5
* @version $Id: mcp.php,v 1.138 2007/08/30 21:19:04 acydburn Exp $
6
* @copyright (c) 2005 phpBB Group
7
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
14
define('IN_PHPBB', true);
15
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
16
$phpEx = substr(strrchr(__FILE__, '.'), 1);
17
include($phpbb_root_path . 'common.' . $phpEx);
18
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
19
require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
21
// Start session management
22
$user->session_begin();
23
$auth->acl($user->data);
26
$module = new p_master();
28
// Setting a variable to let the style designer know where he is...
29
$template->assign_var('S_IN_MCP', true);
31
// Basic parameter data
32
$id = request_var('i', '');
34
if (isset($_REQUEST['mode']) && is_array($_REQUEST['mode']))
36
$mode = request_var('mode', array(''));
37
list($mode, ) = each($mode);
41
$mode = request_var('mode', '');
44
// Only Moderators can go beyond this point
45
if (!$user->data['is_registered'])
47
if ($user->data['is_bot'])
49
redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
52
login_box('', $user->lang['LOGIN_EXPLAIN_MCP']);
55
$quickmod = (isset($_REQUEST['quickmod'])) ? true : false;
56
$action = request_var('action', '');
57
$action_ary = request_var('action', array('' => 0));
59
$forum_action = request_var('forum_action', '');
60
if ($forum_action !== '' && !empty($_POST['sort']))
62
$action = $forum_action;
65
if (sizeof($action_ary))
67
list($action, ) = each($action_ary);
71
if ($mode == 'topic_logs')
77
$post_id = request_var('p', 0);
78
$topic_id = request_var('t', 0);
79
$forum_id = request_var('f', 0);
80
$user_id = request_var('u', 0);
81
$username = utf8_normalize_nfc(request_var('username', '', true));
85
// We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
86
$sql = 'SELECT topic_id, forum_id
87
FROM ' . POSTS_TABLE . "
88
WHERE post_id = $post_id";
89
$result = $db->sql_query($sql);
90
$row = $db->sql_fetchrow($result);
91
$db->sql_freeresult($result);
93
$topic_id = (int) $row['topic_id'];
94
$forum_id = (int) ($row['forum_id']) ? $row['forum_id'] : $forum_id;
98
$sql = 'SELECT forum_id
99
FROM ' . TOPICS_TABLE . "
100
WHERE topic_id = $topic_id";
101
$result = $db->sql_query($sql);
102
$row = $db->sql_fetchrow($result);
103
$db->sql_freeresult($result);
105
$forum_id = (int) $row['forum_id'];
108
// If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
109
if (!$auth->acl_getf_global('m_'))
111
// Except he is using one of the quickmod tools for users
112
$user_quickmod_actions = array(
113
'lock' => 'f_user_lock',
114
'make_sticky' => 'f_sticky',
115
'make_announce' => 'f_announce',
116
'make_global' => 'f_announce',
117
'make_normal' => array('f_announce', 'f_sticky')
121
if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
123
$topic_info = get_topic_data(array($topic_id));
124
if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id'])
132
trigger_error('NOT_AUTHORISED');
136
// if the user cannot read the forum he tries to access then we won't allow mcp access either
137
if ($forum_id && !$auth->acl_get('f_read', $forum_id))
139
trigger_error('NOT_AUTHORISED');
144
$module->acl_forum_id = $forum_id;
147
// Instantiate module system and generate list of available modules
148
$module->list_modules('mcp');
161
case 'make_announce':
168
$module->load('mcp', 'main', 'quickmod');
173
$module->set_active('logs', 'topic_logs');
177
$module->set_active('main', 'forum_view');
182
$module->set_active('main', 'topic_view');
186
trigger_error("$action not allowed as quickmod");
191
// Select the active module
192
$module->set_active($id, $mode);
195
// Hide some of the options if we don't have the relevant information to use them
198
$module->set_display('main', 'post_details', false);
199
$module->set_display('warn', 'warn_post', false);
202
if ($mode == '' || $mode == 'unapproved_topics' || $mode == 'unapproved_posts')
204
$module->set_display('queue', 'approve_details', false);
207
if ($mode == '' || $mode == 'reports' || $mode == 'reports_closed')
209
$module->set_display('reports', 'report_details', false);
214
$module->set_display('main', 'topic_view', false);
215
$module->set_display('logs', 'topic_logs', false);
220
$module->set_display('main', 'forum_view', false);
221
$module->set_display('logs', 'forum_logs', false);
224
if (!$user_id && $username == '')
226
$module->set_display('notes', 'user_notes', false);
227
$module->set_display('warn', 'warn_user', false);
230
// Load and execute the relevant module
231
$module->load_active();
233
// Assign data to the template engine for the list of modules
234
$module->assign_tpl_vars(append_sid("{$phpbb_root_path}mcp.$phpEx"));
236
// Generate urls for letting the moderation control panel being accessed in different modes
237
$template->assign_vars(array(
238
'U_MCP' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main'),
239
'U_MCP_FORUM' => ($forum_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&mode=forum_view&f=$forum_id") : '',
240
'U_MCP_TOPIC' => ($forum_id && $topic_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&mode=topic_view&t=$topic_id") : '',
241
'U_MCP_POST' => ($forum_id && $topic_id && $post_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&mode=post_details&t=$topic_id&p=$post_id") : '',
244
// Generate the page, do not display/query online list
245
$module->display($module->get_page_title(), false);
248
* Functions used to generate additional URL paramters
250
function _module__url($mode, &$module_row)
255
function _module_notes_url($mode, &$module_row)
257
if ($mode == 'front')
263
return ($user_id) ? "&u=$user_id" : '';
266
function _module_warn_url($mode, &$module_row)
268
if ($mode == 'front' || $mode == 'list')
272
return ($forum_id) ? "&f=$forum_id" : '';
275
if ($mode == 'warn_post')
277
global $forum_id, $post_id;
279
$url_extra = ($forum_id) ? "&f=$forum_id" : '';
280
$url_extra .= ($post_id) ? "&p=$post_id" : '';
288
return ($user_id) ? "&u=$user_id" : '';
292
function _module_main_url($mode, &$module_row)
297
function _module_logs_url($mode, &$module_row)
302
function _module_ban_url($mode, &$module_row)
307
function _module_queue_url($mode, &$module_row)
312
function _module_reports_url($mode, &$module_row)
319
global $forum_id, $topic_id, $post_id, $user_id;
322
$url_extra .= ($forum_id) ? "&f=$forum_id" : '';
323
$url_extra .= ($topic_id) ? "&t=$topic_id" : '';
324
$url_extra .= ($post_id) ? "&p=$post_id" : '';
325
$url_extra .= ($user_id) ? "&u=$user_id" : '';
331
* Get simple topic data
333
function get_topic_data($topic_ids, $acl_list = false, $read_tracking = false)
335
global $auth, $db, $config, $user;
336
static $rowset = array();
340
if (!sizeof($topic_ids))
345
// cache might not contain read tracking info, so we can't use it if read
346
// tracking information is requested
349
$cache_topic_ids = array_intersect($topic_ids, array_keys($rowset));
350
$topic_ids = array_diff($topic_ids, array_keys($rowset));
354
$cache_topic_ids = array();
357
if (sizeof($topic_ids))
360
'SELECT' => 't.*, f.*',
366
'LEFT_JOIN' => array(
368
'FROM' => array(FORUMS_TABLE => 'f'),
369
'ON' => 'f.forum_id = t.forum_id'
373
'WHERE' => $db->sql_in_set('t.topic_id', $topic_ids)
376
if ($read_tracking && $config['load_db_lastread'])
378
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
380
$sql_array['LEFT_JOIN'][] = array(
381
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
382
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
385
$sql_array['LEFT_JOIN'][] = array(
386
'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
387
'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
391
$sql = $db->sql_build_query('SELECT', $sql_array);
392
$result = $db->sql_query($sql);
394
while ($row = $db->sql_fetchrow($result))
396
if (!$row['forum_id'])
398
// Global Announcement?
399
$row['forum_id'] = request_var('f', 0);
402
$rowset[$row['topic_id']] = $row;
404
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
409
$topics[$row['topic_id']] = $row;
411
$db->sql_freeresult($result);
414
foreach ($cache_topic_ids as $id)
416
if (!$acl_list || $auth->acl_gets($acl_list, $rowset[$id]['forum_id']))
418
$topics[$id] = $rowset[$id];
426
* Get simple post data
428
function get_post_data($post_ids, $acl_list = false, $read_tracking = false)
430
global $db, $auth, $config, $user;
434
if (!sizeof($post_ids))
440
'SELECT' => 'p.*, u.*, t.*, f.*',
448
'LEFT_JOIN' => array(
450
'FROM' => array(FORUMS_TABLE => 'f'),
451
'ON' => 'f.forum_id = t.forum_id'
455
'WHERE' => $db->sql_in_set('p.post_id', $post_ids) . '
456
AND u.user_id = p.poster_id
457
AND t.topic_id = p.topic_id',
460
if ($read_tracking && $config['load_db_lastread'])
462
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
464
$sql_array['LEFT_JOIN'][] = array(
465
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
466
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
469
$sql_array['LEFT_JOIN'][] = array(
470
'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
471
'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
475
$sql = $db->sql_build_query('SELECT', $sql_array);
476
$result = $db->sql_query($sql);
479
while ($row = $db->sql_fetchrow($result))
481
if (!$row['forum_id'])
483
// Global Announcement?
484
$row['forum_id'] = request_var('f', 0);
487
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
492
if (!$row['post_approved'] && !$auth->acl_get('m_approve', $row['forum_id']))
494
// Moderators without the permission to approve post should at least not see them. ;)
498
$rowset[$row['post_id']] = $row;
500
$db->sql_freeresult($result);
506
* Get simple forum data
508
function get_forum_data($forum_id, $acl_list = 'f_list', $read_tracking = false)
510
global $auth, $db, $user, $config;
514
if (!is_array($forum_id))
516
$forum_id = array($forum_id);
519
if (!sizeof($forum_id))
524
if ($read_tracking && $config['load_db_lastread'])
526
$read_tracking_join = ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . '
527
AND ft.forum_id = f.forum_id)';
528
$read_tracking_select = ', ft.mark_time';
532
$read_tracking_join = $read_tracking_select = '';
535
$sql = "SELECT f.* $read_tracking_select
536
FROM " . FORUMS_TABLE . " f$read_tracking_join
537
WHERE " . $db->sql_in_set('f.forum_id', $forum_id);
538
$result = $db->sql_query($sql);
540
while ($row = $db->sql_fetchrow($result))
542
if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
547
if ($auth->acl_get('m_approve', $row['forum_id']))
549
$row['forum_topics'] = $row['forum_topics_real'];
552
$rowset[$row['forum_id']] = $row;
554
$db->sql_freeresult($result);
562
* @param string $where_sql should either be WHERE (default if ommited) or end with AND or OR
564
function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE')
566
global $db, $user, $auth, $template;
568
$sort_days = request_var('st', 0);
569
$min_time = ($sort_days) ? time() - ($sort_days * 86400) : 0;
578
$sql = 'SELECT COUNT(topic_id) AS total
579
FROM ' . TOPICS_TABLE . "
580
$where_sql forum_id = $forum_id
581
AND topic_type NOT IN (" . POST_ANNOUNCE . ', ' . POST_GLOBAL . ")
582
AND topic_last_post_time >= $min_time";
584
if (!$auth->acl_get('m_approve', $forum_id))
586
$sql .= 'AND topic_approved = 1';
595
$sql = 'SELECT COUNT(post_id) AS total
596
FROM ' . POSTS_TABLE . "
597
$where_sql topic_id = $topic_id
598
AND post_time >= $min_time";
600
if (!$auth->acl_get('m_approve', $forum_id))
602
$sql .= 'AND post_approved = 1';
606
case 'unapproved_posts':
610
$where_sql .= ($topic_id) ? ' topic_id = ' . $topic_id . ' AND' : '';
612
$sql = 'SELECT COUNT(post_id) AS total
613
FROM ' . POSTS_TABLE . "
614
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : get_forum_list('m_approve')) . '
615
AND post_approved = 0';
619
$sql .= ' AND post_time >= ' . $min_time;
623
case 'unapproved_topics':
628
$sql = 'SELECT COUNT(topic_id) AS total
629
FROM ' . TOPICS_TABLE . "
630
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : get_forum_list('m_approve')) . '
631
AND topic_approved = 0';
635
$sql .= ' AND topic_time >= ' . $min_time;
640
case 'reports_closed':
644
$limit_time_sql = ($min_time) ? "AND r.report_time >= $min_time" : '';
648
$where_sql .= ' p.topic_id = ' . $topic_id;
652
$where_sql .= ' p.forum_id = ' . $forum_id;
656
$where_sql .= ' ' . $db->sql_in_set('p.forum_id', get_forum_list('!m_report'), true, true);
659
if ($mode == 'reports')
661
$where_sql .= ' AND r.report_closed = 0';
665
$where_sql .= ' AND r.report_closed = 1';
668
$sql = 'SELECT COUNT(r.report_id) AS total
669
FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . " p
671
AND p.post_id = r.post_id
680
$sql = 'SELECT COUNT(log_id) AS total
681
FROM ' . LOG_TABLE . "
682
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : get_forum_list('m_')) . '
683
AND log_time >= ' . $min_time . '
684
AND log_type = ' . LOG_MOD;
688
$sort_key = request_var('sk', $default_key);
689
$sort_dir = request_var('sd', $default_dir);
690
$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
695
$limit_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
696
$sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'tt' => $user->lang['TOPIC_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
698
$sort_by_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'tt' => 't.topic_time', 'r' => (($auth->acl_get('m_approve', $forum_id)) ? 't.topic_replies_real' : 't.topic_replies'), 's' => 't.topic_title', 'v' => 't.topic_views');
699
$limit_time_sql = ($min_time) ? "AND t.topic_last_post_time >= $min_time" : '';
703
$limit_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
704
$sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
705
$sort_by_sql = array('a' => 'u.username_clean', 't' => 'p.post_time', 's' => 'p.post_subject');
706
$limit_time_sql = ($min_time) ? "AND p.post_time >= $min_time" : '';
710
$limit_days = array(0 => $user->lang['ALL_REPORTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
711
$sort_by_text = array('a' => $user->lang['AUTHOR'], 'r' => $user->lang['REPORTER'], 'p' => $user->lang['POST_TIME'], 't' => $user->lang['REPORT_TIME'], 's' => $user->lang['SUBJECT']);
712
$sort_by_sql = array('a' => 'u.username_clean', 'r' => 'ru.username', 'p' => 'p.post_time', 't' => 'r.report_time', 's' => 'p.post_subject');
716
$limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
717
$sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
719
$sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
720
$limit_time_sql = ($min_time) ? "AND l.log_time >= $min_time" : '';
724
if (!isset($sort_by_sql[$sort_key]))
726
$sort_key = $default_key;
729
$sort_order_sql = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
731
$s_limit_days = $s_sort_key = $s_sort_dir = $sort_url = '';
732
gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $sort_url);
734
$template->assign_vars(array(
735
'S_SELECT_SORT_DIR' => $s_sort_dir,
736
'S_SELECT_SORT_KEY' => $s_sort_key,
737
'S_SELECT_SORT_DAYS' => $s_limit_days)
740
if (($sort_days && $mode != 'viewlogs') || in_array($mode, array('reports', 'unapproved_topics', 'unapproved_posts')) || $where_sql != 'WHERE')
742
$result = $db->sql_query($sql);
743
$total = (int) $db->sql_fetchfield('total');
744
$db->sql_freeresult($result);
755
* @param array &$ids The relevant ids to check
756
* @param string $table The table to find the ids in
757
* @param string $sql_id The ids relevant column name
758
* @param array $acl_list A list of permissions the user need to have
759
* @param mixed $singe_forum Limit to one forum id (int) or the first forum found (true)
761
* @return mixed False if no ids were able to be retrieved, true if at least one id left.
762
* Additionally, this value can be the forum_id assigned if $single_forum was set.
763
* Therefore checking the result for with !== false is the best method.
765
function check_ids(&$ids, $table, $sql_id, $acl_list = false, $single_forum = false)
769
if (!is_array($ids) || empty($ids))
774
$sql = "SELECT $sql_id, forum_id FROM $table
775
WHERE " . $db->sql_in_set($sql_id, $ids);
776
$result = $db->sql_query($sql);
781
while ($row = $db->sql_fetchrow($result))
783
if ($acl_list && $row['forum_id'] && !$auth->acl_gets($acl_list, $row['forum_id']))
788
if ($acl_list && !$row['forum_id'] && !$auth->acl_getf_global($acl_list))
793
// Limit forum? If not, just assign the id.
794
if ($single_forum === false)
796
$ids[] = $row[$sql_id];
800
// Limit forum to a specific forum id?
801
// This can get really tricky, because we do not want to create a failure on global topics. :)
802
if ($row['forum_id'])
804
if ($single_forum !== true && $row['forum_id'] == (int) $single_forum)
806
$forum_id = (int) $single_forum;
808
else if ($forum_id === false)
810
$forum_id = $row['forum_id'];
813
if ($row['forum_id'] == $forum_id)
815
$ids[] = $row[$sql_id];
820
// Always add a global topic
821
$ids[] = $row[$sql_id];
824
$db->sql_freeresult($result);
831
// If forum id is false and ids populated we may have only global announcements selected (returning 0 because of (int) $forum_id)
833
return ($single_forum === false) ? true : (int) $forum_id;
b'\\ No newline at end of file'
added
removed
www/php/phpBB3/mcp.php
