[ Index ]

PHP Cross Reference of MyBB 1.8.19

title

Body

[close]

/ -> moderation.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'moderation.php');
  13  
  14  $templatelist = "changeuserbox,loginbox,moderation_delayedmoderation_custommodtool,moderation_delayedmodaction_notes,moderation_delayedmoderation_merge,moderation_delayedmoderation_move,moderation_threadnotes";
  15  $templatelist .= ",moderation_delayedmoderation,moderation_deletethread,moderation_deletepoll,moderation_mergeposts_post,moderation_viewthreadnotes,moderation_confirmation,moderation_purgespammer,forumjump_bit";
  16  $templatelist .= ",moderation_move,moderation_threadnotes_modaction,moderation_threadnotes_delayedmodaction,moderation_getip_modoptions,moderation_getip,moderation_getpmip,moderation_getpmip_modal";
  17  $templatelist .= ",moderation_split_post,moderation_inline_deletethreads,moderation_inline_movethreads,moderation_inline_deleteposts,moderation_inline_mergeposts,moderation_threadnotes_modaction_error";
  18  $templatelist .= ",moderation_inline_splitposts,forumjump_special,forumjump_advanced,forumdisplay_password_wrongpass,forumdisplay_password,moderation_inline_moveposts,moderation_delayedmodaction_error";
  19  $templatelist .= ",moderation_delayedmodaction_notes_thread_single,moderation_delayedmodaction_notes_thread_multiple,moderation_delayedmodaction_notes_forum,moderation_delayedmodaction_notes_new_forum";
  20  $templatelist .= ",moderation_delayedmodaction_notes_redirect,moderation_delayedmodaction_notes_merge,moderation_delayedmoderation_thread,moderation_threadnotes_modaction_thread,moderation_getip_modal";
  21  $templatelist .= ",moderation_delayedmoderation_date_day,moderation_delayedmoderation_date_month,moderation_threadnotes_modaction_post,moderation_merge,moderation_split,moderation_threadnotes_modaction_forum";
  22  $templatelist .= ",moderation_delayedmoderation_openclose,moderation_delayedmoderation_softdeleterestore,moderation_delayedmoderation_delete,moderation_delayedmoderation_stick,moderation_delayedmoderation_approve";
  23  
  24  require_once  "./global.php";
  25  require_once  MYBB_ROOT."inc/functions_post.php";
  26  require_once  MYBB_ROOT."inc/functions_upload.php";
  27  require_once  MYBB_ROOT."inc/class_parser.php";
  28  $parser = new postParser;
  29  require_once  MYBB_ROOT."inc/class_moderation.php";
  30  $moderation = new Moderation;
  31  
  32  // Load global language phrases
  33  $lang->load("moderation");
  34  
  35  $plugins->run_hooks("moderation_start");
  36  
  37  $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  38  $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
  39  $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
  40  $pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);
  41  $modal = $mybb->get_input('modal', MyBB::INPUT_INT);
  42  
  43  if($pid)
  44  {
  45      $post = get_post($pid);
  46      if(!$post)
  47      {
  48          error($lang->error_invalidpost, $lang->error);
  49      }
  50      $tid = $post['tid'];
  51  }
  52  
  53  if($tid)
  54  {
  55      $thread = get_thread($tid);
  56      if(!$thread)
  57      {
  58          error($lang->error_invalidthread, $lang->error);
  59      }
  60      $fid = $thread['fid'];
  61  }
  62  
  63  if($fid)
  64  {
  65      $modlogdata['fid'] = $fid;
  66      $forum = get_forum($fid);
  67  
  68      // Make navigation
  69      build_forum_breadcrumb($fid);
  70  
  71      // Get our permissions all nice and setup
  72      $permissions = forum_permissions($fid);
  73  }
  74  
  75  if($pmid > 0)
  76  {
  77      $query = $db->simple_select('privatemessages', 'uid, subject, ipaddress, fromid', "pmid = $pmid");
  78  
  79      $pm = $db->fetch_array($query);
  80  
  81      if(!$pm)
  82      {
  83          error($lang->error_invalidpm, $lang->error);
  84      }
  85  }
  86  
  87  // Get some navigation if we need it
  88  $mybb->input['action'] = $mybb->get_input('action');
  89  switch($mybb->input['action'])
  90  {
  91      case "reports":
  92          add_breadcrumb($lang->reported_posts);
  93          break;
  94      case "allreports":
  95          add_breadcrumb($lang->all_reported_posts);
  96          break;
  97  
  98  }
  99  
 100  if(isset($thread))
 101  {
 102      $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
 103      add_breadcrumb($thread['subject'], get_thread_link($thread['tid']));
 104      $modlogdata['tid'] = $thread['tid'];
 105  }
 106  
 107  if(isset($forum))
 108  {
 109      // Check if this forum is password protected and we have a valid password
 110      check_forum_password($forum['fid']);
 111  }
 112  
 113  $log_multithreads_actions = array("do_multideletethreads", "multiclosethreads", "multiopenthreads", "multiapprovethreads", "multiunapprovethreads", "multirestorethreads", "multisoftdeletethreads","multistickthreads", "multiunstickthreads", "do_multimovethreads");
 114  if(in_array($mybb->input['action'], $log_multithreads_actions))
 115  {
 116      if(!empty($mybb->input['searchid']))
 117      {
 118          $tids = getids($mybb->get_input('searchid'), 'search');
 119      }
 120      else
 121      {
 122          $tids = getids($fid, 'forum');
 123      }
 124  
 125      $modlogdata['tids'] = (array)$tids;
 126  
 127      unset($tids);
 128  }
 129  
 130  $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
 131  eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
 132  
 133  $allowable_moderation_actions = array("getip", "getpmip", "cancel_delayedmoderation", "delayedmoderation", "threadnotes", "purgespammer", "viewthreadnotes");
 134  
 135  if($mybb->request_method != "post" && !in_array($mybb->input['action'], $allowable_moderation_actions))
 136  {
 137      error_no_permission();
 138  }
 139  
 140  // Begin!
 141  switch($mybb->input['action'])
 142  {
 143      // Delayed Moderation
 144      case "cancel_delayedmoderation":
 145          // Verify incoming POST request
 146          verify_post_check($mybb->get_input('my_post_key'));
 147  
 148          add_breadcrumb($lang->delayed_moderation);
 149          if(!is_moderator($fid, "canmanagethreads"))
 150          {
 151              error_no_permission();
 152          }
 153  
 154          $plugins->run_hooks('moderation_cancel_delayedmoderation');
 155  
 156          $db->delete_query("delayedmoderation", "did='".$mybb->get_input('did', MyBB::INPUT_INT)."'");
 157  
 158          if($tid == 0)
 159          {
 160              moderation_redirect(get_forum_link($fid), $lang->redirect_delayed_moderation_cancelled);
 161          }
 162          else
 163          {
 164              moderation_redirect("moderation.php?action=delayedmoderation&amp;tid={$tid}&amp;my_post_key={$mybb->post_code}", $lang->redirect_delayed_moderation_cancelled);
 165          }
 166          break;
 167      case "do_delayedmoderation":
 168      case "delayedmoderation":
 169          // Verify incoming POST request
 170          verify_post_check($mybb->get_input('my_post_key'));
 171          
 172          $localized_time_offset = $mybb->user['timezone']*3600 + $mybb->user['dst']*3600;
 173  
 174          if(!$mybb->get_input('date_day', MyBB::INPUT_INT))
 175          {
 176              $mybb->input['date_day'] = gmdate('d', TIME_NOW + $localized_time_offset);
 177          }
 178          if(!$mybb->get_input('date_month', MyBB::INPUT_INT))
 179          {
 180              $mybb->input['date_month'] = gmdate('m', TIME_NOW + $localized_time_offset);
 181          }
 182  
 183          // Assume in-line moderation if TID is not set
 184          if(!empty($mybb->input['tid']))
 185          {
 186              $mybb->input['tids'] = $tid;
 187          }
 188          else
 189          {
 190              if($mybb->get_input('inlinetype') == 'search')
 191              {
 192                  $tids = getids($mybb->get_input('searchid'), 'search');
 193              }
 194              else
 195              {
 196                  $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
 197                  $tids = getids($fid, "forum");
 198              }
 199              if(count($tids) < 1)
 200              {
 201                  error($lang->error_inline_nothreadsselected, $lang->error);
 202              }
 203  
 204              $mybb->input['tids'] = $tids;
 205          }
 206  
 207          add_breadcrumb($lang->delayed_moderation);
 208  
 209          if(!is_moderator($fid, "canmanagethreads"))
 210          {
 211              error_no_permission();
 212          }
 213  
 214          $errors = array();
 215          $customthreadtools = "";
 216  
 217          $allowed_types = array('move', 'merge', 'removeredirects', 'removesubscriptions');
 218  
 219          if(is_moderator($fid, "canopenclosethreads"))
 220          {
 221              $allowed_types[] = "openclosethread";
 222          }
 223  
 224          if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads"))
 225          {
 226              $allowed_types[] = "softdeleterestorethread";
 227          }
 228  
 229          if(is_moderator($fid, "candeletethreads"))
 230          {
 231              $allowed_types[] = "deletethread";
 232          }
 233  
 234          if(is_moderator($fid, "canstickunstickthreads"))
 235          {
 236              $allowed_types[] = "stick";
 237          }
 238  
 239          if(is_moderator($fid, "canapproveunapprovethreads"))
 240          {
 241              $allowed_types[] = "approveunapprovethread";
 242          }
 243  
 244          $mybb->input['type'] = $mybb->get_input('type');
 245  
 246          if(is_moderator($fid, "canusecustomtools"))
 247          {
 248              switch($db->type)
 249              {
 250                  case "pgsql":
 251                  case "sqlite":
 252                      $query = $db->simple_select("modtools", 'tid, name, `groups`', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'");
 253                      break;
 254                  default:
 255                      $query = $db->simple_select("modtools", 'tid, name, `groups`', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'");
 256              }
 257              while($tool = $db->fetch_array($query))
 258              {
 259                  if(is_member($tool['groups']))
 260                  {
 261                      $allowed_types[] = "modtool_".$tool['tid'];
 262  
 263                      $tool['name'] = htmlspecialchars_uni($tool['name']);
 264  
 265                      $checked = "";
 266                      if($mybb->input['type'] == "modtool_".$tool['tid'])
 267                      {
 268                          $checked = "checked=\"checked\"";
 269                      }
 270  
 271                      eval("\$customthreadtools .= \"".$templates->get("moderation_delayedmoderation_custommodtool")."\";");
 272                  }
 273              }
 274          }
 275  
 276          $mybb->input['delayedmoderation'] = $mybb->get_input('delayedmoderation', MyBB::INPUT_ARRAY);
 277  
 278          if($mybb->input['action'] == "do_delayedmoderation" && $mybb->request_method == "post")
 279          {
 280              if(!in_array($mybb->input['type'], $allowed_types))
 281              {
 282                  $mybb->input['type'] = '';
 283                  $errors[] = $lang->error_delayedmoderation_unsupported_type;
 284              }
 285  
 286              if($mybb->input['type'] == 'move' && (!isset($mybb->input['delayedmoderation']['method']) || !in_array($mybb->input['delayedmoderation']['method'], array('move', 'redirect', 'copy'))))
 287              {
 288                  $mybb->input['delayedmoderation']['method'] = '';
 289                  $errors[] = $lang->error_delayedmoderation_unsupported_method;
 290              }
 291  
 292              if($mybb->input['type'] == 'move')
 293              {
 294                  $newfid = (int)$mybb->input['delayedmoderation']['new_forum'];
 295  
 296                  // Make sure moderator has permission to move to the new forum
 297                  $newperms = forum_permissions($newfid);
 298                  if($newperms['canview'] == 0 || !is_moderator($newfid, 'canmovetononmodforum'))
 299                  {
 300                      $errors[] = $lang->error_movetononmodforum;
 301                  }
 302  
 303                  $newforum = get_forum($newfid);
 304                  if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
 305                  {
 306                      $errors[] = $lang->error_invalidforum;
 307                  }
 308  
 309                  $method = $mybb->input['delayedmoderation']['method'];
 310                  if($method != "copy" && $fid == $newfid)
 311                  {
 312                      $errors[] = $lang->error_movetosameforum;
 313                  }
 314              }
 315  
 316              if($mybb->input['date_day'] > 31 || $mybb->input['date_day'] < 1)
 317              {
 318                  $errors[] = $lang->error_delayedmoderation_invalid_date_day;
 319              }
 320  
 321              if($mybb->input['date_month'] > 12 || $mybb->input['date_month'] < 1)
 322              {
 323                  $errors[] = $lang->error_delayedmoderation_invalid_date_month;
 324              }
 325  
 326              if($mybb->input['date_year'] < gmdate('Y', TIME_NOW + $localized_time_offset))
 327              {
 328                  $errors[] = $lang->error_delayedmoderation_invalid_date_year;
 329              }
 330  
 331              $date_time = explode(' ', $mybb->get_input('date_time'));
 332              $date_time = explode(':', (string)$date_time[0]);
 333  
 334              if(stristr($mybb->input['date_time'], 'pm'))
 335              {
 336                  $date_time[0] = 12+$date_time[0];
 337                  if($date_time[0] >= 24)
 338                  {
 339                      $date_time[0] = '00';
 340                  }
 341              }
 342  
 343              $rundate = gmmktime((int)$date_time[0], (int)$date_time[1], date('s', TIME_NOW), $mybb->get_input('date_month', MyBB::INPUT_INT), $mybb->get_input('date_day', MyBB::INPUT_INT), $mybb->get_input('date_year', MyBB::INPUT_INT)) - $localized_time_offset;
 344  
 345              if(!$errors)
 346              {
 347                  if(is_array($mybb->input['tids']))
 348                  {
 349                      $mybb->input['tids'] = implode(',', $mybb->input['tids']);
 350                  }
 351  
 352                  $did = $db->insert_query("delayedmoderation", array(
 353                      'type' => $db->escape_string($mybb->input['type']),
 354                      'delaydateline' => (int)$rundate,
 355                      'uid' => $mybb->user['uid'],
 356                      'tids' => $db->escape_string($mybb->input['tids']),
 357                      'fid' => $fid,
 358                      'dateline' => TIME_NOW,
 359                      'inputs' => $db->escape_string(my_serialize($mybb->input['delayedmoderation']))
 360                  ));
 361  
 362                  $plugins->run_hooks('moderation_do_delayedmoderation');
 363  
 364                  $rundate_format = my_date('relative', $rundate, '', 2);
 365                  $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, $rundate_format);
 366  
 367                  if(!empty($mybb->input['tid']))
 368                  {
 369                      moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread);
 370                  }
 371                  else
 372                  {
 373                      if($mybb->get_input('inlinetype') == 'search')
 374                      {
 375                          moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $rundate_format));
 376                      }
 377                      else
 378                      {
 379                          moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $rundate_format));
 380                      }
 381                  }
 382              }
 383              else
 384              {
 385                  $type_selected = array();
 386                  foreach($allowed_types as $type)
 387                  {
 388                      $type_selected[$type] = '';
 389                  }
 390                  $type_selected[$mybb->get_input('type')] = "checked=\"checked\"";
 391                  $method_selected = array('move' => '', 'redirect' => '', 'copy' => '');
 392                  if(isset($mybb->input['delayedmoderation']['method']))
 393                  {
 394                      $method_selected[$mybb->input['delayedmoderation']['method']] = "checked=\"checked\"";
 395                  }
 396  
 397                  foreach(array('redirect_expire', 'new_forum', 'subject', 'threadurl') as $value)
 398                  {
 399                      if(!isset($mybb->input['delayedmoderation'][$value]))
 400                      {
 401                          $mybb->input['delayedmoderation'][$value] = '';
 402                      }
 403                  }
 404                  $mybb->input['delayedmoderation']['redirect_expire'] = (int)$mybb->input['delayedmoderation']['redirect_expire'];
 405                  $mybb->input['delayedmoderation']['new_forum'] = (int)$mybb->input['delayedmoderation']['new_forum'];
 406                  $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']);
 407                  $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']);
 408  
 409                  $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]");
 410              }
 411          }
 412          else
 413          {
 414              $type_selected = array();
 415              foreach($allowed_types as $type)
 416              {
 417                  $type_selected[$type] = '';
 418              }
 419              $type_selected['openclosethread'] = "checked=\"checked\"";
 420              $method_selected = array('move' => 'checked="checked"', 'redirect' => '', 'copy' => '');
 421  
 422              $mybb->input['delayedmoderation']['redirect_expire'] = '';
 423              $mybb->input['delayedmoderation']['subject'] = $thread['subject'];
 424              $mybb->input['delayedmoderation']['threadurl'] = '';
 425  
 426              $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]");
 427          }
 428  
 429          if(isset($errors) && count($errors) > 0)
 430          {
 431              $display_errors = inline_error($errors);
 432          }
 433          else
 434          {
 435              $display_errors = '';
 436          }
 437  
 438          $forum_cache = $cache->read("forums");
 439  
 440          $actions = array(
 441              'openclosethread' => $lang->open_close_thread,
 442              'softdeleterestorethread' => $lang->softdelete_restore_thread,
 443              'deletethread' => $lang->delete_thread,
 444              'move' => $lang->move_copy_thread,
 445              'stick' => $lang->stick_unstick_thread,
 446              'merge' => $lang->merge_threads,
 447              'removeredirects' => $lang->remove_redirects,
 448              'removesubscriptions' => $lang->remove_subscriptions,
 449              'approveunapprovethread' => $lang->approve_unapprove_thread
 450          );
 451  
 452          switch($db->type)
 453          {
 454              case "pgsql":
 455              case "sqlite":
 456                  $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'");
 457                  break;
 458              default:
 459                  $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'");
 460          }
 461          while($tool = $db->fetch_array($query))
 462          {
 463              $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']);
 464          }
 465  
 466          $delayedmods = '';
 467          $trow = alt_trow(1);
 468          if($tid == 0)
 469          {
 470              // Inline thread moderation is used
 471              if($mybb->get_input('inlinetype') == 'search')
 472              {
 473                  $tids = getids($mybb->get_input('searchid'), 'search');
 474              }
 475              else
 476              {
 477                  $tids = getids($fid, "forum");
 478              }
 479              $where_array = array();
 480              switch($db->type)
 481              {
 482                  case "pgsql":
 483                  case "sqlite":
 484                      foreach($tids as $like)
 485                      {
 486                          $where_array[] = "','||d.tids||',' LIKE '%,".$db->escape_string($like).",%'";
 487                      }
 488                      $where_statement = implode(" OR ", $where_array);
 489                      break;
 490                  default:
 491                      foreach($tids as $like)
 492                      {
 493                          $where_array[] = "CONCAT(',',d.tids,',') LIKE  '%,".$db->escape_string($like).",%'";
 494                      }
 495                      $where_statement = implode(" OR ", $where_array);
 496              }
 497              $query = $db->query("
 498                  SELECT d.*, u.username, f.name AS fname
 499                  FROM ".TABLE_PREFIX."delayedmoderation d
 500                  LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
 501                  LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
 502                  WHERE ".$where_statement."
 503                  ORDER BY d.dateline DESC
 504                  LIMIT  0, 20
 505              ");
 506          }
 507          else
 508          {
 509              switch($db->type)
 510              {
 511                  case "pgsql":
 512                  case "sqlite":
 513                      $query = $db->query("
 514                          SELECT d.*, u.username, f.name AS fname
 515                          FROM ".TABLE_PREFIX."delayedmoderation d
 516                          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
 517                          LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
 518                          WHERE ','||d.tids||',' LIKE '%,{$tid},%'
 519                          ORDER BY d.dateline DESC
 520                          LIMIT  0, 20
 521                      ");
 522                      break;
 523                  default:
 524                      $query = $db->query("
 525                          SELECT d.*, u.username, f.name AS fname
 526                          FROM ".TABLE_PREFIX."delayedmoderation d
 527                          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
 528                          LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
 529                          WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%'
 530                          ORDER BY d.dateline DESC
 531                          LIMIT  0, 20
 532                      ");
 533              }
 534          }
 535          
 536          while($delayedmod = $db->fetch_array($query))
 537          {
 538              $delayedmod['dateline'] = my_date("jS M Y, {$mybb->settings['timeformat']}", $delayedmod['delaydateline']);
 539              $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']);
 540              $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']);
 541              $delayedmod['action'] = $actions[$delayedmod['type']];
 542              $info = '';
 543              if(strpos($delayedmod['tids'], ',') === false)
 544              {
 545                  $delayed_thread = get_thread($delayedmod['tids']);
 546                  $delayed_thread['link'] = get_thread_link($delayed_thread['tid']);
 547                  $delayed_thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($delayed_thread['subject']));
 548                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";");
 549              }
 550              else
 551              {
 552                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";");
 553              }
 554  
 555              if($delayedmod['fname'])
 556              {
 557                  $delayedmod['link'] = get_forum_link($delayedmod['fid']);
 558                  $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']);
 559                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";");
 560              }
 561              $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']);
 562  
 563              if($delayedmod['type'] == 'move')
 564              {
 565                  $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']);
 566                  $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']);
 567                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";");
 568  
 569                  if($delayedmod['inputs']['method'] == "redirect")
 570                  {
 571                      if((int)$delayedmod['inputs']['redirect_expire'] == 0)
 572                      {
 573                          $redirect_expire_bit = $lang->redirect_forever;
 574                      }
 575                      else
 576                      {
 577                          $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}";
 578                      }
 579  
 580                      eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";");
 581                  }
 582              }
 583              elseif($delayedmod['type'] == 'merge')
 584              {
 585                  $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']);
 586                  $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']);
 587                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";");
 588              }
 589  
 590              eval("\$delayedmods .= \"".$templates->get("moderation_delayedmodaction_notes")."\";");
 591              $trow = alt_trow();
 592          }
 593          if(!$delayedmods)
 594          {
 595              $cols = 5;
 596              eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";");
 597          }
 598  
 599          $url = '';
 600          if($mybb->get_input('tid', MyBB::INPUT_INT))
 601          {
 602              $lang->threads = $lang->thread;
 603              $thread['link'] = get_thread_link($tid);
 604              $delayedmoderation_subject = $mybb->input['delayedmoderation']['subject'];
 605              $delayedmoderation_threadurl = $mybb->input['delayedmoderation']['threadurl'];
 606              eval("\$threads = \"".$templates->get("moderation_delayedmoderation_thread")."\";");
 607              eval("\$moderation_delayedmoderation_merge = \"".$templates->get("moderation_delayedmoderation_merge")."\";");
 608          }
 609          else
 610          {
 611              if($mybb->get_input('inlinetype') == 'search')
 612              {
 613                  $tids = getids($mybb->get_input('searchid'), 'search');
 614                  $url = htmlspecialchars_uni($mybb->get_input('url'));
 615              }
 616              else
 617              {
 618                  $tids = getids($fid, "forum");
 619              }
 620              if(count($tids) < 1)
 621              {
 622                  error($lang->error_inline_nothreadsselected, $lang->error);
 623              }
 624  
 625              $threads = $lang->sprintf($lang->threads_selected, count($tids));
 626              $moderation_delayedmoderation_merge = '';
 627          }
 628          $redirect_expire = $mybb->get_input('redirect_expire');
 629          eval("\$moderation_delayedmoderation_move = \"".$templates->get("moderation_delayedmoderation_move")."\";");
 630  
 631          // Generate form elements for date form
 632          $dateday = '';
 633          for($day = 1; $day <= 31; ++$day)
 634          {
 635              $selected = '';
 636              if($mybb->get_input('date_day', MyBB::INPUT_INT) == $day)
 637              {
 638                  $selected = ' selected="selected"';
 639              }
 640              eval('$dateday .= "'.$templates->get('moderation_delayedmoderation_date_day').'";');
 641          }
 642  
 643          $datemonth = array();
 644          foreach(array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12') as $month)
 645          {
 646              $datemonth[$month] = '';
 647              if($mybb->get_input('date_month', MyBB::INPUT_INT) == (int)$month)
 648              {
 649                  $datemonth[$month] = ' selected="selected"';
 650              }
 651          }
 652          
 653  
 654          eval('$datemonth = "'.$templates->get('moderation_delayedmoderation_date_month').'";');
 655  
 656          $dateyear = gmdate('Y', TIME_NOW  + $localized_time_offset);
 657          $datetime = gmdate($mybb->settings['timeformat'], TIME_NOW + $localized_time_offset);
 658  
 659          $openclosethread = '';
 660          if(is_moderator($fid, "canopenclosethreads"))
 661          {
 662              eval('$openclosethread = "'.$templates->get('moderation_delayedmoderation_openclose').'";');
 663          }
 664  
 665          $softdeleterestorethread = '';
 666          if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads"))
 667          {
 668              eval('$softdeleterestorethread = "'.$templates->get('moderation_delayedmoderation_softdeleterestore').'";');
 669          }
 670  
 671          $deletethread = '';
 672          if(is_moderator($fid, "candeletethreads"))
 673          {
 674              eval('$deletethread = "'.$templates->get('moderation_delayedmoderation_delete').'";');
 675          }
 676  
 677          $stickunstickthread = '';
 678          if(is_moderator($fid, "canstickunstickthreads"))
 679          {
 680              eval('$stickunstickthread = "'.$templates->get('moderation_delayedmoderation_stick').'";');
 681          }
 682  
 683          $approveunapprovethread = '';
 684          if(is_moderator($fid, "canapproveunapprovethreads"))
 685          {
 686              eval('$approveunapprovethread = "'.$templates->get('moderation_delayedmoderation_approve').'";');
 687          } 
 688  
 689          $plugins->run_hooks("moderation_delayedmoderation");
 690  
 691          eval("\$delayedmoderation = \"".$templates->get("moderation_delayedmoderation")."\";");
 692          output_page($delayedmoderation);
 693          break;
 694      // Open or close a thread
 695      case "openclosethread":
 696          // Verify incoming POST request
 697          verify_post_check($mybb->get_input('my_post_key'));
 698  
 699          if(!is_moderator($fid, "canopenclosethreads"))
 700          {
 701              error_no_permission();
 702          }
 703  
 704          if($thread['visible'] == -1)
 705          {
 706              error($lang->error_thread_deleted, $lang->error);
 707          }
 708  
 709          if($thread['closed'] == 1)
 710          {
 711              $openclose = $lang->opened;
 712              $redirect = $lang->redirect_openthread;
 713              $moderation->open_threads($tid);
 714          }
 715          else
 716          {
 717              $openclose = $lang->closed;
 718              $redirect = $lang->redirect_closethread;
 719              $moderation->close_threads($tid);
 720          }
 721  
 722          $lang->mod_process = $lang->sprintf($lang->mod_process, $openclose);
 723  
 724          log_moderator_action($modlogdata, $lang->mod_process);
 725  
 726          moderation_redirect(get_thread_link($thread['tid']), $redirect);
 727          break;
 728  
 729      // Stick or unstick that post to the top bab!
 730      case "stick":
 731          // Verify incoming POST request
 732          verify_post_check($mybb->get_input('my_post_key'));
 733  
 734          if(!is_moderator($fid, "canstickunstickthreads"))
 735          {
 736              error_no_permission();
 737          }
 738  
 739          if($thread['visible'] == -1)
 740          {
 741              error($lang->error_thread_deleted, $lang->error);
 742          }
 743  
 744          $plugins->run_hooks("moderation_stick");
 745  
 746          if($thread['sticky'] == 1)
 747          {
 748              $stuckunstuck = $lang->unstuck;
 749              $redirect = $lang->redirect_unstickthread;
 750              $moderation->unstick_threads($tid);
 751          }
 752          else
 753          {
 754              $stuckunstuck = $lang->stuck;
 755              $redirect = $lang->redirect_stickthread;
 756              $moderation->stick_threads($tid);
 757          }
 758  
 759          $lang->mod_process = $lang->sprintf($lang->mod_process, $stuckunstuck);
 760  
 761          log_moderator_action($modlogdata, $lang->mod_process);
 762  
 763          moderation_redirect(get_thread_link($thread['tid']), $redirect);
 764          break;
 765  
 766      // Remove redirects to a specific thread
 767      case "removeredirects":
 768  
 769          // Verify incoming POST request
 770          verify_post_check($mybb->get_input('my_post_key'));
 771  
 772          if(!is_moderator($fid, "canmanagethreads"))
 773          {
 774              error_no_permission();
 775          }
 776  
 777          if($thread['visible'] == -1)
 778          {
 779              error($lang->error_thread_deleted, $lang->error);
 780          }
 781  
 782          $plugins->run_hooks("moderation_removeredirects");
 783  
 784          $moderation->remove_redirects($tid);
 785  
 786          log_moderator_action($modlogdata, $lang->redirects_removed);
 787          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_redirectsremoved);
 788          break;
 789  
 790      // Delete thread confirmation page
 791      case "deletethread":
 792  
 793          add_breadcrumb($lang->nav_deletethread);
 794  
 795          if(!is_moderator($fid, "candeletethreads"))
 796          {
 797              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 798              {
 799                  error_no_permission();
 800              }
 801          }
 802  
 803          $plugins->run_hooks("moderation_deletethread");
 804  
 805          eval("\$deletethread = \"".$templates->get("moderation_deletethread")."\";");
 806          output_page($deletethread);
 807          break;
 808  
 809      // Delete the actual thread here
 810      case "do_deletethread":
 811  
 812          // Verify incoming POST request
 813          verify_post_check($mybb->get_input('my_post_key'));
 814  
 815          if(!is_moderator($fid, "candeletethreads"))
 816          {
 817              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 818              {
 819                  error_no_permission();
 820              }
 821          }
 822  
 823          $plugins->run_hooks("moderation_do_deletethread");
 824  
 825          // Log the subject of the deleted thread
 826          $modlogdata['thread_subject'] = $thread['subject'];
 827  
 828          $thread['subject'] = $db->escape_string($thread['subject']);
 829          $lang->thread_deleted = $lang->sprintf($lang->thread_deleted, $thread['subject']);
 830          log_moderator_action($modlogdata, $lang->thread_deleted);
 831  
 832          $moderation->delete_thread($tid);
 833  
 834          mark_reports($tid, "thread");
 835          moderation_redirect(get_forum_link($fid), $lang->redirect_threaddeleted);
 836          break;
 837  
 838      // Delete the poll from a thread confirmation page
 839      case "deletepoll":
 840          add_breadcrumb($lang->nav_deletepoll);
 841  
 842          if(!is_moderator($fid, "canmanagepolls"))
 843          {
 844              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 845              {
 846                  error_no_permission();
 847              }
 848          }
 849  
 850          $plugins->run_hooks("moderation_deletepoll");
 851  
 852          $query = $db->simple_select("polls", "pid", "tid='$tid'");
 853          $poll = $db->fetch_array($query);
 854          if(!$poll)
 855          {
 856              error($lang->error_invalidpoll, $lang->error);
 857          }
 858  
 859          eval("\$deletepoll = \"".$templates->get("moderation_deletepoll")."\";");
 860          output_page($deletepoll);
 861          break;
 862  
 863      // Delete the actual poll here!
 864      case "do_deletepoll":
 865  
 866          // Verify incoming POST request
 867          verify_post_check($mybb->get_input('my_post_key'));
 868  
 869          if($thread['visible'] == -1)
 870          {
 871              error($lang->error_thread_deleted, $lang->error);
 872          }
 873  
 874          if(!isset($mybb->input['delete']))
 875          {
 876              error($lang->redirect_pollnotdeleted);
 877          }
 878          if(!is_moderator($fid, "canmanagepolls"))
 879          {
 880              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 881              {
 882                  error_no_permission();
 883              }
 884          }
 885          $query = $db->simple_select("polls", "pid", "tid = $tid");
 886          $poll = $db->fetch_array($query);
 887          if(!$poll)
 888          {
 889              error($lang->error_invalidpoll, $lang->error);
 890          }
 891  
 892          $plugins->run_hooks("moderation_do_deletepoll");
 893  
 894          $lang->poll_deleted = $lang->sprintf($lang->poll_deleted, $thread['subject']);
 895          log_moderator_action($modlogdata, $lang->poll_deleted);
 896  
 897          $moderation->delete_poll($poll['pid']);
 898  
 899          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_polldeleted);
 900          break;
 901  
 902      // Approve a thread
 903      case "approvethread":
 904  
 905          // Verify incoming POST request
 906          verify_post_check($mybb->get_input('my_post_key'));
 907  
 908          if(!is_moderator($fid, "canapproveunapprovethreads"))
 909          {
 910              error_no_permission();
 911          }
 912  
 913          if($thread['visible'] == -1)
 914          {
 915              error($lang->error_thread_deleted, $lang->error);
 916          }
 917  
 918          $thread = get_thread($tid);
 919  
 920          $plugins->run_hooks("moderation_approvethread");
 921  
 922          $lang->thread_approved = $lang->sprintf($lang->thread_approved, $thread['subject']);
 923          log_moderator_action($modlogdata, $lang->thread_approved);
 924  
 925          $moderation->approve_threads($tid, $fid);
 926  
 927          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadapproved);
 928          break;
 929  
 930      // Unapprove a thread
 931      case "unapprovethread":
 932  
 933          // Verify incoming POST request
 934          verify_post_check($mybb->get_input('my_post_key'));
 935  
 936          if(!is_moderator($fid, "canapproveunapprovethreads"))
 937          {
 938              error_no_permission();
 939          }
 940  
 941          if($thread['visible'] == -1)
 942          {
 943              error($lang->error_thread_deleted, $lang->error);
 944          }
 945  
 946          $thread = get_thread($tid);
 947  
 948          $plugins->run_hooks("moderation_unapprovethread");
 949  
 950          $lang->thread_unapproved = $lang->sprintf($lang->thread_unapproved, $thread['subject']);
 951          log_moderator_action($modlogdata, $lang->thread_unapproved);
 952  
 953          $moderation->unapprove_threads($tid);
 954  
 955          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadunapproved);
 956          break;
 957  
 958      // Restore a thread
 959      case "restorethread":
 960  
 961          // Verify incoming POST request
 962          verify_post_check($mybb->get_input('my_post_key'));
 963  
 964          if(!is_moderator($fid, "canrestorethreads"))
 965          {
 966              error_no_permission();
 967          }
 968          $thread = get_thread($tid);
 969  
 970          $plugins->run_hooks("moderation_restorethread");
 971  
 972          $lang->thread_restored = $lang->sprintf($lang->thread_restored, $thread['subject']);
 973          log_moderator_action($modlogdata, $lang->thread_restored);
 974  
 975          $moderation->restore_threads($tid);
 976  
 977          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadrestored);
 978          break;
 979  
 980      // Soft delete a thread
 981      case "softdeletethread":
 982  
 983          // Verify incoming POST request
 984          verify_post_check($mybb->get_input('my_post_key'));
 985  
 986          if(!is_moderator($fid, "cansoftdeletethreads"))
 987          {
 988              error_no_permission();
 989          }
 990          $thread = get_thread($tid);
 991  
 992          $plugins->run_hooks("moderation_softdeletethread");
 993  
 994          $lang->thread_soft_deleted = $lang->sprintf($lang->thread_soft_deleted, $thread['subject']);
 995          log_moderator_action($modlogdata, $lang->thread_soft_deleted);
 996  
 997          $moderation->soft_delete_threads($tid);
 998  
 999          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadsoftdeleted);
1000          break;
1001  
1002      // Move a thread
1003      case "move":
1004          add_breadcrumb($lang->nav_move);
1005          if(!is_moderator($fid, "canmanagethreads"))
1006          {
1007              error_no_permission();
1008          }
1009  
1010          if($thread['visible'] == -1)
1011          {
1012              error($lang->error_thread_deleted, $lang->error);
1013          }
1014  
1015          $plugins->run_hooks("moderation_move");
1016  
1017          $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto");
1018          eval("\$movethread = \"".$templates->get("moderation_move")."\";");
1019          output_page($movethread);
1020          break;
1021  
1022      // Let's get this thing moving!
1023      case "do_move":
1024  
1025          // Verify incoming POST request
1026          verify_post_check($mybb->get_input('my_post_key'));
1027  
1028          $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
1029          $method = $mybb->get_input('method');
1030  
1031          if(!is_moderator($fid, "canmanagethreads"))
1032          {
1033              error_no_permission();
1034          }
1035  
1036          // Check if user has moderator permission to move to destination
1037          if(!is_moderator($moveto, "canmanagethreads") && !is_moderator($fid, "canmovetononmodforum"))
1038          {
1039              error_no_permission();
1040          }
1041  
1042          if($thread['visible'] == -1)
1043          {
1044              error($lang->error_thread_deleted, $lang->error);
1045          }
1046          
1047          $newperms = forum_permissions($moveto);
1048          if($newperms['canview'] == 0 && !is_moderator($fid, "canmovetononmodforum"))
1049          {
1050              error($lang->error_movetononmodforum, $lang->error);
1051          }
1052  
1053          $newforum = get_forum($moveto);
1054          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
1055          {
1056              error($lang->error_invalidforum, $lang->error);
1057          }
1058          if($method != "copy" && $thread['fid'] == $moveto)
1059          {
1060              error($lang->error_movetosameforum, $lang->error);
1061          }
1062  
1063          $plugins->run_hooks('moderation_do_move');
1064  
1065          $expire = 0;
1066          if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0)
1067          {
1068              $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400);
1069          }
1070  
1071          $the_thread = $tid;
1072  
1073          $newtid = $moderation->move_thread($tid, $moveto, $method, $expire);
1074  
1075          switch($method)
1076          {
1077              case "copy":
1078                  log_moderator_action($modlogdata, $lang->thread_copied);
1079                  break;
1080              default:
1081              case "move":
1082              case "redirect":
1083                  log_moderator_action($modlogdata, $lang->thread_moved);
1084                  break;
1085          }
1086  
1087          moderation_redirect(get_thread_link($newtid), $lang->redirect_threadmoved);
1088          break;
1089  
1090      // Viewing thread notes
1091      case "viewthreadnotes":
1092          if(!is_moderator($fid))
1093          {
1094              error_no_permission();
1095          }
1096  
1097          // Make sure we are looking at a real thread here.
1098          if(!$thread)
1099          {
1100              error($lang->error_nomember, $lang->error);
1101          }
1102  
1103          $plugins->run_hooks('moderation_viewthreadnotes');
1104  
1105          $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $thread['subject']);
1106  
1107          $thread['notes'] = nl2br(htmlspecialchars_uni($thread['notes']));
1108  
1109          eval("\$viewthreadnotes = \"".$templates->get("moderation_viewthreadnotes", 1, 0)."\";");
1110          echo $viewthreadnotes;
1111          break;
1112  
1113      // Thread notes editor
1114      case "threadnotes":
1115          add_breadcrumb($lang->nav_threadnotes);
1116          if(!is_moderator($fid, "canmanagethreads"))
1117          {
1118              error_no_permission();
1119          }
1120          $thread['notes'] = htmlspecialchars_uni($parser->parse_badwords($thread['notes']));
1121          $trow = alt_trow(1);
1122  
1123          if(is_moderator($fid, "canviewmodlog"))
1124          {
1125              $query = $db->query("
1126                  SELECT l.*, u.username, t.subject AS tsubject, f.name AS fname, p.subject AS psubject
1127                  FROM ".TABLE_PREFIX."moderatorlog l
1128                  LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid)
1129                  LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid)
1130                  LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid)
1131                  LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid)
1132                  WHERE t.tid='$tid'
1133                  ORDER BY l.dateline DESC
1134                  LIMIT  0, 20
1135              ");
1136              $modactions = '';
1137              while($modaction = $db->fetch_array($query))
1138              {
1139                  $modaction['dateline'] = my_date("jS M Y, G:i", $modaction['dateline']);
1140                  $modaction['username'] = htmlspecialchars_uni($modaction['username']);
1141                  $modaction['profilelink'] = build_profile_link($modaction['username'], $modaction['uid']);
1142                  $modaction['action'] = htmlspecialchars_uni($modaction['action']);
1143                  $info = '';
1144                  if($modaction['tsubject'])
1145                  {
1146                      $modaction['tsubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['tsubject']));
1147                      $modaction['threadlink'] = get_thread_link($modaction['tid']);
1148                      eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_thread")."\";");
1149                  }
1150                  if($modaction['fname'])
1151                  {
1152                      $modaction['fname'] = htmlspecialchars_uni($modaction['fname']);
1153                      $modaction['forumlink'] = get_forum_link($modaction['fid']);
1154                      eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_forum")."\";");
1155                  }
1156                  if($modaction['psubject'])
1157                  {
1158  
1159                      $modaction['psubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['psubject']));
1160                      $modaction['postlink'] = get_post_link($modaction['pid']);
1161                      eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_post")."\";");
1162                  }
1163  
1164                  eval("\$modactions .= \"".$templates->get("moderation_threadnotes_modaction")."\";");
1165                  $trow = alt_trow();
1166              }
1167              if(!$modactions)
1168              {
1169                  eval("\$modactions = \"".$templates->get("moderation_threadnotes_modaction_error")."\";");
1170              }
1171          }
1172  
1173          $actions = array(
1174              'openclosethread' => $lang->open_close_thread,
1175              'deletethread' => $lang->delete_thread,
1176              'move' => $lang->move_copy_thread,
1177              'stick' => $lang->stick_unstick_thread,
1178              'merge' => $lang->merge_threads,
1179              'removeredirects' => $lang->remove_redirects,
1180              'removesubscriptions' => $lang->remove_subscriptions,
1181              'approveunapprovethread' => $lang->approve_unapprove_thread
1182          );
1183  
1184          switch($db->type)
1185          {
1186              case "pgsql":
1187              case "sqlite":
1188                  $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'");
1189                  break;
1190              default:
1191                  $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'");
1192          }
1193          while($tool = $db->fetch_array($query))
1194          {
1195              $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']);
1196          }
1197  
1198          $forum_cache = $cache->read("forums");
1199  
1200          $trow = alt_trow(1);
1201          switch($db->type)
1202          {
1203              case "pgsql":
1204              case "sqlite":
1205                  $query = $db->query("
1206                      SELECT d.*, u.username, f.name AS fname
1207                      FROM ".TABLE_PREFIX."delayedmoderation d
1208                      LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
1209                      LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
1210                      WHERE ','||d.tids||',' LIKE '%,{$tid},%'
1211                      ORDER BY d.dateline DESC
1212                      LIMIT  0, 20
1213                  ");
1214                  break;
1215              default:
1216                  $query = $db->query("
1217                      SELECT d.*, u.username, f.name AS fname
1218                      FROM ".TABLE_PREFIX."delayedmoderation d
1219                      LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
1220                      LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
1221                      WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%'
1222                      ORDER BY d.dateline DESC
1223                      LIMIT  0, 20
1224                  ");
1225          }
1226          $delayedmods = '';
1227          while($delayedmod = $db->fetch_array($query))
1228          {
1229              $delayedmod['dateline'] = my_date("jS M Y, G:i", $delayedmod['delaydateline']);
1230              $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']);
1231              $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']);
1232              $delayedmod['action'] = $actions[$delayedmod['type']];
1233              $info = '';
1234              if(strpos($delayedmod['tids'], ',') === false)
1235              {
1236                  $delayed_thread['link'] = get_thread_link($delayedmod['tids']);
1237                  $delayed_thread['subject'] = htmlspecialchars_uni($thread['subject']);
1238                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";");
1239              }
1240              else
1241              {
1242                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";");
1243              }
1244  
1245              if($delayedmod['fname'])
1246              {
1247                  $delayedmod['link'] = get_forum_link($delayedmod['fid']);
1248                  $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']);
1249                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";");
1250              }
1251              $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']);
1252  
1253              if($delayedmod['type'] == 'move')
1254              {
1255                  $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']);
1256                  $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']);
1257                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";");
1258  
1259                  if($delayedmod['inputs']['method'] == "redirect")
1260                  {
1261                      if((int)$delayedmod['inputs']['redirect_expire'] == 0)
1262                      {
1263                          $redirect_expire_bit = $lang->redirect_forever;
1264                      }
1265                      else
1266                      {
1267                          $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}";
1268                      }
1269  
1270                      eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";");
1271                  }
1272              }
1273              elseif($delayedmod['type'] == 'merge')
1274              {
1275                  $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']);
1276                  $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']);
1277                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";");
1278              }
1279  
1280              eval("\$delayedmods .= \"".$templates->get("moderation_threadnotes_delayedmodaction")."\";");
1281              $trow = alt_trow();
1282          }
1283          if(!$delayedmods)
1284          {
1285              $cols = 4;
1286              eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";");
1287          }
1288  
1289          $plugins->run_hooks("moderation_threadnotes");
1290  
1291          eval("\$threadnotes = \"".$templates->get("moderation_threadnotes")."\";");
1292          output_page($threadnotes);
1293          break;
1294  
1295      // Update the thread notes!
1296      case "do_threadnotes":
1297  
1298          // Verify incoming POST request
1299          verify_post_check($mybb->get_input('my_post_key'));
1300  
1301          if(!is_moderator($fid, "canmanagethreads"))
1302          {
1303              error_no_permission();
1304          }
1305  
1306          $plugins->run_hooks("moderation_do_threadnotes");
1307  
1308          log_moderator_action($modlogdata, $lang->thread_notes_edited);
1309          $sqlarray = array(
1310              "notes" => $db->escape_string($mybb->get_input('threadnotes')),
1311          );
1312          $db->update_query("threads", $sqlarray, "tid='$tid'");
1313          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadnotesupdated);
1314          break;
1315  
1316      // Let's look up the ip address of a post
1317      case "getip":
1318          add_breadcrumb($lang->nav_getip);
1319          if(!is_moderator($fid, "canviewips"))
1320          {
1321              error_no_permission();
1322          }
1323  
1324          $post['ipaddress'] = my_inet_ntop($db->unescape_binary($post['ipaddress']));
1325          $hostname = @gethostbyaddr($post['ipaddress']);
1326          if(!$hostname || $hostname == $post['ipaddress'])
1327          {
1328              $hostname = $lang->resolve_fail;
1329          }
1330  
1331          $post['username'] = htmlspecialchars_uni($post['username']);
1332          $username = build_profile_link($post['username'], $post['uid']);
1333  
1334          // Moderator options
1335          $modoptions = "";
1336          if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1)
1337          {
1338              $ipaddress = $post['ipaddress'];
1339              eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";");
1340          }
1341  
1342          $plugins->run_hooks('moderation_getip');
1343  
1344          if($modal)
1345          {
1346              eval("\$getip = \"".$templates->get("moderation_getip_modal", 1, 0)."\";");
1347              echo $getip;
1348              exit;
1349          }
1350          else
1351          {
1352              eval("\$getip = \"".$templates->get("moderation_getip")."\";");
1353              output_page($getip);
1354              break;
1355          }
1356  
1357      // Let's look up the ip address of a PM
1358      case "getpmip":
1359          if($pmid <= 0)
1360          {
1361              error($lang->error_invalidpm, $lang->error);
1362          }
1363          add_breadcrumb($lang->nav_pms, "private.php");
1364          $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));
1365          add_breadcrumb($pm['subject'], "private.php?action=read&amp;pmid={$pmid}");
1366          add_breadcrumb($lang->nav_getpmip);
1367          if(!$mybb->usergroup['issupermod'])
1368          {
1369              error_no_permission();
1370          }
1371  
1372          $pm['ipaddress'] = my_inet_ntop($db->unescape_binary($pm['ipaddress']));
1373          $hostname = @gethostbyaddr($pm['ipaddress']);
1374          if(!$hostname || $hostname == $pm['ipaddress'])
1375          {
1376              $hostname = $lang->resolve_fail;
1377          }
1378  
1379          $name = $db->fetch_field($db->simple_select('users', 'username', "uid = {$pm['fromid']}"), 'username');
1380          $username = build_profile_link($name, $pm['fromid']);
1381  
1382          // Moderator options
1383          $modoptions = "";
1384          if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1)
1385          {
1386              $ipaddress = $pm['ipaddress'];
1387              eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";");
1388          }
1389  
1390          $plugins->run_hooks('moderation_getpmip');
1391  
1392          if($modal)
1393          {
1394              eval("\$getpmip = \"".$templates->get("moderation_getpmip_modal", 1, 0)."\";");
1395              echo $getpmip;
1396              exit;
1397          }
1398          else
1399          {
1400              eval("\$getpmip = \"".$templates->get("moderation_getpmip")."\";");
1401              output_page($getpmip);
1402              break;
1403          }
1404  
1405      // Merge threads
1406      case "merge":
1407          add_breadcrumb($lang->nav_merge);
1408          if(!is_moderator($fid, "canmanagethreads"))
1409          {
1410              error_no_permission();
1411          }
1412  
1413          if($thread['visible'] == -1)
1414          {
1415              error($lang->error_thread_deleted, $lang->error);
1416          }
1417  
1418          $plugins->run_hooks("moderation_merge");
1419  
1420          eval("\$merge = \"".$templates->get("moderation_merge")."\";");
1421          output_page($merge);
1422          break;
1423  
1424      // Let's get those threads together baby! (Merge threads)
1425      case "do_merge":
1426  
1427          // Verify incoming POST request
1428          verify_post_check($mybb->get_input('my_post_key'));
1429  
1430          if(!is_moderator($fid, "canmanagethreads"))
1431          {
1432              error_no_permission();
1433          }
1434  
1435          if($thread['visible'] == -1)
1436          {
1437              error($lang->error_thread_deleted, $lang->error);
1438          }
1439  
1440          $plugins->run_hooks("moderation_do_merge");
1441  
1442          // explode at # sign in a url (indicates a name reference) and reassign to the url
1443          $realurl = explode("#", $mybb->get_input('threadurl'));
1444          $mybb->input['threadurl'] = $realurl[0];
1445  
1446          // Are we using an SEO URL?
1447          if(substr($mybb->input['threadurl'], -4) == "html")
1448          {
1449              // Get thread to merge's tid the SEO way
1450              preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch);
1451              preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch);
1452  
1453              if($threadmatch[1])
1454              {
1455                  $parameters['tid'] = $threadmatch[1];
1456              }
1457  
1458              if($postmatch[1])
1459              {
1460                  $parameters['pid'] = $postmatch[1];
1461              }
1462          }
1463          else
1464          {
1465              // Get thread to merge's tid the normal way
1466              $splitloc = explode(".php", $mybb->input['threadurl']);
1467              $temp = explode("&", my_substr($splitloc[1], 1));
1468  
1469              if(!empty($temp))
1470              {
1471                  for($i = 0; $i < count($temp); $i++)
1472                  {
1473                      $temp2 = explode("=", $temp[$i], 2);
1474                      $parameters[$temp2[0]] = $temp2[1];
1475                  }
1476              }
1477              else
1478              {
1479                  $temp2 = explode("=", $splitloc[1], 2);
1480                  $parameters[$temp2[0]] = $temp2[1];
1481              }
1482          }
1483  
1484          if(!empty($parameters['pid']) && empty($parameters['tid']))
1485          {
1486              $post = get_post($parameters['pid']);
1487              $mergetid = (int)$post['tid'];
1488          }
1489          elseif(!empty($parameters['tid']))
1490          {
1491              $mergetid = (int)$parameters['tid'];
1492          }
1493          else
1494          {
1495              $mergetid = 0;
1496          }
1497          $mergethread = get_thread($mergetid);
1498          if(!$mergethread)
1499          {
1500              error($lang->error_badmergeurl, $lang->error);
1501          }
1502          if($mergetid == $tid)
1503          { // sanity check
1504              error($lang->error_mergewithself, $lang->error);
1505          }
1506          if(!is_moderator($mergethread['fid'], "canmanagethreads"))
1507          {
1508              error_no_permission();
1509          }
1510          if(isset($mybb->input['subject']))
1511          {
1512              $subject = $mybb->get_input('subject');
1513          }
1514          else
1515          {
1516              $subject = $thread['subject'];
1517          }
1518  
1519          $moderation->merge_threads($mergetid, $tid, $subject);
1520  
1521          log_moderator_action($modlogdata, $lang->thread_merged);
1522  
1523          moderation_redirect(get_thread_link($tid), $lang->redirect_threadsmerged);
1524          break;
1525  
1526      // Divorce the posts in this thread (Split!)
1527      case "split":
1528          add_breadcrumb($lang->nav_split);
1529          if(!is_moderator($fid, "canmanagethreads"))
1530          {
1531              error_no_permission();
1532          }
1533  
1534          if($thread['visible'] == -1)
1535          {
1536              error($lang->error_thread_deleted, $lang->error);
1537          }
1538  
1539          $query = $db->query("
1540              SELECT p.*, u.*
1541              FROM ".TABLE_PREFIX."posts p
1542              LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid)
1543              WHERE tid='$tid'
1544              ORDER BY dateline ASC
1545          ");
1546  
1547          $numposts = $db->num_rows($query);
1548          if($numposts <= 1)
1549          {
1550              error($lang->error_cantsplitonepost, $lang->error);
1551          }
1552  
1553          $altbg = "trow1";
1554          $posts = '';
1555          while($post = $db->fetch_array($query))
1556          {
1557              $postdate = my_date('relative', $post['dateline']);
1558              $post['username'] = htmlspecialchars_uni($post['username']);
1559  
1560              $parser_options = array(
1561                  "allow_html" => $forum['allowhtml'],
1562                  "allow_mycode" => $forum['allowmycode'],
1563                  "allow_smilies" => $forum['allowsmilies'],
1564                  "allow_imgcode" => $forum['allowimgcode'],
1565                  "allow_videocode" => $forum['allowvideocode'],
1566                  "filter_badwords" => 1
1567              );
1568              if($post['smilieoff'] == 1)
1569              {
1570                  $parser_options['allow_smilies'] = 0;
1571              }
1572  
1573              $message = $parser->parse_message($post['message'], $parser_options);
1574              eval("\$posts .= \"".$templates->get("moderation_split_post")."\";");
1575              $altbg = alt_trow();
1576          }
1577  
1578          clearinline($tid, 'thread');
1579          $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto");
1580  
1581          $plugins->run_hooks("moderation_split");
1582  
1583          eval("\$split = \"".$templates->get("moderation_split")."\";");
1584          output_page($split);
1585          break;
1586  
1587      // Let's break them up buddy! (Do the split)
1588      case "do_split":
1589  
1590          // Verify incoming POST request
1591          verify_post_check($mybb->get_input('my_post_key'));
1592  
1593          if(!is_moderator($fid, "canmanagethreads"))
1594          {
1595              error_no_permission();
1596          }
1597  
1598          if($thread['visible'] == -1)
1599          {
1600              error($lang->error_thread_deleted, $lang->error);
1601          }
1602  
1603          $plugins->run_hooks("moderation_do_split");
1604  
1605          $mybb->input['splitpost'] = $mybb->get_input('splitpost', MyBB::INPUT_ARRAY);
1606          if(empty($mybb->input['splitpost']))
1607          {
1608              error($lang->error_nosplitposts, $lang->error);
1609          }
1610          $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'");
1611          $count = $db->fetch_array($query);
1612  
1613          if($count['totalposts'] == 1)
1614          {
1615              error($lang->error_cantsplitonepost, $lang->error);
1616          }
1617  
1618          if($count['totalposts'] == count($mybb->input['splitpost']))
1619          {
1620              error($lang->error_cantsplitall, $lang->error);
1621          }
1622  
1623          if(!empty($mybb->input['moveto']))
1624          {
1625              $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
1626          }
1627          else
1628          {
1629              $moveto = $fid;
1630          }
1631  
1632          $newforum = get_forum($moveto);
1633          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
1634          {
1635              error($lang->error_invalidforum, $lang->error);
1636          }
1637  
1638          $pids = array();
1639  
1640          // move the selected posts over
1641          $query = $db->simple_select("posts", "pid", "tid='$tid'");
1642          while($post = $db->fetch_array($query))
1643          {
1644              if(isset($mybb->input['splitpost'][$post['pid']]) && $mybb->input['splitpost'][$post['pid']] == 1)
1645              {
1646                  $pids[] = $post['pid'];
1647              }
1648              mark_reports($post['pid'], "post");
1649          }
1650  
1651          $newtid = $moderation->split_posts($pids, $tid, $moveto, $mybb->get_input('newsubject'));
1652  
1653          log_moderator_action($modlogdata, $lang->thread_split);
1654  
1655          moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit);
1656          break;
1657  
1658      // Delete Thread Subscriptions
1659      case "removesubscriptions":
1660  
1661          // Verify incoming POST request
1662          verify_post_check($mybb->get_input('my_post_key'));
1663  
1664          if(!is_moderator($fid, "canmanagethreads"))
1665          {
1666              error_no_permission();
1667          }
1668  
1669          if($thread['visible'] == -1)
1670          {
1671              error($lang->error_thread_deleted, $lang->error);
1672          }
1673  
1674          $plugins->run_hooks("moderation_removesubscriptions");
1675  
1676          $moderation->remove_thread_subscriptions($tid, true);
1677  
1678          log_moderator_action($modlogdata, $lang->removed_subscriptions);
1679  
1680          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_removed_subscriptions);
1681          break;
1682  
1683      // Delete Threads - Inline moderation
1684      case "multideletethreads":
1685          add_breadcrumb($lang->nav_multi_deletethreads);
1686  
1687          if(!empty($mybb->input['searchid']))
1688          {
1689              // From search page
1690              $threads = getids($mybb->get_input('searchid'), 'search');
1691              if(!is_moderator_by_tids($threads, 'candeletethreads'))
1692              {
1693                  error_no_permission();
1694              }
1695          }
1696          else
1697          {
1698              $threads = getids($fid, 'forum');
1699              if(!is_moderator($fid, 'candeletethreads'))
1700              {
1701                  error_no_permission();
1702              }
1703          }
1704          if(count($threads) < 1)
1705          {
1706              error($lang->error_inline_nothreadsselected, $lang->error);
1707          }
1708  
1709          $inlineids = implode("|", $threads);
1710          if($mybb->get_input('inlinetype') == 'search')
1711          {
1712              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1713          }
1714          else
1715          {
1716              clearinline($fid, 'forum');
1717          }
1718          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
1719          eval("\$multidelete = \"".$templates->get("moderation_inline_deletethreads")."\";");
1720          output_page($multidelete);
1721          break;
1722  
1723      // Actually delete the threads - Inline moderation
1724      case "do_multideletethreads":
1725  
1726          // Verify incoming POST request
1727          verify_post_check($mybb->get_input('my_post_key'));
1728  
1729          $threadlist = explode("|", $mybb->get_input('threads'));
1730          if(!is_moderator_by_tids($threadlist, "candeletethreads"))
1731          {
1732              error_no_permission();
1733          }
1734          foreach($threadlist as $tid)
1735          {
1736              $tid = (int)$tid;
1737              $moderation->delete_thread($tid);
1738              $tlist[] = $tid;
1739          }
1740          log_moderator_action($modlogdata, $lang->multi_deleted_threads);
1741          if($mybb->get_input('inlinetype') == 'search')
1742          {
1743              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1744          }
1745          else
1746          {
1747              clearinline($fid, 'forum');
1748          }
1749          mark_reports($tlist, "threads");
1750          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsdeleted);
1751          break;
1752  
1753      // Open threads - Inline moderation
1754      case "multiopenthreads":
1755  
1756          // Verify incoming POST request
1757          verify_post_check($mybb->get_input('my_post_key'));
1758  
1759          if(!empty($mybb->input['searchid']))
1760          {
1761              // From search page
1762              $threads = getids($mybb->get_input('searchid'), 'search');
1763              if(!is_moderator_by_tids($threads, 'canopenclosethreads'))
1764              {
1765                  error_no_permission();
1766              }
1767          }
1768          else
1769          {
1770              $threads = getids($fid, 'forum');
1771              if(!is_moderator($fid, 'canopenclosethreads'))
1772              {
1773                  error_no_permission();
1774              }
1775          }
1776  
1777          if(count($threads) < 1)
1778          {
1779              error($lang->error_inline_nothreadsselected, $lang->error);
1780          }
1781  
1782          $moderation->open_threads($threads);
1783  
1784          log_moderator_action($modlogdata, $lang->multi_opened_threads);
1785          if($mybb->get_input('inlinetype') == 'search')
1786          {
1787              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1788          }
1789          else
1790          {
1791              clearinline($fid, 'forum');
1792          }
1793          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsopened);
1794          break;
1795  
1796      // Close threads - Inline moderation
1797      case "multiclosethreads":
1798  
1799          // Verify incoming POST request
1800          verify_post_check($mybb->get_input('my_post_key'));
1801  
1802          if(!empty($mybb->input['searchid']))
1803          {
1804              // From search page
1805              $threads = getids($mybb->get_input('searchid'), 'search');
1806              if(!is_moderator_by_tids($threads, 'canopenclosethreads'))
1807              {
1808                  error_no_permission();
1809              }
1810          }
1811          else
1812          {
1813              $threads = getids($fid, 'forum');
1814              if(!is_moderator($fid, 'canopenclosethreads'))
1815              {
1816                  error_no_permission();
1817              }
1818          }
1819          if(count($threads) < 1)
1820          {
1821              error($lang->error_inline_nothreadsselected, $lang->error);
1822          }
1823  
1824          $moderation->close_threads($threads);
1825  
1826          log_moderator_action($modlogdata, $lang->multi_closed_threads);
1827          if($mybb->get_input('inlinetype') == 'search')
1828          {
1829              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1830          }
1831          else
1832          {
1833              clearinline($fid, 'forum');
1834          }
1835          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsclosed);
1836          break;
1837  
1838      // Approve threads - Inline moderation
1839      case "multiapprovethreads":
1840  
1841          // Verify incoming POST request
1842          verify_post_check($mybb->get_input('my_post_key'));
1843  
1844          if(!empty($mybb->input['searchid']))
1845          {
1846              // From search page
1847              $threads = getids($mybb->get_input('searchid'), 'search');
1848              if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads'))
1849              {
1850                  error_no_permission();
1851              }
1852          }
1853          else
1854          {
1855              $threads = getids($fid, 'forum');
1856              if(!is_moderator($fid, 'canapproveunapprovethreads'))
1857              {
1858                  error_no_permission();
1859              }
1860          }
1861          if(count($threads) < 1)
1862          {
1863              error($lang->error_inline_nothreadsselected, $lang->error);
1864          }
1865  
1866          $moderation->approve_threads($threads, $fid);
1867  
1868          log_moderator_action($modlogdata, $lang->multi_approved_threads);
1869          if($mybb->get_input('inlinetype') == 'search')
1870          {
1871              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1872          }
1873          else
1874          {
1875              clearinline($fid, 'forum');
1876          }
1877          $cache->update_stats();
1878          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsapproved);
1879          break;
1880  
1881      // Unapprove threads - Inline moderation
1882      case "multiunapprovethreads":
1883  
1884          // Verify incoming POST request
1885          verify_post_check($mybb->get_input('my_post_key'));
1886  
1887          if(!empty($mybb->input['searchid']))
1888          {
1889              // From search page
1890              $threads = getids($mybb->get_input('searchid'), 'search');
1891              if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads'))
1892              {
1893                  error_no_permission();
1894              }
1895          }
1896          else
1897          {
1898              $threads = getids($fid, 'forum');
1899              if(!is_moderator($fid, 'canapproveunapprovethreads'))
1900              {
1901                  error_no_permission();
1902              }
1903          }
1904          if(count($threads) < 1)
1905          {
1906              error($lang->error_inline_nothreadsselected, $lang->error);
1907          }
1908  
1909          $moderation->unapprove_threads($threads, $fid);
1910  
1911          log_moderator_action($modlogdata, $lang->multi_unapproved_threads);
1912          if($mybb->get_input('inlinetype') == 'search')
1913          {
1914              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1915          }
1916          else
1917          {
1918              clearinline($fid, 'forum');
1919          }
1920          $cache->update_stats();
1921          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunapproved);
1922          break;
1923  
1924      // Restore threads - Inline moderation
1925      case "multirestorethreads":
1926  
1927          // Verify incoming POST request
1928          verify_post_check($mybb->get_input('my_post_key'));
1929  
1930          if(!empty($mybb->input['searchid']))
1931          {
1932              // From search page
1933              $threads = getids($mybb->get_input('searchid'), 'search');
1934              if(!is_moderator_by_tids($threads, 'canrestorethreads'))
1935              {
1936                  error_no_permission();
1937              }
1938          }
1939          else
1940          {
1941              $threads = getids($fid, 'forum');
1942              if(!is_moderator($fid, 'canrestorethreads'))
1943              {
1944                  error_no_permission();
1945              }
1946          }
1947          if(count($threads) < 1)
1948          {
1949              error($lang->error_inline_nothreadsselected, $lang->error);
1950          }
1951  
1952          $moderation->restore_threads($threads);
1953  
1954          log_moderator_action($modlogdata, $lang->multi_restored_threads);
1955          if($mybb->get_input('inlinetype') == 'search')
1956          {
1957              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1958          }
1959          else
1960          {
1961              clearinline($fid, 'forum');
1962          }
1963          $cache->update_stats();
1964          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsrestored);
1965          break;
1966  
1967      // Soft delete threads - Inline moderation
1968      case "multisoftdeletethreads":
1969  
1970          // Verify incoming POST request
1971          verify_post_check($mybb->get_input('my_post_key'));
1972  
1973          if(!empty($mybb->input['searchid']))
1974          {
1975              // From search page
1976              $threads = getids($mybb->get_input('searchid'), 'search');
1977              if(!is_moderator_by_tids($threads, 'cansoftdeletethreads'))
1978              {
1979                  error_no_permission();
1980              }
1981          }
1982          else
1983          {
1984              $threads = getids($fid, 'forum');
1985              if(!is_moderator($fid, 'cansoftdeletethreads'))
1986              {
1987                  error_no_permission();
1988              }
1989          }
1990          if(count($threads) < 1)
1991          {
1992              error($lang->error_inline_nothreadsselected, $lang->error);
1993          }
1994  
1995          $moderation->soft_delete_threads($threads);
1996  
1997          log_moderator_action($modlogdata, $lang->multi_soft_deleted_threads);
1998          if($mybb->get_input('inlinetype') == 'search')
1999          {
2000              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2001          }
2002          else
2003          {
2004              clearinline($fid, 'forum');
2005          }
2006          $cache->update_stats();
2007          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadssoftdeleted);
2008          break;
2009  
2010      // Stick threads - Inline moderation
2011      case "multistickthreads":
2012  
2013          // Verify incoming POST request
2014          verify_post_check($mybb->get_input('my_post_key'));
2015  
2016          if(!empty($mybb->input['searchid']))
2017          {
2018              // From search page
2019              $threads = getids($mybb->get_input('searchid'), 'search');
2020              if(!is_moderator_by_tids($threads, 'canstickunstickthreads'))
2021              {
2022                  error_no_permission();
2023              }
2024          }
2025          else
2026          {
2027              $threads = getids($fid, 'forum');
2028              if(!is_moderator($fid, 'canstickunstickthreads'))
2029              {
2030                  error_no_permission();
2031              }
2032          }
2033          if(count($threads) < 1)
2034          {
2035              error($lang->error_inline_nothreadsselected, $lang->error);
2036          }
2037  
2038          $moderation->stick_threads($threads);
2039  
2040          log_moderator_action($modlogdata, $lang->multi_stuck_threads);
2041          if($mybb->get_input('inlinetype') == 'search')
2042          {
2043              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2044          }
2045          else
2046          {
2047              clearinline($fid, 'forum');
2048          }
2049          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsstuck);
2050          break;
2051  
2052      // Unstick threads - Inline moderaton
2053      case "multiunstickthreads":
2054  
2055          // Verify incoming POST request
2056          verify_post_check($mybb->get_input('my_post_key'));
2057  
2058          if(!empty($mybb->input['searchid']))
2059          {
2060              // From search page
2061              $threads = getids($mybb->get_input('searchid'), 'search');
2062              if(!is_moderator_by_tids($threads, 'canstickunstickthreads'))
2063              {
2064                  error_no_permission();
2065              }
2066          }
2067          else
2068          {
2069              $threads = getids($fid, 'forum');
2070              if(!is_moderator($fid, 'canstickunstickthreads'))
2071              {
2072                  error_no_permission();
2073              }
2074          }
2075          if(count($threads) < 1)
2076          {
2077              error($lang->error_inline_nothreadsselected, $lang->error);
2078          }
2079  
2080          $moderation->unstick_threads($threads);
2081  
2082          log_moderator_action($modlogdata, $lang->multi_unstuck_threads);
2083          if($mybb->get_input('inlinetype') == 'search')
2084          {
2085              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2086          }
2087          else
2088          {
2089              clearinline($fid, 'forum');
2090          }
2091          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunstuck);
2092          break;
2093  
2094      // Move threads - Inline moderation
2095      case "multimovethreads":
2096          add_breadcrumb($lang->nav_multi_movethreads);
2097  
2098          if(!empty($mybb->input['searchid']))
2099          {
2100              // From search page
2101              $threads = getids($mybb->get_input('searchid'), 'search');
2102              if(!is_moderator_by_tids($threads, 'canmanagethreads'))
2103              {
2104                  error_no_permission();
2105              }
2106          }
2107          else
2108          {
2109              $threads = getids($fid, 'forum');
2110              if(!is_moderator($fid, 'canmanagethreads'))
2111              {
2112                  error_no_permission();
2113              }
2114          }
2115  
2116          if(count($threads) < 1)
2117          {
2118              error($lang->error_inline_nothreadsselected, $lang->error);
2119          }
2120          $inlineids = implode("|", $threads);
2121          if($mybb->get_input('inlinetype') == 'search')
2122          {
2123              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2124          }
2125          else
2126          {
2127              clearinline($fid, 'forum');
2128          }
2129          $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto");
2130          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2131          eval("\$movethread = \"".$templates->get("moderation_inline_movethreads")."\";");
2132          output_page($movethread);
2133          break;
2134  
2135      // Actually move the threads in Inline moderation
2136      case "do_multimovethreads":
2137  
2138          // Verify incoming POST request
2139          verify_post_check($mybb->get_input('my_post_key'));
2140  
2141          $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
2142          $threadlist = explode("|", $mybb->get_input('threads'));
2143          if(!is_moderator_by_tids($threadlist, 'canmanagethreads'))
2144          {
2145              error_no_permission();
2146          }
2147          foreach($threadlist as $tid)
2148          {
2149              $tids[] = (int)$tid;
2150          }
2151          // Make sure moderator has permission to move to the new forum
2152          $newperms = forum_permissions($moveto);
2153          if(($newperms['canview'] == 0 || !is_moderator($moveto, 'canmanagethreads')) && !is_moderator_by_tids($tids, 'canmovetononmodforum'))
2154          {
2155              error($lang->error_movetononmodforum, $lang->error);
2156          }
2157  
2158          $newforum = get_forum($moveto);
2159          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
2160          {
2161              error($lang->error_invalidforum, $lang->error);
2162          }
2163  
2164          $moderation->move_threads($tids, $moveto);
2165  
2166          log_moderator_action($modlogdata, $lang->multi_moved_threads);
2167  
2168          moderation_redirect(get_forum_link($moveto), $lang->redirect_inline_threadsmoved);
2169          break;
2170  
2171      // Delete posts - Inline moderation
2172      case "multideleteposts":
2173          add_breadcrumb($lang->nav_multi_deleteposts);
2174  
2175          if($mybb->get_input('inlinetype') == 'search')
2176          {
2177              $posts = getids($mybb->get_input('searchid'), 'search');
2178          }
2179          else
2180          {
2181              $posts = getids($tid, 'thread');
2182          }
2183  
2184          if(count($posts) < 1)
2185          {
2186              error($lang->error_inline_nopostsselected, $lang->error);
2187          }
2188          if(!is_moderator_by_pids($posts, "candeleteposts"))
2189          {
2190              error_no_permission();
2191          }
2192          $inlineids = implode("|", $posts);
2193          if($mybb->get_input('inlinetype') == 'search')
2194          {
2195              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2196          }
2197          else
2198          {
2199              clearinline($tid, 'thread');
2200          }
2201  
2202          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2203  
2204          eval("\$multidelete = \"".$templates->get("moderation_inline_deleteposts")."\";");
2205          output_page($multidelete);
2206          break;
2207  
2208      // Actually delete the posts in inline moderation
2209      case "do_multideleteposts":
2210  
2211          // Verify incoming POST request
2212          verify_post_check($mybb->get_input('my_post_key'));
2213  
2214          $postlist = explode("|", $mybb->get_input('posts'));
2215          if(!is_moderator_by_pids($postlist, "candeleteposts"))
2216          {
2217              error_no_permission();
2218          }
2219          $postlist = array_map('intval', $postlist);
2220          $pids = implode(',', $postlist);
2221  
2222          $tids = array();
2223          if($pids)
2224          {
2225              $query = $db->simple_select("threads", "tid", "firstpost IN({$pids})");
2226              while($threadid = $db->fetch_field($query, "tid"))
2227              {
2228                  $tids[] = $threadid;
2229              }
2230          }
2231  
2232          $deletecount = 0;
2233          foreach($postlist as $pid)
2234          {
2235              $pid = (int)$pid;
2236              $moderation->delete_post($pid);
2237              $plist[] = $pid;
2238              $deletecount++;
2239          }
2240  
2241          // If we have multiple threads, we must be coming from the search
2242          if(!empty($tids))
2243          {
2244              foreach($tids as $tid)
2245              {
2246                  $moderation->delete_thread($tid);
2247                  mark_reports($tid, "thread");
2248                  $url = get_forum_link($fid);
2249              }
2250          }
2251          // Otherwise we're just deleting from showthread.php
2252          else
2253          {
2254              $query = $db->simple_select("posts", "pid", "tid = $tid");
2255              $numposts = $db->num_rows($query);
2256              if(!$numposts)
2257              {
2258                  $moderation->delete_thread($tid);
2259                  mark_reports($tid, "thread");
2260                  $url = get_forum_link($fid);
2261              }
2262              else
2263              {
2264                  mark_reports($plist, "posts");
2265                  $url = get_thread_link($thread['tid']);
2266              }
2267          }
2268  
2269          $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount);
2270          log_moderator_action($modlogdata, $lang->deleted_selective_posts);
2271          moderation_redirect($url, $lang->redirect_postsdeleted);
2272          break;
2273  
2274      // Merge posts - Inline moderation
2275      case "multimergeposts":
2276          add_breadcrumb($lang->nav_multi_mergeposts);
2277  
2278          if($mybb->get_input('inlinetype') == 'search')
2279          {
2280              $posts = getids($mybb->get_input('searchid'), 'search');
2281          }
2282          else
2283          {
2284              $posts = getids($tid, 'thread');
2285          }
2286  
2287          // Add the selected posts from other threads
2288          foreach($mybb->cookies as $key => $value)
2289          {
2290              if(strpos($key, "inlinemod_thread") !== false && $key != "inlinemod_thread$tid")
2291              {
2292                  $inlinepostlist = explode("|", $mybb->cookies[$key]);
2293                  foreach($inlinepostlist as $p)
2294                  {
2295                      $p = (int)$p;
2296  
2297                      if(!empty($p))
2298                      {
2299                          $posts[] = (int)$p;
2300                      }
2301                  }
2302                  // Remove the cookie once its data is retrieved
2303                  my_unsetcookie($key);
2304              }
2305          }
2306  
2307          if(empty($posts))
2308          {
2309              error($lang->error_inline_nopostsselected, $lang->error);
2310          }
2311  
2312          if(!is_moderator_by_pids($posts, "canmanagethreads"))
2313          {
2314              error_no_permission();
2315          }
2316  
2317          $postlist = "";
2318          $query = $db->query("
2319              SELECT p.*, u.*
2320              FROM ".TABLE_PREFIX."posts p
2321              LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid)
2322              WHERE pid IN (".implode($posts, ",").")
2323              ORDER BY dateline ASC
2324          ");
2325          $altbg = "trow1";
2326          while($post = $db->fetch_array($query))
2327          {
2328              $postdate = my_date('relative', $post['dateline']);
2329  
2330              $parser_options = array(
2331                  "allow_html" => $forum['allowhtml'],
2332                  "allow_mycode" => $forum['allowmycode'],
2333                  "allow_smilies" => $forum['allowsmilies'],
2334                  "allow_imgcode" => $forum['allowimgcode'],
2335                  "allow_videocode" => $forum['allowvideocode'],
2336                  "filter_badwords" => 1
2337              );
2338              if($post['smilieoff'] == 1)
2339              {
2340                  $parser_options['allow_smilies'] = 0;
2341              }
2342  
2343              $message = $parser->parse_message($post['message'], $parser_options);
2344              eval("\$postlist .= \"".$templates->get("moderation_mergeposts_post")."\";");
2345              $altbg = alt_trow();
2346          }
2347  
2348          $inlineids = implode("|", $posts);
2349          if($mybb->get_input('inlinetype') == 'search')
2350          {
2351              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2352          }
2353          else
2354          {
2355              clearinline($tid, 'thread');
2356          }
2357  
2358          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2359  
2360          eval("\$multimerge = \"".$templates->get("moderation_inline_mergeposts")."\";");
2361          output_page($multimerge);
2362          break;
2363  
2364      // Actually merge the posts - Inline moderation
2365      case "do_multimergeposts":
2366  
2367          // Verify incoming POST request
2368          verify_post_check($mybb->get_input('my_post_key'));
2369  
2370          $mergepost = $mybb->get_input('mergepost', MyBB::INPUT_ARRAY);
2371          if(count($mergepost) <= 1)
2372          {
2373              error($lang->error_nomergeposts, $lang->error);
2374          }
2375  
2376          foreach($mergepost as $pid => $yes)
2377          {
2378              $postlist[] = (int)$pid;
2379          }
2380  
2381          if(!is_moderator_by_pids($postlist, "canmanagethreads"))
2382          {
2383              error_no_permission();
2384          }
2385  
2386          $masterpid = $moderation->merge_posts($postlist, $tid, $mybb->input['sep']);
2387  
2388          mark_reports($postlist, "posts");
2389          log_moderator_action($modlogdata, $lang->merged_selective_posts);
2390          moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_inline_postsmerged);
2391          break;
2392  
2393      // Split posts - Inline moderation
2394      case "multisplitposts":
2395          add_breadcrumb($lang->nav_multi_splitposts);
2396  
2397          if($mybb->get_input('inlinetype') == 'search')
2398          {
2399              $posts = getids($mybb->get_input('searchid'), 'search');
2400          }
2401          else
2402          {
2403              $posts = getids($tid, 'thread');
2404          }
2405  
2406          if(count($posts) < 1)
2407          {
2408              error($lang->error_inline_nopostsselected, $lang->error);
2409          }
2410  
2411          if(!is_moderator_by_pids($posts, "canmanagethreads"))
2412          {
2413              error_no_permission();
2414          }
2415          $posts = array_map('intval', $posts);
2416          $pidin = implode(',', $posts);
2417  
2418          // Make sure that we are not splitting a thread with one post
2419          // Select number of posts in each thread that the splitted post is in
2420          $query = $db->query("
2421              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2422              FROM ".TABLE_PREFIX."posts p
2423              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2424              WHERE p.pid IN ($pidin)
2425              GROUP BY p.tid, p.pid
2426          ");
2427          $threads = $pcheck = array();
2428          while($tcheck = $db->fetch_array($query))
2429          {
2430              if((int)$tcheck['count'] <= 1)
2431              {
2432                  error($lang->error_cantsplitonepost, $lang->error);
2433              }
2434              $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below
2435          }
2436  
2437          // Make sure that we are not splitting all posts in the thread
2438          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2439          $query = $db->query("
2440              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2441              FROM ".TABLE_PREFIX."posts p
2442              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2443              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2444              GROUP BY p.tid, p.pid
2445          ");
2446          $pcheck2 = array();
2447          while($tcheck = $db->fetch_array($query))
2448          {
2449              if($tcheck['count'] > 0)
2450              {
2451                  $pcheck2[] = $tcheck['tid'];
2452              }
2453          }
2454          if(count($pcheck2) != count($pcheck))
2455          {
2456              // One or more threads do not have posts after splitting
2457              error($lang->error_cantsplitall, $lang->error);
2458          }
2459  
2460          $inlineids = implode("|", $posts);
2461          if($mybb->get_input('inlinetype') == 'search')
2462          {
2463              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2464          }
2465          else
2466          {
2467              clearinline($tid, 'thread');
2468          }
2469          $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto");
2470  
2471          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2472  
2473          eval("\$splitposts = \"".$templates->get("moderation_inline_splitposts")."\";");
2474          output_page($splitposts);
2475          break;
2476  
2477      // Actually split the posts - Inline moderation
2478      case "do_multisplitposts":
2479  
2480          // Verify incoming POST request
2481          verify_post_check($mybb->get_input('my_post_key'));
2482  
2483          $plist = array();
2484          $postlist = explode("|", $mybb->get_input('posts'));
2485          foreach($postlist as $pid)
2486          {
2487              $pid = (int)$pid;
2488              $plist[] = $pid;
2489          }
2490  
2491          if(!is_moderator_by_pids($plist, "canmanagethreads"))
2492          {
2493              error_no_permission();
2494          }
2495  
2496          // Ensure all posts exist
2497          $posts = array();
2498          if(!empty($plist))
2499          {
2500              $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')');
2501              while($pid = $db->fetch_field($query, 'pid'))
2502              {
2503                  $posts[] = $pid;
2504              }
2505          }
2506  
2507          if(empty($posts))
2508          {
2509              error($lang->error_inline_nopostsselected, $lang->error);
2510          }
2511  
2512          $pidin = implode(',', $posts);
2513  
2514          // Make sure that we are not splitting a thread with one post
2515          // Select number of posts in each thread that the splitted post is in
2516          $query = $db->query("
2517              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2518              FROM ".TABLE_PREFIX."posts p
2519              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2520              WHERE p.pid IN ($pidin)
2521              GROUP BY p.tid, p.pid
2522          ");
2523          $pcheck = array();
2524          while($tcheck = $db->fetch_array($query))
2525          {
2526              if((int)$tcheck['count'] <= 1)
2527              {
2528                  error($lang->error_cantsplitonepost, $lang->error);
2529              }
2530              $pcheck[] = $tcheck['tid']; // Save tids for below
2531          }
2532  
2533          // Make sure that we are not splitting all posts in the thread
2534          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2535          $query = $db->query("
2536              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2537              FROM ".TABLE_PREFIX."posts p
2538              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2539              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2540              GROUP BY p.tid, p.pid
2541          ");
2542          $pcheck2 = array();
2543          while($tcheck = $db->fetch_array($query))
2544          {
2545              if($tcheck['count'] > 0)
2546              {
2547                  $pcheck2[] = $tcheck['tid'];
2548              }
2549          }
2550          if(count($pcheck2) != count($pcheck))
2551          {
2552              // One or more threads do not have posts after splitting
2553              error($lang->error_cantsplitall, $lang->error);
2554          }
2555  
2556          if(isset($mybb->input['moveto']))
2557          {
2558              $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
2559          }
2560          else
2561          {
2562              $moveto = $fid;
2563          }
2564  
2565          $newforum = get_forum($moveto);
2566          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
2567          {
2568              error($lang->error_invalidforum, $lang->error);
2569          }
2570  
2571          $newsubject = $mybb->get_input('newsubject');
2572          $newtid = $moderation->split_posts($posts, $tid, $moveto, $newsubject);
2573  
2574          $pid_list = implode(', ', $posts);
2575          $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid);
2576          log_moderator_action($modlogdata, $lang->split_selective_posts);
2577  
2578          moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit);
2579          break;
2580  
2581      // Move posts - Inline moderation
2582      case "multimoveposts":
2583          add_breadcrumb($lang->nav_multi_moveposts);
2584  
2585          if($mybb->get_input('inlinetype') == 'search')
2586          {
2587              $posts = getids($mybb->get_input('searchid'), 'search');
2588          }
2589          else
2590          {
2591              $posts = getids($tid, 'thread');
2592          }
2593  
2594          if(count($posts) < 1)
2595          {
2596              error($lang->error_inline_nopostsselected, $lang->error);
2597          }
2598  
2599          if(!is_moderator_by_pids($posts, "canmanagethreads"))
2600          {
2601              error_no_permission();
2602          }
2603          $posts = array_map('intval', $posts);
2604          $pidin = implode(',', $posts);
2605  
2606          // Make sure that we are not moving posts in a thread with one post
2607          // Select number of posts in each thread that the moved post is in
2608          $query = $db->query("
2609              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2610              FROM ".TABLE_PREFIX."posts p
2611              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2612              WHERE p.pid IN ($pidin)
2613              GROUP BY p.tid, p.pid
2614          ");
2615          $threads = $pcheck = array();
2616          while($tcheck = $db->fetch_array($query))
2617          {
2618              if((int)$tcheck['count'] <= 1)
2619              {
2620                  error($lang->error_cantsplitonepost, $lang->error);
2621              }
2622              $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below
2623          }
2624  
2625          // Make sure that we are not moving all posts in the thread
2626          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2627          $query = $db->query("
2628              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2629              FROM ".TABLE_PREFIX."posts p
2630              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2631              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2632              GROUP BY p.tid, p.pid
2633          ");
2634          $pcheck2 = array();
2635          while($tcheck = $db->fetch_array($query))
2636          {
2637              if($tcheck['count'] > 0)
2638              {
2639                  $pcheck2[] = $tcheck['tid'];
2640              }
2641          }
2642          if(count($pcheck2) != count($pcheck))
2643          {
2644              // One or more threads do not have posts after splitting
2645              error($lang->error_cantmoveall, $lang->error);
2646          }
2647  
2648          $inlineids = implode("|", $posts);
2649          if($mybb->get_input('inlinetype') == 'search')
2650          {
2651              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2652          }
2653          else
2654          {
2655              clearinline($tid, 'thread');
2656          }
2657          $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto");
2658          eval("\$moveposts = \"".$templates->get("moderation_inline_moveposts")."\";");
2659          output_page($moveposts);
2660          break;
2661  
2662      // Actually split the posts - Inline moderation
2663      case "do_multimoveposts":
2664  
2665          // Verify incoming POST request
2666          verify_post_check($mybb->get_input('my_post_key'));
2667  
2668          $plugins->run_hooks("moderation_do_multimoveposts");
2669  
2670          // explode at # sign in a url (indicates a name reference) and reassign to the url
2671          $realurl = explode("#", $mybb->get_input('threadurl'));
2672          $mybb->input['threadurl'] = $realurl[0];
2673  
2674          // Are we using an SEO URL?
2675          if(substr($mybb->input['threadurl'], -4) == "html")
2676          {
2677              // Get thread to merge's tid the SEO way
2678              preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch);
2679              preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch);
2680  
2681              if($threadmatch[1])
2682              {
2683                  $parameters['tid'] = $threadmatch[1];
2684              }
2685  
2686              if($postmatch[1])
2687              {
2688                  $parameters['pid'] = $postmatch[1];
2689              }
2690          }
2691          else
2692          {
2693              // Get thread to merge's tid the normal way
2694              $splitloc = explode(".php", $mybb->input['threadurl']);
2695              $temp = explode("&", my_substr($splitloc[1], 1));
2696  
2697              if(!empty($temp))
2698              {
2699                  for($i = 0; $i < count($temp); $i++)
2700                  {
2701                      $temp2 = explode("=", $temp[$i], 2);
2702                      $parameters[$temp2[0]] = $temp2[1];
2703                  }
2704              }
2705              else
2706              {
2707                  $temp2 = explode("=", $splitloc[1], 2);
2708                  $parameters[$temp2[0]] = $temp2[1];
2709              }
2710          }
2711  
2712          if(!empty($parameters['pid']) && empty($parameters['tid']))
2713          {
2714              $query = $db->simple_select("posts", "tid", "pid='".(int)$parameters['pid']."'");
2715              $post = $db->fetch_array($query);
2716              $newtid = $post['tid'];
2717          }
2718          elseif(!empty($parameters['tid']))
2719          {
2720              $newtid = $parameters['tid'];
2721          }
2722          else
2723          {
2724              $newtid = 0;
2725          }
2726          $newtid = (int)$newtid;
2727          $newthread = get_thread($newtid);
2728          if(!$newthread)
2729          {
2730              error($lang->error_badmovepostsurl, $lang->error);
2731          }
2732          if($newtid == $tid)
2733          { // sanity check
2734              error($lang->error_movetoself, $lang->error);
2735          }
2736  
2737          $postlist = explode("|", $mybb->get_input('posts'));
2738          $plist = array();
2739          foreach($postlist as $pid)
2740          {
2741              $pid = (int)$pid;
2742              $plist[] = $pid;
2743          }
2744  
2745          if(!is_moderator_by_pids($plist, "canmanagethreads"))
2746          {
2747              error_no_permission();
2748          }
2749  
2750          // Ensure all posts exist
2751          $posts = array();
2752          if(!empty($plist))
2753          {
2754              $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')');
2755              while($pid = $db->fetch_field($query, 'pid'))
2756              {
2757                  $posts[] = $pid;
2758              }
2759          }
2760  
2761          if(empty($posts))
2762          {
2763              error($lang->error_inline_nopostsselected, $lang->error);
2764          }
2765  
2766          $pidin = implode(',', $posts);
2767  
2768          // Make sure that we are not moving posts in a thread with one post
2769          // Select number of posts in each thread that the moved post is in
2770          $query = $db->query("
2771              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2772              FROM ".TABLE_PREFIX."posts p
2773              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2774              WHERE p.pid IN ($pidin)
2775              GROUP BY p.tid, p.pid
2776          ");
2777          $threads = $pcheck = array();
2778          while($tcheck = $db->fetch_array($query))
2779          {
2780              if((int)$tcheck['count'] <= 1)
2781              {
2782                  error($lang->error_cantsplitonepost, $lang->error);
2783              }
2784              $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below
2785          }
2786  
2787          // Make sure that we are not moving all posts in the thread
2788          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2789          $query = $db->query("
2790              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2791              FROM ".TABLE_PREFIX."posts p
2792              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2793              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2794              GROUP BY p.tid, p.pid
2795          ");
2796          $pcheck2 = array();
2797          while($tcheck = $db->fetch_array($query))
2798          {
2799              if($tcheck['count'] > 0)
2800              {
2801                  $pcheck2[] = $tcheck['tid'];
2802              }
2803          }
2804          if(count($pcheck2) != count($pcheck))
2805          {
2806              // One or more threads do not have posts after splitting
2807              error($lang->error_cantmoveall, $lang->error);
2808          }
2809  
2810          $newtid = $moderation->split_posts($posts, $tid, $newthread['fid'], $db->escape_string($newthread['subject']), $newtid);
2811  
2812          $pid_list = implode(', ', $posts);
2813          $lang->move_selective_posts = $lang->sprintf($lang->move_selective_posts, $pid_list, $newtid);
2814          log_moderator_action($modlogdata, $lang->move_selective_posts);
2815  
2816          moderation_redirect(get_thread_link($newtid), $lang->redirect_moveposts);
2817          break;
2818  
2819      // Approve posts - Inline moderation
2820      case "multiapproveposts":
2821  
2822          // Verify incoming POST request
2823          verify_post_check($mybb->get_input('my_post_key'));
2824  
2825          if($mybb->get_input('inlinetype') == 'search')
2826          {
2827              $posts = getids($mybb->get_input('searchid'), 'search');
2828          }
2829          else
2830          {
2831              $posts = getids($tid, 'thread');
2832          }
2833          if(count($posts) < 1)
2834          {
2835              error($lang->error_inline_nopostsselected, $lang->error);
2836          }
2837  
2838          if(!is_moderator_by_pids($posts, "canapproveunapproveposts"))
2839          {
2840              error_no_permission();
2841          }
2842  
2843          $pids = array();
2844          foreach($posts as $pid)
2845          {
2846              $pids[] = (int)$pid;
2847          }
2848  
2849          $moderation->approve_posts($pids);
2850  
2851          log_moderator_action($modlogdata, $lang->multi_approve_posts);
2852          if($mybb->get_input('inlinetype') == 'search')
2853          {
2854              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2855          }
2856          else
2857          {
2858              clearinline($tid, 'thread');
2859          }
2860          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsapproved);
2861          break;
2862  
2863      // Unapprove posts - Inline moderation
2864      case "multiunapproveposts":
2865  
2866          // Verify incoming POST request
2867          verify_post_check($mybb->get_input('my_post_key'));
2868  
2869          if($mybb->get_input('inlinetype') == 'search')
2870          {
2871              $posts = getids($mybb->get_input('searchid'), 'search');
2872          }
2873          else
2874          {
2875              $posts = getids($tid, 'thread');
2876          }
2877  
2878          if(count($posts) < 1)
2879          {
2880              error($lang->error_inline_nopostsselected, $lang->error);
2881          }
2882          $pids = array();
2883  
2884          if(!is_moderator_by_pids($posts, "canapproveunapproveposts"))
2885          {
2886              error_no_permission();
2887          }
2888          foreach($posts as $pid)
2889          {
2890              $pids[] = (int)$pid;
2891          }
2892  
2893          $moderation->unapprove_posts($pids);
2894  
2895          log_moderator_action($modlogdata, $lang->multi_unapprove_posts);
2896          if($mybb->get_input('inlinetype') == 'search')
2897          {
2898              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2899          }
2900          else
2901          {
2902              clearinline($tid, 'thread');
2903          }
2904          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsunapproved);
2905          break;
2906  
2907      // Restore posts - Inline moderation
2908      case "multirestoreposts":
2909  
2910          // Verify incoming POST request
2911          verify_post_check($mybb->get_input('my_post_key'));
2912  
2913          if($mybb->get_input('inlinetype') == 'search')
2914          {
2915              $posts = getids($mybb->get_input('searchid'), 'search');
2916          }
2917          else
2918          {
2919              $posts = getids($tid, 'thread');
2920          }
2921          if(count($posts) < 1)
2922          {
2923              error($lang->error_inline_nopostsselected, $lang->error);
2924          }
2925  
2926          if(!is_moderator_by_pids($posts, "canrestoreposts"))
2927          {
2928              error_no_permission();
2929          }
2930  
2931          $pids = array();
2932          foreach($posts as $pid)
2933          {
2934              $pids[] = (int)$pid;
2935          }
2936  
2937          $moderation->restore_posts($pids);
2938  
2939          log_moderator_action($modlogdata, $lang->multi_restore_posts);
2940          if($mybb->get_input('inlinetype') == 'search')
2941          {
2942              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2943          }
2944          else
2945          {
2946              clearinline($tid, 'thread');
2947          }
2948          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsrestored);
2949          break;
2950  
2951      // Soft delete posts - Inline moderation
2952      case "multisoftdeleteposts":
2953          // Verify incoming POST request
2954          verify_post_check($mybb->get_input('my_post_key'));
2955  
2956          if($mybb->get_input('inlinetype') == 'search')
2957          {
2958              $posts = getids($mybb->get_input('searchid'), 'search');
2959          }
2960          else
2961          {
2962              $posts = getids($tid, 'thread');
2963          }
2964  
2965          if(count($posts) < 1)
2966          {
2967              error($lang->error_inline_nopostsselected, $lang->error);
2968          }
2969          $pids = array();
2970  
2971          if(!is_moderator_by_pids($posts, "cansoftdeleteposts"))
2972          {
2973              error_no_permission();
2974          }
2975          foreach($posts as $pid)
2976          {
2977              $pids[] = (int)$pid;
2978          }
2979  
2980          $moderation->soft_delete_posts($pids);
2981          log_moderator_action($modlogdata, $lang->multi_soft_delete_posts);
2982  
2983          if($mybb->get_input('inlinetype') == 'search')
2984          {
2985              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2986          }
2987          else
2988          {
2989              clearinline($tid, 'thread');
2990          }
2991          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postssoftdeleted);
2992          break;
2993      case "do_purgespammer":
2994      case "purgespammer":
2995          require_once  MYBB_ROOT."inc/functions_user.php";
2996  
2997          $groups = explode(",", $mybb->settings['purgespammergroups']);
2998          if(!is_member($groups))
2999          {
3000              error_no_permission();
3001          }
3002  
3003          $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
3004          $user = get_user($uid);
3005          if(!$user['uid'] || !purgespammer_show($user['postnum'], $user['usergroup'], $user['uid']))
3006          {
3007              error($lang->purgespammer_invalid_user);
3008          }
3009  
3010          if($mybb->input['action'] == "do_purgespammer")
3011          {
3012              verify_post_check($mybb->get_input('my_post_key'));
3013  
3014              $user_deleted = false;
3015  
3016              // Run the hooks first to avoid any issues when we delete the user
3017              $plugins->run_hooks("moderation_purgespammer_purge");
3018  
3019              require_once  MYBB_ROOT.'inc/datahandlers/user.php';
3020              $userhandler = new UserDataHandler('delete');
3021  
3022              if($mybb->settings['purgespammerbandelete'] == "ban")
3023              {
3024                  // First delete everything
3025                  $userhandler->delete_content($uid);
3026                  $userhandler->delete_posts($uid);
3027                  
3028                  // Next ban him (or update the banned reason, shouldn't happen)
3029                  $query = $db->simple_select("banned", "uid", "uid = '{$uid}'");
3030                  if($db->num_rows($query) > 0)
3031                  {
3032                      $banupdate = array(
3033                          "reason" => $db->escape_string($mybb->settings['purgespammerbanreason'])
3034                      );
3035                      $db->update_query('banned', $banupdate, "uid = '{$uid}'");
3036                  }
3037                  else
3038                  {
3039                      $insert = array(
3040                          "uid" => $uid,
3041                          "gid" => (int)$mybb->settings['purgespammerbangroup'],
3042                          "oldgroup" => 2,
3043                          "oldadditionalgroups" => "",
3044                          "olddisplaygroup" => 0,
3045                          "admin" => (int)$mybb->user['uid'],
3046                          "dateline" => TIME_NOW,
3047                          "bantime" => "---",
3048                          "lifted" => 0,
3049                          "reason" => $db->escape_string($mybb->settings['purgespammerbanreason'])
3050                      );
3051                      $db->insert_query('banned', $insert);
3052                  }
3053  
3054                  // Add the IP's to the banfilters
3055                  foreach(array($user['regip'], $user['lastip']) as $ip)
3056                  {
3057                      $ip = my_inet_ntop($db->unescape_binary($ip));
3058                      $query = $db->simple_select("banfilters", "type", "type = 1 AND filter = '".$db->escape_string($ip)."'");
3059                      if($db->num_rows($query) == 0)
3060                      {
3061                          $insert = array(
3062                              "filter" => $db->escape_string($ip),
3063                              "type" => 1,
3064                              "dateline" => TIME_NOW
3065                          );
3066                          $db->insert_query("banfilters", $insert);
3067                      }
3068                  }
3069  
3070                  // Clear the profile
3071                  $userhandler->clear_profile($uid, $mybb->settings['purgespammerbangroup']);
3072  
3073                  $cache->update_banned();
3074                  $cache->update_bannedips();
3075                  $cache->update_awaitingactivation();
3076  
3077                  // Update reports cache
3078                  $cache->update_reportedcontent();
3079              }
3080              elseif($mybb->settings['purgespammerbandelete'] == "delete")
3081              {
3082                  $user_deleted = $userhandler->delete_user($uid, 1);
3083              }
3084  
3085              // Submit the user to stop forum spam
3086              if(!empty($mybb->settings['purgespammerapikey']))
3087              {
3088                  $sfs = @fetch_remote_file("http://stopforumspam.com/add.php?username=" . urlencode($user['username']) . "&ip_addr=" . urlencode(my_inet_ntop($db->unescape_binary($user['lastip']))) . "&email=" . urlencode($user['email']) . "&api_key=" . urlencode($mybb->settings['purgespammerapikey']));
3089              }
3090  
3091              log_moderator_action(array('uid' => $uid, 'username' => $user['username']), $lang->purgespammer_modlog);
3092  
3093              if($user_deleted)
3094              {
3095                  redirect($mybb->settings['bburl'], $lang->purgespammer_success);
3096              }
3097              else
3098              {
3099                  redirect(get_profile_link($uid), $lang->purgespammer_success);
3100              }
3101          }
3102          elseif($mybb->input['action'] == "purgespammer")
3103          {
3104              $plugins->run_hooks("moderation_purgespammer_show");
3105  
3106              add_breadcrumb($lang->purgespammer);
3107              $lang->purgespammer_purge = $lang->sprintf($lang->purgespammer_purge, htmlspecialchars_uni($user['username']));
3108              if($mybb->settings['purgespammerbandelete'] == "ban")
3109              {
3110                  $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_ban);
3111              }
3112              else
3113              {
3114                  $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_delete);                
3115              }
3116              eval("\$purgespammer = \"".$templates->get('moderation_purgespammer')."\";");
3117              output_page($purgespammer);
3118          }
3119          break;
3120      default:
3121          require_once  MYBB_ROOT."inc/class_custommoderation.php";
3122          $custommod = new CustomModeration;
3123          $tool = $custommod->tool_info($mybb->get_input('action', MyBB::INPUT_INT));
3124          if($tool !== false)
3125          {
3126              // Verify incoming POST request
3127              verify_post_check($mybb->get_input('my_post_key'));
3128  
3129              $options = my_unserialize($tool['threadoptions']);
3130  
3131              if(!is_member($tool['groups']))
3132              {
3133                  error_no_permission();
3134              }
3135              
3136              if($thread['visible'] == -1)
3137              {
3138                  error($lang->error_thread_deleted, $lang->error);
3139              }
3140  
3141              if(!empty($options['confirmation']) && empty($mybb->input['confirm']))
3142              {
3143                  add_breadcrumb($lang->confirm_execute_tool);
3144  
3145                  $lang->confirm_execute_tool_desc = $lang->sprintf($lang->confirm_execute_tool_desc, htmlspecialchars_uni($tool['name']));
3146  
3147                  $action = $mybb->input['action'];
3148                  $modtype = $mybb->get_input('modtype');
3149                  $inlinetype = $mybb->get_input('inlinetype');
3150                  $searchid = $mybb->get_input('searchid');
3151                  $url = htmlspecialchars_uni($mybb->get_input('url'));
3152                  $plugins->run_hooks('moderation_confirmation');
3153  
3154                  eval('$page = "'.$templates->get('moderation_confirmation').'";');
3155  
3156                  output_page($page);
3157                  exit;
3158              }
3159  
3160              $tool['name'] = htmlspecialchars_uni($tool['name']);
3161  
3162              if($tool['type'] == 't' && $mybb->get_input('modtype') == 'inlinethread')
3163              {
3164                  if($mybb->get_input('inlinetype') == 'search')
3165                  {
3166                      $tids = getids($mybb->get_input('searchid'), 'search');
3167                  }
3168                  else
3169                  {
3170                      $tids = getids($fid, "forum");
3171                  }
3172                  if(count($tids) < 1)
3173                  {
3174                      error($lang->error_inline_nopostsselected, $lang->error);
3175                  }
3176                  if(!is_moderator_by_tids($tids, "canusecustomtools"))
3177                  {
3178                      error_no_permission();
3179                  }
3180  
3181                  $thread_options = my_unserialize($tool['threadoptions']);
3182                  if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f")
3183                  {
3184                      error($lang->error_movetocategory, $lang->error);
3185                  }
3186  
3187                  $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids);
3188                   $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
3189                  log_moderator_action($modlogdata, $lang->custom_tool);
3190                  if($mybb->get_input('inlinetype') == 'search')
3191                  {
3192                      clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
3193                      $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']);
3194                      $return_url = htmlspecialchars_uni($mybb->get_input('url'));
3195                      redirect($return_url, $lang->redirect_customtool_search);
3196                  }
3197                  else
3198                  {
3199                      clearinline($fid, "forum");
3200                      $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
3201                      redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
3202                  }
3203                  break;
3204              }
3205              elseif($tool['type'] == 't' && $mybb->get_input('modtype') == 'thread')
3206              {
3207                  if(!is_moderator_by_tids($tid, "canusecustomtools"))
3208                  {
3209                      error_no_permission();
3210                  }
3211  
3212                  $thread_options = my_unserialize($tool['threadoptions']);
3213                  if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f")
3214                  {
3215                      error($lang->error_movetocategory, $lang->error);
3216                  }
3217  
3218                  $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tid);
3219                   $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
3220                  log_moderator_action($modlogdata, $lang->custom_tool);
3221                  if($ret == 'forum')
3222                  {
3223                      $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
3224                      moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
3225                  }
3226                  else
3227                  {
3228                      $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']);
3229                      moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_customtool_thread);
3230                  }
3231                  break;
3232              }
3233              elseif($tool['type'] == 'p' && $mybb->get_input('modtype') == 'inlinepost')
3234              {
3235                  if($mybb->get_input('inlinetype') == 'search')
3236                  {
3237                      $pids = getids($mybb->get_input('searchid'), 'search');
3238                  }
3239                  else
3240                  {
3241                      $pids = getids($tid, 'thread');
3242                  }
3243  
3244                  if(count($pids) < 1)
3245                  {
3246                      error($lang->error_inline_nopostsselected, $lang->error);
3247                  }
3248                  if(!is_moderator_by_pids($pids, "canusecustomtools"))
3249                  {
3250                      error_no_permission();
3251                  }
3252  
3253                  // Get threads which are associated with the posts
3254                  $tids = array();
3255                  $options = array(
3256                      'order_by' => 'dateline',
3257                      'order_dir' => 'asc'
3258                  );
3259                  $query = $db->simple_select("posts", "DISTINCT tid, dateline", "pid IN (".implode(',',$pids).")", $options);
3260                  while($row = $db->fetch_array($query))
3261                  {
3262                      $tids[] = $row['tid'];
3263                  }
3264  
3265                  $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids, $pids);
3266                   $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
3267                  log_moderator_action($modlogdata, $lang->custom_tool);
3268                  if($mybb->get_input('inlinetype') == 'search')
3269                  {
3270                      clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
3271                      $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']);
3272                      $return_url = htmlspecialchars_uni($mybb->get_input('url'));
3273                      redirect($return_url, $lang->redirect_customtool_search);
3274                  }
3275                  else
3276                  {
3277                      clearinline($tid, 'thread');
3278                      if($ret == 'forum')
3279                      {
3280                          $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
3281                          moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
3282                      }
3283                      else
3284                      {
3285                          $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']);
3286                          moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread);
3287                      }
3288                  }
3289  
3290                  break;
3291              }
3292          }
3293          error_no_permission();
3294          break;
3295  }
3296  
3297  /**
3298   * Some little handy functions for our inline moderation
3299   *
3300   * @param int $id
3301   * @param string $type
3302   *
3303   * @return array
3304   */
3305  function getids($id, $type)
3306  {
3307      global $mybb;
3308  
3309      $newids = array();
3310      $cookie = "inlinemod_".$type.$id;
3311      if(isset($mybb->cookies[$cookie]))
3312      {
3313          $cookie_ids = explode("|", $mybb->cookies[$cookie]);
3314  
3315          foreach($cookie_ids as $cookie_id)
3316          {
3317              if(empty($cookie_id))
3318              {
3319                  continue;
3320              }
3321  
3322              if($cookie_id == 'ALL')
3323              {
3324                  $newids += getallids($id, $type);
3325              }
3326              else
3327              {
3328                  $newids[] = (int)$cookie_id;
3329              }
3330          }
3331      }
3332  
3333      return $newids;
3334  }
3335  
3336  /**
3337   * @param int $id
3338   * @param string $type
3339   *
3340   * @return array
3341   */
3342  function getallids($id, $type)
3343  {
3344      global $db, $mybb;
3345  
3346      $ids = array();
3347  
3348      // Get any removed threads (after our user hit 'all')
3349      $removed_ids = array();
3350      $cookie = "inlinemod_".$type.$id."_removed";
3351      if(isset($mybb->cookies[$cookie]))
3352      {
3353          $removed_ids = explode("|", $mybb->cookies[$cookie]);
3354  
3355          if(!is_array($removed_ids))
3356          {
3357              $removed_ids = array();
3358          }
3359      }
3360  
3361      // "Select all Threads in this forum" only supported by forumdisplay and search
3362      if($type == 'forum')
3363      {
3364          $query = $db->simple_select("threads", "tid", "fid='".(int)$id."'");
3365          while($tid = $db->fetch_field($query, "tid"))
3366          {
3367              if(in_array($tid, $removed_ids))
3368              {
3369                  continue;
3370              }
3371  
3372              $ids[] = $tid;
3373          }
3374      }
3375      elseif($type == 'search')
3376      {
3377          $query = $db->simple_select("searchlog", "resulttype, posts, threads", "sid='".$db->escape_string($id)."' AND uid='{$mybb->user['uid']}'", 1);
3378          $searchlog = $db->fetch_array($query);
3379          if($searchlog['resulttype'] == 'posts')
3380          {
3381              $ids = explode(',', $searchlog['posts']);
3382          }
3383          else
3384          {
3385              $ids = explode(',', $searchlog['threads']);
3386          }
3387  
3388          if(is_array($ids))
3389          {
3390              foreach($ids as $key => $tid)
3391              {
3392                  if(in_array($tid, $removed_ids))
3393                  {
3394                      unset($ids[$key]);
3395                  }
3396              }
3397          }
3398      }
3399  
3400      return $ids;
3401  }
3402  
3403  /**
3404   * @param int $id
3405   * @param string $type
3406   */
3407  function clearinline($id, $type)
3408  {
3409      my_unsetcookie("inlinemod_".$type.$id);
3410      my_unsetcookie("inlinemod_{$type}{$id}_removed");
3411  }
3412  
3413  /**
3414   * @param int $id
3415   * @param string $type
3416   */
3417  function extendinline($id, $type)
3418  {
3419      my_setcookie("inlinemod_{$type}{$id}", '', TIME_NOW+3600);
3420      my_setcookie("inlinemod_{$type}{$id}_removed", '', TIME_NOW+3600);
3421  }
3422  
3423  /**
3424   * Checks if the current user is a moderator of all the posts specified
3425   *
3426   * Note: If no posts are specified, this function will return true.  It is the
3427   * responsibility of the calling script to error-check this case if necessary.
3428   *
3429   * @param array $posts Array of post IDs
3430   * @param string $permission Permission to check
3431   * @return bool True if moderator of all; false otherwise
3432   */
3433  function is_moderator_by_pids($posts, $permission='')
3434  {
3435      global $db, $mybb;
3436  
3437      // Speedy determination for supermods/admins and guests
3438      if($mybb->usergroup['issupermod'])
3439      {
3440          return true;
3441      }
3442      elseif(!$mybb->user['uid'])
3443      {
3444          return false;
3445      }
3446      // Make an array of threads if not an array
3447      if(!is_array($posts))
3448      {
3449          $posts = array($posts);
3450      }
3451      // Validate input
3452      $posts = array_map('intval', $posts);
3453      $posts[] = 0;
3454      // Get forums
3455      $posts_string = implode(',', $posts);
3456      $query = $db->simple_select("posts", "DISTINCT fid", "pid IN ($posts_string)");
3457      while($forum = $db->fetch_array($query))
3458      {
3459          if(!is_moderator($forum['fid'], $permission))
3460          {
3461              return false;
3462          }
3463      }
3464      return true;
3465  }
3466  
3467  /**
3468   * Checks if the current user is a moderator of all the threads specified
3469   *
3470   * Note: If no threads are specified, this function will return true.  It is the
3471   * responsibility of the calling script to error-check this case if necessary.
3472   *
3473   * @param array $threads Array of thread IDs
3474   * @param string $permission Permission to check
3475   * @return bool True if moderator of all; false otherwise
3476   */
3477  function is_moderator_by_tids($threads, $permission='')
3478  {
3479      global $db, $mybb;
3480  
3481      // Speedy determination for supermods/admins and guests
3482      if($mybb->usergroup['issupermod'])
3483      {
3484          return true;
3485      }
3486      elseif(!$mybb->user['uid'])
3487      {
3488          return false;
3489      }
3490      // Make an array of threads if not an array
3491      if(!is_array($threads))
3492      {
3493          $threads = array($threads);
3494      }
3495      // Validate input
3496      $threads = array_map('intval', $threads);
3497      $threads[] = 0;
3498      // Get forums
3499      $threads_string = implode(',', $threads);
3500      $query = $db->simple_select("threads", "DISTINCT fid", "tid IN ($threads_string)");
3501      while($forum = $db->fetch_array($query))
3502      {
3503          if(!is_moderator($forum['fid'], $permission))
3504          {
3505              return false;
3506          }
3507      }
3508      return true;
3509  }
3510  
3511  /**
3512   * Special redirect that takes a return URL into account
3513   * @param string $url URL
3514   * @param string $message Message
3515   * @param string $title Title
3516   */
3517  function moderation_redirect($url, $message="", $title="")
3518  {
3519      global $mybb;
3520      if(!empty($mybb->input['url']))
3521      {
3522          redirect(htmlentities($mybb->input['url']), $message, $title);
3523      }
3524      redirect($url, $message, $title);
3525  }


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1