[ Index ] |
PHP Cross Reference of MyBB 1.8.37 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'moderation.php'); 13 14 $templatelist = "changeuserbox,loginbox,moderation_delayedmoderation_custommodtool,moderation_delayedmodaction_notes,moderation_delayedmoderation_merge,moderation_delayedmoderation_move,moderation_threadnotes"; 15 $templatelist .= ",moderation_delayedmoderation,moderation_deletethread,moderation_deletepoll,moderation_mergeposts_post,moderation_viewthreadnotes,moderation_confirmation,moderation_purgespammer,forumjump_bit"; 16 $templatelist .= ",moderation_move,moderation_threadnotes_modaction,moderation_threadnotes_delayedmodaction,moderation_getip_modoptions,moderation_getip,moderation_getpmip,moderation_getpmip_modal"; 17 $templatelist .= ",moderation_split_post,moderation_inline_deletethreads,moderation_inline_movethreads,moderation_inline_deleteposts,moderation_inline_mergeposts,moderation_threadnotes_modaction_error"; 18 $templatelist .= ",moderation_inline_splitposts,forumjump_special,forumjump_advanced,forumdisplay_password_wrongpass,forumdisplay_password,moderation_inline_moveposts,moderation_delayedmodaction_error"; 19 $templatelist .= ",moderation_delayedmodaction_notes_thread_single,moderation_delayedmodaction_notes_thread_multiple,moderation_delayedmodaction_notes_forum,moderation_delayedmodaction_notes_new_forum"; 20 $templatelist .= ",moderation_delayedmodaction_notes_redirect,moderation_delayedmodaction_notes_merge,moderation_delayedmoderation_thread,moderation_threadnotes_modaction_thread,moderation_getip_modal"; 21 $templatelist .= ",moderation_delayedmoderation_date_day,moderation_delayedmoderation_date_month,moderation_threadnotes_modaction_post,moderation_merge,moderation_split,moderation_threadnotes_modaction_forum"; 22 $templatelist .= ",moderation_delayedmoderation_openclose,moderation_delayedmoderation_softdeleterestore,moderation_delayedmoderation_delete,moderation_delayedmoderation_stick,moderation_delayedmoderation_approve"; 23 24 require_once "./global.php"; 25 require_once MYBB_ROOT."inc/functions_post.php"; 26 require_once MYBB_ROOT."inc/functions_upload.php"; 27 require_once MYBB_ROOT."inc/class_parser.php"; 28 $parser = new postParser; 29 require_once MYBB_ROOT."inc/class_moderation.php"; 30 $moderation = new Moderation; 31 32 // Load global language phrases 33 $lang->load("moderation"); 34 35 $plugins->run_hooks("moderation_start"); 36 37 $tid = $mybb->get_input('tid', MyBB::INPUT_INT); 38 $pid = $mybb->get_input('pid', MyBB::INPUT_INT); 39 $fid = $mybb->get_input('fid', MyBB::INPUT_INT); 40 $pmid = $mybb->get_input('pmid', MyBB::INPUT_INT); 41 $modal = $mybb->get_input('modal', MyBB::INPUT_INT); 42 43 if($mybb->user['uid'] == 0) 44 { 45 error_no_permission(); 46 } 47 48 49 if($pid) 50 { 51 $post = get_post($pid); 52 if(!$post) 53 { 54 error($lang->error_invalidpost, $lang->error); 55 } 56 $tid = $post['tid']; 57 } 58 59 if($tid) 60 { 61 $thread = get_thread($tid); 62 if(!$thread) 63 { 64 error($lang->error_invalidthread, $lang->error); 65 } 66 $fid = $thread['fid']; 67 } 68 69 if($fid) 70 { 71 $modlogdata['fid'] = $fid; 72 $forum = get_forum($fid); 73 74 // Make navigation 75 build_forum_breadcrumb($fid); 76 77 // Get our permissions all nice and setup 78 $permissions = forum_permissions($fid); 79 } 80 81 if($pmid > 0) 82 { 83 $query = $db->simple_select('privatemessages', 'uid, subject, ipaddress, fromid', "pmid = $pmid"); 84 85 $pm = $db->fetch_array($query); 86 87 if(!$pm) 88 { 89 error($lang->error_invalidpm, $lang->error); 90 } 91 } 92 93 // Get some navigation if we need it 94 $mybb->input['action'] = $mybb->get_input('action'); 95 switch($mybb->input['action']) 96 { 97 case "reports": 98 add_breadcrumb($lang->reported_posts); 99 break; 100 case "allreports": 101 add_breadcrumb($lang->all_reported_posts); 102 break; 103 104 } 105 106 if(isset($thread)) 107 { 108 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 109 add_breadcrumb($thread['subject'], get_thread_link($thread['tid'])); 110 $modlogdata['tid'] = $thread['tid']; 111 } 112 113 if(isset($forum)) 114 { 115 // Check if this forum is password protected and we have a valid password 116 check_forum_password($forum['fid']); 117 } 118 119 $log_multithreads_actions = array("do_multideletethreads", "multiclosethreads", "multiopenthreads", "multiapprovethreads", "multiunapprovethreads", "multirestorethreads", "multisoftdeletethreads","multistickthreads", "multiunstickthreads", "do_multimovethreads"); 120 if(in_array($mybb->input['action'], $log_multithreads_actions)) 121 { 122 if(!empty($mybb->input['searchid'])) 123 { 124 $tids = getids($mybb->get_input('searchid'), 'search'); 125 } 126 else 127 { 128 $tids = getids($fid, 'forum'); 129 } 130 131 $modlogdata['tids'] = (array)$tids; 132 133 unset($tids); 134 } 135 136 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 137 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 138 139 $allowable_moderation_actions = array("getip", "getpmip", "cancel_delayedmoderation", "delayedmoderation", "threadnotes", "purgespammer", "viewthreadnotes"); 140 141 if($mybb->request_method != "post" && !in_array($mybb->input['action'], $allowable_moderation_actions)) 142 { 143 error_no_permission(); 144 } 145 146 // Begin! 147 switch($mybb->input['action']) 148 { 149 // Delayed Moderation 150 case "cancel_delayedmoderation": 151 // Verify incoming POST request 152 verify_post_check($mybb->get_input('my_post_key')); 153 154 add_breadcrumb($lang->delayed_moderation); 155 if(!is_moderator($fid, "canmanagethreads")) 156 { 157 error_no_permission(); 158 } 159 160 $plugins->run_hooks('moderation_cancel_delayedmoderation'); 161 162 $db->delete_query("delayedmoderation", "did='".$mybb->get_input('did', MyBB::INPUT_INT)."'"); 163 164 if($tid == 0) 165 { 166 moderation_redirect(get_forum_link($fid), $lang->redirect_delayed_moderation_cancelled); 167 } 168 else 169 { 170 moderation_redirect("moderation.php?action=delayedmoderation&tid={$tid}&my_post_key={$mybb->post_code}", $lang->redirect_delayed_moderation_cancelled); 171 } 172 break; 173 case "do_delayedmoderation": 174 case "delayedmoderation": 175 // Verify incoming POST request 176 verify_post_check($mybb->get_input('my_post_key')); 177 178 $localized_time_offset = $mybb->user['timezone']*3600 + $mybb->user['dst']*3600; 179 180 if(!$mybb->get_input('date_day', MyBB::INPUT_INT)) 181 { 182 $mybb->input['date_day'] = gmdate('d', TIME_NOW + $localized_time_offset); 183 } 184 if(!$mybb->get_input('date_month', MyBB::INPUT_INT)) 185 { 186 $mybb->input['date_month'] = gmdate('m', TIME_NOW + $localized_time_offset); 187 } 188 189 // Assume in-line moderation if TID is not set 190 if(!empty($mybb->input['tid'])) 191 { 192 $mybb->input['tids'] = $tid; 193 } 194 else 195 { 196 if($mybb->get_input('inlinetype') == 'search') 197 { 198 $tids = getids($mybb->get_input('searchid'), 'search'); 199 } 200 else 201 { 202 $fid = $mybb->get_input('fid', MyBB::INPUT_INT); 203 $tids = getids($fid, "forum"); 204 } 205 if(count($tids) < 1) 206 { 207 error($lang->error_inline_nothreadsselected, $lang->error); 208 } 209 210 $mybb->input['tids'] = $tids; 211 } 212 213 add_breadcrumb($lang->delayed_moderation); 214 215 if(!is_moderator($fid, "canmanagethreads")) 216 { 217 error_no_permission(); 218 } 219 220 $errors = array(); 221 $customthreadtools = ""; 222 223 $allowed_types = array('move', 'merge', 'removeredirects', 'removesubscriptions'); 224 225 if(is_moderator($fid, "canopenclosethreads")) 226 { 227 $allowed_types[] = "openclosethread"; 228 } 229 230 if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads")) 231 { 232 $allowed_types[] = "softdeleterestorethread"; 233 } 234 235 if(is_moderator($fid, "candeletethreads")) 236 { 237 $allowed_types[] = "deletethread"; 238 } 239 240 if(is_moderator($fid, "canstickunstickthreads")) 241 { 242 $allowed_types[] = "stick"; 243 } 244 245 if(is_moderator($fid, "canapproveunapprovethreads")) 246 { 247 $allowed_types[] = "approveunapprovethread"; 248 } 249 250 $mybb->input['type'] = $mybb->get_input('type'); 251 252 if(is_moderator($fid, "canusecustomtools")) 253 { 254 switch($db->type) 255 { 256 case "pgsql": 257 case "sqlite": 258 $query = $db->simple_select("modtools", 'tid, name, `groups`', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 259 break; 260 default: 261 $query = $db->simple_select("modtools", 'tid, name, `groups`', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 262 } 263 while($tool = $db->fetch_array($query)) 264 { 265 if(is_member($tool['groups'])) 266 { 267 $allowed_types[] = "modtool_".$tool['tid']; 268 269 $tool['name'] = htmlspecialchars_uni($tool['name']); 270 271 $checked = ""; 272 if($mybb->input['type'] == "modtool_".$tool['tid']) 273 { 274 $checked = "checked=\"checked\""; 275 } 276 277 eval("\$customthreadtools .= \"".$templates->get("moderation_delayedmoderation_custommodtool")."\";"); 278 } 279 } 280 } 281 282 $mybb->input['delayedmoderation'] = $mybb->get_input('delayedmoderation', MyBB::INPUT_ARRAY); 283 284 if($mybb->input['action'] == "do_delayedmoderation" && $mybb->request_method == "post") 285 { 286 if(!in_array($mybb->input['type'], $allowed_types)) 287 { 288 $mybb->input['type'] = ''; 289 $errors[] = $lang->error_delayedmoderation_unsupported_type; 290 } 291 292 if($mybb->input['type'] == 'move' && (!isset($mybb->input['delayedmoderation']['method']) || !in_array($mybb->input['delayedmoderation']['method'], array('move', 'redirect', 'copy')))) 293 { 294 $mybb->input['delayedmoderation']['method'] = ''; 295 $errors[] = $lang->error_delayedmoderation_unsupported_method; 296 } 297 298 if($mybb->input['type'] == 'move') 299 { 300 $newfid = (int)$mybb->input['delayedmoderation']['new_forum']; 301 302 // Make sure moderator has permission to move to the new forum 303 $newperms = forum_permissions($newfid); 304 if($newperms['canview'] == 0 || !is_moderator($newfid, 'canmovetononmodforum')) 305 { 306 $errors[] = $lang->error_movetononmodforum; 307 } 308 309 $newforum = get_forum($newfid); 310 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 311 { 312 $errors[] = $lang->error_invalidforum; 313 } 314 315 $method = $mybb->input['delayedmoderation']['method']; 316 if($method != "copy" && $fid == $newfid) 317 { 318 $errors[] = $lang->error_movetosameforum; 319 } 320 } 321 322 if($mybb->input['date_day'] > 31 || $mybb->input['date_day'] < 1) 323 { 324 $errors[] = $lang->error_delayedmoderation_invalid_date_day; 325 } 326 327 if($mybb->input['date_month'] > 12 || $mybb->input['date_month'] < 1) 328 { 329 $errors[] = $lang->error_delayedmoderation_invalid_date_month; 330 } 331 332 if($mybb->input['date_year'] < gmdate('Y', TIME_NOW + $localized_time_offset)) 333 { 334 $errors[] = $lang->error_delayedmoderation_invalid_date_year; 335 } 336 337 $date_time = explode(' ', $mybb->get_input('date_time')); 338 $date_time = explode(':', (string)$date_time[0]); 339 340 if(stristr($mybb->input['date_time'], 'pm')) 341 { 342 $date_time[0] = 12+$date_time[0]; 343 if($date_time[0] >= 24) 344 { 345 $date_time[0] = '00'; 346 } 347 } 348 349 $rundate = gmmktime((int)$date_time[0], (int)$date_time[1], date('s', TIME_NOW), $mybb->get_input('date_month', MyBB::INPUT_INT), $mybb->get_input('date_day', MyBB::INPUT_INT), $mybb->get_input('date_year', MyBB::INPUT_INT)) - $localized_time_offset; 350 351 if(!$errors) 352 { 353 if(is_array($mybb->input['tids'])) 354 { 355 $mybb->input['tids'] = implode(',', $mybb->input['tids']); 356 } 357 358 $did = $db->insert_query("delayedmoderation", array( 359 'type' => $db->escape_string($mybb->input['type']), 360 'delaydateline' => (int)$rundate, 361 'uid' => $mybb->user['uid'], 362 'tids' => $db->escape_string($mybb->input['tids']), 363 'fid' => $fid, 364 'dateline' => TIME_NOW, 365 'inputs' => $db->escape_string(my_serialize($mybb->input['delayedmoderation'])) 366 )); 367 368 $plugins->run_hooks('moderation_do_delayedmoderation'); 369 370 $rundate_format = my_date('relative', $rundate, '', 2); 371 $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, $rundate_format); 372 373 if(!empty($mybb->input['tid'])) 374 { 375 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread); 376 } 377 else 378 { 379 if($mybb->get_input('inlinetype') == 'search') 380 { 381 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $rundate_format)); 382 } 383 else 384 { 385 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $rundate_format)); 386 } 387 } 388 } 389 else 390 { 391 $type_selected = array(); 392 foreach($allowed_types as $type) 393 { 394 $type_selected[$type] = ''; 395 } 396 $type_selected[$mybb->get_input('type')] = "checked=\"checked\""; 397 $method_selected = array('move' => '', 'redirect' => '', 'copy' => ''); 398 if(isset($mybb->input['delayedmoderation']['method'])) 399 { 400 $method_selected[$mybb->input['delayedmoderation']['method']] = "checked=\"checked\""; 401 } 402 403 foreach(array('redirect_expire', 'new_forum', 'subject', 'threadurl') as $value) 404 { 405 if(!isset($mybb->input['delayedmoderation'][$value])) 406 { 407 $mybb->input['delayedmoderation'][$value] = ''; 408 } 409 } 410 $mybb->input['delayedmoderation']['redirect_expire'] = (int)$mybb->input['delayedmoderation']['redirect_expire']; 411 $mybb->input['delayedmoderation']['new_forum'] = (int)$mybb->input['delayedmoderation']['new_forum']; 412 $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']); 413 $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']); 414 415 $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]"); 416 } 417 } 418 else 419 { 420 $type_selected = array(); 421 foreach($allowed_types as $type) 422 { 423 $type_selected[$type] = ''; 424 } 425 $type_selected['openclosethread'] = "checked=\"checked\""; 426 $method_selected = array('move' => 'checked="checked"', 'redirect' => '', 'copy' => ''); 427 428 $mybb->input['delayedmoderation']['redirect_expire'] = ''; 429 $mybb->input['delayedmoderation']['subject'] = isset($thread['subject']) ? $thread['subject'] : ''; 430 $mybb->input['delayedmoderation']['threadurl'] = ''; 431 432 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]"); 433 } 434 435 if(isset($errors) && count($errors) > 0) 436 { 437 $display_errors = inline_error($errors); 438 } 439 else 440 { 441 $display_errors = ''; 442 } 443 444 $forum_cache = $cache->read("forums"); 445 446 $actions = array( 447 'openclosethread' => $lang->open_close_thread, 448 'softdeleterestorethread' => $lang->softdelete_restore_thread, 449 'deletethread' => $lang->delete_thread, 450 'move' => $lang->move_copy_thread, 451 'stick' => $lang->stick_unstick_thread, 452 'merge' => $lang->merge_threads, 453 'removeredirects' => $lang->remove_redirects, 454 'removesubscriptions' => $lang->remove_subscriptions, 455 'approveunapprovethread' => $lang->approve_unapprove_thread 456 ); 457 458 switch($db->type) 459 { 460 case "pgsql": 461 case "sqlite": 462 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 463 break; 464 default: 465 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 466 } 467 while($tool = $db->fetch_array($query)) 468 { 469 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 470 } 471 472 $delayedmods = ''; 473 $trow = alt_trow(1); 474 if($tid == 0) 475 { 476 // Inline thread moderation is used 477 if($mybb->get_input('inlinetype') == 'search') 478 { 479 $tids = getids($mybb->get_input('searchid'), 'search'); 480 } 481 else 482 { 483 $tids = getids($fid, "forum"); 484 } 485 $where_array = array(); 486 switch($db->type) 487 { 488 case "pgsql": 489 case "sqlite": 490 foreach($tids as $like) 491 { 492 $where_array[] = "','||d.tids||',' LIKE '%,".$db->escape_string($like).",%'"; 493 } 494 $where_statement = implode(" OR ", $where_array); 495 break; 496 default: 497 foreach($tids as $like) 498 { 499 $where_array[] = "CONCAT(',',d.tids,',') LIKE '%,".$db->escape_string($like).",%'"; 500 } 501 $where_statement = implode(" OR ", $where_array); 502 } 503 $query = $db->query(" 504 SELECT d.*, u.username, f.name AS fname 505 FROM ".TABLE_PREFIX."delayedmoderation d 506 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 507 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 508 WHERE ".$where_statement." 509 ORDER BY d.dateline DESC 510 LIMIT 0, 20 511 "); 512 } 513 else 514 { 515 switch($db->type) 516 { 517 case "pgsql": 518 case "sqlite": 519 $query = $db->query(" 520 SELECT d.*, u.username, f.name AS fname 521 FROM ".TABLE_PREFIX."delayedmoderation d 522 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 523 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 524 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 525 ORDER BY d.dateline DESC 526 LIMIT 0, 20 527 "); 528 break; 529 default: 530 $query = $db->query(" 531 SELECT d.*, u.username, f.name AS fname 532 FROM ".TABLE_PREFIX."delayedmoderation d 533 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 534 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 535 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 536 ORDER BY d.dateline DESC 537 LIMIT 0, 20 538 "); 539 } 540 } 541 542 while($delayedmod = $db->fetch_array($query)) 543 { 544 $delayedmod['dateline'] = my_date('normal', $delayedmod['delaydateline'], "", 2); 545 $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']); 546 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 547 $delayedmod['action'] = $actions[$delayedmod['type']]; 548 $info = ''; 549 if(strpos($delayedmod['tids'], ',') === false) 550 { 551 $delayed_thread = get_thread($delayedmod['tids']); 552 $delayed_thread['link'] = get_thread_link($delayed_thread['tid']); 553 $delayed_thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($delayed_thread['subject'])); 554 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";"); 555 } 556 else 557 { 558 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";"); 559 } 560 561 if($delayedmod['fname']) 562 { 563 $delayedmod['link'] = get_forum_link($delayedmod['fid']); 564 $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']); 565 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";"); 566 } 567 $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']); 568 569 if($delayedmod['type'] == 'move') 570 { 571 $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']); 572 $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']); 573 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";"); 574 575 if($delayedmod['inputs']['method'] == "redirect") 576 { 577 if((int)$delayedmod['inputs']['redirect_expire'] == 0) 578 { 579 $redirect_expire_bit = $lang->redirect_forever; 580 } 581 else 582 { 583 $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}"; 584 } 585 586 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";"); 587 } 588 } 589 elseif($delayedmod['type'] == 'merge') 590 { 591 $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']); 592 $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']); 593 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";"); 594 } 595 596 eval("\$delayedmods .= \"".$templates->get("moderation_delayedmodaction_notes")."\";"); 597 $trow = alt_trow(); 598 } 599 if(!$delayedmods) 600 { 601 $cols = 5; 602 eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";"); 603 } 604 605 $url = ''; 606 if($mybb->get_input('tid', MyBB::INPUT_INT)) 607 { 608 $lang->threads = $lang->thread; 609 $thread['link'] = get_thread_link($tid); 610 $delayedmoderation_subject = $mybb->input['delayedmoderation']['subject']; 611 $delayedmoderation_threadurl = $mybb->input['delayedmoderation']['threadurl']; 612 eval("\$threads = \"".$templates->get("moderation_delayedmoderation_thread")."\";"); 613 eval("\$moderation_delayedmoderation_merge = \"".$templates->get("moderation_delayedmoderation_merge")."\";"); 614 } 615 else 616 { 617 if($mybb->get_input('inlinetype') == 'search') 618 { 619 $tids = getids($mybb->get_input('searchid'), 'search'); 620 $url = htmlspecialchars_uni($mybb->get_input('url')); 621 } 622 else 623 { 624 $tids = getids($fid, "forum"); 625 } 626 if(count($tids) < 1) 627 { 628 error($lang->error_inline_nothreadsselected, $lang->error); 629 } 630 631 $threads = $lang->sprintf($lang->threads_selected, count($tids)); 632 $moderation_delayedmoderation_merge = ''; 633 } 634 $redirect_expire = $mybb->get_input('redirect_expire'); 635 eval("\$moderation_delayedmoderation_move = \"".$templates->get("moderation_delayedmoderation_move")."\";"); 636 637 // Generate form elements for date form 638 $dateday = ''; 639 for($day = 1; $day <= 31; ++$day) 640 { 641 $selected = ''; 642 if($mybb->get_input('date_day', MyBB::INPUT_INT) == $day) 643 { 644 $selected = ' selected="selected"'; 645 } 646 eval('$dateday .= "'.$templates->get('moderation_delayedmoderation_date_day').'";'); 647 } 648 649 $datemonth = array(); 650 foreach(array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12') as $month) 651 { 652 $datemonth[$month] = ''; 653 if($mybb->get_input('date_month', MyBB::INPUT_INT) == (int)$month) 654 { 655 $datemonth[$month] = ' selected="selected"'; 656 } 657 } 658 659 660 eval('$datemonth = "'.$templates->get('moderation_delayedmoderation_date_month').'";'); 661 662 $dateyear = gmdate('Y', TIME_NOW + $localized_time_offset); 663 $datetime = gmdate($mybb->settings['timeformat'], TIME_NOW + $localized_time_offset); 664 665 $openclosethread = ''; 666 if(is_moderator($fid, "canopenclosethreads")) 667 { 668 eval('$openclosethread = "'.$templates->get('moderation_delayedmoderation_openclose').'";'); 669 } 670 671 $softdeleterestorethread = ''; 672 if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads")) 673 { 674 eval('$softdeleterestorethread = "'.$templates->get('moderation_delayedmoderation_softdeleterestore').'";'); 675 } 676 677 $deletethread = ''; 678 if(is_moderator($fid, "candeletethreads")) 679 { 680 eval('$deletethread = "'.$templates->get('moderation_delayedmoderation_delete').'";'); 681 } 682 683 $stickunstickthread = ''; 684 if(is_moderator($fid, "canstickunstickthreads")) 685 { 686 eval('$stickunstickthread = "'.$templates->get('moderation_delayedmoderation_stick').'";'); 687 } 688 689 $approveunapprovethread = ''; 690 if(is_moderator($fid, "canapproveunapprovethreads")) 691 { 692 eval('$approveunapprovethread = "'.$templates->get('moderation_delayedmoderation_approve').'";'); 693 } 694 695 $plugins->run_hooks("moderation_delayedmoderation"); 696 697 eval("\$delayedmoderation = \"".$templates->get("moderation_delayedmoderation")."\";"); 698 output_page($delayedmoderation); 699 break; 700 // Open or close a thread 701 case "openclosethread": 702 // Verify incoming POST request 703 verify_post_check($mybb->get_input('my_post_key')); 704 705 if(!is_moderator($fid, "canopenclosethreads")) 706 { 707 error_no_permission(); 708 } 709 710 if($thread['visible'] == -1) 711 { 712 error($lang->error_thread_deleted, $lang->error); 713 } 714 715 if($thread['closed'] == 1) 716 { 717 $openclose = $lang->opened; 718 $redirect = $lang->redirect_openthread; 719 $moderation->open_threads($tid); 720 } 721 else 722 { 723 $openclose = $lang->closed; 724 $redirect = $lang->redirect_closethread; 725 $moderation->close_threads($tid); 726 } 727 728 $lang->mod_process = $lang->sprintf($lang->mod_process, $openclose); 729 730 log_moderator_action($modlogdata, $lang->mod_process); 731 732 moderation_redirect(get_thread_link($thread['tid']), $redirect); 733 break; 734 735 // Stick or unstick that post to the top bab! 736 case "stick": 737 // Verify incoming POST request 738 verify_post_check($mybb->get_input('my_post_key')); 739 740 if(!is_moderator($fid, "canstickunstickthreads")) 741 { 742 error_no_permission(); 743 } 744 745 if($thread['visible'] == -1) 746 { 747 error($lang->error_thread_deleted, $lang->error); 748 } 749 750 $plugins->run_hooks("moderation_stick"); 751 752 if($thread['sticky'] == 1) 753 { 754 $stuckunstuck = $lang->unstuck; 755 $redirect = $lang->redirect_unstickthread; 756 $moderation->unstick_threads($tid); 757 } 758 else 759 { 760 $stuckunstuck = $lang->stuck; 761 $redirect = $lang->redirect_stickthread; 762 $moderation->stick_threads($tid); 763 } 764 765 $lang->mod_process = $lang->sprintf($lang->mod_process, $stuckunstuck); 766 767 log_moderator_action($modlogdata, $lang->mod_process); 768 769 moderation_redirect(get_thread_link($thread['tid']), $redirect); 770 break; 771 772 // Remove redirects to a specific thread 773 case "removeredirects": 774 775 // Verify incoming POST request 776 verify_post_check($mybb->get_input('my_post_key')); 777 778 if(!is_moderator($fid, "canmanagethreads")) 779 { 780 error_no_permission(); 781 } 782 783 if($thread['visible'] == -1) 784 { 785 error($lang->error_thread_deleted, $lang->error); 786 } 787 788 $plugins->run_hooks("moderation_removeredirects"); 789 790 $moderation->remove_redirects($tid); 791 792 log_moderator_action($modlogdata, $lang->redirects_removed); 793 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_redirectsremoved); 794 break; 795 796 // Delete thread confirmation page 797 case "deletethread": 798 799 add_breadcrumb($lang->nav_deletethread); 800 801 if(!is_moderator($fid, "candeletethreads")) 802 { 803 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 804 { 805 error_no_permission(); 806 } 807 } 808 809 $plugins->run_hooks("moderation_deletethread"); 810 811 eval("\$deletethread = \"".$templates->get("moderation_deletethread")."\";"); 812 output_page($deletethread); 813 break; 814 815 // Delete the actual thread here 816 case "do_deletethread": 817 818 // Verify incoming POST request 819 verify_post_check($mybb->get_input('my_post_key')); 820 821 if(!is_moderator($fid, "candeletethreads")) 822 { 823 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 824 { 825 error_no_permission(); 826 } 827 } 828 829 $plugins->run_hooks("moderation_do_deletethread"); 830 831 // Log the subject of the deleted thread 832 $modlogdata['thread_subject'] = $thread['subject']; 833 834 $thread['subject'] = $db->escape_string($thread['subject']); 835 $lang->thread_deleted = $lang->sprintf($lang->thread_deleted, $thread['subject']); 836 log_moderator_action($modlogdata, $lang->thread_deleted); 837 838 $moderation->delete_thread($tid); 839 840 mark_reports($tid, "thread"); 841 moderation_redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 842 break; 843 844 // Delete the poll from a thread confirmation page 845 case "deletepoll": 846 add_breadcrumb($lang->nav_deletepoll); 847 848 if(!is_moderator($fid, "canmanagepolls")) 849 { 850 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 851 { 852 error_no_permission(); 853 } 854 } 855 856 $plugins->run_hooks("moderation_deletepoll"); 857 858 $query = $db->simple_select("polls", "pid", "tid='$tid'"); 859 $poll = $db->fetch_array($query); 860 if(!$poll) 861 { 862 error($lang->error_invalidpoll, $lang->error); 863 } 864 865 eval("\$deletepoll = \"".$templates->get("moderation_deletepoll")."\";"); 866 output_page($deletepoll); 867 break; 868 869 // Delete the actual poll here! 870 case "do_deletepoll": 871 872 // Verify incoming POST request 873 verify_post_check($mybb->get_input('my_post_key')); 874 875 if($thread['visible'] == -1) 876 { 877 error($lang->error_thread_deleted, $lang->error); 878 } 879 880 if(!isset($mybb->input['delete'])) 881 { 882 error($lang->redirect_pollnotdeleted); 883 } 884 if(!is_moderator($fid, "canmanagepolls")) 885 { 886 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 887 { 888 error_no_permission(); 889 } 890 } 891 $query = $db->simple_select("polls", "pid", "tid = $tid"); 892 $poll = $db->fetch_array($query); 893 if(!$poll) 894 { 895 error($lang->error_invalidpoll, $lang->error); 896 } 897 898 $plugins->run_hooks("moderation_do_deletepoll"); 899 900 $lang->poll_deleted = $lang->sprintf($lang->poll_deleted, $thread['subject']); 901 log_moderator_action($modlogdata, $lang->poll_deleted); 902 903 $moderation->delete_poll($poll['pid']); 904 905 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_polldeleted); 906 break; 907 908 // Approve a thread 909 case "approvethread": 910 911 // Verify incoming POST request 912 verify_post_check($mybb->get_input('my_post_key')); 913 914 if(!is_moderator($fid, "canapproveunapprovethreads")) 915 { 916 error_no_permission(); 917 } 918 919 if($thread['visible'] == -1) 920 { 921 error($lang->error_thread_deleted, $lang->error); 922 } 923 924 $thread = get_thread($tid); 925 926 $plugins->run_hooks("moderation_approvethread"); 927 928 $lang->thread_approved = $lang->sprintf($lang->thread_approved, $thread['subject']); 929 log_moderator_action($modlogdata, $lang->thread_approved); 930 931 $moderation->approve_threads($tid, $fid); 932 933 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadapproved); 934 break; 935 936 // Unapprove a thread 937 case "unapprovethread": 938 939 // Verify incoming POST request 940 verify_post_check($mybb->get_input('my_post_key')); 941 942 if(!is_moderator($fid, "canapproveunapprovethreads")) 943 { 944 error_no_permission(); 945 } 946 947 if($thread['visible'] == -1) 948 { 949 error($lang->error_thread_deleted, $lang->error); 950 } 951 952 $thread = get_thread($tid); 953 954 $plugins->run_hooks("moderation_unapprovethread"); 955 956 $lang->thread_unapproved = $lang->sprintf($lang->thread_unapproved, $thread['subject']); 957 log_moderator_action($modlogdata, $lang->thread_unapproved); 958 959 $moderation->unapprove_threads($tid); 960 961 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadunapproved); 962 break; 963 964 // Restore a thread 965 case "restorethread": 966 967 // Verify incoming POST request 968 verify_post_check($mybb->get_input('my_post_key')); 969 970 if(!is_moderator($fid, "canrestorethreads")) 971 { 972 error_no_permission(); 973 } 974 $thread = get_thread($tid); 975 976 $plugins->run_hooks("moderation_restorethread"); 977 978 $lang->thread_restored = $lang->sprintf($lang->thread_restored, $thread['subject']); 979 log_moderator_action($modlogdata, $lang->thread_restored); 980 981 $moderation->restore_threads($tid); 982 983 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadrestored); 984 break; 985 986 // Soft delete a thread 987 case "softdeletethread": 988 989 // Verify incoming POST request 990 verify_post_check($mybb->get_input('my_post_key')); 991 992 if(!is_moderator($fid, "cansoftdeletethreads")) 993 { 994 error_no_permission(); 995 } 996 $thread = get_thread($tid); 997 998 $plugins->run_hooks("moderation_softdeletethread"); 999 1000 $lang->thread_soft_deleted = $lang->sprintf($lang->thread_soft_deleted, $thread['subject']); 1001 log_moderator_action($modlogdata, $lang->thread_soft_deleted); 1002 1003 $moderation->soft_delete_threads($tid); 1004 1005 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadsoftdeleted); 1006 break; 1007 1008 // Move a thread 1009 case "move": 1010 add_breadcrumb($lang->nav_move); 1011 if(!is_moderator($fid, "canmanagethreads")) 1012 { 1013 error_no_permission(); 1014 } 1015 1016 if($thread['visible'] == -1) 1017 { 1018 error($lang->error_thread_deleted, $lang->error); 1019 } 1020 1021 $plugins->run_hooks("moderation_move"); 1022 1023 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 1024 eval("\$movethread = \"".$templates->get("moderation_move")."\";"); 1025 output_page($movethread); 1026 break; 1027 1028 // Let's get this thing moving! 1029 case "do_move": 1030 1031 // Verify incoming POST request 1032 verify_post_check($mybb->get_input('my_post_key')); 1033 1034 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 1035 $method = $mybb->get_input('method'); 1036 1037 if(!is_moderator($fid, "canmanagethreads")) 1038 { 1039 error_no_permission(); 1040 } 1041 1042 // Check if user has moderator permission to move to destination 1043 if(!is_moderator($moveto, "canmanagethreads") && !is_moderator($fid, "canmovetononmodforum")) 1044 { 1045 error_no_permission(); 1046 } 1047 1048 if($thread['visible'] == -1) 1049 { 1050 error($lang->error_thread_deleted, $lang->error); 1051 } 1052 1053 $newperms = forum_permissions($moveto); 1054 if($newperms['canview'] == 0 && !is_moderator($fid, "canmovetononmodforum")) 1055 { 1056 error($lang->error_movetononmodforum, $lang->error); 1057 } 1058 1059 $newforum = get_forum($moveto); 1060 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 1061 { 1062 error($lang->error_invalidforum, $lang->error); 1063 } 1064 if($method != "copy" && $thread['fid'] == $moveto) 1065 { 1066 error($lang->error_movetosameforum, $lang->error); 1067 } 1068 1069 $plugins->run_hooks('moderation_do_move'); 1070 1071 $expire = 0; 1072 if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0) 1073 { 1074 $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400); 1075 } 1076 1077 $the_thread = $tid; 1078 1079 $newtid = $moderation->move_thread($tid, $moveto, $method, $expire); 1080 1081 switch($method) 1082 { 1083 case "copy": 1084 log_moderator_action($modlogdata, $lang->thread_copied); 1085 break; 1086 default: 1087 case "move": 1088 case "redirect": 1089 log_moderator_action($modlogdata, $lang->thread_moved); 1090 break; 1091 } 1092 1093 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadmoved); 1094 break; 1095 1096 // Viewing thread notes 1097 case "viewthreadnotes": 1098 if(!is_moderator($fid)) 1099 { 1100 error_no_permission(); 1101 } 1102 1103 // Make sure we are looking at a real thread here. 1104 if(!$thread) 1105 { 1106 error($lang->error_nomember, $lang->error); 1107 } 1108 1109 $plugins->run_hooks('moderation_viewthreadnotes'); 1110 1111 $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $thread['subject']); 1112 1113 $thread['notes'] = nl2br(htmlspecialchars_uni($thread['notes'])); 1114 1115 eval("\$viewthreadnotes = \"".$templates->get("moderation_viewthreadnotes", 1, 0)."\";"); 1116 echo $viewthreadnotes; 1117 break; 1118 1119 // Thread notes editor 1120 case "threadnotes": 1121 add_breadcrumb($lang->nav_threadnotes); 1122 if(!is_moderator($fid, "canmanagethreads")) 1123 { 1124 error_no_permission(); 1125 } 1126 $thread['notes'] = htmlspecialchars_uni($parser->parse_badwords($thread['notes'])); 1127 $trow = alt_trow(1); 1128 1129 if(is_moderator($fid, "canviewmodlog")) 1130 { 1131 $query = $db->query(" 1132 SELECT l.*, u.username, t.subject AS tsubject, f.name AS fname, p.subject AS psubject 1133 FROM ".TABLE_PREFIX."moderatorlog l 1134 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 1135 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 1136 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) 1137 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) 1138 WHERE t.tid='$tid' 1139 ORDER BY l.dateline DESC 1140 LIMIT 0, 20 1141 "); 1142 $modactions = ''; 1143 while($modaction = $db->fetch_array($query)) 1144 { 1145 $modaction['dateline'] = my_date('relative', $modaction['dateline']); 1146 $modaction['username'] = htmlspecialchars_uni($modaction['username']); 1147 $modaction['profilelink'] = build_profile_link($modaction['username'], $modaction['uid']); 1148 $modaction['action'] = htmlspecialchars_uni($modaction['action']); 1149 $info = ''; 1150 if($modaction['tsubject']) 1151 { 1152 $modaction['tsubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['tsubject'])); 1153 $modaction['threadlink'] = get_thread_link($modaction['tid']); 1154 eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_thread")."\";"); 1155 } 1156 if($modaction['fname']) 1157 { 1158 $modaction['fname'] = htmlspecialchars_uni($modaction['fname']); 1159 $modaction['forumlink'] = get_forum_link($modaction['fid']); 1160 eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_forum")."\";"); 1161 } 1162 if($modaction['psubject']) 1163 { 1164 1165 $modaction['psubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['psubject'])); 1166 $modaction['postlink'] = get_post_link($modaction['pid']); 1167 eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_post")."\";"); 1168 } 1169 1170 eval("\$modactions .= \"".$templates->get("moderation_threadnotes_modaction")."\";"); 1171 $trow = alt_trow(); 1172 } 1173 if(!$modactions) 1174 { 1175 eval("\$modactions = \"".$templates->get("moderation_threadnotes_modaction_error")."\";"); 1176 } 1177 } 1178 1179 $actions = array( 1180 'openclosethread' => $lang->open_close_thread, 1181 'deletethread' => $lang->delete_thread, 1182 'move' => $lang->move_copy_thread, 1183 'stick' => $lang->stick_unstick_thread, 1184 'merge' => $lang->merge_threads, 1185 'removeredirects' => $lang->remove_redirects, 1186 'removesubscriptions' => $lang->remove_subscriptions, 1187 'approveunapprovethread' => $lang->approve_unapprove_thread 1188 ); 1189 1190 switch($db->type) 1191 { 1192 case "pgsql": 1193 case "sqlite": 1194 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 1195 break; 1196 default: 1197 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 1198 } 1199 while($tool = $db->fetch_array($query)) 1200 { 1201 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 1202 } 1203 1204 $forum_cache = $cache->read("forums"); 1205 1206 $trow = alt_trow(1); 1207 switch($db->type) 1208 { 1209 case "pgsql": 1210 case "sqlite": 1211 $query = $db->query(" 1212 SELECT d.*, u.username, f.name AS fname 1213 FROM ".TABLE_PREFIX."delayedmoderation d 1214 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1215 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1216 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 1217 ORDER BY d.dateline DESC 1218 LIMIT 0, 20 1219 "); 1220 break; 1221 default: 1222 $query = $db->query(" 1223 SELECT d.*, u.username, f.name AS fname 1224 FROM ".TABLE_PREFIX."delayedmoderation d 1225 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1226 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1227 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 1228 ORDER BY d.dateline DESC 1229 LIMIT 0, 20 1230 "); 1231 } 1232 $delayedmods = ''; 1233 while($delayedmod = $db->fetch_array($query)) 1234 { 1235 $delayedmod['dateline'] = my_date('normal', $delayedmod['delaydateline'], "", 2); 1236 $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']); 1237 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 1238 $delayedmod['action'] = $actions[$delayedmod['type']]; 1239 $info = ''; 1240 if(strpos($delayedmod['tids'], ',') === false) 1241 { 1242 $delayed_thread['link'] = get_thread_link($delayedmod['tids']); 1243 $delayed_thread['subject'] = htmlspecialchars_uni($thread['subject']); 1244 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";"); 1245 } 1246 else 1247 { 1248 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";"); 1249 } 1250 1251 if($delayedmod['fname']) 1252 { 1253 $delayedmod['link'] = get_forum_link($delayedmod['fid']); 1254 $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']); 1255 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";"); 1256 } 1257 $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']); 1258 1259 if($delayedmod['type'] == 'move') 1260 { 1261 $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']); 1262 $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']); 1263 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";"); 1264 1265 if($delayedmod['inputs']['method'] == "redirect") 1266 { 1267 if((int)$delayedmod['inputs']['redirect_expire'] == 0) 1268 { 1269 $redirect_expire_bit = $lang->redirect_forever; 1270 } 1271 else 1272 { 1273 $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}"; 1274 } 1275 1276 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";"); 1277 } 1278 } 1279 elseif($delayedmod['type'] == 'merge') 1280 { 1281 $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']); 1282 $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']); 1283 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";"); 1284 } 1285 1286 eval("\$delayedmods .= \"".$templates->get("moderation_threadnotes_delayedmodaction")."\";"); 1287 $trow = alt_trow(); 1288 } 1289 if(!$delayedmods) 1290 { 1291 $cols = 4; 1292 eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";"); 1293 } 1294 1295 $plugins->run_hooks("moderation_threadnotes"); 1296 1297 eval("\$threadnotes = \"".$templates->get("moderation_threadnotes")."\";"); 1298 output_page($threadnotes); 1299 break; 1300 1301 // Update the thread notes! 1302 case "do_threadnotes": 1303 1304 // Verify incoming POST request 1305 verify_post_check($mybb->get_input('my_post_key')); 1306 1307 if(!is_moderator($fid, "canmanagethreads")) 1308 { 1309 error_no_permission(); 1310 } 1311 1312 $plugins->run_hooks("moderation_do_threadnotes"); 1313 1314 log_moderator_action($modlogdata, $lang->thread_notes_edited); 1315 $sqlarray = array( 1316 "notes" => $db->escape_string($mybb->get_input('threadnotes')), 1317 ); 1318 $db->update_query("threads", $sqlarray, "tid='$tid'"); 1319 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadnotesupdated); 1320 break; 1321 1322 // Let's look up the ip address of a post 1323 case "getip": 1324 add_breadcrumb($lang->nav_getip); 1325 if(!is_moderator($fid, "canviewips")) 1326 { 1327 error_no_permission(); 1328 } 1329 1330 $post['ipaddress'] = my_inet_ntop($db->unescape_binary($post['ipaddress'])); 1331 $hostname = @gethostbyaddr($post['ipaddress']); 1332 if(!$hostname || $hostname == $post['ipaddress']) 1333 { 1334 $hostname = $lang->resolve_fail; 1335 } 1336 1337 $post['username'] = htmlspecialchars_uni($post['username']); 1338 $username = build_profile_link($post['username'], $post['uid']); 1339 1340 // Moderator options 1341 $modoptions = ""; 1342 if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1) 1343 { 1344 $ipaddress = $post['ipaddress']; 1345 eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";"); 1346 } 1347 1348 $plugins->run_hooks('moderation_getip'); 1349 1350 if($modal) 1351 { 1352 eval("\$getip = \"".$templates->get("moderation_getip_modal", 1, 0)."\";"); 1353 echo $getip; 1354 exit; 1355 } 1356 else 1357 { 1358 eval("\$getip = \"".$templates->get("moderation_getip")."\";"); 1359 output_page($getip); 1360 break; 1361 } 1362 1363 // Let's look up the ip address of a PM 1364 case "getpmip": 1365 if($pmid <= 0) 1366 { 1367 error($lang->error_invalidpm, $lang->error); 1368 } 1369 add_breadcrumb($lang->nav_pms, "private.php"); 1370 $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject'])); 1371 add_breadcrumb($pm['subject'], "private.php?action=read&pmid={$pmid}"); 1372 add_breadcrumb($lang->nav_getpmip); 1373 if(!$mybb->usergroup['issupermod']) 1374 { 1375 error_no_permission(); 1376 } 1377 1378 $pm['ipaddress'] = my_inet_ntop($db->unescape_binary($pm['ipaddress'])); 1379 $hostname = @gethostbyaddr($pm['ipaddress']); 1380 if(!$hostname || $hostname == $pm['ipaddress']) 1381 { 1382 $hostname = $lang->resolve_fail; 1383 } 1384 1385 $name = $db->fetch_field($db->simple_select('users', 'username', "uid = {$pm['fromid']}"), 'username'); 1386 $username = build_profile_link($name, $pm['fromid']); 1387 1388 // Moderator options 1389 $modoptions = ""; 1390 if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1) 1391 { 1392 $ipaddress = $pm['ipaddress']; 1393 eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";"); 1394 } 1395 1396 $plugins->run_hooks('moderation_getpmip'); 1397 1398 if($modal) 1399 { 1400 eval("\$getpmip = \"".$templates->get("moderation_getpmip_modal", 1, 0)."\";"); 1401 echo $getpmip; 1402 exit; 1403 } 1404 else 1405 { 1406 eval("\$getpmip = \"".$templates->get("moderation_getpmip")."\";"); 1407 output_page($getpmip); 1408 break; 1409 } 1410 1411 // Merge threads 1412 case "merge": 1413 add_breadcrumb($lang->nav_merge); 1414 if(!is_moderator($fid, "canmanagethreads")) 1415 { 1416 error_no_permission(); 1417 } 1418 1419 if($thread['visible'] == -1) 1420 { 1421 error($lang->error_thread_deleted, $lang->error); 1422 } 1423 1424 $plugins->run_hooks("moderation_merge"); 1425 1426 eval("\$merge = \"".$templates->get("moderation_merge")."\";"); 1427 output_page($merge); 1428 break; 1429 1430 // Let's get those threads together baby! (Merge threads) 1431 case "do_merge": 1432 1433 // Verify incoming POST request 1434 verify_post_check($mybb->get_input('my_post_key')); 1435 1436 if(!is_moderator($fid, "canmanagethreads")) 1437 { 1438 error_no_permission(); 1439 } 1440 1441 if($thread['visible'] == -1) 1442 { 1443 error($lang->error_thread_deleted, $lang->error); 1444 } 1445 1446 $plugins->run_hooks("moderation_do_merge"); 1447 1448 // explode at # sign in a url (indicates a name reference) and reassign to the url 1449 $realurl = explode("#", $mybb->get_input('threadurl')); 1450 $mybb->input['threadurl'] = $realurl[0]; 1451 1452 // Are we using an SEO URL? 1453 if(substr($mybb->input['threadurl'], -4) == "html") 1454 { 1455 // Get thread to merge's tid the SEO way 1456 preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch); 1457 preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch); 1458 1459 if($threadmatch[1]) 1460 { 1461 $parameters['tid'] = $threadmatch[1]; 1462 } 1463 1464 if($postmatch[1]) 1465 { 1466 $parameters['pid'] = $postmatch[1]; 1467 } 1468 } 1469 else 1470 { 1471 // Get thread to merge's tid the normal way 1472 $splitloc = explode(".php", $mybb->input['threadurl']); 1473 $temp = explode("&", my_substr($splitloc[1], 1)); 1474 1475 if(!empty($temp)) 1476 { 1477 for($i = 0; $i < count($temp); $i++) 1478 { 1479 $temp2 = explode("=", $temp[$i], 2); 1480 $parameters[$temp2[0]] = $temp2[1]; 1481 } 1482 } 1483 else 1484 { 1485 $temp2 = explode("=", $splitloc[1], 2); 1486 $parameters[$temp2[0]] = $temp2[1]; 1487 } 1488 } 1489 1490 if(!empty($parameters['pid']) && empty($parameters['tid'])) 1491 { 1492 $post = get_post($parameters['pid']); 1493 $mergetid = (int)$post['tid']; 1494 } 1495 elseif(!empty($parameters['tid'])) 1496 { 1497 $mergetid = (int)$parameters['tid']; 1498 } 1499 else 1500 { 1501 $mergetid = 0; 1502 } 1503 $mergethread = get_thread($mergetid); 1504 if(!$mergethread) 1505 { 1506 error($lang->error_badmergeurl, $lang->error); 1507 } 1508 if($mergetid == $tid) 1509 { // sanity check 1510 error($lang->error_mergewithself, $lang->error); 1511 } 1512 if(!is_moderator($mergethread['fid'], "canmanagethreads")) 1513 { 1514 error_no_permission(); 1515 } 1516 if(isset($mybb->input['subject'])) 1517 { 1518 $subject = $mybb->get_input('subject'); 1519 } 1520 else 1521 { 1522 $subject = $thread['subject']; 1523 } 1524 1525 $moderation->merge_threads($mergetid, $tid, $subject); 1526 1527 log_moderator_action($modlogdata, $lang->thread_merged); 1528 1529 moderation_redirect(get_thread_link($tid), $lang->redirect_threadsmerged); 1530 break; 1531 1532 // Divorce the posts in this thread (Split!) 1533 case "split": 1534 add_breadcrumb($lang->nav_split); 1535 if(!is_moderator($fid, "canmanagethreads")) 1536 { 1537 error_no_permission(); 1538 } 1539 1540 if($thread['visible'] == -1) 1541 { 1542 error($lang->error_thread_deleted, $lang->error); 1543 } 1544 1545 $query = $db->query(" 1546 SELECT p.*, u.* 1547 FROM ".TABLE_PREFIX."posts p 1548 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 1549 WHERE tid='$tid' 1550 ORDER BY dateline ASC, pid ASC 1551 "); 1552 1553 $numposts = $db->num_rows($query); 1554 if($numposts <= 1) 1555 { 1556 error($lang->error_cantsplitonepost, $lang->error); 1557 } 1558 1559 $altbg = "trow1"; 1560 $posts = ''; 1561 while($post = $db->fetch_array($query)) 1562 { 1563 $postdate = my_date('relative', $post['dateline']); 1564 $post['username'] = htmlspecialchars_uni($post['username']); 1565 1566 $parser_options = array( 1567 "allow_html" => $forum['allowhtml'], 1568 "allow_mycode" => $forum['allowmycode'], 1569 "allow_smilies" => $forum['allowsmilies'], 1570 "allow_imgcode" => $forum['allowimgcode'], 1571 "allow_videocode" => $forum['allowvideocode'], 1572 "filter_badwords" => 1 1573 ); 1574 if($post['smilieoff'] == 1) 1575 { 1576 $parser_options['allow_smilies'] = 0; 1577 } 1578 1579 $message = $parser->parse_message($post['message'], $parser_options); 1580 eval("\$posts .= \"".$templates->get("moderation_split_post")."\";"); 1581 $altbg = alt_trow(); 1582 } 1583 1584 clearinline($tid, 'thread'); 1585 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 1586 1587 $plugins->run_hooks("moderation_split"); 1588 1589 eval("\$split = \"".$templates->get("moderation_split")."\";"); 1590 output_page($split); 1591 break; 1592 1593 // Let's break them up buddy! (Do the split) 1594 case "do_split": 1595 1596 // Verify incoming POST request 1597 verify_post_check($mybb->get_input('my_post_key')); 1598 1599 if(!is_moderator($fid, "canmanagethreads")) 1600 { 1601 error_no_permission(); 1602 } 1603 1604 if($thread['visible'] == -1) 1605 { 1606 error($lang->error_thread_deleted, $lang->error); 1607 } 1608 1609 $plugins->run_hooks("moderation_do_split"); 1610 1611 $mybb->input['splitpost'] = $mybb->get_input('splitpost', MyBB::INPUT_ARRAY); 1612 if(empty($mybb->input['splitpost'])) 1613 { 1614 error($lang->error_nosplitposts, $lang->error); 1615 } 1616 $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'"); 1617 $count = $db->fetch_array($query); 1618 1619 if($count['totalposts'] == 1) 1620 { 1621 error($lang->error_cantsplitonepost, $lang->error); 1622 } 1623 1624 if($count['totalposts'] == count($mybb->input['splitpost'])) 1625 { 1626 error($lang->error_cantsplitall, $lang->error); 1627 } 1628 1629 if(!empty($mybb->input['moveto'])) 1630 { 1631 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 1632 } 1633 else 1634 { 1635 $moveto = $fid; 1636 } 1637 1638 $newforum = get_forum($moveto); 1639 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 1640 { 1641 error($lang->error_invalidforum, $lang->error); 1642 } 1643 1644 $pids = array(); 1645 1646 // move the selected posts over 1647 $query = $db->simple_select("posts", "pid", "tid='$tid'"); 1648 while($post = $db->fetch_array($query)) 1649 { 1650 if(isset($mybb->input['splitpost'][$post['pid']]) && $mybb->input['splitpost'][$post['pid']] == 1) 1651 { 1652 $pids[] = $post['pid']; 1653 } 1654 mark_reports($post['pid'], "post"); 1655 } 1656 1657 $newtid = $moderation->split_posts($pids, $tid, $moveto, $mybb->get_input('newsubject')); 1658 1659 log_moderator_action($modlogdata, $lang->thread_split); 1660 1661 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 1662 break; 1663 1664 // Delete Thread Subscriptions 1665 case "removesubscriptions": 1666 1667 // Verify incoming POST request 1668 verify_post_check($mybb->get_input('my_post_key')); 1669 1670 if(!is_moderator($fid, "canmanagethreads")) 1671 { 1672 error_no_permission(); 1673 } 1674 1675 if($thread['visible'] == -1) 1676 { 1677 error($lang->error_thread_deleted, $lang->error); 1678 } 1679 1680 $plugins->run_hooks("moderation_removesubscriptions"); 1681 1682 $moderation->remove_thread_subscriptions($tid, true); 1683 1684 log_moderator_action($modlogdata, $lang->removed_subscriptions); 1685 1686 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_removed_subscriptions); 1687 break; 1688 1689 // Delete Threads - Inline moderation 1690 case "multideletethreads": 1691 add_breadcrumb($lang->nav_multi_deletethreads); 1692 1693 if(!empty($mybb->input['searchid'])) 1694 { 1695 // From search page 1696 $threads = getids($mybb->get_input('searchid'), 'search'); 1697 if(!is_moderator_by_tids($threads, 'candeletethreads')) 1698 { 1699 error_no_permission(); 1700 } 1701 } 1702 else 1703 { 1704 $threads = getids($fid, 'forum'); 1705 if(!is_moderator($fid, 'candeletethreads')) 1706 { 1707 error_no_permission(); 1708 } 1709 } 1710 if(count($threads) < 1) 1711 { 1712 error($lang->error_inline_nothreadsselected, $lang->error); 1713 } 1714 1715 $inlineids = implode("|", $threads); 1716 if($mybb->get_input('inlinetype') == 'search') 1717 { 1718 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1719 } 1720 else 1721 { 1722 clearinline($fid, 'forum'); 1723 } 1724 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 1725 eval("\$multidelete = \"".$templates->get("moderation_inline_deletethreads")."\";"); 1726 output_page($multidelete); 1727 break; 1728 1729 // Actually delete the threads - Inline moderation 1730 case "do_multideletethreads": 1731 1732 // Verify incoming POST request 1733 verify_post_check($mybb->get_input('my_post_key')); 1734 1735 $threadlist = explode("|", $mybb->get_input('threads')); 1736 if(!is_moderator_by_tids($threadlist, "candeletethreads")) 1737 { 1738 error_no_permission(); 1739 } 1740 foreach($threadlist as $tid) 1741 { 1742 $tid = (int)$tid; 1743 $moderation->delete_thread($tid); 1744 $tlist[] = $tid; 1745 } 1746 log_moderator_action($modlogdata, $lang->multi_deleted_threads); 1747 if($mybb->get_input('inlinetype') == 'search') 1748 { 1749 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1750 } 1751 else 1752 { 1753 clearinline($fid, 'forum'); 1754 } 1755 mark_reports($tlist, "threads"); 1756 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsdeleted); 1757 break; 1758 1759 // Open threads - Inline moderation 1760 case "multiopenthreads": 1761 1762 // Verify incoming POST request 1763 verify_post_check($mybb->get_input('my_post_key')); 1764 1765 if(!empty($mybb->input['searchid'])) 1766 { 1767 // From search page 1768 $threads = getids($mybb->get_input('searchid'), 'search'); 1769 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1770 { 1771 error_no_permission(); 1772 } 1773 } 1774 else 1775 { 1776 $threads = getids($fid, 'forum'); 1777 if(!is_moderator($fid, 'canopenclosethreads')) 1778 { 1779 error_no_permission(); 1780 } 1781 } 1782 1783 if(count($threads) < 1) 1784 { 1785 error($lang->error_inline_nothreadsselected, $lang->error); 1786 } 1787 1788 $moderation->open_threads($threads); 1789 1790 log_moderator_action($modlogdata, $lang->multi_opened_threads); 1791 if($mybb->get_input('inlinetype') == 'search') 1792 { 1793 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1794 } 1795 else 1796 { 1797 clearinline($fid, 'forum'); 1798 } 1799 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsopened); 1800 break; 1801 1802 // Close threads - Inline moderation 1803 case "multiclosethreads": 1804 1805 // Verify incoming POST request 1806 verify_post_check($mybb->get_input('my_post_key')); 1807 1808 if(!empty($mybb->input['searchid'])) 1809 { 1810 // From search page 1811 $threads = getids($mybb->get_input('searchid'), 'search'); 1812 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1813 { 1814 error_no_permission(); 1815 } 1816 } 1817 else 1818 { 1819 $threads = getids($fid, 'forum'); 1820 if(!is_moderator($fid, 'canopenclosethreads')) 1821 { 1822 error_no_permission(); 1823 } 1824 } 1825 if(count($threads) < 1) 1826 { 1827 error($lang->error_inline_nothreadsselected, $lang->error); 1828 } 1829 1830 $moderation->close_threads($threads); 1831 1832 log_moderator_action($modlogdata, $lang->multi_closed_threads); 1833 if($mybb->get_input('inlinetype') == 'search') 1834 { 1835 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1836 } 1837 else 1838 { 1839 clearinline($fid, 'forum'); 1840 } 1841 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsclosed); 1842 break; 1843 1844 // Approve threads - Inline moderation 1845 case "multiapprovethreads": 1846 1847 // Verify incoming POST request 1848 verify_post_check($mybb->get_input('my_post_key')); 1849 1850 if(!empty($mybb->input['searchid'])) 1851 { 1852 // From search page 1853 $threads = getids($mybb->get_input('searchid'), 'search'); 1854 if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads')) 1855 { 1856 error_no_permission(); 1857 } 1858 } 1859 else 1860 { 1861 $threads = getids($fid, 'forum'); 1862 if(!is_moderator($fid, 'canapproveunapprovethreads')) 1863 { 1864 error_no_permission(); 1865 } 1866 } 1867 if(count($threads) < 1) 1868 { 1869 error($lang->error_inline_nothreadsselected, $lang->error); 1870 } 1871 1872 $moderation->approve_threads($threads, $fid); 1873 1874 log_moderator_action($modlogdata, $lang->multi_approved_threads); 1875 if($mybb->get_input('inlinetype') == 'search') 1876 { 1877 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1878 } 1879 else 1880 { 1881 clearinline($fid, 'forum'); 1882 } 1883 $cache->update_stats(); 1884 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsapproved); 1885 break; 1886 1887 // Unapprove threads - Inline moderation 1888 case "multiunapprovethreads": 1889 1890 // Verify incoming POST request 1891 verify_post_check($mybb->get_input('my_post_key')); 1892 1893 if(!empty($mybb->input['searchid'])) 1894 { 1895 // From search page 1896 $threads = getids($mybb->get_input('searchid'), 'search'); 1897 if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads')) 1898 { 1899 error_no_permission(); 1900 } 1901 } 1902 else 1903 { 1904 $threads = getids($fid, 'forum'); 1905 if(!is_moderator($fid, 'canapproveunapprovethreads')) 1906 { 1907 error_no_permission(); 1908 } 1909 } 1910 if(count($threads) < 1) 1911 { 1912 error($lang->error_inline_nothreadsselected, $lang->error); 1913 } 1914 1915 $moderation->unapprove_threads($threads, $fid); 1916 1917 log_moderator_action($modlogdata, $lang->multi_unapproved_threads); 1918 if($mybb->get_input('inlinetype') == 'search') 1919 { 1920 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1921 } 1922 else 1923 { 1924 clearinline($fid, 'forum'); 1925 } 1926 $cache->update_stats(); 1927 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunapproved); 1928 break; 1929 1930 // Restore threads - Inline moderation 1931 case "multirestorethreads": 1932 1933 // Verify incoming POST request 1934 verify_post_check($mybb->get_input('my_post_key')); 1935 1936 if(!empty($mybb->input['searchid'])) 1937 { 1938 // From search page 1939 $threads = getids($mybb->get_input('searchid'), 'search'); 1940 if(!is_moderator_by_tids($threads, 'canrestorethreads')) 1941 { 1942 error_no_permission(); 1943 } 1944 } 1945 else 1946 { 1947 $threads = getids($fid, 'forum'); 1948 if(!is_moderator($fid, 'canrestorethreads')) 1949 { 1950 error_no_permission(); 1951 } 1952 } 1953 if(count($threads) < 1) 1954 { 1955 error($lang->error_inline_nothreadsselected, $lang->error); 1956 } 1957 1958 $moderation->restore_threads($threads); 1959 1960 log_moderator_action($modlogdata, $lang->multi_restored_threads); 1961 if($mybb->get_input('inlinetype') == 'search') 1962 { 1963 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1964 } 1965 else 1966 { 1967 clearinline($fid, 'forum'); 1968 } 1969 $cache->update_stats(); 1970 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsrestored); 1971 break; 1972 1973 // Soft delete threads - Inline moderation 1974 case "multisoftdeletethreads": 1975 1976 // Verify incoming POST request 1977 verify_post_check($mybb->get_input('my_post_key')); 1978 1979 if(!empty($mybb->input['searchid'])) 1980 { 1981 // From search page 1982 $threads = getids($mybb->get_input('searchid'), 'search'); 1983 if(!is_moderator_by_tids($threads, 'cansoftdeletethreads')) 1984 { 1985 error_no_permission(); 1986 } 1987 } 1988 else 1989 { 1990 $threads = getids($fid, 'forum'); 1991 if(!is_moderator($fid, 'cansoftdeletethreads')) 1992 { 1993 error_no_permission(); 1994 } 1995 } 1996 if(count($threads) < 1) 1997 { 1998 error($lang->error_inline_nothreadsselected, $lang->error); 1999 } 2000 2001 $moderation->soft_delete_threads($threads); 2002 2003 log_moderator_action($modlogdata, $lang->multi_soft_deleted_threads); 2004 if($mybb->get_input('inlinetype') == 'search') 2005 { 2006 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2007 } 2008 else 2009 { 2010 clearinline($fid, 'forum'); 2011 } 2012 $cache->update_stats(); 2013 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadssoftdeleted); 2014 break; 2015 2016 // Stick threads - Inline moderation 2017 case "multistickthreads": 2018 2019 // Verify incoming POST request 2020 verify_post_check($mybb->get_input('my_post_key')); 2021 2022 if(!empty($mybb->input['searchid'])) 2023 { 2024 // From search page 2025 $threads = getids($mybb->get_input('searchid'), 'search'); 2026 if(!is_moderator_by_tids($threads, 'canstickunstickthreads')) 2027 { 2028 error_no_permission(); 2029 } 2030 } 2031 else 2032 { 2033 $threads = getids($fid, 'forum'); 2034 if(!is_moderator($fid, 'canstickunstickthreads')) 2035 { 2036 error_no_permission(); 2037 } 2038 } 2039 if(count($threads) < 1) 2040 { 2041 error($lang->error_inline_nothreadsselected, $lang->error); 2042 } 2043 2044 $moderation->stick_threads($threads); 2045 2046 log_moderator_action($modlogdata, $lang->multi_stuck_threads); 2047 if($mybb->get_input('inlinetype') == 'search') 2048 { 2049 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2050 } 2051 else 2052 { 2053 clearinline($fid, 'forum'); 2054 } 2055 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsstuck); 2056 break; 2057 2058 // Unstick threads - Inline moderaton 2059 case "multiunstickthreads": 2060 2061 // Verify incoming POST request 2062 verify_post_check($mybb->get_input('my_post_key')); 2063 2064 if(!empty($mybb->input['searchid'])) 2065 { 2066 // From search page 2067 $threads = getids($mybb->get_input('searchid'), 'search'); 2068 if(!is_moderator_by_tids($threads, 'canstickunstickthreads')) 2069 { 2070 error_no_permission(); 2071 } 2072 } 2073 else 2074 { 2075 $threads = getids($fid, 'forum'); 2076 if(!is_moderator($fid, 'canstickunstickthreads')) 2077 { 2078 error_no_permission(); 2079 } 2080 } 2081 if(count($threads) < 1) 2082 { 2083 error($lang->error_inline_nothreadsselected, $lang->error); 2084 } 2085 2086 $moderation->unstick_threads($threads); 2087 2088 log_moderator_action($modlogdata, $lang->multi_unstuck_threads); 2089 if($mybb->get_input('inlinetype') == 'search') 2090 { 2091 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2092 } 2093 else 2094 { 2095 clearinline($fid, 'forum'); 2096 } 2097 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunstuck); 2098 break; 2099 2100 // Move threads - Inline moderation 2101 case "multimovethreads": 2102 add_breadcrumb($lang->nav_multi_movethreads); 2103 2104 if(!empty($mybb->input['searchid'])) 2105 { 2106 // From search page 2107 $threads = getids($mybb->get_input('searchid'), 'search'); 2108 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 2109 { 2110 error_no_permission(); 2111 } 2112 } 2113 else 2114 { 2115 $threads = getids($fid, 'forum'); 2116 if(!is_moderator($fid, 'canmanagethreads')) 2117 { 2118 error_no_permission(); 2119 } 2120 } 2121 2122 if(count($threads) < 1) 2123 { 2124 error($lang->error_inline_nothreadsselected, $lang->error); 2125 } 2126 $inlineids = implode("|", $threads); 2127 if($mybb->get_input('inlinetype') == 'search') 2128 { 2129 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2130 } 2131 else 2132 { 2133 clearinline($fid, 'forum'); 2134 } 2135 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 2136 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2137 eval("\$movethread = \"".$templates->get("moderation_inline_movethreads")."\";"); 2138 output_page($movethread); 2139 break; 2140 2141 // Actually move the threads in Inline moderation 2142 case "do_multimovethreads": 2143 2144 // Verify incoming POST request 2145 verify_post_check($mybb->get_input('my_post_key')); 2146 2147 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 2148 $method = $mybb->get_input('method'); 2149 2150 $threadlist = explode("|", $mybb->get_input('threads')); 2151 if(!is_moderator_by_tids($threadlist, 'canmanagethreads')) 2152 { 2153 error_no_permission(); 2154 } 2155 foreach($threadlist as $tid) 2156 { 2157 $tids[] = (int)$tid; 2158 } 2159 // Make sure moderator has permission to move to the new forum 2160 $newperms = forum_permissions($moveto); 2161 if(($newperms['canview'] == 0 || !is_moderator($moveto, 'canmanagethreads')) && !is_moderator_by_tids($tids, 'canmovetononmodforum')) 2162 { 2163 error($lang->error_movetononmodforum, $lang->error); 2164 } 2165 2166 $newforum = get_forum($moveto); 2167 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 2168 { 2169 error($lang->error_invalidforum, $lang->error); 2170 } 2171 2172 $plugins->run_hooks('moderation_do_multimovethreads'); 2173 2174 log_moderator_action($modlogdata, $lang->multi_moved_threads); 2175 $expire = 0; 2176 if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0) 2177 { 2178 $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400); 2179 } 2180 2181 foreach($tids as $tid) { 2182 $moderation->move_thread($tid, $moveto, $method, $expire); 2183 } 2184 2185 moderation_redirect(get_forum_link($moveto), $lang->redirect_inline_threadsmoved); 2186 break; 2187 2188 // Delete posts - Inline moderation 2189 case "multideleteposts": 2190 add_breadcrumb($lang->nav_multi_deleteposts); 2191 2192 if($mybb->get_input('inlinetype') == 'search') 2193 { 2194 $posts = getids($mybb->get_input('searchid'), 'search'); 2195 } 2196 else 2197 { 2198 $posts = getids($tid, 'thread'); 2199 } 2200 2201 if(count($posts) < 1) 2202 { 2203 error($lang->error_inline_nopostsselected, $lang->error); 2204 } 2205 if(!is_moderator_by_pids($posts, "candeleteposts")) 2206 { 2207 error_no_permission(); 2208 } 2209 $inlineids = implode("|", $posts); 2210 if($mybb->get_input('inlinetype') == 'search') 2211 { 2212 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2213 } 2214 else 2215 { 2216 clearinline($tid, 'thread'); 2217 } 2218 2219 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2220 2221 eval("\$multidelete = \"".$templates->get("moderation_inline_deleteposts")."\";"); 2222 output_page($multidelete); 2223 break; 2224 2225 // Actually delete the posts in inline moderation 2226 case "do_multideleteposts": 2227 2228 // Verify incoming POST request 2229 verify_post_check($mybb->get_input('my_post_key')); 2230 2231 $postlist = explode("|", $mybb->get_input('posts')); 2232 if(!is_moderator_by_pids($postlist, "candeleteposts")) 2233 { 2234 error_no_permission(); 2235 } 2236 $postlist = array_map('intval', $postlist); 2237 $pids = implode(',', $postlist); 2238 2239 $tids = array(); 2240 if($pids) 2241 { 2242 $query = $db->simple_select("threads", "tid", "firstpost IN({$pids})"); 2243 while($threadid = $db->fetch_field($query, "tid")) 2244 { 2245 $tids[] = $threadid; 2246 } 2247 } 2248 2249 $deletecount = 0; 2250 foreach($postlist as $pid) 2251 { 2252 $pid = (int)$pid; 2253 $moderation->delete_post($pid); 2254 $plist[] = $pid; 2255 $deletecount++; 2256 } 2257 2258 // If we have multiple threads, we must be coming from the search 2259 if(!empty($tids)) 2260 { 2261 foreach($tids as $tid) 2262 { 2263 $moderation->delete_thread($tid); 2264 mark_reports($tid, "thread"); 2265 $url = get_forum_link($fid); 2266 } 2267 } 2268 // Otherwise we're just deleting from showthread.php 2269 else 2270 { 2271 $query = $db->simple_select("posts", "pid", "tid = $tid"); 2272 $numposts = $db->num_rows($query); 2273 if(!$numposts) 2274 { 2275 $moderation->delete_thread($tid); 2276 mark_reports($tid, "thread"); 2277 $url = get_forum_link($fid); 2278 } 2279 else 2280 { 2281 mark_reports($plist, "posts"); 2282 $url = get_thread_link($thread['tid']); 2283 } 2284 } 2285 2286 $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount); 2287 log_moderator_action($modlogdata, $lang->deleted_selective_posts); 2288 moderation_redirect($url, $lang->redirect_postsdeleted); 2289 break; 2290 2291 // Merge posts - Inline moderation 2292 case "multimergeposts": 2293 add_breadcrumb($lang->nav_multi_mergeposts); 2294 2295 if($mybb->get_input('inlinetype') == 'search') 2296 { 2297 $posts = getids($mybb->get_input('searchid'), 'search'); 2298 } 2299 else 2300 { 2301 $posts = getids($tid, 'thread'); 2302 } 2303 2304 // Add the selected posts from other threads 2305 foreach($mybb->cookies as $key => $value) 2306 { 2307 if(strpos($key, "inlinemod_thread") !== false && $key != "inlinemod_thread$tid") 2308 { 2309 $inlinepostlist = explode("|", $mybb->cookies[$key]); 2310 foreach($inlinepostlist as $p) 2311 { 2312 $p = (int)$p; 2313 2314 if(!empty($p)) 2315 { 2316 $posts[] = (int)$p; 2317 } 2318 } 2319 // Remove the cookie once its data is retrieved 2320 my_unsetcookie($key); 2321 } 2322 } 2323 2324 if(empty($posts)) 2325 { 2326 error($lang->error_inline_nopostsselected, $lang->error); 2327 } 2328 2329 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2330 { 2331 error_no_permission(); 2332 } 2333 2334 $postlist = ""; 2335 $query = $db->query(" 2336 SELECT p.*, u.* 2337 FROM ".TABLE_PREFIX."posts p 2338 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 2339 WHERE pid IN (".implode(",", $posts).") 2340 ORDER BY dateline ASC, pid ASC 2341 "); 2342 $altbg = "trow1"; 2343 while($post = $db->fetch_array($query)) 2344 { 2345 $postdate = my_date('relative', $post['dateline']); 2346 2347 $parser_options = array( 2348 "allow_html" => $forum['allowhtml'], 2349 "allow_mycode" => $forum['allowmycode'], 2350 "allow_smilies" => $forum['allowsmilies'], 2351 "allow_imgcode" => $forum['allowimgcode'], 2352 "allow_videocode" => $forum['allowvideocode'], 2353 "filter_badwords" => 1 2354 ); 2355 if($post['smilieoff'] == 1) 2356 { 2357 $parser_options['allow_smilies'] = 0; 2358 } 2359 2360 $message = $parser->parse_message($post['message'], $parser_options); 2361 eval("\$postlist .= \"".$templates->get("moderation_mergeposts_post")."\";"); 2362 $altbg = alt_trow(); 2363 } 2364 2365 $inlineids = implode("|", $posts); 2366 if($mybb->get_input('inlinetype') == 'search') 2367 { 2368 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2369 } 2370 else 2371 { 2372 clearinline($tid, 'thread'); 2373 } 2374 2375 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2376 2377 eval("\$multimerge = \"".$templates->get("moderation_inline_mergeposts")."\";"); 2378 output_page($multimerge); 2379 break; 2380 2381 // Actually merge the posts - Inline moderation 2382 case "do_multimergeposts": 2383 2384 // Verify incoming POST request 2385 verify_post_check($mybb->get_input('my_post_key')); 2386 2387 $mergepost = $mybb->get_input('mergepost', MyBB::INPUT_ARRAY); 2388 if(count($mergepost) <= 1) 2389 { 2390 error($lang->error_nomergeposts, $lang->error); 2391 } 2392 2393 foreach($mergepost as $pid => $yes) 2394 { 2395 $postlist[] = (int)$pid; 2396 } 2397 2398 if(!is_moderator_by_pids($postlist, "canmanagethreads")) 2399 { 2400 error_no_permission(); 2401 } 2402 2403 $masterpid = $moderation->merge_posts($postlist, $tid, $mybb->input['sep']); 2404 2405 mark_reports($postlist, "posts"); 2406 log_moderator_action($modlogdata, $lang->merged_selective_posts); 2407 moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_inline_postsmerged); 2408 break; 2409 2410 // Split posts - Inline moderation 2411 case "multisplitposts": 2412 add_breadcrumb($lang->nav_multi_splitposts); 2413 2414 if($mybb->get_input('inlinetype') == 'search') 2415 { 2416 $posts = getids($mybb->get_input('searchid'), 'search'); 2417 } 2418 else 2419 { 2420 $posts = getids($tid, 'thread'); 2421 } 2422 2423 if(count($posts) < 1) 2424 { 2425 error($lang->error_inline_nopostsselected, $lang->error); 2426 } 2427 2428 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2429 { 2430 error_no_permission(); 2431 } 2432 $posts = array_map('intval', $posts); 2433 $pidin = implode(',', $posts); 2434 2435 // Make sure that we are not splitting a thread with one post 2436 // Select number of posts in each thread that the splitted post is in 2437 $query = $db->query(" 2438 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2439 FROM ".TABLE_PREFIX."posts p 2440 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2441 WHERE p.pid IN ($pidin) 2442 GROUP BY p.tid, p.pid 2443 "); 2444 $threads = $pcheck = array(); 2445 while($tcheck = $db->fetch_array($query)) 2446 { 2447 if((int)$tcheck['count'] <= 1) 2448 { 2449 error($lang->error_cantsplitonepost, $lang->error); 2450 } 2451 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2452 } 2453 2454 // Make sure that we are not splitting all posts in the thread 2455 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2456 $query = $db->query(" 2457 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2458 FROM ".TABLE_PREFIX."posts p 2459 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2460 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2461 GROUP BY p.tid, p.pid 2462 "); 2463 $pcheck2 = array(); 2464 while($tcheck = $db->fetch_array($query)) 2465 { 2466 if($tcheck['count'] > 0) 2467 { 2468 $pcheck2[] = $tcheck['tid']; 2469 } 2470 } 2471 if(count($pcheck2) != count($pcheck)) 2472 { 2473 // One or more threads do not have posts after splitting 2474 error($lang->error_cantsplitall, $lang->error); 2475 } 2476 2477 $inlineids = implode("|", $posts); 2478 if($mybb->get_input('inlinetype') == 'search') 2479 { 2480 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2481 } 2482 else 2483 { 2484 clearinline($tid, 'thread'); 2485 } 2486 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 2487 2488 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2489 2490 eval("\$splitposts = \"".$templates->get("moderation_inline_splitposts")."\";"); 2491 output_page($splitposts); 2492 break; 2493 2494 // Actually split the posts - Inline moderation 2495 case "do_multisplitposts": 2496 2497 // Verify incoming POST request 2498 verify_post_check($mybb->get_input('my_post_key')); 2499 2500 $plist = array(); 2501 $postlist = explode("|", $mybb->get_input('posts')); 2502 foreach($postlist as $pid) 2503 { 2504 $pid = (int)$pid; 2505 $plist[] = $pid; 2506 } 2507 2508 if(!is_moderator_by_pids($plist, "canmanagethreads")) 2509 { 2510 error_no_permission(); 2511 } 2512 2513 // Ensure all posts exist 2514 $posts = array(); 2515 if(!empty($plist)) 2516 { 2517 $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')'); 2518 while($pid = $db->fetch_field($query, 'pid')) 2519 { 2520 $posts[] = $pid; 2521 } 2522 } 2523 2524 if(empty($posts)) 2525 { 2526 error($lang->error_inline_nopostsselected, $lang->error); 2527 } 2528 2529 $pidin = implode(',', $posts); 2530 2531 // Make sure that we are not splitting a thread with one post 2532 // Select number of posts in each thread that the splitted post is in 2533 $query = $db->query(" 2534 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2535 FROM ".TABLE_PREFIX."posts p 2536 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2537 WHERE p.pid IN ($pidin) 2538 GROUP BY p.tid, p.pid 2539 "); 2540 $pcheck = array(); 2541 while($tcheck = $db->fetch_array($query)) 2542 { 2543 if((int)$tcheck['count'] <= 1) 2544 { 2545 error($lang->error_cantsplitonepost, $lang->error); 2546 } 2547 $pcheck[] = $tcheck['tid']; // Save tids for below 2548 } 2549 2550 // Make sure that we are not splitting all posts in the thread 2551 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2552 $query = $db->query(" 2553 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2554 FROM ".TABLE_PREFIX."posts p 2555 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2556 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2557 GROUP BY p.tid, p.pid 2558 "); 2559 $pcheck2 = array(); 2560 while($tcheck = $db->fetch_array($query)) 2561 { 2562 if($tcheck['count'] > 0) 2563 { 2564 $pcheck2[] = $tcheck['tid']; 2565 } 2566 } 2567 if(count($pcheck2) != count($pcheck)) 2568 { 2569 // One or more threads do not have posts after splitting 2570 error($lang->error_cantsplitall, $lang->error); 2571 } 2572 2573 if(isset($mybb->input['moveto'])) 2574 { 2575 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 2576 } 2577 else 2578 { 2579 $moveto = $fid; 2580 } 2581 2582 $newforum = get_forum($moveto); 2583 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 2584 { 2585 error($lang->error_invalidforum, $lang->error); 2586 } 2587 2588 $newsubject = $mybb->get_input('newsubject'); 2589 $newtid = $moderation->split_posts($posts, $tid, $moveto, $newsubject); 2590 2591 $pid_list = implode(', ', $posts); 2592 $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid); 2593 log_moderator_action($modlogdata, $lang->split_selective_posts); 2594 2595 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 2596 break; 2597 2598 // Move posts - Inline moderation 2599 case "multimoveposts": 2600 add_breadcrumb($lang->nav_multi_moveposts); 2601 2602 if($mybb->get_input('inlinetype') == 'search') 2603 { 2604 $posts = getids($mybb->get_input('searchid'), 'search'); 2605 } 2606 else 2607 { 2608 $posts = getids($tid, 'thread'); 2609 } 2610 2611 if(count($posts) < 1) 2612 { 2613 error($lang->error_inline_nopostsselected, $lang->error); 2614 } 2615 2616 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2617 { 2618 error_no_permission(); 2619 } 2620 $posts = array_map('intval', $posts); 2621 $pidin = implode(',', $posts); 2622 2623 // Make sure that we are not moving posts in a thread with one post 2624 // Select number of posts in each thread that the moved post is in 2625 $query = $db->query(" 2626 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2627 FROM ".TABLE_PREFIX."posts p 2628 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2629 WHERE p.pid IN ($pidin) 2630 GROUP BY p.tid, p.pid 2631 "); 2632 $threads = $pcheck = array(); 2633 while($tcheck = $db->fetch_array($query)) 2634 { 2635 if((int)$tcheck['count'] <= 1) 2636 { 2637 error($lang->error_cantsplitonepost, $lang->error); 2638 } 2639 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2640 } 2641 2642 // Make sure that we are not moving all posts in the thread 2643 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2644 $query = $db->query(" 2645 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2646 FROM ".TABLE_PREFIX."posts p 2647 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2648 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2649 GROUP BY p.tid, p.pid 2650 "); 2651 $pcheck2 = array(); 2652 while($tcheck = $db->fetch_array($query)) 2653 { 2654 if($tcheck['count'] > 0) 2655 { 2656 $pcheck2[] = $tcheck['tid']; 2657 } 2658 } 2659 if(count($pcheck2) != count($pcheck)) 2660 { 2661 // One or more threads do not have posts after splitting 2662 error($lang->error_cantmoveall, $lang->error); 2663 } 2664 2665 $inlineids = implode("|", $posts); 2666 if($mybb->get_input('inlinetype') == 'search') 2667 { 2668 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2669 } 2670 else 2671 { 2672 clearinline($tid, 'thread'); 2673 } 2674 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 2675 2676 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2677 2678 eval("\$moveposts = \"".$templates->get("moderation_inline_moveposts")."\";"); 2679 output_page($moveposts); 2680 break; 2681 2682 // Actually split the posts - Inline moderation 2683 case "do_multimoveposts": 2684 2685 // Verify incoming POST request 2686 verify_post_check($mybb->get_input('my_post_key')); 2687 2688 $plugins->run_hooks("moderation_do_multimoveposts"); 2689 2690 // explode at # sign in a url (indicates a name reference) and reassign to the url 2691 $realurl = explode("#", $mybb->get_input('threadurl')); 2692 $mybb->input['threadurl'] = $realurl[0]; 2693 2694 // Are we using an SEO URL? 2695 if(substr($mybb->input['threadurl'], -4) == "html") 2696 { 2697 // Get thread to merge's tid the SEO way 2698 preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch); 2699 preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch); 2700 2701 if(!empty($threadmatch[1])) 2702 { 2703 $parameters['tid'] = $threadmatch[1]; 2704 } 2705 2706 if(!empty($postmatch[1])) 2707 { 2708 $parameters['pid'] = $postmatch[1]; 2709 } 2710 } 2711 else 2712 { 2713 // Get thread to merge's tid the normal way 2714 $splitloc = explode(".php", $mybb->input['threadurl']); 2715 $temp = explode("&", my_substr($splitloc[1], 1)); 2716 2717 if(!empty($temp)) 2718 { 2719 for($i = 0; $i < count($temp); $i++) 2720 { 2721 $temp2 = explode("=", $temp[$i], 2); 2722 $parameters[$temp2[0]] = $temp2[1]; 2723 } 2724 } 2725 else 2726 { 2727 $temp2 = explode("=", $splitloc[1], 2); 2728 $parameters[$temp2[0]] = $temp2[1]; 2729 } 2730 } 2731 2732 if(!empty($parameters['pid']) && empty($parameters['tid'])) 2733 { 2734 $query = $db->simple_select("posts", "tid", "pid='".(int)$parameters['pid']."'"); 2735 $post = $db->fetch_array($query); 2736 $newtid = $post['tid']; 2737 } 2738 elseif(!empty($parameters['tid'])) 2739 { 2740 $newtid = $parameters['tid']; 2741 } 2742 else 2743 { 2744 $newtid = 0; 2745 } 2746 $newtid = (int)$newtid; 2747 $newthread = get_thread($newtid); 2748 if(!$newthread) 2749 { 2750 error($lang->error_badmovepostsurl, $lang->error); 2751 } 2752 if($newtid == $tid) 2753 { // sanity check 2754 error($lang->error_movetoself, $lang->error); 2755 } 2756 2757 $postlist = explode("|", $mybb->get_input('posts')); 2758 $plist = array(); 2759 foreach($postlist as $pid) 2760 { 2761 $pid = (int)$pid; 2762 $plist[] = $pid; 2763 } 2764 2765 if(!is_moderator_by_pids($plist, "canmanagethreads")) 2766 { 2767 error_no_permission(); 2768 } 2769 2770 // Ensure all posts exist 2771 $posts = array(); 2772 if(!empty($plist)) 2773 { 2774 $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')'); 2775 while($pid = $db->fetch_field($query, 'pid')) 2776 { 2777 $posts[] = $pid; 2778 } 2779 } 2780 2781 if(empty($posts)) 2782 { 2783 error($lang->error_inline_nopostsselected, $lang->error); 2784 } 2785 2786 $pidin = implode(',', $posts); 2787 2788 // Make sure that we are not moving posts in a thread with one post 2789 // Select number of posts in each thread that the moved post is in 2790 $query = $db->query(" 2791 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2792 FROM ".TABLE_PREFIX."posts p 2793 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2794 WHERE p.pid IN ($pidin) 2795 GROUP BY p.tid, p.pid 2796 "); 2797 $threads = $pcheck = array(); 2798 while($tcheck = $db->fetch_array($query)) 2799 { 2800 if((int)$tcheck['count'] <= 1) 2801 { 2802 error($lang->error_cantsplitonepost, $lang->error); 2803 } 2804 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2805 } 2806 2807 // Make sure that we are not moving all posts in the thread 2808 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2809 $query = $db->query(" 2810 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2811 FROM ".TABLE_PREFIX."posts p 2812 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2813 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2814 GROUP BY p.tid, p.pid 2815 "); 2816 $pcheck2 = array(); 2817 while($tcheck = $db->fetch_array($query)) 2818 { 2819 if($tcheck['count'] > 0) 2820 { 2821 $pcheck2[] = $tcheck['tid']; 2822 } 2823 } 2824 if(count($pcheck2) != count($pcheck)) 2825 { 2826 // One or more threads do not have posts after splitting 2827 error($lang->error_cantmoveall, $lang->error); 2828 } 2829 2830 $newtid = $moderation->split_posts($posts, $tid, $newthread['fid'], $db->escape_string($newthread['subject']), $newtid); 2831 2832 $pid_list = implode(', ', $posts); 2833 $lang->move_selective_posts = $lang->sprintf($lang->move_selective_posts, $pid_list, $newtid); 2834 log_moderator_action($modlogdata, $lang->move_selective_posts); 2835 2836 moderation_redirect(get_thread_link($newtid), $lang->redirect_moveposts); 2837 break; 2838 2839 // Approve posts - Inline moderation 2840 case "multiapproveposts": 2841 2842 // Verify incoming POST request 2843 verify_post_check($mybb->get_input('my_post_key')); 2844 2845 if($mybb->get_input('inlinetype') == 'search') 2846 { 2847 $posts = getids($mybb->get_input('searchid'), 'search'); 2848 } 2849 else 2850 { 2851 $posts = getids($tid, 'thread'); 2852 } 2853 if(count($posts) < 1) 2854 { 2855 error($lang->error_inline_nopostsselected, $lang->error); 2856 } 2857 2858 if(!is_moderator_by_pids($posts, "canapproveunapproveposts")) 2859 { 2860 error_no_permission(); 2861 } 2862 2863 $pids = array(); 2864 foreach($posts as $pid) 2865 { 2866 $pids[] = (int)$pid; 2867 } 2868 2869 $moderation->approve_posts($pids); 2870 2871 log_moderator_action($modlogdata, $lang->multi_approve_posts); 2872 if($mybb->get_input('inlinetype') == 'search') 2873 { 2874 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2875 } 2876 else 2877 { 2878 clearinline($tid, 'thread'); 2879 } 2880 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsapproved); 2881 break; 2882 2883 // Unapprove posts - Inline moderation 2884 case "multiunapproveposts": 2885 2886 // Verify incoming POST request 2887 verify_post_check($mybb->get_input('my_post_key')); 2888 2889 if($mybb->get_input('inlinetype') == 'search') 2890 { 2891 $posts = getids($mybb->get_input('searchid'), 'search'); 2892 } 2893 else 2894 { 2895 $posts = getids($tid, 'thread'); 2896 } 2897 2898 if(count($posts) < 1) 2899 { 2900 error($lang->error_inline_nopostsselected, $lang->error); 2901 } 2902 $pids = array(); 2903 2904 if(!is_moderator_by_pids($posts, "canapproveunapproveposts")) 2905 { 2906 error_no_permission(); 2907 } 2908 foreach($posts as $pid) 2909 { 2910 $pids[] = (int)$pid; 2911 } 2912 2913 $moderation->unapprove_posts($pids); 2914 2915 log_moderator_action($modlogdata, $lang->multi_unapprove_posts); 2916 if($mybb->get_input('inlinetype') == 'search') 2917 { 2918 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2919 } 2920 else 2921 { 2922 clearinline($tid, 'thread'); 2923 } 2924 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsunapproved); 2925 break; 2926 2927 // Restore posts - Inline moderation 2928 case "multirestoreposts": 2929 2930 // Verify incoming POST request 2931 verify_post_check($mybb->get_input('my_post_key')); 2932 2933 if($mybb->get_input('inlinetype') == 'search') 2934 { 2935 $posts = getids($mybb->get_input('searchid'), 'search'); 2936 } 2937 else 2938 { 2939 $posts = getids($tid, 'thread'); 2940 } 2941 if(count($posts) < 1) 2942 { 2943 error($lang->error_inline_nopostsselected, $lang->error); 2944 } 2945 2946 if(!is_moderator_by_pids($posts, "canrestoreposts")) 2947 { 2948 error_no_permission(); 2949 } 2950 2951 $pids = array(); 2952 foreach($posts as $pid) 2953 { 2954 $pids[] = (int)$pid; 2955 } 2956 2957 $moderation->restore_posts($pids); 2958 2959 log_moderator_action($modlogdata, $lang->multi_restore_posts); 2960 if($mybb->get_input('inlinetype') == 'search') 2961 { 2962 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2963 } 2964 else 2965 { 2966 clearinline($tid, 'thread'); 2967 } 2968 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsrestored); 2969 break; 2970 2971 // Soft delete posts - Inline moderation 2972 case "multisoftdeleteposts": 2973 // Verify incoming POST request 2974 verify_post_check($mybb->get_input('my_post_key')); 2975 2976 if($mybb->get_input('inlinetype') == 'search') 2977 { 2978 $posts = getids($mybb->get_input('searchid'), 'search'); 2979 } 2980 else 2981 { 2982 $posts = getids($tid, 'thread'); 2983 } 2984 2985 if(count($posts) < 1) 2986 { 2987 error($lang->error_inline_nopostsselected, $lang->error); 2988 } 2989 $pids = array(); 2990 2991 if(!is_moderator_by_pids($posts, "cansoftdeleteposts")) 2992 { 2993 error_no_permission(); 2994 } 2995 foreach($posts as $pid) 2996 { 2997 $pids[] = (int)$pid; 2998 } 2999 3000 $moderation->soft_delete_posts($pids); 3001 log_moderator_action($modlogdata, $lang->multi_soft_delete_posts); 3002 3003 if($mybb->get_input('inlinetype') == 'search') 3004 { 3005 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 3006 } 3007 else 3008 { 3009 clearinline($tid, 'thread'); 3010 } 3011 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postssoftdeleted); 3012 break; 3013 case "do_purgespammer": 3014 case "purgespammer": 3015 require_once MYBB_ROOT."inc/functions_user.php"; 3016 3017 $groups = explode(",", $mybb->settings['purgespammergroups']); 3018 if(!is_member($groups)) 3019 { 3020 error_no_permission(); 3021 } 3022 3023 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 3024 $user = get_user($uid); 3025 if(!$user || !purgespammer_show($user['postnum'], $user['usergroup'], $user['uid'])) 3026 { 3027 error($lang->purgespammer_invalid_user); 3028 } 3029 3030 if($mybb->input['action'] == "do_purgespammer") 3031 { 3032 verify_post_check($mybb->get_input('my_post_key')); 3033 3034 $user_deleted = false; 3035 3036 // Run the hooks first to avoid any issues when we delete the user 3037 $plugins->run_hooks("moderation_purgespammer_purge"); 3038 3039 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 3040 $userhandler = new UserDataHandler('delete'); 3041 3042 if($mybb->settings['purgespammerbandelete'] == "ban") 3043 { 3044 // First delete everything 3045 $userhandler->delete_content($uid); 3046 $userhandler->delete_posts($uid); 3047 3048 // Next ban him (or update the banned reason, shouldn't happen) 3049 $query = $db->simple_select("banned", "uid", "uid = '{$uid}'"); 3050 if($db->num_rows($query) > 0) 3051 { 3052 $banupdate = array( 3053 "reason" => $db->escape_string($mybb->settings['purgespammerbanreason']) 3054 ); 3055 $db->update_query('banned', $banupdate, "uid = '{$uid}'"); 3056 } 3057 else 3058 { 3059 $insert = array( 3060 "uid" => $uid, 3061 "gid" => (int)$mybb->settings['purgespammerbangroup'], 3062 "oldgroup" => 2, 3063 "oldadditionalgroups" => "", 3064 "olddisplaygroup" => 0, 3065 "admin" => (int)$mybb->user['uid'], 3066 "dateline" => TIME_NOW, 3067 "bantime" => "---", 3068 "lifted" => 0, 3069 "reason" => $db->escape_string($mybb->settings['purgespammerbanreason']) 3070 ); 3071 $db->insert_query('banned', $insert); 3072 } 3073 3074 // Add the IP's to the banfilters 3075 if($mybb->settings['purgespammerbanip'] == 1) 3076 { 3077 foreach(array($user['regip'], $user['lastip']) as $ip) 3078 { 3079 $ip = my_inet_ntop($db->unescape_binary($ip)); 3080 $query = $db->simple_select("banfilters", "type", "type = 1 AND filter = '".$db->escape_string($ip)."'"); 3081 if($db->num_rows($query) == 0) 3082 { 3083 $insert = array( 3084 "filter" => $db->escape_string($ip), 3085 "type" => 1, 3086 "dateline" => TIME_NOW 3087 ); 3088 $db->insert_query("banfilters", $insert); 3089 } 3090 } 3091 } 3092 3093 // Clear the profile 3094 $userhandler->clear_profile($uid, $mybb->settings['purgespammerbangroup']); 3095 3096 $cache->update_bannedips(); 3097 $cache->update_awaitingactivation(); 3098 3099 // Update reports cache 3100 $cache->update_reportedcontent(); 3101 } 3102 elseif($mybb->settings['purgespammerbandelete'] == "delete") 3103 { 3104 $user_deleted = $userhandler->delete_user($uid, 1); 3105 } 3106 3107 // Submit the user to stop forum spam 3108 if(!empty($mybb->settings['purgespammerapikey'])) 3109 { 3110 $sfs = @fetch_remote_file("http://stopforumspam.com/add.php?username=" . urlencode($user['username']) . "&ip_addr=" . urlencode(my_inet_ntop($db->unescape_binary($user['lastip']))) . "&email=" . urlencode($user['email']) . "&api_key=" . urlencode($mybb->settings['purgespammerapikey'])); 3111 } 3112 3113 log_moderator_action(array('uid' => $uid, 'username' => $user['username']), $lang->purgespammer_modlog); 3114 3115 if($user_deleted) 3116 { 3117 redirect($mybb->settings['bburl'], $lang->purgespammer_success); 3118 } 3119 else 3120 { 3121 redirect(get_profile_link($uid), $lang->purgespammer_success); 3122 } 3123 } 3124 elseif($mybb->input['action'] == "purgespammer") 3125 { 3126 $plugins->run_hooks("moderation_purgespammer_show"); 3127 3128 add_breadcrumb($lang->purgespammer); 3129 $lang->purgespammer_purge = $lang->sprintf($lang->purgespammer_purge, htmlspecialchars_uni($user['username'])); 3130 if($mybb->settings['purgespammerbandelete'] == "ban") 3131 { 3132 $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_ban); 3133 } 3134 else 3135 { 3136 $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_delete); 3137 } 3138 eval("\$purgespammer = \"".$templates->get('moderation_purgespammer')."\";"); 3139 output_page($purgespammer); 3140 } 3141 break; 3142 default: 3143 require_once MYBB_ROOT."inc/class_custommoderation.php"; 3144 $custommod = new CustomModeration; 3145 $tool = $custommod->tool_info($mybb->get_input('action', MyBB::INPUT_INT)); 3146 if($tool !== false) 3147 { 3148 // Verify incoming POST request 3149 verify_post_check($mybb->get_input('my_post_key')); 3150 3151 $options = my_unserialize($tool['threadoptions']); 3152 3153 if(!is_member($tool['groups'])) 3154 { 3155 error_no_permission(); 3156 } 3157 3158 if($thread['visible'] == -1) 3159 { 3160 error($lang->error_thread_deleted, $lang->error); 3161 } 3162 3163 if(!empty($options['confirmation']) && empty($mybb->input['confirm'])) 3164 { 3165 add_breadcrumb($lang->confirm_execute_tool); 3166 3167 $lang->confirm_execute_tool_desc = $lang->sprintf($lang->confirm_execute_tool_desc, htmlspecialchars_uni($tool['name'])); 3168 3169 $action = $mybb->get_input('action', MyBB::INPUT_INT); 3170 $modtype = htmlspecialchars_uni($mybb->get_input('modtype')); 3171 $inlinetype = htmlspecialchars_uni($mybb->get_input('inlinetype')); 3172 $searchid = htmlspecialchars_uni($mybb->get_input('searchid')); 3173 $url = htmlspecialchars_uni($mybb->get_input('url')); 3174 $plugins->run_hooks('moderation_confirmation'); 3175 3176 eval('$page = "'.$templates->get('moderation_confirmation').'";'); 3177 3178 output_page($page); 3179 exit; 3180 } 3181 3182 $tool['name'] = htmlspecialchars_uni($tool['name']); 3183 3184 if($tool['type'] == 't' && $mybb->get_input('modtype') == 'inlinethread') 3185 { 3186 if($mybb->get_input('inlinetype') == 'search') 3187 { 3188 $tids = getids($mybb->get_input('searchid'), 'search'); 3189 } 3190 else 3191 { 3192 $tids = getids($fid, "forum"); 3193 } 3194 if(count($tids) < 1) 3195 { 3196 error($lang->error_inline_nopostsselected, $lang->error); 3197 } 3198 if(!is_moderator_by_tids($tids, "canusecustomtools")) 3199 { 3200 error_no_permission(); 3201 } 3202 3203 $thread_options = my_unserialize($tool['threadoptions']); 3204 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 3205 { 3206 error($lang->error_movetocategory, $lang->error); 3207 } 3208 3209 $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids); 3210 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 3211 log_moderator_action($modlogdata, $lang->custom_tool); 3212 if($mybb->get_input('inlinetype') == 'search') 3213 { 3214 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 3215 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 3216 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 3217 moderation_redirect($return_url, $lang->redirect_customtool_search); 3218 } 3219 else 3220 { 3221 clearinline($fid, "forum"); 3222 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 3223 redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 3224 } 3225 break; 3226 } 3227 elseif($tool['type'] == 't' && $mybb->get_input('modtype') == 'thread') 3228 { 3229 if(!is_moderator_by_tids($tid, "canusecustomtools")) 3230 { 3231 error_no_permission(); 3232 } 3233 3234 $thread_options = my_unserialize($tool['threadoptions']); 3235 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 3236 { 3237 error($lang->error_movetocategory, $lang->error); 3238 } 3239 3240 $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tid); 3241 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 3242 log_moderator_action($modlogdata, $lang->custom_tool); 3243 if($ret == 'forum') 3244 { 3245 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 3246 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 3247 } 3248 else 3249 { 3250 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 3251 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_customtool_thread); 3252 } 3253 break; 3254 } 3255 elseif($tool['type'] == 'p' && $mybb->get_input('modtype') == 'inlinepost') 3256 { 3257 if($mybb->get_input('inlinetype') == 'search') 3258 { 3259 $pids = getids($mybb->get_input('searchid'), 'search'); 3260 } 3261 else 3262 { 3263 $pids = getids($tid, 'thread'); 3264 } 3265 3266 if(count($pids) < 1) 3267 { 3268 error($lang->error_inline_nopostsselected, $lang->error); 3269 } 3270 if(!is_moderator_by_pids($pids, "canusecustomtools")) 3271 { 3272 error_no_permission(); 3273 } 3274 3275 // Get threads which are associated with the posts 3276 $tids = array(); 3277 $options = array( 3278 'order_by' => 'dateline, pid', 3279 ); 3280 $query = $db->simple_select("posts", "DISTINCT tid, dateline", "pid IN (".implode(',',$pids).")", $options); 3281 while($row = $db->fetch_array($query)) 3282 { 3283 $tids[] = $row['tid']; 3284 } 3285 3286 $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids, $pids); 3287 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 3288 log_moderator_action($modlogdata, $lang->custom_tool); 3289 if($mybb->get_input('inlinetype') == 'search') 3290 { 3291 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 3292 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 3293 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 3294 moderation_redirect($return_url, $lang->redirect_customtool_search); 3295 } 3296 else 3297 { 3298 clearinline($tid, 'thread'); 3299 if($ret == 'forum') 3300 { 3301 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 3302 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 3303 } 3304 else 3305 { 3306 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 3307 moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread); 3308 } 3309 } 3310 3311 break; 3312 } 3313 } 3314 error_no_permission(); 3315 break; 3316 } 3317 3318 /** 3319 * Some little handy functions for our inline moderation 3320 * 3321 * @param int $id 3322 * @param string $type 3323 * 3324 * @return array 3325 */ 3326 function getids($id, $type) 3327 { 3328 global $mybb; 3329 3330 $newids = array(); 3331 $cookie = "inlinemod_".$type.$id; 3332 if(isset($mybb->cookies[$cookie])) 3333 { 3334 $cookie_ids = explode("|", $mybb->cookies[$cookie]); 3335 3336 foreach($cookie_ids as $cookie_id) 3337 { 3338 if(empty($cookie_id)) 3339 { 3340 continue; 3341 } 3342 3343 if($cookie_id == 'ALL') 3344 { 3345 $newids += getallids($id, $type); 3346 } 3347 else 3348 { 3349 $newids[] = (int)$cookie_id; 3350 } 3351 } 3352 } 3353 3354 return $newids; 3355 } 3356 3357 /** 3358 * @param int $id 3359 * @param string $type 3360 * 3361 * @return array 3362 */ 3363 function getallids($id, $type) 3364 { 3365 global $db, $mybb; 3366 3367 $ids = array(); 3368 3369 // Get any removed threads (after our user hit 'all') 3370 $removed_ids = array(); 3371 $cookie = "inlinemod_".$type.$id."_removed"; 3372 if(isset($mybb->cookies[$cookie])) 3373 { 3374 $removed_ids = explode("|", $mybb->cookies[$cookie]); 3375 3376 if(!is_array($removed_ids)) 3377 { 3378 $removed_ids = array(); 3379 } 3380 } 3381 3382 // "Select all Threads in this forum" only supported by forumdisplay and search 3383 if($type == 'forum') 3384 { 3385 $query = $db->simple_select("threads", "tid", "fid='".(int)$id."'"); 3386 while($tid = $db->fetch_field($query, "tid")) 3387 { 3388 if(in_array($tid, $removed_ids)) 3389 { 3390 continue; 3391 } 3392 3393 $ids[] = $tid; 3394 } 3395 } 3396 elseif($type == 'search') 3397 { 3398 $query = $db->simple_select("searchlog", "resulttype, posts, threads", "sid='".$db->escape_string($id)."' AND uid='{$mybb->user['uid']}'", 1); 3399 $searchlog = $db->fetch_array($query); 3400 if($searchlog['resulttype'] == 'posts') 3401 { 3402 $ids = explode(',', $searchlog['posts']); 3403 } 3404 else 3405 { 3406 $ids = explode(',', $searchlog['threads']); 3407 } 3408 3409 if(is_array($ids)) 3410 { 3411 foreach($ids as $key => $tid) 3412 { 3413 if(in_array($tid, $removed_ids)) 3414 { 3415 unset($ids[$key]); 3416 } 3417 } 3418 } 3419 } 3420 3421 return $ids; 3422 } 3423 3424 /** 3425 * @param int $id 3426 * @param string $type 3427 */ 3428 function clearinline($id, $type) 3429 { 3430 my_unsetcookie("inlinemod_".$type.$id); 3431 my_unsetcookie("inlinemod_{$type}{$id}_removed"); 3432 } 3433 3434 /** 3435 * @param int $id 3436 * @param string $type 3437 */ 3438 function extendinline($id, $type) 3439 { 3440 my_setcookie("inlinemod_{$type}{$id}", '', TIME_NOW+3600); 3441 my_setcookie("inlinemod_{$type}{$id}_removed", '', TIME_NOW+3600); 3442 } 3443 3444 /** 3445 * Checks if the current user is a moderator of all the posts specified 3446 * 3447 * Note: If no posts are specified, this function will return true. It is the 3448 * responsibility of the calling script to error-check this case if necessary. 3449 * 3450 * @param array $posts Array of post IDs 3451 * @param string $permission Permission to check 3452 * @return bool True if moderator of all; false otherwise 3453 */ 3454 function is_moderator_by_pids($posts, $permission='') 3455 { 3456 global $db, $mybb; 3457 3458 // Speedy determination for supermods/admins and guests 3459 if($mybb->usergroup['issupermod']) 3460 { 3461 return true; 3462 } 3463 elseif(!$mybb->user['uid']) 3464 { 3465 return false; 3466 } 3467 // Make an array of threads if not an array 3468 if(!is_array($posts)) 3469 { 3470 $posts = array($posts); 3471 } 3472 // Validate input 3473 $posts = array_map('intval', $posts); 3474 $posts[] = 0; 3475 // Get forums 3476 $posts_string = implode(',', $posts); 3477 $query = $db->simple_select("posts", "DISTINCT fid", "pid IN ($posts_string)"); 3478 while($forum = $db->fetch_array($query)) 3479 { 3480 if(!is_moderator($forum['fid'], $permission)) 3481 { 3482 return false; 3483 } 3484 } 3485 return true; 3486 } 3487 3488 /** 3489 * Checks if the current user is a moderator of all the threads specified 3490 * 3491 * Note: If no threads are specified, this function will return true. It is the 3492 * responsibility of the calling script to error-check this case if necessary. 3493 * 3494 * @param array $threads Array of thread IDs 3495 * @param string $permission Permission to check 3496 * @return bool True if moderator of all; false otherwise 3497 */ 3498 function is_moderator_by_tids($threads, $permission='') 3499 { 3500 global $db, $mybb; 3501 3502 // Speedy determination for supermods/admins and guests 3503 if($mybb->usergroup['issupermod']) 3504 { 3505 return true; 3506 } 3507 elseif(!$mybb->user['uid']) 3508 { 3509 return false; 3510 } 3511 // Make an array of threads if not an array 3512 if(!is_array($threads)) 3513 { 3514 $threads = array($threads); 3515 } 3516 // Validate input 3517 $threads = array_map('intval', $threads); 3518 $threads[] = 0; 3519 // Get forums 3520 $threads_string = implode(',', $threads); 3521 $query = $db->simple_select("threads", "DISTINCT fid", "tid IN ($threads_string)"); 3522 while($forum = $db->fetch_array($query)) 3523 { 3524 if(!is_moderator($forum['fid'], $permission)) 3525 { 3526 return false; 3527 } 3528 } 3529 return true; 3530 } 3531 3532 /** 3533 * Special redirect that takes a return URL into account 3534 * @param string $url URL 3535 * @param string $message Message 3536 * @param string $title Title 3537 */ 3538 function moderation_redirect($url, $message="", $title="") 3539 { 3540 global $mybb; 3541 if(!empty($mybb->input['url'])) 3542 { 3543 $url = htmlentities($mybb->input['url']); 3544 } 3545 3546 if(my_strpos($url, $mybb->settings['bburl'].'/') !== 0) 3547 { 3548 if(my_strpos($url, '/') === 0) 3549 { 3550 $url = my_substr($url, 1); 3551 } 3552 $url_segments = explode('/', $url); 3553 $url = $mybb->settings['bburl'].'/'.end($url_segments); 3554 } 3555 3556 redirect($url, $message, $title); 3557 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |