Beispiel #1
0
function do_moderation()
{
    global $vbulletin, $db, $foruminfo, $forumperms, $threadinfo, $postinfo, $vbphrase, $threadid;
    $postlimit = 400;
    $threadlimit = 200;
    $threadarray = array();
    $postarray = array();
    $postinfos = array();
    $forumlist = array();
    $threadlist = array();
    switch ($_REQUEST['do']) {
        case 'openclosethread':
        case 'dodeletethread':
        case 'domovethread':
        case 'updatethread':
        case 'domergethread':
        case 'stick':
        case 'removeredirect':
        case 'deletethread':
        case 'deleteposts':
        case 'movethread':
        case 'copythread':
        case 'editthread':
        case 'mergethread':
        case 'moderatethread':
            if (!$threadinfo['threadid']) {
                standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']));
            }
    }
    if ($_REQUEST['do'] == 'getforums') {
        $forums = array();
        get_forums(-1, $forums);
        return array('forums' => $forums);
    }
    if ($threadinfo['forumid']) {
        $forumperms = fetch_permissions($threadinfo['forumid']);
        if ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
            json_error(ERR_NO_PERMISSION);
        }
    }
    // Open/Close Thread
    if ($_POST['do'] == 'openclosethread') {
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        // permission check
        if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                if (!is_first_poster($threadid)) {
                    json_error(ERR_NO_PERMISSION);
                }
            }
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        // handles mod log
        $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
        $threadman->set_existing($threadinfo);
        $threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1);
        ($hook = vBulletinHook::fetch_hook('threadmanage_openclose')) ? eval($hook) : false;
        $threadman->save();
    }
    // Stick/Unstick Thread
    if ($_POST['do'] == 'stick') {
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
            json_error(ERR_NO_PERMISSION);
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        // handles mod log
        $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
        $threadman->set_existing($threadinfo);
        $threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1);
        ($hook = vBulletinHook::fetch_hook('threadmanage_stickunstick')) ? eval($hook) : false;
        $threadman->save();
    }
    // Delete Thread
    if ($_POST['do'] == 'dodeletethread') {
        $vbulletin->input->clean_array_gpc('p', array('deletetype' => TYPE_UINT, 'deletereason' => TYPE_STR, 'keepattachments' => TYPE_BOOL));
        $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']);
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'canremoveposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        $physicaldel = false;
        if (!can_moderate($threadinfo['forumid'], 'candeleteposts') and !can_moderate($threadinfo['forumid'], 'canremoveposts')) {
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                if ($threadinfo['dateline'] < TIMENOW - $vbulletin->options['edittimelimit'] * 60 and $vbulletin->options['edittimelimit'] != 0) {
                    json_error(ERR_NO_PERMISSION);
                } else {
                    if (!$threadinfo['open']) {
                        json_error(ERR_NO_PERMISSION);
                    }
                    if (!is_first_poster($threadinfo['threadid'])) {
                        json_error(ERR_NO_PERMISSION);
                    }
                }
            }
        } else {
            if (!can_moderate($threadinfo['forumid'], 'canremoveposts')) {
                $physicaldel = false;
            } else {
                if (!can_moderate($threadinfo['forumid'], 'candeleteposts')) {
                    $physicaldel = true;
                } else {
                    $physicaldel = iif($vbulletin->GPC['deletetype'] == 1, false, true);
                }
            }
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        $delinfo = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']);
        $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
        $threadman->set_existing($threadinfo);
        $threadman->delete($foruminfo['countposts'], $physicaldel, $delinfo);
        unset($threadman);
        build_forum_counters($threadinfo['forumid']);
    }
    // Delete Posts
    if ($_POST['do'] == 'dodeleteposts') {
        $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR));
        $postids = explode(',', $vbulletin->GPC['postids']);
        foreach ($postids as $index => $postid) {
            if (intval($postid) == 0) {
                unset($postids["{$index}"]);
            } else {
                $postids["{$index}"] = intval($postid);
            }
        }
        if (empty($postids)) {
            standard_error(fetch_error('no_applicable_posts_selected'));
        }
        if (count($postids) > 400) {
            standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit));
        }
        $vbulletin->input->clean_array_gpc('p', array('deletetype' => TYPE_UINT, 'keepattachments' => TYPE_BOOL, 'deletereason' => TYPE_STR));
        $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']);
        $physicaldel = iif($vbulletin->GPC['deletetype'] == 1, false, true);
        // Validate posts
        $posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title, post.userid AS posteruserid,\n\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\tORDER BY postid\n\t");
        $deletethreads = array();
        $firstpost = array();
        while ($post = $db->fetch_array($posts)) {
            $forumperms = fetch_permissions($post['forumid']);
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) {
                json_error(ERR_NO_PERMISSION);
            }
            if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) {
                standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
            } else {
                if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) {
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                } else {
                    if (!can_moderate($post['forumid'], 'canremoveposts') and !can_moderate($post['forumid'], 'candeleteposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                    }
                }
            }
            if (!can_moderate($post['forumid'], 'canremoveposts') and $physicaldel) {
                standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
            } else {
                if (!physicaldel and (!can_moderate($post['forumid'], 'candeleteposts') and ($post['posteruserid'] != $vbulletin->userinfo['userid'] or !($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['candeletepost'])))) {
                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                }
            }
            $postarray["{$post['postid']}"] = $post;
            $threadlist["{$post['threadid']}"] = true;
            $forumlist["{$post['forumid']}"] = true;
            if ($post['firstpostid'] == $post['postid']) {
                // deleting a thread so do not decremement the counters of any other posts in this thread
                $firstpost["{$post['threadid']}"] = true;
            } else {
                if (!empty($firstpost["{$post['threadid']}"])) {
                    $postarray["{$post['postid']}"]['skippostcount'] = true;
                }
            }
        }
        if (empty($postarray)) {
            standard_error(fetch_error('no_applicable_posts_selected'));
        }
        $firstpost = false;
        $gotothread = true;
        foreach ($postarray as $postid => $post) {
            $foruminfo = fetch_foruminfo($post['forumid']);
            $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost');
            $postman->set_existing($post);
            $postman->delete($foruminfo['countposts'] and !$post['skippostcount'], $post['threadid'], $physicaldel, array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']));
            unset($postman);
        }
        foreach (array_keys($threadlist) as $threadid) {
            build_thread_counters($threadid);
        }
        foreach (array_keys($forumlist) as $forumid) {
            build_forum_counters($forumid);
        }
        ($hook = vBulletinHook::fetch_hook('inlinemod_dodeleteposts')) ? eval($hook) : false;
    }
    // Move Thread
    if ($_POST['do'] == 'domovethread') {
        $vbulletin->input->clean_array_gpc('p', array('destforumid' => TYPE_UINT, 'redirect' => TYPE_STR, 'title' => TYPE_NOHTML, 'redirectprefixid' => TYPE_NOHTML, 'redirecttitle' => TYPE_NOHTML, 'period' => TYPE_UINT, 'frame' => TYPE_STR));
        $vbulletin->GPC['title'] = prepare_remote_utf8_string($vbulletin->GPC['title']);
        $vbulletin->GPC['redirecttitle'] = prepare_remote_utf8_string($vbulletin->GPC['redirecttitle']);
        $vbulletin->GPC['redirectprefixid'] = prepare_remote_utf8_string($vbulletin->GPC['redirectprefixid']);
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        // check whether dest can contain posts
        $destforumid = verify_id('forum', $vbulletin->GPC['destforumid']);
        $destforuminfo = fetch_foruminfo($destforumid);
        if (!$destforuminfo['cancontainthreads'] or $destforuminfo['link']) {
            standard_error(fetch_error('moveillegalforum'));
        }
        if ($threadinfo['isdeleted'] and !can_moderate($destforuminfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($destforuminfo['forumid'], 'canmoderateposts')) {
            ## Insert proper phrase about not being able to move a hidden thread to a forum you can't moderateposts in or a deleted thread to a forum you can't deletethreads in
            standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
        }
        // check source forum permissions
        if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                if (!$threadinfo['open'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) {
                    json_error(ERR_NO_PERMISSION);
                }
                if (!is_first_poster($threadid)) {
                    json_error(ERR_NO_PERMISSION);
                }
            }
        }
        // check destination forum permissions
        $destforumperms = fetch_permissions($destforuminfo['forumid']);
        if (!($destforumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
            json_error(ERR_NO_PERMISSION);
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        verify_forum_password($destforuminfo['forumid'], $destforuminfo['password']);
        // check to see if this thread is being returned to a forum it's already been in
        // if a redirect exists already in the destination forum, remove it
        if ($checkprevious = $db->query_first_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE forumid = {$destforuminfo['forumid']} AND open = 10 AND pollid = {$threadid}")) {
            $old_redirect =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
            $old_redirect->set_existing($checkprevious);
            $old_redirect->delete(false, true, NULL, false);
            unset($old_redirect);
        }
        // check to see if this thread is being moved to the same forum it's already in but allow copying to the same forum
        if ($destforuminfo['forumid'] == $threadinfo['forumid'] and $vbulletin->GPC['redirect']) {
            standard_error(fetch_error('movesameforum'));
        }
        ($hook = vBulletinHook::fetch_hook('threadmanage_move_start')) ? eval($hook) : false;
        if ($vbulletin->GPC['title'] != '' and $vbulletin->GPC['title'] != $threadinfo['title']) {
            $oldtitle = $threadinfo['title'];
            $threadinfo['title'] = unhtmlspecialchars($vbulletin->GPC['title']);
            $updatetitle = true;
        } else {
            $oldtitle = $threadinfo['title'];
            $updatetitle = false;
        }
        if ($vbulletin->GPC['redirect'] == 'none') {
            $method = 'move';
        } else {
            $method = 'movered';
        }
        switch ($method) {
            // ***************************************************************
            // move the thread wholesale into the destination forum
            case 'move':
                // update forumid/notes and unstick to prevent abuse
                $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
                $threadman->set_info('skip_moderator_log', true);
                $threadman->set_existing($threadinfo);
                if ($updatetitle) {
                    $threadman->set('title', $threadinfo['title']);
                    if ($vbulletin->options['similarthreadsearch']) {
                        require_once DIR . '/includes/functions_search.php';
                        $threadman->set('similar', fetch_similar_threads(fetch_censored_text($vbulletin->GPC['title']), $threadinfo['threadid']));
                    }
                } else {
                    // Bypass check since title wasn't modified
                    $threadman->set('title', $threadinfo['title'], true, false);
                }
                $threadman->set('forumid', $destforuminfo['forumid']);
                // If mod can not manage threads in destination forum then unstick thread
                if (!can_moderate($destforuminfo['forumid'], 'canmanagethreads')) {
                    $threadman->set('sticky', 0);
                }
                ($hook = vBulletinHook::fetch_hook('threadmanage_move_simple')) ? eval($hook) : false;
                $threadman->save();
                log_moderator_action($threadinfo, 'thread_moved_to_x', $destforuminfo['title']);
                break;
                // ***************************************************************
                // ***************************************************************
                // move the thread into the destination forum and leave a redirect
            // ***************************************************************
            // ***************************************************************
            // move the thread into the destination forum and leave a redirect
            case 'movered':
                $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
                $threadman->set_info('skip_moderator_log', true);
                $threadman->set_existing($threadinfo);
                if ($updatetitle) {
                    $threadman->set('title', $threadinfo['title']);
                    if ($vbulletin->options['similarthreadsearch']) {
                        require_once DIR . '/includes/functions_search.php';
                        $threadman->set('similar', fetch_similar_threads(fetch_censored_text($vbulletin->GPC['title']), $threadinfo['threadid']));
                    }
                } else {
                    // Bypass check since title wasn't modified
                    $threadman->set('title', $threadinfo['title'], true, false);
                }
                $threadman->set('forumid', $destforuminfo['forumid']);
                // If mod can not manage threads in destination forum then unstick thread
                if (!can_moderate($destforuminfo['forumid'], 'canmanagethreads')) {
                    $threadman->set('sticky', 0);
                }
                ($hook = vBulletinHook::fetch_hook('threadmanage_move_redirect_orig')) ? eval($hook) : false;
                $threadman->save();
                unset($threadman);
                if ($threadinfo['visible'] == 1) {
                    // Insert redirect for visible thread
                    log_moderator_action($threadinfo, 'thread_moved_with_redirect_to_a', $destforuminfo['title']);
                    $redirdata = array('lastpost' => intval($threadinfo['lastpost']), 'forumid' => intval($threadinfo['forumid']), 'pollid' => intval($threadinfo['threadid']), 'open' => 10, 'replycount' => intval($threadinfo['replycount']), 'postusername' => $threadinfo['postusername'], 'postuserid' => intval($threadinfo['postuserid']), 'lastposter' => $threadinfo['lastposter'], 'dateline' => intval($threadinfo['dateline']), 'views' => intval($threadinfo['views']), 'iconid' => intval($threadinfo['iconid']), 'visible' => 1);
                    $redir =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
                    foreach (array_keys($redirdata) as $field) {
                        // bypassing the verify_* calls; this data should be valid as is
                        $redir->setr($field, $redirdata["{$field}"], true, false);
                    }
                    if ($updatetitle) {
                        if (empty($vbulletin->GPC['redirecttitle'])) {
                            $redir->set('title', $threadinfo['title']);
                        } else {
                            $redir->set('title', unhtmlspecialchars($vbulletin->GPC['redirecttitle']));
                        }
                    } else {
                        // Bypass check since title wasn't modified
                        if (empty($vbulletin->GPC['redirecttitle'])) {
                            $redir->set('title', $threadinfo['title'], true, false);
                        } else {
                            $redir->set('title', unhtmlspecialchars($vbulletin->GPC['redirecttitle']));
                        }
                    }
                    require_once DIR . '/includes/functions_prefix.php';
                    if (can_use_prefix($vbulletin->GPC['redirectprefixid'])) {
                        $redir->set('prefixid', $vbulletin->GPC['redirectprefixid']);
                    }
                    ($hook = vBulletinHook::fetch_hook('threadmanage_move_redirect_notice')) ? eval($hook) : false;
                    if ($redirthreadid = $redir->save() and $vbulletin->GPC['redirect'] == 'expires') {
                        switch ($vbulletin->GPC['frame']) {
                            case 'h':
                                $expires = mktime(date('H') + $vbulletin->GPC['period'], date('i'), date('s'), date('m'), date('d'), date('y'));
                                break;
                            case 'd':
                                $expires = mktime(date('H'), date('i'), date('s'), date('m'), date('d') + $vbulletin->GPC['period'], date('y'));
                                break;
                            case 'w':
                                $expires = $vbulletin->GPC['period'] * 60 * 60 * 24 * 7 + TIMENOW;
                                break;
                            case 'y':
                                $expires = mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y') + $vbulletin->GPC['period']);
                                break;
                            case 'm':
                            default:
                                $expires = mktime(date('H'), date('i'), date('s'), date('m') + $vbulletin->GPC['period'], date('d'), date('y'));
                        }
                        $db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "threadredirect\n\t\t\t\t\t\t\t(threadid, expires)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$redirthreadid}, {$expires})\n\t\t\t\t\t");
                    }
                    unset($redir);
                } else {
                    // leave no redirect for hidden or deleted threads
                    log_moderator_action($threadinfo, 'thread_moved_to_x', $destforuminfo['title']);
                }
                break;
                // ***************************************************************
        }
        // end switch($method)
        // kill the cache for the old thread
        delete_post_cache_threads(array($threadinfo['threadid']));
        // Update Post Count if we move from a counting forum to a non counting or vice-versa..
        // Source Dest  Visible Thread    Hidden Thread
        // Yes    Yes   ~           	  ~
        // Yes    No    -visible          ~
        // No     Yes   +visible          ~
        // No     No    ~                 ~
        if ($threadinfo['visible'] and ($method == 'move' or $method == 'movered') and ($foruminfo['countposts'] and !$destforuminfo['countposts'] or !$foruminfo['countposts'] and $destforuminfo['countposts'])) {
            $posts = $db->query_read_slave("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\tAND\tuserid > 0\n\t\t\t\tAND visible = 1\n\t\t");
            $userbyuserid = array();
            while ($post = $db->fetch_array($posts)) {
                if (!isset($userbyuserid["{$post['userid']}"])) {
                    $userbyuserid["{$post['userid']}"] = 1;
                } else {
                    $userbyuserid["{$post['userid']}"]++;
                }
            }
            if (!empty($userbyuserid)) {
                $userbypostcount = array();
                foreach ($userbyuserid as $postuserid => $postcount) {
                    $alluserids .= ",{$postuserid}";
                    $userbypostcount["{$postcount}"] .= ",{$postuserid}";
                }
                foreach ($userbypostcount as $postcount => $userids) {
                    $casesql .= " WHEN userid IN (0{$userids}) THEN {$postcount}";
                }
                $operator = $destforuminfo['countposts'] ? '+' : '-';
                $db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\tSET posts = CAST(posts AS SIGNED) {$operator}\n\t\t\t\t\tCASE\n\t\t\t\t\t\t{$casesql}\n\t\t\t\t\t\tELSE 0\n\t\t\t\t\tEND\n\t\t\t\tWHERE userid IN (0{$alluserids})\n\t\t\t");
            }
        }
        build_forum_counters($threadinfo['forumid']);
        if ($threadinfo['forumid'] != $destforuminfo['forumid']) {
            build_forum_counters($destforuminfo['forumid']);
        }
        // Update canview status of thread subscriptions
        update_subscriptions(array('threadids' => array($threadid)));
    }
    // Undelete Posts
    if ($_POST['do'] == 'undeleteposts') {
        $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR));
        $postids = explode(',', $vbulletin->GPC['postids']);
        foreach ($postids as $index => $postid) {
            if (intval($postid) == 0) {
                unset($postids["{$index}"]);
            } else {
                $postids["{$index}"] = intval($postid);
            }
        }
        if (empty($postids)) {
            standard_error(fetch_error('no_applicable_posts_selected'));
        }
        if (count($postids) > 400) {
            standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit));
        }
        $postids = implode(',', $postids);
        // Validate posts
        $posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title, post.userid,\n\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible,\n\t\t\tforum.options AS forum_options\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forum AS forum USING (forumid)\n\t\tWHERE postid IN ({$postids})\n\t\t\tAND (post.visible = 2 OR (post.visible = 1 AND thread.visible = 2 AND post.postid = thread.firstpostid))\n\t\tORDER BY postid\n\t");
        $deletethreads = array();
        while ($post = $db->fetch_array($posts)) {
            $forumperms = fetch_permissions($post['forumid']);
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) {
                json_error(ERR_NO_PERMISSION);
            }
            if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) {
                standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
            } else {
                if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) {
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                }
            }
            $postarray["{$post['postid']}"] = $post;
            $threadlist["{$post['threadid']}"] = true;
            $forumlist["{$post['forumid']}"] = true;
            if ($post['firstpostid'] == $post['postid']) {
                // undeleting a thread so need to update the $tinfo for any other posts in this thread
                $firstpost["{$post['threadid']}"] = true;
            } else {
                if (!empty($firstpost["{$post['threadid']}"])) {
                    $postarray["{$post['postid']}"]['thread_visible'] = 1;
                }
            }
        }
        if (is_array($postarray)) {
            foreach ($postarray as $postid => $post) {
                $tinfo = array('threadid' => $post['threadid'], 'forumid' => $post['forumid'], 'visible' => $post['thread_visible'], 'firstpostid' => $post['firstpostid']);
                undelete_post($post['postid'], $post['forum_options'] & $vbulletin->bf_misc_forumoptions['countposts'], $post, $tinfo, false);
            }
        }
        if (is_array($threadlist)) {
            foreach (array_keys($threadlist) as $threadid) {
                build_thread_counters($threadid);
            }
        }
        if (is_array($forumlist)) {
            foreach (array_keys($forumlist) as $forumid) {
                build_forum_counters($forumid);
            }
        }
    }
    // Delete As Spam
    if ($_REQUEST['do'] == 'dodeletespam') {
        $vbulletin->input->clean_array_gpc('p', array('type' => TYPE_STR));
        if ($vbulletin->GPC['type'] == 'post') {
            $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR));
            $postids = explode(',', $vbulletin->GPC['postids']);
            foreach ($postids as $index => $postid) {
                if (intval($postid) == 0) {
                    unset($postids["{$index}"]);
                } else {
                    $postids["{$index}"] = intval($postid);
                }
            }
            if (empty($postids)) {
                standard_error(fetch_error('no_applicable_posts_selected'));
            }
            if (count($postids) > $postlimit) {
                standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit));
            }
        } else {
            $vbulletin->input->clean_array_gpc('p', array('threadid' => TYPE_STR));
            $threadids = explode(',', $vbulletin->GPC['threadid']);
            foreach ($threadids as $index => $threadid) {
                if (intval($threadid) == 0) {
                    unset($threadids["{$index}"]);
                } else {
                    $threadids["{$index}"] = intval($threadid);
                }
            }
            if (empty($threadids)) {
                standard_error(fetch_error('you_did_not_select_any_valid_threads'));
            }
            if (count($threadids) > $threadlimit) {
                standard_error(fetch_error('you_are_limited_to_working_with_x_threads', $threadlimit));
            }
        }
        $vbulletin->input->clean_array_gpc('p', array('banusers' => TYPE_BOOL, 'userids' => TYPE_STR));
        $banusers = false;
        if ($vbulletin->GPC['banusers']) {
            $banusers = true;
        }
        $vbulletin->GPC['userid'] = split(',', $vbulletin->GPC['userids']);
        $vbulletin->GPC_exists['userid'] = true;
        $userids = array();
        if ($vbulletin->GPC['type'] == 'thread') {
            // threads
            $threadarray = array();
            $threads = $db->query_read_slave("\n\t\t\tSELECT threadid, open, visible, forumid, title, prefixid, postuserid\n\t\t\tFROM " . TABLE_PREFIX . "thread\n\t\t\tWHERE threadid IN (" . implode(',', $threadids) . ")\n\t\t");
            while ($thread = $db->fetch_array($threads)) {
                $forumperms = fetch_permissions($thread['forumid']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $thread['postuserid'] != $vbulletin->userinfo['userid']) {
                    json_error(ERR_NO_PERMISSION);
                }
                $thread['prefix_plain_html'] = $thread['prefixid'] ? htmlspecialchars_uni($vbphrase["prefix_{$thread['prefixid']}_title_plain"]) . ' ' : '';
                if ($thread['open'] == 10) {
                    if (!can_moderate($thread['forumid'], 'canmanagethreads')) {
                        // No permission to remove redirects.
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_thread_redirects', $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                    }
                } else {
                    if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
                    } else {
                        if ($thread['visible'] == 2 and !can_moderate($thread['forumid'], 'candeleteposts')) {
                            standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                        } else {
                            if (!can_moderate($thread['forumid'], 'canremoveposts')) {
                                if (!can_moderate($thread['forumid'], 'candeleteposts')) {
                                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                }
                            } else {
                                if (!can_moderate($thread['forumid'], 'candeleteposts')) {
                                    if (!can_moderate($thread['forumid'], 'canremoveposts')) {
                                        standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                    }
                                }
                            }
                        }
                    }
                }
                $threadarray["{$thread['threadid']}"] = $thread;
                $userids["{$thread['postuserid']}"] = true;
            }
            if (empty($threadarray)) {
                standard_error(fetch_error('you_did_not_select_any_valid_threads'));
            }
        } else {
            // posts
            // Validate posts
            $postarray = array();
            $posts = $db->query_read_slave("\n\t\t\tSELECT post.postid, post.threadid, post.visible, post.title, post.userid,\n\t\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.visible AS thread_visible, thread.firstpostid\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\t");
            while ($post = $db->fetch_array($posts)) {
                $forumperms = fetch_permissions($post['forumid']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) {
                    json_error(ERR_NO_PERMISSION);
                }
                if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) {
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
                } else {
                    if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                    } else {
                        if (!can_moderate($post['forumid'], 'canremoveposts')) {
                            if (!can_moderate($post['forumid'], 'candeleteposts')) {
                                standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                            }
                        } else {
                            if (!can_moderate($post['forumid'], 'candeleteposts')) {
                                if (!can_moderate($post['forumid'], 'canremoveposts')) {
                                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                                }
                            }
                        }
                    }
                }
                $postarray["{$post['postid']}"] = $post;
                $userids["{$post['userid']}"] = true;
            }
            if (empty($postarray)) {
                standard_error(fetch_error('no_applicable_posts_selected'));
            }
        }
        $user_cache = array();
        foreach ($vbulletin->GPC['userid'] as $userid) {
            // check that userid appears somewhere in either posts / threads, if they don't then you're doing something naughty
            if (!isset($userids["{$userid}"])) {
                json_error(ERR_NO_PERMISSION);
            }
            $user_cache["{$userid}"] = fetch_userinfo($userid);
            cache_permissions($user_cache["{$userid}"]);
            $user_cache["{$userid}"]['joindate_string'] = vbdate($vbulletin->options['dateformat'], $user_cache["{$userid}"]['joindate']);
        }
        if ($banusers) {
            require_once DIR . '/includes/adminfunctions.php';
            require_once DIR . '/includes/functions_banning.php';
            if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers'))) {
                json_error(ERR_NO_PERMISSION);
            }
            // check that user has permission to ban the person they want to ban
            if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
                foreach ($user_cache as $userid => $userinfo) {
                    if (can_moderate(0, '', $userinfo['userid'], $userinfo['usergroupid'] . (trim($userinfo['membergroupids']) ? ",{$userinfo['membergroupids']}" : '')) or $userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or $userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'] or is_unalterable_user($userinfo['userid'])) {
                        standard_error(fetch_error('no_permission_ban_non_registered_users'));
                    }
                }
            } else {
                foreach ($user_cache as $userid => $userinfo) {
                    if ($userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or is_unalterable_user($userinfo['userid'])) {
                        standard_error(fetch_error('no_permission_ban_non_registered_users'));
                    }
                }
            }
        }
        $vbulletin->input->clean_array_gpc('p', array('deleteother' => TYPE_BOOL, 'type' => TYPE_STR, 'deletetype' => TYPE_UINT, 'deletereason' => TYPE_STR, 'keepattachments' => TYPE_BOOL));
        $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']);
        // Check if we have users to punish
        if (!empty($user_cache)) {
            if ($banusers) {
                $vbulletin->input->clean_array_gpc('p', array('usergroupid' => TYPE_UINT, 'period' => TYPE_STR, 'reason' => TYPE_STR));
                $vbulletin->GPC['reason'] = prepare_remote_utf8_string($vbulletin->GPC['reason']);
                if (!isset($vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]) or $vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']) {
                    standard_error(fetch_error('invalid_usergroup_specified'));
                }
                // check that the number of days is valid
                if ($vbulletin->GPC['period'] != 'PERMANENT' and !preg_match('#^(D|M|Y)_[1-9][0-9]?$#', $vbulletin->GPC['period'])) {
                    standard_error(fetch_error('invalid_ban_period_specified'));
                }
                if ($vbulletin->GPC['period'] == 'PERMANENT') {
                    // make this ban permanent
                    $liftdate = 0;
                } else {
                    // get the unixtime for when this ban will be lifted
                    $liftdate = convert_date_to_timestamp($vbulletin->GPC['period']);
                }
                $user_dms = array();
                $current_bans = $db->query_read("\n\t\t\t\t\tSELECT user.userid, userban.liftdate, userban.bandate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userban AS userban ON(userban.userid = user.userid)\n\t\t\t\t\tWHERE user.userid IN (" . implode(',', array_keys($user_cache)) . ")\n\t\t\t\t");
                while ($current_ban = $db->fetch_array($current_bans)) {
                    $userinfo = $user_cache["{$current_ban['userid']}"];
                    $userid = $userinfo['userid'];
                    if ($current_ban['bandate']) {
                        // they already have a ban, check if the current one is being made permanent, continue if its not
                        if ($liftdate and $liftdate < $current_ban['liftdate']) {
                            continue;
                        }
                        // there is already a record - just update this record
                        $db->query_write("\n\t\t\t\t\t\t\tUPDATE " . TABLE_PREFIX . "userban SET\n\t\t\t\t\t\t\tbandate = " . TIMENOW . ",\n\t\t\t\t\t\t\tliftdate = {$liftdate},\n\t\t\t\t\t\t\tadminid = " . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t\treason = '" . $db->escape_string($vbulletin->GPC['reason']) . "'\n\t\t\t\t\t\t\tWHERE userid = {$userinfo['userid']}\n\t\t\t\t\t\t");
                    } else {
                        // insert a record into the userban table
                        /*insert query*/
                        $db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "userban\n\t\t\t\t\t\t\t(userid, usergroupid, displaygroupid, customtitle, usertitle, adminid, bandate, liftdate, reason)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$userinfo['userid']}, {$userinfo['usergroupid']}, {$userinfo['displaygroupid']}, {$userinfo['customtitle']}, '" . $db->escape_string($userinfo['usertitle']) . "', " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ", {$liftdate}, '" . $db->escape_string($vbulletin->GPC['reason']) . "')\n\t\t\t\t\t\t");
                    }
                    // update the user record
                    $user_dms[$userid] =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
                    $user_dms[$userid]->set_existing($userinfo);
                    $user_dms[$userid]->set('usergroupid', $vbulletin->GPC['usergroupid']);
                    $user_dms[$userid]->set('displaygroupid', 0);
                    // update the user's title if they've specified a special user title for the banned group
                    if ($vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['usertitle'] != '') {
                        $user_dms[$userid]->set('usertitle', $vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['usertitle']);
                        $user_dms[$userid]->set('customtitle', 0);
                    }
                    $user_dms[$userid]->pre_save();
                }
                foreach ($user_dms as $userdm) {
                    $userdm->save();
                }
            }
        }
        // delete threads that are defined explicitly as spam by being ticked
        $physicaldel = $vbulletin->GPC['deletetype'] == 2 ? true : false;
        $skipped_user_prune = array();
        if ($vbulletin->GPC['deleteother'] and !empty($user_cache) and can_moderate(-1, 'canmassprune')) {
            $remove_all_posts = array();
            $user_checks = $db->query_read_slave("SELECT COUNT(*) AS total, userid AS userid FROM " . TABLE_PREFIX . "post WHERE userid IN (" . implode(', ', array_keys($user_cache)) . ") GROUP BY userid");
            while ($user_check = $db->fetch_array($user_checks)) {
                if (intval($user_check['total']) <= 50) {
                    $remove_all_posts[] = $user_check['userid'];
                } else {
                    $skipped_user_prune[] = $user_check['userid'];
                }
            }
            if (!empty($remove_all_posts)) {
                $threads = $db->query_read_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE postuserid IN (" . implode(', ', $remove_all_posts) . ")");
                while ($thread = $db->fetch_array($threads)) {
                    $threadids[] = $thread['threadid'];
                }
                // Yes this can pick up firstposts of threads but we check later on when fetching info, so it won't matter if its already deleted
                $posts = $db->query_read_slave("SELECT postid FROM " . TABLE_PREFIX . "post WHERE userid IN (" . implode(', ', $remove_all_posts) . ")");
                while ($post = $db->fetch_array($posts)) {
                    $postids[] = $post['postid'];
                }
            }
        }
        if (!empty($threadids)) {
            // Validate threads
            $threads = $db->query_read_slave("\n\t\t\tSELECT threadid, open, visible, forumid, title, postuserid\n\t\t\tFROM " . TABLE_PREFIX . "thread\n\t\t\tWHERE threadid IN (" . implode(',', $threadids) . ")\n\t\t");
            while ($thread = $db->fetch_array($threads)) {
                $forumperms = fetch_permissions($thread['forumid']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $thread['postuserid'] != $vbulletin->userinfo['userid']) {
                    json_error(ERR_NO_PERMISSION);
                }
                if ($thread['open'] == 10 and !can_moderate($thread['forumid'], 'canmanagethreads')) {
                    // No permission to remove redirects.
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_thread_redirects', $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                } else {
                    if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
                    } else {
                        if ($thread['visible'] == 2 and !can_moderate($thread['forumid'], 'candeleteposts')) {
                            standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                        } else {
                            if ($thread['open'] != 10) {
                                if (!can_moderate($thread['forumid'], 'canremoveposts') and $physicaldel) {
                                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                } else {
                                    if (!can_moderate($thread['forumid'], 'candeleteposts') and !$physicaldel) {
                                        standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                    }
                                }
                            }
                        }
                    }
                }
                $threadarray["{$thread['threadid']}"] = $thread;
                $forumlist["{$thread['forumid']}"] = true;
            }
        }
        $delinfo = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']);
        foreach ($threadarray as $threadid => $thread) {
            $countposts = $vbulletin->forumcache["{$thread['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['countposts'];
            if (!$physicaldel and $thread['visible'] == 2) {
                # Thread is already soft deleted
                continue;
            }
            $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
            $threadman->set_existing($thread);
            // Redirect
            if ($thread['open'] == 10) {
                $threadman->delete(false, true, $delinfo);
            } else {
                $threadman->delete($countposts, $physicaldel, $delinfo);
            }
            unset($threadman);
        }
        if (!empty($postids)) {
            // Validate Posts
            $posts = $db->query_read_slave("\n\t\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title,\n\t\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\t\tORDER BY postid\n\t\t");
            while ($post = $db->fetch_array($posts)) {
                $postarray["{$post['postid']}"] = $post;
                $threadlist["{$post['threadid']}"] = true;
                $forumlist["{$post['forumid']}"] = true;
                if ($post['firstpostid'] == $post['postid']) {
                    // deleting a thread so do not decremement the counters of any other posts in this thread
                    $firstpost["{$post['threadid']}"] = true;
                } else {
                    if (!empty($firstpost["{$post['threadid']}"])) {
                        $postarray["{$post['postid']}"]['skippostcount'] = true;
                    }
                }
            }
        }
        $gotothread = true;
        foreach ($postarray as $postid => $post) {
            $foruminfo = fetch_foruminfo($post['forumid']);
            $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost');
            $postman->set_existing($post);
            $postman->delete($foruminfo['countposts'] and !$post['skippostcount'], $post['threadid'], $physicaldel, $delinfo);
            unset($postman);
            if ($vbulletin->GPC['threadid'] == $post['threadid'] and $post['postid'] == $post['firstpostid']) {
                // we've deleted the thread that we activated this action from so we can only return to the forum
                $gotothread = false;
            } else {
                if ($post['postid'] == $postinfo['postid'] and $physicaldel) {
                    // we came in via a post, which we have deleted so we have to go back to the thread
                    $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . 't=' . $vbulletin->GPC['threadid'];
                }
            }
        }
        foreach (array_keys($threadlist) as $threadid) {
            build_thread_counters($threadid);
        }
        foreach (array_keys($forumlist) as $forumid) {
            build_forum_counters($forumid);
        }
        // empty cookie
        if ($vbulletin->GPC['type'] == 'thread') {
            setcookie('vbulletin_inlinethread', '', TIMENOW - 3600, '/');
        } else {
            setcookie('vbulletin_inlinepost', '', TIMENOW - 3600, '/');
        }
    }
    return array('success' => true);
}
Beispiel #2
0
     eval(standard_error(fetch_error('moveillegalforum')));
 }
 if ($threadinfo['isdeleted'] and !can_moderate($destforuminfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($destforuminfo['forumid'], 'canmoderateposts')) {
     ## Insert proper phrase about not being able to move a hidden thread to a forum you can't moderateposts in or a deleted thread to a forum you can't deletethreads in
     eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
 }
 // check source forum permissions
 if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
     if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'])) {
         print_no_permission();
     } else {
         if (!$threadinfo['open'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) {
             $vbulletin->url = fetch_seo_url('thread', $threadinfo);
             print_standard_redirect('redirect_threadclosed', true, true);
         }
         if (!is_first_poster($threadid)) {
             print_no_permission();
         }
     }
 }
 // check destination forum permissions
 $destforumperms = fetch_permissions($destforuminfo['forumid']);
 if (!($destforumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
     print_no_permission();
 }
 // check if there is a forum password and if so, ensure the user has it set
 verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
 verify_forum_password($destforuminfo['forumid'], $destforuminfo['password']);
 // check to see if this thread is being returned to a forum it's already been in
 // if a redirect exists already in the destination forum, remove it
 if ($checkprevious = $db->query_first_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE forumid = {$destforuminfo['forumid']} AND open = 10 AND pollid = {$threadid}")) {
Beispiel #3
0
 public function checkOwner($userId = '')
 {
     if (empty($userId)) {
         $userId = $this->_vbulletin->userinfo['userid'];
     }
     if (can_moderate($this->_forumId)) {
         return true;
     }
     if (is_first_poster($this->_threadId)) {
         return true;
     }
     return false;
     //        global $vbulletin;
     //        if (empty($userId)) {
     //            $userId = $vbulletin->userinfo['userId'];
     //        }
     //        if (!empty($mangaId)) {
     //            $this->get($mangaId);
     //        }
     //
     //        if (!empty($this->fansubmember)) {
     //            foreach ($this->fansubmember as $fansubmembers) {
     //                if (in_array($userId, explode(',', $fansubmembers))) {
     //                    return true;
     //                }
     //            }
     //            return false;
     //        } else {
     //            return false;
     //        }
 }