6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
14 define('IN_PHPBB', true);
15 if (!defined('PHPBB_ROOT_PATH')) define('PHPBB_ROOT_PATH', './');
16 if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__
, '.'), 1));
17 include(PHPBB_ROOT_PATH
. 'common.' . PHP_EXT
);
18 include(PHPBB_ROOT_PATH
. 'includes/functions_admin.' . PHP_EXT
);
19 require(PHPBB_ROOT_PATH
. 'includes/functions_module.' . PHP_EXT
);
21 // Start session management
22 $user->session_begin();
23 $auth->acl($user->data
);
26 $module = new p_master();
28 // Setting a variable to let the style designer know where he is...
29 $template->assign_var('S_IN_MCP', true);
31 // Basic parameter data
32 $id = request_var('i', '');
34 if (isset($_REQUEST['mode']) && is_array($_REQUEST['mode']))
36 $mode = request_var('mode', array(''));
37 list($mode, ) = each($mode);
41 $mode = request_var('mode', '');
44 // Only Moderators can go beyond this point
45 if (!$user->data
['is_registered'])
47 if ($user->data
['is_bot'])
49 redirect(append_sid(PHPBB_ROOT_PATH
. 'index.' . PHP_EXT
));
52 login_box('', $user->lang
['LOGIN_EXPLAIN_MCP']);
55 $quickmod = (isset($_REQUEST['quickmod'])) ?
true : false;
56 $action = request_var('action', '');
57 $action_ary = request_var('action', array('' => 0));
59 $forum_action = request_var('forum_action', '');
60 if ($forum_action !== '' && !empty($_POST['sort']))
62 $action = $forum_action;
65 if (sizeof($action_ary))
67 list($action, ) = each($action_ary);
71 if ($mode == 'topic_logs')
77 $post_id = request_var('p', 0);
78 $topic_id = request_var('t', 0);
79 $forum_id = request_var('f', 0);
80 $user_id = request_var('u', 0);
81 $username = utf8_normalize_nfc(request_var('username', '', true));
85 // We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
86 $sql = 'SELECT topic_id, forum_id
87 FROM ' . POSTS_TABLE
. "
88 WHERE post_id = $post_id";
89 $result = $db->sql_query($sql);
90 $row = $db->sql_fetchrow($result);
91 $db->sql_freeresult($result);
93 $topic_id = (int) $row['topic_id'];
94 $forum_id = (int) ($row['forum_id']) ?
$row['forum_id'] : $forum_id;
98 $sql = 'SELECT forum_id
99 FROM ' . TOPICS_TABLE
. "
100 WHERE topic_id = $topic_id";
101 $result = $db->sql_query($sql);
102 $row = $db->sql_fetchrow($result);
103 $db->sql_freeresult($result);
105 $forum_id = (int) $row['forum_id'];
108 // If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
109 if (!$auth->acl_getf_global('m_'))
111 // Except he is using one of the quickmod tools for users
112 $user_quickmod_actions = array(
113 'lock' => 'f_user_lock',
114 'make_sticky' => 'f_sticky',
115 'make_announce' => 'f_announce',
116 'make_global' => 'f_announce',
117 'make_normal' => array('f_announce', 'f_sticky')
121 if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data
['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
123 $topic_info = get_topic_data(array($topic_id));
124 if ($topic_info[$topic_id]['topic_poster'] == $user->data
['user_id'])
132 trigger_error('NOT_AUTHORISED');
136 // if the user cannot read the forum he tries to access then we won't allow mcp access either
137 if ($forum_id && !$auth->acl_get('f_read', $forum_id))
139 trigger_error('NOT_AUTHORISED');
144 $module->acl_forum_id
= $forum_id;
147 // Instantiate module system and generate list of available modules
148 $module->list_modules('mcp');
161 case 'make_announce':
168 $module->load('mcp', 'main', 'quickmod');
173 $module->set_active('logs', 'topic_logs');
177 $module->set_active('main', 'forum_view');
182 $module->set_active('main', 'topic_view');
186 trigger_error("$action not allowed as quickmod", E_USER_ERROR
);
192 // Select the active module
193 $module->set_active($id, $mode);
196 // Hide some of the options if we don't have the relevant information to use them
199 $module->set_display('main', 'post_details', false);
200 $module->set_display('warn', 'warn_post', false);
203 if ($mode == '' ||
$mode == 'unapproved_topics' ||
$mode == 'unapproved_posts')
205 $module->set_display('queue', 'approve_details', false);
208 if ($mode == '' ||
$mode == 'reports' ||
$mode == 'reports_closed')
210 $module->set_display('reports', 'report_details', false);
215 $module->set_display('main', 'topic_view', false);
216 $module->set_display('logs', 'topic_logs', false);
221 $module->set_display('main', 'forum_view', false);
222 $module->set_display('logs', 'forum_logs', false);
225 if (!$user_id && $username == '')
227 $module->set_display('notes', 'user_notes', false);
228 $module->set_display('warn', 'warn_user', false);
231 // Load and execute the relevant module
232 $module->load_active();
234 // Assign data to the template engine for the list of modules
235 $module->assign_tpl_vars(append_sid(PHPBB_ROOT_PATH
. 'mcp.' . PHP_EXT
));
237 // Generate urls for letting the moderation control panel being accessed in different modes
238 $template->assign_vars(array(
239 'U_MCP' => append_sid('mcp', 'i=main'),
240 'U_MCP_FORUM' => ($forum_id) ?
append_sid('mcp', "i=main&mode=forum_view&f=$forum_id") : '',
241 'U_MCP_TOPIC' => ($forum_id && $topic_id) ?
append_sid('mcp', "i=main&mode=topic_view&t=$topic_id") : '',
242 'U_MCP_POST' => ($forum_id && $topic_id && $post_id) ?
append_sid('mcp', "i=main&mode=post_details&t=$topic_id&p=$post_id") : '',
245 // Generate the page, do not display/query online list
246 $module->display($module->get_page_title(), false);
249 * Functions used to generate additional URL paramters
251 function _module__url($mode, &$module_row)
256 function _module_notes_url($mode, &$module_row)
258 if ($mode == 'front')
264 return ($user_id) ?
"&u=$user_id" : '';
267 function _module_warn_url($mode, &$module_row)
269 if ($mode == 'front' ||
$mode == 'list')
273 return ($forum_id) ?
"&f=$forum_id" : '';
276 if ($mode == 'warn_post')
278 global $forum_id, $post_id;
280 $url_extra = ($forum_id) ?
"&f=$forum_id" : '';
281 $url_extra .= ($post_id) ?
"&p=$post_id" : '';
289 return ($user_id) ?
"&u=$user_id" : '';
293 function _module_main_url($mode, &$module_row)
298 function _module_logs_url($mode, &$module_row)
303 function _module_ban_url($mode, &$module_row)
308 function _module_queue_url($mode, &$module_row)
313 function _module_reports_url($mode, &$module_row)
320 global $forum_id, $topic_id, $post_id, $user_id;
323 $url_extra .= ($forum_id) ?
"&f=$forum_id" : '';
324 $url_extra .= ($topic_id) ?
"&t=$topic_id" : '';
325 $url_extra .= ($post_id) ?
"&p=$post_id" : '';
326 $url_extra .= ($user_id) ?
"&u=$user_id" : '';
332 * Get simple topic data
334 function get_topic_data($topic_ids, $acl_list = false, $read_tracking = false)
336 global $auth, $db, $config, $user;
337 static $rowset = array();
341 if (!sizeof($topic_ids))
346 // cache might not contain read tracking info, so we can't use it if read
347 // tracking information is requested
350 $cache_topic_ids = array_intersect($topic_ids, array_keys($rowset));
351 $topic_ids = array_diff($topic_ids, array_keys($rowset));
355 $cache_topic_ids = array();
358 if (sizeof($topic_ids))
361 'SELECT' => 't.*, f.*',
367 'LEFT_JOIN' => array(
369 'FROM' => array(FORUMS_TABLE
=> 'f'),
370 'ON' => 'f.forum_id = t.forum_id'
374 'WHERE' => $db->sql_in_set('t.topic_id', $topic_ids)
377 if ($read_tracking && $config['load_db_lastread'])
379 $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
381 $sql_array['LEFT_JOIN'][] = array(
382 'FROM' => array(TOPICS_TRACK_TABLE
=> 'tt'),
383 'ON' => 'tt.user_id = ' . $user->data
['user_id'] . ' AND t.topic_id = tt.topic_id'
386 $sql_array['LEFT_JOIN'][] = array(
387 'FROM' => array(FORUMS_TRACK_TABLE
=> 'ft'),
388 'ON' => 'ft.user_id = ' . $user->data
['user_id'] . ' AND t.forum_id = ft.forum_id'
392 $sql = $db->sql_build_query('SELECT', $sql_array);
393 $result = $db->sql_query($sql);
395 while ($row = $db->sql_fetchrow($result))
397 if (!$row['forum_id'])
399 // Global Announcement?
400 $row['forum_id'] = request_var('f', 0);
403 $rowset[$row['topic_id']] = $row;
405 if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
410 $topics[$row['topic_id']] = $row;
412 $db->sql_freeresult($result);
415 foreach ($cache_topic_ids as $id)
417 if (!$acl_list ||
$auth->acl_gets($acl_list, $rowset[$id]['forum_id']))
419 $topics[$id] = $rowset[$id];
427 * Get simple post data
429 function get_post_data($post_ids, $acl_list = false, $read_tracking = false)
431 global $db, $auth, $config, $user;
435 if (!sizeof($post_ids))
441 'SELECT' => 'p.*, u.*, t.*, f.*',
449 'LEFT_JOIN' => array(
451 'FROM' => array(FORUMS_TABLE
=> 'f'),
452 'ON' => 'f.forum_id = t.forum_id'
456 'WHERE' => $db->sql_in_set('p.post_id', $post_ids) . '
457 AND u.user_id = p.poster_id
458 AND t.topic_id = p.topic_id',
461 if ($read_tracking && $config['load_db_lastread'])
463 $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
465 $sql_array['LEFT_JOIN'][] = array(
466 'FROM' => array(TOPICS_TRACK_TABLE
=> 'tt'),
467 'ON' => 'tt.user_id = ' . $user->data
['user_id'] . ' AND t.topic_id = tt.topic_id'
470 $sql_array['LEFT_JOIN'][] = array(
471 'FROM' => array(FORUMS_TRACK_TABLE
=> 'ft'),
472 'ON' => 'ft.user_id = ' . $user->data
['user_id'] . ' AND t.forum_id = ft.forum_id'
476 $sql = $db->sql_build_query('SELECT', $sql_array);
477 $result = $db->sql_query($sql);
480 while ($row = $db->sql_fetchrow($result))
482 if (!$row['forum_id'])
484 // Global Announcement?
485 $row['forum_id'] = request_var('f', 0);
488 if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
493 if (!$row['post_approved'] && !$auth->acl_get('m_approve', $row['forum_id']))
495 // Moderators without the permission to approve post should at least not see them. ;)
499 $rowset[$row['post_id']] = $row;
501 $db->sql_freeresult($result);
507 * Get simple forum data
509 function get_forum_data($forum_id, $acl_list = 'f_list', $read_tracking = false)
511 global $auth, $db, $user, $config;
515 if (!is_array($forum_id))
517 $forum_id = array($forum_id);
520 if (!sizeof($forum_id))
525 if ($read_tracking && $config['load_db_lastread'])
527 $read_tracking_join = ' LEFT JOIN ' . FORUMS_TRACK_TABLE
. ' ft ON (ft.user_id = ' . $user->data
['user_id'] . '
528 AND ft.forum_id = f.forum_id)';
529 $read_tracking_select = ', ft.mark_time';
533 $read_tracking_join = $read_tracking_select = '';
536 $sql = "SELECT f.* $read_tracking_select
537 FROM " . FORUMS_TABLE
. " f$read_tracking_join
538 WHERE " . $db->sql_in_set('f.forum_id', $forum_id);
539 $result = $db->sql_query($sql);
541 while ($row = $db->sql_fetchrow($result))
543 if ($acl_list && !$auth->acl_gets($acl_list, $row['forum_id']))
548 if ($auth->acl_get('m_approve', $row['forum_id']))
550 $row['forum_topics'] = $row['forum_topics_real'];
553 $rowset[$row['forum_id']] = $row;
555 $db->sql_freeresult($result);
563 * @param string $where_sql should either be WHERE (default if ommited) or end with AND or OR
565 function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE')
567 global $db, $user, $auth, $template;
569 $sort_days = request_var('st', 0);
570 $min_time = ($sort_days) ?
time() - ($sort_days * 86400) : 0;
579 $sql = 'SELECT COUNT(topic_id) AS total
580 FROM ' . TOPICS_TABLE
. "
581 $where_sql forum_id = $forum_id
582 AND topic_type NOT IN (" . POST_ANNOUNCE
. ', ' . POST_GLOBAL
. ")
583 AND topic_last_post_time >= $min_time";
585 if (!$auth->acl_get('m_approve', $forum_id))
587 $sql .= 'AND topic_approved = 1';
596 $sql = 'SELECT COUNT(post_id) AS total
597 FROM ' . POSTS_TABLE
. "
598 $where_sql topic_id = $topic_id
599 AND post_time >= $min_time";
601 if (!$auth->acl_get('m_approve', $forum_id))
603 $sql .= 'AND post_approved = 1';
607 case 'unapproved_posts':
611 $where_sql .= ($topic_id) ?
' topic_id = ' . $topic_id . ' AND' : '';
613 $sql = 'SELECT COUNT(post_id) AS total
614 FROM ' . POSTS_TABLE
. "
615 $where_sql " . $db->sql_in_set('forum_id', ($forum_id) ?
array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . '
616 AND post_approved = 0';
620 $sql .= ' AND post_time >= ' . $min_time;
624 case 'unapproved_topics':
629 $sql = 'SELECT COUNT(topic_id) AS total
630 FROM ' . TOPICS_TABLE
. "
631 $where_sql " . $db->sql_in_set('forum_id', ($forum_id) ?
array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . '
632 AND topic_approved = 0';
636 $sql .= ' AND topic_time >= ' . $min_time;
641 case 'reports_closed':
645 $limit_time_sql = ($min_time) ?
"AND r.report_time >= $min_time" : '';
649 $where_sql .= ' p.topic_id = ' . $topic_id;
653 $where_sql .= ' p.forum_id = ' . $forum_id;
657 $where_sql .= ' ' . $db->sql_in_set('p.forum_id', get_forum_list(array('!f_read', '!m_report')), true, true);
660 if ($mode == 'reports')
662 $where_sql .= ' AND r.report_closed = 0';
666 $where_sql .= ' AND r.report_closed = 1';
669 $sql = 'SELECT COUNT(r.report_id) AS total
670 FROM ' . REPORTS_TABLE
. ' r, ' . POSTS_TABLE
. " p
672 AND p.post_id = r.post_id
681 $sql = 'SELECT COUNT(log_id) AS total
682 FROM ' . LOG_TABLE
. "
683 $where_sql " . $db->sql_in_set('forum_id', ($forum_id) ?
array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_'))) . '
684 AND log_time >= ' . $min_time . '
685 AND log_type = ' . LOG_MOD
;
689 $sort_key = request_var('sk', $default_key);
690 $sort_dir = request_var('sd', $default_dir);
691 $sort_dir_text = array('a' => $user->lang
['ASCENDING'], 'd' => $user->lang
['DESCENDING']);
696 $limit_days = array(0 => $user->lang
['ALL_TOPICS'], 1 => $user->lang
['1_DAY'], 7 => $user->lang
['7_DAYS'], 14 => $user->lang
['2_WEEKS'], 30 => $user->lang
['1_MONTH'], 90 => $user->lang
['3_MONTHS'], 180 => $user->lang
['6_MONTHS'], 365 => $user->lang
['1_YEAR']);
697 $sort_by_text = array('a' => $user->lang
['AUTHOR'], 't' => $user->lang
['POST_TIME'], 'tt' => $user->lang
['TOPIC_TIME'], 'r' => $user->lang
['REPLIES'], 's' => $user->lang
['SUBJECT'], 'v' => $user->lang
['VIEWS']);
699 $sort_by_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'tt' => 't.topic_time', 'r' => (($auth->acl_get('m_approve', $forum_id)) ?
't.topic_replies_real' : 't.topic_replies'), 's' => 't.topic_title', 'v' => 't.topic_views');
700 $limit_time_sql = ($min_time) ?
"AND t.topic_last_post_time >= $min_time" : '';
704 $limit_days = array(0 => $user->lang
['ALL_POSTS'], 1 => $user->lang
['1_DAY'], 7 => $user->lang
['7_DAYS'], 14 => $user->lang
['2_WEEKS'], 30 => $user->lang
['1_MONTH'], 90 => $user->lang
['3_MONTHS'], 180 => $user->lang
['6_MONTHS'], 365 => $user->lang
['1_YEAR']);
705 $sort_by_text = array('a' => $user->lang
['AUTHOR'], 't' => $user->lang
['POST_TIME'], 's' => $user->lang
['SUBJECT']);
706 $sort_by_sql = array('a' => 'u.username_clean', 't' => 'p.post_time', 's' => 'p.post_subject');
707 $limit_time_sql = ($min_time) ?
"AND p.post_time >= $min_time" : '';
711 $limit_days = array(0 => $user->lang
['ALL_REPORTS'], 1 => $user->lang
['1_DAY'], 7 => $user->lang
['7_DAYS'], 14 => $user->lang
['2_WEEKS'], 30 => $user->lang
['1_MONTH'], 90 => $user->lang
['3_MONTHS'], 180 => $user->lang
['6_MONTHS'], 365 => $user->lang
['1_YEAR']);
712 $sort_by_text = array('a' => $user->lang
['AUTHOR'], 'r' => $user->lang
['REPORTER'], 'p' => $user->lang
['POST_TIME'], 't' => $user->lang
['REPORT_TIME'], 's' => $user->lang
['SUBJECT']);
713 $sort_by_sql = array('a' => 'u.username_clean', 'r' => 'ru.username', 'p' => 'p.post_time', 't' => 'r.report_time', 's' => 'p.post_subject');
717 $limit_days = array(0 => $user->lang
['ALL_ENTRIES'], 1 => $user->lang
['1_DAY'], 7 => $user->lang
['7_DAYS'], 14 => $user->lang
['2_WEEKS'], 30 => $user->lang
['1_MONTH'], 90 => $user->lang
['3_MONTHS'], 180 => $user->lang
['6_MONTHS'], 365 => $user->lang
['1_YEAR']);
718 $sort_by_text = array('u' => $user->lang
['SORT_USERNAME'], 't' => $user->lang
['SORT_DATE'], 'i' => $user->lang
['SORT_IP'], 'o' => $user->lang
['SORT_ACTION']);
720 $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
721 $limit_time_sql = ($min_time) ?
"AND l.log_time >= $min_time" : '';
725 if (!isset($sort_by_sql[$sort_key]))
727 $sort_key = $default_key;
730 $sort_order_sql = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ?
'DESC' : 'ASC');
732 $s_limit_days = $s_sort_key = $s_sort_dir = $sort_url = '';
733 gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $sort_url);
735 $template->assign_vars(array(
736 'S_SELECT_SORT_DIR' => $s_sort_dir,
737 'S_SELECT_SORT_KEY' => $s_sort_key,
738 'S_SELECT_SORT_DAYS' => $s_limit_days)
741 if (($sort_days && $mode != 'viewlogs') ||
in_array($mode, array('reports', 'unapproved_topics', 'unapproved_posts')) ||
$where_sql != 'WHERE')
743 $result = $db->sql_query($sql);
744 $total = (int) $db->sql_fetchfield('total');
745 $db->sql_freeresult($result);
756 * @param array &$ids The relevant ids to check
757 * @param string $table The table to find the ids in
758 * @param string $sql_id The ids relevant column name
759 * @param array $acl_list A list of permissions the user need to have
760 * @param mixed $singe_forum Limit to one forum id (int) or the first forum found (true)
762 * @return mixed False if no ids were able to be retrieved, true if at least one id left.
763 * Additionally, this value can be the forum_id assigned if $single_forum was set.
764 * Therefore checking the result for with !== false is the best method.
766 function check_ids(&$ids, $table, $sql_id, $acl_list = false, $single_forum = false)
770 if (!is_array($ids) ||
empty($ids))
775 $sql = "SELECT $sql_id, forum_id FROM $table
776 WHERE " . $db->sql_in_set($sql_id, $ids);
777 $result = $db->sql_query($sql);
782 while ($row = $db->sql_fetchrow($result))
784 if ($acl_list && $row['forum_id'] && !$auth->acl_gets($acl_list, $row['forum_id']))
789 if ($acl_list && !$row['forum_id'] && !$auth->acl_getf_global($acl_list))
794 // Limit forum? If not, just assign the id.
795 if ($single_forum === false)
797 $ids[] = $row[$sql_id];
801 // Limit forum to a specific forum id?
802 // This can get really tricky, because we do not want to create a failure on global topics. :)
803 if ($row['forum_id'])
805 if ($single_forum !== true && $row['forum_id'] == (int) $single_forum)
807 $forum_id = (int) $single_forum;
809 else if ($forum_id === false)
811 $forum_id = $row['forum_id'];
814 if ($row['forum_id'] == $forum_id)
816 $ids[] = $row[$sql_id];
821 // Always add a global topic
822 $ids[] = $row[$sql_id];
825 $db->sql_freeresult($result);
832 // If forum id is false and ids populated we may have only global announcements selected (returning 0 because of (int) $forum_id)
834 return ($single_forum === false) ?
true : (int) $forum_id;