vamp-website: forum/Sources/SendTopic.php annotate

annotate forum/Sources/SendTopic.php @ 76:e3e11437ecea website

Add forum code

author	Chris Cannam
date	Sun, 07 Jul 2013 11:25:48 +0200
parents
children

rev	line source
Chris@76	1 <?php
Chris@76	2
Chris@76	3 /**
Chris@76	4 * Simple Machines Forum (SMF)
Chris@76	5 *
Chris@76	6 * @package SMF
Chris@76	7 * @author Simple Machines http://www.simplemachines.org
Chris@76	8 * @copyright 2011 Simple Machines
Chris@76	9 * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76	10 *
Chris@76	11 * @version 2.0
Chris@76	12 */
Chris@76	13
Chris@76	14 if (!defined('SMF'))
Chris@76	15 die('Hacking attempt...');
Chris@76	16
Chris@76	17 /* The functions in this file deal with sending topics to a friend or
Chris@76	18 moderator, and those functions are:
Chris@76	19
Chris@76	20 void SendTopic()
Chris@76	21 - sends information about a topic to a friend.
Chris@76	22 - uses the SendTopic template, with the main sub template.
Chris@76	23 - requires the send_topic permission.
Chris@76	24 - redirects back to the first page of the topic when done.
Chris@76	25 - is accessed via ?action=emailuser;sa=sendtopic.
Chris@76	26
Chris@76	27 void CustomEmail()
Chris@76	28 - send an email to the user - allow the sender to write the message.
Chris@76	29 - can either be passed a user ID as uid or a message id as msg.
Chris@76	30 - does not check permissions for a message ID as there is no information disclosed.
Chris@76	31
Chris@76	32 void ReportToModerator()
Chris@76	33 - gathers data from the user to report abuse to the moderator(s).
Chris@76	34 - uses the ReportToModerator template, main sub template.
Chris@76	35 - requires the report_any permission.
Chris@76	36 - uses ReportToModerator2() if post data was sent.
Chris@76	37 - accessed through ?action=reporttm.
Chris@76	38
Chris@76	39 void ReportToModerator2()
Chris@76	40 - sends off emails to all the moderators.
Chris@76	41 - sends to administrators and global moderators. (1 and 2)
Chris@76	42 - called by ReportToModerator(), and thus has the same permission
Chris@76	43 and setting requirements as it does.
Chris@76	44 - accessed through ?action=reporttm when posting.
Chris@76	45
Chris@76	46 */
Chris@76	47
Chris@76	48 // The main handling function for sending specialist (Or otherwise) emails to a user.
Chris@76	49 function EmailUser()
Chris@76	50 {
Chris@76	51 global $topic, $txt, $context, $scripturl, $sourcedir, $smcFunc;
Chris@76	52
Chris@76	53 // Don't index anything here.
Chris@76	54 $context['robot_no_index'] = true;
Chris@76	55
Chris@76	56 // Load the template.
Chris@76	57 loadTemplate('SendTopic');
Chris@76	58
Chris@76	59 $sub_actions = array(
Chris@76	60 'email' => 'CustomEmail',
Chris@76	61 'sendtopic' => 'SendTopic',
Chris@76	62 );
Chris@76	63
Chris@76	64 if (!isset($_GET['sa']) \|\| !isset($sub_actions[$_GET['sa']]))
Chris@76	65 $_GET['sa'] = 'sendtopic';
Chris@76	66
Chris@76	67 $sub_actions[$_GET['sa']]();
Chris@76	68 }
Chris@76	69
Chris@76	70 // Send a topic to a friend.
Chris@76	71 function SendTopic()
Chris@76	72 {
Chris@76	73 global $topic, $txt, $context, $scripturl, $sourcedir, $smcFunc, $modSettings;
Chris@76	74
Chris@76	75 // Check permissions...
Chris@76	76 isAllowedTo('send_topic');
Chris@76	77
Chris@76	78 // We need at least a topic... go away if you don't have one.
Chris@76	79 if (empty($topic))
Chris@76	80 fatal_lang_error('not_a_topic', false);
Chris@76	81
Chris@76	82 // Get the topic's subject.
Chris@76	83 $request = $smcFunc['db_query']('', '
Chris@76	84 SELECT m.subject, t.approved
Chris@76	85 FROM {db_prefix}topics AS t
Chris@76	86 INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
Chris@76	87 WHERE t.id_topic = {int:current_topic}
Chris@76	88 LIMIT 1',
Chris@76	89 array(
Chris@76	90 'current_topic' => $topic,
Chris@76	91 )
Chris@76	92 );
Chris@76	93 if ($smcFunc['db_num_rows']($request) == 0)
Chris@76	94 fatal_lang_error('not_a_topic', false);
Chris@76	95 $row = $smcFunc['db_fetch_assoc']($request);
Chris@76	96 $smcFunc['db_free_result']($request);
Chris@76	97
Chris@76	98 // Can't send topic if its unapproved and using post moderation.
Chris@76	99 if ($modSettings['postmod_active'] && !$row['approved'])
Chris@76	100 fatal_lang_error('not_approved_topic', false);
Chris@76	101
Chris@76	102 // Censor the subject....
Chris@76	103 censorText($row['subject']);
Chris@76	104
Chris@76	105 // Sending yet, or just getting prepped?
Chris@76	106 if (empty($_POST['send']))
Chris@76	107 {
Chris@76	108 $context['page_title'] = sprintf($txt['sendtopic_title'], $row['subject']);
Chris@76	109 $context['start'] = $_REQUEST['start'];
Chris@76	110
Chris@76	111 return;
Chris@76	112 }
Chris@76	113
Chris@76	114 // Actually send the message...
Chris@76	115 checkSession();
Chris@76	116 spamProtection('sendtopc');
Chris@76	117
Chris@76	118 // This is needed for sendmail().
Chris@76	119 require_once($sourcedir . '/Subs-Post.php');
Chris@76	120
Chris@76	121 // Trim the names..
Chris@76	122 $_POST['y_name'] = trim($_POST['y_name']);
Chris@76	123 $_POST['r_name'] = trim($_POST['r_name']);
Chris@76	124
Chris@76	125 // Make sure they aren't playing "let's use a fake email".
Chris@76	126 if ($_POST['y_name'] == '_' \|\| !isset($_POST['y_name']) \|\| $_POST['y_name'] == '')
Chris@76	127 fatal_lang_error('no_name', false);
Chris@76	128 if (!isset($_POST['y_email']) \|\| $_POST['y_email'] == '')
Chris@76	129 fatal_lang_error('no_email', false);
Chris@76	130 if (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]@[\w\-]+(\.[\w\-]+)(\.[\w]{2,6})$~', $_POST['y_email']) == 0)
Chris@76	131 fatal_lang_error('email_invalid_character', false);
Chris@76	132
Chris@76	133 // The receiver should be valid to.
Chris@76	134 if ($_POST['r_name'] == '_' \|\| !isset($_POST['r_name']) \|\| $_POST['r_name'] == '')
Chris@76	135 fatal_lang_error('no_name', false);
Chris@76	136 if (!isset($_POST['r_email']) \|\| $_POST['r_email'] == '')
Chris@76	137 fatal_lang_error('no_email', false);
Chris@76	138 if (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]@[\w\-]+(\.[\w\-]+)(\.[\w]{2,6})$~', $_POST['r_email']) == 0)
Chris@76	139 fatal_lang_error('email_invalid_character', false);
Chris@76	140
Chris@76	141 // Emails don't like entities...
Chris@76	142 $row['subject'] = un_htmlspecialchars($row['subject']);
Chris@76	143
Chris@76	144 $replacements = array(
Chris@76	145 'TOPICSUBJECT' => $row['subject'],
Chris@76	146 'SENDERNAME' => $_POST['y_name'],
Chris@76	147 'RECPNAME' => $_POST['r_name'],
Chris@76	148 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.0',
Chris@76	149 );
Chris@76	150
Chris@76	151 $emailtemplate = 'send_topic';
Chris@76	152
Chris@76	153 if (!empty($_POST['comment']))
Chris@76	154 {
Chris@76	155 $emailtemplate .= '_comment';
Chris@76	156 $replacements['COMMENT'] = $_POST['comment'];
Chris@76	157 }
Chris@76	158
Chris@76	159 $emaildata = loadEmailTemplate($emailtemplate, $replacements);
Chris@76	160 // And off we go!
Chris@76	161 sendmail($_POST['r_email'], $emaildata['subject'], $emaildata['body'], $_POST['y_email']);
Chris@76	162
Chris@76	163 // Back to the topic!
Chris@76	164 redirectexit('topic=' . $topic . '.0');
Chris@76	165 }
Chris@76	166
Chris@76	167 // Allow a user to send an email.
Chris@76	168 function CustomEmail()
Chris@76	169 {
Chris@76	170 global $context, $modSettings, $user_info, $smcFunc, $txt, $scripturl, $sourcedir;
Chris@76	171
Chris@76	172 // Can the user even see this information?
Chris@76	173 if ($user_info['is_guest'] && !empty($modSettings['guest_hideContacts']))
Chris@76	174 fatal_lang_error('no_access', false);
Chris@76	175
Chris@76	176 // Are we sending to a user?
Chris@76	177 $context['form_hidden_vars'] = array();
Chris@76	178 if (isset($_REQUEST['uid']))
Chris@76	179 {
Chris@76	180 $request = $smcFunc['db_query']('', '
Chris@76	181 SELECT email_address AS email, real_name AS name, id_member, hide_email
Chris@76	182 FROM {db_prefix}members
Chris@76	183 WHERE id_member = {int:id_member}',
Chris@76	184 array(
Chris@76	185 'id_member' => (int) $_REQUEST['uid'],
Chris@76	186 )
Chris@76	187 );
Chris@76	188
Chris@76	189 $context['form_hidden_vars']['uid'] = (int) $_REQUEST['uid'];
Chris@76	190 }
Chris@76	191 elseif (isset($_REQUEST['msg']))
Chris@76	192 {
Chris@76	193 $request = $smcFunc['db_query']('', '
Chris@76	194 SELECT IFNULL(mem.email_address, m.poster_email) AS email, IFNULL(mem.real_name, m.poster_name) AS name, IFNULL(mem.id_member, 0) AS id_member, hide_email
Chris@76	195 FROM {db_prefix}messages AS m
Chris@76	196 LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
Chris@76	197 WHERE m.id_msg = {int:id_msg}',
Chris@76	198 array(
Chris@76	199 'id_msg' => (int) $_REQUEST['msg'],
Chris@76	200 )
Chris@76	201 );
Chris@76	202
Chris@76	203 $context['form_hidden_vars']['msg'] = (int) $_REQUEST['msg'];
Chris@76	204 }
Chris@76	205
Chris@76	206 if (empty($request) \|\| $smcFunc['db_num_rows']($request) == 0)
Chris@76	207 fatal_lang_error('cant_find_user_email');
Chris@76	208
Chris@76	209 $row = $smcFunc['db_fetch_assoc']($request);
Chris@76	210 $smcFunc['db_free_result']($request);
Chris@76	211
Chris@76	212 // Are you sure you got the address?
Chris@76	213 if (empty($row['email']))
Chris@76	214 fatal_lang_error('cant_find_user_email');
Chris@76	215
Chris@76	216 // Can they actually do this?
Chris@76	217 $context['show_email_address'] = showEmailAddress(!empty($row['hide_email']), $row['id_member']);
Chris@76	218 if ($context['show_email_address'] === 'no')
Chris@76	219 fatal_lang_error('no_access', false);
Chris@76	220
Chris@76	221 // Setup the context!
Chris@76	222 $context['recipient'] = array(
Chris@76	223 'id' => $row['id_member'],
Chris@76	224 'name' => $row['name'],
Chris@76	225 'email' => $row['email'],
Chris@76	226 'email_link' => ($context['show_email_address'] == 'yes_permission_override' ? '<em>' : '') . '<a href="mailto:' . $row['email'] . '">' . $row['email'] . '</a>' . ($context['show_email_address'] == 'yes_permission_override' ? '</em>' : ''),
Chris@76	227 'link' => $row['id_member'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['name'] . '</a>' : $row['name'],
Chris@76	228 );
Chris@76	229
Chris@76	230 // Can we see this person's email address?
Chris@76	231 $context['can_view_receipient_email'] = $context['show_email_address'] == 'yes' \|\| $context['show_email_address'] == 'yes_permission_override';
Chris@76	232
Chris@76	233 // Are we actually sending it?
Chris@76	234 if (isset($_POST['send']) && isset($_POST['email_body']))
Chris@76	235 {
Chris@76	236 require_once($sourcedir . '/Subs-Post.php');
Chris@76	237
Chris@76	238 checkSession();
Chris@76	239
Chris@76	240 // If it's a guest sort out their names.
Chris@76	241 if ($user_info['is_guest'])
Chris@76	242 {
Chris@76	243 if (empty($_POST['y_name']) \|\| $_POST['y_name'] == '_' \|\| trim($_POST['y_name']) == '')
Chris@76	244 fatal_lang_error('no_name', false);
Chris@76	245 if (empty($_POST['y_email']))
Chris@76	246 fatal_lang_error('no_email', false);
Chris@76	247 if (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]@[\w\-]+(\.[\w\-]+)(\.[\w]{2,6})$~', $_POST['y_email']) == 0)
Chris@76	248 fatal_lang_error('email_invalid_character', false);
Chris@76	249
Chris@76	250 $from_name = trim($_POST['y_name']);
Chris@76	251 $from_email = trim($_POST['y_email']);
Chris@76	252 }
Chris@76	253 else
Chris@76	254 {
Chris@76	255 $from_name = $user_info['name'];
Chris@76	256 $from_email = $user_info['email'];
Chris@76	257 }
Chris@76	258
Chris@76	259 // Check we have a body (etc).
Chris@76	260 if (trim($_POST['email_body']) == '' \|\| trim($_POST['email_subject']) == '')
Chris@76	261 fatal_lang_error('email_missing_data');
Chris@76	262
Chris@76	263 // We use a template in case they want to customise!
Chris@76	264 $replacements = array(
Chris@76	265 'EMAILSUBJECT' => $_POST['email_subject'],
Chris@76	266 'EMAILBODY' => $_POST['email_body'],
Chris@76	267 'SENDERNAME' => $from_name,
Chris@76	268 'RECPNAME' => $context['recipient']['name'],
Chris@76	269 );
Chris@76	270
Chris@76	271 // Don't let them send too many!
Chris@76	272 spamProtection('sendmail');
Chris@76	273
Chris@76	274 // Get the template and get out!
Chris@76	275 $emaildata = loadEmailTemplate('send_email', $replacements);
Chris@76	276 sendmail($context['recipient']['email'], $emaildata['subject'], $emaildata['body'], $from_email, null, false, 1, null, true);
Chris@76	277
Chris@76	278 // Now work out where to go!
Chris@76	279 if (isset($_REQUEST['uid']))
Chris@76	280 redirectexit('action=profile;u=' . (int) $_REQUEST['uid']);
Chris@76	281 elseif (isset($_REQUEST['msg']))
Chris@76	282 redirectexit('msg=' . (int) $_REQUEST['msg']);
Chris@76	283 else
Chris@76	284 redirectexit();
Chris@76	285 }
Chris@76	286
Chris@76	287 $context['sub_template'] = 'custom_email';
Chris@76	288 $context['page_title'] = $txt['send_email'];
Chris@76	289 }
Chris@76	290
Chris@76	291 // Report a post to the moderator... ask for a comment.
Chris@76	292 function ReportToModerator()
Chris@76	293 {
Chris@76	294 global $txt, $topic, $sourcedir, $modSettings, $user_info, $context, $smcFunc;
Chris@76	295
Chris@76	296 $context['robot_no_index'] = true;
Chris@76	297
Chris@76	298 // You can't use this if it's off or you are not allowed to do it.
Chris@76	299 isAllowedTo('report_any');
Chris@76	300
Chris@76	301 // If they're posting, it should be processed by ReportToModerator2.
Chris@76	302 if ((isset($_POST[$context['session_var']]) \|\| isset($_POST['submit'])) && empty($context['post_errors']))
Chris@76	303 ReportToModerator2();
Chris@76	304
Chris@76	305 // We need a message ID to check!
Chris@76	306 if (empty($_REQUEST['msg']) && empty($_REQUEST['mid']))
Chris@76	307 fatal_lang_error('no_access', false);
Chris@76	308
Chris@76	309 // For compatibility, accept mid, but we should be using msg. (not the flavor kind!)
Chris@76	310 $_REQUEST['msg'] = empty($_REQUEST['msg']) ? (int) $_REQUEST['mid'] : (int) $_REQUEST['msg'];
Chris@76	311
Chris@76	312 // Check the message's ID - don't want anyone reporting a post they can't even see!
Chris@76	313 $result = $smcFunc['db_query']('', '
Chris@76	314 SELECT m.id_msg, m.id_member, t.id_member_started
Chris@76	315 FROM {db_prefix}messages AS m
Chris@76	316 INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
Chris@76	317 WHERE m.id_msg = {int:id_msg}
Chris@76	318 AND m.id_topic = {int:current_topic}
Chris@76	319 LIMIT 1',
Chris@76	320 array(
Chris@76	321 'current_topic' => $topic,
Chris@76	322 'id_msg' => $_REQUEST['msg'],
Chris@76	323 )
Chris@76	324 );
Chris@76	325 if ($smcFunc['db_num_rows']($result) == 0)
Chris@76	326 fatal_lang_error('no_board', false);
Chris@76	327 list ($_REQUEST['msg'], $member, $starter) = $smcFunc['db_fetch_row']($result);
Chris@76	328 $smcFunc['db_free_result']($result);
Chris@76	329
Chris@76	330 // Do we need to show the visual verification image?
Chris@76	331 $context['require_verification'] = $user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha']);
Chris@76	332 if ($context['require_verification'])
Chris@76	333 {
Chris@76	334 require_once($sourcedir . '/Subs-Editor.php');
Chris@76	335 $verificationOptions = array(
Chris@76	336 'id' => 'report',
Chris@76	337 );
Chris@76	338 $context['require_verification'] = create_control_verification($verificationOptions);
Chris@76	339 $context['visual_verification_id'] = $verificationOptions['id'];
Chris@76	340 }
Chris@76	341
Chris@76	342 // Show the inputs for the comment, etc.
Chris@76	343 loadLanguage('Post');
Chris@76	344 loadTemplate('SendTopic');
Chris@76	345
Chris@76	346 $context['comment_body'] = !isset($_POST['comment']) ? '' : trim($_POST['comment']);
Chris@76	347 $context['email_address'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
Chris@76	348
Chris@76	349 // This is here so that the user could, in theory, be redirected back to the topic.
Chris@76	350 $context['start'] = $_REQUEST['start'];
Chris@76	351 $context['message_id'] = $_REQUEST['msg'];
Chris@76	352
Chris@76	353 $context['page_title'] = $txt['report_to_mod'];
Chris@76	354 $context['sub_template'] = 'report';
Chris@76	355 }
Chris@76	356
Chris@76	357 // Send the emails.
Chris@76	358 function ReportToModerator2()
Chris@76	359 {
Chris@76	360 global $txt, $scripturl, $topic, $board, $user_info, $modSettings, $sourcedir, $language, $context, $smcFunc;
Chris@76	361
Chris@76	362 // You must have the proper permissions!
Chris@76	363 isAllowedTo('report_any');
Chris@76	364
Chris@76	365 // Make sure they aren't spamming.
Chris@76	366 spamProtection('reporttm');
Chris@76	367
Chris@76	368 require_once($sourcedir . '/Subs-Post.php');
Chris@76	369
Chris@76	370 // No errors, yet.
Chris@76	371 $post_errors = array();
Chris@76	372
Chris@76	373 // Check their session.
Chris@76	374 if (checkSession('post', '', false) != '')
Chris@76	375 $post_errors[] = 'session_timeout';
Chris@76	376
Chris@76	377 // Make sure we have a comment and it's clean.
Chris@76	378 if (!isset($_POST['comment']) \|\| $smcFunc['htmltrim']($_POST['comment']) === '')
Chris@76	379 $post_errors[] = 'no_comment';
Chris@76	380 $poster_comment = strtr($smcFunc['htmlspecialchars']($_POST['comment']), array("\r" => '', "\n" => '', "\t" => ''));
Chris@76	381
Chris@76	382 // Guests need to provide their address!
Chris@76	383 if ($user_info['is_guest'])
Chris@76	384 {
Chris@76	385 $_POST['email'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
Chris@76	386 if ($_POST['email'] === '')
Chris@76	387 $post_errors[] = 'no_email';
Chris@76	388 elseif (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]@[\w\-]+(\.[\w\-]+)(\.[\w]{2,6})$~', $_POST['email']) == 0)
Chris@76	389 $post_errors[] = 'bad_email';
Chris@76	390
Chris@76	391 isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
Chris@76	392
Chris@76	393 $user_info['email'] = htmlspecialchars($_POST['email']);
Chris@76	394 }
Chris@76	395
Chris@76	396 // Could they get the right verification code?
Chris@76	397 if ($user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha']))
Chris@76	398 {
Chris@76	399 require_once($sourcedir . '/Subs-Editor.php');
Chris@76	400 $verificationOptions = array(
Chris@76	401 'id' => 'report',
Chris@76	402 );
Chris@76	403 $context['require_verification'] = create_control_verification($verificationOptions, true);
Chris@76	404 if (is_array($context['require_verification']))
Chris@76	405 $post_errors = array_merge($post_errors, $context['require_verification']);
Chris@76	406 }
Chris@76	407
Chris@76	408 // Any errors?
Chris@76	409 if (!empty($post_errors))
Chris@76	410 {
Chris@76	411 loadLanguage('Errors');
Chris@76	412
Chris@76	413 $context['post_errors'] = array();
Chris@76	414 foreach ($post_errors as $post_error)
Chris@76	415 $context['post_errors'][] = $txt['error_' . $post_error];
Chris@76	416
Chris@76	417 return ReportToModerator();
Chris@76	418 }
Chris@76	419
Chris@76	420 // Get the basic topic information, and make sure they can see it.
Chris@76	421 $_POST['msg'] = (int) $_POST['msg'];
Chris@76	422
Chris@76	423 $request = $smcFunc['db_query']('', '
Chris@76	424 SELECT m.id_topic, m.id_board, m.subject, m.body, m.id_member AS id_poster, m.poster_name, mem.real_name
Chris@76	425 FROM {db_prefix}messages AS m
Chris@76	426 LEFT JOIN {db_prefix}members AS mem ON (m.id_member = mem.id_member)
Chris@76	427 WHERE m.id_msg = {int:id_msg}
Chris@76	428 AND m.id_topic = {int:current_topic}
Chris@76	429 LIMIT 1',
Chris@76	430 array(
Chris@76	431 'current_topic' => $topic,
Chris@76	432 'id_msg' => $_POST['msg'],
Chris@76	433 )
Chris@76	434 );
Chris@76	435 if ($smcFunc['db_num_rows']($request) == 0)
Chris@76	436 fatal_lang_error('no_board', false);
Chris@76	437 $message = $smcFunc['db_fetch_assoc']($request);
Chris@76	438 $smcFunc['db_free_result']($request);
Chris@76	439
Chris@76	440 $poster_name = un_htmlspecialchars($message['real_name']) . ($message['real_name'] != $message['poster_name'] ? ' (' . $message['poster_name'] . ')' : '');
Chris@76	441 $reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
Chris@76	442 $subject = un_htmlspecialchars($message['subject']);
Chris@76	443
Chris@76	444 // Get a list of members with the moderate_board permission.
Chris@76	445 require_once($sourcedir . '/Subs-Members.php');
Chris@76	446 $moderators = membersAllowedTo('moderate_board', $board);
Chris@76	447
Chris@76	448 $request = $smcFunc['db_query']('', '
Chris@76	449 SELECT id_member, email_address, lngfile, mod_prefs
Chris@76	450 FROM {db_prefix}members
Chris@76	451 WHERE id_member IN ({array_int:moderator_list})
Chris@76	452 AND notify_types != {int:notify_types}
Chris@76	453 ORDER BY lngfile',
Chris@76	454 array(
Chris@76	455 'moderator_list' => $moderators,
Chris@76	456 'notify_types' => 4,
Chris@76	457 )
Chris@76	458 );
Chris@76	459
Chris@76	460 // Check that moderators do exist!
Chris@76	461 if ($smcFunc['db_num_rows']($request) == 0)
Chris@76	462 fatal_lang_error('no_mods', false);
Chris@76	463
Chris@76	464 // If we get here, I believe we should make a record of this, for historical significance, yabber.
Chris@76	465 if (empty($modSettings['disable_log_report']))
Chris@76	466 {
Chris@76	467 $request2 = $smcFunc['db_query']('', '
Chris@76	468 SELECT id_report, ignore_all
Chris@76	469 FROM {db_prefix}log_reported
Chris@76	470 WHERE id_msg = {int:id_msg}
Chris@76	471 AND (closed = {int:not_closed} OR ignore_all = {int:ignored})
Chris@76	472 ORDER BY ignore_all DESC',
Chris@76	473 array(
Chris@76	474 'id_msg' => $_POST['msg'],
Chris@76	475 'not_closed' => 0,
Chris@76	476 'ignored' => 1,
Chris@76	477 )
Chris@76	478 );
Chris@76	479 if ($smcFunc['db_num_rows']($request2) != 0)
Chris@76	480 list ($id_report, $ignore) = $smcFunc['db_fetch_row']($request2);
Chris@76	481 $smcFunc['db_free_result']($request2);
Chris@76	482
Chris@76	483 // If we're just going to ignore these, then who gives a monkeys...
Chris@76	484 if (!empty($ignore))
Chris@76	485 redirectexit('topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg']);
Chris@76	486
Chris@76	487 // Already reported? My god, we could be dealing with a real rogue here...
Chris@76	488 if (!empty($id_report))
Chris@76	489 $smcFunc['db_query']('', '
Chris@76	490 UPDATE {db_prefix}log_reported
Chris@76	491 SET num_reports = num_reports + 1, time_updated = {int:current_time}
Chris@76	492 WHERE id_report = {int:id_report}',
Chris@76	493 array(
Chris@76	494 'current_time' => time(),
Chris@76	495 'id_report' => $id_report,
Chris@76	496 )
Chris@76	497 );
Chris@76	498 // Otherwise, we shall make one!
Chris@76	499 else
Chris@76	500 {
Chris@76	501 if (empty($message['real_name']))
Chris@76	502 $message['real_name'] = $message['poster_name'];
Chris@76	503
Chris@76	504 $smcFunc['db_insert']('',
Chris@76	505 '{db_prefix}log_reported',
Chris@76	506 array(
Chris@76	507 'id_msg' => 'int', 'id_topic' => 'int', 'id_board' => 'int', 'id_member' => 'int', 'membername' => 'string',
Chris@76	508 'subject' => 'string', 'body' => 'string', 'time_started' => 'int', 'time_updated' => 'int',
Chris@76	509 'num_reports' => 'int', 'closed' => 'int',
Chris@76	510 ),
Chris@76	511 array(
Chris@76	512 $_POST['msg'], $message['id_topic'], $message['id_board'], $message['id_poster'], $message['real_name'],
Chris@76	513 $message['subject'], $message['body'] , time(), time(), 1, 0,
Chris@76	514 ),
Chris@76	515 array('id_report')
Chris@76	516 );
Chris@76	517 $id_report = $smcFunc['db_insert_id']('{db_prefix}log_reported', 'id_report');
Chris@76	518 }
Chris@76	519
Chris@76	520 // Now just add our report...
Chris@76	521 if ($id_report)
Chris@76	522 {
Chris@76	523 $smcFunc['db_insert']('',
Chris@76	524 '{db_prefix}log_reported_comments',
Chris@76	525 array(
Chris@76	526 'id_report' => 'int', 'id_member' => 'int', 'membername' => 'string', 'email_address' => 'string',
Chris@76	527 'member_ip' => 'string', 'comment' => 'string', 'time_sent' => 'int',
Chris@76	528 ),
Chris@76	529 array(
Chris@76	530 $id_report, $user_info['id'], $user_info['name'], $user_info['email'],
Chris@76	531 $user_info['ip'], $poster_comment, time(),
Chris@76	532 ),
Chris@76	533 array('id_comment')
Chris@76	534 );
Chris@76	535 }
Chris@76	536 }
Chris@76	537
Chris@76	538 // Find out who the real moderators are - for mod preferences.
Chris@76	539 $request2 = $smcFunc['db_query']('', '
Chris@76	540 SELECT id_member
Chris@76	541 FROM {db_prefix}moderators
Chris@76	542 WHERE id_board = {int:current_board}',
Chris@76	543 array(
Chris@76	544 'current_board' => $board,
Chris@76	545 )
Chris@76	546 );
Chris@76	547 $real_mods = array();
Chris@76	548 while ($row = $smcFunc['db_fetch_assoc']($request2))
Chris@76	549 $real_mods[] = $row['id_member'];
Chris@76	550 $smcFunc['db_free_result']($request2);
Chris@76	551
Chris@76	552 // Send every moderator an email.
Chris@76	553 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	554 {
Chris@76	555 // Maybe they don't want to know?!
Chris@76	556 if (!empty($row['mod_prefs']))
Chris@76	557 {
Chris@76	558 list(,, $pref_binary) = explode('\|', $row['mod_prefs']);
Chris@76	559 if (!($pref_binary & 1) && (!($pref_binary & 2) \|\| !in_array($row['id_member'], $real_mods)))
Chris@76	560 continue;
Chris@76	561 }
Chris@76	562
Chris@76	563 $replacements = array(
Chris@76	564 'TOPICSUBJECT' => $subject,
Chris@76	565 'POSTERNAME' => $poster_name,
Chris@76	566 'REPORTERNAME' => $reporterName,
Chris@76	567 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg'],
Chris@76	568 'REPORTLINK' => !empty($id_report) ? $scripturl . '?action=moderate;area=reports;report=' . $id_report : '',
Chris@76	569 'COMMENT' => $_POST['comment'],
Chris@76	570 );
Chris@76	571
Chris@76	572 $emaildata = loadEmailTemplate('report_to_moderator', $replacements, empty($row['lngfile']) \|\| empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
Chris@76	573
Chris@76	574 // Send it to the moderator.
Chris@76	575 sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], $user_info['email'], null, false, 2);
Chris@76	576 }
Chris@76	577 $smcFunc['db_free_result']($request);
Chris@76	578
Chris@76	579 // Keep track of when the mod reports get updated, that way we know when we need to look again.
Chris@76	580 updateSettings(array('last_mod_report_action' => time()));
Chris@76	581
Chris@76	582 // Back to the post we reported!
Chris@76	583 redirectexit('reportsent;topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg']);
Chris@76	584 }
Chris@76	585
Chris@76	586 ?>

Mercurial > hg > vamp-website

annotate forum/Sources/SendTopic.php @ 76:e3e11437ecea website