search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
#4428
[phpbb.git] / phpBB / includes / mcp / mcp_reports.php
blob4ede1ab416813e4c905965882cdf73ec6501d834
1 <?php
2 /**
3 *
4 * @package mcp
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * mcp_reports
13 * Handling the reports queue
14 * @package mcp
15 */
16 class mcp_reports
17 {
18 var $p_master;
19 var $u_action;
20
21 function mcp_main(&$p_master)
22 {
23 $this->p_master = &$p_master;
24 }
25
26 function main($id, $mode)
27 {
28 global $auth, $db, $user, $template;
29 global $config, $phpbb_root_path, $phpEx, $action;
30
31 include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
32
33 $forum_id = request_var('f', 0);
34 $start = request_var('start', 0);
35
36 $this->page_title = 'MCP_REPORTS';
37
38 switch ($action)
39 {
40 case 'close':
41 case 'delete':
42 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
43
44 $post_id_list = request_var('post_id_list', array(0));
45
46 if (!sizeof($post_id_list))
47 {
48 trigger_error('NO_POST_SELECTED');
49 }
50
51 close_report($post_id_list, $mode, $action);
52
53 break;
54 }
55
56 switch ($mode)
57 {
58 case 'report_details':
59
60 $user->add_lang('posting');
61
62 $post_id = request_var('p', 0);
63
64 // closed reports are accessed by report id
65 $report_id = request_var('r', 0);
66
67 $sql = 'SELECT r.post_id, r.user_id, r.report_closed, report_time, r.report_text, rr.reason_title, rr.reason_description, u.username
68 FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
69 WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id AND r.report_closed = 0") . '
70 AND rr.reason_id = r.reason_id
71 AND r.user_id = u.user_id';
72 $result = $db->sql_query($sql);
73 $report = $db->sql_fetchrow($result);
74 $db->sql_freeresult($result);
75
76 if (!$report)
77 {
78 trigger_error('NO_POST_REPORT');
79 }
80
81 if ($report_id)
82 {
83 $post_id = $report['post_id'];
84 }
85
86 $post_info = get_post_data(array($post_id), 'm_report');
87
88 if (!sizeof($post_info))
89 {
90 trigger_error('NO_POST_SELECTED');
91 }
92
93 $post_info = $post_info[$post_id];
94
95 $reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']);
96 if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])]))
97 {
98 $reason['description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])];
99 $reason['title'] = $user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])];
100 }
101
102 if (topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
103 {
104 $template->assign_vars(array(
105 'S_TOPIC_REVIEW' => true,
106 'TOPIC_TITLE' => $post_info['topic_title'])
107 );
108 }
109
110 // Set some vars
111 if ($post_info['user_id'] == ANONYMOUS)
112 {
113 $poster = ($post_info['post_username']) ? $post_info['post_username'] : $user->lang['GUEST'];
114 }
115
116 $poster = ($post_info['user_colour']) ? '<span style="color:#' . $post_info['user_colour'] . '">' . $post_info['username'] . '</span>' : $post_info['username'];
117
118 // Process message, leave it uncensored
119 $message = $post_info['post_text'];
120 $message = str_replace("\n", '<br />', $message);
121 if ($post_info['bbcode_bitfield'])
122 {
123 include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
124
125 $bbcode = new bbcode($post_info['bbcode_bitfield']);
126 $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
127 }
128 $message = smiley_text($message);
129
130 $template->assign_vars(array(
131 'S_MCP_REPORT' => true,
132 'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&amp;p=$post_id&amp;f=$forum_id"),
133 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
134 'S_POST_REPORTED' => $post_info['post_reported'],
135 'S_POST_UNAPPROVED' => !$post_info['post_approved'],
136 'S_POST_LOCKED' => $post_info['post_edit_locked'],
137 'S_USER_NOTES' => true,
138
139 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '',
140 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
141 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
142 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $report['user_id']),
143 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']),
144 'U_MCP_WARN_REPORTER' => ($auth->acl_getf_global('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $report['user_id']) : '',
145 'U_MCP_WARN_USER' => ($auth->acl_getf_global('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '',
146 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
147 'U_VIEW_PROFILE' => ($post_info['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $post_info['user_id']) : '',
148 'U_VIEW_REPORTER_PROFILE' => ($report['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $report['user_id']) : '',
149 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']),
150
151 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
152 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
153
154 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports' . (($post_info['post_reported']) ? '&amp;mode=reports' : '&amp;mode=reports_closed') . '&amp;start=' . $start) . '">', '</a>'),
155 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
156 'REPORT_REASON_TITLE' => $reason['title'],
157 'REPORT_REASON_DESCRIPTION' => $reason['description'],
158 'REPORTER_NAME' => ($report['user_id'] == ANONYMOUS) ? $user->lang['GUEST'] : $report['username'],
159 'REPORT_DATE' => $user->format_date($report['report_time']),
160 'REPORT_TEXT' => $report['report_text'],
161
162 'POSTER_NAME' => $poster,
163 'POST_PREVIEW' => $message,
164 'POST_SUBJECT' => $post_info['post_subject'],
165 'POST_DATE' => $user->format_date($post_info['post_time']),
166 'POST_IP' => $post_info['poster_ip'],
167 'POST_IPADDR' => @gethostbyaddr($post_info['poster_ip']),
168 'POST_ID' => $post_info['post_id'])
169 );
170
171 $this->tpl_name = 'mcp_post';
172
173 break;
174
175 case 'reports':
176 case 'reports_closed':
177 $topic_id = request_var('t', 0);
178
179 $forum_info = array();
180 $forum_list_reports = get_forum_list('m_report', false, true);
181
182 if ($topic_id)
183 {
184 $topic_info = get_topic_data(array($topic_id));
185
186 if (!sizeof($topic_info))
187 {
188 trigger_error($user->lang['TOPIC_NOT_EXIST']);
189 }
190
191 $topic_info = $topic_info[$topic_id];
192 $forum_id = $topic_info['forum_id'];
193 }
194
195 $forum_list = array();
196
197 if (!$forum_id)
198 {
199 foreach ($forum_list_reports as $row)
200 {
201 $forum_list[] = $row['forum_id'];
202 }
203
204 if (!sizeof($forum_list))
205 {
206 trigger_error('NOT_MODERATOR');
207 }
208
209 $global_id = $forum_list[0];
210
211 $sql = 'SELECT SUM(forum_topics) as sum_forum_topics
212 FROM ' . FORUMS_TABLE . '
213 WHERE ' . $db->sql_in_set('forum_id', $forum_list);
214 $result = $db->sql_query($sql);
215 $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
216 $db->sql_freeresult($result);
217 }
218 else
219 {
220 $forum_info = get_forum_data(array($forum_id), 'm_report');
221
222 if (!sizeof($forum_info))
223 {
224 trigger_error('NOT_MODERATOR');
225 }
226
227 $forum_info = $forum_info[$forum_id];
228 $forum_list = array($forum_id);
229 $global_id = $forum_id;
230 }
231
232 $forum_list[] = 0;
233 $forum_data = array();
234
235 $forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
236 foreach ($forum_list_reports as $row)
237 {
238 $forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . $row['forum_name'] . '</option>';
239 $forum_data[$row['forum_id']] = $row;
240 }
241 unset($forum_list_reports);
242
243 $sort_days = $total = 0;
244 $sort_key = $sort_dir = '';
245 $sort_by_sql = $sort_order_sql = array();
246 mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
247
248 $forum_topics = ($total == -1) ? $forum_info['forum_topics'] : $total;
249 $limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
250
251 if ($mode == 'reports')
252 {
253 $report_state = 'AND p.post_reported = 1 AND r.report_closed = 0';
254 }
255 else
256 {
257 $report_state = 'AND r.report_closed = 1';
258 }
259
260 $sql = 'SELECT r.report_id
261 FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . REPORTS_TABLE . ' r ' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . (($sort_order_sql[0] == 'r') ? ', ' . USERS_TABLE . ' ru' : '') . '
262 WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . "
263 $report_state
264 AND r.post_id = p.post_id
265 " . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
266 ' . (($sort_order_sql[0] == 'r') ? 'AND ru.user_id = p.poster_id' : '') . '
267 ' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
268 AND t.topic_id = p.topic_id
269 $limit_time_sql
270 ORDER BY $sort_order_sql";
271 $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
272
273 $i = 0;
274 $report_ids = array();
275 while ($row = $db->sql_fetchrow($result))
276 {
277 $report_ids[] = $row['report_id'];
278 $row_num[$row['report_id']] = $i++;
279 }
280 $db->sql_freeresult($result);
281
282 if (sizeof($report_ids))
283 {
284 $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username, r.user_id as reporter_id, ru.username as reporter_name, r.report_time, r.report_id
285 FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u, ' . USERS_TABLE . ' ru
286 WHERE ' . $db->sql_in_set('r.report_id', $report_ids) . '
287 AND t.topic_id = p.topic_id
288 AND r.post_id = p.post_id
289 AND u.user_id = p.poster_id
290 AND ru.user_id = r.user_id';
291 $result = $db->sql_query($sql);
292
293 $report_data = $rowset = array();
294 while ($row = $db->sql_fetchrow($result))
295 {
296 if ($row['poster_id'] == ANONYMOUS)
297 {
298 $poster = (!empty($row['post_username'])) ? $row['post_username'] : $user->lang['GUEST'];
299 }
300 else
301 {
302 $poster = $row['username'];
303 }
304
305 $global_topic = ($row['forum_id']) ? false : true;
306 if ($global_topic)
307 {
308 $row['forum_id'] = $global_id;
309 }
310
311 $template->assign_block_vars('postrow', array(
312 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '',
313 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . '#p' . $row['post_id'],
314 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&amp;start=$start&amp;mode=report_details&amp;f={$row['forum_id']}&amp;r={$row['report_id']}"),
315 'U_VIEW_POSTER_PROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['poster_id']) : '',
316 'U_VIEW_REPORTER_PROFILE' => ($row['reporter_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['reporter_id']) : '',
317
318 'FORUM_NAME' => (!$global_topic) ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['GLOBAL_ANNOUNCEMENT'],
319 'POSTER' => $poster,
320 'POST_ID' => $row['post_id'],
321 'POST_SUBJECT' => $row['post_subject'],
322 'POST_TIME' => $user->format_date($row['post_time']),
323 'REPORTER' => ($row['reporter_id'] == ANONYMOUS) ? $user->lang['GUEST'] : $row['reporter_name'],
324 'REPORT_TIME' => $user->format_date($row['report_time']),
325 'TOPIC_TITLE' => $row['topic_title'])
326 );
327 }
328 $db->sql_freeresult($result);
329 unset($report_ids, $row);
330 }
331
332 // Now display the page
333 $template->assign_vars(array(
334 'L_EXPLAIN' => ($mode == 'reports') ? $user->lang['MCP_REPORTS_OPEN_EXPLAIN'] : $user->lang['MCP_REPORTS_CLOSED_EXPLAIN'],
335 'L_TITLE' => ($mode == 'reports') ? $user->lang['MCP_REPORTS_OPEN'] : $user->lang['MCP_REPORTS_CLOSED'],
336 'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
337
338 'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')),
339 'S_FORUM_OPTIONS' => $forum_options,
340 'S_CLOSED' => ($mode == 'reports_closed') ? true : false,
341
342 'PAGINATION' => generate_pagination($this->u_action . "&amp;f=$forum_id&amp;t=$topic_id", $total, $config['topics_per_page'], $start),
343 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start),
344 'TOPIC_ID' => $topic_id,
345 'TOTAL' => $total)
346 );
347
348 $this->tpl_name = 'mcp_reports';
349 break;
350 }
351 }
352 }
353
354 /**
355 * Closes a report
356 */
357 function close_report($post_id_list, $mode, $action)
358 {
359 global $db, $template, $user, $config;
360 global $phpEx, $phpbb_root_path;
361
362 if (!($forum_id = check_ids($post_id_list, POSTS_TABLE, 'post_id', 'm_report')))
363 {
364 trigger_error('NOT_AUTHORIZED');
365 }
366
367 if ($action == 'delete' && strpos($user->data['session_page'], 'mode=report_details') !== false)
368 {
369 $redirect = request_var('redirect', build_url(array('mode')) . '&amp;mode=reports');
370 }
371 else
372 {
373 $redirect = request_var('redirect', $user->data['session_page']);
374 }
375 $success_msg = '';
376
377 $s_hidden_fields = build_hidden_fields(array(
378 'i' => 'reports',
379 'mode' => $mode,
380 'post_id_list' => $post_id_list,
381 'f' => $forum_id,
382 'action' => $action,
383 'redirect' => $redirect)
384 );
385
386 if (confirm_box(true))
387 {
388 $post_info = get_post_data($post_id_list, 'm_report');
389
390 $sql = 'SELECT r.post_id, r.report_closed, r.user_id, r.user_notify, u.username, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type
391 FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u
392 WHERE ' . $db->sql_in_set('r.post_id', array_keys($post_info)) . '
393 ' . (($action == 'close') ? 'AND r.report_closed = 0' : '') . '
394 AND r.user_id = u.user_id';
395 $result = $db->sql_query($sql);
396
397 $reports = array();
398 while ($report = $db->sql_fetchrow($result))
399 {
400 $reports[$report['post_id']] = $report;
401 }
402 $db->sql_freeresult($result);
403
404 $close_report_posts = $close_report_topics = $notify_reporters = array();
405 foreach ($post_info as $post_id => $post_data)
406 {
407 if (isset($reports[$post_id]))
408 {
409 $close_report_posts[] = $post_id;
410 $close_report_topics[] = $post_data['topic_id'];
411
412 if ($reports[$post_id]['user_notify'] && !$reports[$post_id]['report_closed'])
413 {
414 $notify_reporters[$post_id] = $reports[$post_id];
415 }
416 }
417 }
418
419 if (sizeof($close_report_posts))
420 {
421 $close_report_topics = array_unique($close_report_topics);
422
423 // Get a list of topics that still contain reported posts
424 $sql = 'SELECT DISTINCT topic_id
425 FROM ' . POSTS_TABLE . '
426 WHERE ' . $db->sql_in_set('topic_id', $close_report_topics) . '
427 AND post_reported = 1
428 AND ' . $db->sql_in_set('post_id', $close_report_posts, true);
429 $result = $db->sql_query($sql);
430
431 $keep_report_topics = array();
432 while ($row = $db->sql_fetchrow($result))
433 {
434 $keep_report_topics[] = $row['topic_id'];
435 }
436 $db->sql_freeresult($result);
437
438 $close_report_topics = array_diff($close_report_topics, $keep_report_topics);
439 unset($keep_report_topics);
440
441 $db->sql_transaction('begin');
442
443 if ($action == 'close')
444 {
445 $sql = 'UPDATE ' . REPORTS_TABLE . '
446 SET report_closed = 1
447 WHERE ' . $db->sql_in_set('post_id', $close_report_posts);
448 }
449 else
450 {
451 $sql = 'DELETE FROM ' . REPORTS_TABLE . '
452 WHERE ' . $db->sql_in_set('post_id', $close_report_posts);
453 }
454 $db->sql_query($sql);
455
456 $sql = 'UPDATE ' . POSTS_TABLE . '
457 SET post_reported = 0
458 WHERE ' . $db->sql_in_set('post_id', $close_report_posts);
459 $db->sql_query($sql);
460
461 if (sizeof($close_report_topics))
462 {
463 $sql = 'UPDATE ' . TOPICS_TABLE . '
464 SET topic_reported = 0
465 WHERE ' . $db->sql_in_set('topic_id', $close_report_topics);
466 $db->sql_query($sql);
467 }
468
469 $db->sql_transaction('commit');
470 }
471 unset($close_report_posts, $close_report_topics);
472
473 $messenger = new messenger();
474
475 // Notify reporters
476 if (sizeof($notify_reporters))
477 {
478 $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']);
479
480 foreach ($notify_reporters as $post_id => $reporter)
481 {
482 if ($reporter['user_id'] == ANONYMOUS)
483 {
484 continue;
485 }
486
487 $messenger->template('report_' . $action . 'd', $reporter['user_lang']);
488
489 $messenger->replyto($config['board_email']);
490 $messenger->to($reporter['user_email'], $reporter['username']);
491 $messenger->im($reporter['user_jabber'], $reporter['username']);
492
493 $messenger->assign_vars(array(
494 'EMAIL_SIG' => $email_sig,
495 'SITENAME' => $config['sitename'],
496 'USERNAME' => html_entity_decode($reporter['username']),
497 'CLOSER_NAME' => html_entity_decode($user->data['username']),
498 'POST_SUBJECT' => html_entity_decode(censor_text($post_info[$post_id]['post_subject'])),
499 'TOPIC_TITLE' => html_entity_decode(censor_text($post_info[$post_id]['topic_title'])))
500 );
501
502 $messenger->send($reporter['user_notify_type']);
503 $messenger->reset();
504 }
505
506 $messenger->save_queue();
507 }
508 unset($notify_reporters, $post_info);
509
510 $success_msg = (sizeof($post_id_list) == 1) ? 'REPORT_' . strtoupper($action) . 'D_SUCCESS' : 'REPORTS_' . strtoupper($action) . 'D_SUCCESS';
511 }
512 else
513 {
514 confirm_box(false, $user->lang[strtoupper($action) . '_REPORT' . ((sizeof($post_id_list) == 1) ? '' : 'S') . '_CONFIRM'], $s_hidden_fields);
515 }
516
517 $redirect = request_var('redirect', "index.$phpEx");
518 $redirect = reapply_sid($redirect);
519
520 if (!$success_msg)
521 {
522 redirect($redirect);
523 }
524 else
525 {
526 meta_refresh(3, $redirect);
527 trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], "<a href=\"$redirect\">", '</a>'));
528 }
529 }
530
531 ?>
phpbb is a php-based BBS (buletin board system)