[ Index ]

PHP Cross Reference of MyBB 1.8.37

title

Body

[close]

/ -> report.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'report.php');
  13  
  14  $templatelist = "report,report_thanks,report_error,report_reasons,report_error_nomodal,forumdisplay_password_wrongpass,forumdisplay_password";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT.'inc/functions_modcp.php';
  17  
  18  $lang->load("report");
  19  
  20  if(!$mybb->user['uid'])
  21  {
  22      error_no_permission();
  23  }
  24  
  25  $plugins->run_hooks("report_start");
  26  
  27  $report = array();
  28  $verified = false;
  29  $report_type = 'post';
  30  $error = $report_type_db = '';
  31  
  32  if(!empty($mybb->input['type']))
  33  {
  34      $report_type = htmlspecialchars_uni($mybb->get_input('type'));
  35  }
  36  
  37  $report_title = $lang->report_content;
  38  $report_string = "report_reason_{$report_type}";
  39  
  40  if(isset($lang->$report_string))
  41  {
  42      $report_title = $lang->$report_string;
  43  }
  44  
  45  $id = 0;
  46  if($report_type == 'post')
  47  {
  48      if($mybb->usergroup['canview'] == 0)
  49      {
  50          error_no_permission();
  51      }
  52  
  53      // Do we have a valid post?
  54      $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
  55  
  56      if(!$post)
  57      {
  58          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  59      }
  60      else
  61      {
  62          $id = $post['pid'];
  63          $id2 = $post['tid'];
  64          $report_type_db = "(type = 'post' OR type = '')";
  65          $checkid = $post['uid'];
  66  
  67          // Check for a valid forum
  68          $forum = get_forum($post['fid']);
  69  
  70          if(!$forum)
  71          {
  72              $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  73          }
  74          else
  75          {
  76              $verified = true;
  77              $button = '#post_'.$id.' .postbit_report';
  78          }
  79  
  80          $id3 = $forum['fid'];
  81  
  82          // Password protected forums ......... yhummmmy!
  83          check_forum_password($forum['fid']);
  84      }
  85  }
  86  else if($report_type == 'profile')
  87  {
  88      $user = get_user($mybb->get_input('pid', MyBB::INPUT_INT));
  89  
  90      if(!$user)
  91      {
  92          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  93      }
  94      else
  95      {
  96          $verified = true;
  97          $report_type_db = "type = 'profile'";
  98          $id2 = $id3 = 0; // We don't use these on the profile
  99          $id = $checkid = $user['uid']; // id is the profile user
 100          $button = '.report_user_button';
 101      }
 102  }
 103  else if($report_type == 'reputation')
 104  {
 105      // Any member can report a reputation comment but let's make sure it exists first
 106      $query = $db->simple_select("reputation", "*", "rid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 107  
 108      if(!$db->num_rows($query))
 109      {
 110          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 111      }
 112      else
 113      {
 114          $verified = true;
 115          $reputation = $db->fetch_array($query);
 116          $id = $reputation['rid']; // id is the reputation id
 117          $id2 = $checkid = $reputation['adduid']; // id2 is the user who gave the comment
 118          $id3 = $reputation['uid']; // id3 is the user who received the comment
 119          $report_type_db = "type = 'reputation'";
 120          $button = '#rid'.$id.' .postbit_report';
 121      }
 122  }
 123  
 124  $plugins->run_hooks("report_type");
 125  
 126  $permissions = user_permissions($checkid);
 127  if(empty($permissions['canbereported']))
 128  {
 129      $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 130  }
 131  
 132  // Check for an existing report
 133  if(!empty($report_type_db))
 134  {
 135      $query = $db->simple_select("reportedcontent", "*", "reportstatus != '1' AND id = '{$id}' AND {$report_type_db}");
 136  
 137      if($db->num_rows($query))
 138      {
 139          // Existing report
 140          $report = $db->fetch_array($query);
 141          $report['reporters'] = my_unserialize($report['reporters']);
 142  
 143          if($mybb->user['uid'] == $report['uid'] || is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters']))
 144          {
 145              $error = $lang->success_report_voted;
 146          }
 147      }
 148  }
 149  
 150  $mybb->input['action'] = $mybb->get_input('action');
 151  
 152  if(empty($error) && $verified == true && $mybb->input['action'] == "do_report" && $mybb->request_method == "post")
 153  {
 154      verify_post_check($mybb->get_input('my_post_key'));
 155  
 156      $plugins->run_hooks("report_do_report_start");
 157  
 158      // Is this an existing report or a new offender?
 159      if(!empty($report))
 160      {
 161          // Existing report, add vote
 162          $report['reporters'][] = $mybb->user['uid'];
 163          update_report($report);
 164  
 165          $plugins->run_hooks("report_do_report_end");
 166  
 167          eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 168          echo $report_thanks;
 169          echo sprintf("<script type='text/javascript'>$('%s').remove();</script>", $button);
 170          exit;
 171      }
 172      else
 173      {
 174          // Bad user!
 175          $new_report = array(
 176              'id' => $id,
 177              'id2' => $id2,
 178              'id3' => $id3,
 179              'uid' => $mybb->user['uid']
 180          );
 181  
 182          // Figure out the reason
 183          $rid = $mybb->get_input('reason', MyBB::INPUT_INT);
 184          $query = $db->simple_select("reportreasons", "*", "rid = '{$rid}'");
 185  
 186          if(!$db->num_rows($query))
 187          {
 188              $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 189              $verified = false;
 190          }
 191          else
 192          {
 193              $reason = $db->fetch_array($query);
 194  
 195              $new_report['reasonid'] = $reason['rid'];
 196              $new_report['reason'] = '';
 197  
 198              if($reason['extra'])
 199              {
 200                  $comment = trim($mybb->get_input('comment'));
 201                  if(empty($comment) || $comment == '')
 202                  {
 203                      $error = $lang->error_comment_required;
 204                      $verified = false;
 205                  }
 206                  else
 207                  {
 208                      if(my_strlen($comment) < 3)
 209                      {
 210                          $error = $lang->error_report_length;
 211                          $verified = false;
 212                      }
 213                      else
 214                      {
 215                          $new_report['reason'] = $comment;
 216                      }
 217                  }
 218              }
 219          }
 220  
 221          if(empty($error))
 222          {
 223              add_report($new_report, $report_type);
 224  
 225              $plugins->run_hooks("report_do_report_end");
 226  
 227              eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 228              echo $report_thanks;
 229              echo sprintf("<script type='text/javascript'>$('%s').remove();</script>", $button);
 230              exit;
 231          }
 232      }
 233  }
 234  
 235  if(!empty($error) || $verified == false)
 236  {
 237      $mybb->input['action'] = '';
 238  
 239      if($verified == false && empty($error))
 240      {
 241          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 242      }
 243  }
 244  
 245  if(!$mybb->input['action'])
 246  {
 247      if(!empty($error))
 248      {
 249          if($mybb->input['no_modal'])
 250          {
 251              eval("\$report_reasons = \"".$templates->get("report_error_nomodal")."\";");
 252          }
 253          else
 254          {
 255              eval("\$report_reasons = \"".$templates->get("report_error")."\";");
 256          }
 257      }
 258      else
 259      {
 260          if(!empty($report))
 261          {
 262              eval("\$report_reasons = \"".$templates->get("report_duplicate")."\";");
 263          }
 264          else
 265          {
 266              $reportreasons = $cache->read('reportreasons');
 267              $reasons = $reportreasons[$report_type];
 268              $reasonslist = '';
 269              foreach($reasons as $reason)
 270              {
 271                  $reason['title'] = htmlspecialchars_uni($lang->parse($reason['title']));
 272                  eval("\$reasonslist .= \"".$templates->get("report_reason")."\";");
 273              }
 274              eval("\$report_reasons = \"".$templates->get("report_reasons")."\";");
 275          }
 276      }
 277  
 278      if($mybb->get_input('no_modal'))
 279      {
 280          echo $report_reasons;
 281          exit;
 282      }
 283  
 284      $plugins->run_hooks("report_end");
 285  
 286      eval("\$report = \"".$templates->get("report", 1, 0)."\";");
 287      echo $report;
 288      exit;
 289  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref