[ Index ]

PHP Cross Reference of MyBB 1.8.36

title

Body

[close]

/ -> moderation.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'moderation.php');
  13  
  14  $templatelist = "changeuserbox,loginbox,moderation_delayedmoderation_custommodtool,moderation_delayedmodaction_notes,moderation_delayedmoderation_merge,moderation_delayedmoderation_move,moderation_threadnotes";
  15  $templatelist .= ",moderation_delayedmoderation,moderation_deletethread,moderation_deletepoll,moderation_mergeposts_post,moderation_viewthreadnotes,moderation_confirmation,moderation_purgespammer,forumjump_bit";
  16  $templatelist .= ",moderation_move,moderation_threadnotes_modaction,moderation_threadnotes_delayedmodaction,moderation_getip_modoptions,moderation_getip,moderation_getpmip,moderation_getpmip_modal";
  17  $templatelist .= ",moderation_split_post,moderation_inline_deletethreads,moderation_inline_movethreads,moderation_inline_deleteposts,moderation_inline_mergeposts,moderation_threadnotes_modaction_error";
  18  $templatelist .= ",moderation_inline_splitposts,forumjump_special,forumjump_advanced,forumdisplay_password_wrongpass,forumdisplay_password,moderation_inline_moveposts,moderation_delayedmodaction_error";
  19  $templatelist .= ",moderation_delayedmodaction_notes_thread_single,moderation_delayedmodaction_notes_thread_multiple,moderation_delayedmodaction_notes_forum,moderation_delayedmodaction_notes_new_forum";
  20  $templatelist .= ",moderation_delayedmodaction_notes_redirect,moderation_delayedmodaction_notes_merge,moderation_delayedmoderation_thread,moderation_threadnotes_modaction_thread,moderation_getip_modal";
  21  $templatelist .= ",moderation_delayedmoderation_date_day,moderation_delayedmoderation_date_month,moderation_threadnotes_modaction_post,moderation_merge,moderation_split,moderation_threadnotes_modaction_forum";
  22  $templatelist .= ",moderation_delayedmoderation_openclose,moderation_delayedmoderation_softdeleterestore,moderation_delayedmoderation_delete,moderation_delayedmoderation_stick,moderation_delayedmoderation_approve";
  23  
  24  require_once  "./global.php";
  25  require_once  MYBB_ROOT."inc/functions_post.php";
  26  require_once  MYBB_ROOT."inc/functions_upload.php";
  27  require_once  MYBB_ROOT."inc/class_parser.php";
  28  $parser = new postParser;
  29  require_once  MYBB_ROOT."inc/class_moderation.php";
  30  $moderation = new Moderation;
  31  
  32  // Load global language phrases
  33  $lang->load("moderation");
  34  
  35  $plugins->run_hooks("moderation_start");
  36  
  37  $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  38  $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
  39  $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
  40  $pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);
  41  $modal = $mybb->get_input('modal', MyBB::INPUT_INT);
  42  
  43  if($pid)
  44  {
  45      $post = get_post($pid);
  46      if(!$post)
  47      {
  48          error($lang->error_invalidpost, $lang->error);
  49      }
  50      $tid = $post['tid'];
  51  }
  52  
  53  if($tid)
  54  {
  55      $thread = get_thread($tid);
  56      if(!$thread)
  57      {
  58          error($lang->error_invalidthread, $lang->error);
  59      }
  60      $fid = $thread['fid'];
  61  }
  62  
  63  if($fid)
  64  {
  65      $modlogdata['fid'] = $fid;
  66      $forum = get_forum($fid);
  67  
  68      // Make navigation
  69      build_forum_breadcrumb($fid);
  70  
  71      // Get our permissions all nice and setup
  72      $permissions = forum_permissions($fid);
  73  }
  74  
  75  if($pmid > 0)
  76  {
  77      $query = $db->simple_select('privatemessages', 'uid, subject, ipaddress, fromid', "pmid = $pmid");
  78  
  79      $pm = $db->fetch_array($query);
  80  
  81      if(!$pm)
  82      {
  83          error($lang->error_invalidpm, $lang->error);
  84      }
  85  }
  86  
  87  // Get some navigation if we need it
  88  $mybb->input['action'] = $mybb->get_input('action');
  89  switch($mybb->input['action'])
  90  {
  91      case "reports":
  92          add_breadcrumb($lang->reported_posts);
  93          break;
  94      case "allreports":
  95          add_breadcrumb($lang->all_reported_posts);
  96          break;
  97  
  98  }
  99  
 100  if(isset($thread))
 101  {
 102      $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
 103      add_breadcrumb($thread['subject'], get_thread_link($thread['tid']));
 104      $modlogdata['tid'] = $thread['tid'];
 105  }
 106  
 107  if(isset($forum))
 108  {
 109      // Check if this forum is password protected and we have a valid password
 110      check_forum_password($forum['fid']);
 111  }
 112  
 113  $log_multithreads_actions = array("do_multideletethreads", "multiclosethreads", "multiopenthreads", "multiapprovethreads", "multiunapprovethreads", "multirestorethreads", "multisoftdeletethreads","multistickthreads", "multiunstickthreads", "do_multimovethreads");
 114  if(in_array($mybb->input['action'], $log_multithreads_actions))
 115  {
 116      if(!empty($mybb->input['searchid']))
 117      {
 118          $tids = getids($mybb->get_input('searchid'), 'search');
 119      }
 120      else
 121      {
 122          $tids = getids($fid, 'forum');
 123      }
 124  
 125      $modlogdata['tids'] = (array)$tids;
 126  
 127      unset($tids);
 128  }
 129  
 130  $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
 131  eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
 132  
 133  $allowable_moderation_actions = array("getip", "getpmip", "cancel_delayedmoderation", "delayedmoderation", "threadnotes", "purgespammer", "viewthreadnotes");
 134  
 135  if($mybb->request_method != "post" && !in_array($mybb->input['action'], $allowable_moderation_actions))
 136  {
 137      error_no_permission();
 138  }
 139  
 140  // Begin!
 141  switch($mybb->input['action'])
 142  {
 143      // Delayed Moderation
 144      case "cancel_delayedmoderation":
 145          // Verify incoming POST request
 146          verify_post_check($mybb->get_input('my_post_key'));
 147  
 148          add_breadcrumb($lang->delayed_moderation);
 149          if(!is_moderator($fid, "canmanagethreads"))
 150          {
 151              error_no_permission();
 152          }
 153  
 154          $plugins->run_hooks('moderation_cancel_delayedmoderation');
 155  
 156          $db->delete_query("delayedmoderation", "did='".$mybb->get_input('did', MyBB::INPUT_INT)."'");
 157  
 158          if($tid == 0)
 159          {
 160              moderation_redirect(get_forum_link($fid), $lang->redirect_delayed_moderation_cancelled);
 161          }
 162          else
 163          {
 164              moderation_redirect("moderation.php?action=delayedmoderation&amp;tid={$tid}&amp;my_post_key={$mybb->post_code}", $lang->redirect_delayed_moderation_cancelled);
 165          }
 166          break;
 167      case "do_delayedmoderation":
 168      case "delayedmoderation":
 169          // Verify incoming POST request
 170          verify_post_check($mybb->get_input('my_post_key'));
 171          
 172          $localized_time_offset = $mybb->user['timezone']*3600 + $mybb->user['dst']*3600;
 173  
 174          if(!$mybb->get_input('date_day', MyBB::INPUT_INT))
 175          {
 176              $mybb->input['date_day'] = gmdate('d', TIME_NOW + $localized_time_offset);
 177          }
 178          if(!$mybb->get_input('date_month', MyBB::INPUT_INT))
 179          {
 180              $mybb->input['date_month'] = gmdate('m', TIME_NOW + $localized_time_offset);
 181          }
 182  
 183          // Assume in-line moderation if TID is not set
 184          if(!empty($mybb->input['tid']))
 185          {
 186              $mybb->input['tids'] = $tid;
 187          }
 188          else
 189          {
 190              if($mybb->get_input('inlinetype') == 'search')
 191              {
 192                  $tids = getids($mybb->get_input('searchid'), 'search');
 193              }
 194              else
 195              {
 196                  $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
 197                  $tids = getids($fid, "forum");
 198              }
 199              if(count($tids) < 1)
 200              {
 201                  error($lang->error_inline_nothreadsselected, $lang->error);
 202              }
 203  
 204              $mybb->input['tids'] = $tids;
 205          }
 206  
 207          add_breadcrumb($lang->delayed_moderation);
 208  
 209          if(!is_moderator($fid, "canmanagethreads"))
 210          {
 211              error_no_permission();
 212          }
 213  
 214          $errors = array();
 215          $customthreadtools = "";
 216  
 217          $allowed_types = array('move', 'merge', 'removeredirects', 'removesubscriptions');
 218  
 219          if(is_moderator($fid, "canopenclosethreads"))
 220          {
 221              $allowed_types[] = "openclosethread";
 222          }
 223  
 224          if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads"))
 225          {
 226              $allowed_types[] = "softdeleterestorethread";
 227          }
 228  
 229          if(is_moderator($fid, "candeletethreads"))
 230          {
 231              $allowed_types[] = "deletethread";
 232          }
 233  
 234          if(is_moderator($fid, "canstickunstickthreads"))
 235          {
 236              $allowed_types[] = "stick";
 237          }
 238  
 239          if(is_moderator($fid, "canapproveunapprovethreads"))
 240          {
 241              $allowed_types[] = "approveunapprovethread";
 242          }
 243  
 244          $mybb->input['type'] = $mybb->get_input('type');
 245  
 246          if(is_moderator($fid, "canusecustomtools"))
 247          {
 248              switch($db->type)
 249              {
 250                  case "pgsql":
 251                  case "sqlite":
 252                      $query = $db->simple_select("modtools", 'tid, name, `groups`', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'");
 253                      break;
 254                  default:
 255                      $query = $db->simple_select("modtools", 'tid, name, `groups`', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'");
 256              }
 257              while($tool = $db->fetch_array($query))
 258              {
 259                  if(is_member($tool['groups']))
 260                  {
 261                      $allowed_types[] = "modtool_".$tool['tid'];
 262  
 263                      $tool['name'] = htmlspecialchars_uni($tool['name']);
 264  
 265                      $checked = "";
 266                      if($mybb->input['type'] == "modtool_".$tool['tid'])
 267                      {
 268                          $checked = "checked=\"checked\"";
 269                      }
 270  
 271                      eval("\$customthreadtools .= \"".$templates->get("moderation_delayedmoderation_custommodtool")."\";");
 272                  }
 273              }
 274          }
 275  
 276          $mybb->input['delayedmoderation'] = $mybb->get_input('delayedmoderation', MyBB::INPUT_ARRAY);
 277  
 278          if($mybb->input['action'] == "do_delayedmoderation" && $mybb->request_method == "post")
 279          {
 280              if(!in_array($mybb->input['type'], $allowed_types))
 281              {
 282                  $mybb->input['type'] = '';
 283                  $errors[] = $lang->error_delayedmoderation_unsupported_type;
 284              }
 285  
 286              if($mybb->input['type'] == 'move' && (!isset($mybb->input['delayedmoderation']['method']) || !in_array($mybb->input['delayedmoderation']['method'], array('move', 'redirect', 'copy'))))
 287              {
 288                  $mybb->input['delayedmoderation']['method'] = '';
 289                  $errors[] = $lang->error_delayedmoderation_unsupported_method;
 290              }
 291  
 292              if($mybb->input['type'] == 'move')
 293              {
 294                  $newfid = (int)$mybb->input['delayedmoderation']['new_forum'];
 295  
 296                  // Make sure moderator has permission to move to the new forum
 297                  $newperms = forum_permissions($newfid);
 298                  if($newperms['canview'] == 0 || !is_moderator($newfid, 'canmovetononmodforum'))
 299                  {
 300                      $errors[] = $lang->error_movetononmodforum;
 301                  }
 302  
 303                  $newforum = get_forum($newfid);
 304                  if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
 305                  {
 306                      $errors[] = $lang->error_invalidforum;
 307                  }
 308  
 309                  $method = $mybb->input['delayedmoderation']['method'];
 310                  if($method != "copy" && $fid == $newfid)
 311                  {
 312                      $errors[] = $lang->error_movetosameforum;
 313                  }
 314              }
 315  
 316              if($mybb->input['date_day'] > 31 || $mybb->input['date_day'] < 1)
 317              {
 318                  $errors[] = $lang->error_delayedmoderation_invalid_date_day;
 319              }
 320  
 321              if($mybb->input['date_month'] > 12 || $mybb->input['date_month'] < 1)
 322              {
 323                  $errors[] = $lang->error_delayedmoderation_invalid_date_month;
 324              }
 325  
 326              if($mybb->input['date_year'] < gmdate('Y', TIME_NOW + $localized_time_offset))
 327              {
 328                  $errors[] = $lang->error_delayedmoderation_invalid_date_year;
 329              }
 330  
 331              $date_time = explode(' ', $mybb->get_input('date_time'));
 332              $date_time = explode(':', (string)$date_time[0]);
 333  
 334              if(stristr($mybb->input['date_time'], 'pm'))
 335              {
 336                  $date_time[0] = 12+$date_time[0];
 337                  if($date_time[0] >= 24)
 338                  {
 339                      $date_time[0] = '00';
 340                  }
 341              }
 342  
 343              $rundate = gmmktime((int)$date_time[0], (int)$date_time[1], date('s', TIME_NOW), $mybb->get_input('date_month', MyBB::INPUT_INT), $mybb->get_input('date_day', MyBB::INPUT_INT), $mybb->get_input('date_year', MyBB::INPUT_INT)) - $localized_time_offset;
 344  
 345              if(!$errors)
 346              {
 347                  if(is_array($mybb->input['tids']))
 348                  {
 349                      $mybb->input['tids'] = implode(',', $mybb->input['tids']);
 350                  }
 351  
 352                  $did = $db->insert_query("delayedmoderation", array(
 353                      'type' => $db->escape_string($mybb->input['type']),
 354                      'delaydateline' => (int)$rundate,
 355                      'uid' => $mybb->user['uid'],
 356                      'tids' => $db->escape_string($mybb->input['tids']),
 357                      'fid' => $fid,
 358                      'dateline' => TIME_NOW,
 359                      'inputs' => $db->escape_string(my_serialize($mybb->input['delayedmoderation']))
 360                  ));
 361  
 362                  $plugins->run_hooks('moderation_do_delayedmoderation');
 363  
 364                  $rundate_format = my_date('relative', $rundate, '', 2);
 365                  $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, $rundate_format);
 366  
 367                  if(!empty($mybb->input['tid']))
 368                  {
 369                      moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread);
 370                  }
 371                  else
 372                  {
 373                      if($mybb->get_input('inlinetype') == 'search')
 374                      {
 375                          moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $rundate_format));
 376                      }
 377                      else
 378                      {
 379                          moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $rundate_format));
 380                      }
 381                  }
 382              }
 383              else
 384              {
 385                  $type_selected = array();
 386                  foreach($allowed_types as $type)
 387                  {
 388                      $type_selected[$type] = '';
 389                  }
 390                  $type_selected[$mybb->get_input('type')] = "checked=\"checked\"";
 391                  $method_selected = array('move' => '', 'redirect' => '', 'copy' => '');
 392                  if(isset($mybb->input['delayedmoderation']['method']))
 393                  {
 394                      $method_selected[$mybb->input['delayedmoderation']['method']] = "checked=\"checked\"";
 395                  }
 396  
 397                  foreach(array('redirect_expire', 'new_forum', 'subject', 'threadurl') as $value)
 398                  {
 399                      if(!isset($mybb->input['delayedmoderation'][$value]))
 400                      {
 401                          $mybb->input['delayedmoderation'][$value] = '';
 402                      }
 403                  }
 404                  $mybb->input['delayedmoderation']['redirect_expire'] = (int)$mybb->input['delayedmoderation']['redirect_expire'];
 405                  $mybb->input['delayedmoderation']['new_forum'] = (int)$mybb->input['delayedmoderation']['new_forum'];
 406                  $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']);
 407                  $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']);
 408  
 409                  $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]");
 410              }
 411          }
 412          else
 413          {
 414              $type_selected = array();
 415              foreach($allowed_types as $type)
 416              {
 417                  $type_selected[$type] = '';
 418              }
 419              $type_selected['openclosethread'] = "checked=\"checked\"";
 420              $method_selected = array('move' => 'checked="checked"', 'redirect' => '', 'copy' => '');
 421  
 422              $mybb->input['delayedmoderation']['redirect_expire'] = '';
 423              $mybb->input['delayedmoderation']['subject'] = isset($thread['subject']) ? $thread['subject'] : '';
 424              $mybb->input['delayedmoderation']['threadurl'] = '';
 425  
 426              $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]");
 427          }
 428  
 429          if(isset($errors) && count($errors) > 0)
 430          {
 431              $display_errors = inline_error($errors);
 432          }
 433          else
 434          {
 435              $display_errors = '';
 436          }
 437  
 438          $forum_cache = $cache->read("forums");
 439  
 440          $actions = array(
 441              'openclosethread' => $lang->open_close_thread,
 442              'softdeleterestorethread' => $lang->softdelete_restore_thread,
 443              'deletethread' => $lang->delete_thread,
 444              'move' => $lang->move_copy_thread,
 445              'stick' => $lang->stick_unstick_thread,
 446              'merge' => $lang->merge_threads,
 447              'removeredirects' => $lang->remove_redirects,
 448              'removesubscriptions' => $lang->remove_subscriptions,
 449              'approveunapprovethread' => $lang->approve_unapprove_thread
 450          );
 451  
 452          switch($db->type)
 453          {
 454              case "pgsql":
 455              case "sqlite":
 456                  $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'");
 457                  break;
 458              default:
 459                  $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'");
 460          }
 461          while($tool = $db->fetch_array($query))
 462          {
 463              $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']);
 464          }
 465  
 466          $delayedmods = '';
 467          $trow = alt_trow(1);
 468          if($tid == 0)
 469          {
 470              // Inline thread moderation is used
 471              if($mybb->get_input('inlinetype') == 'search')
 472              {
 473                  $tids = getids($mybb->get_input('searchid'), 'search');
 474              }
 475              else
 476              {
 477                  $tids = getids($fid, "forum");
 478              }
 479              $where_array = array();
 480              switch($db->type)
 481              {
 482                  case "pgsql":
 483                  case "sqlite":
 484                      foreach($tids as $like)
 485                      {
 486                          $where_array[] = "','||d.tids||',' LIKE '%,".$db->escape_string($like).",%'";
 487                      }
 488                      $where_statement = implode(" OR ", $where_array);
 489                      break;
 490                  default:
 491                      foreach($tids as $like)
 492                      {
 493                          $where_array[] = "CONCAT(',',d.tids,',') LIKE  '%,".$db->escape_string($like).",%'";
 494                      }
 495                      $where_statement = implode(" OR ", $where_array);
 496              }
 497              $query = $db->query("
 498                  SELECT d.*, u.username, f.name AS fname
 499                  FROM ".TABLE_PREFIX."delayedmoderation d
 500                  LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
 501                  LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
 502                  WHERE ".$where_statement."
 503                  ORDER BY d.dateline DESC
 504                  LIMIT  0, 20
 505              ");
 506          }
 507          else
 508          {
 509              switch($db->type)
 510              {
 511                  case "pgsql":
 512                  case "sqlite":
 513                      $query = $db->query("
 514                          SELECT d.*, u.username, f.name AS fname
 515                          FROM ".TABLE_PREFIX."delayedmoderation d
 516                          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
 517                          LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
 518                          WHERE ','||d.tids||',' LIKE '%,{$tid},%'
 519                          ORDER BY d.dateline DESC
 520                          LIMIT  0, 20
 521                      ");
 522                      break;
 523                  default:
 524                      $query = $db->query("
 525                          SELECT d.*, u.username, f.name AS fname
 526                          FROM ".TABLE_PREFIX."delayedmoderation d
 527                          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
 528                          LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
 529                          WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%'
 530                          ORDER BY d.dateline DESC
 531                          LIMIT  0, 20
 532                      ");
 533              }
 534          }
 535  
 536          while($delayedmod = $db->fetch_array($query))
 537          {
 538              $delayedmod['dateline'] = my_date('normal', $delayedmod['delaydateline'], "", 2);
 539              $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']);
 540              $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']);
 541              $delayedmod['action'] = $actions[$delayedmod['type']];
 542              $info = '';
 543              if(strpos($delayedmod['tids'], ',') === false)
 544              {
 545                  $delayed_thread = get_thread($delayedmod['tids']);
 546                  $delayed_thread['link'] = get_thread_link($delayed_thread['tid']);
 547                  $delayed_thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($delayed_thread['subject']));
 548                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";");
 549              }
 550              else
 551              {
 552                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";");
 553              }
 554  
 555              if($delayedmod['fname'])
 556              {
 557                  $delayedmod['link'] = get_forum_link($delayedmod['fid']);
 558                  $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']);
 559                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";");
 560              }
 561              $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']);
 562  
 563              if($delayedmod['type'] == 'move')
 564              {
 565                  $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']);
 566                  $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']);
 567                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";");
 568  
 569                  if($delayedmod['inputs']['method'] == "redirect")
 570                  {
 571                      if((int)$delayedmod['inputs']['redirect_expire'] == 0)
 572                      {
 573                          $redirect_expire_bit = $lang->redirect_forever;
 574                      }
 575                      else
 576                      {
 577                          $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}";
 578                      }
 579  
 580                      eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";");
 581                  }
 582              }
 583              elseif($delayedmod['type'] == 'merge')
 584              {
 585                  $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']);
 586                  $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']);
 587                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";");
 588              }
 589  
 590              eval("\$delayedmods .= \"".$templates->get("moderation_delayedmodaction_notes")."\";");
 591              $trow = alt_trow();
 592          }
 593          if(!$delayedmods)
 594          {
 595              $cols = 5;
 596              eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";");
 597          }
 598  
 599          $url = '';
 600          if($mybb->get_input('tid', MyBB::INPUT_INT))
 601          {
 602              $lang->threads = $lang->thread;
 603              $thread['link'] = get_thread_link($tid);
 604              $delayedmoderation_subject = $mybb->input['delayedmoderation']['subject'];
 605              $delayedmoderation_threadurl = $mybb->input['delayedmoderation']['threadurl'];
 606              eval("\$threads = \"".$templates->get("moderation_delayedmoderation_thread")."\";");
 607              eval("\$moderation_delayedmoderation_merge = \"".$templates->get("moderation_delayedmoderation_merge")."\";");
 608          }
 609          else
 610          {
 611              if($mybb->get_input('inlinetype') == 'search')
 612              {
 613                  $tids = getids($mybb->get_input('searchid'), 'search');
 614                  $url = htmlspecialchars_uni($mybb->get_input('url'));
 615              }
 616              else
 617              {
 618                  $tids = getids($fid, "forum");
 619              }
 620              if(count($tids) < 1)
 621              {
 622                  error($lang->error_inline_nothreadsselected, $lang->error);
 623              }
 624  
 625              $threads = $lang->sprintf($lang->threads_selected, count($tids));
 626              $moderation_delayedmoderation_merge = '';
 627          }
 628          $redirect_expire = $mybb->get_input('redirect_expire');
 629          eval("\$moderation_delayedmoderation_move = \"".$templates->get("moderation_delayedmoderation_move")."\";");
 630  
 631          // Generate form elements for date form
 632          $dateday = '';
 633          for($day = 1; $day <= 31; ++$day)
 634          {
 635              $selected = '';
 636              if($mybb->get_input('date_day', MyBB::INPUT_INT) == $day)
 637              {
 638                  $selected = ' selected="selected"';
 639              }
 640              eval('$dateday .= "'.$templates->get('moderation_delayedmoderation_date_day').'";');
 641          }
 642  
 643          $datemonth = array();
 644          foreach(array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12') as $month)
 645          {
 646              $datemonth[$month] = '';
 647              if($mybb->get_input('date_month', MyBB::INPUT_INT) == (int)$month)
 648              {
 649                  $datemonth[$month] = ' selected="selected"';
 650              }
 651          }
 652          
 653  
 654          eval('$datemonth = "'.$templates->get('moderation_delayedmoderation_date_month').'";');
 655  
 656          $dateyear = gmdate('Y', TIME_NOW  + $localized_time_offset);
 657          $datetime = gmdate($mybb->settings['timeformat'], TIME_NOW + $localized_time_offset);
 658  
 659          $openclosethread = '';
 660          if(is_moderator($fid, "canopenclosethreads"))
 661          {
 662              eval('$openclosethread = "'.$templates->get('moderation_delayedmoderation_openclose').'";');
 663          }
 664  
 665          $softdeleterestorethread = '';
 666          if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads"))
 667          {
 668              eval('$softdeleterestorethread = "'.$templates->get('moderation_delayedmoderation_softdeleterestore').'";');
 669          }
 670  
 671          $deletethread = '';
 672          if(is_moderator($fid, "candeletethreads"))
 673          {
 674              eval('$deletethread = "'.$templates->get('moderation_delayedmoderation_delete').'";');
 675          }
 676  
 677          $stickunstickthread = '';
 678          if(is_moderator($fid, "canstickunstickthreads"))
 679          {
 680              eval('$stickunstickthread = "'.$templates->get('moderation_delayedmoderation_stick').'";');
 681          }
 682  
 683          $approveunapprovethread = '';
 684          if(is_moderator($fid, "canapproveunapprovethreads"))
 685          {
 686              eval('$approveunapprovethread = "'.$templates->get('moderation_delayedmoderation_approve').'";');
 687          } 
 688  
 689          $plugins->run_hooks("moderation_delayedmoderation");
 690  
 691          eval("\$delayedmoderation = \"".$templates->get("moderation_delayedmoderation")."\";");
 692          output_page($delayedmoderation);
 693          break;
 694      // Open or close a thread
 695      case "openclosethread":
 696          // Verify incoming POST request
 697          verify_post_check($mybb->get_input('my_post_key'));
 698  
 699          if(!is_moderator($fid, "canopenclosethreads"))
 700          {
 701              error_no_permission();
 702          }
 703  
 704          if($thread['visible'] == -1)
 705          {
 706              error($lang->error_thread_deleted, $lang->error);
 707          }
 708  
 709          if($thread['closed'] == 1)
 710          {
 711              $openclose = $lang->opened;
 712              $redirect = $lang->redirect_openthread;
 713              $moderation->open_threads($tid);
 714          }
 715          else
 716          {
 717              $openclose = $lang->closed;
 718              $redirect = $lang->redirect_closethread;
 719              $moderation->close_threads($tid);
 720          }
 721  
 722          $lang->mod_process = $lang->sprintf($lang->mod_process, $openclose);
 723  
 724          log_moderator_action($modlogdata, $lang->mod_process);
 725  
 726          moderation_redirect(get_thread_link($thread['tid']), $redirect);
 727          break;
 728  
 729      // Stick or unstick that post to the top bab!
 730      case "stick":
 731          // Verify incoming POST request
 732          verify_post_check($mybb->get_input('my_post_key'));
 733  
 734          if(!is_moderator($fid, "canstickunstickthreads"))
 735          {
 736              error_no_permission();
 737          }
 738  
 739          if($thread['visible'] == -1)
 740          {
 741              error($lang->error_thread_deleted, $lang->error);
 742          }
 743  
 744          $plugins->run_hooks("moderation_stick");
 745  
 746          if($thread['sticky'] == 1)
 747          {
 748              $stuckunstuck = $lang->unstuck;
 749              $redirect = $lang->redirect_unstickthread;
 750              $moderation->unstick_threads($tid);
 751          }
 752          else
 753          {
 754              $stuckunstuck = $lang->stuck;
 755              $redirect = $lang->redirect_stickthread;
 756              $moderation->stick_threads($tid);
 757          }
 758  
 759          $lang->mod_process = $lang->sprintf($lang->mod_process, $stuckunstuck);
 760  
 761          log_moderator_action($modlogdata, $lang->mod_process);
 762  
 763          moderation_redirect(get_thread_link($thread['tid']), $redirect);
 764          break;
 765  
 766      // Remove redirects to a specific thread
 767      case "removeredirects":
 768  
 769          // Verify incoming POST request
 770          verify_post_check($mybb->get_input('my_post_key'));
 771  
 772          if(!is_moderator($fid, "canmanagethreads"))
 773          {
 774              error_no_permission();
 775          }
 776  
 777          if($thread['visible'] == -1)
 778          {
 779              error($lang->error_thread_deleted, $lang->error);
 780          }
 781  
 782          $plugins->run_hooks("moderation_removeredirects");
 783  
 784          $moderation->remove_redirects($tid);
 785  
 786          log_moderator_action($modlogdata, $lang->redirects_removed);
 787          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_redirectsremoved);
 788          break;
 789  
 790      // Delete thread confirmation page
 791      case "deletethread":
 792  
 793          add_breadcrumb($lang->nav_deletethread);
 794  
 795          if(!is_moderator($fid, "candeletethreads"))
 796          {
 797              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 798              {
 799                  error_no_permission();
 800              }
 801          }
 802  
 803          $plugins->run_hooks("moderation_deletethread");
 804  
 805          eval("\$deletethread = \"".$templates->get("moderation_deletethread")."\";");
 806          output_page($deletethread);
 807          break;
 808  
 809      // Delete the actual thread here
 810      case "do_deletethread":
 811  
 812          // Verify incoming POST request
 813          verify_post_check($mybb->get_input('my_post_key'));
 814  
 815          if(!is_moderator($fid, "candeletethreads"))
 816          {
 817              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 818              {
 819                  error_no_permission();
 820              }
 821          }
 822  
 823          $plugins->run_hooks("moderation_do_deletethread");
 824  
 825          // Log the subject of the deleted thread
 826          $modlogdata['thread_subject'] = $thread['subject'];
 827  
 828          $thread['subject'] = $db->escape_string($thread['subject']);
 829          $lang->thread_deleted = $lang->sprintf($lang->thread_deleted, $thread['subject']);
 830          log_moderator_action($modlogdata, $lang->thread_deleted);
 831  
 832          $moderation->delete_thread($tid);
 833  
 834          mark_reports($tid, "thread");
 835          moderation_redirect(get_forum_link($fid), $lang->redirect_threaddeleted);
 836          break;
 837  
 838      // Delete the poll from a thread confirmation page
 839      case "deletepoll":
 840          add_breadcrumb($lang->nav_deletepoll);
 841  
 842          if(!is_moderator($fid, "canmanagepolls"))
 843          {
 844              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 845              {
 846                  error_no_permission();
 847              }
 848          }
 849  
 850          $plugins->run_hooks("moderation_deletepoll");
 851  
 852          $query = $db->simple_select("polls", "pid", "tid='$tid'");
 853          $poll = $db->fetch_array($query);
 854          if(!$poll)
 855          {
 856              error($lang->error_invalidpoll, $lang->error);
 857          }
 858  
 859          eval("\$deletepoll = \"".$templates->get("moderation_deletepoll")."\";");
 860          output_page($deletepoll);
 861          break;
 862  
 863      // Delete the actual poll here!
 864      case "do_deletepoll":
 865  
 866          // Verify incoming POST request
 867          verify_post_check($mybb->get_input('my_post_key'));
 868  
 869          if($thread['visible'] == -1)
 870          {
 871              error($lang->error_thread_deleted, $lang->error);
 872          }
 873  
 874          if(!isset($mybb->input['delete']))
 875          {
 876              error($lang->redirect_pollnotdeleted);
 877          }
 878          if(!is_moderator($fid, "canmanagepolls"))
 879          {
 880              if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid'])
 881              {
 882                  error_no_permission();
 883              }
 884          }
 885          $query = $db->simple_select("polls", "pid", "tid = $tid");
 886          $poll = $db->fetch_array($query);
 887          if(!$poll)
 888          {
 889              error($lang->error_invalidpoll, $lang->error);
 890          }
 891  
 892          $plugins->run_hooks("moderation_do_deletepoll");
 893  
 894          $lang->poll_deleted = $lang->sprintf($lang->poll_deleted, $thread['subject']);
 895          log_moderator_action($modlogdata, $lang->poll_deleted);
 896  
 897          $moderation->delete_poll($poll['pid']);
 898  
 899          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_polldeleted);
 900          break;
 901  
 902      // Approve a thread
 903      case "approvethread":
 904  
 905          // Verify incoming POST request
 906          verify_post_check($mybb->get_input('my_post_key'));
 907  
 908          if(!is_moderator($fid, "canapproveunapprovethreads"))
 909          {
 910              error_no_permission();
 911          }
 912  
 913          if($thread['visible'] == -1)
 914          {
 915              error($lang->error_thread_deleted, $lang->error);
 916          }
 917  
 918          $thread = get_thread($tid);
 919  
 920          $plugins->run_hooks("moderation_approvethread");
 921  
 922          $lang->thread_approved = $lang->sprintf($lang->thread_approved, $thread['subject']);
 923          log_moderator_action($modlogdata, $lang->thread_approved);
 924  
 925          $moderation->approve_threads($tid, $fid);
 926  
 927          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadapproved);
 928          break;
 929  
 930      // Unapprove a thread
 931      case "unapprovethread":
 932  
 933          // Verify incoming POST request
 934          verify_post_check($mybb->get_input('my_post_key'));
 935  
 936          if(!is_moderator($fid, "canapproveunapprovethreads"))
 937          {
 938              error_no_permission();
 939          }
 940  
 941          if($thread['visible'] == -1)
 942          {
 943              error($lang->error_thread_deleted, $lang->error);
 944          }
 945  
 946          $thread = get_thread($tid);
 947  
 948          $plugins->run_hooks("moderation_unapprovethread");
 949  
 950          $lang->thread_unapproved = $lang->sprintf($lang->thread_unapproved, $thread['subject']);
 951          log_moderator_action($modlogdata, $lang->thread_unapproved);
 952  
 953          $moderation->unapprove_threads($tid);
 954  
 955          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadunapproved);
 956          break;
 957  
 958      // Restore a thread
 959      case "restorethread":
 960  
 961          // Verify incoming POST request
 962          verify_post_check($mybb->get_input('my_post_key'));
 963  
 964          if(!is_moderator($fid, "canrestorethreads"))
 965          {
 966              error_no_permission();
 967          }
 968          $thread = get_thread($tid);
 969  
 970          $plugins->run_hooks("moderation_restorethread");
 971  
 972          $lang->thread_restored = $lang->sprintf($lang->thread_restored, $thread['subject']);
 973          log_moderator_action($modlogdata, $lang->thread_restored);
 974  
 975          $moderation->restore_threads($tid);
 976  
 977          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadrestored);
 978          break;
 979  
 980      // Soft delete a thread
 981      case "softdeletethread":
 982  
 983          // Verify incoming POST request
 984          verify_post_check($mybb->get_input('my_post_key'));
 985  
 986          if(!is_moderator($fid, "cansoftdeletethreads"))
 987          {
 988              error_no_permission();
 989          }
 990          $thread = get_thread($tid);
 991  
 992          $plugins->run_hooks("moderation_softdeletethread");
 993  
 994          $lang->thread_soft_deleted = $lang->sprintf($lang->thread_soft_deleted, $thread['subject']);
 995          log_moderator_action($modlogdata, $lang->thread_soft_deleted);
 996  
 997          $moderation->soft_delete_threads($tid);
 998  
 999          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadsoftdeleted);
1000          break;
1001  
1002      // Move a thread
1003      case "move":
1004          add_breadcrumb($lang->nav_move);
1005          if(!is_moderator($fid, "canmanagethreads"))
1006          {
1007              error_no_permission();
1008          }
1009  
1010          if($thread['visible'] == -1)
1011          {
1012              error($lang->error_thread_deleted, $lang->error);
1013          }
1014  
1015          $plugins->run_hooks("moderation_move");
1016  
1017          $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto");
1018          eval("\$movethread = \"".$templates->get("moderation_move")."\";");
1019          output_page($movethread);
1020          break;
1021  
1022      // Let's get this thing moving!
1023      case "do_move":
1024  
1025          // Verify incoming POST request
1026          verify_post_check($mybb->get_input('my_post_key'));
1027  
1028          $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
1029          $method = $mybb->get_input('method');
1030  
1031          if(!is_moderator($fid, "canmanagethreads"))
1032          {
1033              error_no_permission();
1034          }
1035  
1036          // Check if user has moderator permission to move to destination
1037          if(!is_moderator($moveto, "canmanagethreads") && !is_moderator($fid, "canmovetononmodforum"))
1038          {
1039              error_no_permission();
1040          }
1041  
1042          if($thread['visible'] == -1)
1043          {
1044              error($lang->error_thread_deleted, $lang->error);
1045          }
1046          
1047          $newperms = forum_permissions($moveto);
1048          if($newperms['canview'] == 0 && !is_moderator($fid, "canmovetononmodforum"))
1049          {
1050              error($lang->error_movetononmodforum, $lang->error);
1051          }
1052  
1053          $newforum = get_forum($moveto);
1054          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
1055          {
1056              error($lang->error_invalidforum, $lang->error);
1057          }
1058          if($method != "copy" && $thread['fid'] == $moveto)
1059          {
1060              error($lang->error_movetosameforum, $lang->error);
1061          }
1062  
1063          $plugins->run_hooks('moderation_do_move');
1064  
1065          $expire = 0;
1066          if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0)
1067          {
1068              $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400);
1069          }
1070  
1071          $the_thread = $tid;
1072  
1073          $newtid = $moderation->move_thread($tid, $moveto, $method, $expire);
1074  
1075          switch($method)
1076          {
1077              case "copy":
1078                  log_moderator_action($modlogdata, $lang->thread_copied);
1079                  break;
1080              default:
1081              case "move":
1082              case "redirect":
1083                  log_moderator_action($modlogdata, $lang->thread_moved);
1084                  break;
1085          }
1086  
1087          moderation_redirect(get_thread_link($newtid), $lang->redirect_threadmoved);
1088          break;
1089  
1090      // Viewing thread notes
1091      case "viewthreadnotes":
1092          if(!is_moderator($fid))
1093          {
1094              error_no_permission();
1095          }
1096  
1097          // Make sure we are looking at a real thread here.
1098          if(!$thread)
1099          {
1100              error($lang->error_nomember, $lang->error);
1101          }
1102  
1103          $plugins->run_hooks('moderation_viewthreadnotes');
1104  
1105          $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $thread['subject']);
1106  
1107          $thread['notes'] = nl2br(htmlspecialchars_uni($thread['notes']));
1108  
1109          eval("\$viewthreadnotes = \"".$templates->get("moderation_viewthreadnotes", 1, 0)."\";");
1110          echo $viewthreadnotes;
1111          break;
1112  
1113      // Thread notes editor
1114      case "threadnotes":
1115          add_breadcrumb($lang->nav_threadnotes);
1116          if(!is_moderator($fid, "canmanagethreads"))
1117          {
1118              error_no_permission();
1119          }
1120          $thread['notes'] = htmlspecialchars_uni($parser->parse_badwords($thread['notes']));
1121          $trow = alt_trow(1);
1122  
1123          if(is_moderator($fid, "canviewmodlog"))
1124          {
1125              $query = $db->query("
1126                  SELECT l.*, u.username, t.subject AS tsubject, f.name AS fname, p.subject AS psubject
1127                  FROM ".TABLE_PREFIX."moderatorlog l
1128                  LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid)
1129                  LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid)
1130                  LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid)
1131                  LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid)
1132                  WHERE t.tid='$tid'
1133                  ORDER BY l.dateline DESC
1134                  LIMIT  0, 20
1135              ");
1136              $modactions = '';
1137              while($modaction = $db->fetch_array($query))
1138              {
1139                  $modaction['dateline'] = my_date('relative', $modaction['dateline']);
1140                  $modaction['username'] = htmlspecialchars_uni($modaction['username']);
1141                  $modaction['profilelink'] = build_profile_link($modaction['username'], $modaction['uid']);
1142                  $modaction['action'] = htmlspecialchars_uni($modaction['action']);
1143                  $info = '';
1144                  if($modaction['tsubject'])
1145                  {
1146                      $modaction['tsubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['tsubject']));
1147                      $modaction['threadlink'] = get_thread_link($modaction['tid']);
1148                      eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_thread")."\";");
1149                  }
1150                  if($modaction['fname'])
1151                  {
1152                      $modaction['fname'] = htmlspecialchars_uni($modaction['fname']);
1153                      $modaction['forumlink'] = get_forum_link($modaction['fid']);
1154                      eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_forum")."\";");
1155                  }
1156                  if($modaction['psubject'])
1157                  {
1158  
1159                      $modaction['psubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['psubject']));
1160                      $modaction['postlink'] = get_post_link($modaction['pid']);
1161                      eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_post")."\";");
1162                  }
1163  
1164                  eval("\$modactions .= \"".$templates->get("moderation_threadnotes_modaction")."\";");
1165                  $trow = alt_trow();
1166              }
1167              if(!$modactions)
1168              {
1169                  eval("\$modactions = \"".$templates->get("moderation_threadnotes_modaction_error")."\";");
1170              }
1171          }
1172  
1173          $actions = array(
1174              'openclosethread' => $lang->open_close_thread,
1175              'deletethread' => $lang->delete_thread,
1176              'move' => $lang->move_copy_thread,
1177              'stick' => $lang->stick_unstick_thread,
1178              'merge' => $lang->merge_threads,
1179              'removeredirects' => $lang->remove_redirects,
1180              'removesubscriptions' => $lang->remove_subscriptions,
1181              'approveunapprovethread' => $lang->approve_unapprove_thread
1182          );
1183  
1184          switch($db->type)
1185          {
1186              case "pgsql":
1187              case "sqlite":
1188                  $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'");
1189                  break;
1190              default:
1191                  $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'");
1192          }
1193          while($tool = $db->fetch_array($query))
1194          {
1195              $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']);
1196          }
1197  
1198          $forum_cache = $cache->read("forums");
1199  
1200          $trow = alt_trow(1);
1201          switch($db->type)
1202          {
1203              case "pgsql":
1204              case "sqlite":
1205                  $query = $db->query("
1206                      SELECT d.*, u.username, f.name AS fname
1207                      FROM ".TABLE_PREFIX."delayedmoderation d
1208                      LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
1209                      LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
1210                      WHERE ','||d.tids||',' LIKE '%,{$tid},%'
1211                      ORDER BY d.dateline DESC
1212                      LIMIT  0, 20
1213                  ");
1214                  break;
1215              default:
1216                  $query = $db->query("
1217                      SELECT d.*, u.username, f.name AS fname
1218                      FROM ".TABLE_PREFIX."delayedmoderation d
1219                      LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid)
1220                      LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid)
1221                      WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%'
1222                      ORDER BY d.dateline DESC
1223                      LIMIT  0, 20
1224                  ");
1225          }
1226          $delayedmods = '';
1227          while($delayedmod = $db->fetch_array($query))
1228          {
1229              $delayedmod['dateline'] = my_date('normal', $delayedmod['delaydateline'], "", 2);
1230              $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']);
1231              $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']);
1232              $delayedmod['action'] = $actions[$delayedmod['type']];
1233              $info = '';
1234              if(strpos($delayedmod['tids'], ',') === false)
1235              {
1236                  $delayed_thread['link'] = get_thread_link($delayedmod['tids']);
1237                  $delayed_thread['subject'] = htmlspecialchars_uni($thread['subject']);
1238                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";");
1239              }
1240              else
1241              {
1242                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";");
1243              }
1244  
1245              if($delayedmod['fname'])
1246              {
1247                  $delayedmod['link'] = get_forum_link($delayedmod['fid']);
1248                  $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']);
1249                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";");
1250              }
1251              $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']);
1252  
1253              if($delayedmod['type'] == 'move')
1254              {
1255                  $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']);
1256                  $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']);
1257                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";");
1258  
1259                  if($delayedmod['inputs']['method'] == "redirect")
1260                  {
1261                      if((int)$delayedmod['inputs']['redirect_expire'] == 0)
1262                      {
1263                          $redirect_expire_bit = $lang->redirect_forever;
1264                      }
1265                      else
1266                      {
1267                          $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}";
1268                      }
1269  
1270                      eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";");
1271                  }
1272              }
1273              elseif($delayedmod['type'] == 'merge')
1274              {
1275                  $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']);
1276                  $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']);
1277                  eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";");
1278              }
1279  
1280              eval("\$delayedmods .= \"".$templates->get("moderation_threadnotes_delayedmodaction")."\";");
1281              $trow = alt_trow();
1282          }
1283          if(!$delayedmods)
1284          {
1285              $cols = 4;
1286              eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";");
1287          }
1288  
1289          $plugins->run_hooks("moderation_threadnotes");
1290  
1291          eval("\$threadnotes = \"".$templates->get("moderation_threadnotes")."\";");
1292          output_page($threadnotes);
1293          break;
1294  
1295      // Update the thread notes!
1296      case "do_threadnotes":
1297  
1298          // Verify incoming POST request
1299          verify_post_check($mybb->get_input('my_post_key'));
1300  
1301          if(!is_moderator($fid, "canmanagethreads"))
1302          {
1303              error_no_permission();
1304          }
1305  
1306          $plugins->run_hooks("moderation_do_threadnotes");
1307  
1308          log_moderator_action($modlogdata, $lang->thread_notes_edited);
1309          $sqlarray = array(
1310              "notes" => $db->escape_string($mybb->get_input('threadnotes')),
1311          );
1312          $db->update_query("threads", $sqlarray, "tid='$tid'");
1313          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadnotesupdated);
1314          break;
1315  
1316      // Let's look up the ip address of a post
1317      case "getip":
1318          add_breadcrumb($lang->nav_getip);
1319          if(!is_moderator($fid, "canviewips"))
1320          {
1321              error_no_permission();
1322          }
1323  
1324          $post['ipaddress'] = my_inet_ntop($db->unescape_binary($post['ipaddress']));
1325          $hostname = @gethostbyaddr($post['ipaddress']);
1326          if(!$hostname || $hostname == $post['ipaddress'])
1327          {
1328              $hostname = $lang->resolve_fail;
1329          }
1330  
1331          $post['username'] = htmlspecialchars_uni($post['username']);
1332          $username = build_profile_link($post['username'], $post['uid']);
1333  
1334          // Moderator options
1335          $modoptions = "";
1336          if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1)
1337          {
1338              $ipaddress = $post['ipaddress'];
1339              eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";");
1340          }
1341  
1342          $plugins->run_hooks('moderation_getip');
1343  
1344          if($modal)
1345          {
1346              eval("\$getip = \"".$templates->get("moderation_getip_modal", 1, 0)."\";");
1347              echo $getip;
1348              exit;
1349          }
1350          else
1351          {
1352              eval("\$getip = \"".$templates->get("moderation_getip")."\";");
1353              output_page($getip);
1354              break;
1355          }
1356  
1357      // Let's look up the ip address of a PM
1358      case "getpmip":
1359          if($pmid <= 0)
1360          {
1361              error($lang->error_invalidpm, $lang->error);
1362          }
1363          add_breadcrumb($lang->nav_pms, "private.php");
1364          $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));
1365          add_breadcrumb($pm['subject'], "private.php?action=read&amp;pmid={$pmid}");
1366          add_breadcrumb($lang->nav_getpmip);
1367          if(!$mybb->usergroup['issupermod'])
1368          {
1369              error_no_permission();
1370          }
1371  
1372          $pm['ipaddress'] = my_inet_ntop($db->unescape_binary($pm['ipaddress']));
1373          $hostname = @gethostbyaddr($pm['ipaddress']);
1374          if(!$hostname || $hostname == $pm['ipaddress'])
1375          {
1376              $hostname = $lang->resolve_fail;
1377          }
1378  
1379          $name = $db->fetch_field($db->simple_select('users', 'username', "uid = {$pm['fromid']}"), 'username');
1380          $username = build_profile_link($name, $pm['fromid']);
1381  
1382          // Moderator options
1383          $modoptions = "";
1384          if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1)
1385          {
1386              $ipaddress = $pm['ipaddress'];
1387              eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";");
1388          }
1389  
1390          $plugins->run_hooks('moderation_getpmip');
1391  
1392          if($modal)
1393          {
1394              eval("\$getpmip = \"".$templates->get("moderation_getpmip_modal", 1, 0)."\";");
1395              echo $getpmip;
1396              exit;
1397          }
1398          else
1399          {
1400              eval("\$getpmip = \"".$templates->get("moderation_getpmip")."\";");
1401              output_page($getpmip);
1402              break;
1403          }
1404  
1405      // Merge threads
1406      case "merge":
1407          add_breadcrumb($lang->nav_merge);
1408          if(!is_moderator($fid, "canmanagethreads"))
1409          {
1410              error_no_permission();
1411          }
1412  
1413          if($thread['visible'] == -1)
1414          {
1415              error($lang->error_thread_deleted, $lang->error);
1416          }
1417  
1418          $plugins->run_hooks("moderation_merge");
1419  
1420          eval("\$merge = \"".$templates->get("moderation_merge")."\";");
1421          output_page($merge);
1422          break;
1423  
1424      // Let's get those threads together baby! (Merge threads)
1425      case "do_merge":
1426  
1427          // Verify incoming POST request
1428          verify_post_check($mybb->get_input('my_post_key'));
1429  
1430          if(!is_moderator($fid, "canmanagethreads"))
1431          {
1432              error_no_permission();
1433          }
1434  
1435          if($thread['visible'] == -1)
1436          {
1437              error($lang->error_thread_deleted, $lang->error);
1438          }
1439  
1440          $plugins->run_hooks("moderation_do_merge");
1441  
1442          // explode at # sign in a url (indicates a name reference) and reassign to the url
1443          $realurl = explode("#", $mybb->get_input('threadurl'));
1444          $mybb->input['threadurl'] = $realurl[0];
1445  
1446          // Are we using an SEO URL?
1447          if(substr($mybb->input['threadurl'], -4) == "html")
1448          {
1449              // Get thread to merge's tid the SEO way
1450              preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch);
1451              preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch);
1452  
1453              if($threadmatch[1])
1454              {
1455                  $parameters['tid'] = $threadmatch[1];
1456              }
1457  
1458              if($postmatch[1])
1459              {
1460                  $parameters['pid'] = $postmatch[1];
1461              }
1462          }
1463          else
1464          {
1465              // Get thread to merge's tid the normal way
1466              $splitloc = explode(".php", $mybb->input['threadurl']);
1467              $temp = explode("&", my_substr($splitloc[1], 1));
1468  
1469              if(!empty($temp))
1470              {
1471                  for($i = 0; $i < count($temp); $i++)
1472                  {
1473                      $temp2 = explode("=", $temp[$i], 2);
1474                      $parameters[$temp2[0]] = $temp2[1];
1475                  }
1476              }
1477              else
1478              {
1479                  $temp2 = explode("=", $splitloc[1], 2);
1480                  $parameters[$temp2[0]] = $temp2[1];
1481              }
1482          }
1483  
1484          if(!empty($parameters['pid']) && empty($parameters['tid']))
1485          {
1486              $post = get_post($parameters['pid']);
1487              $mergetid = (int)$post['tid'];
1488          }
1489          elseif(!empty($parameters['tid']))
1490          {
1491              $mergetid = (int)$parameters['tid'];
1492          }
1493          else
1494          {
1495              $mergetid = 0;
1496          }
1497          $mergethread = get_thread($mergetid);
1498          if(!$mergethread)
1499          {
1500              error($lang->error_badmergeurl, $lang->error);
1501          }
1502          if($mergetid == $tid)
1503          { // sanity check
1504              error($lang->error_mergewithself, $lang->error);
1505          }
1506          if(!is_moderator($mergethread['fid'], "canmanagethreads"))
1507          {
1508              error_no_permission();
1509          }
1510          if(isset($mybb->input['subject']))
1511          {
1512              $subject = $mybb->get_input('subject');
1513          }
1514          else
1515          {
1516              $subject = $thread['subject'];
1517          }
1518  
1519          $moderation->merge_threads($mergetid, $tid, $subject);
1520  
1521          log_moderator_action($modlogdata, $lang->thread_merged);
1522  
1523          moderation_redirect(get_thread_link($tid), $lang->redirect_threadsmerged);
1524          break;
1525  
1526      // Divorce the posts in this thread (Split!)
1527      case "split":
1528          add_breadcrumb($lang->nav_split);
1529          if(!is_moderator($fid, "canmanagethreads"))
1530          {
1531              error_no_permission();
1532          }
1533  
1534          if($thread['visible'] == -1)
1535          {
1536              error($lang->error_thread_deleted, $lang->error);
1537          }
1538  
1539          $query = $db->query("
1540              SELECT p.*, u.*
1541              FROM ".TABLE_PREFIX."posts p
1542              LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid)
1543              WHERE tid='$tid'
1544              ORDER BY dateline ASC, pid ASC
1545          ");
1546  
1547          $numposts = $db->num_rows($query);
1548          if($numposts <= 1)
1549          {
1550              error($lang->error_cantsplitonepost, $lang->error);
1551          }
1552  
1553          $altbg = "trow1";
1554          $posts = '';
1555          while($post = $db->fetch_array($query))
1556          {
1557              $postdate = my_date('relative', $post['dateline']);
1558              $post['username'] = htmlspecialchars_uni($post['username']);
1559  
1560              $parser_options = array(
1561                  "allow_html" => $forum['allowhtml'],
1562                  "allow_mycode" => $forum['allowmycode'],
1563                  "allow_smilies" => $forum['allowsmilies'],
1564                  "allow_imgcode" => $forum['allowimgcode'],
1565                  "allow_videocode" => $forum['allowvideocode'],
1566                  "filter_badwords" => 1
1567              );
1568              if($post['smilieoff'] == 1)
1569              {
1570                  $parser_options['allow_smilies'] = 0;
1571              }
1572  
1573              $message = $parser->parse_message($post['message'], $parser_options);
1574              eval("\$posts .= \"".$templates->get("moderation_split_post")."\";");
1575              $altbg = alt_trow();
1576          }
1577  
1578          clearinline($tid, 'thread');
1579          $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto");
1580  
1581          $plugins->run_hooks("moderation_split");
1582  
1583          eval("\$split = \"".$templates->get("moderation_split")."\";");
1584          output_page($split);
1585          break;
1586  
1587      // Let's break them up buddy! (Do the split)
1588      case "do_split":
1589  
1590          // Verify incoming POST request
1591          verify_post_check($mybb->get_input('my_post_key'));
1592  
1593          if(!is_moderator($fid, "canmanagethreads"))
1594          {
1595              error_no_permission();
1596          }
1597  
1598          if($thread['visible'] == -1)
1599          {
1600              error($lang->error_thread_deleted, $lang->error);
1601          }
1602  
1603          $plugins->run_hooks("moderation_do_split");
1604  
1605          $mybb->input['splitpost'] = $mybb->get_input('splitpost', MyBB::INPUT_ARRAY);
1606          if(empty($mybb->input['splitpost']))
1607          {
1608              error($lang->error_nosplitposts, $lang->error);
1609          }
1610          $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'");
1611          $count = $db->fetch_array($query);
1612  
1613          if($count['totalposts'] == 1)
1614          {
1615              error($lang->error_cantsplitonepost, $lang->error);
1616          }
1617  
1618          if($count['totalposts'] == count($mybb->input['splitpost']))
1619          {
1620              error($lang->error_cantsplitall, $lang->error);
1621          }
1622  
1623          if(!empty($mybb->input['moveto']))
1624          {
1625              $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
1626          }
1627          else
1628          {
1629              $moveto = $fid;
1630          }
1631  
1632          $newforum = get_forum($moveto);
1633          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
1634          {
1635              error($lang->error_invalidforum, $lang->error);
1636          }
1637  
1638          $pids = array();
1639  
1640          // move the selected posts over
1641          $query = $db->simple_select("posts", "pid", "tid='$tid'");
1642          while($post = $db->fetch_array($query))
1643          {
1644              if(isset($mybb->input['splitpost'][$post['pid']]) && $mybb->input['splitpost'][$post['pid']] == 1)
1645              {
1646                  $pids[] = $post['pid'];
1647              }
1648              mark_reports($post['pid'], "post");
1649          }
1650  
1651          $newtid = $moderation->split_posts($pids, $tid, $moveto, $mybb->get_input('newsubject'));
1652  
1653          log_moderator_action($modlogdata, $lang->thread_split);
1654  
1655          moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit);
1656          break;
1657  
1658      // Delete Thread Subscriptions
1659      case "removesubscriptions":
1660  
1661          // Verify incoming POST request
1662          verify_post_check($mybb->get_input('my_post_key'));
1663  
1664          if(!is_moderator($fid, "canmanagethreads"))
1665          {
1666              error_no_permission();
1667          }
1668  
1669          if($thread['visible'] == -1)
1670          {
1671              error($lang->error_thread_deleted, $lang->error);
1672          }
1673  
1674          $plugins->run_hooks("moderation_removesubscriptions");
1675  
1676          $moderation->remove_thread_subscriptions($tid, true);
1677  
1678          log_moderator_action($modlogdata, $lang->removed_subscriptions);
1679  
1680          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_removed_subscriptions);
1681          break;
1682  
1683      // Delete Threads - Inline moderation
1684      case "multideletethreads":
1685          add_breadcrumb($lang->nav_multi_deletethreads);
1686  
1687          if(!empty($mybb->input['searchid']))
1688          {
1689              // From search page
1690              $threads = getids($mybb->get_input('searchid'), 'search');
1691              if(!is_moderator_by_tids($threads, 'candeletethreads'))
1692              {
1693                  error_no_permission();
1694              }
1695          }
1696          else
1697          {
1698              $threads = getids($fid, 'forum');
1699              if(!is_moderator($fid, 'candeletethreads'))
1700              {
1701                  error_no_permission();
1702              }
1703          }
1704          if(count($threads) < 1)
1705          {
1706              error($lang->error_inline_nothreadsselected, $lang->error);
1707          }
1708  
1709          $inlineids = implode("|", $threads);
1710          if($mybb->get_input('inlinetype') == 'search')
1711          {
1712              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1713          }
1714          else
1715          {
1716              clearinline($fid, 'forum');
1717          }
1718          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
1719          eval("\$multidelete = \"".$templates->get("moderation_inline_deletethreads")."\";");
1720          output_page($multidelete);
1721          break;
1722  
1723      // Actually delete the threads - Inline moderation
1724      case "do_multideletethreads":
1725  
1726          // Verify incoming POST request
1727          verify_post_check($mybb->get_input('my_post_key'));
1728  
1729          $threadlist = explode("|", $mybb->get_input('threads'));
1730          if(!is_moderator_by_tids($threadlist, "candeletethreads"))
1731          {
1732              error_no_permission();
1733          }
1734          foreach($threadlist as $tid)
1735          {
1736              $tid = (int)$tid;
1737              $moderation->delete_thread($tid);
1738              $tlist[] = $tid;
1739          }
1740          log_moderator_action($modlogdata, $lang->multi_deleted_threads);
1741          if($mybb->get_input('inlinetype') == 'search')
1742          {
1743              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1744          }
1745          else
1746          {
1747              clearinline($fid, 'forum');
1748          }
1749          mark_reports($tlist, "threads");
1750          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsdeleted);
1751          break;
1752  
1753      // Open threads - Inline moderation
1754      case "multiopenthreads":
1755  
1756          // Verify incoming POST request
1757          verify_post_check($mybb->get_input('my_post_key'));
1758  
1759          if(!empty($mybb->input['searchid']))
1760          {
1761              // From search page
1762              $threads = getids($mybb->get_input('searchid'), 'search');
1763              if(!is_moderator_by_tids($threads, 'canopenclosethreads'))
1764              {
1765                  error_no_permission();
1766              }
1767          }
1768          else
1769          {
1770              $threads = getids($fid, 'forum');
1771              if(!is_moderator($fid, 'canopenclosethreads'))
1772              {
1773                  error_no_permission();
1774              }
1775          }
1776  
1777          if(count($threads) < 1)
1778          {
1779              error($lang->error_inline_nothreadsselected, $lang->error);
1780          }
1781  
1782          $moderation->open_threads($threads);
1783  
1784          log_moderator_action($modlogdata, $lang->multi_opened_threads);
1785          if($mybb->get_input('inlinetype') == 'search')
1786          {
1787              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1788          }
1789          else
1790          {
1791              clearinline($fid, 'forum');
1792          }
1793          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsopened);
1794          break;
1795  
1796      // Close threads - Inline moderation
1797      case "multiclosethreads":
1798  
1799          // Verify incoming POST request
1800          verify_post_check($mybb->get_input('my_post_key'));
1801  
1802          if(!empty($mybb->input['searchid']))
1803          {
1804              // From search page
1805              $threads = getids($mybb->get_input('searchid'), 'search');
1806              if(!is_moderator_by_tids($threads, 'canopenclosethreads'))
1807              {
1808                  error_no_permission();
1809              }
1810          }
1811          else
1812          {
1813              $threads = getids($fid, 'forum');
1814              if(!is_moderator($fid, 'canopenclosethreads'))
1815              {
1816                  error_no_permission();
1817              }
1818          }
1819          if(count($threads) < 1)
1820          {
1821              error($lang->error_inline_nothreadsselected, $lang->error);
1822          }
1823  
1824          $moderation->close_threads($threads);
1825  
1826          log_moderator_action($modlogdata, $lang->multi_closed_threads);
1827          if($mybb->get_input('inlinetype') == 'search')
1828          {
1829              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1830          }
1831          else
1832          {
1833              clearinline($fid, 'forum');
1834          }
1835          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsclosed);
1836          break;
1837  
1838      // Approve threads - Inline moderation
1839      case "multiapprovethreads":
1840  
1841          // Verify incoming POST request
1842          verify_post_check($mybb->get_input('my_post_key'));
1843  
1844          if(!empty($mybb->input['searchid']))
1845          {
1846              // From search page
1847              $threads = getids($mybb->get_input('searchid'), 'search');
1848              if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads'))
1849              {
1850                  error_no_permission();
1851              }
1852          }
1853          else
1854          {
1855              $threads = getids($fid, 'forum');
1856              if(!is_moderator($fid, 'canapproveunapprovethreads'))
1857              {
1858                  error_no_permission();
1859              }
1860          }
1861          if(count($threads) < 1)
1862          {
1863              error($lang->error_inline_nothreadsselected, $lang->error);
1864          }
1865  
1866          $moderation->approve_threads($threads, $fid);
1867  
1868          log_moderator_action($modlogdata, $lang->multi_approved_threads);
1869          if($mybb->get_input('inlinetype') == 'search')
1870          {
1871              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1872          }
1873          else
1874          {
1875              clearinline($fid, 'forum');
1876          }
1877          $cache->update_stats();
1878          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsapproved);
1879          break;
1880  
1881      // Unapprove threads - Inline moderation
1882      case "multiunapprovethreads":
1883  
1884          // Verify incoming POST request
1885          verify_post_check($mybb->get_input('my_post_key'));
1886  
1887          if(!empty($mybb->input['searchid']))
1888          {
1889              // From search page
1890              $threads = getids($mybb->get_input('searchid'), 'search');
1891              if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads'))
1892              {
1893                  error_no_permission();
1894              }
1895          }
1896          else
1897          {
1898              $threads = getids($fid, 'forum');
1899              if(!is_moderator($fid, 'canapproveunapprovethreads'))
1900              {
1901                  error_no_permission();
1902              }
1903          }
1904          if(count($threads) < 1)
1905          {
1906              error($lang->error_inline_nothreadsselected, $lang->error);
1907          }
1908  
1909          $moderation->unapprove_threads($threads, $fid);
1910  
1911          log_moderator_action($modlogdata, $lang->multi_unapproved_threads);
1912          if($mybb->get_input('inlinetype') == 'search')
1913          {
1914              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1915          }
1916          else
1917          {
1918              clearinline($fid, 'forum');
1919          }
1920          $cache->update_stats();
1921          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunapproved);
1922          break;
1923  
1924      // Restore threads - Inline moderation
1925      case "multirestorethreads":
1926  
1927          // Verify incoming POST request
1928          verify_post_check($mybb->get_input('my_post_key'));
1929  
1930          if(!empty($mybb->input['searchid']))
1931          {
1932              // From search page
1933              $threads = getids($mybb->get_input('searchid'), 'search');
1934              if(!is_moderator_by_tids($threads, 'canrestorethreads'))
1935              {
1936                  error_no_permission();
1937              }
1938          }
1939          else
1940          {
1941              $threads = getids($fid, 'forum');
1942              if(!is_moderator($fid, 'canrestorethreads'))
1943              {
1944                  error_no_permission();
1945              }
1946          }
1947          if(count($threads) < 1)
1948          {
1949              error($lang->error_inline_nothreadsselected, $lang->error);
1950          }
1951  
1952          $moderation->restore_threads($threads);
1953  
1954          log_moderator_action($modlogdata, $lang->multi_restored_threads);
1955          if($mybb->get_input('inlinetype') == 'search')
1956          {
1957              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
1958          }
1959          else
1960          {
1961              clearinline($fid, 'forum');
1962          }
1963          $cache->update_stats();
1964          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsrestored);
1965          break;
1966  
1967      // Soft delete threads - Inline moderation
1968      case "multisoftdeletethreads":
1969  
1970          // Verify incoming POST request
1971          verify_post_check($mybb->get_input('my_post_key'));
1972  
1973          if(!empty($mybb->input['searchid']))
1974          {
1975              // From search page
1976              $threads = getids($mybb->get_input('searchid'), 'search');
1977              if(!is_moderator_by_tids($threads, 'cansoftdeletethreads'))
1978              {
1979                  error_no_permission();
1980              }
1981          }
1982          else
1983          {
1984              $threads = getids($fid, 'forum');
1985              if(!is_moderator($fid, 'cansoftdeletethreads'))
1986              {
1987                  error_no_permission();
1988              }
1989          }
1990          if(count($threads) < 1)
1991          {
1992              error($lang->error_inline_nothreadsselected, $lang->error);
1993          }
1994  
1995          $moderation->soft_delete_threads($threads);
1996  
1997          log_moderator_action($modlogdata, $lang->multi_soft_deleted_threads);
1998          if($mybb->get_input('inlinetype') == 'search')
1999          {
2000              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2001          }
2002          else
2003          {
2004              clearinline($fid, 'forum');
2005          }
2006          $cache->update_stats();
2007          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadssoftdeleted);
2008          break;
2009  
2010      // Stick threads - Inline moderation
2011      case "multistickthreads":
2012  
2013          // Verify incoming POST request
2014          verify_post_check($mybb->get_input('my_post_key'));
2015  
2016          if(!empty($mybb->input['searchid']))
2017          {
2018              // From search page
2019              $threads = getids($mybb->get_input('searchid'), 'search');
2020              if(!is_moderator_by_tids($threads, 'canstickunstickthreads'))
2021              {
2022                  error_no_permission();
2023              }
2024          }
2025          else
2026          {
2027              $threads = getids($fid, 'forum');
2028              if(!is_moderator($fid, 'canstickunstickthreads'))
2029              {
2030                  error_no_permission();
2031              }
2032          }
2033          if(count($threads) < 1)
2034          {
2035              error($lang->error_inline_nothreadsselected, $lang->error);
2036          }
2037  
2038          $moderation->stick_threads($threads);
2039  
2040          log_moderator_action($modlogdata, $lang->multi_stuck_threads);
2041          if($mybb->get_input('inlinetype') == 'search')
2042          {
2043              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2044          }
2045          else
2046          {
2047              clearinline($fid, 'forum');
2048          }
2049          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsstuck);
2050          break;
2051  
2052      // Unstick threads - Inline moderaton
2053      case "multiunstickthreads":
2054  
2055          // Verify incoming POST request
2056          verify_post_check($mybb->get_input('my_post_key'));
2057  
2058          if(!empty($mybb->input['searchid']))
2059          {
2060              // From search page
2061              $threads = getids($mybb->get_input('searchid'), 'search');
2062              if(!is_moderator_by_tids($threads, 'canstickunstickthreads'))
2063              {
2064                  error_no_permission();
2065              }
2066          }
2067          else
2068          {
2069              $threads = getids($fid, 'forum');
2070              if(!is_moderator($fid, 'canstickunstickthreads'))
2071              {
2072                  error_no_permission();
2073              }
2074          }
2075          if(count($threads) < 1)
2076          {
2077              error($lang->error_inline_nothreadsselected, $lang->error);
2078          }
2079  
2080          $moderation->unstick_threads($threads);
2081  
2082          log_moderator_action($modlogdata, $lang->multi_unstuck_threads);
2083          if($mybb->get_input('inlinetype') == 'search')
2084          {
2085              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2086          }
2087          else
2088          {
2089              clearinline($fid, 'forum');
2090          }
2091          moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunstuck);
2092          break;
2093  
2094      // Move threads - Inline moderation
2095      case "multimovethreads":
2096          add_breadcrumb($lang->nav_multi_movethreads);
2097  
2098          if(!empty($mybb->input['searchid']))
2099          {
2100              // From search page
2101              $threads = getids($mybb->get_input('searchid'), 'search');
2102              if(!is_moderator_by_tids($threads, 'canmanagethreads'))
2103              {
2104                  error_no_permission();
2105              }
2106          }
2107          else
2108          {
2109              $threads = getids($fid, 'forum');
2110              if(!is_moderator($fid, 'canmanagethreads'))
2111              {
2112                  error_no_permission();
2113              }
2114          }
2115  
2116          if(count($threads) < 1)
2117          {
2118              error($lang->error_inline_nothreadsselected, $lang->error);
2119          }
2120          $inlineids = implode("|", $threads);
2121          if($mybb->get_input('inlinetype') == 'search')
2122          {
2123              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2124          }
2125          else
2126          {
2127              clearinline($fid, 'forum');
2128          }
2129          $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto");
2130          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2131          eval("\$movethread = \"".$templates->get("moderation_inline_movethreads")."\";");
2132          output_page($movethread);
2133          break;
2134  
2135      // Actually move the threads in Inline moderation
2136      case "do_multimovethreads":
2137  
2138          // Verify incoming POST request
2139          verify_post_check($mybb->get_input('my_post_key'));
2140  
2141          $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
2142          $method = $mybb->get_input('method');
2143  
2144          $threadlist = explode("|", $mybb->get_input('threads'));
2145          if(!is_moderator_by_tids($threadlist, 'canmanagethreads'))
2146          {
2147              error_no_permission();
2148          }
2149          foreach($threadlist as $tid)
2150          {
2151              $tids[] = (int)$tid;
2152          }
2153          // Make sure moderator has permission to move to the new forum
2154          $newperms = forum_permissions($moveto);
2155          if(($newperms['canview'] == 0 || !is_moderator($moveto, 'canmanagethreads')) && !is_moderator_by_tids($tids, 'canmovetononmodforum'))
2156          {
2157              error($lang->error_movetononmodforum, $lang->error);
2158          }
2159  
2160          $newforum = get_forum($moveto);
2161          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
2162          {
2163              error($lang->error_invalidforum, $lang->error);
2164          }
2165  
2166          $plugins->run_hooks('moderation_do_multimovethreads');
2167  
2168          log_moderator_action($modlogdata, $lang->multi_moved_threads);
2169          $expire = 0;
2170          if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0)
2171          {
2172              $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400);
2173          }
2174  
2175          foreach($tids as $tid) {
2176              $moderation->move_thread($tid, $moveto, $method, $expire);
2177          }
2178  
2179          moderation_redirect(get_forum_link($moveto), $lang->redirect_inline_threadsmoved);
2180          break;
2181  
2182      // Delete posts - Inline moderation
2183      case "multideleteposts":
2184          add_breadcrumb($lang->nav_multi_deleteposts);
2185  
2186          if($mybb->get_input('inlinetype') == 'search')
2187          {
2188              $posts = getids($mybb->get_input('searchid'), 'search');
2189          }
2190          else
2191          {
2192              $posts = getids($tid, 'thread');
2193          }
2194  
2195          if(count($posts) < 1)
2196          {
2197              error($lang->error_inline_nopostsselected, $lang->error);
2198          }
2199          if(!is_moderator_by_pids($posts, "candeleteposts"))
2200          {
2201              error_no_permission();
2202          }
2203          $inlineids = implode("|", $posts);
2204          if($mybb->get_input('inlinetype') == 'search')
2205          {
2206              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2207          }
2208          else
2209          {
2210              clearinline($tid, 'thread');
2211          }
2212  
2213          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2214  
2215          eval("\$multidelete = \"".$templates->get("moderation_inline_deleteposts")."\";");
2216          output_page($multidelete);
2217          break;
2218  
2219      // Actually delete the posts in inline moderation
2220      case "do_multideleteposts":
2221  
2222          // Verify incoming POST request
2223          verify_post_check($mybb->get_input('my_post_key'));
2224  
2225          $postlist = explode("|", $mybb->get_input('posts'));
2226          if(!is_moderator_by_pids($postlist, "candeleteposts"))
2227          {
2228              error_no_permission();
2229          }
2230          $postlist = array_map('intval', $postlist);
2231          $pids = implode(',', $postlist);
2232  
2233          $tids = array();
2234          if($pids)
2235          {
2236              $query = $db->simple_select("threads", "tid", "firstpost IN({$pids})");
2237              while($threadid = $db->fetch_field($query, "tid"))
2238              {
2239                  $tids[] = $threadid;
2240              }
2241          }
2242  
2243          $deletecount = 0;
2244          foreach($postlist as $pid)
2245          {
2246              $pid = (int)$pid;
2247              $moderation->delete_post($pid);
2248              $plist[] = $pid;
2249              $deletecount++;
2250          }
2251  
2252          // If we have multiple threads, we must be coming from the search
2253          if(!empty($tids))
2254          {
2255              foreach($tids as $tid)
2256              {
2257                  $moderation->delete_thread($tid);
2258                  mark_reports($tid, "thread");
2259                  $url = get_forum_link($fid);
2260              }
2261          }
2262          // Otherwise we're just deleting from showthread.php
2263          else
2264          {
2265              $query = $db->simple_select("posts", "pid", "tid = $tid");
2266              $numposts = $db->num_rows($query);
2267              if(!$numposts)
2268              {
2269                  $moderation->delete_thread($tid);
2270                  mark_reports($tid, "thread");
2271                  $url = get_forum_link($fid);
2272              }
2273              else
2274              {
2275                  mark_reports($plist, "posts");
2276                  $url = get_thread_link($thread['tid']);
2277              }
2278          }
2279  
2280          $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount);
2281          log_moderator_action($modlogdata, $lang->deleted_selective_posts);
2282          moderation_redirect($url, $lang->redirect_postsdeleted);
2283          break;
2284  
2285      // Merge posts - Inline moderation
2286      case "multimergeposts":
2287          add_breadcrumb($lang->nav_multi_mergeposts);
2288  
2289          if($mybb->get_input('inlinetype') == 'search')
2290          {
2291              $posts = getids($mybb->get_input('searchid'), 'search');
2292          }
2293          else
2294          {
2295              $posts = getids($tid, 'thread');
2296          }
2297  
2298          // Add the selected posts from other threads
2299          foreach($mybb->cookies as $key => $value)
2300          {
2301              if(strpos($key, "inlinemod_thread") !== false && $key != "inlinemod_thread$tid")
2302              {
2303                  $inlinepostlist = explode("|", $mybb->cookies[$key]);
2304                  foreach($inlinepostlist as $p)
2305                  {
2306                      $p = (int)$p;
2307  
2308                      if(!empty($p))
2309                      {
2310                          $posts[] = (int)$p;
2311                      }
2312                  }
2313                  // Remove the cookie once its data is retrieved
2314                  my_unsetcookie($key);
2315              }
2316          }
2317  
2318          if(empty($posts))
2319          {
2320              error($lang->error_inline_nopostsselected, $lang->error);
2321          }
2322  
2323          if(!is_moderator_by_pids($posts, "canmanagethreads"))
2324          {
2325              error_no_permission();
2326          }
2327  
2328          $postlist = "";
2329          $query = $db->query("
2330              SELECT p.*, u.*
2331              FROM ".TABLE_PREFIX."posts p
2332              LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid)
2333              WHERE pid IN (".implode(",", $posts).")
2334              ORDER BY dateline ASC, pid ASC
2335          ");
2336          $altbg = "trow1";
2337          while($post = $db->fetch_array($query))
2338          {
2339              $postdate = my_date('relative', $post['dateline']);
2340  
2341              $parser_options = array(
2342                  "allow_html" => $forum['allowhtml'],
2343                  "allow_mycode" => $forum['allowmycode'],
2344                  "allow_smilies" => $forum['allowsmilies'],
2345                  "allow_imgcode" => $forum['allowimgcode'],
2346                  "allow_videocode" => $forum['allowvideocode'],
2347                  "filter_badwords" => 1
2348              );
2349              if($post['smilieoff'] == 1)
2350              {
2351                  $parser_options['allow_smilies'] = 0;
2352              }
2353  
2354              $message = $parser->parse_message($post['message'], $parser_options);
2355              eval("\$postlist .= \"".$templates->get("moderation_mergeposts_post")."\";");
2356              $altbg = alt_trow();
2357          }
2358  
2359          $inlineids = implode("|", $posts);
2360          if($mybb->get_input('inlinetype') == 'search')
2361          {
2362              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2363          }
2364          else
2365          {
2366              clearinline($tid, 'thread');
2367          }
2368  
2369          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2370  
2371          eval("\$multimerge = \"".$templates->get("moderation_inline_mergeposts")."\";");
2372          output_page($multimerge);
2373          break;
2374  
2375      // Actually merge the posts - Inline moderation
2376      case "do_multimergeposts":
2377  
2378          // Verify incoming POST request
2379          verify_post_check($mybb->get_input('my_post_key'));
2380  
2381          $mergepost = $mybb->get_input('mergepost', MyBB::INPUT_ARRAY);
2382          if(count($mergepost) <= 1)
2383          {
2384              error($lang->error_nomergeposts, $lang->error);
2385          }
2386  
2387          foreach($mergepost as $pid => $yes)
2388          {
2389              $postlist[] = (int)$pid;
2390          }
2391  
2392          if(!is_moderator_by_pids($postlist, "canmanagethreads"))
2393          {
2394              error_no_permission();
2395          }
2396  
2397          $masterpid = $moderation->merge_posts($postlist, $tid, $mybb->input['sep']);
2398  
2399          mark_reports($postlist, "posts");
2400          log_moderator_action($modlogdata, $lang->merged_selective_posts);
2401          moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_inline_postsmerged);
2402          break;
2403  
2404      // Split posts - Inline moderation
2405      case "multisplitposts":
2406          add_breadcrumb($lang->nav_multi_splitposts);
2407  
2408          if($mybb->get_input('inlinetype') == 'search')
2409          {
2410              $posts = getids($mybb->get_input('searchid'), 'search');
2411          }
2412          else
2413          {
2414              $posts = getids($tid, 'thread');
2415          }
2416  
2417          if(count($posts) < 1)
2418          {
2419              error($lang->error_inline_nopostsselected, $lang->error);
2420          }
2421  
2422          if(!is_moderator_by_pids($posts, "canmanagethreads"))
2423          {
2424              error_no_permission();
2425          }
2426          $posts = array_map('intval', $posts);
2427          $pidin = implode(',', $posts);
2428  
2429          // Make sure that we are not splitting a thread with one post
2430          // Select number of posts in each thread that the splitted post is in
2431          $query = $db->query("
2432              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2433              FROM ".TABLE_PREFIX."posts p
2434              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2435              WHERE p.pid IN ($pidin)
2436              GROUP BY p.tid, p.pid
2437          ");
2438          $threads = $pcheck = array();
2439          while($tcheck = $db->fetch_array($query))
2440          {
2441              if((int)$tcheck['count'] <= 1)
2442              {
2443                  error($lang->error_cantsplitonepost, $lang->error);
2444              }
2445              $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below
2446          }
2447  
2448          // Make sure that we are not splitting all posts in the thread
2449          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2450          $query = $db->query("
2451              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2452              FROM ".TABLE_PREFIX."posts p
2453              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2454              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2455              GROUP BY p.tid, p.pid
2456          ");
2457          $pcheck2 = array();
2458          while($tcheck = $db->fetch_array($query))
2459          {
2460              if($tcheck['count'] > 0)
2461              {
2462                  $pcheck2[] = $tcheck['tid'];
2463              }
2464          }
2465          if(count($pcheck2) != count($pcheck))
2466          {
2467              // One or more threads do not have posts after splitting
2468              error($lang->error_cantsplitall, $lang->error);
2469          }
2470  
2471          $inlineids = implode("|", $posts);
2472          if($mybb->get_input('inlinetype') == 'search')
2473          {
2474              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2475          }
2476          else
2477          {
2478              clearinline($tid, 'thread');
2479          }
2480          $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto");
2481  
2482          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2483  
2484          eval("\$splitposts = \"".$templates->get("moderation_inline_splitposts")."\";");
2485          output_page($splitposts);
2486          break;
2487  
2488      // Actually split the posts - Inline moderation
2489      case "do_multisplitposts":
2490  
2491          // Verify incoming POST request
2492          verify_post_check($mybb->get_input('my_post_key'));
2493  
2494          $plist = array();
2495          $postlist = explode("|", $mybb->get_input('posts'));
2496          foreach($postlist as $pid)
2497          {
2498              $pid = (int)$pid;
2499              $plist[] = $pid;
2500          }
2501  
2502          if(!is_moderator_by_pids($plist, "canmanagethreads"))
2503          {
2504              error_no_permission();
2505          }
2506  
2507          // Ensure all posts exist
2508          $posts = array();
2509          if(!empty($plist))
2510          {
2511              $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')');
2512              while($pid = $db->fetch_field($query, 'pid'))
2513              {
2514                  $posts[] = $pid;
2515              }
2516          }
2517  
2518          if(empty($posts))
2519          {
2520              error($lang->error_inline_nopostsselected, $lang->error);
2521          }
2522  
2523          $pidin = implode(',', $posts);
2524  
2525          // Make sure that we are not splitting a thread with one post
2526          // Select number of posts in each thread that the splitted post is in
2527          $query = $db->query("
2528              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2529              FROM ".TABLE_PREFIX."posts p
2530              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2531              WHERE p.pid IN ($pidin)
2532              GROUP BY p.tid, p.pid
2533          ");
2534          $pcheck = array();
2535          while($tcheck = $db->fetch_array($query))
2536          {
2537              if((int)$tcheck['count'] <= 1)
2538              {
2539                  error($lang->error_cantsplitonepost, $lang->error);
2540              }
2541              $pcheck[] = $tcheck['tid']; // Save tids for below
2542          }
2543  
2544          // Make sure that we are not splitting all posts in the thread
2545          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2546          $query = $db->query("
2547              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2548              FROM ".TABLE_PREFIX."posts p
2549              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2550              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2551              GROUP BY p.tid, p.pid
2552          ");
2553          $pcheck2 = array();
2554          while($tcheck = $db->fetch_array($query))
2555          {
2556              if($tcheck['count'] > 0)
2557              {
2558                  $pcheck2[] = $tcheck['tid'];
2559              }
2560          }
2561          if(count($pcheck2) != count($pcheck))
2562          {
2563              // One or more threads do not have posts after splitting
2564              error($lang->error_cantsplitall, $lang->error);
2565          }
2566  
2567          if(isset($mybb->input['moveto']))
2568          {
2569              $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT);
2570          }
2571          else
2572          {
2573              $moveto = $fid;
2574          }
2575  
2576          $newforum = get_forum($moveto);
2577          if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '')
2578          {
2579              error($lang->error_invalidforum, $lang->error);
2580          }
2581  
2582          $newsubject = $mybb->get_input('newsubject');
2583          $newtid = $moderation->split_posts($posts, $tid, $moveto, $newsubject);
2584  
2585          $pid_list = implode(', ', $posts);
2586          $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid);
2587          log_moderator_action($modlogdata, $lang->split_selective_posts);
2588  
2589          moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit);
2590          break;
2591  
2592      // Move posts - Inline moderation
2593      case "multimoveposts":
2594          add_breadcrumb($lang->nav_multi_moveposts);
2595  
2596          if($mybb->get_input('inlinetype') == 'search')
2597          {
2598              $posts = getids($mybb->get_input('searchid'), 'search');
2599          }
2600          else
2601          {
2602              $posts = getids($tid, 'thread');
2603          }
2604  
2605          if(count($posts) < 1)
2606          {
2607              error($lang->error_inline_nopostsselected, $lang->error);
2608          }
2609  
2610          if(!is_moderator_by_pids($posts, "canmanagethreads"))
2611          {
2612              error_no_permission();
2613          }
2614          $posts = array_map('intval', $posts);
2615          $pidin = implode(',', $posts);
2616  
2617          // Make sure that we are not moving posts in a thread with one post
2618          // Select number of posts in each thread that the moved post is in
2619          $query = $db->query("
2620              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2621              FROM ".TABLE_PREFIX."posts p
2622              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2623              WHERE p.pid IN ($pidin)
2624              GROUP BY p.tid, p.pid
2625          ");
2626          $threads = $pcheck = array();
2627          while($tcheck = $db->fetch_array($query))
2628          {
2629              if((int)$tcheck['count'] <= 1)
2630              {
2631                  error($lang->error_cantsplitonepost, $lang->error);
2632              }
2633              $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below
2634          }
2635  
2636          // Make sure that we are not moving all posts in the thread
2637          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2638          $query = $db->query("
2639              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2640              FROM ".TABLE_PREFIX."posts p
2641              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2642              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2643              GROUP BY p.tid, p.pid
2644          ");
2645          $pcheck2 = array();
2646          while($tcheck = $db->fetch_array($query))
2647          {
2648              if($tcheck['count'] > 0)
2649              {
2650                  $pcheck2[] = $tcheck['tid'];
2651              }
2652          }
2653          if(count($pcheck2) != count($pcheck))
2654          {
2655              // One or more threads do not have posts after splitting
2656              error($lang->error_cantmoveall, $lang->error);
2657          }
2658  
2659          $inlineids = implode("|", $posts);
2660          if($mybb->get_input('inlinetype') == 'search')
2661          {
2662              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2663          }
2664          else
2665          {
2666              clearinline($tid, 'thread');
2667          }
2668          $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto");
2669  
2670          $return_url = htmlspecialchars_uni($mybb->get_input('url'));
2671  
2672          eval("\$moveposts = \"".$templates->get("moderation_inline_moveposts")."\";");
2673          output_page($moveposts);
2674          break;
2675  
2676      // Actually split the posts - Inline moderation
2677      case "do_multimoveposts":
2678  
2679          // Verify incoming POST request
2680          verify_post_check($mybb->get_input('my_post_key'));
2681  
2682          $plugins->run_hooks("moderation_do_multimoveposts");
2683  
2684          // explode at # sign in a url (indicates a name reference) and reassign to the url
2685          $realurl = explode("#", $mybb->get_input('threadurl'));
2686          $mybb->input['threadurl'] = $realurl[0];
2687  
2688          // Are we using an SEO URL?
2689          if(substr($mybb->input['threadurl'], -4) == "html")
2690          {
2691              // Get thread to merge's tid the SEO way
2692              preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch);
2693              preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch);
2694  
2695              if(!empty($threadmatch[1]))
2696              {
2697                  $parameters['tid'] = $threadmatch[1];
2698              }
2699  
2700              if(!empty($postmatch[1]))
2701              {
2702                  $parameters['pid'] = $postmatch[1];
2703              }
2704          }
2705          else
2706          {
2707              // Get thread to merge's tid the normal way
2708              $splitloc = explode(".php", $mybb->input['threadurl']);
2709              $temp = explode("&", my_substr($splitloc[1], 1));
2710  
2711              if(!empty($temp))
2712              {
2713                  for($i = 0; $i < count($temp); $i++)
2714                  {
2715                      $temp2 = explode("=", $temp[$i], 2);
2716                      $parameters[$temp2[0]] = $temp2[1];
2717                  }
2718              }
2719              else
2720              {
2721                  $temp2 = explode("=", $splitloc[1], 2);
2722                  $parameters[$temp2[0]] = $temp2[1];
2723              }
2724          }
2725  
2726          if(!empty($parameters['pid']) && empty($parameters['tid']))
2727          {
2728              $query = $db->simple_select("posts", "tid", "pid='".(int)$parameters['pid']."'");
2729              $post = $db->fetch_array($query);
2730              $newtid = $post['tid'];
2731          }
2732          elseif(!empty($parameters['tid']))
2733          {
2734              $newtid = $parameters['tid'];
2735          }
2736          else
2737          {
2738              $newtid = 0;
2739          }
2740          $newtid = (int)$newtid;
2741          $newthread = get_thread($newtid);
2742          if(!$newthread)
2743          {
2744              error($lang->error_badmovepostsurl, $lang->error);
2745          }
2746          if($newtid == $tid)
2747          { // sanity check
2748              error($lang->error_movetoself, $lang->error);
2749          }
2750  
2751          $postlist = explode("|", $mybb->get_input('posts'));
2752          $plist = array();
2753          foreach($postlist as $pid)
2754          {
2755              $pid = (int)$pid;
2756              $plist[] = $pid;
2757          }
2758  
2759          if(!is_moderator_by_pids($plist, "canmanagethreads"))
2760          {
2761              error_no_permission();
2762          }
2763  
2764          // Ensure all posts exist
2765          $posts = array();
2766          if(!empty($plist))
2767          {
2768              $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')');
2769              while($pid = $db->fetch_field($query, 'pid'))
2770              {
2771                  $posts[] = $pid;
2772              }
2773          }
2774  
2775          if(empty($posts))
2776          {
2777              error($lang->error_inline_nopostsselected, $lang->error);
2778          }
2779  
2780          $pidin = implode(',', $posts);
2781  
2782          // Make sure that we are not moving posts in a thread with one post
2783          // Select number of posts in each thread that the moved post is in
2784          $query = $db->query("
2785              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2786              FROM ".TABLE_PREFIX."posts p
2787              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2788              WHERE p.pid IN ($pidin)
2789              GROUP BY p.tid, p.pid
2790          ");
2791          $threads = $pcheck = array();
2792          while($tcheck = $db->fetch_array($query))
2793          {
2794              if((int)$tcheck['count'] <= 1)
2795              {
2796                  error($lang->error_cantsplitonepost, $lang->error);
2797              }
2798              $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below
2799          }
2800  
2801          // Make sure that we are not moving all posts in the thread
2802          // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal)
2803          $query = $db->query("
2804              SELECT DISTINCT p.tid, COUNT(q.pid) as count
2805              FROM ".TABLE_PREFIX."posts p
2806              LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid)
2807              WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin)
2808              GROUP BY p.tid, p.pid
2809          ");
2810          $pcheck2 = array();
2811          while($tcheck = $db->fetch_array($query))
2812          {
2813              if($tcheck['count'] > 0)
2814              {
2815                  $pcheck2[] = $tcheck['tid'];
2816              }
2817          }
2818          if(count($pcheck2) != count($pcheck))
2819          {
2820              // One or more threads do not have posts after splitting
2821              error($lang->error_cantmoveall, $lang->error);
2822          }
2823  
2824          $newtid = $moderation->split_posts($posts, $tid, $newthread['fid'], $db->escape_string($newthread['subject']), $newtid);
2825  
2826          $pid_list = implode(', ', $posts);
2827          $lang->move_selective_posts = $lang->sprintf($lang->move_selective_posts, $pid_list, $newtid);
2828          log_moderator_action($modlogdata, $lang->move_selective_posts);
2829  
2830          moderation_redirect(get_thread_link($newtid), $lang->redirect_moveposts);
2831          break;
2832  
2833      // Approve posts - Inline moderation
2834      case "multiapproveposts":
2835  
2836          // Verify incoming POST request
2837          verify_post_check($mybb->get_input('my_post_key'));
2838  
2839          if($mybb->get_input('inlinetype') == 'search')
2840          {
2841              $posts = getids($mybb->get_input('searchid'), 'search');
2842          }
2843          else
2844          {
2845              $posts = getids($tid, 'thread');
2846          }
2847          if(count($posts) < 1)
2848          {
2849              error($lang->error_inline_nopostsselected, $lang->error);
2850          }
2851  
2852          if(!is_moderator_by_pids($posts, "canapproveunapproveposts"))
2853          {
2854              error_no_permission();
2855          }
2856  
2857          $pids = array();
2858          foreach($posts as $pid)
2859          {
2860              $pids[] = (int)$pid;
2861          }
2862  
2863          $moderation->approve_posts($pids);
2864  
2865          log_moderator_action($modlogdata, $lang->multi_approve_posts);
2866          if($mybb->get_input('inlinetype') == 'search')
2867          {
2868              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2869          }
2870          else
2871          {
2872              clearinline($tid, 'thread');
2873          }
2874          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsapproved);
2875          break;
2876  
2877      // Unapprove posts - Inline moderation
2878      case "multiunapproveposts":
2879  
2880          // Verify incoming POST request
2881          verify_post_check($mybb->get_input('my_post_key'));
2882  
2883          if($mybb->get_input('inlinetype') == 'search')
2884          {
2885              $posts = getids($mybb->get_input('searchid'), 'search');
2886          }
2887          else
2888          {
2889              $posts = getids($tid, 'thread');
2890          }
2891  
2892          if(count($posts) < 1)
2893          {
2894              error($lang->error_inline_nopostsselected, $lang->error);
2895          }
2896          $pids = array();
2897  
2898          if(!is_moderator_by_pids($posts, "canapproveunapproveposts"))
2899          {
2900              error_no_permission();
2901          }
2902          foreach($posts as $pid)
2903          {
2904              $pids[] = (int)$pid;
2905          }
2906  
2907          $moderation->unapprove_posts($pids);
2908  
2909          log_moderator_action($modlogdata, $lang->multi_unapprove_posts);
2910          if($mybb->get_input('inlinetype') == 'search')
2911          {
2912              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2913          }
2914          else
2915          {
2916              clearinline($tid, 'thread');
2917          }
2918          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsunapproved);
2919          break;
2920  
2921      // Restore posts - Inline moderation
2922      case "multirestoreposts":
2923  
2924          // Verify incoming POST request
2925          verify_post_check($mybb->get_input('my_post_key'));
2926  
2927          if($mybb->get_input('inlinetype') == 'search')
2928          {
2929              $posts = getids($mybb->get_input('searchid'), 'search');
2930          }
2931          else
2932          {
2933              $posts = getids($tid, 'thread');
2934          }
2935          if(count($posts) < 1)
2936          {
2937              error($lang->error_inline_nopostsselected, $lang->error);
2938          }
2939  
2940          if(!is_moderator_by_pids($posts, "canrestoreposts"))
2941          {
2942              error_no_permission();
2943          }
2944  
2945          $pids = array();
2946          foreach($posts as $pid)
2947          {
2948              $pids[] = (int)$pid;
2949          }
2950  
2951          $moderation->restore_posts($pids);
2952  
2953          log_moderator_action($modlogdata, $lang->multi_restore_posts);
2954          if($mybb->get_input('inlinetype') == 'search')
2955          {
2956              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
2957          }
2958          else
2959          {
2960              clearinline($tid, 'thread');
2961          }
2962          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsrestored);
2963          break;
2964  
2965      // Soft delete posts - Inline moderation
2966      case "multisoftdeleteposts":
2967          // Verify incoming POST request
2968          verify_post_check($mybb->get_input('my_post_key'));
2969  
2970          if($mybb->get_input('inlinetype') == 'search')
2971          {
2972              $posts = getids($mybb->get_input('searchid'), 'search');
2973          }
2974          else
2975          {
2976              $posts = getids($tid, 'thread');
2977          }
2978  
2979          if(count($posts) < 1)
2980          {
2981              error($lang->error_inline_nopostsselected, $lang->error);
2982          }
2983          $pids = array();
2984  
2985          if(!is_moderator_by_pids($posts, "cansoftdeleteposts"))
2986          {
2987              error_no_permission();
2988          }
2989          foreach($posts as $pid)
2990          {
2991              $pids[] = (int)$pid;
2992          }
2993  
2994          $moderation->soft_delete_posts($pids);
2995          log_moderator_action($modlogdata, $lang->multi_soft_delete_posts);
2996  
2997          if($mybb->get_input('inlinetype') == 'search')
2998          {
2999              clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
3000          }
3001          else
3002          {
3003              clearinline($tid, 'thread');
3004          }
3005          moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postssoftdeleted);
3006          break;
3007      case "do_purgespammer":
3008      case "purgespammer":
3009          require_once  MYBB_ROOT."inc/functions_user.php";
3010  
3011          $groups = explode(",", $mybb->settings['purgespammergroups']);
3012          if(!is_member($groups))
3013          {
3014              error_no_permission();
3015          }
3016  
3017          $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
3018          $user = get_user($uid);
3019          if(!$user['uid'] || !purgespammer_show($user['postnum'], $user['usergroup'], $user['uid']))
3020          {
3021              error($lang->purgespammer_invalid_user);
3022          }
3023  
3024          if($mybb->input['action'] == "do_purgespammer")
3025          {
3026              verify_post_check($mybb->get_input('my_post_key'));
3027  
3028              $user_deleted = false;
3029  
3030              // Run the hooks first to avoid any issues when we delete the user
3031              $plugins->run_hooks("moderation_purgespammer_purge");
3032  
3033              require_once  MYBB_ROOT.'inc/datahandlers/user.php';
3034              $userhandler = new UserDataHandler('delete');
3035  
3036              if($mybb->settings['purgespammerbandelete'] == "ban")
3037              {
3038                  // First delete everything
3039                  $userhandler->delete_content($uid);
3040                  $userhandler->delete_posts($uid);
3041                  
3042                  // Next ban him (or update the banned reason, shouldn't happen)
3043                  $query = $db->simple_select("banned", "uid", "uid = '{$uid}'");
3044                  if($db->num_rows($query) > 0)
3045                  {
3046                      $banupdate = array(
3047                          "reason" => $db->escape_string($mybb->settings['purgespammerbanreason'])
3048                      );
3049                      $db->update_query('banned', $banupdate, "uid = '{$uid}'");
3050                  }
3051                  else
3052                  {
3053                      $insert = array(
3054                          "uid" => $uid,
3055                          "gid" => (int)$mybb->settings['purgespammerbangroup'],
3056                          "oldgroup" => 2,
3057                          "oldadditionalgroups" => "",
3058                          "olddisplaygroup" => 0,
3059                          "admin" => (int)$mybb->user['uid'],
3060                          "dateline" => TIME_NOW,
3061                          "bantime" => "---",
3062                          "lifted" => 0,
3063                          "reason" => $db->escape_string($mybb->settings['purgespammerbanreason'])
3064                      );
3065                      $db->insert_query('banned', $insert);
3066                  }
3067  
3068                  // Add the IP's to the banfilters
3069                  if($mybb->settings['purgespammerbanip'] == 1)
3070                  {
3071                      foreach(array($user['regip'], $user['lastip']) as $ip)
3072                      {
3073                          $ip = my_inet_ntop($db->unescape_binary($ip));
3074                          $query = $db->simple_select("banfilters", "type", "type = 1 AND filter = '".$db->escape_string($ip)."'");
3075                          if($db->num_rows($query) == 0)
3076                          {
3077                              $insert = array(
3078                                  "filter" => $db->escape_string($ip),
3079                                  "type" => 1,
3080                                  "dateline" => TIME_NOW
3081                              );
3082                              $db->insert_query("banfilters", $insert);
3083                          }
3084                      }
3085                  }
3086  
3087                  // Clear the profile
3088                  $userhandler->clear_profile($uid, $mybb->settings['purgespammerbangroup']);
3089  
3090                  $cache->update_bannedips();
3091                  $cache->update_awaitingactivation();
3092  
3093                  // Update reports cache
3094                  $cache->update_reportedcontent();
3095              }
3096              elseif($mybb->settings['purgespammerbandelete'] == "delete")
3097              {
3098                  $user_deleted = $userhandler->delete_user($uid, 1);
3099              }
3100  
3101              // Submit the user to stop forum spam
3102              if(!empty($mybb->settings['purgespammerapikey']))
3103              {
3104                  $sfs = @fetch_remote_file("http://stopforumspam.com/add.php?username=" . urlencode($user['username']) . "&ip_addr=" . urlencode(my_inet_ntop($db->unescape_binary($user['lastip']))) . "&email=" . urlencode($user['email']) . "&api_key=" . urlencode($mybb->settings['purgespammerapikey']));
3105              }
3106  
3107              log_moderator_action(array('uid' => $uid, 'username' => $user['username']), $lang->purgespammer_modlog);
3108  
3109              if($user_deleted)
3110              {
3111                  redirect($mybb->settings['bburl'], $lang->purgespammer_success);
3112              }
3113              else
3114              {
3115                  redirect(get_profile_link($uid), $lang->purgespammer_success);
3116              }
3117          }
3118          elseif($mybb->input['action'] == "purgespammer")
3119          {
3120              $plugins->run_hooks("moderation_purgespammer_show");
3121  
3122              add_breadcrumb($lang->purgespammer);
3123              $lang->purgespammer_purge = $lang->sprintf($lang->purgespammer_purge, htmlspecialchars_uni($user['username']));
3124              if($mybb->settings['purgespammerbandelete'] == "ban")
3125              {
3126                  $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_ban);
3127              }
3128              else
3129              {
3130                  $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_delete);                
3131              }
3132              eval("\$purgespammer = \"".$templates->get('moderation_purgespammer')."\";");
3133              output_page($purgespammer);
3134          }
3135          break;
3136      default:
3137          require_once  MYBB_ROOT."inc/class_custommoderation.php";
3138          $custommod = new CustomModeration;
3139          $tool = $custommod->tool_info($mybb->get_input('action', MyBB::INPUT_INT));
3140          if($tool !== false)
3141          {
3142              // Verify incoming POST request
3143              verify_post_check($mybb->get_input('my_post_key'));
3144  
3145              $options = my_unserialize($tool['threadoptions']);
3146  
3147              if(!is_member($tool['groups']))
3148              {
3149                  error_no_permission();
3150              }
3151              
3152              if($thread['visible'] == -1)
3153              {
3154                  error($lang->error_thread_deleted, $lang->error);
3155              }
3156  
3157              if(!empty($options['confirmation']) && empty($mybb->input['confirm']))
3158              {
3159                  add_breadcrumb($lang->confirm_execute_tool);
3160  
3161                  $lang->confirm_execute_tool_desc = $lang->sprintf($lang->confirm_execute_tool_desc, htmlspecialchars_uni($tool['name']));
3162  
3163                  $action = $mybb->get_input('action', MyBB::INPUT_INT);
3164                  $modtype = htmlspecialchars_uni($mybb->get_input('modtype'));
3165                  $inlinetype = htmlspecialchars_uni($mybb->get_input('inlinetype'));
3166                  $searchid = htmlspecialchars_uni($mybb->get_input('searchid'));
3167                  $url = htmlspecialchars_uni($mybb->get_input('url'));
3168                  $plugins->run_hooks('moderation_confirmation');
3169  
3170                  eval('$page = "'.$templates->get('moderation_confirmation').'";');
3171  
3172                  output_page($page);
3173                  exit;
3174              }
3175  
3176              $tool['name'] = htmlspecialchars_uni($tool['name']);
3177  
3178              if($tool['type'] == 't' && $mybb->get_input('modtype') == 'inlinethread')
3179              {
3180                  if($mybb->get_input('inlinetype') == 'search')
3181                  {
3182                      $tids = getids($mybb->get_input('searchid'), 'search');
3183                  }
3184                  else
3185                  {
3186                      $tids = getids($fid, "forum");
3187                  }
3188                  if(count($tids) < 1)
3189                  {
3190                      error($lang->error_inline_nopostsselected, $lang->error);
3191                  }
3192                  if(!is_moderator_by_tids($tids, "canusecustomtools"))
3193                  {
3194                      error_no_permission();
3195                  }
3196  
3197                  $thread_options = my_unserialize($tool['threadoptions']);
3198                  if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f")
3199                  {
3200                      error($lang->error_movetocategory, $lang->error);
3201                  }
3202  
3203                  $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids);
3204                   $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
3205                  log_moderator_action($modlogdata, $lang->custom_tool);
3206                  if($mybb->get_input('inlinetype') == 'search')
3207                  {
3208                      clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
3209                      $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']);
3210                      $return_url = htmlspecialchars_uni($mybb->get_input('url'));
3211                      moderation_redirect($return_url, $lang->redirect_customtool_search);
3212                  }
3213                  else
3214                  {
3215                      clearinline($fid, "forum");
3216                      $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
3217                      redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
3218                  }
3219                  break;
3220              }
3221              elseif($tool['type'] == 't' && $mybb->get_input('modtype') == 'thread')
3222              {
3223                  if(!is_moderator_by_tids($tid, "canusecustomtools"))
3224                  {
3225                      error_no_permission();
3226                  }
3227  
3228                  $thread_options = my_unserialize($tool['threadoptions']);
3229                  if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f")
3230                  {
3231                      error($lang->error_movetocategory, $lang->error);
3232                  }
3233  
3234                  $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tid);
3235                   $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
3236                  log_moderator_action($modlogdata, $lang->custom_tool);
3237                  if($ret == 'forum')
3238                  {
3239                      $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
3240                      moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
3241                  }
3242                  else
3243                  {
3244                      $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']);
3245                      moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_customtool_thread);
3246                  }
3247                  break;
3248              }
3249              elseif($tool['type'] == 'p' && $mybb->get_input('modtype') == 'inlinepost')
3250              {
3251                  if($mybb->get_input('inlinetype') == 'search')
3252                  {
3253                      $pids = getids($mybb->get_input('searchid'), 'search');
3254                  }
3255                  else
3256                  {
3257                      $pids = getids($tid, 'thread');
3258                  }
3259  
3260                  if(count($pids) < 1)
3261                  {
3262                      error($lang->error_inline_nopostsselected, $lang->error);
3263                  }
3264                  if(!is_moderator_by_pids($pids, "canusecustomtools"))
3265                  {
3266                      error_no_permission();
3267                  }
3268  
3269                  // Get threads which are associated with the posts
3270                  $tids = array();
3271                  $options = array(
3272                      'order_by' => 'dateline, pid',
3273                  );
3274                  $query = $db->simple_select("posts", "DISTINCT tid, dateline", "pid IN (".implode(',',$pids).")", $options);
3275                  while($row = $db->fetch_array($query))
3276                  {
3277                      $tids[] = $row['tid'];
3278                  }
3279  
3280                  $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids, $pids);
3281                   $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
3282                  log_moderator_action($modlogdata, $lang->custom_tool);
3283                  if($mybb->get_input('inlinetype') == 'search')
3284                  {
3285                      clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search');
3286                      $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']);
3287                      $return_url = htmlspecialchars_uni($mybb->get_input('url'));
3288                      moderation_redirect($return_url, $lang->redirect_customtool_search);
3289                  }
3290                  else
3291                  {
3292                      clearinline($tid, 'thread');
3293                      if($ret == 'forum')
3294                      {
3295                          $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
3296                          moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
3297                      }
3298                      else
3299                      {
3300                          $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']);
3301                          moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread);
3302                      }
3303                  }
3304  
3305                  break;
3306              }
3307          }
3308          error_no_permission();
3309          break;
3310  }
3311  
3312  /**
3313   * Some little handy functions for our inline moderation
3314   *
3315   * @param int $id
3316   * @param string $type
3317   *
3318   * @return array
3319   */
3320  function getids($id, $type)
3321  {
3322      global $mybb;
3323  
3324      $newids = array();
3325      $cookie = "inlinemod_".$type.$id;
3326      if(isset($mybb->cookies[$cookie]))
3327      {
3328          $cookie_ids = explode("|", $mybb->cookies[$cookie]);
3329  
3330          foreach($cookie_ids as $cookie_id)
3331          {
3332              if(empty($cookie_id))
3333              {
3334                  continue;
3335              }
3336  
3337              if($cookie_id == 'ALL')
3338              {
3339                  $newids += getallids($id, $type);
3340              }
3341              else
3342              {
3343                  $newids[] = (int)$cookie_id;
3344              }
3345          }
3346      }
3347  
3348      return $newids;
3349  }
3350  
3351  /**
3352   * @param int $id
3353   * @param string $type
3354   *
3355   * @return array
3356   */
3357  function getallids($id, $type)
3358  {
3359      global $db, $mybb;
3360  
3361      $ids = array();
3362  
3363      // Get any removed threads (after our user hit 'all')
3364      $removed_ids = array();
3365      $cookie = "inlinemod_".$type.$id."_removed";
3366      if(isset($mybb->cookies[$cookie]))
3367      {
3368          $removed_ids = explode("|", $mybb->cookies[$cookie]);
3369  
3370          if(!is_array($removed_ids))
3371          {
3372              $removed_ids = array();
3373          }
3374      }
3375  
3376      // "Select all Threads in this forum" only supported by forumdisplay and search
3377      if($type == 'forum')
3378      {
3379          $query = $db->simple_select("threads", "tid", "fid='".(int)$id."'");
3380          while($tid = $db->fetch_field($query, "tid"))
3381          {
3382              if(in_array($tid, $removed_ids))
3383              {
3384                  continue;
3385              }
3386  
3387              $ids[] = $tid;
3388          }
3389      }
3390      elseif($type == 'search')
3391      {
3392          $query = $db->simple_select("searchlog", "resulttype, posts, threads", "sid='".$db->escape_string($id)."' AND uid='{$mybb->user['uid']}'", 1);
3393          $searchlog = $db->fetch_array($query);
3394          if($searchlog['resulttype'] == 'posts')
3395          {
3396              $ids = explode(',', $searchlog['posts']);
3397          }
3398          else
3399          {
3400              $ids = explode(',', $searchlog['threads']);
3401          }
3402  
3403          if(is_array($ids))
3404          {
3405              foreach($ids as $key => $tid)
3406              {
3407                  if(in_array($tid, $removed_ids))
3408                  {
3409                      unset($ids[$key]);
3410                  }
3411              }
3412          }
3413      }
3414  
3415      return $ids;
3416  }
3417  
3418  /**
3419   * @param int $id
3420   * @param string $type
3421   */
3422  function clearinline($id, $type)
3423  {
3424      my_unsetcookie("inlinemod_".$type.$id);
3425      my_unsetcookie("inlinemod_{$type}{$id}_removed");
3426  }
3427  
3428  /**
3429   * @param int $id
3430   * @param string $type
3431   */
3432  function extendinline($id, $type)
3433  {
3434      my_setcookie("inlinemod_{$type}{$id}", '', TIME_NOW+3600);
3435      my_setcookie("inlinemod_{$type}{$id}_removed", '', TIME_NOW+3600);
3436  }
3437  
3438  /**
3439   * Checks if the current user is a moderator of all the posts specified
3440   *
3441   * Note: If no posts are specified, this function will return true.  It is the
3442   * responsibility of the calling script to error-check this case if necessary.
3443   *
3444   * @param array $posts Array of post IDs
3445   * @param string $permission Permission to check
3446   * @return bool True if moderator of all; false otherwise
3447   */
3448  function is_moderator_by_pids($posts, $permission='')
3449  {
3450      global $db, $mybb;
3451  
3452      // Speedy determination for supermods/admins and guests
3453      if($mybb->usergroup['issupermod'])
3454      {
3455          return true;
3456      }
3457      elseif(!$mybb->user['uid'])
3458      {
3459          return false;
3460      }
3461      // Make an array of threads if not an array
3462      if(!is_array($posts))
3463      {
3464          $posts = array($posts);
3465      }
3466      // Validate input
3467      $posts = array_map('intval', $posts);
3468      $posts[] = 0;
3469      // Get forums
3470      $posts_string = implode(',', $posts);
3471      $query = $db->simple_select("posts", "DISTINCT fid", "pid IN ($posts_string)");
3472      while($forum = $db->fetch_array($query))
3473      {
3474          if(!is_moderator($forum['fid'], $permission))
3475          {
3476              return false;
3477          }
3478      }
3479      return true;
3480  }
3481  
3482  /**
3483   * Checks if the current user is a moderator of all the threads specified
3484   *
3485   * Note: If no threads are specified, this function will return true.  It is the
3486   * responsibility of the calling script to error-check this case if necessary.
3487   *
3488   * @param array $threads Array of thread IDs
3489   * @param string $permission Permission to check
3490   * @return bool True if moderator of all; false otherwise
3491   */
3492  function is_moderator_by_tids($threads, $permission='')
3493  {
3494      global $db, $mybb;
3495  
3496      // Speedy determination for supermods/admins and guests
3497      if($mybb->usergroup['issupermod'])
3498      {
3499          return true;
3500      }
3501      elseif(!$mybb->user['uid'])
3502      {
3503          return false;
3504      }
3505      // Make an array of threads if not an array
3506      if(!is_array($threads))
3507      {
3508          $threads = array($threads);
3509      }
3510      // Validate input
3511      $threads = array_map('intval', $threads);
3512      $threads[] = 0;
3513      // Get forums
3514      $threads_string = implode(',', $threads);
3515      $query = $db->simple_select("threads", "DISTINCT fid", "tid IN ($threads_string)");
3516      while($forum = $db->fetch_array($query))
3517      {
3518          if(!is_moderator($forum['fid'], $permission))
3519          {
3520              return false;
3521          }
3522      }
3523      return true;
3524  }
3525  
3526  /**
3527   * Special redirect that takes a return URL into account
3528   * @param string $url URL
3529   * @param string $message Message
3530   * @param string $title Title
3531   */
3532  function moderation_redirect($url, $message="", $title="")
3533  {
3534      global $mybb;
3535      if(!empty($mybb->input['url']))
3536      {
3537          $url = htmlentities($mybb->input['url']);
3538      }
3539  
3540      if(my_strpos($url, $mybb->settings['bburl'].'/') !== 0)
3541      {
3542          if(my_strpos($url, '/') === 0)
3543          {
3544              $url = my_substr($url, 1);
3545          }
3546          $url_segments = explode('/', $url);
3547          $url = $mybb->settings['bburl'].'/'.end($url_segments);
3548      }
3549  
3550      redirect($url, $message, $title);
3551  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref