[ Index ]

PHP Cross Reference of MyBB 1.8.12

title

Body

[close]

/ -> report.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'report.php');
  13  
  14  $templatelist = "report,report_thanks,report_error,report_reasons,report_error_nomodal,forumdisplay_password_wrongpass,forumdisplay_password";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT.'inc/functions_modcp.php';
  17  
  18  $lang->load("report");
  19  
  20  if(!$mybb->user['uid'])
  21  {
  22      error_no_permission();
  23  }
  24  
  25  $plugins->run_hooks("report_start");
  26  
  27  $report = array();
  28  $verified = false;
  29  $report_type = 'post';
  30  $error = $report_type_db = '';
  31  
  32  if(!empty($mybb->input['type']))
  33  {
  34      $report_type = htmlspecialchars_uni($mybb->get_input('type'));
  35  }
  36  
  37  $report_title = $lang->report_content;
  38  $report_string = "report_reason_{$report_type}";
  39  
  40  if(isset($lang->$report_string))
  41  {
  42      $report_title = $lang->$report_string;
  43  }
  44  
  45  $id = 0;
  46  if($report_type == 'post')
  47  {
  48      if($mybb->usergroup['canview'] == 0)
  49      {
  50          error_no_permission();
  51      }
  52  
  53      // Do we have a valid post?
  54      $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
  55  
  56      if(!$post)
  57      {
  58          $error = $lang->error_invalid_report;
  59      }
  60      else
  61      {
  62          $id = $post['pid'];
  63          $id2 = $post['tid'];
  64          $report_type_db = "(type = 'post' OR type = '')";
  65  
  66          // Check for a valid forum
  67          $forum = get_forum($post['fid']);
  68  
  69          if(!isset($forum['fid']))
  70          {
  71              $error = $lang->error_invalid_report;
  72          }
  73          else
  74          {
  75              $verified = true;
  76          }
  77  
  78          // Password protected forums ......... yhummmmy!
  79          $id3 = $forum['fid'];
  80          check_forum_password($forum['parentlist']);
  81      }
  82  }
  83  else if($report_type == 'profile')
  84  {
  85      $user = get_user($mybb->get_input('pid', MyBB::INPUT_INT));
  86  
  87      if(!isset($user['uid']))
  88      {
  89          $error = $lang->error_invalid_report;
  90      }
  91      else
  92      {
  93          $id2 = $id3 = 0; // We don't use these on the profile
  94          $id = $user['uid']; // id is the profile user
  95          $permissions = user_permissions($user['uid']);
  96  
  97          if(empty($permissions['canbereported']))
  98          {
  99              $error = $lang->error_invalid_report;
 100          }
 101          else
 102          {
 103              $verified = true;
 104              $report_type_db = "type = 'profile'";
 105          }
 106      }
 107  }
 108  else if($report_type == 'reputation')
 109  {
 110      // Any member can report a reputation comment but let's make sure it exists first
 111      $query = $db->simple_select("reputation", "*", "rid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 112  
 113      if(!$db->num_rows($query))
 114      {
 115          $error = $lang->error_invalid_report;
 116      }
 117      else
 118      {
 119          $verified = true;
 120          $reputation = $db->fetch_array($query);
 121  
 122          $id = $reputation['rid']; // id is the reputation id
 123          $id2 = $reputation['adduid']; // id2 is the user who gave the comment
 124          $id3 = $reputation['uid']; // id3 is the user who received the comment
 125  
 126          $report_type_db = "type = 'reputation'";
 127      }
 128  }
 129  
 130  $plugins->run_hooks("report_type");
 131  
 132  // Check for an existing report
 133  if(!empty($report_type_db))
 134  {
 135      $query = $db->simple_select("reportedcontent", "*", "reportstatus != '1' AND id = '{$id}' AND {$report_type_db}");
 136  
 137      if($db->num_rows($query))
 138      {
 139          // Existing report
 140          $report = $db->fetch_array($query);
 141          $report['reporters'] = my_unserialize($report['reporters']);
 142  
 143          if($mybb->user['uid'] == $report['uid'] || is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters']))
 144          {
 145              $error = $lang->success_report_voted;
 146          }
 147      }
 148  }
 149  
 150  $mybb->input['action'] = $mybb->get_input('action');
 151  
 152  if(empty($error) && $verified == true && $mybb->input['action'] == "do_report" && $mybb->request_method == "post")
 153  {
 154      verify_post_check($mybb->get_input('my_post_key'));
 155  
 156      $plugins->run_hooks("report_do_report_start");
 157  
 158      // Is this an existing report or a new offender?
 159      if(!empty($report))
 160      {
 161          // Existing report, add vote
 162          $report['reporters'][] = $mybb->user['uid'];
 163          update_report($report);
 164  
 165          $plugins->run_hooks("report_do_report_end");
 166  
 167          eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 168          echo $report_thanks;
 169          exit;
 170      }
 171      else
 172      {
 173          // Bad user!
 174          $new_report = array(
 175              'id' => $id,
 176              'id2' => $id2,
 177              'id3' => $id3,
 178              'uid' => $mybb->user['uid']
 179          );
 180  
 181          // Figure out the reason
 182          $rid = $mybb->get_input('reason', MyBB::INPUT_INT);
 183          $query = $db->simple_select("reportreasons", "*", "rid = '{$rid}'");
 184  
 185          if(!$db->num_rows($query))
 186          {
 187              $error = $lang->error_invalid_report_reason;
 188              $verified = false;
 189          }
 190          else
 191          {
 192              $reason = $db->fetch_array($query);
 193  
 194              $new_report['reasonid'] = $reason['rid'];
 195  
 196              if($reason['extra'])
 197              {
 198                  $comment = trim($mybb->get_input('comment'));
 199                  if(empty($comment) || $comment == '')
 200                  {
 201                      $error = $lang->error_comment_required;
 202                      $verified = false;
 203                  }
 204                  else
 205                  {
 206                      if(my_strlen($comment) < 3)
 207                      {
 208                          $error = $lang->error_report_length;
 209                          $verified = false;
 210                      }
 211                      else
 212                      {
 213                          $new_report['reason'] = $comment;
 214                      }
 215                  }
 216              }
 217          }
 218  
 219          if(empty($error))
 220          {
 221              add_report($new_report, $report_type);
 222  
 223              $plugins->run_hooks("report_do_report_end");
 224  
 225              eval("\$report_thanks = \"".$templates->get("report_thanks")."\";");
 226              echo $report_thanks;
 227              exit;
 228          }
 229      }
 230  }
 231  
 232  if(!empty($error) || $verified == false)
 233  {
 234      $mybb->input['action'] = '';
 235  
 236      if($verified == false && empty($error))
 237      {
 238          $error = $lang->error_invalid_report;
 239      }
 240  }
 241  
 242  if(!$mybb->input['action'])
 243  {
 244      if(!empty($error))
 245      {
 246          if($mybb->input['no_modal'])
 247          {
 248              eval("\$report_reasons = \"".$templates->get("report_error_nomodal")."\";");
 249          }
 250          else
 251          {
 252              eval("\$report_reasons = \"".$templates->get("report_error")."\";");
 253          }
 254      }
 255      else
 256      {
 257          if(!empty($report))
 258          {
 259              eval("\$report_reasons = \"".$templates->get("report_duplicate")."\";");
 260          }
 261          else
 262          {
 263              $reportreasons = $cache->read('reportreasons');
 264              $reasons = $reportreasons[$report_type];
 265              $reasonslist = '';
 266              foreach($reasons as $reason)
 267              {
 268                  $reason['title'] = htmlspecialchars_uni($lang->parse($reason['title']));
 269                  eval("\$reasonslist .= \"".$templates->get("report_reason")."\";");
 270              }
 271              eval("\$report_reasons = \"".$templates->get("report_reasons")."\";");
 272          }
 273      }
 274  
 275      if($mybb->input['no_modal'])
 276      {
 277          echo $report_reasons;
 278          exit;
 279      }
 280  
 281      $plugins->run_hooks("report_end");
 282  
 283      eval("\$report = \"".$templates->get("report", 1, 0)."\";");
 284      echo $report;
 285      exit;
 286  }


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1