source: trunk/forum/includes/mcp/mcp_post.php

Last change on this file was 400, checked in by george, 16 years ago
  • Přidáno: Nové forum phpBB 3.
File size: 17.7 KB
Line 
1<?php
2/**
3*
4* @package mcp
5* @version $Id: mcp_post.php 8805 2008-09-02 06:36:24Z acydburn $
6* @copyright (c) 2005 phpBB Group
7* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8*
9*/
10
11/**
12* @ignore
13*/
14if (!defined('IN_PHPBB'))
15{
16 exit;
17}
18
19/**
20* Handling actions in post details screen
21*/
22function mcp_post_details($id, $mode, $action)
23{
24 global $phpEx, $phpbb_root_path, $config;
25 global $template, $db, $user, $auth, $cache;
26
27 $user->add_lang('posting');
28
29 $post_id = request_var('p', 0);
30 $start = request_var('start', 0);
31
32 // Get post data
33 $post_info = get_post_data(array($post_id), false, true);
34
35 add_form_key('mcp_post_details');
36
37 if (!sizeof($post_info))
38 {
39 trigger_error('POST_NOT_EXIST');
40 }
41
42 $post_info = $post_info[$post_id];
43 $url = append_sid("{$phpbb_root_path}mcp.$phpEx?" . extra_url());
44
45 switch ($action)
46 {
47 case 'whois':
48
49 if ($auth->acl_get('m_info', $post_info['forum_id']))
50 {
51 $ip = request_var('ip', '');
52 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
53
54 $template->assign_vars(array(
55 'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;p=$post_id") . '">', '</a>'),
56 'U_RETURN_POST' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;p=$post_id"),
57 'L_RETURN_POST' => sprintf($user->lang['RETURN_POST'], '', ''),
58 'WHOIS' => user_ipwhois($ip),
59 ));
60 }
61
62 // We're done with the whois page so return
63 return;
64
65 break;
66
67 case 'chgposter':
68 case 'chgposter_ip':
69
70 if ($action == 'chgposter')
71 {
72 $username = request_var('username', '', true);
73 $sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
74 }
75 else
76 {
77 $new_user_id = request_var('u', 0);
78 $sql_where = 'user_id = ' . $new_user_id;
79 }
80
81 $sql = 'SELECT *
82 FROM ' . USERS_TABLE . '
83 WHERE ' . $sql_where;
84 $result = $db->sql_query($sql);
85 $row = $db->sql_fetchrow($result);
86 $db->sql_freeresult($result);
87
88 if (!$row)
89 {
90 trigger_error('NO_USER');
91 }
92
93 if ($auth->acl_get('m_chgposter', $post_info['forum_id']))
94 {
95 if (check_form_key('mcp_post_details'))
96 {
97 change_poster($post_info, $row);
98 }
99 else
100 {
101 trigger_error('FORM_INVALID');
102 }
103 }
104
105 break;
106 }
107
108 // Set some vars
109 $users_ary = $usernames_ary = array();
110 $attachments = $extensions = array();
111 $post_id = $post_info['post_id'];
112 $topic_tracking_info = array();
113
114 // Get topic tracking info
115 if ($config['load_db_lastread'])
116 {
117 $tmp_topic_data = array($post_info['topic_id'] => $post_info);
118 $topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
119 unset($tmp_topic_data);
120 }
121 else
122 {
123 $topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
124 }
125
126 $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
127
128 // Process message, leave it uncensored
129 $message = $post_info['post_text'];
130
131 if ($post_info['bbcode_bitfield'])
132 {
133 include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
134 $bbcode = new bbcode($post_info['bbcode_bitfield']);
135 $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
136 }
137
138 $message = bbcode_nl2br($message);
139 $message = smiley_text($message);
140
141 if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
142 {
143 $extensions = $cache->obtain_attach_extensions($post_info['forum_id']);
144
145 $sql = 'SELECT *
146 FROM ' . ATTACHMENTS_TABLE . '
147 WHERE post_msg_id = ' . $post_id . '
148 AND in_message = 0
149 ORDER BY filetime DESC, post_msg_id ASC';
150 $result = $db->sql_query($sql);
151
152 while ($row = $db->sql_fetchrow($result))
153 {
154 $attachments[] = $row;
155 }
156 $db->sql_freeresult($result);
157
158 if (sizeof($attachments))
159 {
160 $update_count = array();
161 parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
162 }
163
164 // Display not already displayed Attachments for this post, we already parsed them. ;)
165 if (!empty($attachments))
166 {
167 $template->assign_var('S_HAS_ATTACHMENTS', true);
168
169 foreach ($attachments as $attachment)
170 {
171 $template->assign_block_vars('attachment', array(
172 'DISPLAY_ATTACHMENT' => $attachment)
173 );
174 }
175 }
176 }
177
178 $template->assign_vars(array(
179 'U_MCP_ACTION' => "$url&amp;i=main&amp;quickmod=1", // Use this for mode paramaters
180 'U_POST_ACTION' => "$url&amp;i=$id&amp;mode=post_details", // Use this for action parameters
181 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;p=$post_id&amp;f={$post_info['forum_id']}"),
182
183 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
184 'S_CAN_CHGPOSTER' => $auth->acl_get('m_chgposter', $post_info['forum_id']),
185 'S_CAN_LOCK_POST' => $auth->acl_get('m_lock', $post_info['forum_id']),
186 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']),
187
188 'S_POST_REPORTED' => ($post_info['post_reported']) ? true : false,
189 'S_POST_UNAPPROVED' => (!$post_info['post_approved']) ? true : false,
190 'S_POST_LOCKED' => ($post_info['post_edit_locked']) ? true : false,
191 'S_USER_NOTES' => true,
192 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false,
193
194 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '',
195 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=mcp_chgposter&amp;field=username&amp;select_single=true'),
196 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
197 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
198 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']),
199 'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '',
200 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
201 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']),
202
203 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'NEW_POST') : $user->img('icon_post_target', 'POST'),
204
205 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f={$post_info['forum_id']}&amp;p=$post_id") . "#p$post_id\">", '</a>'),
206 'RETURN_FORUM' => sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", "f={$post_info['forum_id']}&amp;start={$start}") . '">', '</a>'),
207 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
208 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
209 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
210 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']),
211
212 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
213 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
214 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
215 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
216
217 'POST_PREVIEW' => $message,
218 'POST_SUBJECT' => $post_info['post_subject'],
219 'POST_DATE' => $user->format_date($post_info['post_time']),
220 'POST_IP' => $post_info['poster_ip'],
221 'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
222 'POST_ID' => $post_info['post_id'],
223
224 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&amp;i=$id&amp;mode=$mode&amp;lookup={$post_info['poster_ip']}#ip" : '',
225 'U_WHOIS' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;action=whois&amp;p=$post_id&amp;ip={$post_info['poster_ip']}") : '',
226 ));
227
228 // Get User Notes
229 $log_data = array();
230 $log_count = 0;
231 view_log('user', $log_data, $log_count, $config['posts_per_page'], 0, 0, 0, $post_info['user_id']);
232
233 if ($log_count)
234 {
235 $template->assign_var('S_USER_NOTES', true);
236
237 foreach ($log_data as $row)
238 {
239 $template->assign_block_vars('usernotes', array(
240 'REPORT_BY' => $row['username_full'],
241 'REPORT_AT' => $user->format_date($row['time']),
242 'ACTION' => $row['action'],
243 'ID' => $row['id'])
244 );
245 }
246 }
247
248 // Get Reports
249 if ($auth->acl_get('m_', $post_info['forum_id']))
250 {
251 $sql = 'SELECT r.*, re.*, u.user_id, u.username
252 FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re
253 WHERE r.post_id = $post_id
254 AND r.reason_id = re.reason_id
255 AND u.user_id = r.user_id
256 ORDER BY r.report_time DESC";
257 $result = $db->sql_query($sql);
258
259 if ($row = $db->sql_fetchrow($result))
260 {
261 $template->assign_var('S_SHOW_REPORTS', true);
262
263 do
264 {
265 // If the reason is defined within the language file, we will use the localized version, else just use the database entry...
266 if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
267 {
268 $row['reson_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
269 $row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
270 }
271
272 $template->assign_block_vars('reports', array(
273 'REPORT_ID' => $row['report_id'],
274 'REASON_TITLE' => $row['reason_title'],
275 'REASON_DESC' => $row['reason_description'],
276 'REPORTER' => ($row['user_id'] != ANONYMOUS) ? $row['username'] : $user->lang['GUEST'],
277 'U_REPORTER' => ($row['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']) : '',
278 'USER_NOTIFY' => ($row['user_notify']) ? true : false,
279 'REPORT_TIME' => $user->format_date($row['report_time']),
280 'REPORT_TEXT' => bbcode_nl2br(trim($row['report_text'])),
281 ));
282 }
283 while ($row = $db->sql_fetchrow($result));
284 }
285 $db->sql_freeresult($result);
286 }
287
288 // Get IP
289 if ($auth->acl_get('m_info', $post_info['forum_id']))
290 {
291 $rdns_ip_num = request_var('rdns', '');
292
293 if ($rdns_ip_num != 'all')
294 {
295 $template->assign_vars(array(
296 'U_LOOKUP_ALL' => "$url&amp;i=main&amp;mode=post_details&amp;rdns=all")
297 );
298 }
299
300 // Get other users who've posted under this IP
301 $sql = 'SELECT poster_id, COUNT(poster_id) as postings
302 FROM ' . POSTS_TABLE . "
303 WHERE poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "'
304 GROUP BY poster_id
305 ORDER BY postings DESC";
306 $result = $db->sql_query($sql);
307
308 while ($row = $db->sql_fetchrow($result))
309 {
310 // Fill the user select list with users who have posted under this IP
311 if ($row['poster_id'] != $post_info['poster_id'])
312 {
313 $users_ary[$row['poster_id']] = $row;
314 }
315 }
316 $db->sql_freeresult($result);
317
318 if (sizeof($users_ary))
319 {
320 // Get the usernames
321 $sql = 'SELECT user_id, username
322 FROM ' . USERS_TABLE . '
323 WHERE ' . $db->sql_in_set('user_id', array_keys($users_ary));
324 $result = $db->sql_query($sql);
325
326 while ($row = $db->sql_fetchrow($result))
327 {
328 $users_ary[$row['user_id']]['username'] = $row['username'];
329 $usernames_ary[utf8_clean_string($row['username'])] = $users_ary[$row['user_id']];
330 }
331 $db->sql_freeresult($result);
332
333 foreach ($users_ary as $user_id => $user_row)
334 {
335 $template->assign_block_vars('userrow', array(
336 'USERNAME' => ($user_id == ANONYMOUS) ? $user->lang['GUEST'] : $user_row['username'],
337 'NUM_POSTS' => $user_row['postings'],
338 'L_POST_S' => ($user_row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'],
339
340 'U_PROFILE' => ($user_id == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $user_id),
341 'U_SEARCHPOSTS' => append_sid("{$phpbb_root_path}search.$phpEx", 'author_id=' . $user_id . '&amp;sr=topics'))
342 );
343 }
344 }
345
346 // Get other IP's this user has posted under
347
348 // A compound index on poster_id, poster_ip (posts table) would help speed up this query a lot,
349 // but the extra size is only valuable if there are persons having more than a thousands posts.
350 // This is better left to the really really big forums.
351
352 $sql = 'SELECT poster_ip, COUNT(poster_ip) AS postings
353 FROM ' . POSTS_TABLE . '
354 WHERE poster_id = ' . $post_info['poster_id'] . "
355 GROUP BY poster_ip
356 ORDER BY postings DESC";
357 $result = $db->sql_query($sql);
358
359 while ($row = $db->sql_fetchrow($result))
360 {
361 $hostname = (($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') && $row['poster_ip']) ? @gethostbyaddr($row['poster_ip']) : '';
362
363 $template->assign_block_vars('iprow', array(
364 'IP' => $row['poster_ip'],
365 'HOSTNAME' => $hostname,
366 'NUM_POSTS' => $row['postings'],
367 'L_POST_S' => ($row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'],
368
369 'U_LOOKUP_IP' => ($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? '' : "$url&amp;i=$id&amp;mode=post_details&amp;rdns={$row['poster_ip']}#ip",
370 'U_WHOIS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;action=whois&amp;p=$post_id&amp;ip={$row['poster_ip']}"))
371 );
372 }
373 $db->sql_freeresult($result);
374
375 $user_select = '';
376
377 if (sizeof($usernames_ary))
378 {
379 ksort($usernames_ary);
380
381 foreach ($usernames_ary as $row)
382 {
383 $user_select .= '<option value="' . $row['poster_id'] . '">' . $row['username'] . "</option>\n";
384 }
385 }
386
387 $template->assign_var('S_USER_SELECT', $user_select);
388 }
389
390}
391
392/**
393* Change a post's poster
394*/
395function change_poster(&$post_info, $userdata)
396{
397 global $auth, $db, $config, $phpbb_root_path, $phpEx;
398
399 if (empty($userdata) || $userdata['user_id'] == $post_info['user_id'])
400 {
401 return;
402 }
403
404 $post_id = $post_info['post_id'];
405
406 $sql = 'UPDATE ' . POSTS_TABLE . "
407 SET poster_id = {$userdata['user_id']}
408 WHERE post_id = $post_id";
409 $db->sql_query($sql);
410
411 // Resync topic/forum if needed
412 if ($post_info['topic_last_post_id'] == $post_id || $post_info['forum_last_post_id'] == $post_id || $post_info['topic_first_post_id'] == $post_id)
413 {
414 sync('topic', 'topic_id', $post_info['topic_id'], false, false);
415 sync('forum', 'forum_id', $post_info['forum_id'], false, false);
416 }
417
418 // Adjust post counts... only if the post is approved (else, it was not added the users post count anyway)
419 if ($post_info['post_postcount'] && $post_info['post_approved'])
420 {
421 $sql = 'UPDATE ' . USERS_TABLE . '
422 SET user_posts = user_posts - 1
423 WHERE user_id = ' . $post_info['user_id'] .'
424 AND user_posts > 0';
425 $db->sql_query($sql);
426
427 $sql = 'UPDATE ' . USERS_TABLE . '
428 SET user_posts = user_posts + 1
429 WHERE user_id = ' . $userdata['user_id'];
430 $db->sql_query($sql);
431 }
432
433 // Add posted to information for this topic for the new user
434 markread('post', $post_info['forum_id'], $post_info['topic_id'], time(), $userdata['user_id']);
435
436 // Remove the dotted topic option if the old user has no more posts within this topic
437 if ($config['load_db_track'] && $post_info['user_id'] != ANONYMOUS)
438 {
439 $sql = 'SELECT topic_id
440 FROM ' . POSTS_TABLE . '
441 WHERE topic_id = ' . $post_info['topic_id'] . '
442 AND poster_id = ' . $post_info['user_id'];
443 $result = $db->sql_query_limit($sql, 1);
444 $topic_id = (int) $db->sql_fetchfield('topic_id');
445 $db->sql_freeresult($result);
446
447 if (!$topic_id)
448 {
449 $sql = 'DELETE FROM ' . TOPICS_POSTED_TABLE . '
450 WHERE user_id = ' . $post_info['user_id'] . '
451 AND topic_id = ' . $post_info['topic_id'];
452 $db->sql_query($sql);
453 }
454 }
455
456 // change the poster_id within the attachments table, else the data becomes out of sync and errors displayed because of wrong ownership
457 if ($post_info['post_attachment'])
458 {
459 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
460 SET poster_id = ' . $userdata['user_id'] . '
461 WHERE poster_id = ' . $post_info['user_id'] . '
462 AND post_msg_id = ' . $post_info['post_id'] . '
463 AND topic_id = ' . $post_info['topic_id'];
464 $db->sql_query($sql);
465 }
466
467 // refresh search cache of this post
468 $search_type = basename($config['search_type']);
469
470 if (file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx))
471 {
472 require("{$phpbb_root_path}includes/search/$search_type.$phpEx");
473
474 // We do some additional checks in the module to ensure it can actually be utilised
475 $error = false;
476 $search = new $search_type($error);
477
478 if (!$error && method_exists($search, 'destroy_cache'))
479 {
480 $search->destroy_cache(array(), array($post_info['user_id'], $userdata['user_id']));
481 }
482 }
483
484 $from_username = $post_info['username'];
485 $to_username = $userdata['username'];
486
487 // Renew post info
488 $post_info = get_post_data(array($post_id), false, true);
489
490 if (!sizeof($post_info))
491 {
492 trigger_error('POST_NOT_EXIST');
493 }
494
495 $post_info = $post_info[$post_id];
496
497 // Now add log entry
498 add_log('mod', $post_info['forum_id'], $post_info['topic_id'], 'LOG_MCP_CHANGE_POSTER', $post_info['topic_title'], $from_username, $to_username);
499}
500
501?>
Note: See TracBrowser for help on using the repository browser.