/** * Send the emails. * * - Sends off emails to all the moderators. * - Sends to administrators and global moderators. (1 and 2) * - Called by action_reporttm(), and thus has the same permission and setting requirements as it does. * - Accessed through ?action=reporttm when posting. */ public function action_reporttm2() { global $txt, $scripturl, $topic, $board, $user_info, $modSettings, $language, $context; // You must have the proper permissions! isAllowedTo('report_any'); // Make sure they aren't spamming. spamProtection('reporttm'); require_once SUBSDIR . '/Mail.subs.php'; // No errors, yet. $report_errors = Error_Context::context('report', 1); // Check their session. if (checkSession('post', '', false) != '') { $report_errors->addError('session_timeout'); } // Make sure we have a comment and it's clean. if (!isset($_POST['comment']) || Util::htmltrim($_POST['comment']) === '') { $report_errors->addError('no_comment'); } $poster_comment = strtr(Util::htmlspecialchars($_POST['comment']), array("\r" => '', "\t" => '')); if (Util::strlen($poster_comment) > 254) { $report_errors->addError('post_too_long'); } // Guests need to provide their address! if ($user_info['is_guest']) { require_once SUBSDIR . '/DataValidator.class.php'; if (!Data_Validator::is_valid($_POST, array('email' => 'valid_email'), array('email' => 'trim'))) { empty($_POST['email']) ? $report_errors->addError('no_email') : $report_errors->addError('bad_email'); } isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title'])); $user_info['email'] = htmlspecialchars($_POST['email'], ENT_COMPAT, 'UTF-8'); } // Could they get the right verification code? if ($user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha'])) { require_once SUBSDIR . '/VerificationControls.class.php'; $verificationOptions = array('id' => 'report'); $context['require_verification'] = create_control_verification($verificationOptions, true); if (is_array($context['require_verification'])) { foreach ($context['require_verification'] as $error) { $report_errors->addError($error, 0); } } } // Any errors? if ($report_errors->hasErrors()) { return $this->action_reporttm(); } // Get the basic topic information, and make sure they can see it. $msg_id = (int) $_POST['msg']; $message = posterDetails($msg_id, $topic); if (empty($message)) { fatal_lang_error('no_board', false); } $poster_name = un_htmlspecialchars($message['real_name']) . ($message['real_name'] != $message['poster_name'] ? ' (' . $message['poster_name'] . ')' : ''); $reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : ''); $subject = un_htmlspecialchars($message['subject']); // Get a list of members with the moderate_board permission. require_once SUBSDIR . '/Members.subs.php'; $moderators = membersAllowedTo('moderate_board', $board); $result = getBasicMemberData($moderators, array('preferences' => true, 'sort' => 'lngfile')); $mod_to_notify = array(); foreach ($result as $row) { if ($row['notify_types'] != 4) { $mod_to_notify[] = $row; } } // Check that moderators do exist! if (empty($mod_to_notify)) { fatal_lang_error('no_mods', false); } // If we get here, I believe we should make a record of this, for historical significance, yabber. if (empty($modSettings['disable_log_report'])) { require_once SUBSDIR . '/Messages.subs.php'; $id_report = recordReport($message, $poster_comment); // If we're just going to ignore these, then who gives a monkeys... if ($id_report === false) { redirectexit('topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id); } } // Find out who the real moderators are - for mod preferences. require_once SUBSDIR . '/Boards.subs.php'; $real_mods = getBoardModerators($board, true); // Send every moderator an email. foreach ($mod_to_notify as $row) { // Maybe they don't want to know?! if (!empty($row['mod_prefs'])) { list(, , $pref_binary) = explode('|', $row['mod_prefs']); if (!($pref_binary & 1) && (!($pref_binary & 2) || !in_array($row['id_member'], $real_mods))) { continue; } } $replacements = array('TOPICSUBJECT' => $subject, 'POSTERNAME' => $poster_name, 'REPORTERNAME' => $reporterName, 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id, 'REPORTLINK' => !empty($id_report) ? $scripturl . '?action=moderate;area=reports;report=' . $id_report : '', 'COMMENT' => $_POST['comment']); $emaildata = loadEmailTemplate('report_to_moderator', $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']); // Send it to the moderator. sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], $user_info['email'], null, false, 2); } // Keep track of when the mod reports get updated, that way we know when we need to look again. updateSettings(array('last_mod_report_action' => time())); // Back to the post we reported! redirectexit('reportsent;topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id); }
/** * Modify a specific board... * * What it doews * - screen for editing and repositioning a board. * - called by ?action=admin;area=manageboards;sa=board * - also used to show the confirm deletion of category screen (sub-template confirm_board_delete). * - requires manage_boards permission. * * @uses the modify_board sub-template of the ManageBoards template. * @uses ManagePermissions language */ public function action_board() { global $txt, $context, $cat_tree, $boards, $boardList, $modSettings; loadTemplate('ManageBoards'); require_once SUBSDIR . '/Boards.subs.php'; getBoardTree(); // For editing the profile we'll need this. loadLanguage('ManagePermissions'); require_once SUBSDIR . '/ManagePermissions.subs.php'; loadPermissionProfiles(); // id_board must be a number.... $_REQUEST['boardid'] = isset($_REQUEST['boardid']) ? (int) $_REQUEST['boardid'] : 0; if (!isset($boards[$_REQUEST['boardid']])) { $_REQUEST['boardid'] = 0; $_REQUEST['sa'] = 'newboard'; } if ($_REQUEST['sa'] == 'newboard') { // Category doesn't exist, man... sorry. if (empty($_REQUEST['cat'])) { redirectexit('action=admin;area=manageboards'); } // Some things that need to be setup for a new board. $curBoard = array('member_groups' => array(0, -1), 'deny_groups' => array(), 'category' => (int) $_REQUEST['cat']); $context['board_order'] = array(); $context['board'] = array('is_new' => true, 'id' => 0, 'name' => $txt['mboards_new_board_name'], 'description' => '', 'count_posts' => 1, 'posts' => 0, 'topics' => 0, 'theme' => 0, 'profile' => 1, 'override_theme' => 0, 'redirect' => '', 'category' => (int) $_REQUEST['cat'], 'no_children' => true); } else { // Just some easy shortcuts. $curBoard =& $boards[$_REQUEST['boardid']]; $context['board'] = $boards[$_REQUEST['boardid']]; $context['board']['name'] = htmlspecialchars(strtr($context['board']['name'], array('&' => '&')), ENT_COMPAT, 'UTF-8'); $context['board']['description'] = htmlspecialchars($context['board']['description'], ENT_COMPAT, 'UTF-8'); $context['board']['no_children'] = empty($boards[$_REQUEST['boardid']]['tree']['children']); $context['board']['is_recycle'] = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $context['board']['id']; } // As we may have come from the permissions screen keep track of where we should go on save. $context['redirect_location'] = isset($_GET['rid']) && $_GET['rid'] == 'permissions' ? 'permissions' : 'boards'; // We might need this to hide links to certain areas. $context['can_manage_permissions'] = allowedTo('manage_permissions'); // Default membergroups. $context['groups'] = array(-1 => array('id' => '-1', 'name' => $txt['parent_guests_only'], 'allow' => in_array('-1', $curBoard['member_groups']), 'deny' => in_array('-1', $curBoard['deny_groups']), 'is_post_group' => false), 0 => array('id' => '0', 'name' => $txt['parent_members_only'], 'allow' => in_array('0', $curBoard['member_groups']), 'deny' => in_array('0', $curBoard['deny_groups']), 'is_post_group' => false)); $context['groups'] += getOtherGroups($curBoard); // Category doesn't exist, man... sorry. if (!isset($boardList[$curBoard['category']])) { redirectexit('action=admin;area=manageboards'); } foreach ($boardList[$curBoard['category']] as $boardid) { if ($boardid == $_REQUEST['boardid']) { $context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' (' . $txt['mboards_current_position'] . ')', 'children' => $boards[$boardid]['tree']['children'], 'no_children' => empty($boards[$boardid]['tree']['children']), 'is_child' => false, 'selected' => true); } else { $context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' ' . $boards[$boardid]['name'], 'is_child' => empty($_REQUEST['boardid']) ? false : isChildOf($boardid, $_REQUEST['boardid']), 'selected' => false); } } // Are there any places to move sub-boards to in the case where we are confirming a delete? if (!empty($_REQUEST['boardid'])) { $context['can_move_children'] = false; $context['children'] = $boards[$_REQUEST['boardid']]['tree']['children']; foreach ($context['board_order'] as $board) { if ($board['is_child'] == false && $board['selected'] == false) { $context['can_move_children'] = true; } } } // Get other available categories. $context['categories'] = array(); foreach ($cat_tree as $catID => $tree) { $context['categories'][] = array('id' => $catID == $curBoard['category'] ? 0 : $catID, 'name' => $tree['node']['name'], 'selected' => $catID == $curBoard['category']); } $context['board']['moderators'] = getBoardModerators($_REQUEST['boardid']); $context['board']['moderator_list'] = empty($context['board']['moderators']) ? '' : '"' . implode('", "', $context['board']['moderators']) . '"'; if (!empty($context['board']['moderators'])) { list($context['board']['last_moderator_id']) = array_slice(array_keys($context['board']['moderators']), -1); } $context['themes'] = getAllThemes(); if (!isset($_REQUEST['delete'])) { $context['sub_template'] = 'modify_board'; $context['page_title'] = $txt['boardsEdit']; loadJavascriptFile('suggest.js', array('defer' => true)); } else { $context['sub_template'] = 'confirm_board_delete'; $context['page_title'] = $txt['mboards_delete_board']; } // Create a special token. createToken('admin-be-' . $_REQUEST['boardid']); call_integration_hook('integrate_edit_board'); }