC 1034 LIMIT 0, 20 1035 "); 1036 break; 1037 default: 1038 $query = $db->query(" 1039 SELECT d.*, u.username, f.name AS fname 1040 FROM ".TABLE_PREFIX."delayedmoderation d 1041 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1042 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1043 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 1044 ORDER BY d.dateline DESC 1045 LIMIT 0, 20 1046 "); 1047 } 1048 while($delayedmod = $db->fetch_array($query)) 1049 { 1050 $delayedmod['dateline'] = my_date("jS M Y, G:i", $delayedmod['delaydateline']); 1051 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 1052 $delayedmod['action'] = $actions[$delayedmod['type']]; 1053 $info = ''; 1054 if(strpos($delayedmod['tids'], ',') === false) 1055 { 1056 $info .= "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($delayedmod['tids'])."\">{$thread['subject']}</a><br />"; 1057 } 1058 else 1059 { 1060 $info .= "<strong>{$lang->thread}</strong> {$lang->multiple_threads}<br />"; 1061 } 1062 1063 if($delayedmod['fname']) 1064 { 1065 $info .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($delayedmod['fid'])."\">".htmlspecialchars_uni($delayedmod['fname'])."</a><br />"; 1066 } 1067 $delayedmod['inputs'] = unserialize($delayedmod['inputs']); 1068 1069 if($delayedmod['type'] == 'move') 1070 { 1071 $info .= "<strong>{$lang->new_forum}</strong> <a href=\"".get_forum_link($delayedmod['inputs']['new_forum'])."\">".htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name'])."</a><br />"; 1072 if($delayedmod['inputs']['method'] == "redirect") 1073 { 1074 $info .= "<strong>{$lang->leave_redirect_for}</strong> ".intval($delayedmod['inputs']['redirect_expire'])." {$lang->days}<br />"; 1075 } 1076 } 1077 else if($delayedmod['type'] == 'merge') 1078 { 1079 $info .= "<strong>{$lang->new_subject}</strong> ".htmlspecialchars_uni($delayedmod['inputs']['subject'])."<br />"; 1080 $info .= "<strong>{$lang->thread_to_merge_with}</strong> <a href=\"".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."\">".htmlspecialchars_uni($delayedmod['inputs']['threadurl'])."</a><br />"; 1081 } 1082 1083 eval("\$delayedmods .= \"".$templates->get("moderation_threadnotes_delayedmodaction")."\";"); 1084 $trow = alt_trow(); 1085 } 1086 if(!$delayedmods) 1087 { 1088 $delayedmods = "<tr><td class=\"trow1\" colspan=\"4\">{$lang->no_delayed_mods}</td></tr>"; 1089 } 1090 1091 $plugins->run_hooks("moderation_threadnotes"); 1092 1093 eval("\$threadnotes = \"".$templates->get("moderation_threadnotes")."\";"); 1094 output_page($threadnotes); 1095 break; 1096 1097 // Update the thread notes! 1098 case "do_threadnotes": 1099 1100 // Verify incoming POST request 1101 verify_post_check($mybb->input['my_post_key']); 1102 1103 if(!is_moderator($fid, "canmanagethreads")) 1104 { 1105 error_no_permission(); 1106 } 1107 1108 $plugins->run_hooks("moderation_do_threadnotes"); 1109 1110 log_moderator_action($modlogdata, $lang->thread_notes_edited); 1111 $sqlarray = array( 1112 "notes" => $db->escape_string($mybb->input['threadnotes']), 1113 ); 1114 $db->update_query("threads", $sqlarray, "tid='$tid'"); 1115 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadnotesupdated); 1116 break; 1117 1118 // Lets look up the ip address of a post 1119 case "getip": 1120 add_breadcrumb($lang->nav_getip); 1121 if(!is_moderator($fid, "canviewips")) 1122 { 1123 error_no_permission(); 1124 } 1125 1126 $hostname = @gethostbyaddr($post['ipaddress']); 1127 if(!$hostname || $hostname == $post['ipaddress']) 1128 { 1129 $hostname = $lang->resolve_fail; 1130 } 1131 1132 $username = build_profile_link($post['username'], $post['uid']); 1133 1134 // Moderator options 1135 $modoptions = ""; 1136 if($mybb->usergroup['canmodcp'] == 1) 1137 { 1138 eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";"); 1139 } 1140 1141 eval("\$getip = \"".$templates->get("moderation_getip")."\";"); 1142 output_page($getip); 1143 break; 1144 1145 // Merge threads 1146 case "merge": 1147 add_breadcrumb($lang->nav_merge); 1148 if(!is_moderator($fid, "canmanagethreads")) 1149 { 1150 error_no_permission(); 1151 } 1152 1153 $plugins->run_hooks("moderation_merge"); 1154 1155 eval("\$merge = \"".$templates->get("moderation_merge")."\";"); 1156 output_page($merge); 1157 break; 1158 1159 // Lets get those threads together baby! (Merge threads) 1160 case "do_merge": 1161 1162 // Verify incoming POST request 1163 verify_post_check($mybb->input['my_post_key']); 1164 1165 if(!is_moderator($fid, "canmanagethreads")) 1166 { 1167 error_no_permission(); 1168 } 1169 1170 $plugins->run_hooks("moderation_do_merge"); 1171 1172 // explode at # sign in a url (indicates a name reference) and reassign to the url 1173 $realurl = explode("#", $mybb->input['threadurl']); 1174 $mybb->input['threadurl'] = $realurl[0]; 1175 1176 // Are we using an SEO URL? 1177 if(substr($mybb->input['threadurl'], -4) == "html") 1178 { 1179 // Get thread to merge's tid the SEO way 1180 preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch); 1181 preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch); 1182 1183 if($threadmatch[1]) 1184 { 1185 $parameters['tid'] = $threadmatch[1]; 1186 } 1187 1188 if($postmatch[1]) 1189 { 1190 $parameters['pid'] = $postmatch[1]; 1191 } 1192 } 1193 else 1194 { 1195 // Get thread to merge's tid the normal way 1196 $splitloc = explode(".php", $mybb->input['threadurl']); 1197 $temp = explode("&", my_substr($splitloc[1], 1)); 1198 1199 if(!empty($temp)) 1200 { 1201 for($i = 0; $i < count($temp); $i++) 1202 { 1203 $temp2 = explode("=", $temp[$i], 2); 1204 $parameters[$temp2[0]] = $temp2[1]; 1205 } 1206 } 1207 else 1208 { 1209 $temp2 = explode("=", $splitloc[1], 2); 1210 $parameters[$temp2[0]] = $temp2[1]; 1211 } 1212 } 1213 1214 if($parameters['pid'] && !$parameters['tid']) 1215 { 1216 $query = $db->simple_select("posts", "*", "pid='".intval($parameters['pid'])."'"); 1217 $post = $db->fetch_array($query); 1218 $mergetid = $post['tid']; 1219 } 1220 elseif($parameters['tid']) 1221 { 1222 $mergetid = $parameters['tid']; 1223 } 1224 $mergetid = intval($mergetid); 1225 $query = $db->simple_select("threads", "*", "tid='".intval($mergetid)."'"); 1226 $mergethread = $db->fetch_array($query); 1227 if(!$mergethread['tid']) 1228 { 1229 error($lang->error_badmergeurl); 1230 } 1231 if($mergetid == $tid) 1232 { // sanity check 1233 error($lang->error_mergewithself); 1234 } 1235 if(!is_moderator($mergethread['fid'], "canmanagethreads")) 1236 { 1237 error_no_permission(); 1238 } 1239 if($mybb->input['subject']) 1240 { 1241 $subject = $mybb->input['subject']; 1242 } 1243 else 1244 { 1245 $subject = $thread['subject']; 1246 } 1247 1248 $moderation->merge_threads($mergetid, $tid, $subject); 1249 1250 log_moderator_action($modlogdata, $lang->thread_merged); 1251 1252 moderation_redirect(get_thread_link($tid), $lang->redirect_threadsmerged); 1253 break; 1254 1255 // Divorce the posts in this thread (Split!) 1256 case "split": 1257 add_breadcrumb($lang->nav_split); 1258 if(!is_moderator($fid, "canmanagethreads")) 1259 { 1260 error_no_permission(); 1261 } 1262 $query = $db->query(" 1263 SELECT p.*, u.* 1264 FROM ".TABLE_PREFIX."posts p 1265 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 1266 WHERE tid='$tid' 1267 ORDER BY dateline ASC 1268 "); 1269 $numposts = $db->num_rows($query); 1270 if($numposts <= "1") 1271 { 1272 error($lang->error_cantsplitonepost); 1273 } 1274 1275 $altbg = "trow1"; 1276 $posts = ''; 1277 while($post = $db->fetch_array($query)) 1278 { 1279 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 1280 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 1281 $parser_options = array( 1282 "allow_html" => $forum['allowhtml'], 1283 "allow_mycode" => $forum['allowmycode'], 1284 "allow_smilies" => $forum['allowsmilies'], 1285 "allow_imgcode" => $forum['allowimgcode'], 1286 "allow_videocode" => $forum['allowvideocode'], 1287 "filter_badwords" => 1 1288 ); 1289 if($post['smilieoff'] == 1) 1290 { 1291 $parser_options['allow_smilies'] = 0; 1292 } 1293 1294 $message = $parser->parse_message($post['message'], $parser_options); 1295 eval("\$posts .= \"".$templates->get("moderation_split_post")."\";"); 1296 $altbg = alt_trow(); 1297 } 1298 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 1299 1300 $plugins->run_hooks("moderation_split"); 1301 1302 eval("\$split = \"".$templates->get("moderation_split")."\";"); 1303 output_page($split); 1304 break; 1305 1306 // Lets break them up buddy! (Do the split) 1307 case "do_split": 1308 1309 // Verify incoming POST request 1310 verify_post_check($mybb->input['my_post_key']); 1311 1312 if(!is_moderator($fid, "canmanagethreads")) 1313 { 1314 error_no_permission(); 1315 } 1316 1317 $plugins->run_hooks("moderation_do_split"); 1318 1319 if(!is_array($mybb->input['splitpost'])) 1320 { 1321 error($lang->error_nosplitposts); 1322 } 1323 $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'"); 1324 $count = $db->fetch_array($query); 1325 1326 if($count['totalposts'] == 1) 1327 { 1328 error($lang->error_cantsplitonepost); 1329 } 1330 1331 if($count['totalposts'] == count($mybb->input['splitpost'])) 1332 { 1333 error($lang->error_cantsplitall); 1334 } 1335 1336 if($mybb->input['moveto']) 1337 { 1338 $moveto = intval($mybb->input['moveto']); 1339 } 1340 else 1341 { 1342 $moveto = $fid; 1343 } 1344 1345 $newforum = get_forum($moveto); 1346 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 1347 { 1348 error($lang->error_invalidforum); 1349 } 1350 1351 // move the selected posts over 1352 $query = $db->simple_select("posts", "pid", "tid='$tid'"); 1353 while($post = $db->fetch_array($query)) 1354 { 1355 if($mybb->input['splitpost'][$post['pid']] == 1) 1356 { 1357 $pids[] = $post['pid']; 1358 } 1359 mark_reports($post['pid'], "post"); 1360 } 1361 1362 $newtid = $moderation->split_posts($pids, $tid, $moveto, $mybb->input['newsubject']); 1363 1364 log_moderator_action($modlogdata, $lang->thread_split); 1365 1366 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 1367 break; 1368 1369 // Delete Thread Subscriptions 1370 case "removesubscriptions": 1371 if(!is_moderator($fid, "canmanagethreads")) 1372 { 1373 error_no_permission(); 1374 } 1375 1376 $plugins->run_hooks("moderation_removesubscriptions"); 1377 1378 $moderation->remove_thread_subscriptions($tid, true); 1379 1380 log_moderator_action($modlogdata, $lang->removed_subscriptions); 1381 1382 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_removed_subscriptions); 1383 break; 1384 1385 // Delete Threads - Inline moderation 1386 case "multideletethreads": 1387 add_breadcrumb($lang->nav_multi_deletethreads); 1388 1389 if(!empty($mybb->input['searchid'])) 1390 { 1391 // From search page 1392 $threads = getids($mybb->input['searchid'], 'search'); 1393 if(!is_moderator_by_tids($threads, 'candeleteposts')) 1394 { 1395 error_no_permission(); 1396 } 1397 } 1398 else 1399 { 1400 $threads = getids($fid, 'forum'); 1401 if(!is_moderator($fid, 'candeleteposts')) 1402 { 1403 error_no_permission(); 1404 } 1405 } 1406 if(count($threads) < 1) 1407 { 1408 error($lang->error_inline_nothreadsselected); 1409 } 1410 1411 $inlineids = implode("|", $threads); 1412 if($mybb->input['inlinetype'] == 'search') 1413 { 1414 clearinline($mybb->input['searchid'], 'search'); 1415 } 1416 else 1417 { 1418 clearinline($fid, 'forum'); 1419 } 1420 $return_url = htmlspecialchars_uni($mybb->input['url']); 1421 eval("\$multidelete = \"".$templates->get("moderation_inline_deletethreads")."\";"); 1422 output_page($multidelete); 1423 break; 1424 1425 // Actually delete the threads - Inline moderation 1426 case "do_multideletethreads": 1427 1428 // Verify incoming POST request 1429 verify_post_check($mybb->input['my_post_key']); 1430 1431 $threadlist = explode("|", $mybb->input['threads']); 1432 if(!is_moderator_by_tids($threadlist, "candeleteposts")) 1433 { 1434 error_no_permission(); 1435 } 1436 foreach($threadlist as $tid) 1437 { 1438 $tid = intval($tid); 1439 $moderation->delete_thread($tid); 1440 $tlist[] = $tid; 1441 } 1442 log_moderator_action($modlogdata, $lang->multi_deleted_threads); 1443 if($mybb->input['inlinetype'] == 'search') 1444 { 1445 clearinline($mybb->input['searchid'], 'search'); 1446 } 1447 else 1448 { 1449 clearinline($fid, 'forum'); 1450 } 1451 mark_reports($tlist, "threads"); 1452 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsdeleted); 1453 break; 1454 1455 // Open threads - Inline moderation 1456 case "multiopenthreads": 1457 1458 // Verify incoming POST request 1459 verify_post_check($mybb->input['my_post_key']); 1460 1461 if(!empty($mybb->input['searchid'])) 1462 { 1463 // From search page 1464 $threads = getids($mybb->input['searchid'], 'search'); 1465 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1466 { 1467 error_no_permission(); 1468 } 1469 } 1470 else 1471 { 1472 $threads = getids($fid, 'forum'); 1473 if(!is_moderator($fid, 'canopenclosethreads')) 1474 { 1475 error_no_permission(); 1476 } 1477 } 1478 1479 if(count($threads) < 1) 1480 { 1481 error($lang->error_inline_nothreadsselected); 1482 } 1483 1484 $moderation->open_threads($threads); 1485 1486 log_moderator_action($modlogdata, $lang->multi_opened_threads); 1487 if($mybb->input['inlinetype'] == 'search') 1488 { 1489 clearinline($mybb->input['searchid'], 'search'); 1490 } 1491 else 1492 { 1493 clearinline($fid, 'forum'); 1494 } 1495 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsopened); 1496 break; 1497 1498 // Close threads - Inline moderation 1499 case "multiclosethreads": 1500 1501 // Verify incoming POST request 1502 verify_post_check($mybb->input['my_post_key']); 1503 1504 if(!empty($mybb->input['searchid'])) 1505 { 1506 // From search page 1507 $threads = getids($mybb->input['searchid'], 'search'); 1508 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1509 { 1510 error_no_permission(); 1511 } 1512 } 1513 else 1514 { 1515 $threads = getids($fid, 'forum'); 1516 if(!is_moderator($fid, 'canmanagethreads')) 1517 { 1518 error_no_permission(); 1519 } 1520 } 1521 if(count($threads) < 1) 1522 { 1523 error($lang->error_inline_nothreadsselected); 1524 } 1525 1526 $moderation->close_threads($threads); 1527 1528 log_moderator_action($modlogdata, $lang->multi_closed_threads); 1529 if($mybb->input['inlinetype'] == 'search') 1530 { 1531 clearinline($mybb->input['searchid'], 'search'); 1532 } 1533 else 1534 { 1535 clearinline($fid, 'forum'); 1536 } 1537 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsclosed); 1538 break; 1539 1540 // Approve threads - Inline moderation 1541 case "multiapprovethreads": 1542 1543 // Verify incoming POST request 1544 verify_post_check($mybb->input['my_post_key']); 1545 1546 if(!empty($mybb->input['searchid'])) 1547 { 1548 // From search page 1549 $threads = getids($mybb->input['searchid'], 'search'); 1550 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1551 { 1552 error_no_permission(); 1553 } 1554 } 1555 else 1556 { 1557 $threads = getids($fid, 'forum'); 1558 if(!is_moderator($fid, 'canmanagethreads')) 1559 { 1560 error_no_permission(); 1561 } 1562 } 1563 if(count($threads) < 1) 1564 { 1565 error($lang->error_inline_nothreadsselected); 1566 } 1567 1568 $moderation->approve_threads($threads, $fid); 1569 1570 log_moderator_action($modlogdata, $lang->multi_approved_threads); 1571 if($mybb->input['inlinetype'] == 'search') 1572 { 1573 clearinline($mybb->input['searchid'], 'search'); 1574 } 1575 else 1576 { 1577 clearinline($fid, 'forum'); 1578 } 1579 $cache->update_stats(); 1580 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsapproved); 1581 break; 1582 1583 // Unapprove threads - Inline moderation 1584 case "multiunapprovethreads": 1585 1586 // Verify incoming POST request 1587 verify_post_check($mybb->input['my_post_key']); 1588 1589 if(!empty($mybb->input['searchid'])) 1590 { 1591 // From search page 1592 $threads = getids($mybb->input['searchid'], 'search'); 1593 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1594 { 1595 error_no_permission(); 1596 } 1597 } 1598 else 1599 { 1600 $threads = getids($fid, 'forum'); 1601 if(!is_moderator($fid, 'canmanagethreads')) 1602 { 1603 error_no_permission(); 1604 } 1605 } 1606 if(count($threads) < 1) 1607 { 1608 error($lang->error_inline_nothreadsselected); 1609 } 1610 1611 $moderation->unapprove_threads($threads, $fid); 1612 1613 log_moderator_action($modlogdata, $lang->multi_unapproved_threads); 1614 if($mybb->input['inlinetype'] == 'search') 1615 { 1616 clearinline($mybb->input['searchid'], 'search'); 1617 } 1618 else 1619 { 1620 clearinline($fid, 'forum'); 1621 } 1622 $cache->update_stats(); 1623 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunapproved); 1624 break; 1625 1626 // Stick threads - Inline moderation 1627 case "multistickthreads": 1628 1629 // Verify incoming POST request 1630 verify_post_check($mybb->input['my_post_key']); 1631 1632 if(!empty($mybb->input['searchid'])) 1633 { 1634 // From search page 1635 $threads = getids($mybb->input['searchid'], 'search'); 1636 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1637 { 1638 error_no_permission(); 1639 } 1640 } 1641 else 1642 { 1643 $threads = getids($fid, 'forum'); 1644 if(!is_moderator($fid, 'canopenclosethreads')) 1645 { 1646 error_no_permission(); 1647 } 1648 } 1649 if(count($threads) < 1) 1650 { 1651 error($lang->error_inline_nothreadsselected); 1652 } 1653 1654 $moderation->stick_threads($threads); 1655 1656 log_moderator_action($modlogdata, $lang->multi_stuck_threads); 1657 if($mybb->input['inlinetype'] == 'search') 1658 { 1659 clearinline($mybb->input['searchid'], 'search'); 1660 } 1661 else 1662 { 1663 clearinline($fid, 'forum'); 1664 } 1665 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsstuck); 1666 break; 1667 1668 // Unstick threads - Inline moderaton 1669 case "multiunstickthreads": 1670 1671 // Verify incoming POST request 1672 verify_post_check($mybb->input['my_post_key']); 1673 1674 if(!empty($mybb->input['searchid'])) 1675 { 1676 // From search page 1677 $threads = getids($mybb->input['searchid'], 'search'); 1678 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1679 { 1680 error_no_permission(); 1681 } 1682 } 1683 else 1684 { 1685 $threads = getids($fid, 'forum'); 1686 if(!is_moderator($fid, 'canopenclosethreads')) 1687 { 1688 error_no_permission(); 1689 } 1690 } 1691 if(count($threads) < 1) 1692 { 1693 error($lang->error_inline_nothreadsselected); 1694 } 1695 1696 $moderation->unstick_threads($threads); 1697 1698 log_moderator_action($modlogdata, $lang->multi_unstuck_threads); 1699 if($mybb->input['inlinetype'] == 'search') 1700 { 1701 clearinline($mybb->input['searchid'], 'search'); 1702 } 1703 else 1704 { 1705 clearinline($fid, 'forum'); 1706 } 1707 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunstuck); 1708 break; 1709 1710 // Move threads - Inline moderation 1711 case "multimovethreads": 1712 add_breadcrumb($lang->nav_multi_movethreads); 1713 1714 if(!empty($mybb->input['searchid'])) 1715 { 1716 // From search page 1717 $threads = getids($mybb->input['searchid'], 'search'); 1718 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 1719 { 1720 error_no_permission(); 1721 } 1722 } 1723 else 1724 { 1725 $threads = getids($fid, 'forum'); 1726 if(!is_moderator($fid, 'canmanagethreads')) 1727 { 1728 error_no_permission(); 1729 } 1730 } 1731 1732 if(count($threads) < 1) 1733 { 1734 error($lang->error_inline_nothreadsselected); 1735 } 1736 $inlineids = implode("|", $threads); 1737 if($mybb->input['inlinetype'] == 'search') 1738 { 1739 clearinline($mybb->input['searchid'], 'search'); 1740 } 1741 else 1742 { 1743 clearinline($fid, 'forum'); 1744 } 1745 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 1746 $return_url = htmlspecialchars_uni($mybb->input['url']); 1747 eval("\$movethread = \"".$templates->get("moderation_inline_movethreads")."\";"); 1748 output_page($movethread); 1749 break; 1750 1751 // Actually move the threads in Inline moderation 1752 case "do_multimovethreads": 1753 1754 // Verify incoming POST request 1755 verify_post_check($mybb->input['my_post_key']); 1756 1757 $moveto = intval($mybb->input['moveto']); 1758 $threadlist = explode("|", $mybb->input['threads']); 1759 if(!is_moderator_by_tids($threadlist, 'canmanagethreads')) 1760 { 1761 error_no_permission(); 1762 } 1763 foreach($threadlist as $tid) 1764 { 1765 $tids[] = intval($tid); 1766 } 1767 // Make sure moderator has permission to move to the new forum 1768 $newperms = forum_permissions($moveto); 1769 if(($newperms['canview'] == 0 || !is_moderator($moveto, 'canmanagethreads')) && !is_moderator_by_tids($tids, 'canmovetononmodforum')) 1770 { 1771 error_no_permission(); 1772 } 1773 1774 $newforum = get_forum($moveto); 1775 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 1776 { 1777 error($lang->error_invalidforum); 1778 } 1779 1780 $moderation->move_threads($tids, $moveto); 1781 1782 log_moderator_action($modlogdata, $lang->multi_moved_threads); 1783 1784 moderation_redirect(get_forum_link($moveto), $lang->redirect_inline_threadsmoved); 1785 break; 1786 1787 // Delete posts - Inline moderation 1788 case "multideleteposts": 1789 add_breadcrumb($lang->nav_multi_deleteposts); 1790 1791 if($mybb->input['inlinetype'] == 'search') 1792 { 1793 $posts = getids($mybb->input['searchid'], 'search'); 1794 } 1795 else 1796 { 1797 $posts = getids($tid, 'thread'); 1798 } 1799 1800 if(count($posts) < 1) 1801 { 1802 error($lang->error_inline_nopostsselected); 1803 } 1804 if(!is_moderator_by_pids($posts, "candeleteposts")) 1805 { 1806 error_no_permission(); 1807 } 1808 $inlineids = implode("|", $posts); 1809 if($mybb->input['inlinetype'] == 'search') 1810 { 1811 clearinline($mybb->input['searchid'], 'search'); 1812 } 1813 else 1814 { 1815 clearinline($tid, 'thread'); 1816 } 1817 1818 $return_url = htmlspecialchars_uni($mybb->input['url']); 1819 1820 eval("\$multidelete = \"".$templates->get("moderation_inline_deleteposts")."\";"); 1821 output_page($multidelete); 1822 break; 1823 1824 // Actually delete the posts in inline moderation 1825 case "do_multideleteposts": 1826 1827 // Verify incoming POST request 1828 verify_post_check($mybb->input['my_post_key']); 1829 1830 $postlist = explode("|", $mybb->input['posts']); 1831 if(!is_moderator_by_pids($postlist, "candeleteposts")) 1832 { 1833 error_no_permission(); 1834 } 1835 $postlist = array_map('intval', $postlist); 1836 $pids = implode(',', $postlist); 1837 1838 $tids = array(); 1839 if($pids) 1840 { 1841 $query = $db->simple_select("threads", "tid", "firstpost IN({$pids})"); 1842 while($threadid = $db->fetch_field($query, "tid")) 1843 { 1844 $tids[] = $threadid; 1845 } 1846 } 1847 1848 $deletecount = 0; 1849 foreach($postlist as $pid) 1850 { 1851 $pid = intval($pid); 1852 $moderation->delete_post($pid); 1853 $plist[] = $pid; 1854 $deletecount++; 1855 } 1856 1857 // If we have multiple threads, we must be coming from the search 1858 if(!empty($tids)) 1859 { 1860 foreach($tids as $tid) 1861 { 1862 $moderation->delete_thread($tid); 1863 mark_reports($tid, "thread"); 1864 $url = get_forum_link($fid); 1865 } 1866 } 1867 // Otherwise we're just deleting from showthread.php 1868 else 1869 { 1870 $query = $db->simple_select("posts", "*", "tid='$tid'"); 1871 $numposts = $db->num_rows($query); 1872 if(!$numposts) 1873 { 1874 $moderation->delete_thread($tid); 1875 mark_reports($tid, "thread"); 1876 $url = get_forum_link($fid); 1877 } 1878 else 1879 { 1880 mark_reports($plist, "posts"); 1881 $url = get_thread_link($thread['tid']); 1882 } 1883 } 1884 1885 $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount); 1886 log_moderator_action($modlogdata, $lang->deleted_selective_posts); 1887 moderation_redirect($url, $lang->redirect_postsdeleted); 1888 break; 1889 1890 // Merge posts - Inline moderation 1891 case "multimergeposts": 1892 add_breadcrumb($lang->nav_multi_mergeposts); 1893 1894 if($mybb->input['inlinetype'] == 'search') 1895 { 1896 $posts = getids($mybb->input['searchid'], 'search'); 1897 } 1898 else 1899 { 1900 $posts = getids($tid, 'thread'); 1901 } 1902 1903 // Add the selected posts from other threads 1904 foreach($mybb->cookies as $key => $value) 1905 { 1906 if(strpos($key, "inlinemod_thread") !== false && $key != "inlinemod_thread$tid") 1907 { 1908 $inlinepostlist = explode("|", $mybb->cookies[$key]); 1909 foreach($inlinepostlist as $p) 1910 { 1911 $p = intval($p); 1912 1913 if(!empty($p)) 1914 { 1915 $posts[] = intval($p); 1916 } 1917 } 1918 // Remove the cookie once its data is retrieved 1919 my_unsetcookie($key); 1920 } 1921 } 1922 1923 if(empty($posts)) 1924 { 1925 error($lang->error_inline_nopostsselected); 1926 } 1927 1928 if(!is_moderator_by_pids($posts, "canmanagethreads")) 1929 { 1930 error_no_permission(); 1931 } 1932 1933 $postlist = ""; 1934 $query = $db->query(" 1935 SELECT p.*, u.* 1936 FROM ".TABLE_PREFIX."posts p 1937 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 1938 WHERE pid IN (".implode($posts, ",").") 1939 ORDER BY dateline ASC 1940 "); 1941 $altbg = "trow1"; 1942 while($post = $db->fetch_array($query)) 1943 { 1944 $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); 1945 $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); 1946 $parser_options = array( 1947 "allow_html" => $forum['allowhtml'], 1948 "allow_mycode" => $forum['allowmycode'], 1949 "allow_smilies" => $forum['allowsmilies'], 1950 "allow_imgcode" => $forum['allowimgcode'], 1951 "allow_videocode" => $forum['allowvideocode'], 1952 "filter_badwords" => 1 1953 ); 1954 if($post['smilieoff'] == 1) 1955 { 1956 $parser_options['allow_smilies'] = 0; 1957 } 1958 1959 $message = $parser->parse_message($post['message'], $parser_options); 1960 eval("\$postlist .= \"".$templates->get("moderation_mergeposts_post")."\";"); 1961 $altbg = alt_trow(); 1962 } 1963 1964 $inlineids = implode("|", $posts); 1965 if($mybb->input['inlinetype'] == 'search') 1966 { 1967 clearinline($mybb->input['searchid'], 'search'); 1968 } 1969 else 1970 { 1971 clearinline($tid, 'thread'); 1972 } 1973 1974 $return_url = htmlspecialchars_uni($mybb->input['url']); 1975 1976 eval("\$multimerge = \"".$templates->get("moderation_inline_mergeposts")."\";"); 1977 output_page($multimerge); 1978 break; 1979 1980 // Actually merge the posts - Inline moderation 1981 case "do_multimergeposts": 1982 1983 // Verify incoming POST request 1984 verify_post_check($mybb->input['my_post_key']); 1985 1986 $mergepost = $mybb->input['mergepost']; 1987 if(count($mergepost) <= 1) 1988 { 1989 error($lang->error_nomergeposts); 1990 } 1991 1992 foreach($mergepost as $pid => $yes) 1993 { 1994 $postlist[] = intval($pid); 1995 } 1996 1997 if(!is_moderator_by_pids($postlist, "canmanagethreads")) 1998 { 1999 error_no_permission(); 2000 } 2001 2002 foreach($postlist as $pid) 2003 { 2004 $pid = intval($pid); 2005 $plist[] = $pid; 2006 } 2007 2008 $masterpid = $moderation->merge_posts($plist, $tid, $mybb->input['sep']); 2009 2010 mark_reports($plist, "posts"); 2011 log_moderator_action($modlogdata, $lang->merged_selective_posts); 2012 moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_inline_postsmerged); 2013 break; 2014 2015 // Split posts - Inline moderation 2016 case "multisplitposts": 2017 add_breadcrumb($lang->nav_multi_splitposts); 2018 2019 if($mybb->input['inlinetype'] == 'search') 2020 { 2021 $posts = getids($mybb->input['searchid'], 'search'); 2022 } 2023 else 2024 { 2025 $posts = getids($tid, 'thread'); 2026 } 2027 2028 if(count($posts) < 1) 2029 { 2030 error($lang->error_inline_nopostsselected); 2031 } 2032 2033 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2034 { 2035 error_no_permission(); 2036 } 2037 $posts = array_map('intval', $posts); 2038 $pidin = implode(',', $posts); 2039 2040 // Make sure that we are not splitting a thread with one post 2041 // Select number of posts in each thread that the splitted post is in 2042 $query = $db->query(" 2043 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2044 FROM ".TABLE_PREFIX."posts p 2045 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2046 WHERE p.pid IN ($pidin) 2047 GROUP BY p.tid, p.pid 2048 "); 2049 $threads = $pcheck = array(); 2050 while($tcheck = $db->fetch_array($query)) 2051 { 2052 if(intval($tcheck['count']) <= 1) 2053 { 2054 error($lang->error_cantsplitonepost); 2055 } 2056 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2057 } 2058 2059 // Make sure that we are not splitting all posts in the thread 2060 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2061 $query = $db->query(" 2062 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2063 FROM ".TABLE_PREFIX."posts p 2064 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2065 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2066 GROUP BY p.tid, p.pid 2067 "); 2068 $pcheck2 = array(); 2069 while($tcheck = $db->fetch_array($query)) 2070 { 2071 if($tcheck['count'] > 0) 2072 { 2073 $pcheck2[] = $tcheck['tid']; 2074 } 2075 } 2076 if(count($pcheck2) != count($pcheck)) 2077 { 2078 // One or more threads do not have posts after splitting 2079 error($lang->error_cantsplitall); 2080 } 2081 2082 $inlineids = implode("|", $posts); 2083 if($mybb->input['inlinetype'] == 'search') 2084 { 2085 clearinline($mybb->input['searchid'], 'search'); 2086 } 2087 else 2088 { 2089 clearinline($tid, 'thread'); 2090 } 2091 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 2092 eval("\$splitposts = \"".$templates->get("moderation_inline_splitposts")."\";"); 2093 output_page($splitposts); 2094 break; 2095 2096 // Actually split the posts - Inline moderation 2097 case "do_multisplitposts": 2098 2099 // Verify incoming POST request 2100 verify_post_check($mybb->input['my_post_key']); 2101 2102 $plist = array(); 2103 $postlist = explode("|", $mybb->input['posts']); 2104 foreach($postlist as $pid) 2105 { 2106 $pid = intval($pid); 2107 $plist[] = $pid; 2108 } 2109 2110 if(!is_moderator_by_pids($plist, "canmanagethreads")) 2111 { 2112 error_no_permission(); 2113 } 2114 2115 // Ensure all posts exist 2116 $posts = array(); 2117 if(!empty($plist)) 2118 { 2119 $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')'); 2120 while($pid = $db->fetch_field($query, 'pid')) 2121 { 2122 $posts[] = $pid; 2123 } 2124 } 2125 2126 if(empty($posts)) 2127 { 2128 error($lang->error_inline_nopostsselected); 2129 } 2130 2131 $pidin = implode(',', $posts); 2132 2133 // Make sure that we are not splitting a thread with one post 2134 // Select number of posts in each thread that the splitted post is in 2135 $query = $db->query(" 2136 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2137 FROM ".TABLE_PREFIX."posts p 2138 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2139 WHERE p.pid IN ($pidin) 2140 GROUP BY p.tid, p.pid 2141 "); 2142 $pcheck = array(); 2143 while($tcheck = $db->fetch_array($query)) 2144 { 2145 if(intval($tcheck['count']) <= 1) 2146 { 2147 error($lang->error_cantsplitonepost); 2148 } 2149 $pcheck[] = $tcheck['tid']; // Save tids for below 2150 } 2151 2152 // Make sure that we are not splitting all posts in the thread 2153 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2154 $query = $db->query(" 2155 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2156 FROM ".TABLE_PREFIX."posts p 2157 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2158 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2159 GROUP BY p.tid, p.pid 2160 "); 2161 $pcheck2 = array(); 2162 while($tcheck = $db->fetch_array($query)) 2163 { 2164 if($tcheck['count'] > 0) 2165 { 2166 $pcheck2[] = $tcheck['tid']; 2167 } 2168 } 2169 if(count($pcheck2) != count($pcheck)) 2170 { 2171 // One or more threads do not have posts after splitting 2172 error($lang->error_cantsplitall); 2173 } 2174 2175 if($mybb->input['moveto']) 2176 { 2177 $moveto = intval($mybb->input['moveto']); 2178 } 2179 else 2180 { 2181 $moveto = $fid; 2182 } 2183 2184 $newforum = get_forum($moveto); 2185 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 2186 { 2187 error($lang->error_invalidforum); 2188 } 2189 2190 $newsubject = $mybb->input['newsubject']; 2191 $newtid = $moderation->split_posts($posts, $tid, $moveto, $newsubject); 2192 2193 $pid_list = implode(', ', $posts); 2194 $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid); 2195 log_moderator_action($modlogdata, $lang->split_selective_posts); 2196 2197 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 2198 break; 2199 2200 // Approve posts - Inline moderation 2201 case "multiapproveposts": 2202 2203 // Verify incoming POST request 2204 verify_post_check($mybb->input['my_post_key']); 2205 2206 if($mybb->input['inlinetype'] == 'search') 2207 { 2208 $posts = getids($mybb->input['searchid'], 'search'); 2209 } 2210 else 2211 { 2212 $posts = getids($tid, 'thread'); 2213 } 2214 if(count($posts) < 1) 2215 { 2216 error($lang->error_inline_nopostsselected); 2217 } 2218 2219 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2220 { 2221 error_no_permission(); 2222 } 2223 2224 $pids = array(); 2225 foreach($posts as $pid) 2226 { 2227 $pids[] = intval($pid); 2228 } 2229 2230 $moderation->approve_posts($pids); 2231 2232 log_moderator_action($modlogdata, $lang->multi_approve_posts); 2233 if($mybb->input['inlinetype'] == 'search') 2234 { 2235 clearinline($mybb->input['searchid'], 'search'); 2236 } 2237 else 2238 { 2239 clearinline($tid, 'thread'); 2240 } 2241 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsapproved); 2242 break; 2243 2244 // Unapprove posts - Inline moderation 2245 case "multiunapproveposts": 2246 2247 // Verify incoming POST request 2248 verify_post_check($mybb->input['my_post_key']); 2249 2250 if($mybb->input['inlinetype'] == 'search') 2251 { 2252 $posts = getids($mybb->input['searchid'], 'search'); 2253 } 2254 else 2255 { 2256 $posts = getids($tid, 'thread'); 2257 } 2258 2259 if(count($posts) < 1) 2260 { 2261 error($lang->error_inline_nopostsselected); 2262 } 2263 $pids = array(); 2264 2265 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2266 { 2267 error_no_permission(); 2268 } 2269 foreach($posts as $pid) 2270 { 2271 $pids[] = intval($pid); 2272 } 2273 2274 $moderation->unapprove_posts($pids); 2275 2276 log_moderator_action($modlogdata, $lang->multi_unapprove_posts); 2277 if($mybb->input['inlinetype'] == 'search') 2278 { 2279 clearinline($mybb->input['searchid'], 'search'); 2280 } 2281 else 2282 { 2283 clearinline($tid, 'thread'); 2284 } 2285 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsunapproved); 2286 break; 2287 default: 2288 require_once MYBB_ROOT."inc/class_custommoderation.php"; 2289 $custommod = new CustomModeration; 2290 $tool = $custommod->tool_info(intval($mybb->input['action'])); 2291 if($tool !== false) 2292 { 2293 // Verify incoming POST request 2294 verify_post_check($mybb->input['my_post_key']); 2295 2296 if($tool['type'] == 't' && $mybb->input['modtype'] == 'inlinethread') 2297 { 2298 if($mybb->input['inlinetype'] == 'search') 2299 { 2300 $tids = getids($mybb->input['searchid'], 'search'); 2301 } 2302 else 2303 { 2304 $tids = getids($fid, "forum"); 2305 } 2306 if(count($tids) < 1) 2307 { 2308 error($lang->error_inline_nopostsselected); 2309 } 2310 if(!is_moderator_by_tids($tids)) 2311 { 2312 error_no_permission(); 2313 } 2314 2315 $thread_options = unserialize($tool['threadoptions']); 2316 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 2317 { 2318 error($lang->error_movetocategory); 2319 } 2320 2321 $custommod->execute(intval($mybb->input['action']), $tids); 2322 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 2323 log_moderator_action($modlogdata, $lang->custom_tool); 2324 if($mybb->input['inlinetype'] == 'search') 2325 { 2326 clearinline($mybb->input['searchid'], 'search'); 2327 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 2328 $return_url = htmlspecialchars_uni($mybb->input['url']); 2329 redirect($return_url, $lang->redirect_customtool_search); 2330 } 2331 else 2332 { 2333 clearinline($fid, "forum"); 2334 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 2335 redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 2336 } 2337 break; 2338 } 2339 elseif($tool['type'] == 't' && $mybb->input['modtype'] == 'thread') 2340 { 2341 if(!is_moderator_by_tids($tid)) 2342 { 2343 error_no_permission(); 2344 } 2345 2346 $thread_options = unserialize($tool['threadoptions']); 2347 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 2348 { 2349 error($lang->error_movetocategory); 2350 } 2351 2352 $ret = $custommod->execute(intval($mybb->input['action']), $tid); 2353 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 2354 log_moderator_action($modlogdata, $lang->custom_tool); 2355 if($ret == 'forum') 2356 { 2357 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 2358 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 2359 } 2360 else 2361 { 2362 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 2363 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_customtool_thread); 2364 } 2365 break; 2366 } 2367 elseif($tool['type'] == 'p' && $mybb->input['modtype'] == 'inlinepost') 2368 { 2369 if($mybb->input['inlinetype'] == 'search') 2370 { 2371 $pids = getids($mybb->input['searchid'], 'search'); 2372 } 2373 else 2374 { 2375 $pids = getids($tid, 'thread'); 2376 } 2377 2378 if(count($pids) < 1) 2379 { 2380 error($lang->error_inline_nopostsselected); 2381 } 2382 if(!is_moderator_by_pids($pids)) 2383 { 2384 error_no_permission(); 2385 } 2386 2387 // Get threads which are associated with the posts 2388 $tids = array(); 2389 $options = array( 2390 'order_by' => 'dateline', 2391 'order_dir' => 'asc' 2392 ); 2393 $query = $db->simple_select("posts", "DISTINCT tid", "pid IN (".implode(',',$pids).")", $options); 2394 while($row = $db->fetch_array($query)) 2395 { 2396 $tids[] = $row['tid']; 2397 } 2398 2399 $ret = $custommod->execute(intval($mybb->input['action']), $tids, $pids); 2400 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 2401 log_moderator_action($modlogdata, $lang->custom_tool); 2402 if($mybb->input['inlinetype'] == 'search') 2403 { 2404 clearinline($mybb->input['searchid'], 'search'); 2405 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 2406 $return_url = htmlspecialchars_uni($mybb->input['url']); 2407 redirect($return_url, $lang->redirect_customtool_search); 2408 } 2409 else 2410 { 2411 clearinline($tid, 'thread'); 2412 if($ret == 'forum') 2413 { 2414 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 2415 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 2416 } 2417 else 2418 { 2419 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 2420 moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread); 2421 } 2422 } 2423 2424 break; 2425 } 2426 } 2427 error_no_permission(); 2428 break; 2429 } 2430 2431 // Some little handy functions for our inline moderation 2432 function getids($id, $type) 2433 { 2434 global $mybb; 2435 2436 $newids = array(); 2437 $cookie = "inlinemod_".$type.$id; 2438 $cookie_ids = explode("|", $mybb->cookies[$cookie]); 2439 2440 foreach($cookie_ids as $cookie_id) 2441 { 2442 if(empty($cookie_id)) 2443 { 2444 continue; 2445 } 2446 2447 if($cookie_id == 'ALL') 2448 { 2449 $newids += getallids($id, $type); 2450 } 2451 else 2452 { 2453 $newids[] = intval($cookie_id); 2454 } 2455 } 2456 2457 return $newids; 2458 } 2459 2460 function getallids($id, $type) 2461 { 2462 global $db, $mybb; 2463 2464 $ids = array(); 2465 2466 // Get any removed threads (after our user hit 'all') 2467 $removed_ids = array(); 2468 $cookie = "inlinemod_".$type.$id."_removed"; 2469 if($mybb->cookies[$cookie]) 2470 { 2471 $removed_ids = explode("|", $mybb->cookies[$cookie]); 2472 2473 if(!is_array($removed_ids)) 2474 { 2475 $removed_ids = array(); 2476 } 2477 } 2478 2479 // "Select all Threads in this forum" only supported by forumdisplay and search 2480 if($type == 'forum') 2481 { 2482 $query = $db->simple_select("threads", "tid", "fid='".intval($id)."'"); 2483 while($tid = $db->fetch_field($query, "tid")) 2484 { 2485 if(in_array($tid, $removed_ids)) 2486 { 2487 continue; 2488 } 2489 2490 $ids[] = $tid; 2491 } 2492 } 2493 else if($type == 'search') 2494 { 2495 $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($id)."' AND uid='{$mybb->user['uid']}'", 1); 2496 $searchlog = $db->fetch_array($query); 2497 if($searchlog['resulttype'] == 'posts') 2498 { 2499 $ids = explode(',', $searchlog['posts']); 2500 } 2501 else 2502 { 2503 $ids = explode(',', $searchlog['threads']); 2504 } 2505 2506 if(is_array($ids)) 2507 { 2508 foreach($ids as $key => $tid) 2509 { 2510 if(in_array($tid, $removed_ids)) 2511 { 2512 unset($ids[$key]); 2513 } 2514 } 2515 } 2516 } 2517 2518 return $ids; 2519 } 2520 2521 function clearinline($id, $type) 2522 { 2523 my_unsetcookie("inlinemod_".$type.$id); 2524 my_unsetcookie("inlinemod_".$type.$id."_removed"); 2525 } 2526 2527 function extendinline($id, $type) 2528 { 2529 global $mybb; 2530 2531 my_setcookie("inlinemod_$type$id", '', TIME_NOW+3600); 2532 my_setcookie("inlinemod_$type$id_removed", '', TIME_NOW+3600); 2533 } 2534 2535 /** 2536 * Checks if the current user is a moderator of all the posts specified 2537 * 2538 * Note: If no posts are specified, this function will return true. It is the 2539 * responsibility of the calling script to error-check this case if necessary. 2540 * 2541 * @param array Array of post IDs 2542 * @param string Permission to check 2543 * @returns bool True if moderator of all; false otherwise 2544 */ 2545 function is_moderator_by_pids($posts, $permission='') 2546 { 2547 global $db, $mybb; 2548 2549 // Speedy determination for supermods/admins and guests 2550 if($mybb->usergroup['issupermod']) 2551 { 2552 return true; 2553 } 2554 elseif(!$mybb->user['uid']) 2555 { 2556 return false; 2557 } 2558 // Make an array of threads if not an array 2559 if(!is_array($posts)) 2560 { 2561 $posts = array($posts); 2562 } 2563 // Validate input 2564 $posts = array_map('intval', $posts); 2565 $posts[] = 0; 2566 // Get forums 2567 $posts_string = implode(',', $posts); 2568 $query = $db->simple_select("posts", "DISTINCT fid", "pid IN ($posts_string)"); 2569 while($forum = $db->fetch_array($query)) 2570 { 2571 if(!is_moderator($forum['fid'], $permission)) 2572 { 2573 return false; 2574 } 2575 } 2576 return true; 2577 } 2578 2579 /** 2580 * Checks if the current user is a moderator of all the threads specified 2581 * 2582 * Note: If no threads are specified, this function will return true. It is the 2583 * responsibility of the calling script to error-check this case if necessary. 2584 * 2585 * @param array Array of thread IDs 2586 * @param string Permission to check 2587 * @returns bool True if moderator of all; false otherwise 2588 */ 2589 function is_moderator_by_tids($threads, $permission='') 2590 { 2591 global $db, $mybb; 2592 2593 // Speedy determination for supermods/admins and guests 2594 if($mybb->usergroup['issupermod']) 2595 { 2596 return true; 2597 } 2598 elseif(!$mybb->user['uid']) 2599 { 2600 return false; 2601 } 2602 // Make an array of threads if not an array 2603 if(!is_array($threads)) 2604 { 2605 $threads = array($threads); 2606 } 2607 // Validate input 2608 $threads = array_map('intval', $threads); 2609 $threads[] = 0; 2610 // Get forums 2611 $threads_string = implode(',', $threads); 2612 $query = $db->simple_select("threads", "DISTINCT fid", "tid IN ($threads_string)"); 2613 while($forum = $db->fetch_array($query)) 2614 { 2615 if(!is_moderator($forum['fid'], $permission)) 2616 { 2617 return false; 2618 } 2619 } 2620 return true; 2621 } 2622 2623 /** 2624 * Special redirect that takes a return URL into account 2625 * @param string URL 2626 * @param string Message 2627 * @param string Title 2628 */ 2629 function moderation_redirect($url, $message="", $title="") 2630 { 2631 global $mybb; 2632 if(!empty($mybb->input['url'])) 2633 { 2634 redirect(htmlentities($mybb->input['url']), $message, $title); 2635 } 2636 redirect($url, $message, $title); 2637 } 2638 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |