[ Index ] |
PHP Cross Reference of MyBB 1.8.36 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'moderation.php'); 13 14 $templatelist = "changeuserbox,loginbox,moderation_delayedmoderation_custommodtool,moderation_delayedmodaction_notes,moderation_delayedmoderation_merge,moderation_delayedmoderation_move,moderation_threadnotes"; 15 $templatelist .= ",moderation_delayedmoderation,moderation_deletethread,moderation_deletepoll,moderation_mergeposts_post,moderation_viewthreadnotes,moderation_confirmation,moderation_purgespammer,forumjump_bit"; 16 $templatelist .= ",moderation_move,moderation_threadnotes_modaction,moderation_threadnotes_delayedmodaction,moderation_getip_modoptions,moderation_getip,moderation_getpmip,moderation_getpmip_modal"; 17 $templatelist .= ",moderation_split_post,moderation_inline_deletethreads,moderation_inline_movethreads,moderation_inline_deleteposts,moderation_inline_mergeposts,moderation_threadnotes_modaction_error"; 18 $templatelist .= ",moderation_inline_splitposts,forumjump_special,forumjump_advanced,forumdisplay_password_wrongpass,forumdisplay_password,moderation_inline_moveposts,moderation_delayedmodaction_error"; 19 $templatelist .= ",moderation_delayedmodaction_notes_thread_single,moderation_delayedmodaction_notes_thread_multiple,moderation_delayedmodaction_notes_forum,moderation_delayedmodaction_notes_new_forum"; 20 $templatelist .= ",moderation_delayedmodaction_notes_redirect,moderation_delayedmodaction_notes_merge,moderation_delayedmoderation_thread,moderation_threadnotes_modaction_thread,moderation_getip_modal"; 21 $templatelist .= ",moderation_delayedmoderation_date_day,moderation_delayedmoderation_date_month,moderation_threadnotes_modaction_post,moderation_merge,moderation_split,moderation_threadnotes_modaction_forum"; 22 $templatelist .= ",moderation_delayedmoderation_openclose,moderation_delayedmoderation_softdeleterestore,moderation_delayedmoderation_delete,moderation_delayedmoderation_stick,moderation_delayedmoderation_approve"; 23 24 require_once "./global.php"; 25 require_once MYBB_ROOT."inc/functions_post.php"; 26 require_once MYBB_ROOT."inc/functions_upload.php"; 27 require_once MYBB_ROOT."inc/class_parser.php"; 28 $parser = new postParser; 29 require_once MYBB_ROOT."inc/class_moderation.php"; 30 $moderation = new Moderation; 31 32 // Load global language phrases 33 $lang->load("moderation"); 34 35 $plugins->run_hooks("moderation_start"); 36 37 $tid = $mybb->get_input('tid', MyBB::INPUT_INT); 38 $pid = $mybb->get_input('pid', MyBB::INPUT_INT); 39 $fid = $mybb->get_input('fid', MyBB::INPUT_INT); 40 $pmid = $mybb->get_input('pmid', MyBB::INPUT_INT); 41 $modal = $mybb->get_input('modal', MyBB::INPUT_INT); 42 43 if($pid) 44 { 45 $post = get_post($pid); 46 if(!$post) 47 { 48 error($lang->error_invalidpost, $lang->error); 49 } 50 $tid = $post['tid']; 51 } 52 53 if($tid) 54 { 55 $thread = get_thread($tid); 56 if(!$thread) 57 { 58 error($lang->error_invalidthread, $lang->error); 59 } 60 $fid = $thread['fid']; 61 } 62 63 if($fid) 64 { 65 $modlogdata['fid'] = $fid; 66 $forum = get_forum($fid); 67 68 // Make navigation 69 build_forum_breadcrumb($fid); 70 71 // Get our permissions all nice and setup 72 $permissions = forum_permissions($fid); 73 } 74 75 if($pmid > 0) 76 { 77 $query = $db->simple_select('privatemessages', 'uid, subject, ipaddress, fromid', "pmid = $pmid"); 78 79 $pm = $db->fetch_array($query); 80 81 if(!$pm) 82 { 83 error($lang->error_invalidpm, $lang->error); 84 } 85 } 86 87 // Get some navigation if we need it 88 $mybb->input['action'] = $mybb->get_input('action'); 89 switch($mybb->input['action']) 90 { 91 case "reports": 92 add_breadcrumb($lang->reported_posts); 93 break; 94 case "allreports": 95 add_breadcrumb($lang->all_reported_posts); 96 break; 97 98 } 99 100 if(isset($thread)) 101 { 102 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 103 add_breadcrumb($thread['subject'], get_thread_link($thread['tid'])); 104 $modlogdata['tid'] = $thread['tid']; 105 } 106 107 if(isset($forum)) 108 { 109 // Check if this forum is password protected and we have a valid password 110 check_forum_password($forum['fid']); 111 } 112 113 $log_multithreads_actions = array("do_multideletethreads", "multiclosethreads", "multiopenthreads", "multiapprovethreads", "multiunapprovethreads", "multirestorethreads", "multisoftdeletethreads","multistickthreads", "multiunstickthreads", "do_multimovethreads"); 114 if(in_array($mybb->input['action'], $log_multithreads_actions)) 115 { 116 if(!empty($mybb->input['searchid'])) 117 { 118 $tids = getids($mybb->get_input('searchid'), 'search'); 119 } 120 else 121 { 122 $tids = getids($fid, 'forum'); 123 } 124 125 $modlogdata['tids'] = (array)$tids; 126 127 unset($tids); 128 } 129 130 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 131 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 132 133 $allowable_moderation_actions = array("getip", "getpmip", "cancel_delayedmoderation", "delayedmoderation", "threadnotes", "purgespammer", "viewthreadnotes"); 134 135 if($mybb->request_method != "post" && !in_array($mybb->input['action'], $allowable_moderation_actions)) 136 { 137 error_no_permission(); 138 } 139 140 // Begin! 141 switch($mybb->input['action']) 142 { 143 // Delayed Moderation 144 case "cancel_delayedmoderation": 145 // Verify incoming POST request 146 verify_post_check($mybb->get_input('my_post_key')); 147 148 add_breadcrumb($lang->delayed_moderation); 149 if(!is_moderator($fid, "canmanagethreads")) 150 { 151 error_no_permission(); 152 } 153 154 $plugins->run_hooks('moderation_cancel_delayedmoderation'); 155 156 $db->delete_query("delayedmoderation", "did='".$mybb->get_input('did', MyBB::INPUT_INT)."'"); 157 158 if($tid == 0) 159 { 160 moderation_redirect(get_forum_link($fid), $lang->redirect_delayed_moderation_cancelled); 161 } 162 else 163 { 164 moderation_redirect("moderation.php?action=delayedmoderation&tid={$tid}&my_post_key={$mybb->post_code}", $lang->redirect_delayed_moderation_cancelled); 165 } 166 break; 167 case "do_delayedmoderation": 168 case "delayedmoderation": 169 // Verify incoming POST request 170 verify_post_check($mybb->get_input('my_post_key')); 171 172 $localized_time_offset = $mybb->user['timezone']*3600 + $mybb->user['dst']*3600; 173 174 if(!$mybb->get_input('date_day', MyBB::INPUT_INT)) 175 { 176 $mybb->input['date_day'] = gmdate('d', TIME_NOW + $localized_time_offset); 177 } 178 if(!$mybb->get_input('date_month', MyBB::INPUT_INT)) 179 { 180 $mybb->input['date_month'] = gmdate('m', TIME_NOW + $localized_time_offset); 181 } 182 183 // Assume in-line moderation if TID is not set 184 if(!empty($mybb->input['tid'])) 185 { 186 $mybb->input['tids'] = $tid; 187 } 188 else 189 { 190 if($mybb->get_input('inlinetype') == 'search') 191 { 192 $tids = getids($mybb->get_input('searchid'), 'search'); 193 } 194 else 195 { 196 $fid = $mybb->get_input('fid', MyBB::INPUT_INT); 197 $tids = getids($fid, "forum"); 198 } 199 if(count($tids) < 1) 200 { 201 error($lang->error_inline_nothreadsselected, $lang->error); 202 } 203 204 $mybb->input['tids'] = $tids; 205 } 206 207 add_breadcrumb($lang->delayed_moderation); 208 209 if(!is_moderator($fid, "canmanagethreads")) 210 { 211 error_no_permission(); 212 } 213 214 $errors = array(); 215 $customthreadtools = ""; 216 217 $allowed_types = array('move', 'merge', 'removeredirects', 'removesubscriptions'); 218 219 if(is_moderator($fid, "canopenclosethreads")) 220 { 221 $allowed_types[] = "openclosethread"; 222 } 223 224 if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads")) 225 { 226 $allowed_types[] = "softdeleterestorethread"; 227 } 228 229 if(is_moderator($fid, "candeletethreads")) 230 { 231 $allowed_types[] = "deletethread"; 232 } 233 234 if(is_moderator($fid, "canstickunstickthreads")) 235 { 236 $allowed_types[] = "stick"; 237 } 238 239 if(is_moderator($fid, "canapproveunapprovethreads")) 240 { 241 $allowed_types[] = "approveunapprovethread"; 242 } 243 244 $mybb->input['type'] = $mybb->get_input('type'); 245 246 if(is_moderator($fid, "canusecustomtools")) 247 { 248 switch($db->type) 249 { 250 case "pgsql": 251 case "sqlite": 252 $query = $db->simple_select("modtools", 'tid, name, `groups`', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 253 break; 254 default: 255 $query = $db->simple_select("modtools", 'tid, name, `groups`', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 256 } 257 while($tool = $db->fetch_array($query)) 258 { 259 if(is_member($tool['groups'])) 260 { 261 $allowed_types[] = "modtool_".$tool['tid']; 262 263 $tool['name'] = htmlspecialchars_uni($tool['name']); 264 265 $checked = ""; 266 if($mybb->input['type'] == "modtool_".$tool['tid']) 267 { 268 $checked = "checked=\"checked\""; 269 } 270 271 eval("\$customthreadtools .= \"".$templates->get("moderation_delayedmoderation_custommodtool")."\";"); 272 } 273 } 274 } 275 276 $mybb->input['delayedmoderation'] = $mybb->get_input('delayedmoderation', MyBB::INPUT_ARRAY); 277 278 if($mybb->input['action'] == "do_delayedmoderation" && $mybb->request_method == "post") 279 { 280 if(!in_array($mybb->input['type'], $allowed_types)) 281 { 282 $mybb->input['type'] = ''; 283 $errors[] = $lang->error_delayedmoderation_unsupported_type; 284 } 285 286 if($mybb->input['type'] == 'move' && (!isset($mybb->input['delayedmoderation']['method']) || !in_array($mybb->input['delayedmoderation']['method'], array('move', 'redirect', 'copy')))) 287 { 288 $mybb->input['delayedmoderation']['method'] = ''; 289 $errors[] = $lang->error_delayedmoderation_unsupported_method; 290 } 291 292 if($mybb->input['type'] == 'move') 293 { 294 $newfid = (int)$mybb->input['delayedmoderation']['new_forum']; 295 296 // Make sure moderator has permission to move to the new forum 297 $newperms = forum_permissions($newfid); 298 if($newperms['canview'] == 0 || !is_moderator($newfid, 'canmovetononmodforum')) 299 { 300 $errors[] = $lang->error_movetononmodforum; 301 } 302 303 $newforum = get_forum($newfid); 304 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 305 { 306 $errors[] = $lang->error_invalidforum; 307 } 308 309 $method = $mybb->input['delayedmoderation']['method']; 310 if($method != "copy" && $fid == $newfid) 311 { 312 $errors[] = $lang->error_movetosameforum; 313 } 314 } 315 316 if($mybb->input['date_day'] > 31 || $mybb->input['date_day'] < 1) 317 { 318 $errors[] = $lang->error_delayedmoderation_invalid_date_day; 319 } 320 321 if($mybb->input['date_month'] > 12 || $mybb->input['date_month'] < 1) 322 { 323 $errors[] = $lang->error_delayedmoderation_invalid_date_month; 324 } 325 326 if($mybb->input['date_year'] < gmdate('Y', TIME_NOW + $localized_time_offset)) 327 { 328 $errors[] = $lang->error_delayedmoderation_invalid_date_year; 329 } 330 331 $date_time = explode(' ', $mybb->get_input('date_time')); 332 $date_time = explode(':', (string)$date_time[0]); 333 334 if(stristr($mybb->input['date_time'], 'pm')) 335 { 336 $date_time[0] = 12+$date_time[0]; 337 if($date_time[0] >= 24) 338 { 339 $date_time[0] = '00'; 340 } 341 } 342 343 $rundate = gmmktime((int)$date_time[0], (int)$date_time[1], date('s', TIME_NOW), $mybb->get_input('date_month', MyBB::INPUT_INT), $mybb->get_input('date_day', MyBB::INPUT_INT), $mybb->get_input('date_year', MyBB::INPUT_INT)) - $localized_time_offset; 344 345 if(!$errors) 346 { 347 if(is_array($mybb->input['tids'])) 348 { 349 $mybb->input['tids'] = implode(',', $mybb->input['tids']); 350 } 351 352 $did = $db->insert_query("delayedmoderation", array( 353 'type' => $db->escape_string($mybb->input['type']), 354 'delaydateline' => (int)$rundate, 355 'uid' => $mybb->user['uid'], 356 'tids' => $db->escape_string($mybb->input['tids']), 357 'fid' => $fid, 358 'dateline' => TIME_NOW, 359 'inputs' => $db->escape_string(my_serialize($mybb->input['delayedmoderation'])) 360 )); 361 362 $plugins->run_hooks('moderation_do_delayedmoderation'); 363 364 $rundate_format = my_date('relative', $rundate, '', 2); 365 $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, $rundate_format); 366 367 if(!empty($mybb->input['tid'])) 368 { 369 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread); 370 } 371 else 372 { 373 if($mybb->get_input('inlinetype') == 'search') 374 { 375 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $rundate_format)); 376 } 377 else 378 { 379 moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $rundate_format)); 380 } 381 } 382 } 383 else 384 { 385 $type_selected = array(); 386 foreach($allowed_types as $type) 387 { 388 $type_selected[$type] = ''; 389 } 390 $type_selected[$mybb->get_input('type')] = "checked=\"checked\""; 391 $method_selected = array('move' => '', 'redirect' => '', 'copy' => ''); 392 if(isset($mybb->input['delayedmoderation']['method'])) 393 { 394 $method_selected[$mybb->input['delayedmoderation']['method']] = "checked=\"checked\""; 395 } 396 397 foreach(array('redirect_expire', 'new_forum', 'subject', 'threadurl') as $value) 398 { 399 if(!isset($mybb->input['delayedmoderation'][$value])) 400 { 401 $mybb->input['delayedmoderation'][$value] = ''; 402 } 403 } 404 $mybb->input['delayedmoderation']['redirect_expire'] = (int)$mybb->input['delayedmoderation']['redirect_expire']; 405 $mybb->input['delayedmoderation']['new_forum'] = (int)$mybb->input['delayedmoderation']['new_forum']; 406 $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']); 407 $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']); 408 409 $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]"); 410 } 411 } 412 else 413 { 414 $type_selected = array(); 415 foreach($allowed_types as $type) 416 { 417 $type_selected[$type] = ''; 418 } 419 $type_selected['openclosethread'] = "checked=\"checked\""; 420 $method_selected = array('move' => 'checked="checked"', 'redirect' => '', 'copy' => ''); 421 422 $mybb->input['delayedmoderation']['redirect_expire'] = ''; 423 $mybb->input['delayedmoderation']['subject'] = isset($thread['subject']) ? $thread['subject'] : ''; 424 $mybb->input['delayedmoderation']['threadurl'] = ''; 425 426 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]"); 427 } 428 429 if(isset($errors) && count($errors) > 0) 430 { 431 $display_errors = inline_error($errors); 432 } 433 else 434 { 435 $display_errors = ''; 436 } 437 438 $forum_cache = $cache->read("forums"); 439 440 $actions = array( 441 'openclosethread' => $lang->open_close_thread, 442 'softdeleterestorethread' => $lang->softdelete_restore_thread, 443 'deletethread' => $lang->delete_thread, 444 'move' => $lang->move_copy_thread, 445 'stick' => $lang->stick_unstick_thread, 446 'merge' => $lang->merge_threads, 447 'removeredirects' => $lang->remove_redirects, 448 'removesubscriptions' => $lang->remove_subscriptions, 449 'approveunapprovethread' => $lang->approve_unapprove_thread 450 ); 451 452 switch($db->type) 453 { 454 case "pgsql": 455 case "sqlite": 456 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 457 break; 458 default: 459 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 460 } 461 while($tool = $db->fetch_array($query)) 462 { 463 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 464 } 465 466 $delayedmods = ''; 467 $trow = alt_trow(1); 468 if($tid == 0) 469 { 470 // Inline thread moderation is used 471 if($mybb->get_input('inlinetype') == 'search') 472 { 473 $tids = getids($mybb->get_input('searchid'), 'search'); 474 } 475 else 476 { 477 $tids = getids($fid, "forum"); 478 } 479 $where_array = array(); 480 switch($db->type) 481 { 482 case "pgsql": 483 case "sqlite": 484 foreach($tids as $like) 485 { 486 $where_array[] = "','||d.tids||',' LIKE '%,".$db->escape_string($like).",%'"; 487 } 488 $where_statement = implode(" OR ", $where_array); 489 break; 490 default: 491 foreach($tids as $like) 492 { 493 $where_array[] = "CONCAT(',',d.tids,',') LIKE '%,".$db->escape_string($like).",%'"; 494 } 495 $where_statement = implode(" OR ", $where_array); 496 } 497 $query = $db->query(" 498 SELECT d.*, u.username, f.name AS fname 499 FROM ".TABLE_PREFIX."delayedmoderation d 500 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 501 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 502 WHERE ".$where_statement." 503 ORDER BY d.dateline DESC 504 LIMIT 0, 20 505 "); 506 } 507 else 508 { 509 switch($db->type) 510 { 511 case "pgsql": 512 case "sqlite": 513 $query = $db->query(" 514 SELECT d.*, u.username, f.name AS fname 515 FROM ".TABLE_PREFIX."delayedmoderation d 516 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 517 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 518 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 519 ORDER BY d.dateline DESC 520 LIMIT 0, 20 521 "); 522 break; 523 default: 524 $query = $db->query(" 525 SELECT d.*, u.username, f.name AS fname 526 FROM ".TABLE_PREFIX."delayedmoderation d 527 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 528 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 529 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 530 ORDER BY d.dateline DESC 531 LIMIT 0, 20 532 "); 533 } 534 } 535 536 while($delayedmod = $db->fetch_array($query)) 537 { 538 $delayedmod['dateline'] = my_date('normal', $delayedmod['delaydateline'], "", 2); 539 $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']); 540 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 541 $delayedmod['action'] = $actions[$delayedmod['type']]; 542 $info = ''; 543 if(strpos($delayedmod['tids'], ',') === false) 544 { 545 $delayed_thread = get_thread($delayedmod['tids']); 546 $delayed_thread['link'] = get_thread_link($delayed_thread['tid']); 547 $delayed_thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($delayed_thread['subject'])); 548 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";"); 549 } 550 else 551 { 552 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";"); 553 } 554 555 if($delayedmod['fname']) 556 { 557 $delayedmod['link'] = get_forum_link($delayedmod['fid']); 558 $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']); 559 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";"); 560 } 561 $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']); 562 563 if($delayedmod['type'] == 'move') 564 { 565 $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']); 566 $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']); 567 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";"); 568 569 if($delayedmod['inputs']['method'] == "redirect") 570 { 571 if((int)$delayedmod['inputs']['redirect_expire'] == 0) 572 { 573 $redirect_expire_bit = $lang->redirect_forever; 574 } 575 else 576 { 577 $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}"; 578 } 579 580 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";"); 581 } 582 } 583 elseif($delayedmod['type'] == 'merge') 584 { 585 $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']); 586 $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']); 587 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";"); 588 } 589 590 eval("\$delayedmods .= \"".$templates->get("moderation_delayedmodaction_notes")."\";"); 591 $trow = alt_trow(); 592 } 593 if(!$delayedmods) 594 { 595 $cols = 5; 596 eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";"); 597 } 598 599 $url = ''; 600 if($mybb->get_input('tid', MyBB::INPUT_INT)) 601 { 602 $lang->threads = $lang->thread; 603 $thread['link'] = get_thread_link($tid); 604 $delayedmoderation_subject = $mybb->input['delayedmoderation']['subject']; 605 $delayedmoderation_threadurl = $mybb->input['delayedmoderation']['threadurl']; 606 eval("\$threads = \"".$templates->get("moderation_delayedmoderation_thread")."\";"); 607 eval("\$moderation_delayedmoderation_merge = \"".$templates->get("moderation_delayedmoderation_merge")."\";"); 608 } 609 else 610 { 611 if($mybb->get_input('inlinetype') == 'search') 612 { 613 $tids = getids($mybb->get_input('searchid'), 'search'); 614 $url = htmlspecialchars_uni($mybb->get_input('url')); 615 } 616 else 617 { 618 $tids = getids($fid, "forum"); 619 } 620 if(count($tids) < 1) 621 { 622 error($lang->error_inline_nothreadsselected, $lang->error); 623 } 624 625 $threads = $lang->sprintf($lang->threads_selected, count($tids)); 626 $moderation_delayedmoderation_merge = ''; 627 } 628 $redirect_expire = $mybb->get_input('redirect_expire'); 629 eval("\$moderation_delayedmoderation_move = \"".$templates->get("moderation_delayedmoderation_move")."\";"); 630 631 // Generate form elements for date form 632 $dateday = ''; 633 for($day = 1; $day <= 31; ++$day) 634 { 635 $selected = ''; 636 if($mybb->get_input('date_day', MyBB::INPUT_INT) == $day) 637 { 638 $selected = ' selected="selected"'; 639 } 640 eval('$dateday .= "'.$templates->get('moderation_delayedmoderation_date_day').'";'); 641 } 642 643 $datemonth = array(); 644 foreach(array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12') as $month) 645 { 646 $datemonth[$month] = ''; 647 if($mybb->get_input('date_month', MyBB::INPUT_INT) == (int)$month) 648 { 649 $datemonth[$month] = ' selected="selected"'; 650 } 651 } 652 653 654 eval('$datemonth = "'.$templates->get('moderation_delayedmoderation_date_month').'";'); 655 656 $dateyear = gmdate('Y', TIME_NOW + $localized_time_offset); 657 $datetime = gmdate($mybb->settings['timeformat'], TIME_NOW + $localized_time_offset); 658 659 $openclosethread = ''; 660 if(is_moderator($fid, "canopenclosethreads")) 661 { 662 eval('$openclosethread = "'.$templates->get('moderation_delayedmoderation_openclose').'";'); 663 } 664 665 $softdeleterestorethread = ''; 666 if(is_moderator($fid, "cansoftdeletethreads") || is_moderator($fid, "canrestorethreads")) 667 { 668 eval('$softdeleterestorethread = "'.$templates->get('moderation_delayedmoderation_softdeleterestore').'";'); 669 } 670 671 $deletethread = ''; 672 if(is_moderator($fid, "candeletethreads")) 673 { 674 eval('$deletethread = "'.$templates->get('moderation_delayedmoderation_delete').'";'); 675 } 676 677 $stickunstickthread = ''; 678 if(is_moderator($fid, "canstickunstickthreads")) 679 { 680 eval('$stickunstickthread = "'.$templates->get('moderation_delayedmoderation_stick').'";'); 681 } 682 683 $approveunapprovethread = ''; 684 if(is_moderator($fid, "canapproveunapprovethreads")) 685 { 686 eval('$approveunapprovethread = "'.$templates->get('moderation_delayedmoderation_approve').'";'); 687 } 688 689 $plugins->run_hooks("moderation_delayedmoderation"); 690 691 eval("\$delayedmoderation = \"".$templates->get("moderation_delayedmoderation")."\";"); 692 output_page($delayedmoderation); 693 break; 694 // Open or close a thread 695 case "openclosethread": 696 // Verify incoming POST request 697 verify_post_check($mybb->get_input('my_post_key')); 698 699 if(!is_moderator($fid, "canopenclosethreads")) 700 { 701 error_no_permission(); 702 } 703 704 if($thread['visible'] == -1) 705 { 706 error($lang->error_thread_deleted, $lang->error); 707 } 708 709 if($thread['closed'] == 1) 710 { 711 $openclose = $lang->opened; 712 $redirect = $lang->redirect_openthread; 713 $moderation->open_threads($tid); 714 } 715 else 716 { 717 $openclose = $lang->closed; 718 $redirect = $lang->redirect_closethread; 719 $moderation->close_threads($tid); 720 } 721 722 $lang->mod_process = $lang->sprintf($lang->mod_process, $openclose); 723 724 log_moderator_action($modlogdata, $lang->mod_process); 725 726 moderation_redirect(get_thread_link($thread['tid']), $redirect); 727 break; 728 729 // Stick or unstick that post to the top bab! 730 case "stick": 731 // Verify incoming POST request 732 verify_post_check($mybb->get_input('my_post_key')); 733 734 if(!is_moderator($fid, "canstickunstickthreads")) 735 { 736 error_no_permission(); 737 } 738 739 if($thread['visible'] == -1) 740 { 741 error($lang->error_thread_deleted, $lang->error); 742 } 743 744 $plugins->run_hooks("moderation_stick"); 745 746 if($thread['sticky'] == 1) 747 { 748 $stuckunstuck = $lang->unstuck; 749 $redirect = $lang->redirect_unstickthread; 750 $moderation->unstick_threads($tid); 751 } 752 else 753 { 754 $stuckunstuck = $lang->stuck; 755 $redirect = $lang->redirect_stickthread; 756 $moderation->stick_threads($tid); 757 } 758 759 $lang->mod_process = $lang->sprintf($lang->mod_process, $stuckunstuck); 760 761 log_moderator_action($modlogdata, $lang->mod_process); 762 763 moderation_redirect(get_thread_link($thread['tid']), $redirect); 764 break; 765 766 // Remove redirects to a specific thread 767 case "removeredirects": 768 769 // Verify incoming POST request 770 verify_post_check($mybb->get_input('my_post_key')); 771 772 if(!is_moderator($fid, "canmanagethreads")) 773 { 774 error_no_permission(); 775 } 776 777 if($thread['visible'] == -1) 778 { 779 error($lang->error_thread_deleted, $lang->error); 780 } 781 782 $plugins->run_hooks("moderation_removeredirects"); 783 784 $moderation->remove_redirects($tid); 785 786 log_moderator_action($modlogdata, $lang->redirects_removed); 787 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_redirectsremoved); 788 break; 789 790 // Delete thread confirmation page 791 case "deletethread": 792 793 add_breadcrumb($lang->nav_deletethread); 794 795 if(!is_moderator($fid, "candeletethreads")) 796 { 797 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 798 { 799 error_no_permission(); 800 } 801 } 802 803 $plugins->run_hooks("moderation_deletethread"); 804 805 eval("\$deletethread = \"".$templates->get("moderation_deletethread")."\";"); 806 output_page($deletethread); 807 break; 808 809 // Delete the actual thread here 810 case "do_deletethread": 811 812 // Verify incoming POST request 813 verify_post_check($mybb->get_input('my_post_key')); 814 815 if(!is_moderator($fid, "candeletethreads")) 816 { 817 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 818 { 819 error_no_permission(); 820 } 821 } 822 823 $plugins->run_hooks("moderation_do_deletethread"); 824 825 // Log the subject of the deleted thread 826 $modlogdata['thread_subject'] = $thread['subject']; 827 828 $thread['subject'] = $db->escape_string($thread['subject']); 829 $lang->thread_deleted = $lang->sprintf($lang->thread_deleted, $thread['subject']); 830 log_moderator_action($modlogdata, $lang->thread_deleted); 831 832 $moderation->delete_thread($tid); 833 834 mark_reports($tid, "thread"); 835 moderation_redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 836 break; 837 838 // Delete the poll from a thread confirmation page 839 case "deletepoll": 840 add_breadcrumb($lang->nav_deletepoll); 841 842 if(!is_moderator($fid, "canmanagepolls")) 843 { 844 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 845 { 846 error_no_permission(); 847 } 848 } 849 850 $plugins->run_hooks("moderation_deletepoll"); 851 852 $query = $db->simple_select("polls", "pid", "tid='$tid'"); 853 $poll = $db->fetch_array($query); 854 if(!$poll) 855 { 856 error($lang->error_invalidpoll, $lang->error); 857 } 858 859 eval("\$deletepoll = \"".$templates->get("moderation_deletepoll")."\";"); 860 output_page($deletepoll); 861 break; 862 863 // Delete the actual poll here! 864 case "do_deletepoll": 865 866 // Verify incoming POST request 867 verify_post_check($mybb->get_input('my_post_key')); 868 869 if($thread['visible'] == -1) 870 { 871 error($lang->error_thread_deleted, $lang->error); 872 } 873 874 if(!isset($mybb->input['delete'])) 875 { 876 error($lang->redirect_pollnotdeleted); 877 } 878 if(!is_moderator($fid, "canmanagepolls")) 879 { 880 if($permissions['candeletethreads'] != 1 || $mybb->user['uid'] != $thread['uid']) 881 { 882 error_no_permission(); 883 } 884 } 885 $query = $db->simple_select("polls", "pid", "tid = $tid"); 886 $poll = $db->fetch_array($query); 887 if(!$poll) 888 { 889 error($lang->error_invalidpoll, $lang->error); 890 } 891 892 $plugins->run_hooks("moderation_do_deletepoll"); 893 894 $lang->poll_deleted = $lang->sprintf($lang->poll_deleted, $thread['subject']); 895 log_moderator_action($modlogdata, $lang->poll_deleted); 896 897 $moderation->delete_poll($poll['pid']); 898 899 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_polldeleted); 900 break; 901 902 // Approve a thread 903 case "approvethread": 904 905 // Verify incoming POST request 906 verify_post_check($mybb->get_input('my_post_key')); 907 908 if(!is_moderator($fid, "canapproveunapprovethreads")) 909 { 910 error_no_permission(); 911 } 912 913 if($thread['visible'] == -1) 914 { 915 error($lang->error_thread_deleted, $lang->error); 916 } 917 918 $thread = get_thread($tid); 919 920 $plugins->run_hooks("moderation_approvethread"); 921 922 $lang->thread_approved = $lang->sprintf($lang->thread_approved, $thread['subject']); 923 log_moderator_action($modlogdata, $lang->thread_approved); 924 925 $moderation->approve_threads($tid, $fid); 926 927 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadapproved); 928 break; 929 930 // Unapprove a thread 931 case "unapprovethread": 932 933 // Verify incoming POST request 934 verify_post_check($mybb->get_input('my_post_key')); 935 936 if(!is_moderator($fid, "canapproveunapprovethreads")) 937 { 938 error_no_permission(); 939 } 940 941 if($thread['visible'] == -1) 942 { 943 error($lang->error_thread_deleted, $lang->error); 944 } 945 946 $thread = get_thread($tid); 947 948 $plugins->run_hooks("moderation_unapprovethread"); 949 950 $lang->thread_unapproved = $lang->sprintf($lang->thread_unapproved, $thread['subject']); 951 log_moderator_action($modlogdata, $lang->thread_unapproved); 952 953 $moderation->unapprove_threads($tid); 954 955 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadunapproved); 956 break; 957 958 // Restore a thread 959 case "restorethread": 960 961 // Verify incoming POST request 962 verify_post_check($mybb->get_input('my_post_key')); 963 964 if(!is_moderator($fid, "canrestorethreads")) 965 { 966 error_no_permission(); 967 } 968 $thread = get_thread($tid); 969 970 $plugins->run_hooks("moderation_restorethread"); 971 972 $lang->thread_restored = $lang->sprintf($lang->thread_restored, $thread['subject']); 973 log_moderator_action($modlogdata, $lang->thread_restored); 974 975 $moderation->restore_threads($tid); 976 977 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadrestored); 978 break; 979 980 // Soft delete a thread 981 case "softdeletethread": 982 983 // Verify incoming POST request 984 verify_post_check($mybb->get_input('my_post_key')); 985 986 if(!is_moderator($fid, "cansoftdeletethreads")) 987 { 988 error_no_permission(); 989 } 990 $thread = get_thread($tid); 991 992 $plugins->run_hooks("moderation_softdeletethread"); 993 994 $lang->thread_soft_deleted = $lang->sprintf($lang->thread_soft_deleted, $thread['subject']); 995 log_moderator_action($modlogdata, $lang->thread_soft_deleted); 996 997 $moderation->soft_delete_threads($tid); 998 999 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadsoftdeleted); 1000 break; 1001 1002 // Move a thread 1003 case "move": 1004 add_breadcrumb($lang->nav_move); 1005 if(!is_moderator($fid, "canmanagethreads")) 1006 { 1007 error_no_permission(); 1008 } 1009 1010 if($thread['visible'] == -1) 1011 { 1012 error($lang->error_thread_deleted, $lang->error); 1013 } 1014 1015 $plugins->run_hooks("moderation_move"); 1016 1017 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 1018 eval("\$movethread = \"".$templates->get("moderation_move")."\";"); 1019 output_page($movethread); 1020 break; 1021 1022 // Let's get this thing moving! 1023 case "do_move": 1024 1025 // Verify incoming POST request 1026 verify_post_check($mybb->get_input('my_post_key')); 1027 1028 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 1029 $method = $mybb->get_input('method'); 1030 1031 if(!is_moderator($fid, "canmanagethreads")) 1032 { 1033 error_no_permission(); 1034 } 1035 1036 // Check if user has moderator permission to move to destination 1037 if(!is_moderator($moveto, "canmanagethreads") && !is_moderator($fid, "canmovetononmodforum")) 1038 { 1039 error_no_permission(); 1040 } 1041 1042 if($thread['visible'] == -1) 1043 { 1044 error($lang->error_thread_deleted, $lang->error); 1045 } 1046 1047 $newperms = forum_permissions($moveto); 1048 if($newperms['canview'] == 0 && !is_moderator($fid, "canmovetononmodforum")) 1049 { 1050 error($lang->error_movetononmodforum, $lang->error); 1051 } 1052 1053 $newforum = get_forum($moveto); 1054 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 1055 { 1056 error($lang->error_invalidforum, $lang->error); 1057 } 1058 if($method != "copy" && $thread['fid'] == $moveto) 1059 { 1060 error($lang->error_movetosameforum, $lang->error); 1061 } 1062 1063 $plugins->run_hooks('moderation_do_move'); 1064 1065 $expire = 0; 1066 if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0) 1067 { 1068 $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400); 1069 } 1070 1071 $the_thread = $tid; 1072 1073 $newtid = $moderation->move_thread($tid, $moveto, $method, $expire); 1074 1075 switch($method) 1076 { 1077 case "copy": 1078 log_moderator_action($modlogdata, $lang->thread_copied); 1079 break; 1080 default: 1081 case "move": 1082 case "redirect": 1083 log_moderator_action($modlogdata, $lang->thread_moved); 1084 break; 1085 } 1086 1087 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadmoved); 1088 break; 1089 1090 // Viewing thread notes 1091 case "viewthreadnotes": 1092 if(!is_moderator($fid)) 1093 { 1094 error_no_permission(); 1095 } 1096 1097 // Make sure we are looking at a real thread here. 1098 if(!$thread) 1099 { 1100 error($lang->error_nomember, $lang->error); 1101 } 1102 1103 $plugins->run_hooks('moderation_viewthreadnotes'); 1104 1105 $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $thread['subject']); 1106 1107 $thread['notes'] = nl2br(htmlspecialchars_uni($thread['notes'])); 1108 1109 eval("\$viewthreadnotes = \"".$templates->get("moderation_viewthreadnotes", 1, 0)."\";"); 1110 echo $viewthreadnotes; 1111 break; 1112 1113 // Thread notes editor 1114 case "threadnotes": 1115 add_breadcrumb($lang->nav_threadnotes); 1116 if(!is_moderator($fid, "canmanagethreads")) 1117 { 1118 error_no_permission(); 1119 } 1120 $thread['notes'] = htmlspecialchars_uni($parser->parse_badwords($thread['notes'])); 1121 $trow = alt_trow(1); 1122 1123 if(is_moderator($fid, "canviewmodlog")) 1124 { 1125 $query = $db->query(" 1126 SELECT l.*, u.username, t.subject AS tsubject, f.name AS fname, p.subject AS psubject 1127 FROM ".TABLE_PREFIX."moderatorlog l 1128 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) 1129 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) 1130 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) 1131 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) 1132 WHERE t.tid='$tid' 1133 ORDER BY l.dateline DESC 1134 LIMIT 0, 20 1135 "); 1136 $modactions = ''; 1137 while($modaction = $db->fetch_array($query)) 1138 { 1139 $modaction['dateline'] = my_date('relative', $modaction['dateline']); 1140 $modaction['username'] = htmlspecialchars_uni($modaction['username']); 1141 $modaction['profilelink'] = build_profile_link($modaction['username'], $modaction['uid']); 1142 $modaction['action'] = htmlspecialchars_uni($modaction['action']); 1143 $info = ''; 1144 if($modaction['tsubject']) 1145 { 1146 $modaction['tsubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['tsubject'])); 1147 $modaction['threadlink'] = get_thread_link($modaction['tid']); 1148 eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_thread")."\";"); 1149 } 1150 if($modaction['fname']) 1151 { 1152 $modaction['fname'] = htmlspecialchars_uni($modaction['fname']); 1153 $modaction['forumlink'] = get_forum_link($modaction['fid']); 1154 eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_forum")."\";"); 1155 } 1156 if($modaction['psubject']) 1157 { 1158 1159 $modaction['psubject'] = htmlspecialchars_uni($parser->parse_badwords($modaction['psubject'])); 1160 $modaction['postlink'] = get_post_link($modaction['pid']); 1161 eval("\$info .= \"".$templates->get("moderation_threadnotes_modaction_post")."\";"); 1162 } 1163 1164 eval("\$modactions .= \"".$templates->get("moderation_threadnotes_modaction")."\";"); 1165 $trow = alt_trow(); 1166 } 1167 if(!$modactions) 1168 { 1169 eval("\$modactions = \"".$templates->get("moderation_threadnotes_modaction_error")."\";"); 1170 } 1171 } 1172 1173 $actions = array( 1174 'openclosethread' => $lang->open_close_thread, 1175 'deletethread' => $lang->delete_thread, 1176 'move' => $lang->move_copy_thread, 1177 'stick' => $lang->stick_unstick_thread, 1178 'merge' => $lang->merge_threads, 1179 'removeredirects' => $lang->remove_redirects, 1180 'removesubscriptions' => $lang->remove_subscriptions, 1181 'approveunapprovethread' => $lang->approve_unapprove_thread 1182 ); 1183 1184 switch($db->type) 1185 { 1186 case "pgsql": 1187 case "sqlite": 1188 $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,$fid,%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); 1189 break; 1190 default: 1191 $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,$fid,%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); 1192 } 1193 while($tool = $db->fetch_array($query)) 1194 { 1195 $actions['modtool_'.$tool['tid']] = htmlspecialchars_uni($tool['name']); 1196 } 1197 1198 $forum_cache = $cache->read("forums"); 1199 1200 $trow = alt_trow(1); 1201 switch($db->type) 1202 { 1203 case "pgsql": 1204 case "sqlite": 1205 $query = $db->query(" 1206 SELECT d.*, u.username, f.name AS fname 1207 FROM ".TABLE_PREFIX."delayedmoderation d 1208 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1209 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1210 WHERE ','||d.tids||',' LIKE '%,{$tid},%' 1211 ORDER BY d.dateline DESC 1212 LIMIT 0, 20 1213 "); 1214 break; 1215 default: 1216 $query = $db->query(" 1217 SELECT d.*, u.username, f.name AS fname 1218 FROM ".TABLE_PREFIX."delayedmoderation d 1219 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=d.uid) 1220 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=d.fid) 1221 WHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%' 1222 ORDER BY d.dateline DESC 1223 LIMIT 0, 20 1224 "); 1225 } 1226 $delayedmods = ''; 1227 while($delayedmod = $db->fetch_array($query)) 1228 { 1229 $delayedmod['dateline'] = my_date('normal', $delayedmod['delaydateline'], "", 2); 1230 $delayedmod['username'] = htmlspecialchars_uni($delayedmod['username']); 1231 $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); 1232 $delayedmod['action'] = $actions[$delayedmod['type']]; 1233 $info = ''; 1234 if(strpos($delayedmod['tids'], ',') === false) 1235 { 1236 $delayed_thread['link'] = get_thread_link($delayedmod['tids']); 1237 $delayed_thread['subject'] = htmlspecialchars_uni($thread['subject']); 1238 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_single")."\";"); 1239 } 1240 else 1241 { 1242 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_thread_multiple")."\";"); 1243 } 1244 1245 if($delayedmod['fname']) 1246 { 1247 $delayedmod['link'] = get_forum_link($delayedmod['fid']); 1248 $delayedmod['fname'] = htmlspecialchars_uni($delayedmod['fname']); 1249 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_forum")."\";"); 1250 } 1251 $delayedmod['inputs'] = my_unserialize($delayedmod['inputs']); 1252 1253 if($delayedmod['type'] == 'move') 1254 { 1255 $delayedmod['link'] = get_forum_link($delayedmod['inputs']['new_forum']); 1256 $delayedmod['name'] = htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']); 1257 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_new_forum")."\";"); 1258 1259 if($delayedmod['inputs']['method'] == "redirect") 1260 { 1261 if((int)$delayedmod['inputs']['redirect_expire'] == 0) 1262 { 1263 $redirect_expire_bit = $lang->redirect_forever; 1264 } 1265 else 1266 { 1267 $redirect_expire_bit = (int)$delayedmod['inputs']['redirect_expire']." {$lang->days}"; 1268 } 1269 1270 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_redirect")."\";"); 1271 } 1272 } 1273 elseif($delayedmod['type'] == 'merge') 1274 { 1275 $delayedmod['subject'] = htmlspecialchars_uni($delayedmod['inputs']['subject']); 1276 $delayedmod['threadurl'] = htmlspecialchars_uni($delayedmod['inputs']['threadurl']); 1277 eval("\$info .= \"".$templates->get("moderation_delayedmodaction_notes_merge")."\";"); 1278 } 1279 1280 eval("\$delayedmods .= \"".$templates->get("moderation_threadnotes_delayedmodaction")."\";"); 1281 $trow = alt_trow(); 1282 } 1283 if(!$delayedmods) 1284 { 1285 $cols = 4; 1286 eval("\$delayedmods = \"".$templates->get("moderation_delayedmodaction_error")."\";"); 1287 } 1288 1289 $plugins->run_hooks("moderation_threadnotes"); 1290 1291 eval("\$threadnotes = \"".$templates->get("moderation_threadnotes")."\";"); 1292 output_page($threadnotes); 1293 break; 1294 1295 // Update the thread notes! 1296 case "do_threadnotes": 1297 1298 // Verify incoming POST request 1299 verify_post_check($mybb->get_input('my_post_key')); 1300 1301 if(!is_moderator($fid, "canmanagethreads")) 1302 { 1303 error_no_permission(); 1304 } 1305 1306 $plugins->run_hooks("moderation_do_threadnotes"); 1307 1308 log_moderator_action($modlogdata, $lang->thread_notes_edited); 1309 $sqlarray = array( 1310 "notes" => $db->escape_string($mybb->get_input('threadnotes')), 1311 ); 1312 $db->update_query("threads", $sqlarray, "tid='$tid'"); 1313 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_threadnotesupdated); 1314 break; 1315 1316 // Let's look up the ip address of a post 1317 case "getip": 1318 add_breadcrumb($lang->nav_getip); 1319 if(!is_moderator($fid, "canviewips")) 1320 { 1321 error_no_permission(); 1322 } 1323 1324 $post['ipaddress'] = my_inet_ntop($db->unescape_binary($post['ipaddress'])); 1325 $hostname = @gethostbyaddr($post['ipaddress']); 1326 if(!$hostname || $hostname == $post['ipaddress']) 1327 { 1328 $hostname = $lang->resolve_fail; 1329 } 1330 1331 $post['username'] = htmlspecialchars_uni($post['username']); 1332 $username = build_profile_link($post['username'], $post['uid']); 1333 1334 // Moderator options 1335 $modoptions = ""; 1336 if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1) 1337 { 1338 $ipaddress = $post['ipaddress']; 1339 eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";"); 1340 } 1341 1342 $plugins->run_hooks('moderation_getip'); 1343 1344 if($modal) 1345 { 1346 eval("\$getip = \"".$templates->get("moderation_getip_modal", 1, 0)."\";"); 1347 echo $getip; 1348 exit; 1349 } 1350 else 1351 { 1352 eval("\$getip = \"".$templates->get("moderation_getip")."\";"); 1353 output_page($getip); 1354 break; 1355 } 1356 1357 // Let's look up the ip address of a PM 1358 case "getpmip": 1359 if($pmid <= 0) 1360 { 1361 error($lang->error_invalidpm, $lang->error); 1362 } 1363 add_breadcrumb($lang->nav_pms, "private.php"); 1364 $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject'])); 1365 add_breadcrumb($pm['subject'], "private.php?action=read&pmid={$pmid}"); 1366 add_breadcrumb($lang->nav_getpmip); 1367 if(!$mybb->usergroup['issupermod']) 1368 { 1369 error_no_permission(); 1370 } 1371 1372 $pm['ipaddress'] = my_inet_ntop($db->unescape_binary($pm['ipaddress'])); 1373 $hostname = @gethostbyaddr($pm['ipaddress']); 1374 if(!$hostname || $hostname == $pm['ipaddress']) 1375 { 1376 $hostname = $lang->resolve_fail; 1377 } 1378 1379 $name = $db->fetch_field($db->simple_select('users', 'username', "uid = {$pm['fromid']}"), 'username'); 1380 $username = build_profile_link($name, $pm['fromid']); 1381 1382 // Moderator options 1383 $modoptions = ""; 1384 if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canuseipsearch'] == 1) 1385 { 1386 $ipaddress = $pm['ipaddress']; 1387 eval("\$modoptions = \"".$templates->get("moderation_getip_modoptions")."\";"); 1388 } 1389 1390 $plugins->run_hooks('moderation_getpmip'); 1391 1392 if($modal) 1393 { 1394 eval("\$getpmip = \"".$templates->get("moderation_getpmip_modal", 1, 0)."\";"); 1395 echo $getpmip; 1396 exit; 1397 } 1398 else 1399 { 1400 eval("\$getpmip = \"".$templates->get("moderation_getpmip")."\";"); 1401 output_page($getpmip); 1402 break; 1403 } 1404 1405 // Merge threads 1406 case "merge": 1407 add_breadcrumb($lang->nav_merge); 1408 if(!is_moderator($fid, "canmanagethreads")) 1409 { 1410 error_no_permission(); 1411 } 1412 1413 if($thread['visible'] == -1) 1414 { 1415 error($lang->error_thread_deleted, $lang->error); 1416 } 1417 1418 $plugins->run_hooks("moderation_merge"); 1419 1420 eval("\$merge = \"".$templates->get("moderation_merge")."\";"); 1421 output_page($merge); 1422 break; 1423 1424 // Let's get those threads together baby! (Merge threads) 1425 case "do_merge": 1426 1427 // Verify incoming POST request 1428 verify_post_check($mybb->get_input('my_post_key')); 1429 1430 if(!is_moderator($fid, "canmanagethreads")) 1431 { 1432 error_no_permission(); 1433 } 1434 1435 if($thread['visible'] == -1) 1436 { 1437 error($lang->error_thread_deleted, $lang->error); 1438 } 1439 1440 $plugins->run_hooks("moderation_do_merge"); 1441 1442 // explode at # sign in a url (indicates a name reference) and reassign to the url 1443 $realurl = explode("#", $mybb->get_input('threadurl')); 1444 $mybb->input['threadurl'] = $realurl[0]; 1445 1446 // Are we using an SEO URL? 1447 if(substr($mybb->input['threadurl'], -4) == "html") 1448 { 1449 // Get thread to merge's tid the SEO way 1450 preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch); 1451 preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch); 1452 1453 if($threadmatch[1]) 1454 { 1455 $parameters['tid'] = $threadmatch[1]; 1456 } 1457 1458 if($postmatch[1]) 1459 { 1460 $parameters['pid'] = $postmatch[1]; 1461 } 1462 } 1463 else 1464 { 1465 // Get thread to merge's tid the normal way 1466 $splitloc = explode(".php", $mybb->input['threadurl']); 1467 $temp = explode("&", my_substr($splitloc[1], 1)); 1468 1469 if(!empty($temp)) 1470 { 1471 for($i = 0; $i < count($temp); $i++) 1472 { 1473 $temp2 = explode("=", $temp[$i], 2); 1474 $parameters[$temp2[0]] = $temp2[1]; 1475 } 1476 } 1477 else 1478 { 1479 $temp2 = explode("=", $splitloc[1], 2); 1480 $parameters[$temp2[0]] = $temp2[1]; 1481 } 1482 } 1483 1484 if(!empty($parameters['pid']) && empty($parameters['tid'])) 1485 { 1486 $post = get_post($parameters['pid']); 1487 $mergetid = (int)$post['tid']; 1488 } 1489 elseif(!empty($parameters['tid'])) 1490 { 1491 $mergetid = (int)$parameters['tid']; 1492 } 1493 else 1494 { 1495 $mergetid = 0; 1496 } 1497 $mergethread = get_thread($mergetid); 1498 if(!$mergethread) 1499 { 1500 error($lang->error_badmergeurl, $lang->error); 1501 } 1502 if($mergetid == $tid) 1503 { // sanity check 1504 error($lang->error_mergewithself, $lang->error); 1505 } 1506 if(!is_moderator($mergethread['fid'], "canmanagethreads")) 1507 { 1508 error_no_permission(); 1509 } 1510 if(isset($mybb->input['subject'])) 1511 { 1512 $subject = $mybb->get_input('subject'); 1513 } 1514 else 1515 { 1516 $subject = $thread['subject']; 1517 } 1518 1519 $moderation->merge_threads($mergetid, $tid, $subject); 1520 1521 log_moderator_action($modlogdata, $lang->thread_merged); 1522 1523 moderation_redirect(get_thread_link($tid), $lang->redirect_threadsmerged); 1524 break; 1525 1526 // Divorce the posts in this thread (Split!) 1527 case "split": 1528 add_breadcrumb($lang->nav_split); 1529 if(!is_moderator($fid, "canmanagethreads")) 1530 { 1531 error_no_permission(); 1532 } 1533 1534 if($thread['visible'] == -1) 1535 { 1536 error($lang->error_thread_deleted, $lang->error); 1537 } 1538 1539 $query = $db->query(" 1540 SELECT p.*, u.* 1541 FROM ".TABLE_PREFIX."posts p 1542 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 1543 WHERE tid='$tid' 1544 ORDER BY dateline ASC, pid ASC 1545 "); 1546 1547 $numposts = $db->num_rows($query); 1548 if($numposts <= 1) 1549 { 1550 error($lang->error_cantsplitonepost, $lang->error); 1551 } 1552 1553 $altbg = "trow1"; 1554 $posts = ''; 1555 while($post = $db->fetch_array($query)) 1556 { 1557 $postdate = my_date('relative', $post['dateline']); 1558 $post['username'] = htmlspecialchars_uni($post['username']); 1559 1560 $parser_options = array( 1561 "allow_html" => $forum['allowhtml'], 1562 "allow_mycode" => $forum['allowmycode'], 1563 "allow_smilies" => $forum['allowsmilies'], 1564 "allow_imgcode" => $forum['allowimgcode'], 1565 "allow_videocode" => $forum['allowvideocode'], 1566 "filter_badwords" => 1 1567 ); 1568 if($post['smilieoff'] == 1) 1569 { 1570 $parser_options['allow_smilies'] = 0; 1571 } 1572 1573 $message = $parser->parse_message($post['message'], $parser_options); 1574 eval("\$posts .= \"".$templates->get("moderation_split_post")."\";"); 1575 $altbg = alt_trow(); 1576 } 1577 1578 clearinline($tid, 'thread'); 1579 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 1580 1581 $plugins->run_hooks("moderation_split"); 1582 1583 eval("\$split = \"".$templates->get("moderation_split")."\";"); 1584 output_page($split); 1585 break; 1586 1587 // Let's break them up buddy! (Do the split) 1588 case "do_split": 1589 1590 // Verify incoming POST request 1591 verify_post_check($mybb->get_input('my_post_key')); 1592 1593 if(!is_moderator($fid, "canmanagethreads")) 1594 { 1595 error_no_permission(); 1596 } 1597 1598 if($thread['visible'] == -1) 1599 { 1600 error($lang->error_thread_deleted, $lang->error); 1601 } 1602 1603 $plugins->run_hooks("moderation_do_split"); 1604 1605 $mybb->input['splitpost'] = $mybb->get_input('splitpost', MyBB::INPUT_ARRAY); 1606 if(empty($mybb->input['splitpost'])) 1607 { 1608 error($lang->error_nosplitposts, $lang->error); 1609 } 1610 $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'"); 1611 $count = $db->fetch_array($query); 1612 1613 if($count['totalposts'] == 1) 1614 { 1615 error($lang->error_cantsplitonepost, $lang->error); 1616 } 1617 1618 if($count['totalposts'] == count($mybb->input['splitpost'])) 1619 { 1620 error($lang->error_cantsplitall, $lang->error); 1621 } 1622 1623 if(!empty($mybb->input['moveto'])) 1624 { 1625 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 1626 } 1627 else 1628 { 1629 $moveto = $fid; 1630 } 1631 1632 $newforum = get_forum($moveto); 1633 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 1634 { 1635 error($lang->error_invalidforum, $lang->error); 1636 } 1637 1638 $pids = array(); 1639 1640 // move the selected posts over 1641 $query = $db->simple_select("posts", "pid", "tid='$tid'"); 1642 while($post = $db->fetch_array($query)) 1643 { 1644 if(isset($mybb->input['splitpost'][$post['pid']]) && $mybb->input['splitpost'][$post['pid']] == 1) 1645 { 1646 $pids[] = $post['pid']; 1647 } 1648 mark_reports($post['pid'], "post"); 1649 } 1650 1651 $newtid = $moderation->split_posts($pids, $tid, $moveto, $mybb->get_input('newsubject')); 1652 1653 log_moderator_action($modlogdata, $lang->thread_split); 1654 1655 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 1656 break; 1657 1658 // Delete Thread Subscriptions 1659 case "removesubscriptions": 1660 1661 // Verify incoming POST request 1662 verify_post_check($mybb->get_input('my_post_key')); 1663 1664 if(!is_moderator($fid, "canmanagethreads")) 1665 { 1666 error_no_permission(); 1667 } 1668 1669 if($thread['visible'] == -1) 1670 { 1671 error($lang->error_thread_deleted, $lang->error); 1672 } 1673 1674 $plugins->run_hooks("moderation_removesubscriptions"); 1675 1676 $moderation->remove_thread_subscriptions($tid, true); 1677 1678 log_moderator_action($modlogdata, $lang->removed_subscriptions); 1679 1680 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_removed_subscriptions); 1681 break; 1682 1683 // Delete Threads - Inline moderation 1684 case "multideletethreads": 1685 add_breadcrumb($lang->nav_multi_deletethreads); 1686 1687 if(!empty($mybb->input['searchid'])) 1688 { 1689 // From search page 1690 $threads = getids($mybb->get_input('searchid'), 'search'); 1691 if(!is_moderator_by_tids($threads, 'candeletethreads')) 1692 { 1693 error_no_permission(); 1694 } 1695 } 1696 else 1697 { 1698 $threads = getids($fid, 'forum'); 1699 if(!is_moderator($fid, 'candeletethreads')) 1700 { 1701 error_no_permission(); 1702 } 1703 } 1704 if(count($threads) < 1) 1705 { 1706 error($lang->error_inline_nothreadsselected, $lang->error); 1707 } 1708 1709 $inlineids = implode("|", $threads); 1710 if($mybb->get_input('inlinetype') == 'search') 1711 { 1712 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1713 } 1714 else 1715 { 1716 clearinline($fid, 'forum'); 1717 } 1718 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 1719 eval("\$multidelete = \"".$templates->get("moderation_inline_deletethreads")."\";"); 1720 output_page($multidelete); 1721 break; 1722 1723 // Actually delete the threads - Inline moderation 1724 case "do_multideletethreads": 1725 1726 // Verify incoming POST request 1727 verify_post_check($mybb->get_input('my_post_key')); 1728 1729 $threadlist = explode("|", $mybb->get_input('threads')); 1730 if(!is_moderator_by_tids($threadlist, "candeletethreads")) 1731 { 1732 error_no_permission(); 1733 } 1734 foreach($threadlist as $tid) 1735 { 1736 $tid = (int)$tid; 1737 $moderation->delete_thread($tid); 1738 $tlist[] = $tid; 1739 } 1740 log_moderator_action($modlogdata, $lang->multi_deleted_threads); 1741 if($mybb->get_input('inlinetype') == 'search') 1742 { 1743 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1744 } 1745 else 1746 { 1747 clearinline($fid, 'forum'); 1748 } 1749 mark_reports($tlist, "threads"); 1750 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsdeleted); 1751 break; 1752 1753 // Open threads - Inline moderation 1754 case "multiopenthreads": 1755 1756 // Verify incoming POST request 1757 verify_post_check($mybb->get_input('my_post_key')); 1758 1759 if(!empty($mybb->input['searchid'])) 1760 { 1761 // From search page 1762 $threads = getids($mybb->get_input('searchid'), 'search'); 1763 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1764 { 1765 error_no_permission(); 1766 } 1767 } 1768 else 1769 { 1770 $threads = getids($fid, 'forum'); 1771 if(!is_moderator($fid, 'canopenclosethreads')) 1772 { 1773 error_no_permission(); 1774 } 1775 } 1776 1777 if(count($threads) < 1) 1778 { 1779 error($lang->error_inline_nothreadsselected, $lang->error); 1780 } 1781 1782 $moderation->open_threads($threads); 1783 1784 log_moderator_action($modlogdata, $lang->multi_opened_threads); 1785 if($mybb->get_input('inlinetype') == 'search') 1786 { 1787 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1788 } 1789 else 1790 { 1791 clearinline($fid, 'forum'); 1792 } 1793 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsopened); 1794 break; 1795 1796 // Close threads - Inline moderation 1797 case "multiclosethreads": 1798 1799 // Verify incoming POST request 1800 verify_post_check($mybb->get_input('my_post_key')); 1801 1802 if(!empty($mybb->input['searchid'])) 1803 { 1804 // From search page 1805 $threads = getids($mybb->get_input('searchid'), 'search'); 1806 if(!is_moderator_by_tids($threads, 'canopenclosethreads')) 1807 { 1808 error_no_permission(); 1809 } 1810 } 1811 else 1812 { 1813 $threads = getids($fid, 'forum'); 1814 if(!is_moderator($fid, 'canopenclosethreads')) 1815 { 1816 error_no_permission(); 1817 } 1818 } 1819 if(count($threads) < 1) 1820 { 1821 error($lang->error_inline_nothreadsselected, $lang->error); 1822 } 1823 1824 $moderation->close_threads($threads); 1825 1826 log_moderator_action($modlogdata, $lang->multi_closed_threads); 1827 if($mybb->get_input('inlinetype') == 'search') 1828 { 1829 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1830 } 1831 else 1832 { 1833 clearinline($fid, 'forum'); 1834 } 1835 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsclosed); 1836 break; 1837 1838 // Approve threads - Inline moderation 1839 case "multiapprovethreads": 1840 1841 // Verify incoming POST request 1842 verify_post_check($mybb->get_input('my_post_key')); 1843 1844 if(!empty($mybb->input['searchid'])) 1845 { 1846 // From search page 1847 $threads = getids($mybb->get_input('searchid'), 'search'); 1848 if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads')) 1849 { 1850 error_no_permission(); 1851 } 1852 } 1853 else 1854 { 1855 $threads = getids($fid, 'forum'); 1856 if(!is_moderator($fid, 'canapproveunapprovethreads')) 1857 { 1858 error_no_permission(); 1859 } 1860 } 1861 if(count($threads) < 1) 1862 { 1863 error($lang->error_inline_nothreadsselected, $lang->error); 1864 } 1865 1866 $moderation->approve_threads($threads, $fid); 1867 1868 log_moderator_action($modlogdata, $lang->multi_approved_threads); 1869 if($mybb->get_input('inlinetype') == 'search') 1870 { 1871 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1872 } 1873 else 1874 { 1875 clearinline($fid, 'forum'); 1876 } 1877 $cache->update_stats(); 1878 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsapproved); 1879 break; 1880 1881 // Unapprove threads - Inline moderation 1882 case "multiunapprovethreads": 1883 1884 // Verify incoming POST request 1885 verify_post_check($mybb->get_input('my_post_key')); 1886 1887 if(!empty($mybb->input['searchid'])) 1888 { 1889 // From search page 1890 $threads = getids($mybb->get_input('searchid'), 'search'); 1891 if(!is_moderator_by_tids($threads, 'canapproveunapprovethreads')) 1892 { 1893 error_no_permission(); 1894 } 1895 } 1896 else 1897 { 1898 $threads = getids($fid, 'forum'); 1899 if(!is_moderator($fid, 'canapproveunapprovethreads')) 1900 { 1901 error_no_permission(); 1902 } 1903 } 1904 if(count($threads) < 1) 1905 { 1906 error($lang->error_inline_nothreadsselected, $lang->error); 1907 } 1908 1909 $moderation->unapprove_threads($threads, $fid); 1910 1911 log_moderator_action($modlogdata, $lang->multi_unapproved_threads); 1912 if($mybb->get_input('inlinetype') == 'search') 1913 { 1914 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1915 } 1916 else 1917 { 1918 clearinline($fid, 'forum'); 1919 } 1920 $cache->update_stats(); 1921 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunapproved); 1922 break; 1923 1924 // Restore threads - Inline moderation 1925 case "multirestorethreads": 1926 1927 // Verify incoming POST request 1928 verify_post_check($mybb->get_input('my_post_key')); 1929 1930 if(!empty($mybb->input['searchid'])) 1931 { 1932 // From search page 1933 $threads = getids($mybb->get_input('searchid'), 'search'); 1934 if(!is_moderator_by_tids($threads, 'canrestorethreads')) 1935 { 1936 error_no_permission(); 1937 } 1938 } 1939 else 1940 { 1941 $threads = getids($fid, 'forum'); 1942 if(!is_moderator($fid, 'canrestorethreads')) 1943 { 1944 error_no_permission(); 1945 } 1946 } 1947 if(count($threads) < 1) 1948 { 1949 error($lang->error_inline_nothreadsselected, $lang->error); 1950 } 1951 1952 $moderation->restore_threads($threads); 1953 1954 log_moderator_action($modlogdata, $lang->multi_restored_threads); 1955 if($mybb->get_input('inlinetype') == 'search') 1956 { 1957 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 1958 } 1959 else 1960 { 1961 clearinline($fid, 'forum'); 1962 } 1963 $cache->update_stats(); 1964 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsrestored); 1965 break; 1966 1967 // Soft delete threads - Inline moderation 1968 case "multisoftdeletethreads": 1969 1970 // Verify incoming POST request 1971 verify_post_check($mybb->get_input('my_post_key')); 1972 1973 if(!empty($mybb->input['searchid'])) 1974 { 1975 // From search page 1976 $threads = getids($mybb->get_input('searchid'), 'search'); 1977 if(!is_moderator_by_tids($threads, 'cansoftdeletethreads')) 1978 { 1979 error_no_permission(); 1980 } 1981 } 1982 else 1983 { 1984 $threads = getids($fid, 'forum'); 1985 if(!is_moderator($fid, 'cansoftdeletethreads')) 1986 { 1987 error_no_permission(); 1988 } 1989 } 1990 if(count($threads) < 1) 1991 { 1992 error($lang->error_inline_nothreadsselected, $lang->error); 1993 } 1994 1995 $moderation->soft_delete_threads($threads); 1996 1997 log_moderator_action($modlogdata, $lang->multi_soft_deleted_threads); 1998 if($mybb->get_input('inlinetype') == 'search') 1999 { 2000 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2001 } 2002 else 2003 { 2004 clearinline($fid, 'forum'); 2005 } 2006 $cache->update_stats(); 2007 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadssoftdeleted); 2008 break; 2009 2010 // Stick threads - Inline moderation 2011 case "multistickthreads": 2012 2013 // Verify incoming POST request 2014 verify_post_check($mybb->get_input('my_post_key')); 2015 2016 if(!empty($mybb->input['searchid'])) 2017 { 2018 // From search page 2019 $threads = getids($mybb->get_input('searchid'), 'search'); 2020 if(!is_moderator_by_tids($threads, 'canstickunstickthreads')) 2021 { 2022 error_no_permission(); 2023 } 2024 } 2025 else 2026 { 2027 $threads = getids($fid, 'forum'); 2028 if(!is_moderator($fid, 'canstickunstickthreads')) 2029 { 2030 error_no_permission(); 2031 } 2032 } 2033 if(count($threads) < 1) 2034 { 2035 error($lang->error_inline_nothreadsselected, $lang->error); 2036 } 2037 2038 $moderation->stick_threads($threads); 2039 2040 log_moderator_action($modlogdata, $lang->multi_stuck_threads); 2041 if($mybb->get_input('inlinetype') == 'search') 2042 { 2043 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2044 } 2045 else 2046 { 2047 clearinline($fid, 'forum'); 2048 } 2049 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsstuck); 2050 break; 2051 2052 // Unstick threads - Inline moderaton 2053 case "multiunstickthreads": 2054 2055 // Verify incoming POST request 2056 verify_post_check($mybb->get_input('my_post_key')); 2057 2058 if(!empty($mybb->input['searchid'])) 2059 { 2060 // From search page 2061 $threads = getids($mybb->get_input('searchid'), 'search'); 2062 if(!is_moderator_by_tids($threads, 'canstickunstickthreads')) 2063 { 2064 error_no_permission(); 2065 } 2066 } 2067 else 2068 { 2069 $threads = getids($fid, 'forum'); 2070 if(!is_moderator($fid, 'canstickunstickthreads')) 2071 { 2072 error_no_permission(); 2073 } 2074 } 2075 if(count($threads) < 1) 2076 { 2077 error($lang->error_inline_nothreadsselected, $lang->error); 2078 } 2079 2080 $moderation->unstick_threads($threads); 2081 2082 log_moderator_action($modlogdata, $lang->multi_unstuck_threads); 2083 if($mybb->get_input('inlinetype') == 'search') 2084 { 2085 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2086 } 2087 else 2088 { 2089 clearinline($fid, 'forum'); 2090 } 2091 moderation_redirect(get_forum_link($fid), $lang->redirect_inline_threadsunstuck); 2092 break; 2093 2094 // Move threads - Inline moderation 2095 case "multimovethreads": 2096 add_breadcrumb($lang->nav_multi_movethreads); 2097 2098 if(!empty($mybb->input['searchid'])) 2099 { 2100 // From search page 2101 $threads = getids($mybb->get_input('searchid'), 'search'); 2102 if(!is_moderator_by_tids($threads, 'canmanagethreads')) 2103 { 2104 error_no_permission(); 2105 } 2106 } 2107 else 2108 { 2109 $threads = getids($fid, 'forum'); 2110 if(!is_moderator($fid, 'canmanagethreads')) 2111 { 2112 error_no_permission(); 2113 } 2114 } 2115 2116 if(count($threads) < 1) 2117 { 2118 error($lang->error_inline_nothreadsselected, $lang->error); 2119 } 2120 $inlineids = implode("|", $threads); 2121 if($mybb->get_input('inlinetype') == 'search') 2122 { 2123 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2124 } 2125 else 2126 { 2127 clearinline($fid, 'forum'); 2128 } 2129 $forumselect = build_forum_jump("", '', 1, '', 0, true, '', "moveto"); 2130 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2131 eval("\$movethread = \"".$templates->get("moderation_inline_movethreads")."\";"); 2132 output_page($movethread); 2133 break; 2134 2135 // Actually move the threads in Inline moderation 2136 case "do_multimovethreads": 2137 2138 // Verify incoming POST request 2139 verify_post_check($mybb->get_input('my_post_key')); 2140 2141 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 2142 $method = $mybb->get_input('method'); 2143 2144 $threadlist = explode("|", $mybb->get_input('threads')); 2145 if(!is_moderator_by_tids($threadlist, 'canmanagethreads')) 2146 { 2147 error_no_permission(); 2148 } 2149 foreach($threadlist as $tid) 2150 { 2151 $tids[] = (int)$tid; 2152 } 2153 // Make sure moderator has permission to move to the new forum 2154 $newperms = forum_permissions($moveto); 2155 if(($newperms['canview'] == 0 || !is_moderator($moveto, 'canmanagethreads')) && !is_moderator_by_tids($tids, 'canmovetononmodforum')) 2156 { 2157 error($lang->error_movetononmodforum, $lang->error); 2158 } 2159 2160 $newforum = get_forum($moveto); 2161 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 2162 { 2163 error($lang->error_invalidforum, $lang->error); 2164 } 2165 2166 $plugins->run_hooks('moderation_do_multimovethreads'); 2167 2168 log_moderator_action($modlogdata, $lang->multi_moved_threads); 2169 $expire = 0; 2170 if($mybb->get_input('redirect_expire', MyBB::INPUT_INT) > 0) 2171 { 2172 $expire = TIME_NOW + ($mybb->get_input('redirect_expire', MyBB::INPUT_INT) * 86400); 2173 } 2174 2175 foreach($tids as $tid) { 2176 $moderation->move_thread($tid, $moveto, $method, $expire); 2177 } 2178 2179 moderation_redirect(get_forum_link($moveto), $lang->redirect_inline_threadsmoved); 2180 break; 2181 2182 // Delete posts - Inline moderation 2183 case "multideleteposts": 2184 add_breadcrumb($lang->nav_multi_deleteposts); 2185 2186 if($mybb->get_input('inlinetype') == 'search') 2187 { 2188 $posts = getids($mybb->get_input('searchid'), 'search'); 2189 } 2190 else 2191 { 2192 $posts = getids($tid, 'thread'); 2193 } 2194 2195 if(count($posts) < 1) 2196 { 2197 error($lang->error_inline_nopostsselected, $lang->error); 2198 } 2199 if(!is_moderator_by_pids($posts, "candeleteposts")) 2200 { 2201 error_no_permission(); 2202 } 2203 $inlineids = implode("|", $posts); 2204 if($mybb->get_input('inlinetype') == 'search') 2205 { 2206 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2207 } 2208 else 2209 { 2210 clearinline($tid, 'thread'); 2211 } 2212 2213 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2214 2215 eval("\$multidelete = \"".$templates->get("moderation_inline_deleteposts")."\";"); 2216 output_page($multidelete); 2217 break; 2218 2219 // Actually delete the posts in inline moderation 2220 case "do_multideleteposts": 2221 2222 // Verify incoming POST request 2223 verify_post_check($mybb->get_input('my_post_key')); 2224 2225 $postlist = explode("|", $mybb->get_input('posts')); 2226 if(!is_moderator_by_pids($postlist, "candeleteposts")) 2227 { 2228 error_no_permission(); 2229 } 2230 $postlist = array_map('intval', $postlist); 2231 $pids = implode(',', $postlist); 2232 2233 $tids = array(); 2234 if($pids) 2235 { 2236 $query = $db->simple_select("threads", "tid", "firstpost IN({$pids})"); 2237 while($threadid = $db->fetch_field($query, "tid")) 2238 { 2239 $tids[] = $threadid; 2240 } 2241 } 2242 2243 $deletecount = 0; 2244 foreach($postlist as $pid) 2245 { 2246 $pid = (int)$pid; 2247 $moderation->delete_post($pid); 2248 $plist[] = $pid; 2249 $deletecount++; 2250 } 2251 2252 // If we have multiple threads, we must be coming from the search 2253 if(!empty($tids)) 2254 { 2255 foreach($tids as $tid) 2256 { 2257 $moderation->delete_thread($tid); 2258 mark_reports($tid, "thread"); 2259 $url = get_forum_link($fid); 2260 } 2261 } 2262 // Otherwise we're just deleting from showthread.php 2263 else 2264 { 2265 $query = $db->simple_select("posts", "pid", "tid = $tid"); 2266 $numposts = $db->num_rows($query); 2267 if(!$numposts) 2268 { 2269 $moderation->delete_thread($tid); 2270 mark_reports($tid, "thread"); 2271 $url = get_forum_link($fid); 2272 } 2273 else 2274 { 2275 mark_reports($plist, "posts"); 2276 $url = get_thread_link($thread['tid']); 2277 } 2278 } 2279 2280 $lang->deleted_selective_posts = $lang->sprintf($lang->deleted_selective_posts, $deletecount); 2281 log_moderator_action($modlogdata, $lang->deleted_selective_posts); 2282 moderation_redirect($url, $lang->redirect_postsdeleted); 2283 break; 2284 2285 // Merge posts - Inline moderation 2286 case "multimergeposts": 2287 add_breadcrumb($lang->nav_multi_mergeposts); 2288 2289 if($mybb->get_input('inlinetype') == 'search') 2290 { 2291 $posts = getids($mybb->get_input('searchid'), 'search'); 2292 } 2293 else 2294 { 2295 $posts = getids($tid, 'thread'); 2296 } 2297 2298 // Add the selected posts from other threads 2299 foreach($mybb->cookies as $key => $value) 2300 { 2301 if(strpos($key, "inlinemod_thread") !== false && $key != "inlinemod_thread$tid") 2302 { 2303 $inlinepostlist = explode("|", $mybb->cookies[$key]); 2304 foreach($inlinepostlist as $p) 2305 { 2306 $p = (int)$p; 2307 2308 if(!empty($p)) 2309 { 2310 $posts[] = (int)$p; 2311 } 2312 } 2313 // Remove the cookie once its data is retrieved 2314 my_unsetcookie($key); 2315 } 2316 } 2317 2318 if(empty($posts)) 2319 { 2320 error($lang->error_inline_nopostsselected, $lang->error); 2321 } 2322 2323 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2324 { 2325 error_no_permission(); 2326 } 2327 2328 $postlist = ""; 2329 $query = $db->query(" 2330 SELECT p.*, u.* 2331 FROM ".TABLE_PREFIX."posts p 2332 LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid) 2333 WHERE pid IN (".implode(",", $posts).") 2334 ORDER BY dateline ASC, pid ASC 2335 "); 2336 $altbg = "trow1"; 2337 while($post = $db->fetch_array($query)) 2338 { 2339 $postdate = my_date('relative', $post['dateline']); 2340 2341 $parser_options = array( 2342 "allow_html" => $forum['allowhtml'], 2343 "allow_mycode" => $forum['allowmycode'], 2344 "allow_smilies" => $forum['allowsmilies'], 2345 "allow_imgcode" => $forum['allowimgcode'], 2346 "allow_videocode" => $forum['allowvideocode'], 2347 "filter_badwords" => 1 2348 ); 2349 if($post['smilieoff'] == 1) 2350 { 2351 $parser_options['allow_smilies'] = 0; 2352 } 2353 2354 $message = $parser->parse_message($post['message'], $parser_options); 2355 eval("\$postlist .= \"".$templates->get("moderation_mergeposts_post")."\";"); 2356 $altbg = alt_trow(); 2357 } 2358 2359 $inlineids = implode("|", $posts); 2360 if($mybb->get_input('inlinetype') == 'search') 2361 { 2362 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2363 } 2364 else 2365 { 2366 clearinline($tid, 'thread'); 2367 } 2368 2369 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2370 2371 eval("\$multimerge = \"".$templates->get("moderation_inline_mergeposts")."\";"); 2372 output_page($multimerge); 2373 break; 2374 2375 // Actually merge the posts - Inline moderation 2376 case "do_multimergeposts": 2377 2378 // Verify incoming POST request 2379 verify_post_check($mybb->get_input('my_post_key')); 2380 2381 $mergepost = $mybb->get_input('mergepost', MyBB::INPUT_ARRAY); 2382 if(count($mergepost) <= 1) 2383 { 2384 error($lang->error_nomergeposts, $lang->error); 2385 } 2386 2387 foreach($mergepost as $pid => $yes) 2388 { 2389 $postlist[] = (int)$pid; 2390 } 2391 2392 if(!is_moderator_by_pids($postlist, "canmanagethreads")) 2393 { 2394 error_no_permission(); 2395 } 2396 2397 $masterpid = $moderation->merge_posts($postlist, $tid, $mybb->input['sep']); 2398 2399 mark_reports($postlist, "posts"); 2400 log_moderator_action($modlogdata, $lang->merged_selective_posts); 2401 moderation_redirect(get_post_link($masterpid)."#pid$masterpid", $lang->redirect_inline_postsmerged); 2402 break; 2403 2404 // Split posts - Inline moderation 2405 case "multisplitposts": 2406 add_breadcrumb($lang->nav_multi_splitposts); 2407 2408 if($mybb->get_input('inlinetype') == 'search') 2409 { 2410 $posts = getids($mybb->get_input('searchid'), 'search'); 2411 } 2412 else 2413 { 2414 $posts = getids($tid, 'thread'); 2415 } 2416 2417 if(count($posts) < 1) 2418 { 2419 error($lang->error_inline_nopostsselected, $lang->error); 2420 } 2421 2422 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2423 { 2424 error_no_permission(); 2425 } 2426 $posts = array_map('intval', $posts); 2427 $pidin = implode(',', $posts); 2428 2429 // Make sure that we are not splitting a thread with one post 2430 // Select number of posts in each thread that the splitted post is in 2431 $query = $db->query(" 2432 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2433 FROM ".TABLE_PREFIX."posts p 2434 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2435 WHERE p.pid IN ($pidin) 2436 GROUP BY p.tid, p.pid 2437 "); 2438 $threads = $pcheck = array(); 2439 while($tcheck = $db->fetch_array($query)) 2440 { 2441 if((int)$tcheck['count'] <= 1) 2442 { 2443 error($lang->error_cantsplitonepost, $lang->error); 2444 } 2445 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2446 } 2447 2448 // Make sure that we are not splitting all posts in the thread 2449 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2450 $query = $db->query(" 2451 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2452 FROM ".TABLE_PREFIX."posts p 2453 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2454 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2455 GROUP BY p.tid, p.pid 2456 "); 2457 $pcheck2 = array(); 2458 while($tcheck = $db->fetch_array($query)) 2459 { 2460 if($tcheck['count'] > 0) 2461 { 2462 $pcheck2[] = $tcheck['tid']; 2463 } 2464 } 2465 if(count($pcheck2) != count($pcheck)) 2466 { 2467 // One or more threads do not have posts after splitting 2468 error($lang->error_cantsplitall, $lang->error); 2469 } 2470 2471 $inlineids = implode("|", $posts); 2472 if($mybb->get_input('inlinetype') == 'search') 2473 { 2474 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2475 } 2476 else 2477 { 2478 clearinline($tid, 'thread'); 2479 } 2480 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 2481 2482 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2483 2484 eval("\$splitposts = \"".$templates->get("moderation_inline_splitposts")."\";"); 2485 output_page($splitposts); 2486 break; 2487 2488 // Actually split the posts - Inline moderation 2489 case "do_multisplitposts": 2490 2491 // Verify incoming POST request 2492 verify_post_check($mybb->get_input('my_post_key')); 2493 2494 $plist = array(); 2495 $postlist = explode("|", $mybb->get_input('posts')); 2496 foreach($postlist as $pid) 2497 { 2498 $pid = (int)$pid; 2499 $plist[] = $pid; 2500 } 2501 2502 if(!is_moderator_by_pids($plist, "canmanagethreads")) 2503 { 2504 error_no_permission(); 2505 } 2506 2507 // Ensure all posts exist 2508 $posts = array(); 2509 if(!empty($plist)) 2510 { 2511 $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')'); 2512 while($pid = $db->fetch_field($query, 'pid')) 2513 { 2514 $posts[] = $pid; 2515 } 2516 } 2517 2518 if(empty($posts)) 2519 { 2520 error($lang->error_inline_nopostsselected, $lang->error); 2521 } 2522 2523 $pidin = implode(',', $posts); 2524 2525 // Make sure that we are not splitting a thread with one post 2526 // Select number of posts in each thread that the splitted post is in 2527 $query = $db->query(" 2528 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2529 FROM ".TABLE_PREFIX."posts p 2530 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2531 WHERE p.pid IN ($pidin) 2532 GROUP BY p.tid, p.pid 2533 "); 2534 $pcheck = array(); 2535 while($tcheck = $db->fetch_array($query)) 2536 { 2537 if((int)$tcheck['count'] <= 1) 2538 { 2539 error($lang->error_cantsplitonepost, $lang->error); 2540 } 2541 $pcheck[] = $tcheck['tid']; // Save tids for below 2542 } 2543 2544 // Make sure that we are not splitting all posts in the thread 2545 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2546 $query = $db->query(" 2547 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2548 FROM ".TABLE_PREFIX."posts p 2549 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2550 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2551 GROUP BY p.tid, p.pid 2552 "); 2553 $pcheck2 = array(); 2554 while($tcheck = $db->fetch_array($query)) 2555 { 2556 if($tcheck['count'] > 0) 2557 { 2558 $pcheck2[] = $tcheck['tid']; 2559 } 2560 } 2561 if(count($pcheck2) != count($pcheck)) 2562 { 2563 // One or more threads do not have posts after splitting 2564 error($lang->error_cantsplitall, $lang->error); 2565 } 2566 2567 if(isset($mybb->input['moveto'])) 2568 { 2569 $moveto = $mybb->get_input('moveto', MyBB::INPUT_INT); 2570 } 2571 else 2572 { 2573 $moveto = $fid; 2574 } 2575 2576 $newforum = get_forum($moveto); 2577 if(!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') 2578 { 2579 error($lang->error_invalidforum, $lang->error); 2580 } 2581 2582 $newsubject = $mybb->get_input('newsubject'); 2583 $newtid = $moderation->split_posts($posts, $tid, $moveto, $newsubject); 2584 2585 $pid_list = implode(', ', $posts); 2586 $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid); 2587 log_moderator_action($modlogdata, $lang->split_selective_posts); 2588 2589 moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); 2590 break; 2591 2592 // Move posts - Inline moderation 2593 case "multimoveposts": 2594 add_breadcrumb($lang->nav_multi_moveposts); 2595 2596 if($mybb->get_input('inlinetype') == 'search') 2597 { 2598 $posts = getids($mybb->get_input('searchid'), 'search'); 2599 } 2600 else 2601 { 2602 $posts = getids($tid, 'thread'); 2603 } 2604 2605 if(count($posts) < 1) 2606 { 2607 error($lang->error_inline_nopostsselected, $lang->error); 2608 } 2609 2610 if(!is_moderator_by_pids($posts, "canmanagethreads")) 2611 { 2612 error_no_permission(); 2613 } 2614 $posts = array_map('intval', $posts); 2615 $pidin = implode(',', $posts); 2616 2617 // Make sure that we are not moving posts in a thread with one post 2618 // Select number of posts in each thread that the moved post is in 2619 $query = $db->query(" 2620 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2621 FROM ".TABLE_PREFIX."posts p 2622 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2623 WHERE p.pid IN ($pidin) 2624 GROUP BY p.tid, p.pid 2625 "); 2626 $threads = $pcheck = array(); 2627 while($tcheck = $db->fetch_array($query)) 2628 { 2629 if((int)$tcheck['count'] <= 1) 2630 { 2631 error($lang->error_cantsplitonepost, $lang->error); 2632 } 2633 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2634 } 2635 2636 // Make sure that we are not moving all posts in the thread 2637 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2638 $query = $db->query(" 2639 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2640 FROM ".TABLE_PREFIX."posts p 2641 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2642 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2643 GROUP BY p.tid, p.pid 2644 "); 2645 $pcheck2 = array(); 2646 while($tcheck = $db->fetch_array($query)) 2647 { 2648 if($tcheck['count'] > 0) 2649 { 2650 $pcheck2[] = $tcheck['tid']; 2651 } 2652 } 2653 if(count($pcheck2) != count($pcheck)) 2654 { 2655 // One or more threads do not have posts after splitting 2656 error($lang->error_cantmoveall, $lang->error); 2657 } 2658 2659 $inlineids = implode("|", $posts); 2660 if($mybb->get_input('inlinetype') == 'search') 2661 { 2662 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2663 } 2664 else 2665 { 2666 clearinline($tid, 'thread'); 2667 } 2668 $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "moveto"); 2669 2670 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 2671 2672 eval("\$moveposts = \"".$templates->get("moderation_inline_moveposts")."\";"); 2673 output_page($moveposts); 2674 break; 2675 2676 // Actually split the posts - Inline moderation 2677 case "do_multimoveposts": 2678 2679 // Verify incoming POST request 2680 verify_post_check($mybb->get_input('my_post_key')); 2681 2682 $plugins->run_hooks("moderation_do_multimoveposts"); 2683 2684 // explode at # sign in a url (indicates a name reference) and reassign to the url 2685 $realurl = explode("#", $mybb->get_input('threadurl')); 2686 $mybb->input['threadurl'] = $realurl[0]; 2687 2688 // Are we using an SEO URL? 2689 if(substr($mybb->input['threadurl'], -4) == "html") 2690 { 2691 // Get thread to merge's tid the SEO way 2692 preg_match("#thread-([0-9]+)?#i", $mybb->input['threadurl'], $threadmatch); 2693 preg_match("#post-([0-9]+)?#i", $mybb->input['threadurl'], $postmatch); 2694 2695 if(!empty($threadmatch[1])) 2696 { 2697 $parameters['tid'] = $threadmatch[1]; 2698 } 2699 2700 if(!empty($postmatch[1])) 2701 { 2702 $parameters['pid'] = $postmatch[1]; 2703 } 2704 } 2705 else 2706 { 2707 // Get thread to merge's tid the normal way 2708 $splitloc = explode(".php", $mybb->input['threadurl']); 2709 $temp = explode("&", my_substr($splitloc[1], 1)); 2710 2711 if(!empty($temp)) 2712 { 2713 for($i = 0; $i < count($temp); $i++) 2714 { 2715 $temp2 = explode("=", $temp[$i], 2); 2716 $parameters[$temp2[0]] = $temp2[1]; 2717 } 2718 } 2719 else 2720 { 2721 $temp2 = explode("=", $splitloc[1], 2); 2722 $parameters[$temp2[0]] = $temp2[1]; 2723 } 2724 } 2725 2726 if(!empty($parameters['pid']) && empty($parameters['tid'])) 2727 { 2728 $query = $db->simple_select("posts", "tid", "pid='".(int)$parameters['pid']."'"); 2729 $post = $db->fetch_array($query); 2730 $newtid = $post['tid']; 2731 } 2732 elseif(!empty($parameters['tid'])) 2733 { 2734 $newtid = $parameters['tid']; 2735 } 2736 else 2737 { 2738 $newtid = 0; 2739 } 2740 $newtid = (int)$newtid; 2741 $newthread = get_thread($newtid); 2742 if(!$newthread) 2743 { 2744 error($lang->error_badmovepostsurl, $lang->error); 2745 } 2746 if($newtid == $tid) 2747 { // sanity check 2748 error($lang->error_movetoself, $lang->error); 2749 } 2750 2751 $postlist = explode("|", $mybb->get_input('posts')); 2752 $plist = array(); 2753 foreach($postlist as $pid) 2754 { 2755 $pid = (int)$pid; 2756 $plist[] = $pid; 2757 } 2758 2759 if(!is_moderator_by_pids($plist, "canmanagethreads")) 2760 { 2761 error_no_permission(); 2762 } 2763 2764 // Ensure all posts exist 2765 $posts = array(); 2766 if(!empty($plist)) 2767 { 2768 $query = $db->simple_select('posts', 'pid', 'pid IN ('.implode(',', $plist).')'); 2769 while($pid = $db->fetch_field($query, 'pid')) 2770 { 2771 $posts[] = $pid; 2772 } 2773 } 2774 2775 if(empty($posts)) 2776 { 2777 error($lang->error_inline_nopostsselected, $lang->error); 2778 } 2779 2780 $pidin = implode(',', $posts); 2781 2782 // Make sure that we are not moving posts in a thread with one post 2783 // Select number of posts in each thread that the moved post is in 2784 $query = $db->query(" 2785 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2786 FROM ".TABLE_PREFIX."posts p 2787 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2788 WHERE p.pid IN ($pidin) 2789 GROUP BY p.tid, p.pid 2790 "); 2791 $threads = $pcheck = array(); 2792 while($tcheck = $db->fetch_array($query)) 2793 { 2794 if((int)$tcheck['count'] <= 1) 2795 { 2796 error($lang->error_cantsplitonepost, $lang->error); 2797 } 2798 $threads[] = $pcheck[] = $tcheck['tid']; // Save tids for below 2799 } 2800 2801 // Make sure that we are not moving all posts in the thread 2802 // The query does not return a row when the count is 0, so find if some threads are missing (i.e. 0 posts after removal) 2803 $query = $db->query(" 2804 SELECT DISTINCT p.tid, COUNT(q.pid) as count 2805 FROM ".TABLE_PREFIX."posts p 2806 LEFT JOIN ".TABLE_PREFIX."posts q ON (p.tid=q.tid) 2807 WHERE p.pid IN ($pidin) AND q.pid NOT IN ($pidin) 2808 GROUP BY p.tid, p.pid 2809 "); 2810 $pcheck2 = array(); 2811 while($tcheck = $db->fetch_array($query)) 2812 { 2813 if($tcheck['count'] > 0) 2814 { 2815 $pcheck2[] = $tcheck['tid']; 2816 } 2817 } 2818 if(count($pcheck2) != count($pcheck)) 2819 { 2820 // One or more threads do not have posts after splitting 2821 error($lang->error_cantmoveall, $lang->error); 2822 } 2823 2824 $newtid = $moderation->split_posts($posts, $tid, $newthread['fid'], $db->escape_string($newthread['subject']), $newtid); 2825 2826 $pid_list = implode(', ', $posts); 2827 $lang->move_selective_posts = $lang->sprintf($lang->move_selective_posts, $pid_list, $newtid); 2828 log_moderator_action($modlogdata, $lang->move_selective_posts); 2829 2830 moderation_redirect(get_thread_link($newtid), $lang->redirect_moveposts); 2831 break; 2832 2833 // Approve posts - Inline moderation 2834 case "multiapproveposts": 2835 2836 // Verify incoming POST request 2837 verify_post_check($mybb->get_input('my_post_key')); 2838 2839 if($mybb->get_input('inlinetype') == 'search') 2840 { 2841 $posts = getids($mybb->get_input('searchid'), 'search'); 2842 } 2843 else 2844 { 2845 $posts = getids($tid, 'thread'); 2846 } 2847 if(count($posts) < 1) 2848 { 2849 error($lang->error_inline_nopostsselected, $lang->error); 2850 } 2851 2852 if(!is_moderator_by_pids($posts, "canapproveunapproveposts")) 2853 { 2854 error_no_permission(); 2855 } 2856 2857 $pids = array(); 2858 foreach($posts as $pid) 2859 { 2860 $pids[] = (int)$pid; 2861 } 2862 2863 $moderation->approve_posts($pids); 2864 2865 log_moderator_action($modlogdata, $lang->multi_approve_posts); 2866 if($mybb->get_input('inlinetype') == 'search') 2867 { 2868 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2869 } 2870 else 2871 { 2872 clearinline($tid, 'thread'); 2873 } 2874 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsapproved); 2875 break; 2876 2877 // Unapprove posts - Inline moderation 2878 case "multiunapproveposts": 2879 2880 // Verify incoming POST request 2881 verify_post_check($mybb->get_input('my_post_key')); 2882 2883 if($mybb->get_input('inlinetype') == 'search') 2884 { 2885 $posts = getids($mybb->get_input('searchid'), 'search'); 2886 } 2887 else 2888 { 2889 $posts = getids($tid, 'thread'); 2890 } 2891 2892 if(count($posts) < 1) 2893 { 2894 error($lang->error_inline_nopostsselected, $lang->error); 2895 } 2896 $pids = array(); 2897 2898 if(!is_moderator_by_pids($posts, "canapproveunapproveposts")) 2899 { 2900 error_no_permission(); 2901 } 2902 foreach($posts as $pid) 2903 { 2904 $pids[] = (int)$pid; 2905 } 2906 2907 $moderation->unapprove_posts($pids); 2908 2909 log_moderator_action($modlogdata, $lang->multi_unapprove_posts); 2910 if($mybb->get_input('inlinetype') == 'search') 2911 { 2912 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2913 } 2914 else 2915 { 2916 clearinline($tid, 'thread'); 2917 } 2918 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsunapproved); 2919 break; 2920 2921 // Restore posts - Inline moderation 2922 case "multirestoreposts": 2923 2924 // Verify incoming POST request 2925 verify_post_check($mybb->get_input('my_post_key')); 2926 2927 if($mybb->get_input('inlinetype') == 'search') 2928 { 2929 $posts = getids($mybb->get_input('searchid'), 'search'); 2930 } 2931 else 2932 { 2933 $posts = getids($tid, 'thread'); 2934 } 2935 if(count($posts) < 1) 2936 { 2937 error($lang->error_inline_nopostsselected, $lang->error); 2938 } 2939 2940 if(!is_moderator_by_pids($posts, "canrestoreposts")) 2941 { 2942 error_no_permission(); 2943 } 2944 2945 $pids = array(); 2946 foreach($posts as $pid) 2947 { 2948 $pids[] = (int)$pid; 2949 } 2950 2951 $moderation->restore_posts($pids); 2952 2953 log_moderator_action($modlogdata, $lang->multi_restore_posts); 2954 if($mybb->get_input('inlinetype') == 'search') 2955 { 2956 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 2957 } 2958 else 2959 { 2960 clearinline($tid, 'thread'); 2961 } 2962 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postsrestored); 2963 break; 2964 2965 // Soft delete posts - Inline moderation 2966 case "multisoftdeleteposts": 2967 // Verify incoming POST request 2968 verify_post_check($mybb->get_input('my_post_key')); 2969 2970 if($mybb->get_input('inlinetype') == 'search') 2971 { 2972 $posts = getids($mybb->get_input('searchid'), 'search'); 2973 } 2974 else 2975 { 2976 $posts = getids($tid, 'thread'); 2977 } 2978 2979 if(count($posts) < 1) 2980 { 2981 error($lang->error_inline_nopostsselected, $lang->error); 2982 } 2983 $pids = array(); 2984 2985 if(!is_moderator_by_pids($posts, "cansoftdeleteposts")) 2986 { 2987 error_no_permission(); 2988 } 2989 foreach($posts as $pid) 2990 { 2991 $pids[] = (int)$pid; 2992 } 2993 2994 $moderation->soft_delete_posts($pids); 2995 log_moderator_action($modlogdata, $lang->multi_soft_delete_posts); 2996 2997 if($mybb->get_input('inlinetype') == 'search') 2998 { 2999 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 3000 } 3001 else 3002 { 3003 clearinline($tid, 'thread'); 3004 } 3005 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_inline_postssoftdeleted); 3006 break; 3007 case "do_purgespammer": 3008 case "purgespammer": 3009 require_once MYBB_ROOT."inc/functions_user.php"; 3010 3011 $groups = explode(",", $mybb->settings['purgespammergroups']); 3012 if(!is_member($groups)) 3013 { 3014 error_no_permission(); 3015 } 3016 3017 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 3018 $user = get_user($uid); 3019 if(!$user['uid'] || !purgespammer_show($user['postnum'], $user['usergroup'], $user['uid'])) 3020 { 3021 error($lang->purgespammer_invalid_user); 3022 } 3023 3024 if($mybb->input['action'] == "do_purgespammer") 3025 { 3026 verify_post_check($mybb->get_input('my_post_key')); 3027 3028 $user_deleted = false; 3029 3030 // Run the hooks first to avoid any issues when we delete the user 3031 $plugins->run_hooks("moderation_purgespammer_purge"); 3032 3033 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 3034 $userhandler = new UserDataHandler('delete'); 3035 3036 if($mybb->settings['purgespammerbandelete'] == "ban") 3037 { 3038 // First delete everything 3039 $userhandler->delete_content($uid); 3040 $userhandler->delete_posts($uid); 3041 3042 // Next ban him (or update the banned reason, shouldn't happen) 3043 $query = $db->simple_select("banned", "uid", "uid = '{$uid}'"); 3044 if($db->num_rows($query) > 0) 3045 { 3046 $banupdate = array( 3047 "reason" => $db->escape_string($mybb->settings['purgespammerbanreason']) 3048 ); 3049 $db->update_query('banned', $banupdate, "uid = '{$uid}'"); 3050 } 3051 else 3052 { 3053 $insert = array( 3054 "uid" => $uid, 3055 "gid" => (int)$mybb->settings['purgespammerbangroup'], 3056 "oldgroup" => 2, 3057 "oldadditionalgroups" => "", 3058 "olddisplaygroup" => 0, 3059 "admin" => (int)$mybb->user['uid'], 3060 "dateline" => TIME_NOW, 3061 "bantime" => "---", 3062 "lifted" => 0, 3063 "reason" => $db->escape_string($mybb->settings['purgespammerbanreason']) 3064 ); 3065 $db->insert_query('banned', $insert); 3066 } 3067 3068 // Add the IP's to the banfilters 3069 if($mybb->settings['purgespammerbanip'] == 1) 3070 { 3071 foreach(array($user['regip'], $user['lastip']) as $ip) 3072 { 3073 $ip = my_inet_ntop($db->unescape_binary($ip)); 3074 $query = $db->simple_select("banfilters", "type", "type = 1 AND filter = '".$db->escape_string($ip)."'"); 3075 if($db->num_rows($query) == 0) 3076 { 3077 $insert = array( 3078 "filter" => $db->escape_string($ip), 3079 "type" => 1, 3080 "dateline" => TIME_NOW 3081 ); 3082 $db->insert_query("banfilters", $insert); 3083 } 3084 } 3085 } 3086 3087 // Clear the profile 3088 $userhandler->clear_profile($uid, $mybb->settings['purgespammerbangroup']); 3089 3090 $cache->update_bannedips(); 3091 $cache->update_awaitingactivation(); 3092 3093 // Update reports cache 3094 $cache->update_reportedcontent(); 3095 } 3096 elseif($mybb->settings['purgespammerbandelete'] == "delete") 3097 { 3098 $user_deleted = $userhandler->delete_user($uid, 1); 3099 } 3100 3101 // Submit the user to stop forum spam 3102 if(!empty($mybb->settings['purgespammerapikey'])) 3103 { 3104 $sfs = @fetch_remote_file("http://stopforumspam.com/add.php?username=" . urlencode($user['username']) . "&ip_addr=" . urlencode(my_inet_ntop($db->unescape_binary($user['lastip']))) . "&email=" . urlencode($user['email']) . "&api_key=" . urlencode($mybb->settings['purgespammerapikey'])); 3105 } 3106 3107 log_moderator_action(array('uid' => $uid, 'username' => $user['username']), $lang->purgespammer_modlog); 3108 3109 if($user_deleted) 3110 { 3111 redirect($mybb->settings['bburl'], $lang->purgespammer_success); 3112 } 3113 else 3114 { 3115 redirect(get_profile_link($uid), $lang->purgespammer_success); 3116 } 3117 } 3118 elseif($mybb->input['action'] == "purgespammer") 3119 { 3120 $plugins->run_hooks("moderation_purgespammer_show"); 3121 3122 add_breadcrumb($lang->purgespammer); 3123 $lang->purgespammer_purge = $lang->sprintf($lang->purgespammer_purge, htmlspecialchars_uni($user['username'])); 3124 if($mybb->settings['purgespammerbandelete'] == "ban") 3125 { 3126 $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_ban); 3127 } 3128 else 3129 { 3130 $lang->purgespammer_purge_desc = $lang->sprintf($lang->purgespammer_purge_desc, $lang->purgespammer_delete); 3131 } 3132 eval("\$purgespammer = \"".$templates->get('moderation_purgespammer')."\";"); 3133 output_page($purgespammer); 3134 } 3135 break; 3136 default: 3137 require_once MYBB_ROOT."inc/class_custommoderation.php"; 3138 $custommod = new CustomModeration; 3139 $tool = $custommod->tool_info($mybb->get_input('action', MyBB::INPUT_INT)); 3140 if($tool !== false) 3141 { 3142 // Verify incoming POST request 3143 verify_post_check($mybb->get_input('my_post_key')); 3144 3145 $options = my_unserialize($tool['threadoptions']); 3146 3147 if(!is_member($tool['groups'])) 3148 { 3149 error_no_permission(); 3150 } 3151 3152 if($thread['visible'] == -1) 3153 { 3154 error($lang->error_thread_deleted, $lang->error); 3155 } 3156 3157 if(!empty($options['confirmation']) && empty($mybb->input['confirm'])) 3158 { 3159 add_breadcrumb($lang->confirm_execute_tool); 3160 3161 $lang->confirm_execute_tool_desc = $lang->sprintf($lang->confirm_execute_tool_desc, htmlspecialchars_uni($tool['name'])); 3162 3163 $action = $mybb->get_input('action', MyBB::INPUT_INT); 3164 $modtype = htmlspecialchars_uni($mybb->get_input('modtype')); 3165 $inlinetype = htmlspecialchars_uni($mybb->get_input('inlinetype')); 3166 $searchid = htmlspecialchars_uni($mybb->get_input('searchid')); 3167 $url = htmlspecialchars_uni($mybb->get_input('url')); 3168 $plugins->run_hooks('moderation_confirmation'); 3169 3170 eval('$page = "'.$templates->get('moderation_confirmation').'";'); 3171 3172 output_page($page); 3173 exit; 3174 } 3175 3176 $tool['name'] = htmlspecialchars_uni($tool['name']); 3177 3178 if($tool['type'] == 't' && $mybb->get_input('modtype') == 'inlinethread') 3179 { 3180 if($mybb->get_input('inlinetype') == 'search') 3181 { 3182 $tids = getids($mybb->get_input('searchid'), 'search'); 3183 } 3184 else 3185 { 3186 $tids = getids($fid, "forum"); 3187 } 3188 if(count($tids) < 1) 3189 { 3190 error($lang->error_inline_nopostsselected, $lang->error); 3191 } 3192 if(!is_moderator_by_tids($tids, "canusecustomtools")) 3193 { 3194 error_no_permission(); 3195 } 3196 3197 $thread_options = my_unserialize($tool['threadoptions']); 3198 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 3199 { 3200 error($lang->error_movetocategory, $lang->error); 3201 } 3202 3203 $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids); 3204 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 3205 log_moderator_action($modlogdata, $lang->custom_tool); 3206 if($mybb->get_input('inlinetype') == 'search') 3207 { 3208 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 3209 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 3210 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 3211 moderation_redirect($return_url, $lang->redirect_customtool_search); 3212 } 3213 else 3214 { 3215 clearinline($fid, "forum"); 3216 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 3217 redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 3218 } 3219 break; 3220 } 3221 elseif($tool['type'] == 't' && $mybb->get_input('modtype') == 'thread') 3222 { 3223 if(!is_moderator_by_tids($tid, "canusecustomtools")) 3224 { 3225 error_no_permission(); 3226 } 3227 3228 $thread_options = my_unserialize($tool['threadoptions']); 3229 if($thread_options['movethread'] && $forum_cache[$thread_options['movethread']]['type'] != "f") 3230 { 3231 error($lang->error_movetocategory, $lang->error); 3232 } 3233 3234 $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tid); 3235 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 3236 log_moderator_action($modlogdata, $lang->custom_tool); 3237 if($ret == 'forum') 3238 { 3239 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 3240 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 3241 } 3242 else 3243 { 3244 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 3245 moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_customtool_thread); 3246 } 3247 break; 3248 } 3249 elseif($tool['type'] == 'p' && $mybb->get_input('modtype') == 'inlinepost') 3250 { 3251 if($mybb->get_input('inlinetype') == 'search') 3252 { 3253 $pids = getids($mybb->get_input('searchid'), 'search'); 3254 } 3255 else 3256 { 3257 $pids = getids($tid, 'thread'); 3258 } 3259 3260 if(count($pids) < 1) 3261 { 3262 error($lang->error_inline_nopostsselected, $lang->error); 3263 } 3264 if(!is_moderator_by_pids($pids, "canusecustomtools")) 3265 { 3266 error_no_permission(); 3267 } 3268 3269 // Get threads which are associated with the posts 3270 $tids = array(); 3271 $options = array( 3272 'order_by' => 'dateline, pid', 3273 ); 3274 $query = $db->simple_select("posts", "DISTINCT tid, dateline", "pid IN (".implode(',',$pids).")", $options); 3275 while($row = $db->fetch_array($query)) 3276 { 3277 $tids[] = $row['tid']; 3278 } 3279 3280 $ret = $custommod->execute($mybb->get_input('action', MyBB::INPUT_INT), $tids, $pids); 3281 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']); 3282 log_moderator_action($modlogdata, $lang->custom_tool); 3283 if($mybb->get_input('inlinetype') == 'search') 3284 { 3285 clearinline($mybb->get_input('searchid', MyBB::INPUT_INT), 'search'); 3286 $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']); 3287 $return_url = htmlspecialchars_uni($mybb->get_input('url')); 3288 moderation_redirect($return_url, $lang->redirect_customtool_search); 3289 } 3290 else 3291 { 3292 clearinline($tid, 'thread'); 3293 if($ret == 'forum') 3294 { 3295 $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']); 3296 moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum); 3297 } 3298 else 3299 { 3300 $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']); 3301 moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread); 3302 } 3303 } 3304 3305 break; 3306 } 3307 } 3308 error_no_permission(); 3309 break; 3310 } 3311 3312 /** 3313 * Some little handy functions for our inline moderation 3314 * 3315 * @param int $id 3316 * @param string $type 3317 * 3318 * @return array 3319 */ 3320 function getids($id, $type) 3321 { 3322 global $mybb; 3323 3324 $newids = array(); 3325 $cookie = "inlinemod_".$type.$id; 3326 if(isset($mybb->cookies[$cookie])) 3327 { 3328 $cookie_ids = explode("|", $mybb->cookies[$cookie]); 3329 3330 foreach($cookie_ids as $cookie_id) 3331 { 3332 if(empty($cookie_id)) 3333 { 3334 continue; 3335 } 3336 3337 if($cookie_id == 'ALL') 3338 { 3339 $newids += getallids($id, $type); 3340 } 3341 else 3342 { 3343 $newids[] = (int)$cookie_id; 3344 } 3345 } 3346 } 3347 3348 return $newids; 3349 } 3350 3351 /** 3352 * @param int $id 3353 * @param string $type 3354 * 3355 * @return array 3356 */ 3357 function getallids($id, $type) 3358 { 3359 global $db, $mybb; 3360 3361 $ids = array(); 3362 3363 // Get any removed threads (after our user hit 'all') 3364 $removed_ids = array(); 3365 $cookie = "inlinemod_".$type.$id."_removed"; 3366 if(isset($mybb->cookies[$cookie])) 3367 { 3368 $removed_ids = explode("|", $mybb->cookies[$cookie]); 3369 3370 if(!is_array($removed_ids)) 3371 { 3372 $removed_ids = array(); 3373 } 3374 } 3375 3376 // "Select all Threads in this forum" only supported by forumdisplay and search 3377 if($type == 'forum') 3378 { 3379 $query = $db->simple_select("threads", "tid", "fid='".(int)$id."'"); 3380 while($tid = $db->fetch_field($query, "tid")) 3381 { 3382 if(in_array($tid, $removed_ids)) 3383 { 3384 continue; 3385 } 3386 3387 $ids[] = $tid; 3388 } 3389 } 3390 elseif($type == 'search') 3391 { 3392 $query = $db->simple_select("searchlog", "resulttype, posts, threads", "sid='".$db->escape_string($id)."' AND uid='{$mybb->user['uid']}'", 1); 3393 $searchlog = $db->fetch_array($query); 3394 if($searchlog['resulttype'] == 'posts') 3395 { 3396 $ids = explode(',', $searchlog['posts']); 3397 } 3398 else 3399 { 3400 $ids = explode(',', $searchlog['threads']); 3401 } 3402 3403 if(is_array($ids)) 3404 { 3405 foreach($ids as $key => $tid) 3406 { 3407 if(in_array($tid, $removed_ids)) 3408 { 3409 unset($ids[$key]); 3410 } 3411 } 3412 } 3413 } 3414 3415 return $ids; 3416 } 3417 3418 /** 3419 * @param int $id 3420 * @param string $type 3421 */ 3422 function clearinline($id, $type) 3423 { 3424 my_unsetcookie("inlinemod_".$type.$id); 3425 my_unsetcookie("inlinemod_{$type}{$id}_removed"); 3426 } 3427 3428 /** 3429 * @param int $id 3430 * @param string $type 3431 */ 3432 function extendinline($id, $type) 3433 { 3434 my_setcookie("inlinemod_{$type}{$id}", '', TIME_NOW+3600); 3435 my_setcookie("inlinemod_{$type}{$id}_removed", '', TIME_NOW+3600); 3436 } 3437 3438 /** 3439 * Checks if the current user is a moderator of all the posts specified 3440 * 3441 * Note: If no posts are specified, this function will return true. It is the 3442 * responsibility of the calling script to error-check this case if necessary. 3443 * 3444 * @param array $posts Array of post IDs 3445 * @param string $permission Permission to check 3446 * @return bool True if moderator of all; false otherwise 3447 */ 3448 function is_moderator_by_pids($posts, $permission='') 3449 { 3450 global $db, $mybb; 3451 3452 // Speedy determination for supermods/admins and guests 3453 if($mybb->usergroup['issupermod']) 3454 { 3455 return true; 3456 } 3457 elseif(!$mybb->user['uid']) 3458 { 3459 return false; 3460 } 3461 // Make an array of threads if not an array 3462 if(!is_array($posts)) 3463 { 3464 $posts = array($posts); 3465 } 3466 // Validate input 3467 $posts = array_map('intval', $posts); 3468 $posts[] = 0; 3469 // Get forums 3470 $posts_string = implode(',', $posts); 3471 $query = $db->simple_select("posts", "DISTINCT fid", "pid IN ($posts_string)"); 3472 while($forum = $db->fetch_array($query)) 3473 { 3474 if(!is_moderator($forum['fid'], $permission)) 3475 { 3476 return false; 3477 } 3478 } 3479 return true; 3480 } 3481 3482 /** 3483 * Checks if the current user is a moderator of all the threads specified 3484 * 3485 * Note: If no threads are specified, this function will return true. It is the 3486 * responsibility of the calling script to error-check this case if necessary. 3487 * 3488 * @param array $threads Array of thread IDs 3489 * @param string $permission Permission to check 3490 * @return bool True if moderator of all; false otherwise 3491 */ 3492 function is_moderator_by_tids($threads, $permission='') 3493 { 3494 global $db, $mybb; 3495 3496 // Speedy determination for supermods/admins and guests 3497 if($mybb->usergroup['issupermod']) 3498 { 3499 return true; 3500 } 3501 elseif(!$mybb->user['uid']) 3502 { 3503 return false; 3504 } 3505 // Make an array of threads if not an array 3506 if(!is_array($threads)) 3507 { 3508 $threads = array($threads); 3509 } 3510 // Validate input 3511 $threads = array_map('intval', $threads); 3512 $threads[] = 0; 3513 // Get forums 3514 $threads_string = implode(',', $threads); 3515 $query = $db->simple_select("threads", "DISTINCT fid", "tid IN ($threads_string)"); 3516 while($forum = $db->fetch_array($query)) 3517 { 3518 if(!is_moderator($forum['fid'], $permission)) 3519 { 3520 return false; 3521 } 3522 } 3523 return true; 3524 } 3525 3526 /** 3527 * Special redirect that takes a return URL into account 3528 * @param string $url URL 3529 * @param string $message Message 3530 * @param string $title Title 3531 */ 3532 function moderation_redirect($url, $message="", $title="") 3533 { 3534 global $mybb; 3535 if(!empty($mybb->input['url'])) 3536 { 3537 $url = htmlentities($mybb->input['url']); 3538 } 3539 3540 if(my_strpos($url, $mybb->settings['bburl'].'/') !== 0) 3541 { 3542 if(my_strpos($url, '/') === 0) 3543 { 3544 $url = my_substr($url, 1); 3545 } 3546 $url_segments = explode('/', $url); 3547 $url = $mybb->settings['bburl'].'/'.end($url_segments); 3548 } 3549 3550 redirect($url, $message, $title); 3551 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |