← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/php/phpBB3/includes/mcp/mcp_warn.php

  • Committer: William Grant
  • Date: 2009-02-23 23:47:02 UTC
  • mfrom: (1099.1.211 new-dispatch)
  • Revision ID: grantw@unimelb.edu.au-20090223234702-db4b1llly46ignwo
Merge from lp:~ivle-dev/ivle/new-dispatch.

Pretty much everything changes. Reread the setup docs. Backup your databases.
Every file is now in a different installed location, the configuration system
is rewritten, the dispatch system is rewritten, URLs are different, the
database is different, worksheets and exercises are no longer on the
filesystem, we use a templating engine, jail service protocols are rewritten,
we don't repeat ourselves, we have authorization rewritten, phpBB is gone,
and probably lots of other things that I cannot remember.

This is certainly the biggest commit I have ever made, and hopefully
the largest I ever will.

Show diffs side-by-side

added added

removed removed

Lines of Context:
www/php/phpBB3/includes/mcp/mcp_warn.php
1
 
<?php
2
 
/**
3
 
*
4
 
* @package mcp
5
 
* @version $Id: mcp_warn.php,v 1.54 2007/10/19 13:10:01 acydburn Exp $
6
 
* @copyright (c) 2005 phpBB Group
7
 
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8
 
*
9
 
*/
10
 
 
11
 
/**
12
 
* @ignore
13
 
*/
14
 
if (!defined('IN_PHPBB'))
15
 
{
16
 
        exit;
17
 
}
18
 
 
19
 
/**
20
 
* mcp_warn
21
 
* Handling warning the users
22
 
* @package mcp
23
 
*/
24
 
class mcp_warn
25
 
{
26
 
        var $p_master;
27
 
        var $u_action;
28
 
 
29
 
        function mcp_warn(&$p_master)
30
 
        {
31
 
                $this->p_master = &$p_master;
32
 
        }
33
 
 
34
 
        function main($id, $mode)
35
 
        {
36
 
                global $auth, $db, $user, $template;
37
 
                global $config, $phpbb_root_path, $phpEx;
38
 
 
39
 
                $action = request_var('action', array('' => ''));
40
 
 
41
 
                if (is_array($action))
42
 
                {
43
 
                        list($action, ) = each($action);
44
 
                }
45
 
 
46
 
                $this->page_title = 'MCP_WARN';
47
 
 
48
 
                add_form_key('mcp_warn');
49
 
 
50
 
                switch ($mode)
51
 
                {
52
 
                        case 'front':
53
 
                                $this->mcp_warn_front_view();
54
 
                                $this->tpl_name = 'mcp_warn_front';
55
 
                        break;
56
 
 
57
 
                        case 'list':
58
 
                                $this->mcp_warn_list_view($action);
59
 
                                $this->tpl_name = 'mcp_warn_list';
60
 
                        break;
61
 
 
62
 
                        case 'warn_post':
63
 
                                $this->mcp_warn_post_view($action);
64
 
                                $this->tpl_name = 'mcp_warn_post';
65
 
                        break;
66
 
 
67
 
                        case 'warn_user':
68
 
                                $this->mcp_warn_user_view($action);
69
 
                                $this->tpl_name = 'mcp_warn_user';
70
 
                        break;
71
 
                }
72
 
        }
73
 
 
74
 
        /**
75
 
        * Generates the summary on the main page of the warning module
76
 
        */
77
 
        function mcp_warn_front_view()
78
 
        {
79
 
                global $phpEx, $phpbb_root_path, $config;
80
 
                global $template, $db, $user, $auth;
81
 
 
82
 
                $template->assign_vars(array(
83
 
                        'U_FIND_USERNAME'       => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=mcp&amp;field=username&amp;select_single=true'),
84
 
                        'U_POST_ACTION'         => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user'),
85
 
                ));
86
 
 
87
 
                // Obtain a list of the 5 naughtiest users....
88
 
                // These are the 5 users with the highest warning count
89
 
                $highest = array();
90
 
                $count = 0;
91
 
 
92
 
                view_warned_users($highest, $count, 5);
93
 
 
94
 
                foreach ($highest as $row)
95
 
                {
96
 
                        $template->assign_block_vars('highest', array(
97
 
                                'U_NOTES'               => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $row['user_id']),
98
 
 
99
 
                                'USERNAME_FULL'         => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
100
 
                                'USERNAME'                      => $row['username'],
101
 
                                'USERNAME_COLOUR'       => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
102
 
                                'U_USER'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
103
 
 
104
 
                                'WARNING_TIME'  => $user->format_date($row['user_last_warning']),
105
 
                                'WARNINGS'              => $row['user_warnings'],
106
 
                        ));
107
 
                }
108
 
 
109
 
                // And now the 5 most recent users to get in trouble
110
 
                $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_warnings, w.warning_time
111
 
                        FROM ' . USERS_TABLE . ' u, ' . WARNINGS_TABLE . ' w
112
 
                        WHERE u.user_id = w.user_id
113
 
                        ORDER BY w.warning_time DESC';
114
 
                $result = $db->sql_query_limit($sql, 5);
115
 
 
116
 
                while ($row = $db->sql_fetchrow($result))
117
 
                {
118
 
                        $template->assign_block_vars('latest', array(
119
 
                                'U_NOTES'               => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $row['user_id']),
120
 
 
121
 
                                'USERNAME_FULL'         => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
122
 
                                'USERNAME'                      => $row['username'],
123
 
                                'USERNAME_COLOUR'       => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
124
 
                                'U_USER'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
125
 
 
126
 
                                'WARNING_TIME'  => $user->format_date($row['warning_time']),
127
 
                                'WARNINGS'              => $row['user_warnings'],
128
 
                        ));
129
 
                }
130
 
                $db->sql_freeresult($result);
131
 
        }
132
 
 
133
 
        /**
134
 
        * Lists all users with warnings
135
 
        */
136
 
        function mcp_warn_list_view($action)
137
 
        {
138
 
                global $phpEx, $phpbb_root_path, $config;
139
 
                global $template, $db, $user, $auth;
140
 
 
141
 
                $user->add_lang('memberlist');
142
 
 
143
 
                $start  = request_var('start', 0);
144
 
                $st             = request_var('st', 0);
145
 
                $sk             = request_var('sk', 'b');
146
 
                $sd             = request_var('sd', 'd');
147
 
 
148
 
                $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
149
 
                $sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_WARNINGS']);
150
 
                $sort_by_sql = array('a' => 'username_clean', 'b' => 'user_last_warning', 'c' => 'user_warnings');
151
 
 
152
 
                $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
153
 
                gen_sort_selects($limit_days, $sort_by_text, $st, $sk, $sd, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
154
 
 
155
 
                // Define where and sort sql for use in displaying logs
156
 
                $sql_where = ($st) ? (time() - ($st * 86400)) : 0;
157
 
                $sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC');
158
 
 
159
 
                $users = array();
160
 
                $user_count = 0;
161
 
 
162
 
                view_warned_users($users, $user_count, $config['topics_per_page'], $start, $sql_where, $sql_sort);
163
 
 
164
 
                foreach ($users as $row)
165
 
                {
166
 
                        $template->assign_block_vars('user', array(
167
 
                                'U_NOTES'               => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $row['user_id']),
168
 
 
169
 
                                'USERNAME_FULL'         => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
170
 
                                'USERNAME'                      => $row['username'],
171
 
                                'USERNAME_COLOUR'       => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
172
 
                                'U_USER'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
173
 
                        
174
 
                                'WARNING_TIME'  => $user->format_date($row['user_last_warning']),
175
 
                                'WARNINGS'              => $row['user_warnings'],
176
 
                        ));
177
 
                }
178
 
 
179
 
                $template->assign_vars(array(
180
 
                        'U_POST_ACTION'                 => $this->u_action,
181
 
                        'S_CLEAR_ALLOWED'               => ($auth->acl_get('a_clearlogs')) ? true : false,
182
 
                        'S_SELECT_SORT_DIR'             => $s_sort_dir,
183
 
                        'S_SELECT_SORT_KEY'             => $s_sort_key,
184
 
                        'S_SELECT_SORT_DAYS'    => $s_limit_days,
185
 
 
186
 
                        'PAGE_NUMBER'           => on_page($user_count, $config['topics_per_page'], $start),
187
 
                        'PAGINATION'            => generate_pagination(append_sid("{$phpbb_root_path}mcp.$phpEx", "i=warn&amp;mode=list&amp;st=$st&amp;sk=$sk&amp;sd=$sd"), $user_count, $config['topics_per_page'], $start),
188
 
                        'TOTAL_USERS'           => ($user_count == 1) ? $user->lang['LIST_USER'] : sprintf($user->lang['LIST_USERS'], $user_count),
189
 
                ));
190
 
        }
191
 
 
192
 
        /**
193
 
        * Handles warning the user when the warning is for a specific post
194
 
        */
195
 
        function mcp_warn_post_view($action)
196
 
        {
197
 
                global $phpEx, $phpbb_root_path, $config;
198
 
                global $template, $db, $user, $auth;
199
 
 
200
 
                $post_id = request_var('p', 0);
201
 
                $forum_id = request_var('f', 0);
202
 
                $notify = (isset($_REQUEST['notify_user'])) ? true : false;
203
 
                $warning = utf8_normalize_nfc(request_var('warning', '', true));
204
 
 
205
 
                $sql = 'SELECT u.*, p.*
206
 
                        FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
207
 
                        WHERE post_id = $post_id
208
 
                                AND u.user_id = p.poster_id";
209
 
                $result = $db->sql_query($sql);
210
 
                $user_row = $db->sql_fetchrow($result);
211
 
                $db->sql_freeresult($result);
212
 
 
213
 
                if (!$user_row)
214
 
                {
215
 
                        trigger_error('NO_POST');
216
 
                }
217
 
 
218
 
                // There is no point issuing a warning to ignored users (ie anonymous and bots)
219
 
                if ($user_row['user_type'] == USER_IGNORE)
220
 
                {
221
 
                        trigger_error('CANNOT_WARN_ANONYMOUS');
222
 
                }
223
 
 
224
 
                // Prevent someone from warning themselves
225
 
                if ($user_row['user_id'] == $user->data['user_id'])
226
 
                {
227
 
                        trigger_error('CANNOT_WARN_SELF');
228
 
                }
229
 
 
230
 
                // Check if there is already a warning for this post to prevent multiple
231
 
                // warnings for the same offence
232
 
                $sql = 'SELECT post_id
233
 
                        FROM ' . WARNINGS_TABLE . "
234
 
                        WHERE post_id = $post_id";
235
 
                $result = $db->sql_query($sql);
236
 
                $row = $db->sql_fetchrow($result);
237
 
                $db->sql_freeresult($result);
238
 
 
239
 
                if ($row)
240
 
                {
241
 
                        trigger_error('ALREADY_WARNED');
242
 
                }
243
 
 
244
 
                $user_id = $user_row['user_id'];
245
 
 
246
 
                if (strpos($this->u_action, "&amp;f=$forum_id&amp;p=$post_id") === false)
247
 
                {
248
 
                        $this->p_master->adjust_url("&amp;f=$forum_id&amp;p=$post_id");
249
 
                        $this->u_action .= "&amp;f=$forum_id&amp;p=$post_id";
250
 
                }
251
 
 
252
 
                if ($warning && $action == 'add_warning')
253
 
                {
254
 
                        if (check_form_key('mcp_warn'))
255
 
                        {
256
 
                                add_warning($user_row, $warning, $notify, $post_id);
257
 
                                $msg = $user->lang['USER_WARNING_ADDED'];
258
 
                        }
259
 
                        else
260
 
                        {
261
 
                                $msg = $user->lang['FORM_INVALID'];
262
 
                        }
263
 
                        $redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&amp;mode=user_notes&amp;u=$user_id");
264
 
                        meta_refresh(2, $redirect);
265
 
                        trigger_error($user->lang['USER_WARNING_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
266
 
                }
267
 
 
268
 
                // OK, they didn't submit a warning so lets build the page for them to do so
269
 
                
270
 
                // We want to make the message available here as a reminder
271
 
                // Parse the message and subject
272
 
                $message = censor_text($user_row['post_text']);
273
 
 
274
 
                // Second parse bbcode here
275
 
                if ($user_row['bbcode_bitfield'])
276
 
                {
277
 
                        include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
278
 
 
279
 
                        $bbcode = new bbcode($user_row['bbcode_bitfield']);
280
 
                        $bbcode->bbcode_second_pass($message, $user_row['bbcode_uid'], $user_row['bbcode_bitfield']);
281
 
                }
282
 
 
283
 
                $message = bbcode_nl2br($message);
284
 
                $message = smiley_text($message);
285
 
 
286
 
                // Generate the appropriate user information for the user we are looking at
287
 
                if (!function_exists('get_user_avatar'))
288
 
                {
289
 
                        include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
290
 
                }
291
 
 
292
 
                $rank_title = $rank_img = '';
293
 
                $avatar_img = get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']);
294
 
 
295
 
                $template->assign_vars(array(
296
 
                        'U_POST_ACTION'         => $this->u_action,
297
 
 
298
 
                        'POST'                          => $message,
299
 
                        'USERNAME'                      => $user_row['username'],
300
 
                        'USER_COLOR'            => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '',
301
 
                        'RANK_TITLE'            => $rank_title,
302
 
                        'JOINED'                        => $user->format_date($user_row['user_regdate']),
303
 
                        'POSTS'                         => ($user_row['user_posts']) ? $user_row['user_posts'] : 0,
304
 
                        'WARNINGS'                      => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0,
305
 
 
306
 
                        'AVATAR_IMG'            => $avatar_img,
307
 
                        'RANK_IMG'                      => $rank_img,
308
 
 
309
 
                        'L_WARNING_POST_DEFAULT'        => sprintf($user->lang['WARNING_POST_DEFAULT'], generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&amp;p=$post_id#p$post_id"),
310
 
                ));
311
 
        }
312
 
 
313
 
        /**
314
 
        * Handles warning the user
315
 
        */
316
 
        function mcp_warn_user_view($action)
317
 
        {
318
 
                global $phpEx, $phpbb_root_path, $config, $module;
319
 
                global $template, $db, $user, $auth;
320
 
 
321
 
                $user_id = request_var('u', 0);
322
 
                $username = request_var('username', '', true);
323
 
                $notify = (isset($_REQUEST['notify_user'])) ? true : false;
324
 
                $warning = utf8_normalize_nfc(request_var('warning', '', true));
325
 
 
326
 
                $sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
327
 
 
328
 
                $sql = 'SELECT *
329
 
                        FROM ' . USERS_TABLE . '
330
 
                        WHERE ' . $sql_where;
331
 
                $result = $db->sql_query($sql);
332
 
                $user_row = $db->sql_fetchrow($result);
333
 
                $db->sql_freeresult($result);
334
 
 
335
 
                if (!$user_row)
336
 
                {
337
 
                        trigger_error('NO_USER');
338
 
                }
339
 
 
340
 
                // Prevent someone from warning themselves
341
 
                if ($user_row['user_id'] == $user->data['user_id'])
342
 
                {
343
 
                        trigger_error('CANNOT_WARN_SELF');
344
 
                }
345
 
 
346
 
                $user_id = $user_row['user_id'];
347
 
 
348
 
                if (strpos($this->u_action, "&amp;u=$user_id") === false)
349
 
                {
350
 
                        $this->p_master->adjust_url('&amp;u=' . $user_id);
351
 
                        $this->u_action .= "&amp;u=$user_id";
352
 
                }
353
 
 
354
 
                if ($warning && $action == 'add_warning')
355
 
                {
356
 
                        if (check_form_key('mcp_warn'))
357
 
                        {
358
 
                                add_warning($user_row, $warning, $notify);
359
 
                                $msg = $user->lang['USER_WARNING_ADDED'];
360
 
                        }
361
 
                        else
362
 
                        {
363
 
                                $msg = $user->lang['FORM_INVALID'];
364
 
                        }
365
 
                        $redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&amp;mode=user_notes&amp;u=$user_id");
366
 
                        meta_refresh(2, $redirect);
367
 
                        trigger_error($msg . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
368
 
                }
369
 
 
370
 
                // Generate the appropriate user information for the user we are looking at
371
 
                if (!function_exists('get_user_avatar'))
372
 
                {
373
 
                        include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
374
 
                }
375
 
 
376
 
                $rank_title = $rank_img = '';
377
 
                $avatar_img = get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']);
378
 
 
379
 
                // OK, they didn't submit a warning so lets build the page for them to do so
380
 
                $template->assign_vars(array(
381
 
                        'U_POST_ACTION'         => $this->u_action,
382
 
 
383
 
                        'USERNAME'                      => $user_row['username'],
384
 
                        'USER_COLOR'            => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '',
385
 
                        'RANK_TITLE'            => $rank_title,
386
 
                        'JOINED'                        => $user->format_date($user_row['user_regdate']),
387
 
                        'POSTS'                         => ($user_row['user_posts']) ? $user_row['user_posts'] : 0,
388
 
                        'WARNINGS'                      => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0,
389
 
 
390
 
                        'AVATAR_IMG'            => $avatar_img,
391
 
                        'RANK_IMG'                      => $rank_img,
392
 
                ));
393
 
 
394
 
                return $user_id;
395
 
        }
396
 
}
397
 
 
398
 
/**
399
 
* Insert the warning into the database
400
 
*/
401
 
function add_warning($user_row, $warning, $send_pm = true, $post_id = 0)
402
 
{
403
 
        global $phpEx, $phpbb_root_path, $config;
404
 
        global $template, $db, $user, $auth;
405
 
 
406
 
        if ($send_pm)
407
 
        {
408
 
                include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
409
 
                include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
410
 
 
411
 
                $user_row['user_lang'] = (file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mcp.$phpEx")) ? $user_row['user_lang'] : $config['default_lang'];
412
 
                include($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp.$phpEx");
413
 
 
414
 
                $message_parser = new parse_message();
415
 
 
416
 
                $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning);
417
 
                $message_parser->parse(true, true, true, false, false, true, true);
418
 
 
419
 
                $pm_data = array(
420
 
                        'from_user_id'                  => $user->data['user_id'],
421
 
                        'from_user_ip'                  => $user->ip,
422
 
                        'from_username'                 => $user->data['username'],
423
 
                        'enable_sig'                    => false,
424
 
                        'enable_bbcode'                 => true,
425
 
                        'enable_smilies'                => true,
426
 
                        'enable_urls'                   => false,
427
 
                        'icon_id'                               => 0,
428
 
                        'bbcode_bitfield'               => $message_parser->bbcode_bitfield,
429
 
                        'bbcode_uid'                    => $message_parser->bbcode_uid,
430
 
                        'message'                               => $message_parser->message,
431
 
                        'address_list'                  => array('u' => array($user_row['user_id'] => 'to')),
432
 
                );
433
 
 
434
 
                submit_pm('post', $lang['WARNING_PM_SUBJECT'], $pm_data, false);
435
 
        }
436
 
 
437
 
        add_log('admin', 'LOG_USER_WARNING', $user_row['username']);
438
 
        $log_id = add_log('user', $user_row['user_id'], 'LOG_USER_WARNING_BODY', $warning);
439
 
 
440
 
        $sql_ary = array(
441
 
                'user_id'               => $user_row['user_id'],
442
 
                'post_id'               => $post_id,
443
 
                'log_id'                => $log_id,
444
 
                'warning_time'  => time(),
445
 
        );
446
 
 
447
 
        $db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
448
 
 
449
 
        $sql = 'UPDATE ' . USERS_TABLE . '
450
 
                SET user_warnings = user_warnings + 1,
451
 
                        user_last_warning = ' . time() . '
452
 
                WHERE user_id = ' . $user_row['user_id'];
453
 
        $db->sql_query($sql);
454
 
 
455
 
        // We add this to the mod log too for moderators to see that a specific user got warned.
456
 
        $sql = 'SELECT forum_id, topic_id
457
 
                FROM ' . POSTS_TABLE . '
458
 
                WHERE post_id = ' . $post_id;
459
 
        $result = $db->sql_query($sql);
460
 
        $row = $db->sql_fetchrow($result);
461
 
        $db->sql_freeresult($result);
462
 
 
463
 
        add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_USER_WARNING', $user_row['username']);
464
 
}
465
 
 
466
 
?>
 
 
b'\\ No newline at end of file'