| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 /** 12 * Check if the current user has permission to perform a ModCP action on another user 13 * 14 * @param int $uid The user ID to perform the action on. 15 * @return boolean True if the user has necessary permissions 16 */ 17 function modcp_can_manage_user($uid) 18 { 19 global $mybb; 20 21 $user_permissions = user_permissions($uid); 22 23 // Current user is only a local moderator or use with ModCP permissions, cannot manage super mods or admins 24 if($mybb->usergroup['issupermod'] == 0 && ($user_permissions['issupermod'] == 1 || $user_permissions['cancp'] == 1)) 25 { 26 return false; 27 } 28 // Current user is a super mod or is an administrator 29 else if($user_permissions['cancp'] == 1 && ($mybb->usergroup['cancp'] != 1 || (is_super_admin($uid) && !is_super_admin($mybb->user['uid'])))) 30 { 31 return false; 32 } 33 return true; 34 } 35 36 /** 37 * Fetch forums the moderator can manage announcements to 38 * 39 * @param int $pid (Optional) The parent forum ID 40 * @param int $depth (Optional) The depth from parent forum the moderator can manage to 41 */ 42 function fetch_forum_announcements($pid=0, $depth=1) 43 { 44 global $mybb, $db, $lang, $theme, $announcements, $templates, $announcements_forum, $moderated_forums, $unviewableforums, $parser; 45 static $forums_by_parent, $forum_cache, $parent_forums; 46 47 if(!is_array($forum_cache)) 48 { 49 $forum_cache = cache_forums(); 50 } 51 if(!is_array($parent_forums) && $mybb->usergroup['issupermod'] != 1) 52 { 53 // Get a list of parentforums to show for normal moderators 54 $parent_forums = array(); 55 foreach($moderated_forums as $mfid) 56 { 57 $parent_forums = array_merge($parent_forums, explode(',', $forum_cache[$mfid]['parentlist'])); 58 } 59 } 60 if(!is_array($forums_by_parent)) 61 { 62 foreach($forum_cache as $forum) 63 { 64 $forums_by_parent[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; 65 } 66 } 67 68 if(!is_array($forums_by_parent[$pid])) 69 { 70 return; 71 } 72 73 foreach($forums_by_parent[$pid] as $children) 74 { 75 foreach($children as $forum) 76 { 77 if($forum['linkto'] || (is_array($unviewableforums) && in_array($forum['fid'], $unviewableforums))) 78 { 79 continue; 80 } 81 82 if($forum['active'] == 0 || !is_moderator($forum['fid'], "canmanageannouncements")) 83 { 84 // Check if this forum is a parent of a moderated forum 85 if(is_array($parent_forums) && in_array($forum['fid'], $parent_forums)) 86 { 87 // A child is moderated, so print out this forum's title. RECURSE! 88 $trow = alt_trow(); 89 eval("\$announcements_forum .= \"".$templates->get("modcp_announcements_forum_nomod")."\";"); 90 } 91 else 92 { 93 // No subforum is moderated by this mod, so safely continue 94 continue; 95 } 96 } 97 else 98 { 99 // This forum is moderated by the user, so print out the forum's title, and its announcements 100 $trow = alt_trow(); 101 102 $padding = 40*($depth-1); 103 104 eval("\$announcements_forum .= \"".$templates->get("modcp_announcements_forum")."\";"); 105 106 if(isset($announcements[$forum['fid']])) 107 { 108 foreach($announcements[$forum['fid']] as $aid => $announcement) 109 { 110 $trow = alt_trow(); 111 112 if($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0) 113 { 114 eval("\$icon = \"".$templates->get("modcp_announcements_announcement_expired")."\";"); 115 } 116 else 117 { 118 eval("\$icon = \"".$templates->get("modcp_announcements_announcement_active")."\";"); 119 } 120 121 $subject = htmlspecialchars_uni($parser->parse_badwords($announcement['subject'])); 122 123 eval("\$announcements_forum .= \"".$templates->get("modcp_announcements_announcement")."\";"); 124 } 125 } 126 } 127 128 // Build the list for any sub forums of this forum 129 if(isset($forums_by_parent[$forum['fid']])) 130 { 131 fetch_forum_announcements($forum['fid'], $depth+1); 132 } 133 } 134 } 135 } 136 137 /** 138 * Send reported content to moderators 139 * 140 * @param array $report Array of reported content 141 * @param string $report_type Type of content being reported 142 * @return bool|array PM Information or false 143 */ 144 function send_report($report, $report_type='post') 145 { 146 global $db, $lang, $forum, $mybb, $post, $thread, $reputation, $user, $plugins; 147 148 $report_reason = ''; 149 if($report['reasonid']) 150 { 151 $query = $db->simple_select("reportreasons", "title", "rid = '".(int)$report['reasonid']."'", array('limit' => 1)); 152 $reason = $db->fetch_array($query); 153 154 $lang->load('report'); 155 156 $report_reason = $lang->parse($reason['title']); 157 } 158 159 if($report['reason']) 160 { 161 $report_reason = $lang->sprintf($lang->email_report_comment_extra, $report_reason, $report['reason']); 162 } 163 164 $modsjoin = $modswhere = ''; 165 if(!empty($forum['parentlist'])) 166 { 167 $modswhere = "m.fid IN ({$forum['parentlist']}) OR "; 168 169 if($db->type == 'pgsql' || $db->type == 'sqlite') 170 { 171 $modsjoin = "LEFT JOIN {$db->table_prefix}moderators m ON (m.id = u.uid AND m.isgroup = 0) OR ((m.id = u.usergroup OR ',' || u.additionalgroups || ',' LIKE '%,' || m.id || ',%') AND m.isgroup = 1)"; 172 } 173 else 174 { 175 $modsjoin = "LEFT JOIN {$db->table_prefix}moderators m ON (m.id = u.uid AND m.isgroup = 0) OR ((m.id = u.usergroup OR CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', m.id, ',%')) AND m.isgroup = 1)"; 176 } 177 } 178 179 switch($db->type) 180 { 181 case "pgsql": 182 case "sqlite": 183 $query = $db->query(" 184 SELECT DISTINCT u.username, u.email, u.receivepms, u.uid 185 FROM {$db->table_prefix}users u 186 {$modsjoin} 187 LEFT JOIN {$db->table_prefix}usergroups g ON (',' || u.additionalgroups || ',' LIKE '%,' || g.gid || ',%' OR g.gid = u.usergroup) 188 WHERE {$modswhere}g.cancp = 1 OR g.issupermod = 1 189 "); 190 break; 191 default: 192 $query = $db->query(" 193 SELECT DISTINCT u.username, u.email, u.receivepms, u.uid 194 FROM {$db->table_prefix}users u 195 {$modsjoin} 196 LEFT JOIN {$db->table_prefix}usergroups g ON (CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%') OR g.gid = u.usergroup) 197 WHERE {$modswhere}g.cancp = 1 OR g.issupermod = 1 198 "); 199 } 200 201 $lang_string_subject = "emailsubject_report{$report_type}"; 202 $lang_string_message = "email_report{$report_type}"; 203 204 if(empty($lang->$lang_string_subject) || empty($lang->$lang_string_message)) 205 { 206 return false; 207 } 208 209 global $send_report_subject, $send_report_url; 210 211 switch($report_type) 212 { 213 case 'post': 214 $send_report_subject = $post['subject']; 215 $send_report_url = str_replace('&', '&', get_post_link($post['pid'], $thread['tid'])."#pid".$post['pid']); 216 break; 217 case 'profile': 218 $send_report_subject = $user['username']; 219 $send_report_url = str_replace('&', '&', get_profile_link($user['uid'])); 220 break; 221 case 'reputation': 222 $from_user = get_user($reputation['adduid']); 223 $send_report_subject = $from_user['username']; 224 $send_report_url = "reputation.php?uid={$reputation['uid']}#rid{$reputation['rid']}"; 225 break; 226 } 227 228 $plugins->run_hooks("send_report_report_type"); 229 230 $emailsubject = $lang->sprintf($lang->$lang_string_subject, $mybb->settings['bbname']); 231 $emailmessage = $lang->sprintf($lang->$lang_string_message, $mybb->user['username'], $mybb->settings['bbname'], $send_report_subject, $mybb->settings['bburl'], $send_report_url, $report_reason); 232 $pm_recipients = array(); 233 234 while($mod = $db->fetch_array($query)) 235 { 236 if($mybb->settings['reportmethod'] == "pms" && $mod['receivepms'] != 0 && $mybb->settings['enablepms'] != 0) 237 { 238 $pm_recipients[] = $mod['uid']; 239 } 240 else 241 { 242 my_mail($mod['email'], $emailsubject, $emailmessage); 243 } 244 } 245 246 if(count($pm_recipients) > 0) 247 { 248 require_once MYBB_ROOT."inc/datahandlers/pm.php"; 249 $pmhandler = new PMDataHandler(); 250 251 $pm = array( 252 "subject" => $emailsubject, 253 "message" => $emailmessage, 254 "icon" => 0, 255 "fromid" => $mybb->user['uid'], 256 "toid" => $pm_recipients, 257 "ipaddress" => $mybb->session->packedip 258 ); 259 260 $pm['options'] = array( 261 "signature" => 0, 262 "disablesmilies" => 0, 263 "savecopy" => 0, 264 "readreceipt" => 0 265 ); 266 $pm['saveasdraft'] = 0; 267 268 $pmhandler->admin_override = true; 269 $pmhandler->set_data($pm); 270 271 // Now let the pm handler do all the hard work. 272 if(!$pmhandler->validate_pm()) 273 { 274 // Force it to valid to just get it out of here 275 $pmhandler->is_validated = true; 276 $pmhandler->errors = array(); 277 } 278 279 $pminfo = $pmhandler->insert_pm(); 280 return $pminfo; 281 } 282 283 return false; 284 } 285 286 /** 287 * Add a report 288 * 289 * @param array $report Array of reported content 290 * @param string $type Type of content being reported 291 * @return int Report ID 292 */ 293 function add_report($report, $type = 'post') 294 { 295 global $cache, $db, $mybb; 296 297 $insert_array = array( 298 'id' => (int)$report['id'], 299 'id2' => (int)$report['id2'], 300 'id3' => (int)$report['id3'], 301 'uid' => (int)$report['uid'], 302 'reportstatus' => 0, 303 'reasonid' => (int)$report['reasonid'], 304 'reason' => $db->escape_string($report['reason']), 305 'type' => $db->escape_string($type), 306 'reports' => 1, 307 'dateline' => TIME_NOW, 308 'lastreport' => TIME_NOW, 309 'reporters' => $db->escape_string(my_serialize(array($report['uid']))) 310 ); 311 312 if($mybb->settings['reportmethod'] == "email" || $mybb->settings['reportmethod'] == "pms") 313 { 314 send_report($report, $type); 315 } 316 317 $rid = $db->insert_query("reportedcontent", $insert_array); 318 $cache->update_reportedcontent(); 319 320 return $rid; 321 } 322 323 /** 324 * Update an existing report 325 * 326 * @param array $report Array of reported content 327 * @return bool true 328 */ 329 function update_report($report) 330 { 331 global $db; 332 333 $update_array = array( 334 'reports' => ++$report['reports'], 335 'lastreport' => TIME_NOW, 336 'reporters' => $db->escape_string(my_serialize($report['reporters'])) 337 ); 338 339 $db->update_query("reportedcontent", $update_array, "rid = '{$report['rid']}'"); 340 return true; 341 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |