~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/php/phpBB3/includes/mcp/mcp_warn.php

Merge setup-stuff.

phpBB is gone, configuration, setup and jail building are completely redone.

Please read doc/setup/install_proc.txt, or you'll not get far.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
<?php
2
 
/**
3
 
*
4
 
* @package mcp
5
 
* @version $Id: mcp_warn.php,v 1.54 2007/10/19 13:10:01 acydburn Exp $
6
 
* @copyright (c) 2005 phpBB Group
7
 
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8
 
*
9
 
*/
10
 
 
11
 
/**
12
 
* @ignore
13
 
*/
14
 
if (!defined('IN_PHPBB'))
15
 
{
16
 
        exit;
17
 
}
18
 
 
19
 
/**
20
 
* mcp_warn
21
 
* Handling warning the users
22
 
* @package mcp
23
 
*/
24
 
class mcp_warn
25
 
{
26
 
        var $p_master;
27
 
        var $u_action;
28
 
 
29
 
        function mcp_warn(&$p_master)
30
 
        {
31
 
                $this->p_master = &$p_master;
32
 
        }
33
 
 
34
 
        function main($id, $mode)
35
 
        {
36
 
                global $auth, $db, $user, $template;
37
 
                global $config, $phpbb_root_path, $phpEx;
38
 
 
39
 
                $action = request_var('action', array('' => ''));
40
 
 
41
 
                if (is_array($action))
42
 
                {
43
 
                        list($action, ) = each($action);
44
 
                }
45
 
 
46
 
                $this->page_title = 'MCP_WARN';
47
 
 
48
 
                add_form_key('mcp_warn');
49
 
 
50
 
                switch ($mode)
51
 
                {
52
 
                        case 'front':
53
 
                                $this->mcp_warn_front_view();
54
 
                                $this->tpl_name = 'mcp_warn_front';
55
 
                        break;
56
 
 
57
 
                        case 'list':
58
 
                                $this->mcp_warn_list_view($action);
59
 
                                $this->tpl_name = 'mcp_warn_list';
60
 
                        break;
61
 
 
62
 
                        case 'warn_post':
63
 
                                $this->mcp_warn_post_view($action);
64
 
                                $this->tpl_name = 'mcp_warn_post';
65
 
                        break;
66
 
 
67
 
                        case 'warn_user':
68
 
                                $this->mcp_warn_user_view($action);
69
 
                                $this->tpl_name = 'mcp_warn_user';
70
 
                        break;
71
 
                }
72
 
        }
73
 
 
74
 
        /**
75
 
        * Generates the summary on the main page of the warning module
76
 
        */
77
 
        function mcp_warn_front_view()
78
 
        {
79
 
                global $phpEx, $phpbb_root_path, $config;
80
 
                global $template, $db, $user, $auth;
81
 
 
82
 
                $template->assign_vars(array(
83
 
                        'U_FIND_USERNAME'       => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=mcp&amp;field=username&amp;select_single=true'),
84
 
                        'U_POST_ACTION'         => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user'),
85
 
                ));
86
 
 
87
 
                // Obtain a list of the 5 naughtiest users....
88
 
                // These are the 5 users with the highest warning count
89
 
                $highest = array();
90
 
                $count = 0;
91
 
 
92
 
                view_warned_users($highest, $count, 5);
93
 
 
94
 
                foreach ($highest as $row)
95
 
                {
96
 
                        $template->assign_block_vars('highest', array(
97
 
                                'U_NOTES'               => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $row['user_id']),
98
 
 
99
 
                                'USERNAME_FULL'         => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
100
 
                                'USERNAME'                      => $row['username'],
101
 
                                'USERNAME_COLOUR'       => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
102
 
                                'U_USER'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
103
 
 
104
 
                                'WARNING_TIME'  => $user->format_date($row['user_last_warning']),
105
 
                                'WARNINGS'              => $row['user_warnings'],
106
 
                        ));
107
 
                }
108
 
 
109
 
                // And now the 5 most recent users to get in trouble
110
 
                $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_warnings, w.warning_time
111
 
                        FROM ' . USERS_TABLE . ' u, ' . WARNINGS_TABLE . ' w
112
 
                        WHERE u.user_id = w.user_id
113
 
                        ORDER BY w.warning_time DESC';
114
 
                $result = $db->sql_query_limit($sql, 5);
115
 
 
116
 
                while ($row = $db->sql_fetchrow($result))
117
 
                {
118
 
                        $template->assign_block_vars('latest', array(
119
 
                                'U_NOTES'               => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $row['user_id']),
120
 
 
121
 
                                'USERNAME_FULL'         => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
122
 
                                'USERNAME'                      => $row['username'],
123
 
                                'USERNAME_COLOUR'       => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
124
 
                                'U_USER'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
125
 
 
126
 
                                'WARNING_TIME'  => $user->format_date($row['warning_time']),
127
 
                                'WARNINGS'              => $row['user_warnings'],
128
 
                        ));
129
 
                }
130
 
                $db->sql_freeresult($result);
131
 
        }
132
 
 
133
 
        /**
134
 
        * Lists all users with warnings
135
 
        */
136
 
        function mcp_warn_list_view($action)
137
 
        {
138
 
                global $phpEx, $phpbb_root_path, $config;
139
 
                global $template, $db, $user, $auth;
140
 
 
141
 
                $user->add_lang('memberlist');
142
 
 
143
 
                $start  = request_var('start', 0);
144
 
                $st             = request_var('st', 0);
145
 
                $sk             = request_var('sk', 'b');
146
 
                $sd             = request_var('sd', 'd');
147
 
 
148
 
                $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
149
 
                $sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_WARNINGS']);
150
 
                $sort_by_sql = array('a' => 'username_clean', 'b' => 'user_last_warning', 'c' => 'user_warnings');
151
 
 
152
 
                $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
153
 
                gen_sort_selects($limit_days, $sort_by_text, $st, $sk, $sd, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
154
 
 
155
 
                // Define where and sort sql for use in displaying logs
156
 
                $sql_where = ($st) ? (time() - ($st * 86400)) : 0;
157
 
                $sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC');
158
 
 
159
 
                $users = array();
160
 
                $user_count = 0;
161
 
 
162
 
                view_warned_users($users, $user_count, $config['topics_per_page'], $start, $sql_where, $sql_sort);
163
 
 
164
 
                foreach ($users as $row)
165
 
                {
166
 
                        $template->assign_block_vars('user', array(
167
 
                                'U_NOTES'               => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $row['user_id']),
168
 
 
169
 
                                'USERNAME_FULL'         => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
170
 
                                'USERNAME'                      => $row['username'],
171
 
                                'USERNAME_COLOUR'       => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
172
 
                                'U_USER'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
173
 
                        
174
 
                                'WARNING_TIME'  => $user->format_date($row['user_last_warning']),
175
 
                                'WARNINGS'              => $row['user_warnings'],
176
 
                        ));
177
 
                }
178
 
 
179
 
                $template->assign_vars(array(
180
 
                        'U_POST_ACTION'                 => $this->u_action,
181
 
                        'S_CLEAR_ALLOWED'               => ($auth->acl_get('a_clearlogs')) ? true : false,
182
 
                        'S_SELECT_SORT_DIR'             => $s_sort_dir,
183
 
                        'S_SELECT_SORT_KEY'             => $s_sort_key,
184
 
                        'S_SELECT_SORT_DAYS'    => $s_limit_days,
185
 
 
186
 
                        'PAGE_NUMBER'           => on_page($user_count, $config['topics_per_page'], $start),
187
 
                        'PAGINATION'            => generate_pagination(append_sid("{$phpbb_root_path}mcp.$phpEx", "i=warn&amp;mode=list&amp;st=$st&amp;sk=$sk&amp;sd=$sd"), $user_count, $config['topics_per_page'], $start),
188
 
                        'TOTAL_USERS'           => ($user_count == 1) ? $user->lang['LIST_USER'] : sprintf($user->lang['LIST_USERS'], $user_count),
189
 
                ));
190
 
        }
191
 
 
192
 
        /**
193
 
        * Handles warning the user when the warning is for a specific post
194
 
        */
195
 
        function mcp_warn_post_view($action)
196
 
        {
197
 
                global $phpEx, $phpbb_root_path, $config;
198
 
                global $template, $db, $user, $auth;
199
 
 
200
 
                $post_id = request_var('p', 0);
201
 
                $forum_id = request_var('f', 0);
202
 
                $notify = (isset($_REQUEST['notify_user'])) ? true : false;
203
 
                $warning = utf8_normalize_nfc(request_var('warning', '', true));
204
 
 
205
 
                $sql = 'SELECT u.*, p.*
206
 
                        FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
207
 
                        WHERE post_id = $post_id
208
 
                                AND u.user_id = p.poster_id";
209
 
                $result = $db->sql_query($sql);
210
 
                $user_row = $db->sql_fetchrow($result);
211
 
                $db->sql_freeresult($result);
212
 
 
213
 
                if (!$user_row)
214
 
                {
215
 
                        trigger_error('NO_POST');
216
 
                }
217
 
 
218
 
                // There is no point issuing a warning to ignored users (ie anonymous and bots)
219
 
                if ($user_row['user_type'] == USER_IGNORE)
220
 
                {
221
 
                        trigger_error('CANNOT_WARN_ANONYMOUS');
222
 
                }
223
 
 
224
 
                // Prevent someone from warning themselves
225
 
                if ($user_row['user_id'] == $user->data['user_id'])
226
 
                {
227
 
                        trigger_error('CANNOT_WARN_SELF');
228
 
                }
229
 
 
230
 
                // Check if there is already a warning for this post to prevent multiple
231
 
                // warnings for the same offence
232
 
                $sql = 'SELECT post_id
233
 
                        FROM ' . WARNINGS_TABLE . "
234
 
                        WHERE post_id = $post_id";
235
 
                $result = $db->sql_query($sql);
236
 
                $row = $db->sql_fetchrow($result);
237
 
                $db->sql_freeresult($result);
238
 
 
239
 
                if ($row)
240
 
                {
241
 
                        trigger_error('ALREADY_WARNED');
242
 
                }
243
 
 
244
 
                $user_id = $user_row['user_id'];
245
 
 
246
 
                if (strpos($this->u_action, "&amp;f=$forum_id&amp;p=$post_id") === false)
247
 
                {
248
 
                        $this->p_master->adjust_url("&amp;f=$forum_id&amp;p=$post_id");
249
 
                        $this->u_action .= "&amp;f=$forum_id&amp;p=$post_id";
250
 
                }
251
 
 
252
 
                if ($warning && $action == 'add_warning')
253
 
                {
254
 
                        if (check_form_key('mcp_warn'))
255
 
                        {
256
 
                                add_warning($user_row, $warning, $notify, $post_id);
257
 
                                $msg = $user->lang['USER_WARNING_ADDED'];
258
 
                        }
259
 
                        else
260
 
                        {
261
 
                                $msg = $user->lang['FORM_INVALID'];
262
 
                        }
263
 
                        $redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&amp;mode=user_notes&amp;u=$user_id");
264
 
                        meta_refresh(2, $redirect);
265
 
                        trigger_error($user->lang['USER_WARNING_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
266
 
                }
267
 
 
268
 
                // OK, they didn't submit a warning so lets build the page for them to do so
269
 
                
270
 
                // We want to make the message available here as a reminder
271
 
                // Parse the message and subject
272
 
                $message = censor_text($user_row['post_text']);
273
 
 
274
 
                // Second parse bbcode here
275
 
                if ($user_row['bbcode_bitfield'])
276
 
                {
277
 
                        include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
278
 
 
279
 
                        $bbcode = new bbcode($user_row['bbcode_bitfield']);
280
 
                        $bbcode->bbcode_second_pass($message, $user_row['bbcode_uid'], $user_row['bbcode_bitfield']);
281
 
                }
282
 
 
283
 
                $message = bbcode_nl2br($message);
284
 
                $message = smiley_text($message);
285
 
 
286
 
                // Generate the appropriate user information for the user we are looking at
287
 
                if (!function_exists('get_user_avatar'))
288
 
                {
289
 
                        include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
290
 
                }
291
 
 
292
 
                $rank_title = $rank_img = '';
293
 
                $avatar_img = get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']);
294
 
 
295
 
                $template->assign_vars(array(
296
 
                        'U_POST_ACTION'         => $this->u_action,
297
 
 
298
 
                        'POST'                          => $message,
299
 
                        'USERNAME'                      => $user_row['username'],
300
 
                        'USER_COLOR'            => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '',
301
 
                        'RANK_TITLE'            => $rank_title,
302
 
                        'JOINED'                        => $user->format_date($user_row['user_regdate']),
303
 
                        'POSTS'                         => ($user_row['user_posts']) ? $user_row['user_posts'] : 0,
304
 
                        'WARNINGS'                      => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0,
305
 
 
306
 
                        'AVATAR_IMG'            => $avatar_img,
307
 
                        'RANK_IMG'                      => $rank_img,
308
 
 
309
 
                        'L_WARNING_POST_DEFAULT'        => sprintf($user->lang['WARNING_POST_DEFAULT'], generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&amp;p=$post_id#p$post_id"),
310
 
                ));
311
 
        }
312
 
 
313
 
        /**
314
 
        * Handles warning the user
315
 
        */
316
 
        function mcp_warn_user_view($action)
317
 
        {
318
 
                global $phpEx, $phpbb_root_path, $config, $module;
319
 
                global $template, $db, $user, $auth;
320
 
 
321
 
                $user_id = request_var('u', 0);
322
 
                $username = request_var('username', '', true);
323
 
                $notify = (isset($_REQUEST['notify_user'])) ? true : false;
324
 
                $warning = utf8_normalize_nfc(request_var('warning', '', true));
325
 
 
326
 
                $sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
327
 
 
328
 
                $sql = 'SELECT *
329
 
                        FROM ' . USERS_TABLE . '
330
 
                        WHERE ' . $sql_where;
331
 
                $result = $db->sql_query($sql);
332
 
                $user_row = $db->sql_fetchrow($result);
333
 
                $db->sql_freeresult($result);
334
 
 
335
 
                if (!$user_row)
336
 
                {
337
 
                        trigger_error('NO_USER');
338
 
                }
339
 
 
340
 
                // Prevent someone from warning themselves
341
 
                if ($user_row['user_id'] == $user->data['user_id'])
342
 
                {
343
 
                        trigger_error('CANNOT_WARN_SELF');
344
 
                }
345
 
 
346
 
                $user_id = $user_row['user_id'];
347
 
 
348
 
                if (strpos($this->u_action, "&amp;u=$user_id") === false)
349
 
                {
350
 
                        $this->p_master->adjust_url('&amp;u=' . $user_id);
351
 
                        $this->u_action .= "&amp;u=$user_id";
352
 
                }
353
 
 
354
 
                if ($warning && $action == 'add_warning')
355
 
                {
356
 
                        if (check_form_key('mcp_warn'))
357
 
                        {
358
 
                                add_warning($user_row, $warning, $notify);
359
 
                                $msg = $user->lang['USER_WARNING_ADDED'];
360
 
                        }
361
 
                        else
362
 
                        {
363
 
                                $msg = $user->lang['FORM_INVALID'];
364
 
                        }
365
 
                        $redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&amp;mode=user_notes&amp;u=$user_id");
366
 
                        meta_refresh(2, $redirect);
367
 
                        trigger_error($msg . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
368
 
                }
369
 
 
370
 
                // Generate the appropriate user information for the user we are looking at
371
 
                if (!function_exists('get_user_avatar'))
372
 
                {
373
 
                        include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
374
 
                }
375
 
 
376
 
                $rank_title = $rank_img = '';
377
 
                $avatar_img = get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']);
378
 
 
379
 
                // OK, they didn't submit a warning so lets build the page for them to do so
380
 
                $template->assign_vars(array(
381
 
                        'U_POST_ACTION'         => $this->u_action,
382
 
 
383
 
                        'USERNAME'                      => $user_row['username'],
384
 
                        'USER_COLOR'            => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '',
385
 
                        'RANK_TITLE'            => $rank_title,
386
 
                        'JOINED'                        => $user->format_date($user_row['user_regdate']),
387
 
                        'POSTS'                         => ($user_row['user_posts']) ? $user_row['user_posts'] : 0,
388
 
                        'WARNINGS'                      => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0,
389
 
 
390
 
                        'AVATAR_IMG'            => $avatar_img,
391
 
                        'RANK_IMG'                      => $rank_img,
392
 
                ));
393
 
 
394
 
                return $user_id;
395
 
        }
396
 
}
397
 
 
398
 
/**
399
 
* Insert the warning into the database
400
 
*/
401
 
function add_warning($user_row, $warning, $send_pm = true, $post_id = 0)
402
 
{
403
 
        global $phpEx, $phpbb_root_path, $config;
404
 
        global $template, $db, $user, $auth;
405
 
 
406
 
        if ($send_pm)
407
 
        {
408
 
                include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
409
 
                include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
410
 
 
411
 
                $user_row['user_lang'] = (file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mcp.$phpEx")) ? $user_row['user_lang'] : $config['default_lang'];
412
 
                include($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp.$phpEx");
413
 
 
414
 
                $message_parser = new parse_message();
415
 
 
416
 
                $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning);
417
 
                $message_parser->parse(true, true, true, false, false, true, true);
418
 
 
419
 
                $pm_data = array(
420
 
                        'from_user_id'                  => $user->data['user_id'],
421
 
                        'from_user_ip'                  => $user->ip,
422
 
                        'from_username'                 => $user->data['username'],
423
 
                        'enable_sig'                    => false,
424
 
                        'enable_bbcode'                 => true,
425
 
                        'enable_smilies'                => true,
426
 
                        'enable_urls'                   => false,
427
 
                        'icon_id'                               => 0,
428
 
                        'bbcode_bitfield'               => $message_parser->bbcode_bitfield,
429
 
                        'bbcode_uid'                    => $message_parser->bbcode_uid,
430
 
                        'message'                               => $message_parser->message,
431
 
                        'address_list'                  => array('u' => array($user_row['user_id'] => 'to')),
432
 
                );
433
 
 
434
 
                submit_pm('post', $lang['WARNING_PM_SUBJECT'], $pm_data, false);
435
 
        }
436
 
 
437
 
        add_log('admin', 'LOG_USER_WARNING', $user_row['username']);
438
 
        $log_id = add_log('user', $user_row['user_id'], 'LOG_USER_WARNING_BODY', $warning);
439
 
 
440
 
        $sql_ary = array(
441
 
                'user_id'               => $user_row['user_id'],
442
 
                'post_id'               => $post_id,
443
 
                'log_id'                => $log_id,
444
 
                'warning_time'  => time(),
445
 
        );
446
 
 
447
 
        $db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
448
 
 
449
 
        $sql = 'UPDATE ' . USERS_TABLE . '
450
 
                SET user_warnings = user_warnings + 1,
451
 
                        user_last_warning = ' . time() . '
452
 
                WHERE user_id = ' . $user_row['user_id'];
453
 
        $db->sql_query($sql);
454
 
 
455
 
        // We add this to the mod log too for moderators to see that a specific user got warned.
456
 
        $sql = 'SELECT forum_id, topic_id
457
 
                FROM ' . POSTS_TABLE . '
458
 
                WHERE post_id = ' . $post_id;
459
 
        $result = $db->sql_query($sql);
460
 
        $row = $db->sql_fetchrow($result);
461
 
        $db->sql_freeresult($result);
462
 
 
463
 
        add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_USER_WARNING', $user_row['username']);
464
 
}
465
 
 
466
 
?>
 
 
b'\\ No newline at end of file'