[ Index ]

PHP Cross Reference of MyBB 1.8.28

title

Body

[close]

/inc/ -> functions_modcp.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  /**
  12   * Check if the current user has permission to perform a ModCP action on another user
  13   *
  14   * @param int $uid The user ID to perform the action on.
  15   * @return boolean True if the user has necessary permissions
  16   */
  17  function modcp_can_manage_user($uid)
  18  {
  19      global $mybb;
  20  
  21      $user_permissions = user_permissions($uid);
  22  
  23      // Current user is only a local moderator or use with ModCP permissions, cannot manage super mods or admins
  24      if($mybb->usergroup['issupermod'] == 0 && ($user_permissions['issupermod'] == 1 || $user_permissions['cancp'] == 1))
  25      {
  26          return false;
  27      }
  28      // Current user is a super mod or is an administrator
  29      else if($user_permissions['cancp'] == 1 && ($mybb->usergroup['cancp'] != 1 || (is_super_admin($uid) && !is_super_admin($mybb->user['uid']))))
  30      {
  31          return false;
  32      }
  33      return true;
  34  }
  35  
  36  /**
  37   * Fetch forums the moderator can manage announcements to
  38   *
  39   * @param int $pid (Optional) The parent forum ID
  40   * @param int $depth (Optional) The depth from parent forum the moderator can manage to
  41   */
  42  function fetch_forum_announcements($pid=0, $depth=1)
  43  {
  44      global $mybb, $db, $lang, $theme, $announcements, $templates, $announcements_forum, $moderated_forums, $unviewableforums, $parser;
  45      static $forums_by_parent, $forum_cache, $parent_forums;
  46  
  47      if(!is_array($forum_cache))
  48      {
  49          $forum_cache = cache_forums();
  50      }
  51      if(!is_array($parent_forums) && $mybb->usergroup['issupermod'] != 1)
  52      {
  53          // Get a list of parentforums to show for normal moderators
  54          $parent_forums = array();
  55          foreach($moderated_forums as $mfid)
  56          {
  57              $parent_forums = array_merge($parent_forums, explode(',', $forum_cache[$mfid]['parentlist']));
  58          }
  59      }
  60      if(!is_array($forums_by_parent))
  61      {
  62          foreach($forum_cache as $forum)
  63          {
  64              $forums_by_parent[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
  65          }
  66      }
  67  
  68      if(!is_array($forums_by_parent[$pid]))
  69      {
  70          return;
  71      }
  72  
  73      foreach($forums_by_parent[$pid] as $children)
  74      {
  75          foreach($children as $forum)
  76          {
  77              if($forum['linkto'] || (is_array($unviewableforums) && in_array($forum['fid'], $unviewableforums)))
  78              {
  79                  continue;
  80              }
  81  
  82              if($forum['active'] == 0 || !is_moderator($forum['fid'], "canmanageannouncements"))
  83              {
  84                  // Check if this forum is a parent of a moderated forum
  85                  if(is_array($parent_forums) && in_array($forum['fid'], $parent_forums))
  86                  {
  87                      // A child is moderated, so print out this forum's title.  RECURSE!
  88                      $trow = alt_trow();
  89                      eval("\$announcements_forum .= \"".$templates->get("modcp_announcements_forum_nomod")."\";");
  90                  }
  91                  else
  92                  {
  93                      // No subforum is moderated by this mod, so safely continue
  94                      continue;
  95                  }
  96              }
  97              else
  98              {
  99                  // This forum is moderated by the user, so print out the forum's title, and its announcements
 100                  $trow = alt_trow();
 101  
 102                  $padding = 40*($depth-1);
 103  
 104                  eval("\$announcements_forum .= \"".$templates->get("modcp_announcements_forum")."\";");
 105  
 106                  if(isset($announcements[$forum['fid']]))
 107                  {
 108                      foreach($announcements[$forum['fid']] as $aid => $announcement)
 109                      {
 110                          $trow = alt_trow();
 111  
 112                          if($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0)
 113                          {
 114                              eval("\$icon = \"".$templates->get("modcp_announcements_announcement_expired")."\";");
 115                          }
 116                          else
 117                          {
 118                              eval("\$icon = \"".$templates->get("modcp_announcements_announcement_active")."\";");
 119                          }
 120  
 121                          $subject = htmlspecialchars_uni($parser->parse_badwords($announcement['subject']));
 122  
 123                          eval("\$announcements_forum .= \"".$templates->get("modcp_announcements_announcement")."\";");
 124                      }
 125                  }
 126              }
 127  
 128              // Build the list for any sub forums of this forum
 129              if(isset($forums_by_parent[$forum['fid']]))
 130              {
 131                  fetch_forum_announcements($forum['fid'], $depth+1);
 132              }
 133          }
 134      }
 135  }
 136  
 137  /**
 138   * Send reported content to moderators
 139   *
 140   * @param array $report Array of reported content
 141   * @param string $report_type Type of content being reported
 142   * @return bool|array PM Information or false
 143   */
 144  function send_report($report, $report_type='post')
 145  {
 146      global $db, $lang, $forum, $mybb, $post, $thread, $reputation, $user, $plugins;
 147  
 148      $report_reason = '';
 149      if($report['reasonid'])
 150      {
 151          $query = $db->simple_select("reportreasons", "title", "rid = '".(int)$report['reasonid']."'", array('limit' => 1));
 152          $reason = $db->fetch_array($query);
 153  
 154          $lang->load('report');
 155  
 156          $report_reason = $lang->parse($reason['title']);
 157      }
 158  
 159      if($report['reason'])
 160      {
 161          $report_reason = $lang->sprintf($lang->email_report_comment_extra, $report_reason, $report['reason']);
 162      }
 163  
 164      $modsjoin = $modswhere = '';
 165      if(!empty($forum['parentlist']))
 166      {
 167          $modswhere = "m.fid IN ({$forum['parentlist']}) OR ";
 168  
 169          if($db->type == 'pgsql' || $db->type == 'sqlite')
 170          {
 171              $modsjoin = "LEFT JOIN {$db->table_prefix}moderators m ON (m.id = u.uid AND m.isgroup = 0) OR ((m.id = u.usergroup OR ',' || u.additionalgroups || ',' LIKE '%,' || m.id || ',%') AND m.isgroup = 1)";
 172          }
 173          else
 174          {
 175              $modsjoin = "LEFT JOIN {$db->table_prefix}moderators m ON (m.id = u.uid AND m.isgroup = 0) OR ((m.id = u.usergroup OR CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', m.id, ',%')) AND m.isgroup = 1)";
 176          }
 177      }
 178  
 179      switch($db->type)
 180      {
 181          case "pgsql":
 182          case "sqlite":
 183              $query = $db->query("
 184                  SELECT DISTINCT u.username, u.email, u.receivepms, u.uid
 185                  FROM {$db->table_prefix}users u
 186                  {$modsjoin}
 187                  LEFT JOIN {$db->table_prefix}usergroups g ON (',' || u.additionalgroups || ',' LIKE '%,' || g.gid || ',%' OR g.gid = u.usergroup)
 188                  WHERE {$modswhere}g.cancp = 1 OR g.issupermod = 1
 189              ");
 190              break;
 191          default:
 192              $query = $db->query("
 193                  SELECT DISTINCT u.username, u.email, u.receivepms, u.uid
 194                  FROM {$db->table_prefix}users u
 195                  {$modsjoin}
 196                  LEFT JOIN {$db->table_prefix}usergroups g ON (CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%') OR g.gid = u.usergroup)
 197                  WHERE {$modswhere}g.cancp = 1 OR g.issupermod = 1
 198              ");
 199      }
 200  
 201      $lang_string_subject = "emailsubject_report{$report_type}";
 202      $lang_string_message = "email_report{$report_type}";
 203  
 204      if(empty($lang->$lang_string_subject) || empty($lang->$lang_string_message))
 205      {
 206          return false;
 207      }
 208  
 209      global $send_report_subject, $send_report_url;
 210  
 211      switch($report_type)
 212      {
 213          case 'post':
 214              $send_report_subject = $post['subject'];
 215              $send_report_url = str_replace('&amp;', '&', get_post_link($post['pid'], $thread['tid'])."#pid".$post['pid']);
 216              break;
 217          case 'profile':
 218              $send_report_subject = $user['username'];
 219              $send_report_url = str_replace('&amp;', '&', get_profile_link($user['uid']));
 220              break;
 221          case 'reputation':
 222              $from_user = get_user($reputation['adduid']);
 223              $send_report_subject = $from_user['username'];
 224              $send_report_url = "reputation.php?uid={$reputation['uid']}#rid{$reputation['rid']}";
 225              break;
 226      }
 227  
 228      $plugins->run_hooks("send_report_report_type");
 229  
 230      $emailsubject = $lang->sprintf($lang->$lang_string_subject, $mybb->settings['bbname']);
 231      $emailmessage = $lang->sprintf($lang->$lang_string_message, $mybb->user['username'], $mybb->settings['bbname'], $send_report_subject, $mybb->settings['bburl'], $send_report_url, $report_reason);
 232      $pm_recipients = array();
 233      
 234      while($mod = $db->fetch_array($query))
 235      {
 236          if($mybb->settings['reportmethod'] == "pms" && $mod['receivepms'] != 0 && $mybb->settings['enablepms'] != 0)
 237          {
 238              $pm_recipients[] = $mod['uid'];
 239          }
 240          else
 241          {
 242              my_mail($mod['email'], $emailsubject, $emailmessage);
 243          }
 244      }
 245  
 246      if(count($pm_recipients) > 0)
 247      {
 248          require_once  MYBB_ROOT."inc/datahandlers/pm.php";
 249          $pmhandler = new PMDataHandler();
 250  
 251          $pm = array(
 252              "subject" => $emailsubject,
 253              "message" => $emailmessage,
 254              "icon" => 0,
 255              "fromid" => $mybb->user['uid'],
 256              "toid" => $pm_recipients,
 257              "ipaddress" => $mybb->session->packedip
 258          );
 259  
 260          $pmhandler->admin_override = true;
 261          $pmhandler->set_data($pm);
 262  
 263          // Now let the pm handler do all the hard work.
 264          if(!$pmhandler->validate_pm())
 265          {
 266              // Force it to valid to just get it out of here
 267              $pmhandler->is_validated = true;
 268              $pmhandler->errors = array();
 269          }
 270  
 271          $pminfo = $pmhandler->insert_pm();
 272          return $pminfo;
 273      }
 274  
 275      return false;
 276  }
 277  
 278  /**
 279   * Add a report
 280   *
 281   * @param array $report Array of reported content
 282   * @param string $type Type of content being reported
 283   * @return int Report ID
 284   */
 285  function add_report($report, $type = 'post')
 286  {
 287      global $cache, $db, $mybb;
 288  
 289      $insert_array = array(
 290          'id' => (int)$report['id'],
 291          'id2' => (int)$report['id2'],
 292          'id3' => (int)$report['id3'],
 293          'uid' => (int)$report['uid'],
 294          'reportstatus' => 0,
 295          'reasonid' => (int)$report['reasonid'],
 296          'reason' => $db->escape_string($report['reason']),
 297          'type' => $db->escape_string($type),
 298          'reports' => 1,
 299          'dateline' => TIME_NOW,
 300          'lastreport' => TIME_NOW,
 301          'reporters' => $db->escape_string(my_serialize(array($report['uid'])))
 302      );
 303  
 304      if($mybb->settings['reportmethod'] == "email" || $mybb->settings['reportmethod'] == "pms")
 305      {
 306          send_report($report, $type);
 307      }
 308  
 309      $rid = $db->insert_query("reportedcontent", $insert_array);
 310      $cache->update_reportedcontent();
 311  
 312      return $rid;
 313  }
 314  
 315  /**
 316   * Update an existing report
 317   *
 318   * @param array $report Array of reported content
 319   * @return bool true
 320   */
 321  function update_report($report)
 322  {
 323      global $db;
 324  
 325      $update_array = array(
 326          'reports' => ++$report['reports'],
 327          'lastreport' => TIME_NOW,
 328          'reporters' => $db->escape_string(my_serialize($report['reporters']))
 329      );
 330  
 331      $db->update_query("reportedcontent", $update_array, "rid = '{$report['rid']}'");
 332      return true;
 333  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref