Mercurial > hg > vamp-website

annotate forum/Sources/PostModeration.php @ 87:df86d318892b website

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Link to SampleType doc
author Chris Cannam
date Mon, 10 Feb 2014 18:11:48 +0000
parents e3e11437ecea
children
rev   line source
Chris@76 1 <?php
Chris@76 2
Chris@76 3 /**
Chris@76 4 * Simple Machines Forum (SMF)
Chris@76 5 *
Chris@76 6 * @package SMF
Chris@76 7 * @author Simple Machines http://www.simplemachines.org
Chris@76 8 * @copyright 2011 Simple Machines
Chris@76 9 * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76 10 *
Chris@76 11 * @version 2.0
Chris@76 12 */
Chris@76 13
Chris@76 14 if (!defined('SMF'))
Chris@76 15 die('Hacking attempt...');
Chris@76 16
Chris@76 17 /*
Chris@76 18 //!!!
Chris@76 19 */
Chris@76 20
Chris@76 21 // This is a handling function for all things post moderation...
Chris@76 22 function PostModerationMain()
Chris@76 23 {
Chris@76 24 global $sourcedir;
Chris@76 25
Chris@76 26 //!!! We'll shift these later bud.
Chris@76 27 loadLanguage('ModerationCenter');
Chris@76 28 loadTemplate('ModerationCenter');
Chris@76 29
Chris@76 30 // Probably need this...
Chris@76 31 require_once($sourcedir . '/ModerationCenter.php');
Chris@76 32
Chris@76 33 // Allowed sub-actions, you know the drill by now!
Chris@76 34 $subactions = array(
Chris@76 35 'approve' => 'ApproveMessage',
Chris@76 36 'attachments' => 'UnapprovedAttachments',
Chris@76 37 'replies' => 'UnapprovedPosts',
Chris@76 38 'topics' => 'UnapprovedPosts',
Chris@76 39 );
Chris@76 40
Chris@76 41 // Pick something valid...
Chris@76 42 if (!isset($_REQUEST['sa']) || !isset($subactions[$_REQUEST['sa']]))
Chris@76 43 $_REQUEST['sa'] = 'replies';
Chris@76 44
Chris@76 45 $subactions[$_REQUEST['sa']]();
Chris@76 46 }
Chris@76 47
Chris@76 48 // View all unapproved posts.
Chris@76 49 function UnapprovedPosts()
Chris@76 50 {
Chris@76 51 global $txt, $scripturl, $context, $user_info, $sourcedir, $smcFunc;
Chris@76 52
Chris@76 53 $context['current_view'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? 'topics' : 'replies';
Chris@76 54 $context['page_title'] = $txt['mc_unapproved_posts'];
Chris@76 55
Chris@76 56 // Work out what boards we can work in!
Chris@76 57 $approve_boards = boardsAllowedTo('approve_posts');
Chris@76 58
Chris@76 59 // If we filtered by board remove ones outside of this board.
Chris@76 60 //!!! Put a message saying we're filtered?
Chris@76 61 if (isset($_REQUEST['brd']))
Chris@76 62 {
Chris@76 63 $filter_board = array((int) $_REQUEST['brd']);
Chris@76 64 $approve_boards = $approve_boards == array(0) ? $filter_board : array_intersect($approve_boards, $filter_board);
Chris@76 65 }
Chris@76 66
Chris@76 67 if ($approve_boards == array(0))
Chris@76 68 $approve_query = '';
Chris@76 69 elseif (!empty($approve_boards))
Chris@76 70 $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
Chris@76 71 // Nada, zip, etc...
Chris@76 72 else
Chris@76 73 $approve_query = ' AND 0';
Chris@76 74
Chris@76 75 // We also need to know where we can delete topics and/or replies to.
Chris@76 76 if ($context['current_view'] == 'topics')
Chris@76 77 {
Chris@76 78 $delete_own_boards = boardsAllowedTo('remove_own');
Chris@76 79 $delete_any_boards = boardsAllowedTo('remove_any');
Chris@76 80 $delete_own_replies = array();
Chris@76 81 }
Chris@76 82 else
Chris@76 83 {
Chris@76 84 $delete_own_boards = boardsAllowedTo('delete_own');
Chris@76 85 $delete_any_boards = boardsAllowedTo('delete_any');
Chris@76 86 $delete_own_replies = boardsAllowedTo('delete_own_replies');
Chris@76 87 }
Chris@76 88
Chris@76 89 $toAction = array();
Chris@76 90 // Check if we have something to do?
Chris@76 91 if (isset($_GET['approve']))
Chris@76 92 $toAction[] = (int) $_GET['approve'];
Chris@76 93 // Just a deletion?
Chris@76 94 elseif (isset($_GET['delete']))
Chris@76 95 $toAction[] = (int) $_GET['delete'];
Chris@76 96 // Lots of approvals?
Chris@76 97 elseif (isset($_POST['item']))
Chris@76 98 foreach ($_POST['item'] as $item)
Chris@76 99 $toAction[] = (int) $item;
Chris@76 100
Chris@76 101 // What are we actually doing.
Chris@76 102 if (isset($_GET['approve']) || (isset($_POST['do']) && $_POST['do'] == 'approve'))
Chris@76 103 $curAction = 'approve';
Chris@76 104 elseif (isset($_GET['delete']) || (isset($_POST['do']) && $_POST['do'] == 'delete'))
Chris@76 105 $curAction = 'delete';
Chris@76 106
Chris@76 107 // Right, so we have something to do?
Chris@76 108 if (!empty($toAction) && isset($curAction))
Chris@76 109 {
Chris@76 110 checkSession('request');
Chris@76 111
Chris@76 112 // Handy shortcut.
Chris@76 113 $any_array = $curAction == 'approve' ? $approve_boards : $delete_any_boards;
Chris@76 114
Chris@76 115 // Now for each message work out whether it's actually a topic, and what board it's on.
Chris@76 116 $request = $smcFunc['db_query']('', '
Chris@76 117 SELECT m.id_msg, m.id_member, m.id_board, m.subject, t.id_topic, t.id_first_msg, t.id_member_started
Chris@76 118 FROM {db_prefix}messages AS m
Chris@76 119 INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
Chris@76 120 LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)
Chris@76 121 WHERE m.id_msg IN ({array_int:message_list})
Chris@76 122 AND m.approved = {int:not_approved}
Chris@76 123 AND {query_see_board}',
Chris@76 124 array(
Chris@76 125 'message_list' => $toAction,
Chris@76 126 'not_approved' => 0,
Chris@76 127 )
Chris@76 128 );
Chris@76 129 $toAction = array();
Chris@76 130 $details = array();
Chris@76 131 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 132 {
Chris@76 133 // If it's not within what our view is ignore it...
Chris@76 134 if (($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics') || ($row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies'))
Chris@76 135 continue;
Chris@76 136
Chris@76 137 $can_add = false;
Chris@76 138 // If we're approving this is simple.
Chris@76 139 if ($curAction == 'approve' && ($any_array == array(0) || in_array($row['id_board'], $any_array)))
Chris@76 140 {
Chris@76 141 $can_add = true;
Chris@76 142 }
Chris@76 143 // Delete requires more permission checks...
Chris@76 144 elseif ($curAction == 'delete')
Chris@76 145 {
Chris@76 146 // Own post is easy!
Chris@76 147 if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards)))
Chris@76 148 $can_add = true;
Chris@76 149 // Is it a reply to their own topic?
Chris@76 150 elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies)))
Chris@76 151 $can_add = true;
Chris@76 152 // Someone elses?
Chris@76 153 elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards)))
Chris@76 154 $can_add = true;
Chris@76 155 }
Chris@76 156
Chris@76 157 if ($can_add)
Chris@76 158 $anItem = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg'];
Chris@76 159 $toAction[] = $anItem;
Chris@76 160
Chris@76 161 // All clear. What have we got now, what, what?
Chris@76 162 $details[$anItem] = array();
Chris@76 163 $details[$anItem]["subject"] = $row['subject'];
Chris@76 164 $details[$anItem]["topic"] = $row['id_topic'];
Chris@76 165 $details[$anItem]["member"] = ($context['current_view'] == 'topics') ? $row['id_member_started'] : $row['id_member'];
Chris@76 166 $details[$anItem]["board"] = $row['id_board'];
Chris@76 167 }
Chris@76 168 $smcFunc['db_free_result']($request);
Chris@76 169
Chris@76 170 // If we have anything left we can actually do the approving (etc).
Chris@76 171 if (!empty($toAction))
Chris@76 172 {
Chris@76 173 if ($curAction == 'approve')
Chris@76 174 {
Chris@76 175 approveMessages ($toAction, $details, $context['current_view']);
Chris@76 176 }
Chris@76 177 else
Chris@76 178 {
Chris@76 179 removeMessages ($toAction, $details, $context['current_view']);
Chris@76 180 }
Chris@76 181 }
Chris@76 182 }
Chris@76 183
Chris@76 184 // How many unapproved posts are there?
Chris@76 185 $request = $smcFunc['db_query']('', '
Chris@76 186 SELECT COUNT(*)
Chris@76 187 FROM {db_prefix}messages AS m
Chris@76 188 INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic AND t.id_first_msg != m.id_msg)
Chris@76 189 INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
Chris@76 190 WHERE m.approved = {int:not_approved}
Chris@76 191 AND {query_see_board}
Chris@76 192 ' . $approve_query,
Chris@76 193 array(
Chris@76 194 'not_approved' => 0,
Chris@76 195 )
Chris@76 196 );
Chris@76 197 list ($context['total_unapproved_posts']) = $smcFunc['db_fetch_row']($request);
Chris@76 198 $smcFunc['db_free_result']($request);
Chris@76 199
Chris@76 200 // What about topics? Normally we'd use the table alias t for topics but lets use m so we don't have to redo our approve query.
Chris@76 201 $request = $smcFunc['db_query']('', '
Chris@76 202 SELECT COUNT(m.id_topic)
Chris@76 203 FROM {db_prefix}topics AS m
Chris@76 204 INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
Chris@76 205 WHERE m.approved = {int:not_approved}
Chris@76 206 AND {query_see_board}
Chris@76 207 ' . $approve_query,
Chris@76 208 array(
Chris@76 209 'not_approved' => 0,
Chris@76 210 )
Chris@76 211 );
Chris@76 212 list ($context['total_unapproved_topics']) = $smcFunc['db_fetch_row']($request);
Chris@76 213 $smcFunc['db_free_result']($request);
Chris@76 214
Chris@76 215 $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . (isset($_REQUEST['brd']) ? ';brd=' . (int) $_REQUEST['brd'] : ''), $_GET['start'], $context['current_view'] == 'topics' ? $context['total_unapproved_topics'] : $context['total_unapproved_posts'], 10);
Chris@76 216 $context['start'] = $_GET['start'];
Chris@76 217
Chris@76 218 // We have enough to make some pretty tabs!
Chris@76 219 $context[$context['moderation_menu_name']]['tab_data'] = array(
Chris@76 220 'title' => $txt['mc_unapproved_posts'],
Chris@76 221 'help' => 'postmod',
Chris@76 222 'description' => $txt['mc_unapproved_posts_desc'],
Chris@76 223 );
Chris@76 224
Chris@76 225 // Update the tabs with the correct number of posts.
Chris@76 226 $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] .= ' (' . $context['total_unapproved_posts'] . ')';
Chris@76 227 $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] .= ' (' . $context['total_unapproved_topics'] . ')';
Chris@76 228
Chris@76 229 // If we are filtering some boards out then make sure to send that along with the links.
Chris@76 230 if (isset($_REQUEST['brd']))
Chris@76 231 {
Chris@76 232 $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
Chris@76 233 $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
Chris@76 234 }
Chris@76 235
Chris@76 236 // Get all unapproved posts.
Chris@76 237 $request = $smcFunc['db_query']('', '
Chris@76 238 SELECT m.id_msg, m.id_topic, m.id_board, m.subject, m.body, m.id_member,
Chris@76 239 IFNULL(mem.real_name, m.poster_name) AS poster_name, m.poster_time, m.smileys_enabled,
Chris@76 240 t.id_member_started, t.id_first_msg, b.name AS board_name, c.id_cat, c.name AS cat_name
Chris@76 241 FROM {db_prefix}messages AS m
Chris@76 242 INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
Chris@76 243 INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
Chris@76 244 LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
Chris@76 245 LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
Chris@76 246 WHERE m.approved = {int:not_approved}
Chris@76 247 AND t.id_first_msg ' . ($context['current_view'] == 'topics' ? '=' : '!=') . ' m.id_msg
Chris@76 248 AND {query_see_board}
Chris@76 249 ' . $approve_query . '
Chris@76 250 LIMIT ' . $context['start'] . ', 10',
Chris@76 251 array(
Chris@76 252 'not_approved' => 0,
Chris@76 253 )
Chris@76 254 );
Chris@76 255 $context['unapproved_items'] = array();
Chris@76 256 for ($i = 1; $row = $smcFunc['db_fetch_assoc']($request); $i++)
Chris@76 257 {
Chris@76 258 // Can delete is complicated, let's solve it first... is it their own post?
Chris@76 259 if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards)))
Chris@76 260 $can_delete = true;
Chris@76 261 // Is it a reply to their own topic?
Chris@76 262 elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies)))
Chris@76 263 $can_delete = true;
Chris@76 264 // Someone elses?
Chris@76 265 elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards)))
Chris@76 266 $can_delete = true;
Chris@76 267 else
Chris@76 268 $can_delete = false;
Chris@76 269
Chris@76 270 $context['unapproved_items'][] = array(
Chris@76 271 'id' => $row['id_msg'],
Chris@76 272 'alternate' => $i % 2,
Chris@76 273 'counter' => $context['start'] + $i,
Chris@76 274 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
Chris@76 275 'subject' => $row['subject'],
Chris@76 276 'body' => parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']),
Chris@76 277 'time' => timeformat($row['poster_time']),
Chris@76 278 'poster' => array(
Chris@76 279 'id' => $row['id_member'],
Chris@76 280 'name' => $row['poster_name'],
Chris@76 281 'link' => $row['id_member'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>' : $row['poster_name'],
Chris@76 282 'href' => $scripturl . '?action=profile;u=' . $row['id_member'],
Chris@76 283 ),
Chris@76 284 'topic' => array(
Chris@76 285 'id' => $row['id_topic'],
Chris@76 286 ),
Chris@76 287 'board' => array(
Chris@76 288 'id' => $row['id_board'],
Chris@76 289 'name' => $row['board_name'],
Chris@76 290 ),
Chris@76 291 'category' => array(
Chris@76 292 'id' => $row['id_cat'],
Chris@76 293 'name' => $row['cat_name'],
Chris@76 294 ),
Chris@76 295 'can_delete' => $can_delete,
Chris@76 296 );
Chris@76 297 }
Chris@76 298 $smcFunc['db_free_result']($request);
Chris@76 299
Chris@76 300 $context['sub_template'] = 'unapproved_posts';
Chris@76 301 }
Chris@76 302
Chris@76 303 // View all unapproved attachments.
Chris@76 304 function UnapprovedAttachments()
Chris@76 305 {
Chris@76 306 global $txt, $scripturl, $context, $user_info, $sourcedir, $smcFunc;
Chris@76 307
Chris@76 308 $context['page_title'] = $txt['mc_unapproved_attachments'];
Chris@76 309
Chris@76 310 // Once again, permissions are king!
Chris@76 311 $approve_boards = boardsAllowedTo('approve_posts');
Chris@76 312
Chris@76 313 if ($approve_boards == array(0))
Chris@76 314 $approve_query = '';
Chris@76 315 elseif (!empty($approve_boards))
Chris@76 316 $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
Chris@76 317 else
Chris@76 318 $approve_query = ' AND 0';
Chris@76 319
Chris@76 320 // Get together the array of things to act on, if any.
Chris@76 321 $attachments = array();
Chris@76 322 if (isset($_GET['approve']))
Chris@76 323 $attachments[] = (int) $_GET['approve'];
Chris@76 324 elseif (isset($_GET['delete']))
Chris@76 325 $attachments[] = (int) $_GET['delete'];
Chris@76 326 elseif (isset($_POST['item']))
Chris@76 327 foreach ($_POST['item'] as $item)
Chris@76 328 $attachments[] = (int) $item;
Chris@76 329
Chris@76 330 // Are we approving or deleting?
Chris@76 331 if (isset($_GET['approve']) || (isset($_POST['do']) && $_POST['do'] == 'approve'))
Chris@76 332 $curAction = 'approve';
Chris@76 333 elseif (isset($_GET['delete']) || (isset($_POST['do']) && $_POST['do'] == 'delete'))
Chris@76 334 $curAction = 'delete';
Chris@76 335
Chris@76 336 // Something to do, let's do it!
Chris@76 337 if (!empty($attachments) && isset($curAction))
Chris@76 338 {
Chris@76 339 checkSession('request');
Chris@76 340
Chris@76 341 // This will be handy.
Chris@76 342 require_once($sourcedir . '/ManageAttachments.php');
Chris@76 343
Chris@76 344 // Confirm the attachments are eligible for changing!
Chris@76 345 $request = $smcFunc['db_query']('', '
Chris@76 346 SELECT a.id_attach
Chris@76 347 FROM {db_prefix}attachments AS a
Chris@76 348 INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
Chris@76 349 LEFT JOIN {db_prefix}boards AS b ON (m.id_board = b.id_board)
Chris@76 350 WHERE a.id_attach IN ({array_int:attachments})
Chris@76 351 AND a.approved = {int:not_approved}
Chris@76 352 AND a.attachment_type = {int:attachment_type}
Chris@76 353 AND {query_see_board}
Chris@76 354 ' . $approve_query,
Chris@76 355 array(
Chris@76 356 'attachments' => $attachments,
Chris@76 357 'not_approved' => 0,
Chris@76 358 'attachment_type' => 0,
Chris@76 359 )
Chris@76 360 );
Chris@76 361 $attachments = array();
Chris@76 362 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 363 $attachments[] = $row['id_attach'];
Chris@76 364 $smcFunc['db_free_result']($request);
Chris@76 365
Chris@76 366 // Assuming it wasn't all like, proper illegal, we can do the approving.
Chris@76 367 if (!empty($attachments))
Chris@76 368 {
Chris@76 369 if ($curAction == 'approve')
Chris@76 370 ApproveAttachments($attachments);
Chris@76 371 else
Chris@76 372 removeAttachments(array('id_attach' => $attachments));
Chris@76 373 }
Chris@76 374 }
Chris@76 375
Chris@76 376 // How many unapproved attachments in total?
Chris@76 377 $request = $smcFunc['db_query']('', '
Chris@76 378 SELECT COUNT(*)
Chris@76 379 FROM {db_prefix}attachments AS a
Chris@76 380 INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
Chris@76 381 INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
Chris@76 382 WHERE a.approved = {int:not_approved}
Chris@76 383 AND a.attachment_type = {int:attachment_type}
Chris@76 384 AND {query_see_board}
Chris@76 385 ' . $approve_query,
Chris@76 386 array(
Chris@76 387 'not_approved' => 0,
Chris@76 388 'attachment_type' => 0,
Chris@76 389 )
Chris@76 390 );
Chris@76 391 list ($context['total_unapproved_attachments']) = $smcFunc['db_fetch_row']($request);
Chris@76 392 $smcFunc['db_free_result']($request);
Chris@76 393
Chris@76 394 $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=attachmod;sa=attachments', $_GET['start'], $context['total_unapproved_attachments'], 10);
Chris@76 395 $context['start'] = $_GET['start'];
Chris@76 396
Chris@76 397 // Get all unapproved attachments.
Chris@76 398 $request = $smcFunc['db_query']('', '
Chris@76 399 SELECT a.id_attach, a.filename, a.size, m.id_msg, m.id_topic, m.id_board, m.subject, m.body, m.id_member,
Chris@76 400 IFNULL(mem.real_name, m.poster_name) AS poster_name, m.poster_time,
Chris@76 401 t.id_member_started, t.id_first_msg, b.name AS board_name, c.id_cat, c.name AS cat_name
Chris@76 402 FROM {db_prefix}attachments AS a
Chris@76 403 INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
Chris@76 404 INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
Chris@76 405 INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
Chris@76 406 LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
Chris@76 407 LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
Chris@76 408 WHERE a.approved = {int:not_approved}
Chris@76 409 AND a.attachment_type = {int:attachment_type}
Chris@76 410 AND {query_see_board}
Chris@76 411 ' . $approve_query . '
Chris@76 412 LIMIT ' . $context['start'] . ', 10',
Chris@76 413 array(
Chris@76 414 'not_approved' => 0,
Chris@76 415 'attachment_type' => 0,
Chris@76 416 )
Chris@76 417 );
Chris@76 418 $context['unapproved_items'] = array();
Chris@76 419 for ($i = 1; $row = $smcFunc['db_fetch_assoc']($request); $i++)
Chris@76 420 {
Chris@76 421 $context['unapproved_items'][] = array(
Chris@76 422 'id' => $row['id_attach'],
Chris@76 423 'alternate' => $i % 2,
Chris@76 424 'filename' => $row['filename'],
Chris@76 425 'size' => round($row['size'] / 1024, 2),
Chris@76 426 'time' => timeformat($row['poster_time']),
Chris@76 427 'poster' => array(
Chris@76 428 'id' => $row['id_member'],
Chris@76 429 'name' => $row['poster_name'],
Chris@76 430 'link' => $row['id_member'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>' : $row['poster_name'],
Chris@76 431 'href' => $scripturl . '?action=profile;u=' . $row['id_member'],
Chris@76 432 ),
Chris@76 433 'message' => array(
Chris@76 434 'id' => $row['id_msg'],
Chris@76 435 'subject' => $row['subject'],
Chris@76 436 'body' => parse_bbc($row['body']),
Chris@76 437 'time' => timeformat($row['poster_time']),
Chris@76 438 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
Chris@76 439 ),
Chris@76 440 'topic' => array(
Chris@76 441 'id' => $row['id_topic'],
Chris@76 442 ),
Chris@76 443 'board' => array(
Chris@76 444 'id' => $row['id_board'],
Chris@76 445 'name' => $row['board_name'],
Chris@76 446 ),
Chris@76 447 'category' => array(
Chris@76 448 'id' => $row['id_cat'],
Chris@76 449 'name' => $row['cat_name'],
Chris@76 450 ),
Chris@76 451 );
Chris@76 452 }
Chris@76 453 $smcFunc['db_free_result']($request);
Chris@76 454
Chris@76 455 $context['sub_template'] = 'unapproved_attachments';
Chris@76 456 }
Chris@76 457
Chris@76 458 // Approve a post, just the one.
Chris@76 459 function ApproveMessage()
Chris@76 460 {
Chris@76 461 global $user_info, $topic, $board, $sourcedir, $smcFunc;
Chris@76 462
Chris@76 463 checkSession('get');
Chris@76 464
Chris@76 465 $_REQUEST['msg'] = (int) $_REQUEST['msg'];
Chris@76 466
Chris@76 467 require_once($sourcedir . '/Subs-Post.php');
Chris@76 468
Chris@76 469 isAllowedTo('approve_posts');
Chris@76 470
Chris@76 471 $request = $smcFunc['db_query']('', '
Chris@76 472 SELECT t.id_member_started, t.id_first_msg, m.id_member, m.subject, m.approved
Chris@76 473 FROM {db_prefix}messages AS m
Chris@76 474 INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
Chris@76 475 WHERE m.id_msg = {int:id_msg}
Chris@76 476 AND m.id_topic = {int:current_topic}
Chris@76 477 LIMIT 1',
Chris@76 478 array(
Chris@76 479 'current_topic' => $topic,
Chris@76 480 'id_msg' => $_REQUEST['msg'],
Chris@76 481 )
Chris@76 482 );
Chris@76 483 list ($starter, $first_msg, $poster, $subject, $approved) = $smcFunc['db_fetch_row']($request);
Chris@76 484 $smcFunc['db_free_result']($request);
Chris@76 485
Chris@76 486 // If it's the first in a topic then the whole topic gets approved!
Chris@76 487 if ($first_msg == $_REQUEST['msg'])
Chris@76 488 {
Chris@76 489 approveTopics($topic, !$approved);
Chris@76 490
Chris@76 491 if ($starter != $user_info['id'])
Chris@76 492 logAction('approve_topic', array('topic' => $topic, 'subject' => $subject, 'member' => $starter, 'board' => $board));
Chris@76 493 }
Chris@76 494 else
Chris@76 495 {
Chris@76 496 approvePosts($_REQUEST['msg'], !$approved);
Chris@76 497
Chris@76 498 if ($poster != $user_info['id'])
Chris@76 499 logAction('approve', array('topic' => $topic, 'subject' => $subject, 'member' => $poster, 'board' => $board));
Chris@76 500 }
Chris@76 501
Chris@76 502 redirectexit('topic=' . $topic . '.msg' . $_REQUEST['msg']. '#msg' . $_REQUEST['msg']);
Chris@76 503 }
Chris@76 504
Chris@76 505 // Approve a batch of posts (or topics in their own right)
Chris@76 506 function approveMessages($messages, $messageDetails, $current_view = 'replies')
Chris@76 507 {
Chris@76 508 global $sourcedir;
Chris@76 509
Chris@76 510 require_once($sourcedir . '/Subs-Post.php');
Chris@76 511 if ($current_view == 'topics')
Chris@76 512 {
Chris@76 513 approveTopics($messages);
Chris@76 514 // and tell the world about it
Chris@76 515 foreach ($messages as $topic)
Chris@76 516 {
Chris@76 517 logAction('approve_topic', array('topic' => $topic, 'subject' => $messageDetails[$topic]['subject'], 'member' => $messageDetails[$topic]['member'], 'board' => $messageDetails[$topic]['board']));
Chris@76 518 }
Chris@76 519 }
Chris@76 520 else
Chris@76 521 {
Chris@76 522 approvePosts($messages);
Chris@76 523 // and tell the world about it again
Chris@76 524 foreach ($messages as $post)
Chris@76 525 {
Chris@76 526 logAction('approve', array('topic' => $messageDetails[$post]['topic'], 'subject' => $messageDetails[$post]['subject'], 'member' => $messageDetails[$post]['member'], 'board' => $messageDetails[$post]['board']));
Chris@76 527 }
Chris@76 528 }
Chris@76 529 }
Chris@76 530
Chris@76 531 // This is a helper function - basically approve everything!
Chris@76 532 function approveAllData()
Chris@76 533 {
Chris@76 534 global $smcFunc, $sourcedir;
Chris@76 535
Chris@76 536 // Start with messages and topics.
Chris@76 537 $request = $smcFunc['db_query']('', '
Chris@76 538 SELECT id_msg
Chris@76 539 FROM {db_prefix}messages
Chris@76 540 WHERE approved = {int:not_approved}',
Chris@76 541 array(
Chris@76 542 'not_approved' => 0,
Chris@76 543 )
Chris@76 544 );
Chris@76 545 $msgs = array();
Chris@76 546 while ($row = $smcFunc['db_fetch_row']($request))
Chris@76 547 $msgs[] = $row[0];
Chris@76 548 $smcFunc['db_free_result']($request);
Chris@76 549
Chris@76 550 if (!empty($msgs))
Chris@76 551 {
Chris@76 552 require_once($sourcedir . '/Subs-Post.php');
Chris@76 553 approvePosts($msgs);
Chris@76 554 }
Chris@76 555
Chris@76 556 // Now do attachments
Chris@76 557 $request = $smcFunc['db_query']('', '
Chris@76 558 SELECT id_attach
Chris@76 559 FROM {db_prefix}attachments
Chris@76 560 WHERE approved = {int:not_approved}',
Chris@76 561 array(
Chris@76 562 'not_approved' => 0,
Chris@76 563 )
Chris@76 564 );
Chris@76 565 $attaches = array();
Chris@76 566 while ($row = $smcFunc['db_fetch_row']($request))
Chris@76 567 $attaches[] = $row[0];
Chris@76 568 $smcFunc['db_free_result']($request);
Chris@76 569
Chris@76 570 if (!empty($attaches))
Chris@76 571 {
Chris@76 572 require_once($sourcedir . '/ManageAttachments.php');
Chris@76 573 ApproveAttachments($attaches);
Chris@76 574 }
Chris@76 575 }
Chris@76 576
Chris@76 577 // remove a batch of messages (or topics)
Chris@76 578 function removeMessages($messages, $messageDetails, $current_view = 'replies')
Chris@76 579 {
Chris@76 580 global $sourcedir, $modSettings;
Chris@76 581 require_once($sourcedir . '/RemoveTopic.php');
Chris@76 582 if ($current_view == 'topics')
Chris@76 583 {
Chris@76 584 removeTopics($messages);
Chris@76 585 // and tell the world about it
Chris@76 586 foreach ($messages as $topic)
Chris@76 587 // Note, only log topic ID in native form if it's not gone forever.
Chris@76 588 logAction('remove', array(
Chris@76 589 (empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$topic]['board'] ? 'topic' : 'old_topic_id') => $topic, 'subject' => $messageDetails[$topic]['subject'], 'member' => $messageDetails[$topic]['member'], 'board' => $messageDetails[$topic]['board']));
Chris@76 590 }
Chris@76 591 else
Chris@76 592 {
Chris@76 593 foreach ($messages as $post)
Chris@76 594 {
Chris@76 595 removeMessage($post);
Chris@76 596 logAction('delete', array(
Chris@76 597 (empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$post]['board'] ? 'topic' : 'old_topic_id') => $messageDetails[$post]['topic'], 'subject' => $messageDetails[$post]['subject'], 'member' => $messageDetails[$post]['member'], 'board' => $messageDetails[$post]['board']));
Chris@76 598 }
Chris@76 599 }
Chris@76 600 }
Chris@76 601 ?>