public function deletepost($id)
{
global $lang_common, $lang_post, $pd;
if ($this->user->g_read_board == '0') {
message($lang_common['No view'], '403');
}
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_delete($id);
if ($this->config['o_censoring'] == '1') {
$cur_post['subject'] = censor_words($cur_post['subject']);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && array_key_exists($this->user->username, $mods_array) ? true : false;
$is_topic_post = $id == $cur_post['first_post_id'] ? true : false;
// Do we have permission to edit this post?
if (($this->user->g_delete_posts == '0' || $this->user->g_delete_topics == '0' && $is_topic_post || $cur_post['poster_id'] != $this->user->id || $cur_post['closed'] == '1') && !$is_admmod) {
message($lang_common['No permission'], '403');
}
if ($is_admmod && $this->user->g_id != FEATHER_ADMIN && in_array($cur_post['poster_id'], get_admin_ids())) {
message($lang_common['No permission'], '403');
}
// Load the delete.php language file
require FEATHER_ROOT . 'lang/' . $this->user->language . '/delete.php';
if ($this->feather->request()->isPost()) {
$this->model->handle_deletion($is_topic_post, $id, $cur_post['tid'], $cur_post['fid']);
}
$page_title = array(feather_escape($this->config['o_board_title']), $lang_delete['Delete post']);
define('FEATHER_ACTIVE_PAGE', 'delete');
$this->header->setTitle($page_title)->display();
require FEATHER_ROOT . 'include/parser.php';
$cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);
$this->feather->render('delete.php', array('lang_common' => $lang_common, 'lang_delete' => $lang_delete, 'cur_post' => $cur_post, 'id' => $id, 'is_topic_post' => $is_topic_post));
$this->footer->display();
}
public function display($id = null, $name = null, $page = null, $pid = null)
{
global $lang_common, $lang_post, $lang_topic, $lang_bbeditor, $pd;
if ($this->user->g_read_board == '0') {
message($lang_common['No view'], '403');
}
// Load the viewtopic.php language file
require FEATHER_ROOT . 'lang/' . $this->user->language . '/topic.php';
// Load the post.php language file
require FEATHER_ROOT . 'lang/' . $this->user->language . '/post.php';
// Antispam feature
require FEATHER_ROOT . 'lang/' . $this->user->language . '/antispam.php';
$index_questions = rand(0, count($lang_antispam_questions) - 1);
// BBcode toolbar feature
require FEATHER_ROOT . 'lang/' . $this->user['language'] . '/bbeditor.php';
// Load the viewtopic.php model file
require_once FEATHER_ROOT . 'model/viewtopic.php';
// Fetch some informations about the topic TODO
$cur_topic = $this->model->get_info_topic($id);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_topic['moderators'] != '' ? unserialize($cur_topic['moderators']) : array();
$is_admmod = $this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && array_key_exists($this->user->username, $mods_array) ? true : false;
if ($is_admmod) {
$admin_ids = get_admin_ids();
}
// Can we or can we not post replies?
$post_link = $this->model->get_post_link($id, $cur_topic['closed'], $cur_topic['post_replies'], $is_admmod);
// Add/update this topic in our list of tracked topics
if (!$this->user->is_guest) {
$tracked_topics = get_tracked_topics();
$tracked_topics['topics'][$id] = time();
set_tracked_topics($tracked_topics);
}
// Determine the post offset (based on $_GET['p'])
$num_pages = ceil(($cur_topic['num_replies'] + 1) / $this->user->disp_posts);
$p = !isset($page) || $page <= 1 || $page > $num_pages ? 1 : intval($page);
$start_from = $this->user->disp_posts * ($p - 1);
$url_topic = url_friendly($cur_topic['subject']);
$url_forum = url_friendly($cur_topic['forum_name']);
// Generate paging links
$paging_links = '<span class="pages-label">' . $lang_common['Pages'] . ' </span>' . paginate($num_pages, $p, 'topic/' . $id . '/' . $url_topic . '/#');
if ($this->config['o_censoring'] == '1') {
$cur_topic['subject'] = censor_words($cur_topic['subject']);
}
$quickpost = $this->model->is_quickpost($cur_topic['post_replies'], $cur_topic['closed'], $is_admmod);
$subscraction = $this->model->get_subscraction($cur_topic['is_subscribed'], $id);
// Add relationship meta tags
$page_head = $this->model->get_page_head($id, $num_pages, $p, $url_topic);
$page_title = array(feather_escape($this->config['o_board_title']), feather_escape($cur_topic['forum_name']), feather_escape($cur_topic['subject']));
define('FEATHER_ALLOW_INDEX', 1);
define('FEATHER_ACTIVE_PAGE', 'viewtopic');
$this->header->setTitle($page_title)->setPage($p)->setPagingLinks($paging_links)->setPageHead($page_head)->display();
$forum_id = $cur_topic['forum_id'];
require FEATHER_ROOT . 'include/parser.php';
$this->feather->render('viewtopic.php', array('id' => $id, 'p' => $p, 'post_data' => $this->model->print_posts($id, $start_from, $cur_topic, $is_admmod), 'lang_common' => $lang_common, 'lang_topic' => $lang_topic, 'lang_post' => $lang_post, 'lang_bbeditor' => $lang_bbeditor, 'cur_topic' => $cur_topic, 'subscraction' => $subscraction, 'is_admmod' => $is_admmod, 'feather_config' => $this->config, 'paging_links' => $paging_links, 'post_link' => $post_link, 'start_from' => $start_from, 'lang_antispam' => $lang_antispam, 'pid' => $pid, 'quickpost' => $quickpost, 'index_questions' => $index_questions, 'lang_antispam_questions' => $lang_antispam_questions, 'url_forum' => $url_forum, 'url_topic' => $url_topic, 'feather' => $this->feather));
// Increment "num_views" for topic
$this->model->increment_views($id);
$this->footer->display('viewtopic', $id, $p, $pid, $cur_topic['forum_id'], $num_pages);
}
public function editpost($id)
{
global $lang_common, $lang_prof_reg, $lang_post, $lang_register;
if ($this->user->g_read_board == '0') {
message($lang_common['No view'], '403');
}
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_edit($id);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && array_key_exists($this->user->username, $mods_array) ? true : false;
$can_edit_subject = $id == $cur_post['first_post_id'];
if ($this->config['o_censoring'] == '1') {
$cur_post['subject'] = censor_words($cur_post['subject']);
$cur_post['message'] = censor_words($cur_post['message']);
}
// Do we have permission to edit this post?
if (($this->user->g_edit_posts == '0' || $cur_post['poster_id'] != $this->user->id || $cur_post['closed'] == '1') && !$is_admmod) {
message($lang_common['No permission'], '403');
}
if ($is_admmod && $this->user->g_id != FEATHER_ADMIN && in_array($cur_post['poster_id'], get_admin_ids())) {
message($lang_common['No permission'], '403');
}
// Load the post.php language file
require FEATHER_ROOT . 'lang/' . $this->user->language . '/post.php';
// Load the bbeditor.php language file
require FEATHER_ROOT . 'lang/' . $this->user->language . '/bbeditor.php';
// Start with a clean slate
$errors = array();
if ($this->feather->request()->isPost()) {
// Let's see if everything went right
$errors = $this->model->check_errors_before_edit($id, $can_edit_subject, $errors);
// Setup some variables before post
$post = $this->model->setup_variables($cur_post, $is_admmod, $can_edit_subject, $errors);
// Did everything go according to plan?
if (empty($errors) && !$this->request->post('preview')) {
// Edit the post
$this->model->edit_post($id, $can_edit_subject, $post, $cur_post, $is_admmod);
redirect(get_link('post/' . $id . '/#p' . $id), $lang_post['Post redirect']);
}
} else {
$post = '';
}
$page_title = array(feather_escape($this->config['o_board_title']), $lang_post['Edit post']);
$required_fields = array('req_subject' => $lang_common['Subject'], 'req_message' => $lang_common['Message']);
$focus_element = array('edit', 'req_message');
define('FEATHER_ACTIVE_PAGE', 'edit');
$this->header->setTitle($page_title)->setFocusElement($focus_element)->setRequiredFields($required_fields)->display();
if ($this->request->post('preview')) {
require_once FEATHER_ROOT . 'include/parser.php';
$preview_message = parse_message($post['message'], $post['hide_smilies']);
} else {
$preview_message = '';
}
$this->feather->render('edit.php', array('lang_common' => $lang_common, 'cur_post' => $cur_post, 'lang_post' => $lang_post, 'errors' => $errors, 'preview_message' => $preview_message, 'id' => $id, 'feather_config' => $this->config, 'feather_user' => $this->user, 'checkboxes' => $this->model->get_checkboxes($can_edit_subject, $is_admmod, $cur_post, 1), 'feather' => $this->feather, 'can_edit_subject' => $can_edit_subject, 'post' => $post, 'lang_bbeditor' => $lang_bbeditor));
$this->footer->display();
}
message($lang_common['Bad request'], false, '404 Not Found');
}
$cur_post = $ps->fetch();
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $panther_user['is_admin'] || ($panther_user['g_moderator'] == '1' && $panther_user['g_global_moderator'] || array_key_exists($panther_user['username'], $mods_array)) ? true : false;
$can_edit_subject = $id == $cur_post['first_post_id'] && $panther_user['g_edit_subject'] == '1';
if ($panther_config['o_censoring'] == '1') {
$cur_post['subject'] = censor_words($cur_post['subject']);
$cur_post['message'] = censor_words($cur_post['message']);
}
// Do we have permission to edit this post?
if (($panther_user['g_edit_posts'] == '0' || $cur_post['poster_id'] != $panther_user['id'] || $cur_post['closed'] == '1' || $panther_user['g_deledit_interval'] != 0 && time() - $cur_post['pposted'] > $panther_user['g_deledit_interval']) && !$is_admmod) {
message($lang_common['No permission'], false, '403 Forbidden');
}
if ($is_admmod && (!$panther_user['is_admin'] && (in_array($cur_post['poster_id'], get_admin_ids()) && $panther_user['g_mod_edit_admin_posts'] == '0'))) {
message($lang_common['No permission'], false, '403 Forbidden');
}
// Load the post.php language file
require PANTHER_ROOT . 'lang/' . $panther_user['language'] . '/post.php';
check_posting_ban();
if ($cur_post['archived'] == '1') {
message($lang_post['Topic archived']);
}
if ($cur_post['password'] != '') {
check_forum_login_cookie($cur_post['fid'], $cur_post['password']);
}
// Start with a clean slate
$errors = array();
if (isset($_POST['form_sent'])) {
// Make sure they got here from the site
if (!$db->num_rows($result)) {
message($lang_common['Bad request'], false, '404 Not Found');
}
$cur_post = $db->fetch_assoc($result);
if ($pun_config['o_censoring'] == '1') {
$cur_post['subject'] = censor_words($cur_post['subject']);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $pun_user['g_id'] == PUN_ADMIN || $pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array) ? true : false;
$is_topic_post = $id == $cur_post['first_post_id'] ? true : false;
// Do we have permission to edit this post?
if (($pun_user['g_delete_posts'] == '0' || $pun_user['g_delete_topics'] == '0' && $is_topic_post || $cur_post['poster_id'] != $pun_user['id'] || $cur_post['closed'] == '1') && !$is_admmod) {
message($lang_common['No permission'], false, '403 Forbidden');
}
if ($is_admmod && $pun_user['g_id'] != PUN_ADMIN && in_array($cur_post['poster_id'], get_admin_ids())) {
message($lang_common['No permission'], false, '403 Forbidden');
}
// Load the delete.php language file
require PUN_ROOT . 'lang/' . $pun_user['language'] . '/delete.php';
if (isset($_POST['delete'])) {
// Make sure they got here from the site
confirm_referrer('delete.php');
require PUN_ROOT . 'include/search_idx.php';
if ($is_topic_post) {
// Delete the topic and all of its posts
delete_topic($cur_post['tid']);
update_forum($cur_post['fid']);
redirect(fluxrewrite($cur_post['fid'], $cur_post['forum_name'], 'f', false, false, false), $lang_delete['Topic del redirect']);
} else {
// Delete just this one post
/**
* 删除帖子
*/
public function deletePost()
{
$aPostId = I('post.post_id', 0, 'intval');
// dump($aPostId);exit;
$postModel = M('GroupPost');
$map = array('id' => $aPostId, 'status' => 1);
$post = $postModel->where($map)->find();
if (!$post) {
$this->ajaxReturn(array('status' => 0, 'info' => '不存在该帖子!', 'url' => U('Group/Index/groups')));
}
$this->checkAuth('Group/Index/deletePost', get_admin_ids($aPostId, 3, 0), '你没有删除贴子的权限!');
$res = $postModel->where($map)->setField('status', -1);
if ($res) {
$this->ajaxReturn(array('status' => 1, 'info' => '删除成功!', 'url' => U('Group/Index/group', array('id' => $post['group_id']))));
} else {
$this->ajaxReturn(array('status' => 0, 'info' => '删除失败!' . $postModel->getError()));
}
}
message($lang_misc['No topics selected']);
}
if (isset($_POST['delete_topics_comply'])) {
confirm_referrer('moderate.php');
if (@preg_match('%[^0-9,]%', $topics)) {
message($lang_common['Bad request'], false, '404 Not Found');
}
require PUN_ROOT . 'include/search_idx.php';
// Verify that the topic IDs are valid
$result = $db->query('SELECT 1 FROM ' . $db->prefix . 'topics WHERE id IN(' . $topics . ') AND forum_id=' . $fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != substr_count($topics, ',') + 1) {
message($lang_common['Bad request'], false, '404 Not Found');
}
// Verify that the posts are not by admins
if ($pun_user['g_id'] != PUN_ADMIN) {
$result = $db->query('SELECT 1 FROM ' . $db->prefix . 'posts WHERE topic_id IN(' . $topics . ') AND poster_id IN(' . implode(',', get_admin_ids()) . ')') or error('Unable to check posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
message($lang_common['No permission'], false, '403 Forbidden');
}
}
// Delete the topics and any redirect topics
$db->query('DELETE FROM ' . $db->prefix . 'topics WHERE id IN(' . $topics . ') OR moved_to IN(' . $topics . ')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());
// Delete any subscriptions
$db->query('DELETE FROM ' . $db->prefix . 'topic_subscriptions WHERE topic_id IN(' . $topics . ')') or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());
// Create a list of the post IDs in this topic and then strip the search index
$result = $db->query('SELECT id FROM ' . $db->prefix . 'posts WHERE topic_id IN(' . $topics . ')') or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
$post_ids = '';
while ($row = $db->fetch_row($result)) {
$post_ids .= $post_ids != '' ? ',' . $row[0] : $row[0];
}
// We have to check that we actually have a list of post IDs since we could be deleting just a redirect topic
function get_post_admin($post_id)
{
return get_admin_ids($post_id, 3, 1);
}
if (!$db->num_rows($result)) {
message(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
$cur_comment = $db->fetch_assoc($result);
if ($luna_config['o_censoring'] == '1') {
$cur_comment['subject'] = censor_words($cur_comment['subject']);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_comment['moderators'] != '' ? unserialize($cur_comment['moderators']) : array();
$is_admmod = $luna_user['g_id'] == LUNA_ADMIN || $luna_user['g_moderator'] == '1' && array_key_exists($luna_user['username'], $mods_array) ? true : false;
$is_thread_comment = $id == $cur_comment['first_comment_id'] ? true : false;
// Do we have permission to edit this comment?
if (($luna_user['g_delete_comments'] == '0' || $luna_user['g_delete_threads'] == '0' && $is_thread_comment || $cur_comment['commenter_id'] != $luna_user['id'] || $cur_comment['closed'] == '1') && !$is_admmod) {
message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
if ($is_admmod && $luna_user['g_id'] != LUNA_ADMIN && in_array($cur_comment['commenter_id'], get_admin_ids())) {
message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
// Soft delete comments
if (isset($_POST['soft_delete'])) {
// Make sure they got here from the site
confirm_referrer('delete.php');
require LUNA_ROOT . 'include/search_idx.php';
if ($is_thread_comment) {
// Delete the thread and all of its comments
delete_thread($cur_comment['tid'], "soft");
update_forum($cur_comment['fid']);
redirect('viewforum.php?id=' . $cur_comment['fid']);
} else {
// Delete just this one comment
$db->query('UPDATE ' . $db->prefix . 'comments SET soft = 1 WHERE id=' . $id) or error('Unable to soft delete comment', __FILE__, __LINE__, $db->error());
message_backstage(__('You must select at least one thread for move/delete/open/close.', 'luna'));
}
if (isset($_POST['delete_threads_comply'])) {
confirm_referrer('backstage/moderate.php');
if (@preg_match('%[^0-9,]%', $threads)) {
message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
require LUNA_ROOT . 'include/search_idx.php';
// Verify that the thread IDs are valid
$result = $db->query('SELECT 1 FROM ' . $db->prefix . 'threads WHERE id IN(' . $threads . ') AND forum_id=' . $fid) or error('Unable to check threads', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != substr_count($threads, ',') + 1) {
message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
// Verify that the comments are not by admins
if ($luna_user['g_id'] != LUNA_ADMIN) {
$result = $db->query('SELECT 1 FROM ' . $db->prefix . 'comments WHERE thread_id IN(' . $threads . ') AND commenter_id IN(' . implode(',', get_admin_ids()) . ')') or error('Unable to check comments', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
message_backstage(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
}
// Delete the threads and any redirect threads
$db->query('DELETE FROM ' . $db->prefix . 'threads WHERE id IN(' . $threads . ') OR moved_to IN(' . $threads . ')') or error('Unable to delete thread', __FILE__, __LINE__, $db->error());
// Delete any subscriptions
$db->query('DELETE FROM ' . $db->prefix . 'thread_subscriptions WHERE thread_id IN(' . $threads . ')') or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());
// Create a list of the comment IDs in this thread and then strip the search index
$result = $db->query('SELECT id FROM ' . $db->prefix . 'comments WHERE thread_id IN(' . $threads . ')') or error('Unable to fetch comments', __FILE__, __LINE__, $db->error());
$comment_ids = '';
while ($row = $db->fetch_row($result)) {
$comment_ids .= $comment_ids != '' ? ',' . $row[0] : $row[0];
}
// We have to check that we actually have a list of comment IDs since we could be deleting just a redirect thread
$action = isset($_GET['action']) ? panther_trim($_GET['action']) : '';
$page_title = array($panther_config['o_board_title'], $lang_warnings['Warning system']);
if (isset($_GET['warn'])) {
$errors = array();
if ($panther_user['g_mod_warn_users'] == '0' && !$panther_user['is_admin']) {
message($lang_common['No permission']);
}
$user_id = isset($_GET['warn']) ? intval($_GET['warn']) : 0;
$post_id = isset($_GET['pid']) ? intval($_GET['pid']) : 0;
if ($user_id < 1) {
message($lang_common['Bad request']);
}
if ($post_id < 0) {
message($lang_common['Bad request']);
}
if ($user_id == $panther_user['id'] || $user_id < 2 || in_array($user_id, get_admin_ids())) {
message($lang_common['Bad request']);
}
// Check whether user has been warned already for this post (users can only receive one warning per post)
if ($post_id) {
$data = array(':id' => $post_id);
$ps = $db->select('warnings', 'id', $data, 'post_id=:id');
if ($ps->rowCount()) {
$warning_id = $ps->fetchColumn();
$warning_link = panther_link($panther_url['warning_details'], array($warning_id));
message(sprintf($lang_warnings['Already warned'], '<a href="' . $warning_link . '">' . $warning_link . '</a>'));
}
}
if (isset($_POST['form_sent'])) {
confirm_referrer('warnings.php');
$data = array(':id' => $user_id);
if (!$db->num_rows($result)) {
message(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
$cur_post = $db->fetch_assoc($result);
if ($luna_config['o_censoring'] == '1') {
$cur_post['subject'] = censor_words($cur_post['subject']);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $luna_user['g_id'] == FORUM_ADMIN || $luna_user['g_moderator'] == '1' && array_key_exists($luna_user['username'], $mods_array) ? true : false;
$is_topic_post = $id == $cur_post['first_post_id'] ? true : false;
// Do we have permission to edit this post?
if (($luna_user['g_delete_posts'] == '0' || $luna_user['g_delete_topics'] == '0' && $is_topic_post || $cur_post['poster_id'] != $luna_user['id'] || $cur_post['closed'] == '1') && !$is_admmod) {
message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
if ($is_admmod && $luna_user['g_id'] != FORUM_ADMIN && in_array($cur_post['poster_id'], get_admin_ids())) {
message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
// Soft delete posts
if (isset($_POST['soft_delete'])) {
// Make sure they got here from the site
confirm_referrer('delete.php');
require FORUM_ROOT . 'include/search_idx.php';
if ($is_topic_post) {
// Delete the thread and all of its posts
delete_topic($cur_post['tid'], "soft");
update_forum($cur_post['fid']);
redirect('viewforum.php?id=' . $cur_post['fid']);
} else {
// Delete just this one post
$db->query('UPDATE ' . $db->prefix . 'posts SET soft = 1 WHERE id=' . $id) or error('Unable to soft delete post', __FILE__, __LINE__, $db->error());
function get_lzl_admin($lzl_id)
{
return get_admin_ids($lzl_id, 1, 1);
}
$db->update('config', $update, 'conf_name=\'o_admin_notes\'');
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
require PANTHER_ROOT . 'include/cache.php';
}
generate_config_cache();
$db->end_transaction();
exit;
}
}
}
$alerts = array();
if ($panther_user['is_admin']) {
if (is_file(PANTHER_ROOT . 'install.php')) {
$alerts[] = sprintf($lang_admin_index['Install file exists'], '<a href="' . panther_link($panther_url['remove_install_file']) . '">' . $lang_admin_index['Delete install file'] . '</a>');
}
foreach (get_admin_ids() as $admin) {
if ($admin == '2') {
// No restrictions for the original administrator
continue;
}
$data = array(':admin' => $admin);
$ps = $db->select('restrictions', 1, $data, 'admin_id=:admin');
if (!$ps->rowCount()) {
$alerts[] = sprintf($lang_admin_index['No restrictions'], panther_link($panther_url['admin_restrictions']));
break;
}
}
$update_downloaded = file_exists(PANTHER_ROOT . 'include/updates/panther-update-patch-' . $updater->version_friendly($updater->panther_updates['version']) . '.zip') ? true : false;
if (version_compare($panther_config['o_cur_version'], $updater->panther_updates['version'], '<') && !$update_downloaded) {
$alerts[] = sprintf($lang_admin_index['New version'], $updater->panther_updates['version'], panther_link($panther_url['admin_updates']));
}
public function delete_topics($topics, $fid)
{
global $lang_misc, $lang_common;
if (@preg_match('%[^0-9,]%', $topics)) {
message($lang_common['Bad request'], '404');
}
require FEATHER_ROOT . 'include/search_idx.php';
$topics_sql = explode(',', $topics);
// Verify that the topic IDs are valid
$result = DB::for_table('topics')->where_in('id', $topics_sql)->where('forum_id', $fid)->find_many();
if (count($result) != substr_count($topics, ',') + 1) {
message($lang_common['Bad request'], '404');
}
// Verify that the posts are not by admins
if ($this->user->g_id != FEATHER_ADMIN) {
$authorized = DB::for_table('posts')->where_in('topic_id', $topics_sql)->where('poster_id', get_admin_ids())->find_many();
if ($authorized) {
message($lang_common['No permission'], '403');
}
}
// Delete the topics
DB::for_table('topics')->where_in('id', $topics_sql)->delete_many();
// Delete any redirect topics
DB::for_table('topics')->where_in('moved_to', $topics_sql)->delete_many();
// Delete any subscriptions
DB::for_table('topic_subscriptions')->where_in('topic_id', $topics_sql)->delete_many();
// Create a list of the post IDs in this topic and then strip the search index
$find_ids = DB::for_table('posts')->select('id')->where_in('topic_id', $topics_sql)->find_many();
foreach ($find_ids as $id) {
$ids_post[] = $id['id'];
}
$post_ids = implode(', ', $ids_post);
// We have to check that we actually have a list of post IDs since we could be deleting just a redirect topic
if ($post_ids != '') {
strip_search_index($post_ids);
}
// Delete posts
DB::for_table('posts')->where_in('topic_id', $topics_sql)->delete_many();
update_forum($fid);
redirect(get_link('forum/' . $fid . '/'), $lang_misc['Delete topics redirect']);
}
if (!$panther_user['is_guest']) {
$data[':id'] = $panther_user['id'];
$ps = $db->run('SELECT pf.forum_name AS parent, f.parent_forum, f.protected, t.subject, t.poster, t.closed, t.archived, t.question, t.num_replies, t.sticky, t.first_post_id, t.last_post, p.type, p.options, p.votes, p.voters, p.posted, f.id AS forum_id, f.forum_name, f.use_reputation, f.moderators, f.password, fp.post_replies, fp.download, s.user_id AS is_subscribed FROM ' . $db->prefix . 'topics AS t INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'topic_subscriptions AS s ON (t.id=s.topic_id AND s.user_id=:id) LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=:gid) LEFT JOIN ' . $db->prefix . 'forums AS pf ON f.parent_forum=pf.id LEFT JOIN ' . $db->prefix . 'polls AS p ON t.id=p.topic_id WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=:tid AND t.moved_to IS NULL AND t.approved=1 AND t.deleted=0', $data);
} else {
$ps = $db->run('SELECT pf.forum_name AS parent, f.parent_forum, f.protected, t.subject, t.poster, t.closed, t.archived, t.question, t.num_replies, t.sticky, t.first_post_id, t.last_post, p.type, p.options, p.votes, p.voters, p.posted, f.id AS forum_id, f.forum_name, f.use_reputation, f.moderators, f.password, fp.post_replies, fp.download, 0 AS is_subscribed FROM ' . $db->prefix . 'topics AS t INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=:gid) LEFT JOIN ' . $db->prefix . 'forums AS pf ON f.parent_forum=pf.id LEFT JOIN ' . $db->prefix . 'polls AS p ON t.id=p.topic_id WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=:tid AND t.moved_to IS NULL AND t.approved=1 AND t.deleted=0', $data);
}
if (!$ps->rowCount()) {
message($lang_common['Bad request'], false, '404 Not Found');
} else {
$cur_topic = $ps->fetch();
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_topic['moderators'] != '' ? unserialize($cur_topic['moderators']) : array();
$is_admmod = $panther_user['is_admin'] || ($panther_user['g_moderator'] == '1' && $panther_user['g_global_moderator'] || isset($mods_array[$panther_user['username']])) ? true : false;
if ($is_admmod) {
$admin_ids = get_admin_ids();
}
if ($cur_topic['password'] != '') {
check_forum_login_cookie($cur_topic['forum_id'], $cur_topic['password']);
}
if ($cur_topic['protected'] == '1' && $panther_user['username'] != $cur_topic['poster'] && !$is_admmod) {
message($lang_common['No permission']);
}
if ($panther_config['o_archiving'] == '1' && $cur_topic['archived'] == '0') {
if ($cur_topic['archived'] !== '2') {
$archive_rules = unserialize($panther_config['o_archive_rules']);
$cur_topic['archived'] = check_archive_rules($archive_rules, $id);
}
}
// Add/update this topic in our list of tracked topics
if (!$panther_user['is_guest']) {
if (!$ps->rowCount()) {
message($lang_common['Bad request']);
}
list($username, $group_id) = $ps->fetch(PDO::FETCH_NUM);
if ($panther_groups[$group_id]['g_admin'] != '1' && $group_id != PANTHER_ADMIN) {
message($lang_common['Bad request']);
}
// Then we're adding restrictions
if (!isset($admins[$user])) {
$admins[$user] = array('admin_options' => 1, 'admin_permissions' => 1, 'admin_categories' => 1, 'admin_forums' => 1, 'admin_groups' => 1, 'admin_censoring' => 1, 'admin_maintenance' => 1, 'admin_plugins' => 1, 'admin_restrictions' => 1, 'admin_users' => 1, 'admin_moderate' => 1, 'admin_ranks' => 1, 'admin_updates' => 1, 'admin_archive' => 1, 'admin_smilies' => 1, 'admin_warnings' => 1, 'admin_attachments' => 1, 'admin_robots' => 1, 'admin_addons' => 1, 'admin_tasks' => 1);
}
generate_admin_menu('restrictions');
$tpl = load_template('edit_restriction.tpl');
echo $tpl->render(array('lang_admin_restrictions' => $lang_admin_restrictions, 'admin' => $admins[$user], 'user' => $user, 'csrf_token' => $csrf_token, 'lang_common' => $lang_common, 'lang_admin_common' => $lang_admin_common, 'form_action' => panther_link($panther_url['admin_restrictions_query'], array('action=' . $action . '&stage=3')), 'username' => $username));
} else {
if (count(get_admin_ids()) < 2) {
message($lang_admin_restrictions['no admins available']);
}
$data = array(':admin' => PANTHER_ADMIN);
$administrators = $restrictions = array();
$ps = $db->run('SELECT u.username, u.id FROM ' . $db->prefix . 'users AS u LEFT JOIN ' . $db->prefix . 'restrictions AS ar ON u.id=ar.admin_id INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id WHERE (u.group_id=:admin OR g.g_admin=1) AND u.id!=2 AND ar.admin_id IS NULL ORDER BY u.id ASC', $data);
foreach ($ps as $admin) {
$administrators[] = array('id' => $admin['id'], 'username' => $admin['username']);
}
$ps = $db->run('SELECT u.username, u.id FROM ' . $db->prefix . 'users AS u LEFT JOIN ' . $db->prefix . 'restrictions AS ar ON u.id=ar.admin_id INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id WHERE (u.group_id=:admin OR g.g_admin=1) AND u.id!=2 AND ar.admin_id IS NOT NULL ORDER BY u.id ASC', $data);
foreach ($ps as $admin) {
$restrictions[] = array('id' => $admin['id'], 'username' => $admin['username']);
}
generate_admin_menu('restrictions');
$tpl = load_template('admin_restrictions.tpl');
echo $tpl->render(array('lang_admin_common' => $lang_admin_common, 'lang_admin_restrictions' => $lang_admin_restrictions, 'csrf_token' => $csrf_token, 'add_action' => panther_link($panther_url['admin_restrictions_query'], array('action=add&stage=2')), 'edit_action' => panther_link($panther_url['admin_restrictions_query'], array('action=edit&stage=2')), 'delete_action' => panther_link($panther_url['admin_restrictions_query'], array('action=delete&stage=2')), 'lang_common' => $lang_common, 'restrictions' => $restrictions, 'administrators' => $administrators));
