Просмотр файла post_report.php

Свежие Креативы и море позитива !!!
Размер файла: 14.37Kb 
<?php
/***************************************************************************
 *                              post_report.php
 *                            -------------------
 *          Part of Democracy MOD by Carbofos < [email protected] >
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/functions_reputation.' . $phpEx);

$mode = input_var('mode', 'view');

switch ($mode)
{
	case 'report':

		// Start session management
		$userdata = session_pagestart($user_ip, PAGE_INDEX);
		init_userprefs($userdata);

		$page_title = $lang['reputation_report'];
		include($phpbb_root_path . 'includes/page_header.'.$phpEx);

		$post_id = input_var(POST_POST_URL, NO_ID);
		if ($post_id != NO_ID)
		{
			$review_id = NO_ID;
			$back_url = append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=$post_id") . "#$post_id";
		}
		else
		{
			$review_id = input_var(POST_REVIEWS_URL, NO_ID, $lang['reputation_no_post_spec']);
			$back_url = append_sid("profile.$phpEx?mode=reputation&amp;" . POST_REVIEWS_URL . "=$review_id") . "#$review_id";
		}

		if (isset($HTTP_POST_VARS['cancel']))
		{
			redirect(str_replace('&amp;', '&', $back_url), true);
		}

		if ($post_id != NO_ID)
		{
			// post is being reported
			$result = db_query("SELECT poster_id, forum_id FROM {POSTS_TABLE} WHERE post_id = %d", $post_id);
			if (!($row = $db->sql_fetchrow($result)))
			{
				message_die(GENERAL_ERROR, $lang['reputation_no_post_spec']);
			}

			$cond = 'post_id = ' . $post_id;
			$s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
			$l_confirm = $lang['reputation_confirm_report'];
			$l_back = $lang['reputation_msg_back_to_topic'];
		}
		elseif ($review_id != NO_ID)
		{
			// review is being reported
			$result = db_query("SELECT voter_id AS poster_id, forum_id FROM {REPUTATION_TABLE} WHERE id = %d", $review_id);
			if (!($row = $db->sql_fetchrow($result)))
			{
				message_die(GENERAL_ERROR, $lang['reputation_no_review_spec']);
			}

			$cond = 'review_id = ' . $review_id;
			$s_hidden_fields = '<input type="hidden" name="' . POST_REVIEWS_URL . '" value="' . $review_id . '" />';
			$l_confirm = $lang['reputation_confirm_report2'];
			$l_back = $lang['reputation_msg_back_to_reviews'];
		}
		else
		{
			message_die(GENERAL_MESSAGE, $lang['reputation_no_post_spec']);
		}
		$forum_id = $row['forum_id'];

		if (isset($HTTP_POST_VARS['confirm']))
		{
			// Check if the post has been already reported
			$result = db_query('SELECT report_id, reports_num FROM {POST_REPORTS_TABLE} WHERE ' . $cond);

			if ($row = $db->sql_fetchrow($result))
			{
				// Increase count of existing report
				db_query('UPDATE {POST_REPORTS_TABLE}
					SET reports_num = reports_num + 1
					WHERE report_id = %d', $row['report_id']);
			}
			else
			{
				// Post new report
				db_query('INSERT INTO {POST_REPORTS_TABLE} (post_id, review_id, user_id, forum_id, report_time, reports_num)
					VALUES (%d, %d, %d, %d, %d, 1)',
					$post_id, $review_id, $userdata['user_id'], $forum_id, time());
			}

			message_die(GENERAL_MESSAGE, $lang['reputation_report_success'] . '<br /><br />' . sprintf($l_back, "<a href=\"$back_url\">", '</a>'));
		}

		//
		// Output confirmation page
		//
		$template->set_filenames(array('confirm_body' => 'confirm_body.tpl'));

		$template->assign_vars(array(
			'MESSAGE_TITLE' => $lang['Information'],
			'MESSAGE_TEXT' => $l_confirm,

			'L_YES' => $lang['Yes'],
			'L_NO' => $lang['No'],

			'S_CONFIRM_ACTION' => append_sid("post_report.$phpEx?mode=$mode"),
			'S_HIDDEN_FIELDS' => $s_hidden_fields)
		);

		$template->pparse('confirm_body');

		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
		break;

	case 'view':
		include($phpbb_root_path . 'includes/functions_post.' . $phpEx);
		include($phpbb_root_path . 'includes/bbcode.' . $phpEx);

		// Start session management
		$userdata = session_pagestart($user_ip, PAGE_INDEX);
		init_userprefs($userdata);

		$page_title = $lang['Mod_CP'];
		include($phpbb_root_path . 'includes/page_header.'.$phpEx);

		//
		// Check the user's access level
		//
		$forums_auth = reputation_auth(AUTH_LIST_ALL, $userdata);
		$forum_ids = '';
		foreach ($forums_auth as $forum_id => $is_auth)
		{
			if ($is_auth['auth_mod'])
			{
				$forum_ids .= ($forum_ids ? ',' : '') . $forum_id;
			}
		}
		if (!$forum_ids)
		{
			message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
		}

		//
		// Get reports count
		//
		$result = db_query("SELECT COUNT(report_id) AS num_reports FROM {POST_REPORTS_TABLE} r WHERE forum_id IN (%s)", $forum_ids);
		$total_reports = ($row = $db->sql_fetchrow($result)) ? intval($row['num_reports']) : 0;

		$order = input_var('order', 'asc');
		switch ($order)
		{
			case 'date':
				$sql_order = ' ORDER BY r.report_id DESC, r.reports_num DESC';
				$s_order = 'DATE';
				break;
			case 'num':
			default:
				$sql_order = ' ORDER BY r.reports_num DESC, r.report_id DESC';
				$s_order = 'NUM';
				break;
		}

		$start = input_var('start', 0);

		$pagination = generate_pagination("post_report.$phpEx?mode=view&amp;order=$order", $total_reports, $board_config['reputation_reports_per_page'], $start);

		//
		// Select reviews
		//
		$result = db_query('SELECT r.report_id, r.post_id, r.forum_id, r.review_id, r.user_id, r.report_time, r.reports_num, u.username
			FROM {USERS_TABLE} u, {POST_REPORTS_TABLE} r
			WHERE r.user_id = u.user_id
				AND forum_id IN (%s)
			' . $sql_order .
			' LIMIT %d, %d', $forum_ids, $start, $board_config['reputation_reports_per_page']);

		//
		// Output reports page
		//
		$template->set_filenames(array('confirm_body' => 'modcp_reports_body.tpl'));

		for ($i = true; $report = $db->sql_fetchrow($result); $i = !$i) // $i is a row color ticker
		{
			if ($report['post_id'] != NO_ID)
			{
				$post_result = db_query('SELECT p.forum_id, p.post_time, p.topic_id, p.enable_html, p.enable_smilies, pt.post_text, pt.post_subject, pt.bbcode_uid, u.username, u.user_id, u.user_level
					FROM {POSTS_TABLE} p, {POSTS_TEXT_TABLE} pt, {USERS_TABLE} u
					WHERE p.post_id = pt.post_id
						AND u.user_id = p.poster_id
						AND p.post_id = %d', $report['post_id']);

				$post_review_data = $db->sql_fetchrow($post_result);

				$url_param = POST_POST_URL . '=' . $report['post_id'];
				$block = 'rows.postrow';

				$tpl_vars = array(
					'MESSAGE' => prepare_display($post_review_data['post_text'], $post_review_data['bbcode_uid'], $post_review_data['enable_html'], $post_review_data['enable_smilies']),
					'POST_SUBJECT' => censor($post_review_data['post_subject']),
					'POST_DATE' => create_date($board_config['default_dateformat'], $post_review_data['post_time'], $board_config['board_timezone']),

					'U_MINI_POST' => append_sid("viewtopic.$phpEx?" . POST_POST_URL . '=' . $report['post_id']) . '#' . $report['post_id'],
					'U_LOCK_TOPIC' => '<a href="' . "modcp.$phpEx?mode=lock&amp;" . POST_TOPIC_URL . '=' . $post_review_data['topic_id'] . "&amp;sid=" . $userdata['session_id'] . '" title="' . $lang['Lock_topic'] . '" target="_blank"><img src="' . $images['icon_lock_small'] . '" border="0" /></a>',
					'U_EDIT_POST' => '<a href="' . "posting.$phpEx?mode=editpost&amp;" . POST_POST_URL . '=' . $report['post_id'] . "&amp;sid=" . $userdata['session_id'] . '" title="' . $lang['Edit_delete_post'] . '" target="_blank"><img src="' . $images['icon_edit_small'] . '" border="0" /></a>',
					'U_DELETE_POST' => '<a href="' . "posting.$phpEx?mode=delete&amp;" . POST_POST_URL . '=' . $report['post_id'] . "&amp;sid=" . $userdata['session_id'] . '" title="' . $lang['Delete_post'] . '" target="_blank"><img src="' . $images['icon_delpost'] . '" border="0" /></a>',
				);
			}
			elseif ($report['review_id'] != NO_ID)
			{
				$post_result = db_query('SELECT r.forum_id, r.date, rt.text AS post_text, rt.bbcode_uid, u.username, u.user_id, u.user_level
					FROM {REPUTATION_TABLE} r, {REPUTATION_TEXT_TABLE} rt, {USERS_TABLE} u
					WHERE r.id = rt.id
						AND u.user_id = r.voter_id
						AND r.id = %d', $report['review_id']);

				$post_review_data = $db->sql_fetchrow($post_result);

				$url_param = POST_USERS_URL . '=' . $post_review_data['user_id'];
				$block = 'rows.reviewrow';

				$tpl_vars = array(
					'MESSAGE' => prepare_display($post_review_data['post_text'], $post_review_data['bbcode_uid'], true, true),
					'REVIEW_DATE' => create_date($board_config['default_dateformat'], $post_review_data['date'], $board_config['board_timezone']),

					'U_MINI_POST' => append_sid("profile.$phpEx?mode=reputation&amp;" . POST_REVIEWS_URL . '=' . $report['review_id']) . '#' . $report['review_id'],
					'U_EDIT_REVIEW' => '<a href="' . "reputation.$phpEx?mode=edit&amp;" . POST_REVIEWS_URL . '=' . $report['review_id'] . "&amp;sid=" . $userdata['session_id'] . '" title="' . $lang['reputation_edit_review'] . '" target="_blank"><img src="' . $images['icon_edit_small'] . '" border="0" /></a>',
					'U_DELETE_REVIEW' => '<a href="' . "reputation.$phpEx?mode=delete&amp;" . POST_REVIEWS_URL . '=' . $report['review_id'] . "&amp;sid=" . $userdata['session_id'] . '" title="' . $lang['reputation_delete_review'] . '" target="_blank"><img src="' . $images['icon_delpost'] . '" border="0" /></a>',
				);
			}
			else
			{
				message_die(GENERAL_ERROR, 'Illegal entry in POST_REPORTS_TABLE');
			}

			$template->assign_block_vars('rows', array());

			if ($board_config['warnings_enabled'])
			{
				$warn = $warn_img = $ban = $ban_img = '';
				$forum_id = ($report['post_id'] != NO_ID) ? $post_review_data['forum_id'] : NO_ID; // warns/bans concerning reviews are nonpost
				$is_auth = reputation_auth($forums_auth[$forum_id] , $userdata, $post_review_data, true);

				if ($is_auth['auth_warn'])
				{
					$temp_url = "reputation.$phpEx?mode=warning&amp;" . $url_param . '&amp;sid=' . $userdata['session_id'];
					$warn_img = '<a href="' . $temp_url . '">' . $lang['reputation_warn_user'] . '</a><br/>';
					$warn = '<a href="' . $temp_url . '">' . $lang['reputation_warn'] . '</a>';
				}

				if ($is_auth['auth_ban'])
				{
					$temp_url = "reputation.$phpEx?mode=ban&amp;" . $url_param . '&amp;sid=' . $userdata['session_id'];
					$ban_img = '<a href="' . $temp_url . '">' . $lang['reputation_ban_user'] . '</a><br/>';
					$ban = '<a href="' . $temp_url . '">' . $lang['reputation_ban'] . '</a>';
				}

				$tpl_vars += array(
					'RED' => $ban,
					'RED_IMG' => $ban_img,
					'YELLOW' => $warn,
					'YELLOW_IMG' => $warn_img,
				);
			}

			$template->assign_block_vars($block, $tpl_vars + array(
				'U_AUTHOR' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $post_review_data['user_id']),
				'U_REPORTER' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $report['user_id']),
				'U_REPORT_ID' => $report['report_id'],
				'U_DELETE_REPORT' => sprintf($lang['reputation_msg_delete_report'] , "<a href=\"post_report.$phpEx?mode=delete&amp;r=" . $report['report_id'] . '">', '</a>'),

				'AUTHOR' => $post_review_data['username'],
				'FIRST_REPORTED' => $report['username'],
				'REPORTS_NUM' => $report['reports_num'],
				'TIME' => create_date($board_config['default_dateformat'], $report['report_time'], $board_config['board_timezone']),
				'ROW_CLASS' => $i ? $theme['td_class1'] : $theme['td_class2']
			));
		}

		$template->assign_vars(array(
			'L_MOD_CP' => $lang['Mod_CP'],
			'L_POST_REPORTS' => $lang['Post_Reports'],
			'L_MOD_CP_EXPLAIN' => $lang['reputation_post_peports_exp'],
			'L_POST' => $lang['Post'] . ' / ' . $lang['Review'],
			'L_REPORT' => $lang['reputation_report'],
			'L_ORDER' => $lang['reputation_order_by'],
			'L_BY_NUMBER' => $lang['reputation_reports_number'],
			'L_BY_DATE' => $lang['reputation_report_date'],
			'L_GO' => $lang['Go'],
			'L_REPORTS_NUM' => $lang['reputation_reports_number'],
			'L_FIRST_REPORTED' => $lang['reputation_first_reported'],
			'L_TIME' => $lang['Time'],
			'L_AUTHOR' => $lang['Author'],
			'L_POSTED' => $lang['Posted'],
			'L_REVIEWED' => $lang['reputation_reviewed'],
			'L_POST_SUBJECT' => $lang['Post_subject'],
			'L_ACTIONS' => $lang['reputation_actions'],

			'PAGINATION' => $pagination,
			'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / intval($board_config['reputation_reports_per_page']) ) + 1 ), ceil( $total_reports / intval($board_config['reputation_reports_per_page']) )),

			'S_ORDER_' . $s_order => ' selected="selected"',
			'S_REP_ACTION' => "post_report.$phpEx?mode=view",
		));

		$template->pparse('confirm_body');

		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
		break;

	case 'delete':

		$report_id = input_var(POST_REVIEWS_URL, 0, $lang['reputation_no_post_spec']);

		// Start session management
		$userdata = session_pagestart($user_ip, PAGE_INDEX);
		init_userprefs($userdata);

		$page_title = $lang['Mod_CP'];
		include($phpbb_root_path . 'includes/page_header.'.$phpEx);

		$result = db_query('SELECT r.forum_id AS review_forum_id, p.forum_id AS post_forum_id
				FROM {POST_REPORTS_TABLE} pr LEFT JOIN {POSTS_TABLE} p ON pr.post_id = p.post_id LEFT JOIN {REPUTATION_TABLE} r ON pr.review_id = r.id
				WHERE pr.report_id = %d', $report_id);
		if (!($row = $db->sql_fetchrow()))
		{
			message_die(GENERAL_MESSAGE, $lang['reputation_no_review_spec']);
		}
		$forum_id = $row['post_forum_id'] ? $row['post_forum_id'] : ($row['review_forum_id'] ? $row['review_forum_id'] : NO_ID);

		$is_auth = reputation_auth($forum_id, $userdata, null, true);
		if (!$is_auth['auth_mod'])
		{
			message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
		}

		//
		// We won't ask to confirm the deletion of the report as moderators sure have other things to do rather than clicking yes every time :)
		//
		db_query('DELETE FROM {POST_REPORTS_TABLE} WHERE report_id = %d', $report_id);

		message_die(GENERAL_MESSAGE, $lang['reputation_report_deleted'] . '<br /><br />' . sprintf($lang['reputation_msg_back_to_reports'], '<a href="' . append_sid($phpbb_root_path . 'post_report.' . $phpEx . '?mode=view') . '">', '</a>'));
		break;
}

message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);

?>