$sql = 'SELECT * FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($post) { if (!class_exists('Akismet')) { global $phpbb_root_path, $phpEx; include $phpbb_root_path . 'antispam/Akismet.class.' . $phpEx; } $post['decoded_text'] = $post['post_text']; decode_message($post['decoded_text'], $post['bbcode_uid']); $akismet = new Akismet($config['asacp_akismet_domain'], $config['asacp_akismet_key']); $akismet->setUserIP($post['poster_ip']); $akismet->setReferrer(''); $akismet->setCommentUserAgent(''); $akismet->setCommentType('comment'); $akismet->setCommentAuthor($user_row['username']); $akismet->setCommentAuthorEmail($user_row['user_email']); $akismet->setCommentContent($post['decoded_text']); $akismet->submitSpam(); } } trigger_error(sprintf($user->lang['ASACP_BAN_COMPLETE'], append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=viewprofile&u={$user_id}"))); } else { if (isset($_REQUEST['confirm_key']) && $error) { // Hack to fix the confirm_box if we need to come back to it because of an error unset($_REQUEST['confirm_key']); } // Build the ban actions string $user->add_lang('mods/acp_asacp');
function delete_comment() { // Lock this shit down!!! if ($this->user['user_level'] < USER_PRIVILEGED) { return $this->module->error('Access Denied: You do not have permission to perform that action.'); } if (!isset($this->module->get['c'])) { return $this->module->message('Delete Comment', 'No comment was specified for editing.'); } $c = intval($this->module->get['c']); $comment = $this->db->quick_query('SELECT c.*, u.* FROM %pblogcomments c LEFT JOIN %pusers u ON u.user_id=c.comment_user WHERE comment_id=%d', $c); if (!$comment) { return $this->module->message('Delete Comment', 'No such comment was found for deletion.'); } if ($this->user['user_id'] != $comment['comment_user'] && $this->user['user_level'] < USER_CONTRIBUTOR) { return $this->module->error('Access Denied: You do not own the comment you are attempting to delete.'); } // After 3 hours, you're stuck with it if you're a regular member. if ($this->user['user_level'] == USER_PRIVILEGED && $this->module->time - $comment['comment_date'] > 10800) { return $this->module->error('Access Denied: You cannot delete your comments after 3 hours have gone by.'); } $user = null; if ($comment['comment_type'] == COMMENT_BLOG) { $user = $this->db->quick_query('SELECT post_user FROM %pblogposts WHERE post_id=%d', $comment['comment_post']); } elseif ($comment['comment_type'] == COMMENT_GALLERY) { $user = $this->db->quick_query('SELECT photo_user FROM %pphotogallery WHERE photo_id=%d', $comment['comment_post']); } elseif ($comment['comment_type'] == COMMENT_FILE) { $user = $this->db->quick_query('SELECT file_user FROM %pfilelist WHERE file_id=%d', $comment['comment_post']); } if (!$user) { return $this->module->error('Access Denied: You do not own the entry you are trying to edit.'); } if ($this->user['user_level'] == USER_CONTRIBUTOR) { switch ($comment['comment_type']) { case COMMENT_BLOG: if ($this->user['user_id'] != $user['post_user'] && $this->user['user_id'] != $comment['comment_user']) { return $this->module->error('Access Denied: You do not own the blog entry you are trying to edit.'); } break; case COMMENT_GALLERY: if ($this->user['user_id'] != $user['photo_user'] && $this->user['user_id'] != $comment['comment_user']) { return $this->module->error('Access Denied: You do not own the image entry you are trying to edit.'); } break; case COMMENT_FILE: if ($this->user['user_id'] != $user['file_user'] && $this->user['user_id'] != $comment['comment_user']) { return $this->module->error('Access Denied: You do not own the download entry you are trying to edit.'); } break; default: return $this->module->error('Unknown comment type selected for editing.'); } } if (isset($this->module->get['t']) && $this->module->get['t'] == 'spam') { if ($this->user['user_level'] < USER_CONTRIBUTOR) { return $this->module->error('Access Denied: You are not authorized to report spam.'); } } $page = ''; if ($comment['comment_type'] == COMMENT_BLOG) { $page = 'blog'; } elseif ($comment['comment_type'] == COMMENT_GALLERY) { $page = 'gallery'; } elseif ($comment['comment_type'] == COMMENT_FILE) { $page = 'downloads'; } if (!isset($this->module->get['confirm'])) { $author = htmlspecialchars($comment['user_name']); $params = POST_BBCODE | POST_EMOTICONS; $text = $this->module->format($comment['comment_message'], $params); $date = date($this->settings['blog_dateformat'], $comment['comment_date']); $msg = "<div class=\"title\">Comment by {$author} Posted on: {$date}</div><div class=\"article\">{$text}</div>"; $link = "index.php?a={$page}&s=del_comment&c={$c}&confirm=1"; $sp = null; if (isset($this->module->get['t']) && $this->module->get['t'] == 'spam') { $link .= '&t=spam'; $sp = '<br />This comment will be reported as spam.'; } $msg .= "<div class=\"title\" style=\"text-align:center\">Are you sure you want to delete this comment?{$sp}</div>"; return $this->module->message('DELETE COMMENT', $msg, 'Delete', $link, 0); } $out = null; if (isset($this->module->get['t']) && $this->module->get['t'] == 'spam') { // Time to report the spammer before we delete the comment. Hopefully this is enough info to strike back with. require_once 'lib/akismet.php'; $akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->module->version); $akismet->setCommentAuthor($comment['user_name']); $akismet->setCommentAuthorURL($comment['user_url']); $akismet->setCommentContent($comment['comment_message']); $akismet->setUserIP($comment['comment_ip']); $akismet->setReferrer($comment['comment_referrer']); $akismet->setCommentUserAgent($comment['comment_agent']); $akismet->setCommentType('comment'); $akismet->submitSpam(); $this->settings['spam_count']++; $this->settings['spam_uncaught']++; $this->module->save_settings(); $out .= 'Comment tagged as spam and reported.<br />'; } $this->db->dbquery('DELETE FROM %pblogcomments WHERE comment_id=%d', $c); if ($comment['comment_type'] == COMMENT_BLOG) { $this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count-1 WHERE post_id=%d', $comment['comment_post']); } elseif ($comment['comment_type'] == COMMENT_GALLERY) { $this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count-1 WHERE photo_id=%d', $comment['comment_post']); } elseif ($comment['comment_type'] == COMMENT_FILE) { $this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count-1 WHERE file_id=%d', $comment['comment_post']); } $out .= 'Comment has been deleted.'; return $this->module->message('Delete Comment', $out, 'Continue', "index.php?a={$page}&p={$comment['comment_post']}"); }
function delete_comment() { if (!isset($this->get['c'])) { return $this->message('Delete Comment', 'No comment was specified for editing.'); } $c = intval($this->get['c']); $comment = $this->db->quick_query('SELECT c.*, u.* FROM %pblogcomments c LEFT JOIN %pusers u ON u.user_id=c.comment_user WHERE comment_id=%d', $c); if (!$comment) { return $this->message('Delete Comment', 'No such comment was found for deletion.'); } if (!isset($this->get['confirm'])) { $xtpl = new XTemplate('./skins/' . $this->skin . '/AdminCP/post_comment_edit.xtpl'); $xtpl->assign('token', $this->generate_token()); $xtpl->assign('author', htmlspecialchars($comment['user_name'])); $params = POST_BBCODE | POST_EMOTICONS; $xtpl->assign('text', $this->format($comment['comment_message'], $params)); $xtpl->assign('date', date($this->settings['blog_dateformat'], $comment['comment_date'])); $link = 'admin.php?a=posts&s=del_comment&c=' . $c; $sp = null; if (isset($this->get['t']) && $this->get['t'] == 'spam') { $link .= '&t=spam'; $sp = '<br />This comment will be reported as spam.'; } $xtpl->assign('action_link', $link); $xtpl->assign('sp', $sp); $xtpl->parse('Comment.Delete'); return $xtpl->text('Comment.Delete'); } if (!$this->is_valid_token()) { return $this->error('Invalid or expired security token. Please go back, reload the form, and try again.'); } $out = null; if (isset($this->get['t']) && $this->get['t'] == 'spam') { // Time to report the spammer before we delete the comment. Hopefully this is enough info to strike back with. require_once 'lib/akismet.php'; $akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key']); $akismet->setCommentAuthor($comment['user_name']); $akismet->setCommentAuthorURL($comment['user_url']); $akismet->setCommentContent($comment['comment_message']); $akismet->setUserIP($comment['comment_ip']); $akismet->setReferrer($comment['comment_referrer']); $akismet->setCommentUserAgent($comment['comment_agent']); $akismet->setCommentType('comment'); $akismet->submitSpam(); $this->settings['spam_count']++; $this->settings['spam_uncaught']++; $this->save_settings(); $out .= 'Comment tagged as spam and reported.<br />'; } $this->db->dbquery('DELETE FROM %pblogcomments WHERE comment_id=%d', $c); if ($comment['comment_type'] == COMMENT_BLOG) { $this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count-1 WHERE post_id=%d', $comment['comment_post']); } elseif ($comment['comment_type'] == COMMENT_GALLERY) { $this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count-1 WHERE photo_id=%d', $comment['comment_post']); } elseif ($comment['comment_type'] == COMMENT_FILE) { $this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count-1 WHERE file_id=%d', $comment['comment_post']); } $out .= 'Comment has been deleted.'; return $this->message('Delete Comment', $out, 'Continue', "admin.php?a=posts&s=edit&p={$comment['comment_post']}"); }
function execute() { $svars = array(); $this->title('Spam Control'); if (isset($this->get['s'])) { switch ($this->get['s']) { case 'keytest': return $this->test_akismet_key(); } } if (!isset($this->get['p'])) { return $this->display_spam_comments(); } if (!$this->is_valid_token()) { return $this->error('Invalid or expired security token. Please go back, reload the form, and try again.'); } $p = intval($this->get['p']); if ($p == 0) { $this->db->dbquery('TRUNCATE TABLE %pspam'); return $this->message('Spam Control', 'All entries in the spam table have been cleared.', 'Continue', 'admin.php?a=spam'); } $spam = $this->db->quick_query('SELECT s.*, u.user_name, u.user_url, u.user_id FROM %pspam s LEFT JOIN %pusers u ON u.user_id=s.spam_user WHERE spam_id=%d', $p); if (!$spam) { return $this->message('Spam Control', 'There is no such spam comment.', 'Continue', 'admin.php?a=spam'); } $out = ''; if (!isset($this->get['s']) || $this->get['s'] != 'delete_spam') { $svars = json_decode($spam['spam_server'], true); // Setup and deliver the information to flag this comment as legit with Akismet. require_once 'lib/akismet.php'; $akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->version); $akismet->setCommentAuthor($spam['spam_author']); $akismet->setCommentAuthorURL($spam['user_url']); $akismet->setCommentContent($spam['spam_message']); $akismet->setUserIP($spam['spam_ip']); $akismet->setReferrer($svars['HTTP_REFERER']); $akismet->setCommentUserAgent($svars['HTTP_USER_AGENT']); $akismet->setCommentType('Sandbox'); $akismet->submitHam(); $q = $spam['spam_post']; $author = $spam['user_id']; $author_name = $spam['spam_author']; $message = $spam['spam_message']; $url = $spam['spam_url']; $time = $spam['spam_date']; $ip = $spam['spam_ip']; $type = $spam['spam_type']; $this->settings['spam_count']--; $this->settings['ham_count']++; $this->save_settings(); $this->db->dbquery("INSERT INTO %pblogcomments\n\t\t\t (comment_post, comment_user, comment_author, comment_message, comment_date, comment_ip, comment_type)\n\t\t\t VALUES (%d, %d, '%s', '%s', %d, '%s', %d)", $q, $author, $author_name, $message, $time, $ip, $type); if ($type == COMMENT_BLOG) { $this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count+1 WHERE post_id=%d', $q); } elseif ($type == COMMENT_GALLERY) { $this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count+1 WHERE photo_id=%d', $q); } elseif ($type == COMMENT_FILE) { $this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count+1 WHERE file_id=%d', $q); } $out .= 'Comment has been posted and Akismet notified of false positive.<br />'; } $this->db->dbquery('DELETE FROM %pspam WHERE spam_id=%d', $p); $out .= 'Message deleted from spam table.'; return $this->message('Spam Control', $out, 'Continue', 'admin.php?a=spam'); }