/**
* Moderates an item
*
* This will actually perform moderation (approve or delete) one or more items
*
* @param array $mid Array of items
* @param array $action Array of actions to perform on items
* @param string $type Type of items ('story', etc.)
* @param int $count Number of items to moderate
* @return string HTML for "command and control" page
*
*/
function moderation($mid, $action, $type, $count)
{
global $_CONF, $_TABLES;
$retval = '';
switch ($type) {
case 'story':
$id = 'sid';
$table = $_TABLES['stories'];
$submissiontable = $_TABLES['storysubmission'];
$fields = 'sid,uid,tid,title,introtext,date,postmode';
break;
case 'comment':
$id = 'cid';
$submissiontable = $_TABLES['commentsubmissions'];
$sidArray[] = '';
break;
default:
if (strlen($type) <= 0) {
// something is terribly wrong, bail
$retval .= COM_errorLog("Unable to find type of {$type} in moderation() in moderation.php");
return $retval;
}
list($id, $table, $fields, $submissiontable) = PLG_getModerationValues($type);
}
// Set true if an valid action other than delete_all is selected
$formaction = false;
for ($i = 0; $i < $count; $i++) {
if (isset($action[$i]) and $action[$i] != '') {
$formaction = true;
} else {
continue;
}
switch ($action[$i]) {
case 'delete':
if (!empty($type) && $type != 'story' && $type != 'draft') {
// There may be some plugin specific processing that needs to
// happen first.
$retval .= PLG_deleteSubmission($type, $mid[$i]);
}
if (empty($mid[$i])) {
$retval .= COM_errorLog("moderation.php just tried deleting everything in table {$submissiontable} because it got an empty id. Please report this immediately to your site administrator");
return $retval;
}
if ($type == 'draft') {
STORY_deleteStory($mid[$i]);
} else {
DB_delete($submissiontable, "{$id}", $mid[$i]);
}
break;
case 'approve':
if ($type == 'story') {
$result = DB_query("SELECT * FROM {$_TABLES['storysubmission']} WHERE sid = '{$mid[$i]}'");
$A = DB_fetchArray($result);
$A['related'] = addslashes(implode("\n", STORY_extractLinks($A['introtext'])));
$A['owner_id'] = $A['uid'];
$A['title'] = addslashes($A['title']);
$A['introtext'] = addslashes($A['introtext']);
$A['bodytext'] = addslashes($A['bodytext']);
$result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag FROM {$_TABLES['topics']} WHERE tid = '{$A['tid']}'");
$T = DB_fetchArray($result);
if ($T['archive_flag'] == 1) {
$frontpage = 0;
} else {
if (isset($_CONF['frontpage'])) {
$frontpage = $_CONF['frontpage'];
} else {
$frontpage = 1;
}
}
DB_save($_TABLES['stories'], 'sid,uid,tid,title,introtext,bodytext,related,date,show_topic_icon,commentcode,trackbackcode,postmode,frontpage,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$A['sid']}',{$A['uid']},'{$A['tid']}','{$A['title']}','{$A['introtext']}','{$A['bodytext']}','{$A['related']}','{$A['date']}','{$_CONF['show_topic_icon']}','{$_CONF['comment_code']}','{$_CONF['trackback_code']}','{$A['postmode']}',{$frontpage},{$A['owner_id']},{$T['group_id']},{$T['perm_owner']},{$T['perm_group']},{$T['perm_members']},{$T['perm_anon']}");
DB_delete($_TABLES['storysubmission'], "{$id}", $mid[$i]);
PLG_itemSaved($A['sid'], 'article');
COM_rdfUpToDateCheck();
COM_olderStuff();
} else {
if ($type == 'draft') {
DB_query("UPDATE {$_TABLES['stories']} SET draft_flag = 0 WHERE sid = '{$mid[$i]}'");
COM_rdfUpToDateCheck();
COM_olderStuff();
} else {
if ($type == 'comment') {
$sid = CMT_approveModeration($mid[$i]);
if (!in_array($sid, $sidArray)) {
$sidArray[$i] = $sid;
}
} else {
// This is called in case this is a plugin. There may be some
// plugin specific processing that needs to happen.
DB_copy($table, $fields, $fields, $submissiontable, $id, $mid[$i]);
$retval .= PLG_approveSubmission($type, $mid[$i]);
}
}
}
break;
}
}
// after loop update comment tree and count for each story
if (isset($sidArray)) {
foreach ($sidArray as $sid) {
CMT_rebuildTree($sid);
//update comment count of stories;
$comments = DB_count($_TABLES['comments'], 'sid', $sid);
DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $sid);
}
}
//Add new comment users to group comment.submit group
if (isset($_POST['publishfuture'])) {
for ($i = 0; $i < count($_POST['publishfuture']); $i++) {
$uid = COM_applyFilter($_POST['publishfuture'][$i], true);
if ($uid > 1 && !SEC_inGroup('Comment Submitters', $uid)) {
SEC_addUserToGroup($uid, 'Comment Submitters');
}
}
}
// Check if there was no direct action used on the form
// and if the delete_all submit action was used
if (!$formaction and isset($_POST['delitem'])) {
foreach ($_POST['delitem'] as $delitem) {
$delitem = COM_applyFilter($delitem);
if (!empty($type) && $type != 'story' && $type != 'draft') {
// There may be some plugin specific processing that needs to
// happen first.
$retval .= PLG_deleteSubmission($type, $delitem);
}
if ($type == 'draft') {
STORY_deleteStory($delitem);
} else {
DB_delete($submissiontable, "{$id}", $delitem);
}
}
}
$retval .= commandcontrol(SEC_createToken());
return $retval;
}
/**
* Displays items needing moderation
*
* Displays the moderation list of items from the submission tables
*
* @type string Type of object to build list for
*
*/
function MODERATE_itemList($type = '', $token)
{
global $_CONF, $_TABLES, $LANG01, $LANG24, $LANG29, $LANG_ADMIN, $_IMAGE_TYPE;
$retval = '';
if (empty($type)) {
COM_errorLog("Submissions Error: Attempted to generate a moderation list for a null item type.");
} else {
switch ($type) {
case 'user':
// user -----------------------------------------------
$result = DB_query("SELECT uid,username,fullname,email,UNIX_TIMESTAMP(regdate) AS day FROM {$_TABLES['users']} WHERE status = 2");
$nrows = DB_numRows($result);
if ($nrows > 0) {
$data_arr = array();
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$A['edit'] = $_CONF['site_admin_url'] . '/user.php?edit=x&uid=' . $A['uid'];
$A['fullname'] = $A['fullname'];
$A['email'] = $A['email'];
$A['_type_'] = 'user';
$A['_key_'] = 'uid';
$data_arr[$i] = $A;
}
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 0, 'align' => 'center', 'width' => '25px'), array('text' => $LANG29[16], 'field' => 1, 'nowrap' => true), array('text' => $LANG29[17], 'field' => 2), array('text' => $LANG29[18], 'field' => 3, 'nowrap' => true), array('text' => $LANG29[47], 'field' => 4, 'align' => 'center'), array('text' => $LANG29[1], 'field' => 'approve', 'align' => 'center', 'width' => '35px'), array('text' => $LANG_ADMIN['delete'], 'field' => 'delete', 'align' => 'center', 'width' => '35px'));
$text_arr = array('has_menu' => false, 'title' => $LANG29[40], 'help_url' => 'ccusersubmission.html', 'no_data' => '', 'form_url' => "{$_CONF['site_admin_url']}/moderation.php");
$actions = '<input name="approve" type="image" src="' . $_CONF['layout_url'] . '/images/admin/accept.' . $_IMAGE_TYPE . '" style="vertical-align:bottom;" title="' . $LANG29[44] . '" onclick="return confirm(\'' . $LANG29[45] . '\');"' . '/> ' . $LANG29[1];
$actions .= ' ';
$actions .= '<input name="delbutton" type="image" src="' . $_CONF['layout_url'] . '/images/admin/delete.' . $_IMAGE_TYPE . '" style="vertical-align:text-bottom;" title="' . $LANG01[124] . '" onclick="return confirm(\'' . $LANG01[125] . '\');"' . '/> ' . $LANG_ADMIN['delete'];
$options = array('chkselect' => true, 'chkfield' => 'uid', 'chkname' => 'selitem', 'chkminimum' => 0, 'chkall' => false, 'chkactions' => $actions);
$form_arr['bottom'] = '<input type="hidden" name="type" value="user"/>' . LB . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"/>' . LB . '<input type="hidden" name="moderation" value="x"/>' . LB . '<input type="hidden" name="count" value="' . $nrows . '"/>';
$retval = ADMIN_simpleList('MODERATE_getListField', $header_arr, $text_arr, $data_arr, $options, $form_arr, $token);
}
break;
case 'draftstory':
// draft story ----------------------------------
$result = DB_query("SELECT sid AS id,title,UNIX_TIMESTAMP(date) AS day,tid,uid FROM {$_TABLES['stories']} WHERE (draft_flag = 1)" . COM_getTopicSQL('AND') . COM_getPermSQL('AND', 0, 3) . " ORDER BY date ASC");
$nrows = DB_numRows($result);
if ($nrows > 0) {
$data_arr = array();
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$A['edit'] = $_CONF['site_admin_url'] . '/story.php?draft=x&sid=' . $A['id'];
$A['title'] = $A['title'];
$A['tid'] = $A['tid'];
$A['_type_'] = 'draftstory';
$A['_key_'] = 'sid';
$data_arr[$i] = $A;
}
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 0, 'align' => 'center', 'width' => '25px'), array('text' => $LANG29[10], 'field' => 'title'), array('text' => $LANG29[14], 'field' => 'day', 'align' => 'center', 'width' => '15%'), array('text' => $LANG29[15], 'field' => 'tid', 'width' => '20%'), array('text' => $LANG29[46], 'field' => 'uid', 'width' => '15%', 'nowrap' => true), array('text' => $LANG29[1], 'field' => 'approve', 'align' => 'center', 'width' => '35px'), array('text' => $LANG_ADMIN['delete'], 'field' => 'delete', 'align' => 'center', 'width' => '35px'));
$text_arr = array('has_menu' => false, 'title' => $LANG29[35] . ' (' . $LANG24[34] . ')', 'help_url' => '', 'no_data' => $LANG29[39], 'form_url' => "{$_CONF['site_admin_url']}/moderation.php");
$actions = '<input name="approve" type="image" src="' . $_CONF['layout_url'] . '/images/admin/accept.' . $_IMAGE_TYPE . '" style="vertical-align:bottom;" title="' . $LANG29[44] . '" onclick="return confirm(\'' . $LANG29[45] . '\');"' . '/> ' . $LANG29[1];
$actions .= ' ';
$actions .= '<input name="delbutton" type="image" src="' . $_CONF['layout_url'] . '/images/admin/delete.' . $_IMAGE_TYPE . '" style="vertical-align:text-bottom;" title="' . $LANG01[124] . '" onclick="return confirm(\'' . $LANG01[125] . '\');"' . '/> ' . $LANG_ADMIN['delete'];
$options = array('chkselect' => true, 'chkfield' => 'id', 'chkname' => 'selitem', 'chkminimum' => 0, 'chkall' => false, 'chkactions' => $actions);
$form_arr['bottom'] = '<input type="hidden" name="type" value="draftstory"/>' . LB . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"/>' . LB . '<input type="hidden" name="count" value="' . $nrows . '"/>';
$retval .= ADMIN_simpleList('MODERATE_getListField', $header_arr, $text_arr, $data_arr, $options, $form_arr, $token);
}
break;
// draftstory
// draftstory
default:
// plugin -------------------------------------------------
$function = 'plugin_itemlist_' . $type;
if (function_exists($function)) {
$plugin = new Plugin();
$plugin = $function($token);
// if the plugin returns a string, it wants to control it's own
// moderation. as far as I can tell - no plugin has used this yet
// it appears to be a feature that was added in glFusion 1.1.0rc1
// but never actually used
if (is_string($plugin) && !empty($plugin)) {
return '<div class="block-box">' . $plugin . '</div>';
// otherwise this is a plugin object (historical approach)
} elseif (is_object($plugin)) {
$helpfile = $plugin->submissionhelpfile;
$sql = $plugin->getsubmissionssql;
$H = $plugin->submissionheading;
$section_title = $plugin->submissionlabel;
$section_help = $helpfile;
$isplugin = true;
}
}
// this needs to be removed when story moves into a plugin
if ($type == 'story') {
$isplugin = false;
}
// we really only need the id from this list, so that we know key/id field name
list($key, $table, $fields, $submissiontable) = PLG_getModerationValues($type);
// the first 4 columns default to Title, Date, Topic and Submitted By unless otherwise
// specified. not sure I like this approach - but whatever - it's not
// breaking anything at the momemnt
if (!isset($H[0]) || empty($H[0])) {
$H[0] = $LANG29[10];
}
if (!isset($H[1]) || empty($H[1])) {
$H[1] = $LANG29[14];
}
if (!isset($H[2]) || empty($H[2])) {
$H[2] = $LANG29[15];
}
if (!isset($H[3]) || empty($H[3])) {
$H[3] = $LANG29[46];
}
// run SQL but this time ignore any errors. note that the max items for
// each type that can be moderated is limited to 50
if (!empty($sql)) {
$sql .= ' LIMIT 50';
// quick'n'dirty workaround to prevent timeouts
$result = DB_query($sql, 1);
}
if (empty($sql) || DB_error()) {
$nrows = 0;
// more than likely a plugin that doesn't need moderation
} else {
$nrows = DB_numRows($result);
}
if ($nrows > 0) {
// only generate list html if there are items to moderate
$data_arr = array();
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
if ($isplugin) {
$A['edit'] = $_CONF['site_admin_url'] . '/plugins/' . $type . '/index.php?moderate=x' . '&' . $key . '=' . $A[0];
} else {
$A['edit'] = $_CONF['site_admin_url'] . '/' . $type . '.php?moderate=x' . '&' . $key . '=' . $A[0];
}
$A['_type_'] = $type;
// type of item
$A['_key_'] = $key;
// name of key/id field
$data_arr[$i] = $A;
// push row data into array
}
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 0, 'align' => 'center', 'width' => '25px'), array('text' => $H[0], 'field' => 1), array('text' => $H[1], 'field' => 2, 'align' => 'center', 'width' => '15%'), array('text' => $H[2], 'field' => 3, 'width' => '20%'), array('text' => $H[3], 'field' => 4, 'width' => '15%', 'nowrap' => true), array('text' => $LANG29[1], 'field' => 'approve', 'align' => 'center', 'width' => '35px'), array('text' => $LANG_ADMIN['delete'], 'field' => 'delete', 'align' => 'center', 'width' => '35px'));
$text_arr = array('has_menu' => false, 'title' => $section_title, 'help_url' => $section_help, 'no_data' => $LANG29[39], 'form_url' => "{$_CONF['site_admin_url']}/moderation.php");
$actions = '<input name="approve" type="image" src="' . $_CONF['layout_url'] . '/images/admin/accept.' . $_IMAGE_TYPE . '" style="vertical-align:bottom;" title="' . $LANG29[44] . '" onclick="return confirm(\'' . $LANG29[45] . '\');"' . '/> ' . $LANG29[1];
$actions .= ' ';
$actions .= '<input name="delbutton" type="image" src="' . $_CONF['layout_url'] . '/images/admin/delete.' . $_IMAGE_TYPE . '" style="vertical-align:text-bottom;" title="' . $LANG01[124] . '" onclick="return confirm(\'' . $LANG01[125] . '\');"' . '/> ' . $LANG_ADMIN['delete'];
$options = array('chkselect' => true, 'chkfield' => 'id', 'chkname' => 'selitem', 'chkminimum' => 0, 'chkall' => false, 'chkactions' => $actions);
$form_arr['bottom'] = '<input type="hidden" name="type" value="' . $type . '"/>' . LB . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"/>' . LB . '<input type="hidden" name="moderation" value="x"/>' . LB . '<input type="hidden" name="count" value="' . $nrows . '"/>';
$retval .= ADMIN_simpleList('MODERATE_getListField', $header_arr, $text_arr, $data_arr, $options, $form_arr, $token);
}
break;
// plugin
}
// switch ($type)
}
// !empty($type)
return $retval;
}
