[ Index ]

PHP Cross Reference of MyBB 1.8.26

title

Body

[close]

/ -> report.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'report.php');
  13  
  14  $templatelist = "report,report_thanks,report_error,report_reasons,report_error_nomodal,forumdisplay_password_wrongpass,forumdisplay_password";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT.'inc/functions_modcp.php';
  17  
  18  $lang->load("report");
  19  
  20  if(!$mybb->user['uid'])
  21  {
  22      error_no_permission();
  23  }
  24  
  25  $plugins->run_hooks("report_start");
  26  
  27  $report = array();
  28  $verified = false;
  29  $report_type = 'post';
  30  $error = $report_type_db = '';
  31  
  32  if(!empty($mybb->input['type']))
  33  {
  34      $report_type = htmlspecialchars_uni($mybb->get_input('type'));
  35  }
  36  
  37  $report_title = $lang->report_content;
  38  $report_string = "report_reason_{$report_type}";
  39  
  40  if(isset($lang->$report_string))
  41  {
  42      $report_title = $lang->$report_string;
  43  }
  44  
  45  $id = 0;
  46  if($report_type == 'post')
  47  {
  48      if($mybb->usergroup['canview'] == 0)
  49      {
  50          error_no_permission();
  51      }
  52  
  53      // Do we have a valid post?
  54      $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
  55  
  56      if(!$post)
  57      {
  58          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  59      }
  60      else
  61      {
  62          $id = $post['pid'];
  63          $id2 = $post['tid'];
  64          $report_type_db = "(type = 'post' OR type = '')";
  65          $checkid = $post['uid'];
  66  
  67          // Check for a valid forum
  68          $forum = get_forum($post['fid']);
  69  
  70          if(!isset($forum['fid']))
  71          {
  72              $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  73          }
  74          else
  75          {
  76              $verified = true;
  77              $button = '#post_'.$id.' .postbit_report';
  78          }
  79  
  80          $id3 = $forum['fid'];
  81  
  82          // Password protected forums ......... yhummmmy!
  83          check_forum_password($forum['fid']);
  84      }
  85  }
  86  else if($report_type == 'profile')
  87  {
  88      $user = get_user($mybb->get_input('pid', MyBB::INPUT_INT));
  89  
  90      if(!isset($user['uid']))
  91      {
  92          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  93      }
  94      else
  95      {
  96          $verified = true;
  97          $report_type_db = "type = 'profile'";
  98          $id2 = $id3 = 0; // We don't use these on the profile
  99          $id = $checkid = $user['uid']; // id is the profile user
 100          $button = '.report_user_button';
 101      }
 102  }
 103  else if($report_type == 'reputation')
 104  {
 105      // Any member can report a reputation comment but let's make sure it exists first
 106      $query = $db->simple_select("reputation", "*", "rid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 107  
 108      if(!$db->num_rows($query))
 109      {
 110          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 111      }
 112      else
 113      {
 114          $verified = true;
 115          $reputation = $db->fetch_array($query);
 116          $id = $reputation['rid']; // id is the reputation id
 117          $id2 = $checkid = $reputation['adduid']; // id2 is the user who gave the comment
 118          $id3 = $reputation['uid']; // id3 is the user who received the comment
 119          $report_type_db = "type = 'reputation'";
 120          $button = '#rid'.$id.' .postbit_report';
 121      }
 122  }
 123  
 124  $plugins->run_hooks("report_type");
 125  
 126  $permissions = user_permissions($checkid);
 127  if(empty($permissions['canbereported']))
 128  {
 129      $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 130  }
 131  
 132  // Check for an existing report
 133  if(!empty($report_type_db))
 134  {
 135      $query = $db->simple_select("reportedcontent", "*", "reportstatus != '1' AND id = '{$id}' AND {$report_type_db}");
 136  
 137      if($db->num_rows($query))
 138      {
 139          // Existing report
 140          $report = $db->fetch_array($query);
 141          $report['reporters'] = my_unserialize($report['reporters']);
 142  
 143          if($mybb->user['uid'] == $report['uid'] || is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters']))
 144          {
 145              $error = $lang->success_report_voted;
 146          }
 147      }
 148  }
 149  
 150  $mybb->input['action'] = $mybb->get_input('action');
 151  
 152  if(empty($error) && $verified == true && $mybb->input['action'] == "do_report" && $mybb->request_method == "post")
 153  {
 154      verify_post_check($mybb->get_input('my_post_key'));
 155  
 156      $plugins->run_hooks("report_do_report_start");
 157  
 158      // Is this an existing report or a new offender?
 159      if(!empty($report))
 160      {
 161          // Existing report, add vote
 162          $report['reporters'][] = $mybb->user['uid'];
 163          update_report($report);
 164  
 165          $plugins->run_hooks("report_do_report_end");
 166  
 167          eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 168          echo $report_thanks;
 169          echo sprintf("<script type='text/javascript'>$('%s').remove();</script>", $button);
 170          exit;
 171      }
 172      else
 173      {
 174          // Bad user!
 175          $new_report = array(
 176              'id' => $id,
 177              'id2' => $id2,
 178              'id3' => $id3,
 179              'uid' => $mybb->user['uid']
 180          );
 181  
 182          // Figure out the reason
 183          $rid = $mybb->get_input('reason', MyBB::INPUT_INT);
 184          $query = $db->simple_select("reportreasons", "*", "rid = '{$rid}'");
 185  
 186          if(!$db->num_rows($query))
 187          {
 188              $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 189              $verified = false;
 190          }
 191          else
 192          {
 193              $reason = $db->fetch_array($query);
 194  
 195              $new_report['reasonid'] = $reason['rid'];
 196  
 197              if($reason['extra'])
 198              {
 199                  $comment = trim($mybb->get_input('comment'));
 200                  if(empty($comment) || $comment == '')
 201                  {
 202                      $error = $lang->error_comment_required;
 203                      $verified = false;
 204                  }
 205                  else
 206                  {
 207                      if(my_strlen($comment) < 3)
 208                      {
 209                          $error = $lang->error_report_length;
 210                          $verified = false;
 211                      }
 212                      else
 213                      {
 214                          $new_report['reason'] = $comment;
 215                      }
 216                  }
 217              }
 218          }
 219  
 220          if(empty($error))
 221          {
 222              add_report($new_report, $report_type);
 223  
 224              $plugins->run_hooks("report_do_report_end");
 225  
 226              eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 227              echo $report_thanks;
 228              echo sprintf("<script type='text/javascript'>$('%s').remove();</script>", $button);
 229              exit;
 230          }
 231      }
 232  }
 233  
 234  if(!empty($error) || $verified == false)
 235  {
 236      $mybb->input['action'] = '';
 237  
 238      if($verified == false && empty($error))
 239      {
 240          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 241      }
 242  }
 243  
 244  if(!$mybb->input['action'])
 245  {
 246      if(!empty($error))
 247      {
 248          if($mybb->input['no_modal'])
 249          {
 250              eval("\$report_reasons = \"".$templates->get("report_error_nomodal")."\";");
 251          }
 252          else
 253          {
 254              eval("\$report_reasons = \"".$templates->get("report_error")."\";");
 255          }
 256      }
 257      else
 258      {
 259          if(!empty($report))
 260          {
 261              eval("\$report_reasons = \"".$templates->get("report_duplicate")."\";");
 262          }
 263          else
 264          {
 265              $reportreasons = $cache->read('reportreasons');
 266              $reasons = $reportreasons[$report_type];
 267              $reasonslist = '';
 268              foreach($reasons as $reason)
 269              {
 270                  $reason['title'] = htmlspecialchars_uni($lang->parse($reason['title']));
 271                  eval("\$reasonslist .= \"".$templates->get("report_reason")."\";");
 272              }
 273              eval("\$report_reasons = \"".$templates->get("report_reasons")."\";");
 274          }
 275      }
 276  
 277      if($mybb->input['no_modal'])
 278      {
 279          echo $report_reasons;
 280          exit;
 281      }
 282  
 283      $plugins->run_hooks("report_end");
 284  
 285      eval("\$report = \"".$templates->get("report", 1, 0)."\";");
 286      echo $report;
 287      exit;
 288  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref