| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'warnings.php'); 14 15 $templatelist = 'warnings,warnings_warn_post,warnings_active_header,warnings_expired_header,warnings_warning,warnings_warn_existing,warnings_warn_type,warnings_warn_custom,warnings_warn_pm'; 16 $templatelist .= ',warnings_warn,warnings_view_post,warnings_view_user,warnings_view_revoke,warnings_view_revoked,warnings_view,warnings_no_warnings,codebuttons,smilieinsert_getmore,smilieinsert'; 17 $templatelist .= ',multipage_prevpage,multipage_start,multipage_end,multipage_nextpage,multipage,multipage_page_current'; 18 require_once "./global.php"; 19 require_once MYBB_ROOT."/inc/functions_warnings.php"; 20 require_once MYBB_ROOT."inc/functions_modcp.php"; 21 22 require_once MYBB_ROOT."inc/class_parser.php"; 23 $parser = new postParser; 24 25 $lang->load("warnings"); 26 27 if($mybb->settings['enablewarningsystem'] == 0) 28 { 29 error($lang->error_warning_system_disabled); 30 } 31 32 // Expire old warnings 33 expire_warnings(); 34 35 // Actually warn a user 36 if($mybb->input['action'] == "do_warn" && $mybb->request_method == "post") 37 { 38 // Verify incoming POST request 39 verify_post_check($mybb->input['my_post_key']); 40 41 if($mybb->usergroup['canwarnusers'] != 1) 42 { 43 error_no_permission(); 44 } 45 46 // Check we haven't exceeded the maximum number of warnings per day 47 if($mybb->usergroup['maxwarningsday'] != 0) 48 { 49 $timecut = TIME_NOW-60*60*24; 50 $query = $db->simple_select("warnings", "COUNT(wid) AS given_today", "issuedby='{$mybb->user['uid']}' AND dateline>'$timecut'"); 51 $given_today = $db->fetch_field($query, "given_today"); 52 if($given_today >= $mybb->usergroup['maxwarningsday']) 53 { 54 error($lang->sprintf($lang->reached_max_warnings_day, $mybb->usergroup['maxwarningsday'])); 55 } 56 } 57 58 $user = get_user(intval($mybb->input['uid'])); 59 if(!$user['uid']) 60 { 61 error($lang->error_invalid_user); 62 } 63 64 if($user['uid'] == $mybb->user['uid']) 65 { 66 error($lang->cannot_warn_self); 67 } 68 69 if($user['warningpoints'] >= $mybb->settings['maxwarningpoints']) 70 { 71 error($lang->user_reached_max_warning); 72 } 73 74 $group_permissions = user_permissions($user['uid']); 75 76 if($group_permissions['canreceivewarnings'] != 1) 77 { 78 error($lang->error_cant_warn_group); 79 } 80 81 if(!modcp_can_manage_user($user['uid'])) 82 { 83 error($lang->error_cant_warn_user); 84 } 85 86 // Is this warning being given for a post? 87 if($mybb->input['pid']) 88 { 89 $post = get_post(intval($mybb->input['pid'])); 90 $thread = get_thread($post['tid']); 91 if(!$post['pid'] || !$thread['tid']) 92 { 93 error($lang->error_invalid_post); 94 } 95 $forum_permissions = forum_permissions($thread['fid']); 96 if($forum_permissions['canview'] != 1) 97 { 98 error_no_permission(); 99 } 100 } 101 102 $plugins->run_hooks("warnings_do_warn_start"); 103 104 if(!trim($mybb->input['notes'])) 105 { 106 $warn_errors[] = $lang->error_no_note; 107 } 108 109 // Using a predefined warning type 110 if($mybb->input['type'] != "custom") 111 { 112 $query = $db->simple_select("warningtypes", "*", "tid='".intval($mybb->input['type'])."'"); 113 $warning_type = $db->fetch_array($query); 114 if(!$warning_type['tid']) 115 { 116 $warn_errors[] = $lang->error_invalid_type; 117 } 118 $points = $warning_type['points']; 119 $warning_title = ""; 120 if($warning_type['expirationtime']) 121 { 122 $warning_expires = TIME_NOW+$warning_type['expirationtime']; 123 } 124 } 125 // Issuing a custom warning 126 else 127 { 128 if($mybb->settings['allowcustomwarnings'] == 0) 129 { 130 $warn_errors[] = $lang->error_cant_custom_warn; 131 } 132 else 133 { 134 if(!$mybb->input['custom_reason']) 135 { 136 $warn_errors[] = $lang->error_no_custom_reason; 137 } 138 else 139 { 140 $warning_title = $mybb->input['custom_reason']; 141 } 142 if(!is_numeric($mybb->input['custom_points']) || $mybb->input['custom_points'] > $mybb->settings['maxwarningpoints'] || $mybb->input['custom_points'] < 0) 143 { 144 $warn_errors[] = $lang->sprintf($lang->error_invalid_custom_points, $mybb->settings['maxwarningpoints']); 145 } 146 else 147 { 148 $points = round((int)$mybb->input['custom_points']); 149 } 150 // Build expiry date 151 if($mybb->input['expires']) 152 { 153 $warning_expires = intval($mybb->input['expires']); 154 if($mybb->input['expires_period'] == "hours") 155 { 156 $warning_expires = $warning_expires*3600; 157 } 158 else if($mybb->input['expires_period'] == "days") 159 { 160 $warning_expires = $warning_expires*86400; 161 } 162 else if($mybb->input['expires_period'] == "weeks") 163 { 164 $warning_expires = $warning_expires*604800; 165 } 166 else if($mybb->input['expires_period'] == "months") 167 { 168 $warning_expires = $warning_expires*2592000; 169 } 170 // Add on current time and we're there! 171 if($mybb->input['expires_period'] != "never" && $warning_expires) 172 { 173 $warning_expires += TIME_NOW; 174 } 175 } 176 } 177 } 178 179 if($warning_expires <= TIME_NOW) 180 { 181 $warning_expires = 0; 182 } 183 184 // Are we notifying the user? 185 if(!$warn_errors && $mybb->input['send_pm'] == 1 && $group_permissions['canusepms'] != 0 && $mybb->settings['enablepms'] != 0) 186 { 187 // Bring up the PM handler 188 require_once MYBB_ROOT."inc/datahandlers/pm.php"; 189 $pmhandler = new PMDataHandler(); 190 191 $pm = array( 192 "subject" => $mybb->input['pm_subject'], 193 "message" => $mybb->input['pm_message'], 194 "fromid" => $mybb->user['uid'], 195 "toid" => array($user['uid']) 196 ); 197 198 $pm['options'] = array( 199 "signature" => $mybb->input['pm_options']['signature'], 200 "disablesmilies" => $mybb->input['pm_options']['disablesmilies'], 201 "savecopy" => $mybb->input['pm_options']['savecopy'], 202 "readreceipt" => $mybb->input['pm_options']['readreceipt'] 203 ); 204 205 $pmhandler->set_data($pm); 206 $pmhandler->admin_override = true; 207 208 // Now let the pm handler do all the hard work. 209 if(!$pmhandler->validate_pm()) 210 { 211 $pm_errors = $pmhandler->get_friendly_errors(); 212 if($warn_errors) 213 { 214 $warn_errors = array_merge($warn_errors, $pm_errors); 215 } 216 else 217 { 218 $warn_errors = $pm_errors; 219 } 220 } 221 else 222 { 223 $pminfo = $pmhandler->insert_pm(); 224 } 225 } 226 227 // No errors - save warning to database 228 if(!is_array($warn_errors)) 229 { 230 // Build warning level & ensure it doesn't go over 100. 231 $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 232 $new_warning_level = round(($user['warningpoints']+$points)/$mybb->settings['maxwarningpoints']*100); 233 if($new_warning_level > 100) 234 { 235 $new_warning_level = 100; 236 } 237 238 $new_warning = array( 239 "uid" => $user['uid'], 240 "tid" => intval($warning_type['tid']), 241 "pid" => intval($post['pid']), 242 "title" => $db->escape_string($warning_title), 243 "points" => intval($points), 244 "dateline" => TIME_NOW, 245 "issuedby" => $mybb->user['uid'], 246 "expires" => $warning_expires, 247 "expired" => 0, 248 "revokereason" => '', 249 "notes" => $db->escape_string($mybb->input['notes']) 250 ); 251 $db->insert_query("warnings", $new_warning); 252 253 // Update user 254 $updated_user = array( 255 "warningpoints" => $user['warningpoints']+$points 256 ); 257 258 // Fetch warning level 259 $query = $db->simple_select("warninglevels", "*", "percentage<=$new_warning_level", array("order_by" => "percentage", "order_dir" => "desc")); 260 $new_level = $db->fetch_array($query); 261 262 if($new_level['lid']) 263 { 264 $expiration = 0; 265 $action = unserialize($new_level['action']); 266 267 switch($action['type']) 268 { 269 // Ban the user for a specified time 270 case 1: 271 if($action['length'] > 0) 272 { 273 $expiration = TIME_NOW+$action['length']; 274 } 275 // Fetch any previous bans for this user 276 $query = $db->simple_select("banned", "*", "uid='{$user['uid']}' AND gid='{$action['usergroup']}' AND lifted>".TIME_NOW); 277 $existing_ban = $db->fetch_array($query); 278 279 // Only perform if no previous ban or new ban expires later than existing ban 280 if(($expiration > $existing_ban['lifted'] && $existing_ban['lifted'] != 0) || $expiration == 0 || !$existing_ban['uid']) 281 { 282 if(!$warning_title) 283 { 284 $warning_title = $warning_type['title']; 285 } 286 287 // Never lift the ban? 288 if($action['length'] <= 0) 289 { 290 $bantime = '---'; 291 } 292 else 293 { 294 $bantimes = fetch_ban_times(); 295 foreach($bantimes as $date => $string) 296 { 297 if($date == '---') 298 { 299 continue; 300 } 301 302 $time = 0; 303 list($day, $month, $year) = explode('-', $date); 304 if($day > 0) 305 { 306 $time += 60*60*24*$day; 307 } 308 309 if($month > 0) 310 { 311 $time += 60*60*24*30*$month; 312 } 313 314 if($year > 0) 315 { 316 $time += 60*60*24*365*$year; 317 } 318 319 if($time == $action['length']) 320 { 321 $bantime = $date; 322 break; 323 } 324 } 325 } 326 327 $new_ban = array( 328 "uid" => intval($user['uid']), 329 "gid" => $db->escape_string($action['usergroup']), 330 "oldgroup" => $db->escape_string($user['usergroup']), 331 "oldadditionalgroups" => $db->escape_string($user['additionalgroups']), 332 "olddisplaygroup" => $db->escape_string($user['displaygroup']), 333 "admin" => $mybb->user['uid'], 334 "dateline" => TIME_NOW, 335 "bantime" => $db->escape_string($bantime), 336 "lifted" => $expiration, 337 "reason" => $db->escape_string($warning_title) 338 ); 339 // Delete old ban for this user, taking details 340 if($existing_ban['uid']) 341 { 342 $db->delete_query("banned", "uid='{$user['uid']}' AND gid='{$action['usergroup']}'"); 343 // Override new ban details with old group info 344 $new_ban['oldgroup'] = $db->escape_string($existing_ban['oldgroup']); 345 $new_ban['oldadditionalgroups'] = $db->escape_string($existing_ban['oldadditionalgroups']); 346 $new_ban['olddisplaygroup'] = $db->escape_string($existing_ban['olddisplaygroup']); 347 } 348 349 $period = $lang->expiration_never; 350 $ban_length = fetch_friendly_expiration($action['length']); 351 352 if($ban_length['time']) 353 { 354 $lang_str = "expiration_".$ban_length['period']; 355 $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str); 356 } 357 358 $group_name = $groupscache[$action['usergroup']]['title']; 359 $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_banned, $group_name, $period); 360 361 $db->insert_query("banned", $new_ban); 362 $updated_user['usergroup'] = $action['usergroup']; 363 $updated_user['additionalgroups'] = $updated_user['displaygroup'] = ""; 364 } 365 break; 366 // Suspend posting privileges 367 case 2: 368 if($action['length'] > 0) 369 { 370 $expiration = TIME_NOW+$action['length']; 371 } 372 // Only perform if the expiration time is greater than the users current suspension period 373 if($expiration == 0 || $expiration > $user['suspensiontime']) 374 { 375 if(($user['suspensiontime'] != 0 && $user['suspendposting']) || !$user['suspendposting']) 376 { 377 $period = $lang->expiration_never; 378 $ban_length = fetch_friendly_expiration($action['length']); 379 380 if($ban_length['time']) 381 { 382 $lang_str = "expiration_".$ban_length['period']; 383 $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str); 384 } 385 386 $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_suspended, $period); 387 388 $updated_user['suspensiontime'] = $expiration; 389 $updated_user['suspendposting'] = 1; 390 } 391 } 392 break; 393 // Moderate new posts 394 case 3: 395 if($action['length'] > 0) 396 { 397 $expiration = TIME_NOW+$action['length']; 398 } 399 // Only perform if the expiration time is greater than the users current suspension period 400 if($expiration == 0 || $expiration > $user['moderationtime']) 401 { 402 if(($user['moderationtime'] != 0 && $user['moderateposts']) || !$user['suspendposting']) 403 { 404 $period = $lang->expiration_never; 405 $ban_length = fetch_friendly_expiration($action['length']); 406 407 if($ban_length['time']) 408 { 409 $lang_str = "expiration_".$ban_length['period']; 410 $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str); 411 } 412 413 $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_moderate, $period); 414 415 $updated_user['moderationtime'] = $expiration; 416 $updated_user['moderateposts'] = 1; 417 } 418 } 419 break; 420 } 421 } 422 423 // Save updated details 424 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 425 $cache->update_moderators(); 426 427 $lang->redirect_warned = $lang->sprintf($lang->redirect_warned, $user['username'], $new_warning_level, $friendly_action); 428 429 if($post['pid']) 430 { 431 redirect(get_post_link($post['pid']), $lang->redirect_warned); 432 } 433 else 434 { 435 redirect(get_profile_link($user['uid']), $lang->redirect_warned); 436 } 437 } 438 439 if($warn_errors) 440 { 441 $warn_errors = inline_error($warn_errors); 442 $mybb->input['action'] = "warn"; 443 } 444 } 445 446 // Warn a user 447 if($mybb->input['action'] == "warn") 448 { 449 if($mybb->usergroup['canwarnusers'] != 1) 450 { 451 error_no_permission(); 452 } 453 454 // Check we haven't exceeded the maximum number of warnings per day 455 if($mybb->usergroup['maxwarningsday'] != 0) 456 { 457 $timecut = TIME_NOW-60*60*24; 458 $query = $db->simple_select("warnings", "COUNT(wid) AS given_today", "issuedby='{$mybb->user['uid']}' AND dateline>'$timecut'"); 459 $given_today = $db->fetch_field($query, "given_today"); 460 if($given_today >= $mybb->usergroup['maxwarningsday']) 461 { 462 error($lang->sprintf($lang->reached_max_warnings_day, $mybb->usergroup['maxwarningsday'])); 463 } 464 } 465 466 $user = get_user(intval($mybb->input['uid'])); 467 if(!$user['uid']) 468 { 469 error($lang->error_invalid_user); 470 } 471 472 if($user['uid'] == $mybb->user['uid']) 473 { 474 error($lang->cannot_warn_self); 475 } 476 477 if($user['warningpoints'] >= $mybb->settings['maxwarningpoints']) 478 { 479 error($lang->user_reached_max_warning); 480 } 481 482 $group_permissions = user_permissions($user['uid']); 483 484 if($group_permissions['canreceivewarnings'] != 1) 485 { 486 error($lang->error_cant_warn_group); 487 } 488 489 if(!modcp_can_manage_user($user['uid'])) 490 { 491 error($lang->error_cant_warn_user); 492 } 493 494 // Giving a warning for a specific post 495 if($mybb->input['pid']) 496 { 497 $post = get_post(intval($mybb->input['pid'])); 498 $thread = get_thread($post['tid']); 499 if(!$post['pid'] || !$thread['tid']) 500 { 501 error($lang->error_invalid_post); 502 } 503 $forum_permissions = forum_permissions($thread['fid']); 504 if($forum_permissions['canview'] != 1) 505 { 506 error_no_permission(); 507 } 508 $post['subject'] = $parser->parse_badwords($post['subject']); 509 $post['subject'] = htmlspecialchars_uni($post['subject']); 510 $post_link = get_post_link($post['pid']); 511 eval("\$post = \"".$templates->get("warnings_warn_post")."\";"); 512 513 // Fetch any existing warnings issued for this post 514 $query = $db->query(" 515 SELECT w.*, t.title AS type_title, u.username 516 FROM ".TABLE_PREFIX."warnings w 517 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 518 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 519 WHERE w.pid='{$mybb->input['pid']}' 520 ORDER BY w.expired ASC, w.dateline DESC 521 "); 522 $first = true; 523 while($warning = $db->fetch_array($query)) 524 { 525 if($warning['expired'] != $last_expired || $first) 526 { 527 if($warning['expired'] == 0) 528 { 529 eval("\$warnings .= \"".$templates->get("warnings_active_header")."\";"); 530 } 531 else 532 { 533 eval("\$warnings .= \"".$templates->get("warnings_expired_header")."\";"); 534 } 535 } 536 $last_expired = $warning['expired']; 537 $first = false; 538 539 $post_link = ""; 540 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 541 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 542 if($warning['type_title']) 543 { 544 $warning_type = $warning['type_title']; 545 } 546 else 547 { 548 $warning_type = $warning['title']; 549 } 550 $warning_type = htmlspecialchars_uni($warning_type); 551 if($warning['points'] > 0) 552 { 553 $warning['points'] = "+{$warning['points']}"; 554 } 555 $points = $lang->sprintf($lang->warning_points, $warning['points']); 556 if($warning['expired'] != 1) 557 { 558 if($warning['expires'] == 0) 559 { 560 $expires = $lang->never; 561 } 562 else 563 { 564 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 565 } 566 } 567 else 568 { 569 if($warning['daterevoked']) 570 { 571 $expires = $lang->warning_revoked; 572 } 573 else if($warning['expires']) 574 { 575 $expires = $lang->already_expired; 576 } 577 } 578 $alt_bg = alt_trow(); 579 $plugins->run_hooks("warnings_warning"); 580 eval("\$warnings .= \"".$templates->get("warnings_warning")."\";"); 581 } 582 if($warnings) 583 { 584 eval("\$existing_warnings = \"".$templates->get("warnings_warn_existing")."\";"); 585 } 586 } 587 588 $plugins->run_hooks("warnings_warn_start"); 589 590 // Coming here from failed do_warn? 591 if($warn_errors) 592 { 593 $notes = htmlspecialchars_uni($mybb->input['notes']); 594 $type_checked[$mybb->input['type']] = "checked=\"checked\""; 595 $pm_subject = htmlspecialchars_uni($mybb->input['pm_subject']); 596 $message = htmlspecialchars_uni($mybb->input['pm_message']); 597 if($mybb->input['send_pm']) 598 { 599 $send_pm_checked = "checked=\"checked\""; 600 } 601 $custom_reason = htmlspecialchars_uni($mybb->input['custom_reason']); 602 $custom_points = intval($mybb->input['custom_points']); 603 $expires = intval($mybb->input['expires']); 604 $expires_period[$mybb->input['expires_period']] = "selected=\"selected\""; 605 } 606 else 607 { 608 $notes = $custom_reason = $custom_points = $expires = ''; 609 $expires = 1; 610 $custom_points = 2; 611 $pm_subject = $lang->warning_pm_subject; 612 $message = $lang->sprintf($lang->warning_pm_message, $user['username'], $mybb->settings['bbname']); 613 } 614 615 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 616 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 617 add_breadcrumb($lang->nav_add_warning); 618 619 $user_link = build_profile_link($user['username'], $user['uid']); 620 621 $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 622 623 // Fetch warning levels 624 $levels = array(); 625 $query = $db->simple_select("warninglevels", "*"); 626 while($level = $db->fetch_array($query)) 627 { 628 $level['action'] = unserialize($level['action']); 629 switch($level['action']['type']) 630 { 631 case 1: 632 if($level['action']['length'] > 0) 633 { 634 $ban_length = fetch_friendly_expiration($level['action']['length']); 635 $lang_str = "expiration_".$ban_length['period']; 636 $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str); 637 } 638 $group_name = $groupscache[$level['action']['usergroup']]['title']; 639 $level['friendly_action'] = $lang->sprintf($lang->result_banned, $group_name, $period); 640 break; 641 case 2: 642 if($level['action']['length'] > 0) 643 { 644 $period = fetch_friendly_expiration($level['action']['length']); 645 $lang_str = "expiration_".$period['period']; 646 $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str); 647 } 648 $level['friendly_action'] = $lang->sprintf($lang->result_suspended, $period); 649 break; 650 case 3: 651 if($level['action']['length'] > 0) 652 { 653 $period = fetch_friendly_expiration($level['action']['length']); 654 $lang_str = "expiration_".$period['period']; 655 $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str); 656 } 657 $level['friendly_action'] = $lang->sprintf($lang->result_moderated, $period); 658 break; 659 } 660 $levels[$level['percentage']] = $level; 661 } 662 krsort($levels); 663 664 // Fetch all current warning types 665 $query = $db->simple_select("warningtypes", "*", "", array("order_by" => "title")); 666 while($type = $db->fetch_array($query)) 667 { 668 $checked = $type_checked[$type['tid']]; 669 $type['title'] = htmlspecialchars_uni($type['title']); 670 $new_warning_level = round(($user['warningpoints']+$type['points'])/$mybb->settings['maxwarningpoints']*100); 671 if($new_warning_level > 100) 672 { 673 $new_warning_level = 100; 674 } 675 if($type['points'] > 0) 676 { 677 $type['points'] = "+{$type['points']}"; 678 } 679 $points = $lang->sprintf($lang->warning_points, $type['points']); 680 681 if(is_array($levels)) 682 { 683 foreach($levels as $level) 684 { 685 if($new_warning_level >= $level['percentage']) 686 { 687 $new_level = $level; 688 break; 689 } 690 } 691 } 692 $level_diff = $new_warning_level-$current_level; 693 if($new_level['friendly_action']) 694 { 695 $result = "<div class=\"smalltext\" style=\"clear: left; padding-top: 4px;\">{$lang->result}<br />".$new_level['friendly_action']."</div>"; 696 } 697 eval("\$types .= \"".$templates->get("warnings_warn_type")."\";"); 698 unset($new_level); 699 unset($result); 700 } 701 702 if($mybb->settings['allowcustomwarnings'] != 0) 703 { 704 eval("\$custom_warning = \"".$templates->get("warnings_warn_custom")."\";"); 705 } 706 707 if($group_permissions['canusepms'] != 0 && $mybb->user['receivepms'] != 0 && $mybb->settings['enablepms'] != 0) 708 { 709 $smilieinserter = $codebuttons = ""; 710 711 if($mybb->settings['bbcodeinserter'] != 0 && $mybb->settings['pmsallowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 712 { 713 $codebuttons = build_mycode_inserter(); 714 if($mybb->settings['pmsallowsmilies'] != 0) 715 { 716 $smilieinserter = build_clickable_smilies(); 717 } 718 } 719 eval("\$pm_notify = \"".$templates->get("warnings_warn_pm")."\";"); 720 } 721 722 $plugins->run_hooks("warnings_warn_end"); 723 724 eval("\$warn = \"".$templates->get("warnings_warn")."\";"); 725 output_page($warn); 726 exit; 727 } 728 729 // Revoke a warning 730 if($mybb->input['action'] == "do_revoke" && $mybb->request_method == "post") 731 { 732 // Verify incoming POST request 733 verify_post_check($mybb->input['my_post_key']); 734 735 if($mybb->usergroup['canwarnusers'] != 1) 736 { 737 error_no_permission(); 738 } 739 740 $query = $db->simple_select("warnings", "*", "wid='".intval($mybb->input['wid'])."'"); 741 $warning = $db->fetch_array($query); 742 743 if(!$warning['wid']) 744 { 745 error($lang->error_invalid_warning); 746 } 747 else if($warning['daterevoked']) 748 { 749 error($lang->warning_already_revoked); 750 } 751 752 $user = get_user($warning['uid']); 753 754 $group_permissions = user_permissions($user['uid']); 755 if($group_permissions['canreceivewarnings'] != 1) 756 { 757 error($lang->error_cant_warn_group); 758 } 759 760 $plugins->run_hooks("warnings_do_revoke_start"); 761 762 if(!trim($mybb->input['reason'])) 763 { 764 $warn_errors[] = $lang->no_revoke_reason; 765 $warn_errors = inline_error($warn_errors); 766 $mybb->input['action'] = "view"; 767 } 768 else 769 { 770 // Warning is still active, lower users point count 771 if($warning['expired'] != 1) 772 { 773 $new_warning_points = $user['warningpoints']-$warning['points']; 774 if($new_warning_points < 0) 775 { 776 $new_warning_points = 0; 777 } 778 779 $updated_user = array( 780 "warningpoints" => $new_warning_points 781 ); 782 783 784 // check if we need to revoke any consequences with this warning 785 $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 786 $new_warning_level = round($new_warning_points/$mybb->settings['maxwarningpoints']*100); 787 $query = $db->simple_select("warninglevels", "action", "percentage>$new_warning_level AND percentage<=$current_level"); 788 if($db->num_rows($query)) 789 { 790 // we have some warning levels we need to revoke 791 $max_expiration_times = $check_levels = array(); 792 find_warnlevels_to_check($query, $max_expiration_times, $check_levels); 793 794 // now check warning levels already applied to this user to see if we need to lower any expiration times 795 $query = $db->simple_select("warninglevels", "action", "percentage<=$new_warning_level"); 796 $lower_expiration_times = $lower_levels = array(); 797 find_warnlevels_to_check($query, $lower_expiration_times, $lower_levels); 798 799 // now that we've got all the info, do necessary stuff 800 for($i = 1; $i <= 3; ++$i) 801 { 802 if($check_levels[$i]) 803 { 804 switch($i) 805 { 806 case 1: // Ban 807 // we'll have to resort to letting the admin/mod remove the ban manually, since there's an issue if stacked bans are in force... 808 continue; 809 case 2: // Revoke posting 810 $current_expiry_field = 'suspensiontime'; 811 $current_inforce_field = 'suspendposting'; 812 break; 813 case 3: 814 $current_expiry_field = 'moderationtime'; 815 $current_inforce_field = 'moderateposts'; 816 break; 817 } 818 819 // if the thing isn't in force, don't bother with trying to update anything 820 if(!$user[$current_inforce_field]) 821 { 822 continue; 823 } 824 825 if($lower_levels[$i]) 826 { 827 // lessen the expiration time if necessary 828 829 if(!$lower_expiration_times[$i]) 830 { 831 // doesn't expire - enforce this 832 $updated_user[$current_expiry_field] = 0; 833 continue; 834 } 835 836 if($max_expiration_times[$i]) 837 { 838 // if the old level did have an expiry time... 839 if($max_expiration_times[$i] <= $lower_expiration_times[$i]) 840 { 841 // if the lower expiration time is actually higher than the upper expiration time -> skip 842 continue; 843 } 844 // both new and old max expiry times aren't infinite, so we can take a difference 845 $expire_offset = ($lower_expiration_times[$i] - $max_expiration_times[$i]); 846 } 847 else 848 { 849 // the old level never expired, not much we can do but try to estimate a new expiry time... which will just happen to be starting from today... 850 $expire_offset = TIME_NOW + $lower_expiration_times[$i]; 851 // if the user's expiry time is already less than what we're going to set it to, skip 852 if($user[$current_expiry_field] <= $expire_offset) 853 { 854 continue; 855 } 856 } 857 858 $updated_user[$current_expiry_field] = $user[$current_expiry_field] + $expire_offset; 859 // double-check if it's expired already 860 if($updated_user[$current_expiry_field] < TIME_NOW) 861 { 862 $updated_user[$current_expiry_field] = 0; 863 $updated_user[$current_inforce_field] = 0; 864 } 865 } 866 else 867 { 868 // there's no lower level for this type - remove the consequence entirely 869 $updated_user[$current_expiry_field] = 0; 870 $updated_user[$current_inforce_field] = 0; 871 } 872 } 873 } 874 } 875 876 877 // Update user 878 $db->update_query("users", $updated_user, "uid='{$warning['uid']}'"); 879 } 880 881 // Update warning 882 $updated_warning = array( 883 "expired" => 1, 884 "daterevoked" => TIME_NOW, 885 "revokedby" => $mybb->user['uid'], 886 "revokereason" => $db->escape_string($mybb->input['reason']) 887 ); 888 $db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'"); 889 890 redirect("warnings.php?action=view&wid={$warning['wid']}", $lang->redirect_warning_revoked); 891 } 892 } 893 894 // Detailed view of a warning 895 if($mybb->input['action'] == "view") 896 { 897 if($mybb->usergroup['canwarnusers'] != 1) 898 { 899 error_no_permission(); 900 } 901 902 $query = $db->query(" 903 SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject 904 FROM ".TABLE_PREFIX."warnings w 905 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 906 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 907 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid) 908 WHERE w.wid='".intval($mybb->input['wid'])."' 909 "); 910 $warning = $db->fetch_array($query); 911 912 if(!$warning['wid']) 913 { 914 error($lang->error_invalid_warning); 915 } 916 917 $user = get_user(intval($warning['uid'])); 918 if(!$user['username']) 919 { 920 $user['username'] = $lang->guest; 921 } 922 923 $group_permissions = user_permissions($user['uid']); 924 if($group_permissions['canreceivewarnings'] != 1) 925 { 926 error($lang->error_cant_warn_group); 927 } 928 929 $plugins->run_hooks("warnings_view_start"); 930 931 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 932 if($user['uid']) 933 { 934 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 935 add_breadcrumb($lang->nav_warning_log, "warnings.php?uid={$user['uid']}"); 936 } 937 else 938 { 939 add_breadcrumb($lang->nav_profile); 940 add_breadcrumb($lang->nav_warning_log); 941 } 942 add_breadcrumb($lang->nav_view_warning); 943 944 $user_link = build_profile_link($user['username'], $user['uid']); 945 946 $post_link = ""; 947 if($warning['post_subject']) 948 { 949 $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); 950 $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); 951 $post_link = get_post_link($warning['pid'])."#pid{$warning['pid']}"; 952 eval("\$warning_info = \"".$templates->get("warnings_view_post")."\";"); 953 } 954 else 955 { 956 eval("\$warning_info = \"".$templates->get("warnings_view_user")."\";"); 957 } 958 959 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 960 $notes = nl2br(htmlspecialchars_uni($warning['notes'])); 961 962 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 963 if($warning['type_title']) 964 { 965 $warning_type = $warning['type_title']; 966 } 967 else 968 { 969 $warning_type = $warning['title']; 970 } 971 $warning_type = htmlspecialchars_uni($warning_type); 972 if($warning['points'] > 0) 973 { 974 $warning['points'] = "+{$warning['points']}"; 975 } 976 977 $revoked_date = ''; 978 979 $points = $lang->sprintf($lang->warning_points, $warning['points']); 980 if($warning['expired'] != 1) 981 { 982 if($warning['expires'] == 0) 983 { 984 $expires = $lang->never; 985 } 986 else 987 { 988 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 989 } 990 $status = $lang->warning_active; 991 } 992 else 993 { 994 if($warning['daterevoked']) 995 { 996 $expires = $status = $lang->warning_revoked; 997 } 998 else if($warning['expires']) 999 { 1000 $revoked_date = '('.my_date($mybb->settings['dateformat'], $warning['expires']).' '.my_date($mybb->settings['timeformat'], $warning['expires']).')'; 1001 $expires = $status = $lang->already_expired; 1002 } 1003 } 1004 1005 if(!$warning['daterevoked']) 1006 { 1007 eval("\$revoke = \"".$templates->get("warnings_view_revoke")."\";"); 1008 } 1009 else 1010 { 1011 $date_revoked = my_date($mybb->settings['dateformat'], $warning['daterevoked']).", ".my_date($mybb->settings['timeformat'], $warning['daterevoked']); 1012 $revoked_user = get_user($warning['revokedby']); 1013 if(!$revoked_user['username']) 1014 { 1015 $revoked_user['username'] = $lang->guest; 1016 } 1017 $revoked_by = build_profile_link($revoked_user['username'], $revoked_user['uid']); 1018 $revoke_reason = nl2br(htmlspecialchars_uni($warning['revokereason'])); 1019 eval("\$revoke = \"".$templates->get("warnings_view_revoked")."\";"); 1020 } 1021 1022 $plugins->run_hooks("warnings_view_end"); 1023 1024 eval("\$warning = \"".$templates->get("warnings_view")."\";"); 1025 output_page($warning); 1026 } 1027 1028 // Showing list of warnings for a particular user 1029 if(!$mybb->input['action']) 1030 { 1031 if($mybb->usergroup['canwarnusers'] != 1) 1032 { 1033 error_no_permission(); 1034 } 1035 1036 $user = get_user(intval($mybb->input['uid'])); 1037 if(!$user['uid']) 1038 { 1039 error($lang->error_invalid_user); 1040 } 1041 $group_permissions = user_permissions($user['uid']); 1042 if($group_permissions['canreceivewarnings'] != 1) 1043 { 1044 error($lang->error_cant_warn_group); 1045 } 1046 1047 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 1048 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 1049 add_breadcrumb($lang->nav_warning_log); 1050 1051 if(!$mybb->settings['postsperpage']) 1052 { 1053 $mybb->settings['postperpage'] = 20; 1054 } 1055 1056 // Figure out if we need to display multiple pages. 1057 $perpage = $mybb->settings['postsperpage']; 1058 $page = intval($mybb->input['page']); 1059 1060 $query = $db->simple_select("warnings", "COUNT(wid) AS warning_count", "uid='{$user['uid']}'"); 1061 $warning_count = $db->fetch_field($query, "warning_count"); 1062 1063 $pages = ceil($warning_count/$perpage); 1064 1065 if($page > $pages || $page <= 0) 1066 { 1067 $page = 1; 1068 } 1069 if($page) 1070 { 1071 $start = ($page-1) * $perpage; 1072 } 1073 else 1074 { 1075 $start = 0; 1076 $page = 1; 1077 } 1078 1079 $multipage = multipage($warning_count, $perpage, $page, "warnings.php?uid={$user['uid']}"); 1080 1081 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1082 if($warning_level > 100) 1083 { 1084 $warning_level = 100; 1085 } 1086 1087 if($user['warningpoints'] > $mybb->settings['maxwarningpoints']) 1088 { 1089 $user['warningpoints'] = $mybb->settings['maxwarningpoints']; 1090 } 1091 1092 if($warning_level > 0) 1093 { 1094 $lang->current_warning_level = $lang->sprintf($lang->current_warning_level, $warning_level, $user['warningpoints'], $mybb->settings['maxwarningpoints']); 1095 } 1096 else 1097 { 1098 $lang->current_warning_level = ""; 1099 } 1100 1101 // Fetch the actual warnings 1102 $query = $db->query(" 1103 SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject 1104 FROM ".TABLE_PREFIX."warnings w 1105 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 1106 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 1107 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid) 1108 WHERE w.uid='{$user['uid']}' 1109 ORDER BY w.expired ASC, w.dateline DESC 1110 LIMIT {$start}, {$perpage} 1111 "); 1112 $first = true; 1113 while($warning = $db->fetch_array($query)) 1114 { 1115 if($warning['expired'] != $last_expired || $first) 1116 { 1117 if($warning['expired'] == 0) 1118 { 1119 eval("\$warnings .= \"".$templates->get("warnings_active_header")."\";"); 1120 } 1121 else 1122 { 1123 eval("\$warnings .= \"".$templates->get("warnings_expired_header")."\";"); 1124 } 1125 } 1126 $last_expired = $warning['expired']; 1127 $first = false; 1128 1129 $post_link = ""; 1130 if($warning['post_subject']) 1131 { 1132 $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); 1133 $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); 1134 $post_link = "<br /><small>{$lang->warning_for_post} <a href=\"".get_post_link($warning['pid'])."#pid{$warning['pid']}\">{$warning['post_subject']}</a></small>"; 1135 } 1136 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 1137 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 1138 if($warning['type_title']) 1139 { 1140 $warning_type = $warning['type_title']; 1141 } 1142 else 1143 { 1144 $warning_type = $warning['title']; 1145 } 1146 $warning_type = htmlspecialchars_uni($warning_type); 1147 if($warning['points'] > 0) 1148 { 1149 $warning['points'] = "+{$warning['points']}"; 1150 } 1151 $points = $lang->sprintf($lang->warning_points, $warning['points']); 1152 if($warning['expired'] != 1) 1153 { 1154 if($warning['expires'] == 0) 1155 { 1156 $expires = $lang->never; 1157 } 1158 else 1159 { 1160 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 1161 } 1162 } 1163 else 1164 { 1165 if($warning['daterevoked']) 1166 { 1167 $expires = $lang->warning_revoked; 1168 } 1169 else if($warning['expires']) 1170 { 1171 $expires = $lang->already_expired; 1172 } 1173 } 1174 $alt_bg = alt_trow(); 1175 $plugins->run_hooks("warnings_warning"); 1176 eval("\$warnings .= \"".$templates->get("warnings_warning")."\";"); 1177 } 1178 1179 if(!$warnings) 1180 { 1181 eval("\$warnings = \"".$templates->get("warnings_no_warnings")."\";"); 1182 } 1183 1184 $plugins->run_hooks("warnings_end"); 1185 1186 eval("\$warnings = \"".$templates->get("warnings")."\";"); 1187 output_page($warnings); 1188 } 1189 1190 1191 1192 function find_warnlevels_to_check(&$query, &$max_expiration_times, &$check_levels) 1193 { 1194 global $db; 1195 // we have some warning levels we need to revoke 1196 $max_expiration_times = array( 1197 1 => -1, // Ban 1198 2 => -1, // Revoke posting 1199 3 => -1 // Moderate posting 1200 ); 1201 $check_levels = array( 1202 1 => false, // Ban 1203 2 => false, // Revoke posting 1204 3 => false // Moderate posting 1205 ); 1206 while($warn_level = $db->fetch_array($query)) 1207 { 1208 // revoke actions taken at this warning level 1209 $action = unserialize($warn_level['action']); 1210 if($action['type'] < 1 || $action['type'] > 3) // prevent any freak-ish cases 1211 { 1212 continue; 1213 } 1214 1215 $check_levels[$action['type']] = true; 1216 1217 $max_exp_time = &$max_expiration_times[$action['type']]; 1218 if($action['length'] && $max_exp_time != 0) 1219 { 1220 $expiration = $action['length']; 1221 if($expiration > $max_exp_time) 1222 { 1223 $max_exp_time = $expiration; 1224 } 1225 } 1226 else 1227 { 1228 $max_exp_time = 0; 1229 } 1230 } 1231 } 1232 1233 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |