/**
* Send the emails.
*
* - Sends off emails to all the moderators.
* - Sends to administrators and global moderators. (1 and 2)
* - Called by action_reporttm(), and thus has the same permission and setting requirements as it does.
* - Accessed through ?action=reporttm when posting.
*/
public function action_reporttm2()
{
global $txt, $scripturl, $topic, $board, $user_info, $modSettings, $language, $context;
// You must have the proper permissions!
isAllowedTo('report_any');
// Make sure they aren't spamming.
spamProtection('reporttm');
require_once SUBSDIR . '/Mail.subs.php';
// No errors, yet.
$report_errors = Error_Context::context('report', 1);
// Check their session.
if (checkSession('post', '', false) != '') {
$report_errors->addError('session_timeout');
}
// Make sure we have a comment and it's clean.
if (!isset($_POST['comment']) || Util::htmltrim($_POST['comment']) === '') {
$report_errors->addError('no_comment');
}
$poster_comment = strtr(Util::htmlspecialchars($_POST['comment']), array("\r" => '', "\t" => ''));
if (Util::strlen($poster_comment) > 254) {
$report_errors->addError('post_too_long');
}
// Guests need to provide their address!
if ($user_info['is_guest']) {
require_once SUBSDIR . '/DataValidator.class.php';
if (!Data_Validator::is_valid($_POST, array('email' => 'valid_email'), array('email' => 'trim'))) {
empty($_POST['email']) ? $report_errors->addError('no_email') : $report_errors->addError('bad_email');
}
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
$user_info['email'] = htmlspecialchars($_POST['email'], ENT_COMPAT, 'UTF-8');
}
// Could they get the right verification code?
if ($user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha'])) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'report');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$report_errors->addError($error, 0);
}
}
}
// Any errors?
if ($report_errors->hasErrors()) {
return $this->action_reporttm();
}
// Get the basic topic information, and make sure they can see it.
$msg_id = (int) $_POST['msg'];
$message = posterDetails($msg_id, $topic);
if (empty($message)) {
fatal_lang_error('no_board', false);
}
$poster_name = un_htmlspecialchars($message['real_name']) . ($message['real_name'] != $message['poster_name'] ? ' (' . $message['poster_name'] . ')' : '');
$reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
$subject = un_htmlspecialchars($message['subject']);
// Get a list of members with the moderate_board permission.
require_once SUBSDIR . '/Members.subs.php';
$moderators = membersAllowedTo('moderate_board', $board);
$result = getBasicMemberData($moderators, array('preferences' => true, 'sort' => 'lngfile'));
$mod_to_notify = array();
foreach ($result as $row) {
if ($row['notify_types'] != 4) {
$mod_to_notify[] = $row;
}
}
// Check that moderators do exist!
if (empty($mod_to_notify)) {
fatal_lang_error('no_mods', false);
}
// If we get here, I believe we should make a record of this, for historical significance, yabber.
if (empty($modSettings['disable_log_report'])) {
require_once SUBSDIR . '/Messages.subs.php';
$id_report = recordReport($message, $poster_comment);
// If we're just going to ignore these, then who gives a monkeys...
if ($id_report === false) {
redirectexit('topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id);
}
}
// Find out who the real moderators are - for mod preferences.
require_once SUBSDIR . '/Boards.subs.php';
$real_mods = getBoardModerators($board, true);
// Send every moderator an email.
foreach ($mod_to_notify as $row) {
// Maybe they don't want to know?!
if (!empty($row['mod_prefs'])) {
list(, , $pref_binary) = explode('|', $row['mod_prefs']);
if (!($pref_binary & 1) && (!($pref_binary & 2) || !in_array($row['id_member'], $real_mods))) {
continue;
}
}
$replacements = array('TOPICSUBJECT' => $subject, 'POSTERNAME' => $poster_name, 'REPORTERNAME' => $reporterName, 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id, 'REPORTLINK' => !empty($id_report) ? $scripturl . '?action=moderate;area=reports;report=' . $id_report : '', 'COMMENT' => $_POST['comment']);
$emaildata = loadEmailTemplate('report_to_moderator', $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
// Send it to the moderator.
sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], $user_info['email'], null, false, 2);
}
// Keep track of when the mod reports get updated, that way we know when we need to look again.
updateSettings(array('last_mod_report_action' => time()));
// Back to the post we reported!
redirectexit('reportsent;topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id);
}
/**
* Modify a specific board...
*
* What it doews
* - screen for editing and repositioning a board.
* - called by ?action=admin;area=manageboards;sa=board
* - also used to show the confirm deletion of category screen (sub-template confirm_board_delete).
* - requires manage_boards permission.
*
* @uses the modify_board sub-template of the ManageBoards template.
* @uses ManagePermissions language
*/
public function action_board()
{
global $txt, $context, $cat_tree, $boards, $boardList, $modSettings;
loadTemplate('ManageBoards');
require_once SUBSDIR . '/Boards.subs.php';
getBoardTree();
// For editing the profile we'll need this.
loadLanguage('ManagePermissions');
require_once SUBSDIR . '/ManagePermissions.subs.php';
loadPermissionProfiles();
// id_board must be a number....
$_REQUEST['boardid'] = isset($_REQUEST['boardid']) ? (int) $_REQUEST['boardid'] : 0;
if (!isset($boards[$_REQUEST['boardid']])) {
$_REQUEST['boardid'] = 0;
$_REQUEST['sa'] = 'newboard';
}
if ($_REQUEST['sa'] == 'newboard') {
// Category doesn't exist, man... sorry.
if (empty($_REQUEST['cat'])) {
redirectexit('action=admin;area=manageboards');
}
// Some things that need to be setup for a new board.
$curBoard = array('member_groups' => array(0, -1), 'deny_groups' => array(), 'category' => (int) $_REQUEST['cat']);
$context['board_order'] = array();
$context['board'] = array('is_new' => true, 'id' => 0, 'name' => $txt['mboards_new_board_name'], 'description' => '', 'count_posts' => 1, 'posts' => 0, 'topics' => 0, 'theme' => 0, 'profile' => 1, 'override_theme' => 0, 'redirect' => '', 'category' => (int) $_REQUEST['cat'], 'no_children' => true);
} else {
// Just some easy shortcuts.
$curBoard =& $boards[$_REQUEST['boardid']];
$context['board'] = $boards[$_REQUEST['boardid']];
$context['board']['name'] = htmlspecialchars(strtr($context['board']['name'], array('&' => '&')), ENT_COMPAT, 'UTF-8');
$context['board']['description'] = htmlspecialchars($context['board']['description'], ENT_COMPAT, 'UTF-8');
$context['board']['no_children'] = empty($boards[$_REQUEST['boardid']]['tree']['children']);
$context['board']['is_recycle'] = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $context['board']['id'];
}
// As we may have come from the permissions screen keep track of where we should go on save.
$context['redirect_location'] = isset($_GET['rid']) && $_GET['rid'] == 'permissions' ? 'permissions' : 'boards';
// We might need this to hide links to certain areas.
$context['can_manage_permissions'] = allowedTo('manage_permissions');
// Default membergroups.
$context['groups'] = array(-1 => array('id' => '-1', 'name' => $txt['parent_guests_only'], 'allow' => in_array('-1', $curBoard['member_groups']), 'deny' => in_array('-1', $curBoard['deny_groups']), 'is_post_group' => false), 0 => array('id' => '0', 'name' => $txt['parent_members_only'], 'allow' => in_array('0', $curBoard['member_groups']), 'deny' => in_array('0', $curBoard['deny_groups']), 'is_post_group' => false));
$context['groups'] += getOtherGroups($curBoard);
// Category doesn't exist, man... sorry.
if (!isset($boardList[$curBoard['category']])) {
redirectexit('action=admin;area=manageboards');
}
foreach ($boardList[$curBoard['category']] as $boardid) {
if ($boardid == $_REQUEST['boardid']) {
$context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' (' . $txt['mboards_current_position'] . ')', 'children' => $boards[$boardid]['tree']['children'], 'no_children' => empty($boards[$boardid]['tree']['children']), 'is_child' => false, 'selected' => true);
} else {
$context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' ' . $boards[$boardid]['name'], 'is_child' => empty($_REQUEST['boardid']) ? false : isChildOf($boardid, $_REQUEST['boardid']), 'selected' => false);
}
}
// Are there any places to move sub-boards to in the case where we are confirming a delete?
if (!empty($_REQUEST['boardid'])) {
$context['can_move_children'] = false;
$context['children'] = $boards[$_REQUEST['boardid']]['tree']['children'];
foreach ($context['board_order'] as $board) {
if ($board['is_child'] == false && $board['selected'] == false) {
$context['can_move_children'] = true;
}
}
}
// Get other available categories.
$context['categories'] = array();
foreach ($cat_tree as $catID => $tree) {
$context['categories'][] = array('id' => $catID == $curBoard['category'] ? 0 : $catID, 'name' => $tree['node']['name'], 'selected' => $catID == $curBoard['category']);
}
$context['board']['moderators'] = getBoardModerators($_REQUEST['boardid']);
$context['board']['moderator_list'] = empty($context['board']['moderators']) ? '' : '"' . implode('", "', $context['board']['moderators']) . '"';
if (!empty($context['board']['moderators'])) {
list($context['board']['last_moderator_id']) = array_slice(array_keys($context['board']['moderators']), -1);
}
$context['themes'] = getAllThemes();
if (!isset($_REQUEST['delete'])) {
$context['sub_template'] = 'modify_board';
$context['page_title'] = $txt['boardsEdit'];
loadJavascriptFile('suggest.js', array('defer' => true));
} else {
$context['sub_template'] = 'confirm_board_delete';
$context['page_title'] = $txt['mboards_delete_board'];
}
// Create a special token.
createToken('admin-be-' . $_REQUEST['boardid']);
call_integration_hook('integrate_edit_board');
}
