Beispiel #1
0
/**
* Moderates an item
*
* This will actually perform moderation (approve or delete) one or more items
*
* @param    array   $mid        Array of items
* @param    array   $action     Array of actions to perform on items
* @param    string  $type       Type of items ('story', etc.)
* @param    int     $count      Number of items to moderate
* @return   string              HTML for "command and control" page
*
*/
function moderation($mid, $action, $type, $count)
{
    global $_CONF, $_TABLES;
    $retval = '';
    switch ($type) {
        case 'story':
            $id = 'sid';
            $table = $_TABLES['stories'];
            $submissiontable = $_TABLES['storysubmission'];
            $fields = 'sid,uid,tid,title,introtext,date,postmode';
            break;
        case 'comment':
            $id = 'cid';
            $submissiontable = $_TABLES['commentsubmissions'];
            $sidArray[] = '';
            break;
        default:
            if (strlen($type) <= 0) {
                // something is terribly wrong, bail
                $retval .= COM_errorLog("Unable to find type of {$type} in moderation() in moderation.php");
                return $retval;
            }
            list($id, $table, $fields, $submissiontable) = PLG_getModerationValues($type);
    }
    // Set true if an valid action other than delete_all is selected
    $formaction = false;
    for ($i = 0; $i < $count; $i++) {
        if (isset($action[$i]) and $action[$i] != '') {
            $formaction = true;
        } else {
            continue;
        }
        switch ($action[$i]) {
            case 'delete':
                if (!empty($type) && $type != 'story' && $type != 'draft') {
                    // There may be some plugin specific processing that needs to
                    // happen first.
                    $retval .= PLG_deleteSubmission($type, $mid[$i]);
                }
                if (empty($mid[$i])) {
                    $retval .= COM_errorLog("moderation.php just tried deleting everything in table {$submissiontable} because it got an empty id.  Please report this immediately to your site administrator");
                    return $retval;
                }
                if ($type == 'draft') {
                    STORY_deleteStory($mid[$i]);
                } else {
                    DB_delete($submissiontable, "{$id}", $mid[$i]);
                }
                break;
            case 'approve':
                if ($type == 'story') {
                    $result = DB_query("SELECT * FROM {$_TABLES['storysubmission']} WHERE sid = '{$mid[$i]}'");
                    $A = DB_fetchArray($result);
                    $A['related'] = addslashes(implode("\n", STORY_extractLinks($A['introtext'])));
                    $A['owner_id'] = $A['uid'];
                    $A['title'] = addslashes($A['title']);
                    $A['introtext'] = addslashes($A['introtext']);
                    $A['bodytext'] = addslashes($A['bodytext']);
                    $result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag FROM {$_TABLES['topics']} WHERE tid = '{$A['tid']}'");
                    $T = DB_fetchArray($result);
                    if ($T['archive_flag'] == 1) {
                        $frontpage = 0;
                    } else {
                        if (isset($_CONF['frontpage'])) {
                            $frontpage = $_CONF['frontpage'];
                        } else {
                            $frontpage = 1;
                        }
                    }
                    DB_save($_TABLES['stories'], 'sid,uid,tid,title,introtext,bodytext,related,date,show_topic_icon,commentcode,trackbackcode,postmode,frontpage,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$A['sid']}',{$A['uid']},'{$A['tid']}','{$A['title']}','{$A['introtext']}','{$A['bodytext']}','{$A['related']}','{$A['date']}','{$_CONF['show_topic_icon']}','{$_CONF['comment_code']}','{$_CONF['trackback_code']}','{$A['postmode']}',{$frontpage},{$A['owner_id']},{$T['group_id']},{$T['perm_owner']},{$T['perm_group']},{$T['perm_members']},{$T['perm_anon']}");
                    DB_delete($_TABLES['storysubmission'], "{$id}", $mid[$i]);
                    PLG_itemSaved($A['sid'], 'article');
                    COM_rdfUpToDateCheck();
                    COM_olderStuff();
                } else {
                    if ($type == 'draft') {
                        DB_query("UPDATE {$_TABLES['stories']} SET draft_flag = 0 WHERE sid = '{$mid[$i]}'");
                        COM_rdfUpToDateCheck();
                        COM_olderStuff();
                    } else {
                        if ($type == 'comment') {
                            $sid = CMT_approveModeration($mid[$i]);
                            if (!in_array($sid, $sidArray)) {
                                $sidArray[$i] = $sid;
                            }
                        } else {
                            // This is called in case this is a plugin. There may be some
                            // plugin specific processing that needs to happen.
                            DB_copy($table, $fields, $fields, $submissiontable, $id, $mid[$i]);
                            $retval .= PLG_approveSubmission($type, $mid[$i]);
                        }
                    }
                }
                break;
        }
    }
    // after loop update comment tree and count for each story
    if (isset($sidArray)) {
        foreach ($sidArray as $sid) {
            CMT_rebuildTree($sid);
            //update comment count of stories;
            $comments = DB_count($_TABLES['comments'], 'sid', $sid);
            DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $sid);
        }
    }
    //Add new comment users to group comment.submit group
    if (isset($_POST['publishfuture'])) {
        for ($i = 0; $i < count($_POST['publishfuture']); $i++) {
            $uid = COM_applyFilter($_POST['publishfuture'][$i], true);
            if ($uid > 1 && !SEC_inGroup('Comment Submitters', $uid)) {
                SEC_addUserToGroup($uid, 'Comment Submitters');
            }
        }
    }
    // Check if there was no direct action used on the form
    // and if the delete_all submit action was used
    if (!$formaction and isset($_POST['delitem'])) {
        foreach ($_POST['delitem'] as $delitem) {
            $delitem = COM_applyFilter($delitem);
            if (!empty($type) && $type != 'story' && $type != 'draft') {
                // There may be some plugin specific processing that needs to
                // happen first.
                $retval .= PLG_deleteSubmission($type, $delitem);
            }
            if ($type == 'draft') {
                STORY_deleteStory($delitem);
            } else {
                DB_delete($submissiontable, "{$id}", $delitem);
            }
        }
    }
    $retval .= commandcontrol(SEC_createToken());
    return $retval;
}
Beispiel #2
0
/**
* Moderates a single item
*
* This will actually perform moderation (approve or delete) one or more items
*
* @param    string  $action     Action to perform ('delete' or 'approve')
* @param    string  $type       Type of item ('user', 'draftstory', 'story', etc.)
* @param    string  $id         ID of item to approve or delete
* @return   string              HTML for "command and control" page
*
*/
function MODERATE_item($action = '', $type = '', $id = '')
{
    global $_CONF, $_TABLES;
    $retval = '';
    if (empty($action)) {
        // null action
        $retval .= COM_errorLog("Submissions Error: An attempt was made to moderate an item with a null action.");
        return $retval;
    }
    if (empty($type)) {
        // null item type
        $retval .= COM_errorLog("Submissions Error: An attempt was made to moderate a null item type.");
        return $retval;
    }
    if (empty($id)) {
        // null item type
        $retval .= COM_errorLog("Submissions Error: An attempt was made to moderate an item with a null id.");
        return $retval;
    }
    list($key, $table, $fields, $submissiontable) = PLG_getModerationValues($type);
    switch ($action) {
        case 'delete':
            switch ($type) {
                case 'user':
                    // user
                    if ($id > 1) {
                        USER_deleteAccount($id);
                    }
                    break;
                case 'story':
                    // story (needs to move to a plugin)
                    DB_delete($submissiontable, "{$key}", $id);
                    break;
                case 'draftstory':
                    // draft story
                    STORY_deleteStory($id);
                    break;
                default:
                    // plugin
                    $retval .= PLG_deleteSubmission($type, $id);
                    DB_delete($submissiontable, "{$key}", $id);
                    break;
            }
            break;
        case 'approve':
            switch ($type) {
                case 'story':
                    // story (needs to move to a plugin)
                    $result = DB_query("SELECT * FROM {$submissiontable} WHERE {$key} = '{$id}'");
                    $A = DB_fetchArray($result);
                    $A['related'] = DB_escapeString(implode("\n", STORY_extractLinks($A['introtext'])));
                    $A['owner_id'] = $A['uid'];
                    $A['title'] = DB_escapeString($A['title']);
                    $A['introtext'] = DB_escapeString($A['introtext']);
                    $A['bodytext'] = DB_escapeString($A['bodytext']);
                    $result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag FROM {$_TABLES['topics']} WHERE tid = '{$A['tid']}'");
                    $T = DB_fetchArray($result);
                    if ($T['archive_flag'] == 1) {
                        $frontpage = 0;
                    } else {
                        if (isset($_CONF['frontpage'])) {
                            $frontpage = $_CONF['frontpage'];
                        } else {
                            $frontpage = 1;
                        }
                    }
                    DB_save($table, 'sid,uid,tid,title,introtext,bodytext,related,date,show_topic_icon,commentcode,trackbackcode,postmode,frontpage,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$A['sid']}',{$A['uid']},'{$A['tid']}','{$A['title']}','{$A['introtext']}','{$A['bodytext']}','{$A['related']}','{$A['date']}','{$_CONF['show_topic_icon']}','{$_CONF['comment_code']}','{$_CONF['trackback_code']}','{$A['postmode']}',{$frontpage},{$A['owner_id']},{$T['group_id']},{$T['perm_owner']},{$T['perm_group']},{$T['perm_members']},{$T['perm_anon']}");
                    DB_delete($submissiontable, "{$key}", $id);
                    PLG_itemSaved($A['sid'], 'article');
                    COM_rdfUpToDateCheck();
                    COM_olderStuff();
                    break;
                case 'draftstory':
                    // draft story
                    DB_query("UPDATE {$table} SET draft_flag = 0 WHERE {$key} = '{$id}'");
                    COM_rdfUpToDateCheck();
                    COM_olderStuff();
                    break;
                case 'user':
                    // user
                    $result = DB_query("SELECT {$fields} FROM {$table} WHERE {$key} = '{$id}'");
                    $nrows = DB_numRows($result);
                    if ($nrows == 1) {
                        $A = DB_fetchArray($result);
                        if ($_CONF['registration_type'] == 1) {
                            $sql = "UPDATE {$table} SET status=" . USER_ACCOUNT_AWAITING_VERIFICATION . " WHERE {$key} = '{$A['uid']}'";
                        } else {
                            $sql = "UPDATE {$table} SET status=" . USER_ACCOUNT_AWAITING_ACTIVATION . " WHERE {$key} = '{$A['uid']}'";
                        }
                        DB_query($sql);
                        USER_createAndSendPassword($A['username'], $A['email'], $A['uid']);
                    }
                    break;
                default:
                    // plugin
                    DB_copy($table, $fields, $fields, $submissiontable, $key, $id);
                    $retval .= PLG_approveSubmission($type, $id);
                    break;
            }
            break;
    }
    // switch ($action)
    return $retval;
}