[ Index ]

PHP Cross Reference of MyBB 1.8.19

title

Body

[close]

/ -> report.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'report.php');
  13  
  14  $templatelist = "report,report_thanks,report_error,report_reasons,report_error_nomodal,forumdisplay_password_wrongpass,forumdisplay_password";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT.'inc/functions_modcp.php';
  17  
  18  $lang->load("report");
  19  
  20  if(!$mybb->user['uid'])
  21  {
  22      error_no_permission();
  23  }
  24  
  25  $plugins->run_hooks("report_start");
  26  
  27  $report = array();
  28  $verified = false;
  29  $report_type = 'post';
  30  $error = $report_type_db = '';
  31  
  32  if(!empty($mybb->input['type']))
  33  {
  34      $report_type = htmlspecialchars_uni($mybb->get_input('type'));
  35  }
  36  
  37  $report_title = $lang->report_content;
  38  $report_string = "report_reason_{$report_type}";
  39  
  40  if(isset($lang->$report_string))
  41  {
  42      $report_title = $lang->$report_string;
  43  }
  44  
  45  $id = 0;
  46  if($report_type == 'post')
  47  {
  48      if($mybb->usergroup['canview'] == 0)
  49      {
  50          error_no_permission();
  51      }
  52  
  53      // Do we have a valid post?
  54      $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
  55  
  56      if(!$post)
  57      {
  58          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  59      }
  60      else
  61      {
  62          $id = $post['pid'];
  63          $id2 = $post['tid'];
  64          $report_type_db = "(type = 'post' OR type = '')";
  65          $checkid = $post['uid'];
  66  
  67          // Check for a valid forum
  68          $forum = get_forum($post['fid']);
  69  
  70          if(!isset($forum['fid']))
  71          {
  72              $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  73          }
  74          else
  75          {
  76              $verified = true;
  77          }
  78  
  79          // Password protected forums ......... yhummmmy!
  80          $id3 = $forum['fid'];
  81          check_forum_password($forum['parentlist']);
  82      }
  83  }
  84  else if($report_type == 'profile')
  85  {
  86      $user = get_user($mybb->get_input('pid', MyBB::INPUT_INT));
  87  
  88      if(!isset($user['uid']))
  89      {
  90          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
  91      }
  92      else
  93      {
  94          $verified = true;
  95          $report_type_db = "type = 'profile'";
  96          $id2 = $id3 = 0; // We don't use these on the profile
  97          $id = $checkid = $user['uid']; // id is the profile user
  98      }
  99  }
 100  else if($report_type == 'reputation')
 101  {
 102      // Any member can report a reputation comment but let's make sure it exists first
 103      $query = $db->simple_select("reputation", "*", "rid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 104  
 105      if(!$db->num_rows($query))
 106      {
 107          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 108      }
 109      else
 110      {
 111          $verified = true;
 112          $reputation = $db->fetch_array($query);
 113          $id = $reputation['rid']; // id is the reputation id
 114          $id2 = $checkid = $reputation['adduid']; // id2 is the user who gave the comment
 115          $id3 = $reputation['uid']; // id3 is the user who received the comment
 116          $report_type_db = "type = 'reputation'";
 117      }
 118  }
 119  
 120  $permissions = user_permissions($checkid);
 121  if(empty($permissions['canbereported']))
 122  {
 123      $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 124  }
 125  
 126  $plugins->run_hooks("report_type");
 127  
 128  // Check for an existing report
 129  if(!empty($report_type_db))
 130  {
 131      $query = $db->simple_select("reportedcontent", "*", "reportstatus != '1' AND id = '{$id}' AND {$report_type_db}");
 132  
 133      if($db->num_rows($query))
 134      {
 135          // Existing report
 136          $report = $db->fetch_array($query);
 137          $report['reporters'] = my_unserialize($report['reporters']);
 138  
 139          if($mybb->user['uid'] == $report['uid'] || is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters']))
 140          {
 141              $error = $lang->success_report_voted;
 142          }
 143      }
 144  }
 145  
 146  $mybb->input['action'] = $mybb->get_input('action');
 147  
 148  if(empty($error) && $verified == true && $mybb->input['action'] == "do_report" && $mybb->request_method == "post")
 149  {
 150      verify_post_check($mybb->get_input('my_post_key'));
 151  
 152      $plugins->run_hooks("report_do_report_start");
 153  
 154      // Is this an existing report or a new offender?
 155      if(!empty($report))
 156      {
 157          // Existing report, add vote
 158          $report['reporters'][] = $mybb->user['uid'];
 159          update_report($report);
 160  
 161          $plugins->run_hooks("report_do_report_end");
 162  
 163          eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 164          echo $report_thanks;
 165          exit;
 166      }
 167      else
 168      {
 169          // Bad user!
 170          $new_report = array(
 171              'id' => $id,
 172              'id2' => $id2,
 173              'id3' => $id3,
 174              'uid' => $mybb->user['uid']
 175          );
 176  
 177          // Figure out the reason
 178          $rid = $mybb->get_input('reason', MyBB::INPUT_INT);
 179          $query = $db->simple_select("reportreasons", "*", "rid = '{$rid}'");
 180  
 181          if(!$db->num_rows($query))
 182          {
 183              $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 184              $verified = false;
 185          }
 186          else
 187          {
 188              $reason = $db->fetch_array($query);
 189  
 190              $new_report['reasonid'] = $reason['rid'];
 191  
 192              if($reason['extra'])
 193              {
 194                  $comment = trim($mybb->get_input('comment'));
 195                  if(empty($comment) || $comment == '')
 196                  {
 197                      $error = $lang->error_comment_required;
 198                      $verified = false;
 199                  }
 200                  else
 201                  {
 202                      if(my_strlen($comment) < 3)
 203                      {
 204                          $error = $lang->error_report_length;
 205                          $verified = false;
 206                      }
 207                      else
 208                      {
 209                          $new_report['reason'] = $comment;
 210                      }
 211                  }
 212              }
 213          }
 214  
 215          if(empty($error))
 216          {
 217              add_report($new_report, $report_type);
 218  
 219              $plugins->run_hooks("report_do_report_end");
 220  
 221              eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 222              echo $report_thanks;
 223              exit;
 224          }
 225      }
 226  }
 227  
 228  if(!empty($error) || $verified == false)
 229  {
 230      $mybb->input['action'] = '';
 231  
 232      if($verified == false && empty($error))
 233      {
 234          $error = $lang->sprintf($lang->error_invalid_report, $report_type);
 235      }
 236  }
 237  
 238  if(!$mybb->input['action'])
 239  {
 240      if(!empty($error))
 241      {
 242          if($mybb->input['no_modal'])
 243          {
 244              eval("\$report_reasons = \"".$templates->get("report_error_nomodal")."\";");
 245          }
 246          else
 247          {
 248              eval("\$report_reasons = \"".$templates->get("report_error")."\";");
 249          }
 250      }
 251      else
 252      {
 253          if(!empty($report))
 254          {
 255              eval("\$report_reasons = \"".$templates->get("report_duplicate")."\";");
 256          }
 257          else
 258          {
 259              $reportreasons = $cache->read('reportreasons');
 260              $reasons = $reportreasons[$report_type];
 261              $reasonslist = '';
 262              foreach($reasons as $reason)
 263              {
 264                  $reason['title'] = htmlspecialchars_uni($lang->parse($reason['title']));
 265                  eval("\$reasonslist .= \"".$templates->get("report_reason")."\";");
 266              }
 267              eval("\$report_reasons = \"".$templates->get("report_reasons")."\";");
 268          }
 269      }
 270  
 271      if($mybb->input['no_modal'])
 272      {
 273          echo $report_reasons;
 274          exit;
 275      }
 276  
 277      $plugins->run_hooks("report_end");
 278  
 279      eval("\$report = \"".$templates->get("report", 1, 0)."\";");
 280      echo $report;
 281      exit;
 282  }


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1