/**
* @param array $attachments_ary
* @param array $posts_data
* @param array $extensions
*/
protected function _get_block_content(array $attachments_ary, array $posts_data, array $extensions)
{
$message = '';
$update_count = array();
foreach ($attachments_ary as $post_id => $attachments) {
$topic_id = $attachments[0]['topic_id'];
$post_row = $posts_data[$topic_id][$post_id];
parse_attachments($post_row['forum_id'], $message, $attachments, $update_count, true);
$this->ptemplate->assign_block_vars('postrow', array());
foreach ($attachments as $i => $attachment) {
$row = $attachments_ary[$post_id][$i];
$topic_id = $row['topic_id'];
$post_id = $row['post_msg_id'];
$this->ptemplate->assign_block_vars('postrow.attachment', array('DISPLAY_ATTACHMENT' => $attachment, 'EXTENSION_GROUP' => $extensions[$row['extension']]['group_name'], 'U_VIEWTOPIC' => append_sid("{$this->phpbb_root_path}viewtopic.{$this->php_ext}", "t={$topic_id}&p={$post_id}") . '#p' . $post_id));
}
}
}
/**
* Topic Review
*/
function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true)
{
global $user, $auth, $db, $template, $cache;
global $config, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher;
/* @var $phpbb_content_visibility \phpbb\content_visibility */
$phpbb_content_visibility = $phpbb_container->get('content.visibility');
$sql_sort = $mode == 'post_review' ? 'ASC' : 'DESC';
// Go ahead and pull all data for this topic
$sql = 'SELECT p.post_id
FROM ' . POSTS_TABLE . ' p' . "\n\t\tWHERE p.topic_id = {$topic_id}\n\t\t\tAND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.') . '
' . ($mode == 'post_review' ? " AND p.post_id > {$cur_post_id}" : '') . '
' . ($mode == 'post_review_edit' ? " AND p.post_id = {$cur_post_id}" : '') . '
ORDER BY p.post_time ' . $sql_sort . ', p.post_id ' . $sql_sort;
$result = $db->sql_query_limit($sql, $config['posts_per_page']);
$post_list = array();
while ($row = $db->sql_fetchrow($result)) {
$post_list[] = $row['post_id'];
}
$db->sql_freeresult($result);
if (!sizeof($post_list)) {
return false;
}
// Handle 'post_review_edit' like 'post_review' from now on
if ($mode == 'post_review_edit') {
$mode = 'post_review';
}
$sql_ary = array('SELECT' => 'u.username, u.user_id, u.user_colour, p.*, z.friend, z.foe', 'FROM' => array(USERS_TABLE => 'u', POSTS_TABLE => 'p'), 'LEFT_JOIN' => array(array('FROM' => array(ZEBRA_TABLE => 'z'), 'ON' => 'z.user_id = ' . $user->data['user_id'] . ' AND z.zebra_id = p.poster_id')), 'WHERE' => $db->sql_in_set('p.post_id', $post_list) . '
AND u.user_id = p.poster_id');
$sql = $db->sql_build_query('SELECT', $sql_ary);
$result = $db->sql_query($sql);
$rowset = array();
$has_attachments = false;
while ($row = $db->sql_fetchrow($result)) {
$rowset[$row['post_id']] = $row;
if ($row['post_attachment']) {
$has_attachments = true;
}
}
$db->sql_freeresult($result);
// Grab extensions
$extensions = $attachments = array();
if ($has_attachments && $auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id)) {
$extensions = $cache->obtain_attach_extensions($forum_id);
// Get attachments...
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $post_list) . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) {
// A non-existing rowset only happens if there was no user present for the entered poster_id
// This could be a broken posts table.
if (!isset($rowset[$post_list[$i]])) {
continue;
}
$row = $rowset[$post_list[$i]];
$poster_id = $row['user_id'];
$post_subject = $row['post_subject'];
$decoded_message = false;
if ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) {
$decoded_message = censor_text($row['post_text']);
decode_message($decoded_message, $row['bbcode_uid']);
$decoded_message = bbcode_nl2br($decoded_message);
}
$parse_flags = $row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0;
$parse_flags |= $row['enable_smilies'] ? OPTION_FLAG_SMILIES : 0;
$message = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, true);
if (!empty($attachments[$row['post_id']])) {
$update_count = array();
parse_attachments($forum_id, $message, $attachments[$row['post_id']], $update_count);
}
$post_subject = censor_text($post_subject);
$post_anchor = $mode == 'post_review' ? 'ppr' . $row['post_id'] : 'pr' . $row['post_id'];
$u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "f={$forum_id}&t={$topic_id}&p={$row['post_id']}&view=show#p{$row['post_id']}");
$post_row = array('POST_AUTHOR_FULL' => get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'S_HAS_ATTACHMENTS' => !empty($attachments[$row['post_id']]) ? true : false, 'S_FRIEND' => $row['friend'] ? true : false, 'S_IGNORE_POST' => $row['foe'] ? true : false, 'L_IGNORE_POST' => $row['foe'] ? sprintf($user->lang['POST_BY_FOE'], get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), "<a href=\"{$u_show_post}\" onclick=\"phpbb.toggleDisplay('{$post_anchor}', 1); return false;\">", '</a>') : '', 'POST_SUBJECT' => $post_subject, 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 'POST_DATE' => $user->format_date($row['post_time']), 'MESSAGE' => $message, 'DECODED_MESSAGE' => $decoded_message, 'POST_ID' => $row['post_id'], 'POST_TIME' => $row['post_time'], 'USER_ID' => $row['user_id'], 'U_MINI_POST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'p=' . $row['post_id']) . '#p' . $row['post_id'], 'U_MCP_DETAILS' => $auth->acl_get('m_info', $forum_id) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=main&mode=post_details&f=' . $forum_id . '&p=' . $row['post_id'], true, $user->session_id) : '', 'POSTER_QUOTE' => $show_quote_button && $auth->acl_get('f_reply', $forum_id) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '');
$current_row_number = $i;
/**
* Event to modify the template data block for topic reviews
*
* @event core.topic_review_modify_row
* @var string mode The review mode
* @var int topic_id The topic that is being reviewed
* @var int forum_id The topic's forum
* @var int cur_post_id Post offset id
* @var int current_row_number Number of the current row being iterated
* @var array post_row Template block array of the current post
* @var array row Array with original post and user data
* @since 3.1.4-RC1
*/
$vars = array('mode', 'topic_id', 'forum_id', 'cur_post_id', 'current_row_number', 'post_row', 'row');
extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_row', compact($vars)));
$template->assign_block_vars($mode . '_row', $post_row);
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments[$row['post_id']])) {
foreach ($attachments[$row['post_id']] as $attachment) {
$template->assign_block_vars($mode . '_row.attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
unset($rowset[$post_list[$i]]);
}
if ($mode == 'topic_review') {
$template->assign_var('QUOTE_IMG', $user->img('icon_post_quote', $user->lang['REPLY_WITH_QUOTE']));
}
return true;
}
$parse_poll->message = $poll_option;
$parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
$preview_poll_options[] = $parse_poll->message;
}
unset($parse_poll);
foreach ($preview_poll_options as $key => $option) {
$template->assign_block_vars('poll_option', array('POLL_OPTION_CAPTION' => $option, 'POLL_OPTION_ID' => $key + 1));
}
unset($preview_poll_options);
}
// Attachment Preview
if (sizeof($message_parser->attachment_data)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
$update_count = array();
$attachment_data = $message_parser->attachment_data;
parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
foreach ($attachment_data as $i => $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
unset($attachment_data);
}
if (!sizeof($error)) {
$template->assign_vars(array('PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true));
}
}
// Decode text for message display
$post_data['bbcode_uid'] = $mode == 'quote' && !$preview && !$refresh && !sizeof($error) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
$message_parser->decode_message($post_data['bbcode_uid']);
if ($mode == 'quote' && !$submit && !$preview && !$refresh) {
if ($config['allow_bbcode']) {
$message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
/**
* Handling actions in post details screen
*/
function mcp_post_details($id, $mode, $action)
{
global $phpEx, $phpbb_root_path, $config;
global $template, $db, $user, $auth, $cache;
$user->add_lang('posting');
$post_id = request_var('p', 0);
$start = request_var('start', 0);
// Get post data
$post_info = get_post_data(array($post_id), false, true);
add_form_key('mcp_post_details');
if (!sizeof($post_info)) {
trigger_error('POST_NOT_EXIST');
}
$post_info = $post_info[$post_id];
$url = append_sid("{$phpbb_root_path}mcp.{$phpEx}?" . extra_url());
switch ($action) {
case 'whois':
if ($auth->acl_get('m_info', $post_info['forum_id'])) {
$ip = request_var('ip', '');
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
$template->assign_vars(array('RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i={$id}&mode={$mode}&p={$post_id}") . '">', '</a>'), 'U_RETURN_POST' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i={$id}&mode={$mode}&p={$post_id}"), 'L_RETURN_POST' => sprintf($user->lang['RETURN_POST'], '', ''), 'WHOIS' => user_ipwhois($ip)));
}
// We're done with the whois page so return
return;
break;
case 'chgposter':
case 'chgposter_ip':
if ($action == 'chgposter') {
$username = request_var('username', '', true);
$sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
} else {
$new_user_id = request_var('u', 0);
$sql_where = 'user_id = ' . $new_user_id;
}
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE ' . $sql_where;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error('NO_USER');
}
if ($auth->acl_get('m_chgposter', $post_info['forum_id'])) {
if (check_form_key('mcp_post_details')) {
change_poster($post_info, $row);
} else {
trigger_error('FORM_INVALID');
}
}
break;
}
// Set some vars
$users_ary = $usernames_ary = array();
$attachments = $extensions = array();
$post_id = $post_info['post_id'];
$topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread']) {
$tmp_topic_data = array($post_info['topic_id'] => $post_info);
$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
unset($tmp_topic_data);
} else {
$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
}
$post_unread = isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']] ? true : false;
// Process message, leave it uncensored
$message = $post_info['post_text'];
if ($post_info['bbcode_bitfield']) {
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode($post_info['bbcode_bitfield']);
$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) {
$extensions = $cache->obtain_attach_extensions($post_info['forum_id']);
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $post_id . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($attachments)) {
$update_count = array();
parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
}
$template->assign_vars(array('U_MCP_ACTION' => "{$url}&i=main&quickmod=1&mode=post_details", 'U_POST_ACTION' => "{$url}&i={$id}&mode=post_details", 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&p={$post_id}&f={$post_info['forum_id']}"), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_CAN_CHGPOSTER' => $auth->acl_get('m_chgposter', $post_info['forum_id']), 'S_CAN_LOCK_POST' => $auth->acl_get('m_lock', $post_info['forum_id']), 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'] ? true : false, 'S_POST_UNAPPROVED' => !$post_info['post_approved'] ? true : false, 'S_POST_LOCKED' => $post_info['post_edit_locked'] ? true : false, 'S_USER_NOTES' => true, 'S_CLEAR_ALLOWED' => $auth->acl_get('a_clearlogs') ? true : false, 'U_EDIT' => $auth->acl_get('m_edit', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}posting.{$phpEx}", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=mcp_chgposter&field=username&select_single=true'), 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), 'U_MCP_WARN_USER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']), 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']), 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", "f={$post_info['forum_id']}&p={$post_id}") . "#p{$post_id}\">", '</a>'), 'RETURN_FORUM' => sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", "f={$post_info['forum_id']}&start={$start}") . '">', '</a>'), 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']), 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'], 'POST_DATE' => $user->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => $auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '') ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], 'U_LOOKUP_IP' => $auth->acl_get('m_info', $post_info['forum_id']) ? "{$url}&i={$id}&mode={$mode}&lookup={$post_info['poster_ip']}#ip" : '', 'U_WHOIS' => $auth->acl_get('m_info', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i={$id}&mode={$mode}&action=whois&p={$post_id}&ip={$post_info['poster_ip']}") : ''));
// Get User Notes
$log_data = array();
$log_count = false;
view_log('user', $log_data, $log_count, $config['posts_per_page'], 0, 0, 0, $post_info['user_id']);
if (!empty($log_data)) {
$template->assign_var('S_USER_NOTES', true);
foreach ($log_data as $row) {
$template->assign_block_vars('usernotes', array('REPORT_BY' => $row['username_full'], 'REPORT_AT' => $user->format_date($row['time']), 'ACTION' => $row['action'], 'ID' => $row['id']));
}
}
// Get Reports
if ($auth->acl_get('m_report', $post_info['forum_id'])) {
$sql = 'SELECT r.*, re.*, u.user_id, u.username
FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re\n\t\t\tWHERE r.post_id = {$post_id}\n\t\t\t\tAND r.reason_id = re.reason_id\n\t\t\t\tAND u.user_id = r.user_id\n\t\t\tORDER BY r.report_time DESC";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
$template->assign_var('S_SHOW_REPORTS', true);
do {
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) {
$row['reson_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
$row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
}
$template->assign_block_vars('reports', array('REPORT_ID' => $row['report_id'], 'REASON_TITLE' => $row['reason_title'], 'REASON_DESC' => $row['reason_description'], 'REPORTER' => $row['user_id'] != ANONYMOUS ? $row['username'] : $user->lang['GUEST'], 'U_REPORTER' => $row['user_id'] != ANONYMOUS ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'USER_NOTIFY' => $row['user_notify'] ? true : false, 'REPORT_TIME' => $user->format_date($row['report_time']), 'REPORT_TEXT' => bbcode_nl2br(trim($row['report_text']))));
} while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
}
// Get IP
if ($auth->acl_get('m_info', $post_info['forum_id'])) {
$rdns_ip_num = request_var('rdns', '');
if ($rdns_ip_num != 'all') {
$template->assign_vars(array('U_LOOKUP_ALL' => "{$url}&i=main&mode=post_details&rdns=all"));
}
// Get other users who've posted under this IP
$sql = 'SELECT poster_id, COUNT(poster_id) as postings
FROM ' . POSTS_TABLE . "\n\t\t\tWHERE poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "'\n\t\t\tGROUP BY poster_id\n\t\t\tORDER BY postings DESC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
// Fill the user select list with users who have posted under this IP
if ($row['poster_id'] != $post_info['poster_id']) {
$users_ary[$row['poster_id']] = $row;
}
}
$db->sql_freeresult($result);
if (sizeof($users_ary)) {
// Get the usernames
$sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', array_keys($users_ary));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$users_ary[$row['user_id']]['username'] = $row['username'];
$usernames_ary[utf8_clean_string($row['username'])] = $users_ary[$row['user_id']];
}
$db->sql_freeresult($result);
foreach ($users_ary as $user_id => $user_row) {
$template->assign_block_vars('userrow', array('USERNAME' => $user_id == ANONYMOUS ? $user->lang['GUEST'] : $user_row['username'], 'NUM_POSTS' => $user_row['postings'], 'L_POST_S' => $user_row['postings'] == 1 ? $user->lang['POST'] : $user->lang['POSTS'], 'U_PROFILE' => $user_id == ANONYMOUS ? '' : append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=viewprofile&u=' . $user_id), 'U_SEARCHPOSTS' => append_sid("{$phpbb_root_path}search.{$phpEx}", 'author_id=' . $user_id . '&sr=topics')));
}
}
// Get other IP's this user has posted under
// A compound index on poster_id, poster_ip (posts table) would help speed up this query a lot,
// but the extra size is only valuable if there are persons having more than a thousands posts.
// This is better left to the really really big forums.
$sql = 'SELECT poster_ip, COUNT(poster_ip) AS postings
FROM ' . POSTS_TABLE . '
WHERE poster_id = ' . $post_info['poster_id'] . "\n\t\t\tGROUP BY poster_ip\n\t\t\tORDER BY postings DESC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$hostname = ($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') && $row['poster_ip'] ? @gethostbyaddr($row['poster_ip']) : '';
$template->assign_block_vars('iprow', array('IP' => $row['poster_ip'], 'HOSTNAME' => $hostname, 'NUM_POSTS' => $row['postings'], 'L_POST_S' => $row['postings'] == 1 ? $user->lang['POST'] : $user->lang['POSTS'], 'U_LOOKUP_IP' => $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all' ? '' : "{$url}&i={$id}&mode=post_details&rdns={$row['poster_ip']}#ip", 'U_WHOIS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i={$id}&mode={$mode}&action=whois&p={$post_id}&ip={$row['poster_ip']}")));
}
$db->sql_freeresult($result);
$user_select = '';
if (sizeof($usernames_ary)) {
ksort($usernames_ary);
foreach ($usernames_ary as $row) {
$user_select .= '<option value="' . $row['poster_id'] . '">' . $row['username'] . "</option>\n";
}
}
$template->assign_var('S_USER_SELECT', $user_select);
}
}
/**
* Fetch news processing
*/
function phpbb_fetch_news($forum_from, $number_of_posts, $text_length, $time, $type, $start = 0)
{
global $db, $config, $portal_config, $phpbb_root_path, $auth, $user, $bbcode_bitfield, $mode, $forum_id, $forum_status;
$posts = array();
$post_time = $time == 0 ? '' : 'AND t.topic_time > ' . (time() - $time * 86400);
$forum_from = strpos($forum_from, ',') !== FALSE ? explode(',', $forum_from) : ($forum_from != '' ? array($forum_from) : array());
$str_where = '';
$topic_icons = array(0);
$have_icons = 0;
$allow_access = array_unique(array_keys($auth->acl_getf('f_read', true)));
if (sizeof($allow_access)) {
if (sizeof($forum_from)) {
foreach ($allow_access as $acc_id) {
if (in_array($acc_id, $forum_from)) {
$str_where .= "t.forum_id = {$acc_id} OR ";
if (!isset($gobal_f)) {
$global_f = $acc_id;
}
}
}
} else {
foreach ($allow_access as $acc_id) {
$str_where .= "t.forum_id = {$acc_id} OR ";
if (!isset($gobal_f)) {
$global_f = $acc_id;
}
}
}
if (utf8_strlen($str_where) > 0) {
switch ($type) {
case "announcements":
$topic_type = '(( t.topic_type = ' . POST_ANNOUNCE . ') OR ( t.topic_type = ' . POST_GLOBAL . '))';
$str_where = utf8_strlen($str_where) > 0 ? 'AND (t.forum_id = 0 OR ' . substr($str_where, 0, -4) . ')' : '';
$user_link = 't.topic_poster = u.user_id';
$post_link = 't.topic_first_post_id = p.post_id';
$topic_order = 't.topic_time DESC';
break;
case "news":
$topic_type = '(( t.topic_type = ' . POST_NORMAL . ') OR ( t.topic_type = ' . POST_STICKY . '))';
$str_where = strlen($str_where) > 0 ? 'AND (' . trim(substr($str_where, 0, -4)) . ')' : '';
if ($portal_config['portal_news_show_last_post'] == true) {
$user_link = 't.topic_last_poster_id = u.user_id';
$post_link = 't.topic_last_post_id = p.post_id';
$topic_order = 't.topic_last_post_id DESC';
} else {
$user_link = 't.topic_poster = u.user_id';
$post_link = 't.topic_first_post_id = p.post_id';
$topic_order = 't.topic_time DESC';
}
break;
case "news_all":
$topic_type = '( t.topic_type <> ' . POST_ANNOUNCE . ' ) AND ( t.topic_type <> ' . POST_GLOBAL . ')';
$str_where = strlen($str_where) > 0 ? 'AND (' . trim(substr($str_where, 0, -4)) . ')' : '';
if ($portal_config['portal_news_show_last_post'] == true) {
$user_link = 't.topic_last_poster_id = u.user_id';
$post_link = 't.topic_last_post_id = p.post_id';
$topic_order = 't.topic_last_post_id DESC';
} else {
$user_link = 't.topic_poster = u.user_id';
$post_link = 't.topic_first_post_id = p.post_id';
$topic_order = 't.topic_time DESC';
}
break;
}
$sql_array = array('SELECT' => 't.forum_id,
t.poll_title,
t.topic_approved,
t.topic_attachment,
t.topic_id,
t.topic_last_post_id,
t.topic_last_post_time,
t.topic_last_poster_name,
t.topic_last_poster_id,
t.topic_last_poster_colour,
t.topic_moved_id,
t.icon_id,
t.topic_poster,
t.topic_replies,
t.topic_replies_real,
t.topic_status,
t.topic_time,
t.topic_title,
t.topic_type,
t.topic_views,
t.topic_first_post_id,
u.user_colour,
u.user_id,
u.user_rank,
u.user_type,
u.username,
p.bbcode_bitfield,
p.bbcode_uid,
p.enable_bbcode,
p.enable_magic_url,
p.enable_smilies,
p.post_approved,
p.post_attachment,
p.post_id,
p.post_subject,
p.post_text,
p.post_time,
f.enable_icons,
f.forum_name', 'FROM' => array(TOPICS_TABLE => 't'), 'LEFT_JOIN' => array(array('FROM' => array(USERS_TABLE => 'u'), 'ON' => $user_link), array('FROM' => array(FORUMS_TABLE => 'f'), 'ON' => 't.forum_id=f.forum_id'), array('FROM' => array(POSTS_TABLE => 'p'), 'ON' => $post_link)), 'WHERE' => $topic_type . '
' . $post_time . '
AND t.topic_status <> ' . ITEM_MOVED . '
AND t.topic_approved = 1
AND t.topic_moved_id = 0
' . $str_where, 'ORDER_BY' => $topic_order);
$sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_POSTED_TABLE => 'tp'), 'ON' => 'tp.topic_id = t.topic_id AND tp.user_id = ' . $user->data['user_id']);
$sql_array['SELECT'] .= ', tp.topic_posted';
$sql = $db->sql_build_query('SELECT', $sql_array);
if ($number_of_posts != 0) {
$result = $db->sql_query_limit($sql, $number_of_posts, $start);
} else {
$result = $db->sql_query($sql);
}
// Instantiate BBCode if need be
if ($bbcode_bitfield !== '') {
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode(base64_encode($bbcode_bitfield));
}
$i = 0;
while ($row = $db->sql_fetchrow($result)) {
$attachments = array();
if ($config['allow_attachments']) {
// Pull attachment data
$sql2 = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $row['post_id'] . '
AND in_message = 0
ORDER BY filetime DESC';
$result2 = $db->sql_query($sql2);
while ($row2 = $db->sql_fetchrow($result2)) {
$attachments[] = $row2;
}
$db->sql_freeresult($result2);
}
if ($row['user_id'] != ANONYMOUS && $row['user_colour']) {
$row['username'] = '******' . $row['user_colour'] . '">' . $row['username'] . '</b> ';
}
$posts[$i]['bbcode_uid'] = $row['bbcode_uid'];
$len_check = $row['post_text'];
if ($text_length != 0 && utf8_strlen($len_check) > $text_length) {
$message = utf8_substr($len_check, 0, $text_length);
$message = str_replace("\n", '<br/> ', $message);
$message .= ' ...';
$posts[$i]['striped'] = true;
} else {
$message = censor_text(str_replace("\n", '<br/> ', $row['post_text']));
}
if ($auth->acl_get('f_html', $row['forum_id'])) {
$message = preg_replace('#<!\\-\\-(.*?)\\-\\->#is', '', $message);
// Remove Comments from post content
}
// Second parse bbcode here
if ($row['bbcode_bitfield']) {
$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
}
if (!empty($attachments)) {
parse_attachments($row['forum_id'], $message, $attachments, $update_count);
}
if ($portal_config['portal_acronyms_allow'] = 1) {
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include_once $phpbb_root_path . 'portal/includes/functions_acronym.' . $phpEx;
$message = acronym_pass($message);
}
// dgTopic Thumb MOD - Added -->
if ($row['topic_attachment']) {
$sql2 = 'SELECT topic_first_post_id
FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $row['topic_id'];
$dgresult_one_check_postid = $db->sql_query_limit($sql2, 1);
$dgrow_one_check_postid = (int) $db->sql_fetchfield('topic_first_post_id');
$db->sql_freeresult($dgresult_one_check_postid);
$sql2 = 'SELECT post_attachment
FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $dgrow_one_check_postid;
$dgresult_one_postid_confirmed = $db->sql_query_limit($sql2, 1);
$dgrow_one_postid_confirmed = (int) $db->sql_fetchfield('post_attachment');
$db->sql_freeresult($dgresult_one_postid_confirmed);
$sql2 = 'SELECT post_attachment
FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $dgrow_one_check_postid;
$dgresult_one = $db->sql_query_limit($sql2, 1);
$dgrow_one = (int) $db->sql_fetchfield('post_attachment');
$db->sql_freeresult($dgresult_one);
$sql2 = 'SELECT forum_topics_thumb_choice
FROM ' . FORUMS_TABLE . ' WHERE forum_id =' . $row['forum_id'];
$result2 = $db->sql_query_limit($sql2, 1);
$rowchoice = (int) $db->sql_fetchfield('forum_topics_thumb_choice');
$topic_thumb_choice = $rowchoice;
$db->sql_freeresult($result2);
if ($dgrow_one == 1 && $topic_thumb_choice == 1) {
$dgrow_one = 1;
} else {
$dgrow_one = 0;
}
if ($dgrow_one) {
$posts[$i]['dgrow_one'] = 1;
$sql2 = 'SELECT physical_filename
FROM ' . ATTACHMENTS_TABLE . ' WHERE topic_id = ' . $row['topic_id'];
$dgresult_two = $db->sql_query_limit($sql2, 1);
$physical_thumb_name = $db->sql_fetchfield('physical_filename');
$db->sql_freeresult($dgresult_two);
$sql2 = 'SELECT extension
FROM ' . ATTACHMENTS_TABLE . ' WHERE topic_id =' . $row['topic_id'];
$dgresult_last = $db->sql_query_limit($sql2, 1);
$extension_name = $db->sql_fetchfield('extension');
$db->sql_freeresult($dgresult_last);
$sql2 = 'SELECT attach_id
FROM ' . ATTACHMENTS_TABLE . ' WHERE topic_id =' . $row['topic_id'];
$dgresult_last = $db->sql_query_limit($sql2, 1);
$attach_id = $db->sql_fetchfield('attach_id');
$db->sql_freeresult($dgresult_last);
$topic_thumb_filename = $phpbb_root_path . 'download/file.php' . '?id=' . $attach_id . '&t=' . 2 . '&sid=' . $physical_thumb_name;
} else {
$posts[$i]['dgrow_one'] = 0;
}
}
// dgTopic Thumb MOD - END -->
$posts[$i]['topic_thumb_filename'] = $topic_thumb_filename;
$message = smiley_text($message);
// Always process smilies after parsing bbcodes
$posts[$i] = array_merge($posts[$i], array('attachment' => $row['topic_attachment'] ? true : false, 'attachments' => !empty($attachments) ? $attachments : array(), 'bbcode_bitfield' => $row['bbcode_bitfield'], 'bbcode_uid' => $row['bbcode_uid'], 'enable_bbcode' => $row['enable_bbcode'], 'enable_magic_url' => $row['enable_magic_url'], 'enable_smilies' => $row['enable_smilies'], 'forum_id' => $row['forum_id'], 'forum_name' => $row['forum_name'], 'icon_id' => $row['icon_id'], 'poll_title' => $row['poll_title'] != '' ? true : false, 'post_approved' => $row['post_approved'], 'post_attachment' => !empty($attachments) ? $attachments : array(), 'post_id' => $row['post_id'], 'post_msg_id' => $row['post_msg_id'], 'post_subject' => $row['post_subject'], 'post_text' => $message, 'post_time' => $user->format_date($row['post_time']), 'real_filename' => $row['real_filename'], 'topic_approved' => $row['topic_approved'], 'topic_attachment' => $row['topic_attachment'], 'topic_first_post_id' => $row['topic_first_post_id'], 'topic_id' => $row['topic_id'], 'topic_last_post_id' => $row['topic_last_post_id'], 'topic_last_post_time' => $row['topic_last_post_time'], 'topic_poster' => $row['topic_poster'], 'topic_posted' => isset($row['topic_posted']) && $row['topic_posted'] ? true : false, 'topic_replies' => $row['topic_replies'], 'topic_replies_real' => $row['topic_replies_real'], 'topic_status' => $row['topic_status'], 'topic_time' => $user->format_date($row['post_time']), 'topic_title' => $row['topic_title'], 'topic_type' => $row['topic_type'], 'topic_views' => $row['topic_views'], 'user_colour' => $row['user_colour'], 'user_id' => $row['user_id'], 'user_rank' => $row['user_rank'], 'user_type' => $row['user_type'], 'username' => $row['username'], 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $row['post_username']), 'username_full_last' => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour'], $row['topic_last_poster_name'])));
$posts[$i]['global_id'] = $global_f;
$i++;
}
}
}
return $posts;
}
function reply_post_func($xmlrpc_params)
{
global $db, $auth, $user, $config, $phpbb_root_path, $phpEx, $mobiquo_config, $phpbb_home;
require_once 'include/emoji.php';
$user->setup('posting');
if (!$user->data['is_registered']) {
trigger_error('LOGIN_EXPLAIN_POST');
}
$params = php_xmlrpc_decode($xmlrpc_params);
// get parameters
$forum_id = isset($params[0]) ? intval($params[0]) : '';
$topic_id = isset($params[1]) ? intval($params[1]) : '';
$subject = isset($params[2]) ? $params[2] : '';
$text_body = isset($params[3]) ? $params[3] : '';
$text_body = emoji_unified_to_names($text_body);
$attach_list = isset($params[4]) ? $params[4] : array();
$_POST['attachment_data'] = isset($params[5]) && $params[5] ? unserialize(base64_decode($params[5])) : array();
$GLOBALS['return_html'] = isset($params[6]) ? $params[6] : false;
if (!$topic_id) {
trigger_error('NO_TOPIC');
}
if (utf8_clean_string($text_body) === '') {
trigger_error('TOO_FEW_CHARS');
}
$post_data = array();
$current_time = time();
// get topic data
$sql = 'SELECT *
FROM ' . TOPICS_TABLE . '
WHERE topic_id = ' . $topic_id;
$result = $db->sql_query($sql);
$post_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// get forum data
$sql = 'SELECT *
FROM ' . FORUMS_TABLE . "\n WHERE forum_type = " . FORUM_POST . ($post_data['forum_id'] ? "\n AND forum_id = '{$post_data['forum_id']}' " : '');
$result = $db->sql_query_limit($sql, 1);
$forum_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$post_data = array_merge($post_data, $forum_data);
if (!$post_data) {
trigger_error('NO_TOPIC');
}
// Use post_row values in favor of submitted ones...
$forum_id = !empty($post_data['forum_id']) ? (int) $post_data['forum_id'] : (int) $forum_id;
$topic_id = !empty($post_data['topic_id']) ? (int) $post_data['topic_id'] : (int) $topic_id;
// Need to login to passworded forum first?
if ($post_data['forum_password'] && !check_forum_password($forum_id)) {
trigger_error('LOGIN_FORUM');
}
// Check permissions
if ($user->data['is_bot']) {
trigger_error('NOT_AUTHORISED');
}
// Is the user able to read within this forum?
if (!$auth->acl_get('f_read', $forum_id)) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('USER_CANNOT_READ');
}
trigger_error('LOGIN_EXPLAIN_POST');
}
// Permission to do the reply
if (!$auth->acl_get('f_reply', $forum_id)) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('USER_CANNOT_REPLY');
}
trigger_error('LOGIN_EXPLAIN_POST');
}
// Is the user able to post within this forum?
if ($post_data['forum_type'] != FORUM_POST) {
trigger_error('USER_CANNOT_FORUM_POST');
}
// Forum/Topic locked?
if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) {
trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
}
$subject = (strpos($subject, 'Re: ') !== 0 ? 'Re: ' : '') . ($subject ? $subject : censor_text($post_data['topic_title']));
$post_data['post_edit_locked'] = isset($post_data['post_edit_locked']) ? (int) $post_data['post_edit_locked'] : 0;
$post_data['post_subject'] = isset($post_data['topic_title']) ? $post_data['topic_title'] : '';
$post_data['topic_time_limit'] = isset($post_data['topic_time_limit']) ? $post_data['topic_time_limit'] ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit'] : 0;
$post_data['poll_length'] = !empty($post_data['poll_length']) ? (int) $post_data['poll_length'] / 86400 : 0;
$post_data['poll_start'] = !empty($post_data['poll_start']) ? (int) $post_data['poll_start'] : 0;
$post_data['icon_id'] = 0;
$post_data['poll_options'] = array();
// Get Poll Data
if ($post_data['poll_start']) {
$sql = 'SELECT poll_option_text
FROM ' . POLL_OPTIONS_TABLE . "\n WHERE topic_id = {$topic_id}\n ORDER BY poll_option_id";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$post_data['poll_options'][] = trim($row['poll_option_text']);
}
$db->sql_freeresult($result);
}
$orig_poll_options_size = sizeof($post_data['poll_options']);
include $phpbb_root_path . 'includes/message_parser.' . $phpEx;
$message_parser = new parse_message();
// Set some default variables
$uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
foreach ($uninit as $var_name => $default_value) {
if (!isset($post_data[$var_name])) {
$post_data[$var_name] = $default_value;
}
}
unset($uninit);
// Always check if the submitted attachment data is valid and belongs to the user.
// Further down (especially in submit_post()) we do not check this again.
$message_parser->get_submitted_attachment_data($post_data['poster_id']);
$post_data['username'] = '';
$post_data['enable_urls'] = $post_data['enable_magic_url'];
$post_data['enable_sig'] = $config['allow_sig'] && $user->optionget('attachsig') ? true : false;
$post_data['enable_smilies'] = $config['allow_smilies'] && $user->optionget('smilies') ? true : false;
$post_data['enable_bbcode'] = $config['allow_bbcode'] && $user->optionget('bbcode') ? true : false;
$post_data['enable_urls'] = true;
$post_data['enable_magic_url'] = $post_data['drafts'] = false;
$check_value = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1);
// Check if user is watching this topic
if ($config['allow_topic_notify'] && $user->data['is_registered']) {
$sql = 'SELECT topic_id
FROM ' . TOPICS_WATCH_TABLE . '
WHERE topic_id = ' . $topic_id . '
AND user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
$db->sql_freeresult($result);
}
// HTML, BBCode, Smilies, Images and Flash status
$bbcode_status = $config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id) ? true : false;
$smilies_status = $bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id) ? true : false;
$img_status = $bbcode_status && $auth->acl_get('f_img', $forum_id) ? true : false;
$url_status = $config['allow_post_links'] ? true : false;
$flash_status = $bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash'] ? true : false;
$quote_status = $auth->acl_get('f_reply', $forum_id) ? true : false;
$post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0);
$post_data['post_subject'] = utf8_normalize_nfc($subject);
$message_parser->message = utf8_normalize_nfc(htmlspecialchars($text_body));
$post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
$post_data['post_edit_reason'] = '';
$post_data['orig_topic_type'] = $post_data['topic_type'];
$post_data['topic_type'] = request_var('topic_type', (int) $post_data['topic_type']);
$post_data['topic_time_limit'] = request_var('topic_time_limit', (int) $post_data['topic_time_limit']);
$post_data['icon_id'] = request_var('icon', 0);
$post_data['enable_bbcode'] = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true;
$post_data['enable_smilies'] = !$smilies_status || isset($_POST['disable_smilies']) ? false : true;
$post_data['enable_urls'] = isset($_POST['disable_magic_url']) ? 0 : 1;
$post_data['enable_sig'] = !$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig') ? false : ($user->data['is_registered'] ? true : false);
if ($config['allow_topic_notify'] && $user->data['is_registered']) {
$notify = !$post_data['notify_set'] ? $user->data['user_notify'] : $post_data['notify_set'] ? true : false;
} else {
$notify = false;
}
$post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true));
$post_data['poll_length'] = request_var('poll_length', 0);
$post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true));
$post_data['poll_max_options'] = request_var('poll_max_options', 1);
$post_data['poll_vote_change'] = $auth->acl_get('f_votechg', $forum_id) && isset($_POST['poll_vote_change']) ? 1 : 0;
// Parse Attachments - before checksum is calculated
$message_parser->parse_attachments('fileupload', 'reply', $forum_id, true, false, false);
// Grab md5 'checksum' of new message
$message_md5 = md5($message_parser->message);
// Check checksum ... don't re-parse message if the same
if (sizeof($message_parser->warn_msg)) {
trigger_error(join("\n", $message_parser->warn_msg));
}
$message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
if ($config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) {
// Flood check
$last_post_time = 0;
if ($user->data['is_registered']) {
$last_post_time = $user->data['user_lastpost_time'];
} else {
$sql = 'SELECT post_time AS last_post_time
FROM ' . POSTS_TABLE . "\n WHERE poster_ip = '" . $user->ip . "'\n AND post_time > " . ($current_time - $config['flood_interval']);
$result = $db->sql_query_limit($sql, 1);
if ($row = $db->sql_fetchrow($result)) {
$last_post_time = $row['last_post_time'];
}
$db->sql_freeresult($result);
}
if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) {
trigger_error('FLOOD_ERROR');
}
}
// Validate username
if ($post_data['username'] && !$user->data['is_registered']) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
if (($result = validate_username($post_data['username'], !empty($post_data['post_username']) ? $post_data['post_username'] : '')) !== false) {
$user->add_lang('ucp');
trigger_error($result . '_USERNAME');
}
}
$post_data['poll_last_vote'] = isset($post_data['poll_last_vote']) ? $post_data['poll_last_vote'] : 0;
$poll = array();
// if (sizeof($message_parser->warn_msg))
// {
// return get_error();
// }
// DNSBL check
if ($config['check_dnsbl'] && $mobiquo_config['check_dnsbl']) {
if (($dnsbl = $user->check_dnsbl('post')) !== false) {
trigger_error(sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]));
}
}
// Store message, sync counters
$data = array('topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => 0, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0, 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false, 'post_expire_time' => -1);
include $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$update_message = true;
$cwd = getcwd();
chdir('../');
$phpbb_root_path_tmp = $phpbb_root_path;
$phpbb_root_path = './';
$redirect_url = submit_post('reply', $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message);
chdir($cwd);
$phpbb_root_path = $phpbb_root_path_tmp;
// Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected.
$approved = true;
if (($config['enable_queue_trigger'] && $user->data['user_posts'] < $config['queue_trigger_posts'] || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id'])) {
$approved = false;
}
$reply_success = false;
$post_id = '';
if ($redirect_url) {
preg_match('/&p=(\\d+)/', $redirect_url, $matches);
$post_id = $matches[1];
$reply_success = true;
// get new post_content
$message = censor_text($data['message']);
$quote_wrote_string = $user->lang['WROTE'];
$message = str_replace('[/quote:' . $data['bbcode_uid'] . ']', '[/quote]', $message);
$message = preg_replace('/\\[quote(?:="(.*?)")?:' . $data['bbcode_uid'] . '\\]/ise', "'[quote]' . ('\$1' ? '\$1' . ' {$quote_wrote_string}:\n' : '\n')", $message);
$blocks = preg_split('/(\\[\\/?quote\\])/i', $message, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
$quote_level = 0;
$message = '';
foreach ($blocks as $block) {
if ($block == '[quote]') {
if ($quote_level == 0) {
$message .= $block;
}
$quote_level++;
} else {
if ($block == '[/quote]') {
if ($quote_level <= 1) {
$message .= $block;
}
if ($quote_level >= 1) {
$quote_level--;
}
} else {
if ($quote_level <= 1) {
$message .= $block;
}
}
}
}
$message = preg_replace('/\\[(youtube|video|googlevideo|gvideo):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $data['bbcode_uid'] . '\\]/sie', "video_bbcode_format('\$1', '\$2')", $message);
$message = preg_replace('/\\[(BBvideo)[\\d, ]+:' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[url=\$2]YouTube Video[/url]", $message);
$message = preg_replace('/\\[(spoil|spoiler):' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[spoiler]\$2[/spoiler]", $message);
$message = preg_replace('/\\[b:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/b:' . $data['bbcode_uid'] . '\\]/si', '[b]$1[/b]', $message);
$message = preg_replace('/\\[i:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/i:' . $data['bbcode_uid'] . '\\]/si', '[i]$1[/i]', $message);
$message = preg_replace('/\\[u:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/u:' . $data['bbcode_uid'] . '\\]/si', '[u]$1[/u]', $message);
$message = preg_replace('/\\[color=#(\\w{6}):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/color:' . $data['bbcode_uid'] . '\\]/si', '[color=#$1]$2[/color]', $message);
// Second parse bbcode here
if ($data['bbcode_bitfield']) {
$bbcode = new bbcode(base64_encode($data['bbcode_bitfield']));
$bbcode->bbcode_second_pass($message, $data['bbcode_uid'], $data['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if (!empty($data['attachment_data'])) {
parse_attachments($forum_id, $message, $data['attachment_data'], $update_count);
}
$updated_post_title = html_entity_decode(strip_tags(censor_text($data['topic_title'])), ENT_QUOTES, 'UTF-8');
$edit_allowed = $auth->acl_get('m_edit', $forum_id) || $auth->acl_get('f_edit', $forum_id) && !$data['post_edit_locked'] && ($data['post_time'] > time() - $config['edit_time'] * 60 || !$config['edit_time']);
$delete_allowed = $auth->acl_get('m_delete', $forum_id) || $auth->acl_get('f_delete', $forum_id) && ($data['post_time'] > time() - $config['delete_time'] * 60 || !$config['delete_time']) && !$data['post_edit_locked'];
$attachments = array();
if (sizeof($attach_list) && sizeof($data['attachment_data'])) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', $attach_list) . '
AND in_message = 0
ORDER BY filetime DESC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachment_by_id[$row['attach_id']] = $row;
}
$db->sql_freeresult($result);
foreach ($data['attachment_data'] as $attachment) {
if (preg_match('/<img src=\\".*?(\\/download\\/file.php\\?id=(\\d+).*?)\\"/is', $attachment, $matches)) {
$file_url = html_entity_decode($phpbb_home . $matches[1]);
$attach_id = $matches[2];
unset($matches);
$xmlrpc_attachment = new xmlrpcval(array('filename' => new xmlrpcval($attachment_by_id[$attach_id]['real_filename'], 'base64'), 'filesize' => new xmlrpcval($attachment_by_id[$attach_id]['filesize'], 'int'), 'content_type' => new xmlrpcval('image'), 'thumbnail_url' => new xmlrpcval(''), 'url' => new xmlrpcval($file_url)), 'struct');
$attachments[] = $xmlrpc_attachment;
}
}
}
}
$xmlrpc_reply_topic = new xmlrpcval(array('result' => new xmlrpcval($reply_success, 'boolean'), 'post_id' => new xmlrpcval($post_id, 'string'), 'state' => new xmlrpcval($approved ? 0 : 1, 'int'), 'post_title' => new xmlrpcval($updated_post_title, 'base64'), 'post_content' => new xmlrpcval(post_html_clean($message), 'base64'), 'post_author_name' => new xmlrpcval(html_entity_decode($user->data['username']), 'base64'), 'is_online' => new xmlrpcval(true, 'boolean'), 'can_edit' => new xmlrpcval($edit_allowed, 'boolean'), 'icon_url' => new xmlrpcval($user->optionget('viewavatars') ? get_user_avatar_url($user->data['user_avatar'], $user->data['user_avatar_type']) : ''), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($current_time), 'dateTime.iso8601'), 'can_delete' => new xmlrpcval($delete_allowed, 'boolean'), 'allow_smilies' => new xmlrpcval($data['enable_smilies'] ? true : false, 'boolean'), 'attachments' => new xmlrpcval($attachments, 'array')), 'struct');
return new xmlrpcresp($xmlrpc_reply_topic);
}
/**
* Delete Re:, lock post subject
* Ctrl+Enter submit - template variables in the full editor
* Ajax submit - error messages and preview
*
* @param object $event The event object
* @return null
* @access public
*/
public function delete_re($event)
{
$forum_id = $event['forum_id'];
$page_data = $event['page_data'];
$post_data = $event['post_data'];
// Delete Re:
if ($this->config['qr_enable_re'] == 0) {
$page_data['SUBJECT'] = preg_replace('/^Re: /', '', $page_data['SUBJECT']);
}
// Whether the user can change post subject or not
if (!$this->auth->acl_get('f_qr_change_subject', $forum_id) && $event['mode'] != 'post' && $post_data['topic_first_post_id'] != $event['post_id']) {
$this->template->assign_var('S_QR_NOT_CHANGE_SUBJECT', true);
}
// Ctrl+Enter submit
$page_data = array_merge($page_data, array('S_QR_CE_ENABLE' => $this->config['qr_ctrlenter']));
$event['page_data'] = $page_data;
//Ajax submit
if ($this->config['qr_ajax_submit'] && $this->request->is_ajax() && $this->request->is_set_post('qr')) {
include_once $this->phpbb_root_path . 'includes/functions_posting.' . $this->php_ext;
$error = $event['error'];
$preview = $event['preview'];
$post_data = $event['post_data'];
$forum_id = (int) $post_data['forum_id'];
$message_parser = $event['message_parser'];
if (sizeof($error)) {
$error_text = implode('<br />', $error);
$url_next_post = '';
}
// Preview
if (!sizeof($error) && $preview) {
$message_parser->message = $this->request->variable('message', '', true);
$preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
$preview_attachments = false;
// Attachment Preview
if (sizeof($message_parser->attachment_data)) {
$preview_attachments = '<dl class="attachbox"><dt>' . $this->user->lang['ATTACHMENTS'] . '</dt>';
//$this->template->assign_var('S_HAS_ATTACHMENTS', true);
$update_count = array();
$attachment_data = $message_parser->attachment_data;
parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
foreach ($attachment_data as $i => $attachment) {
//$this->template->assign_block_vars('attachment', array(
// 'DISPLAY_ATTACHMENT' => $attachment)
//);
$preview_attachments .= '<dd>' . $attachment . '</dd>';
}
$preview_attachments .= '</dl>';
unset($attachment_data);
}
$error_text = $preview_message;
}
if (isset($error_text)) {
$json_response = new \phpbb\json_response();
if (!sizeof($error) && $preview) {
$json_response->send(array('preview' => true, 'PREVIEW_TITLE' => $this->user->lang['PREVIEW'], 'PREVIEW_TEXT' => $preview_message, 'PREVIEW_ATTACH' => $preview_attachments));
} else {
$json_response->send(array('error' => true, 'MESSAGE_TITLE' => $this->user->lang['INFORMATION'], 'MESSAGE_TEXT' => $error_text, 'NEXT_URL' => isset($url_next_post) ? $url_next_post : ''));
}
}
}
}
/**
* Generate text content
*
* @param string $content is feed text content
* @param string $uid is bbcode_uid
* @param string $bitfield is bbcode bitfield
* @param int $options bbcode flag options
* @param int $forum_id is the forum id
* @param array $post_attachments is an array containing the attachments and their respective info
* @return string the html content to be printed for the feed
*/
public function generate_content($content, $uid, $bitfield, $options, $forum_id, $post_attachments)
{
if (empty($content)) {
return '';
}
// Prepare some bbcodes for better parsing
$content = preg_replace("#\\[quote(=".*?")?:{$uid}\\]\\s*(.*?)\\s*\\[/quote:{$uid}\\]#si", "[quote\$1:{$uid}]<br />\$2<br />[/quote:{$uid}]", $content);
$content = generate_text_for_display($content, $uid, $bitfield, $options);
// Add newlines
$content = str_replace('<br />', '<br />' . "\n", $content);
// Convert smiley Relative paths to Absolute path, Windows style
$content = str_replace($this->phpbb_root_path . $this->config['smilies_path'], $this->get_board_url() . '/' . $this->config['smilies_path'], $content);
// Remove "Select all" link and mouse events
$content = str_replace('<a href="#" onclick="selectCode(this); return false;">' . $this->user->lang['SELECT_ALL_CODE'] . '</a>', '', $content);
$content = preg_replace('#(onkeypress|onclick)="(.*?)"#si', '', $content);
// Firefox does not support CSS for feeds, though
// Remove font sizes
// $content = preg_replace('#<span style="font-size: [0-9]+%; line-height: [0-9]+%;">([^>]+)</span>#iU', '\1', $content);
// Make text strong :P
// $content = preg_replace('#<span style="font-weight: bold?">(.*?)</span>#iU', '<strong>\1</strong>', $content);
// Italic
// $content = preg_replace('#<span style="font-style: italic?">([^<]+)</span>#iU', '<em>\1</em>', $content);
// Underline
// $content = preg_replace('#<span style="text-decoration: underline?">([^<]+)</span>#iU', '<u>\1</u>', $content);
// Remove embed Windows Media Streams
$content = preg_replace('#<\\!--\\[if \\!IE\\]>-->([^[]+)<\\!--<!\\[endif\\]-->#si', '', $content);
// Do not use < and >, because we want to retain code contained in [code][/code]
// Remove embed and objects
$content = preg_replace('#<(object|embed)(.*?) (value|src)=(.*?) ([^[]+)(object|embed)>#si', ' <a href=$4 target="_blank"><strong>$1</strong></a> ', $content);
// Remove some specials html tag, because somewhere there are a mod to allow html tags ;)
$content = preg_replace('#<(script|iframe)([^[]+)\\1>#siU', ' <strong>$1</strong> ', $content);
// Parse inline images to display with the feed
if (!empty($post_attachments)) {
$update_count = array();
parse_attachments($forum_id, $content, $post_attachments, $update_count);
$content .= implode('<br />', $post_attachments);
// Convert attachments' relative path to absolute path
$content = str_replace($this->phpbb_root_path . 'download/file.' . $this->phpEx, $this->get_board_url() . '/download/file.' . $this->phpEx, $content);
}
// Remove Comments from inline attachments [ia]
$content = preg_replace('#<dd>(.*?)</dd>#', '', $content);
// Replace some entities with their unicode counterpart
$entities = array(' ' => " ", '•' => "•", '·' => "·", '©' => "©");
$content = str_replace(array_keys($entities), array_values($entities), $content);
// Remove CDATA blocks. ;)
$content = preg_replace('#\\<\\!\\[CDATA\\[(.*?)\\]\\]\\>#s', '', $content);
// Other control characters
$content = preg_replace('#(?:[\\x00-\\x1F\\x7F]+|(?:\\xC2[\\x80-\\x9F])+)#', '', $content);
return $content;
}
/**
* View topic in MCP
*/
function mcp_topic_view($id, $mode, $action)
{
global $phpEx, $src_root_path, $config;
global $template, $db, $user, $auth, $cache, $src_container, $src_dispatcher;
$url = append_sid("{$src_root_path}mcp.{$phpEx}?" . src_extra_url());
$user->add_lang('viewtopic');
$pagination = $src_container->get('pagination');
$topic_id = request_var('t', 0);
$topic_info = src_get_topic_data(array($topic_id), false, true);
if (!sizeof($topic_info)) {
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
// Set up some vars
$icon_id = request_var('icon', 0);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$start = request_var('start', 0);
$sort_days_old = request_var('st_old', 0);
$forum_id = request_var('f', 0);
$to_topic_id = request_var('to_topic_id', 0);
$to_forum_id = request_var('to_forum_id', 0);
$sort = isset($_POST['sort']) ? true : false;
$submitted_id_list = request_var('post_ids', array(0));
$checked_ids = $post_id_list = request_var('post_id_list', array(0));
// Resync Topic?
if ($action == 'resync') {
if (!function_exists('mcp_resync_topics')) {
include $src_root_path . 'includes/mcp/mcp_forum.' . $phpEx;
}
mcp_resync_topics(array($topic_id));
}
// Split Topic?
if ($action == 'split_all' || $action == 'split_beyond') {
if (!$sort) {
split_topic($action, $topic_id, $to_forum_id, $subject);
}
$action = 'split';
}
// Merge Posts?
if ($action == 'merge_posts') {
if (!$sort) {
merge_posts($topic_id, $to_topic_id);
}
$action = 'merge';
}
if ($action == 'split' && !$subject) {
$subject = $topic_info['topic_title'];
}
// Restore or pprove posts?
if (($action == 'restore' || $action == 'approve') && $auth->acl_get('m_approve', $topic_info['forum_id'])) {
include $src_root_path . 'includes/mcp/mcp_queue.' . $phpEx;
include_once $src_root_path . 'includes/functions_posting.' . $phpEx;
include_once $src_root_path . 'includes/functions_messenger.' . $phpEx;
if (!sizeof($post_id_list)) {
trigger_error('NO_POST_SELECTED');
}
if (!$sort) {
mcp_queue::approve_posts($action, $post_id_list, $id, $mode);
}
}
// Jumpbox, sort selects and that kind of things
make_jumpbox($url . "&i={$id}&mode=forum_view", $topic_info['forum_id'], false, 'm_', true);
$where_sql = $action == 'reports' ? 'WHERE post_reported = 1 AND ' : 'WHERE';
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
src_mcp_sorting('viewtopic', $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $topic_info['forum_id'], $topic_id, $where_sql);
$limit_time_sql = $sort_days ? 'AND p.post_time >= ' . (time() - $sort_days * 86400) : '';
$src_content_visibility = $src_container->get('content.visibility');
if ($total == -1) {
$total = $src_content_visibility->get_count('topic_posts', $topic_info, $topic_info['forum_id']);
}
$posts_per_page = max(0, request_var('posts_per_page', intval($config['posts_per_page'])));
if ($posts_per_page == 0) {
$posts_per_page = $total;
}
if (!empty($sort_days_old) && $sort_days_old != $sort_days || $total <= $posts_per_page) {
$start = 0;
}
$start = $pagination->validate_start($start, $posts_per_page, $total);
$sql = 'SELECT u.username, u.username_clean, u.user_colour, p.*
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE ' . ($action == 'reports' ? 'p.post_reported = 1 AND ' : '') . '
p.topic_id = ' . $topic_id . '
AND ' . $src_content_visibility->get_visibility_sql('post', $topic_info['forum_id'], 'p.') . '
AND p.poster_id = u.user_id ' . $limit_time_sql . '
ORDER BY ' . $sort_order_sql;
$result = $db->sql_query_limit($sql, $posts_per_page, $start);
$rowset = $post_id_list = array();
while ($row = $db->sql_fetchrow($result)) {
$rowset[] = $row;
$post_id_list[] = $row['post_id'];
}
$db->sql_freeresult($result);
$topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread']) {
$tmp_topic_data = array($topic_id => $topic_info);
$topic_tracking_info = get_topic_tracking($topic_info['forum_id'], $topic_id, $tmp_topic_data, array($topic_info['forum_id'] => $topic_info['forum_mark_time']));
unset($tmp_topic_data);
} else {
$topic_tracking_info = get_complete_topic_tracking($topic_info['forum_id'], $topic_id);
}
$has_unapproved_posts = $has_deleted_posts = false;
// Grab extensions
$extensions = $attachments = array();
if ($topic_info['topic_attachment'] && sizeof($post_id_list)) {
$extensions = $cache->obtain_attach_extensions($topic_info['forum_id']);
// Get attachments...
if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $topic_info['forum_id'])) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $post_id_list) . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
}
foreach ($rowset as $i => $row) {
$message = $row['post_text'];
$post_subject = $row['post_subject'] != '' ? $row['post_subject'] : $topic_info['topic_title'];
$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$message = generate_text_for_display($message, $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, false);
if (!empty($attachments[$row['post_id']])) {
$update_count = array();
parse_attachments($topic_info['forum_id'], $message, $attachments[$row['post_id']], $update_count);
}
if ($row['post_visibility'] == ITEM_UNAPPROVED || $row['post_visibility'] == ITEM_REAPPROVE) {
$has_unapproved_posts = true;
}
if ($row['post_visibility'] == ITEM_DELETED) {
$has_deleted_posts = true;
}
$post_unread = isset($topic_tracking_info[$topic_id]) && $row['post_time'] > $topic_tracking_info[$topic_id] ? true : false;
$post_row = array('POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_DATE' => $user->format_date($row['post_time']), 'POST_SUBJECT' => $post_subject, 'MESSAGE' => $message, 'POST_ID' => $row['post_id'], 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$src_root_path}viewtopic.{$phpEx}", 't=' . $topic_id) . '">', '</a>'), 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 'S_POST_REPORTED' => $row['post_reported'] && $auth->acl_get('m_report', $topic_info['forum_id']), 'S_POST_UNAPPROVED' => ($row['post_visibility'] == ITEM_UNAPPROVED || $row['post_visibility'] == ITEM_REAPPROVE) && $auth->acl_get('m_approve', $topic_info['forum_id']), 'S_POST_DELETED' => $row['post_visibility'] == ITEM_DELETED && $auth->acl_get('m_approve', $topic_info['forum_id']), 'S_CHECKED' => $submitted_id_list && !in_array(intval($row['post_id']), $submitted_id_list) || in_array(intval($row['post_id']), $checked_ids) ? true : false, 'S_HAS_ATTACHMENTS' => !empty($attachments[$row['post_id']]) ? true : false, 'U_POST_DETAILS' => "{$url}&i={$id}&p={$row['post_id']}&mode=post_details" . ($forum_id ? "&f={$forum_id}" : ''), 'U_MCP_APPROVE' => $auth->acl_get('m_approve', $topic_info['forum_id']) ? append_sid("{$src_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '', 'U_MCP_REPORT' => $auth->acl_get('m_report', $topic_info['forum_id']) ? append_sid("{$src_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '');
$current_row_number = $i;
/**
* Event to modify the template data block for topic reviews in the MCP
*
* @event core.mcp_topic_review_modify_row
* @var int id ID of the tab we are displaying
* @var string mode Mode of the MCP page we are displaying
* @var int topic_id The topic ID we are currently reviewing
* @var int forum_id The forum ID we are currently in
* @var int start Start item of this page
* @var int current_row_number Number of the post on this page
* @var array post_row Template block array of the current post
* @var array row Array with original post and user data
* @var array topic_info Array with topic data
* @var int total Total posts count
* @since 3.1.4-RC1
*/
$vars = array('id', 'mode', 'topic_id', 'forum_id', 'start', 'current_row_number', 'post_row', 'row', 'topic_info', 'total');
extract($src_dispatcher->trigger_event('core.mcp_topic_review_modify_row', compact($vars)));
$template->assign_block_vars('postrow', $post_row);
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments[$row['post_id']])) {
foreach ($attachments[$row['post_id']] as $attachment) {
$template->assign_block_vars('postrow.attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
unset($rowset[$i]);
}
// Display topic icons for split topic
$s_topic_icons = false;
if ($auth->acl_gets('m_split', 'm_merge', (int) $topic_info['forum_id'])) {
include_once $src_root_path . 'includes/functions_posting.' . $phpEx;
$s_topic_icons = posting_gen_topic_icons('', $icon_id);
// Has the user selected a topic for merge?
if ($to_topic_id) {
$to_topic_info = src_get_topic_data(array($to_topic_id), 'm_merge');
if (!sizeof($to_topic_info)) {
$to_topic_id = 0;
} else {
$to_topic_info = $to_topic_info[$to_topic_id];
if (!$to_topic_info['enable_icons'] || $auth->acl_get('!f_icons', $topic_info['forum_id'])) {
$s_topic_icons = false;
}
}
}
}
$s_hidden_fields = build_hidden_fields(array('st_old' => $sort_days, 'post_ids' => $post_id_list));
$base_url = append_sid("{$src_root_path}mcp.{$phpEx}", "i={$id}&t={$topic_info['topic_id']}&mode={$mode}&action={$action}&to_topic_id={$to_topic_id}&posts_per_page={$posts_per_page}&st={$sort_days}&sk={$sort_key}&sd={$sort_dir}");
if ($posts_per_page) {
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $posts_per_page, $start);
}
$template->assign_vars(array('TOPIC_TITLE' => $topic_info['topic_title'], 'U_VIEW_TOPIC' => append_sid("{$src_root_path}viewtopic.{$phpEx}", 'f=' . $topic_info['forum_id'] . '&t=' . $topic_info['topic_id']), 'TO_TOPIC_ID' => $to_topic_id, 'TO_TOPIC_INFO' => $to_topic_id ? sprintf($user->lang['YOU_SELECTED_TOPIC'], $to_topic_id, '<a href="' . append_sid("{$src_root_path}viewtopic.{$phpEx}", 'f=' . $to_topic_info['forum_id'] . '&t=' . $to_topic_id) . '">' . $to_topic_info['topic_title'] . '</a>') : '', 'SPLIT_SUBJECT' => $subject, 'POSTS_PER_PAGE' => $posts_per_page, 'ACTION' => $action, 'REPORTED_IMG' => $user->img('icon_topic_reported', 'POST_REPORTED'), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', 'POST_UNAPPROVED'), 'DELETED_IMG' => $user->img('icon_topic_deleted', 'POST_DELETED_RESTORE'), 'INFO_IMG' => $user->img('icon_post_info', 'VIEW_INFO'), 'S_MCP_ACTION' => "{$url}&i={$id}&mode={$mode}&action={$action}&start={$start}", 'S_FORUM_SELECT' => $to_forum_id ? make_forum_select($to_forum_id, false, false, true, true, true) : make_forum_select($topic_info['forum_id'], false, false, true, true, true), 'S_CAN_SPLIT' => $auth->acl_get('m_split', $topic_info['forum_id']) ? true : false, 'S_CAN_MERGE' => $auth->acl_get('m_merge', $topic_info['forum_id']) ? true : false, 'S_CAN_DELETE' => $auth->acl_get('m_delete', $topic_info['forum_id']) ? true : false, 'S_CAN_APPROVE' => $has_unapproved_posts && $auth->acl_get('m_approve', $topic_info['forum_id']) ? true : false, 'S_CAN_RESTORE' => $has_deleted_posts && $auth->acl_get('m_approve', $topic_info['forum_id']) ? true : false, 'S_CAN_LOCK' => $auth->acl_get('m_lock', $topic_info['forum_id']) ? true : false, 'S_CAN_REPORT' => $auth->acl_get('m_report', $topic_info['forum_id']) ? true : false, 'S_CAN_SYNC' => $auth->acl_get('m_', $topic_info['forum_id']), 'S_REPORT_VIEW' => $action == 'reports' ? true : false, 'S_MERGE_VIEW' => $action == 'merge' ? true : false, 'S_SPLIT_VIEW' => $action == 'split' ? true : false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 'S_TOPIC_ICON' => $icon_id, 'U_SELECT_TOPIC' => "{$url}&i={$id}&mode=forum_view&action=merge_select" . ($forum_id ? "&f={$forum_id}" : ''), 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$src_root_path}viewtopic.{$phpEx}", "f={$topic_info['forum_id']}&t={$topic_info['topic_id']}&start={$start}") . '">', '</a>'), 'RETURN_FORUM' => sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$src_root_path}viewforum.{$phpEx}", "f={$topic_info['forum_id']}&start={$start}") . '">', '</a>'), 'TOTAL_POSTS' => $user->lang('VIEW_TOPIC_POSTS', (int) $total)));
}
if ($config['allow_attachments'] && $row['post_id']) {
// Pull attachment data
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $row['post_id'] . '
AND in_message = 0
ORDER BY filetime DESC';
$result3 = $db->sql_query($sql);
while ($row3 = $db->sql_fetchrow($result3)) {
$attachments[] = $row3;
}
$db->sql_freeresult($result3);
}
$img = !empty($attachments) && $config['allow_attachments'] ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '';
if (!empty($attachments)) {
parse_attachments($forum_id, $message, $attachments, $update_count);
}
// check config if we want edits to show in portal
if ($config['bbdkp_portal_showedits']) {
// reinitialise var for next loop
$edit_reason = '';
// build the 'user edited' comment
if ($row['post_edit_count'] && $config['display_last_edited'] || $row['post_edit_reason']) {
// Get username that edited post, if it has been edited
if ($row['post_edit_reason'] or $row['post_edit_user']) {
$sql = 'SELECT DISTINCT u.user_id, u.username, u.user_colour
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE p.post_id = ' . $row['post_id'] . '
AND p.post_edit_count <> 0
AND p.post_edit_user <> 0
AND p.post_edit_user = u.user_id';
public function file($attach_id)
{
$this->user->setup('viewtopic');
$sql_attach = 'SELECT a.*, u.username, u.user_colour, p.post_id, p.topic_id, p.forum_id, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid
FROM ' . ATTACHMENTS_TABLE . ' a, ' . USERS_TABLE . ' u, ' . POSTS_TABLE . " p\n\t\t\tWHERE a.attach_id = " . (int) $attach_id . "\n\t\t\t\tAND p.post_id = a.post_msg_id\n\t\t\t\tAND a.poster_id = u.user_id\n\t\t\t\tAND a.is_orphan = 0";
$result = $this->db->sql_query($sql_attach);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
// Start auth check
if (!$this->auth->acl_get('u_download') || !$this->auth->acl_get('f_read', $row['forum_id'])) {
trigger_error('LINKAGE_FORBIDDEN');
}
$attachments = $update_count = array();
$sql_attach = 'SELECT * FROM ' . ATTACHMENTS_TABLE . "\n\t\t\tWHERE post_msg_id = " . (int) $row['post_id'] . "\n\t\t\t\tAND is_orphan = 0";
$result_attach = $this->db->sql_query($sql_attach);
while ($attach_row = $this->db->sql_fetchrow($result_attach)) {
$attachments[] = $attach_row;
}
$this->db->sql_freeresult($result_attach);
// Parse the message and subject
$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$message = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, true);
// Parse attachments
parse_attachments($row['forum_id'], $message, $attachments, $update_count);
// Replace naughty words such as farty pants
$row['post_subject'] = censor_text($row['post_subject']);
$view_post = append_sid("{$this->phpbb_root_path}viewtopic.{$this->php_ext}", "t={$row['topic_id']}&p={$row['post_id']}") . "#p{$row['post_id']}";
$this->template->assign_vars(array('POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour']), 'POST_DATE' => $this->user->format_date($row['filetime'], false, false), 'POST_TITLE' => $row['post_subject'], 'DESCRIPTION' => $row['post_subject'], 'MESSAGE' => $message, 'U_VIEW_POST' => $view_post, 'U_ATTACHMENTS_TOPIC' => $this->helper->route("bb3mobi_attach_cat", array('t' => $row['topic_id'])), 'ATTACHMENTS_BY' => $this->user->lang('ATTACHMENTS_BY', '<a href="http://bb3.mobi/forum/viewtopic.php?t=226">Download by</a>'), 'S_HAS_ATTACHMENTS' => !empty($attachments) ? true : false));
foreach ($attachments as $attachment) {
$this->template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
return $row['real_filename'];
}
function extract_eml($path)
{
global $email, $atmail, $auth;
$email2 = new ReadMsg(array('Username' => $atmail->username, 'Pop3host' => $atmail->pop3host, 'Password' => $auth->password, 'Type' => $atmail->MailType, 'Mode' => $atmail->Mode, 'SessionID' => $auth->SessionID, 'Language' => $atmail->Language, 'DateFormat' => $atmail->DateFormat, 'TimeFormat' => $atmail->TimeFormat, 'LoginType' => $type, 'head' => 1, 'rawemail' => $var['rawemail']));
$email2->reademail('', '', '', '', $path);
if ($email2->html) {
$type = 'html';
} elseif ($email2->txt) {
$type = 'txt';
} elseif ($email2->multiparttxt) {
$type = 'multiparttxt';
} else {
$type = 'html';
}
$myvars = array('subject' => $email2->subject, 'from' => htmlentities($email2->from), 'to' => htmlentities($email2->to), 'date' => $email2->date, 'body' => $email2->{$type});
$fwdmsg = $atmail->parse("html/{$atmail->Language}/fwdmsg.html", $myvars);
if ($email->html) {
$email->html .= $fwdmsg;
} elseif ($email->txt) {
$email->txt .= $fwdmsg;
} else {
$email->html .= $fwdmsg;
}
unset($fwdmsg);
parse_attachments($email2);
foreach ($email2->attachedemails as $path2) {
extract_eml($path2);
}
}
/**
* Compose private message
* Called from ucp_pm with mode == 'compose'
*/
function compose_pm($id, $mode, $action)
{
global $template, $db, $auth, $user;
global $phpbb_root_path, $phpEx, $config;
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
if (!$action)
{
$action = 'post';
}
add_form_key('ucp_pm_compose');
// Grab only parameters needed here
$to_user_id = request_var('u', 0);
$to_group_id = request_var('g', 0);
$msg_id = request_var('p', 0);
$draft_id = request_var('d', 0);
$lastclick = request_var('lastclick', 0);
// Do NOT use request_var or specialchars here
$address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array();
$submit = (isset($_POST['post'])) ? true : false;
$preview = (isset($_POST['preview'])) ? true : false;
$save = (isset($_POST['save'])) ? true : false;
$load = (isset($_POST['load'])) ? true : false;
$cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
$delete = (isset($_POST['delete'])) ? true : false;
$remove_u = (isset($_REQUEST['remove_u'])) ? true : false;
$remove_g = (isset($_REQUEST['remove_g'])) ? true : false;
$add_to = (isset($_REQUEST['add_to'])) ? true : false;
$add_bcc = (isset($_REQUEST['add_bcc'])) ? true : false;
$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load
|| $remove_u || $remove_g || $add_to || $add_bcc;
$action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action;
$select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true;
$error = array();
$current_time = time();
// Was cancel pressed? If so then redirect to the appropriate page
if ($cancel || ($current_time - $lastclick < 2 && $submit))
{
if ($msg_id)
{
redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&action=view_message&p=' . $msg_id));
}
redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm'));
}
// Output PM_TO box if message composing
if ($action != 'edit')
{
if ($config['allow_mass_pm'] && $auth->acl_get('u_masspm'))
{
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g';
if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
{
$sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug
ON (
g.group_id = ug.group_id
AND ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
)
WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
}
$sql .= ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' WHERE ' : ' AND ';
$sql .= 'g.group_receive_pm = 1
ORDER BY g.group_type DESC, g.group_name ASC';
$result = $db->sql_query($sql);
$group_options = '';
while ($row = $db->sql_fetchrow($result))
{
$group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
}
$template->assign_vars(array(
'S_SHOW_PM_BOX' => true,
'S_ALLOW_MASS_PM' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? true : false,
'S_GROUP_OPTIONS' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? $group_options : '',
'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=postform&field=username_list&select_single=$select_single"),
));
}
$sql = '';
// What is all this following SQL for? Well, we need to know
// some basic information in all cases before we do anything.
switch ($action)
{
case 'post':
if (!$auth->acl_get('u_sendpm'))
{
trigger_error('NO_AUTH_SEND_MESSAGE');
}
break;
case 'reply':
case 'quote':
case 'forward':
case 'quotepost':
if (!$msg_id)
{
trigger_error('NO_MESSAGE');
}
if (!$auth->acl_get('u_sendpm'))
{
trigger_error('NO_AUTH_SEND_MESSAGE');
}
if ($action == 'quotepost')
{
$sql = 'SELECT p.post_id as msg_id, p.forum_id, p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u
WHERE p.post_id = $msg_id
AND t.topic_id = p.topic_id
AND u.user_id = p.poster_id";
}
else
{
$sql = 'SELECT t.folder_id, p.*, u.username as quote_username
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE t.user_id = ' . $user->data['user_id'] . "
AND p.author_id = u.user_id
AND t.msg_id = p.msg_id
AND p.msg_id = $msg_id";
}
break;
case 'edit':
if (!$msg_id)
{
trigger_error('NO_MESSAGE');
}
// check for outbox (not read) status, we do not allow editing if one user already having the message
$sql = 'SELECT p.*, t.folder_id
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p
WHERE t.user_id = ' . $user->data['user_id'] . '
AND t.folder_id = ' . PRIVMSGS_OUTBOX . "
AND t.msg_id = $msg_id
AND t.msg_id = p.msg_id";
break;
case 'delete':
if (!$auth->acl_get('u_pm_delete'))
{
trigger_error('NO_AUTH_DELETE_MESSAGE');
}
if (!$msg_id)
{
trigger_error('NO_MESSAGE');
}
$sql = 'SELECT msg_id, pm_unread, pm_new, author_id, folder_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . "
AND msg_id = $msg_id";
break;
case 'smilies':
generate_smilies('window', 0);
break;
default:
trigger_error('NO_ACTION_MODE', E_USER_ERROR);
break;
}
if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward')))
{
trigger_error('NO_AUTH_FORWARD_MESSAGE');
}
if ($action == 'edit' && !$auth->acl_get('u_pm_edit'))
{
trigger_error('NO_AUTH_EDIT_MESSAGE');
}
if ($sql)
{
$result = $db->sql_query($sql);
$post = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$post)
{
// If editing it could be the recipient already read the message...
if ($action == 'edit')
{
$sql = 'SELECT p.*, t.folder_id
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p
WHERE t.user_id = ' . $user->data['user_id'] . "
AND t.msg_id = $msg_id
AND t.msg_id = p.msg_id";
$result = $db->sql_query($sql);
$post = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($post)
{
trigger_error('NO_EDIT_READ_MESSAGE');
}
}
trigger_error('NO_MESSAGE');
}
if ($action == 'quotepost')
{
if (($post['forum_id'] && !$auth->acl_get('f_read', $post['forum_id'])) || (!$post['forum_id'] && !$auth->acl_getf_global('f_read')))
{
trigger_error('NOT_AUTHORISED');
}
}
$msg_id = (int) $post['msg_id'];
$folder_id = (isset($post['folder_id'])) ? $post['folder_id'] : 0;
$message_text = (isset($post['message_text'])) ? $post['message_text'] : '';
if ((!$post['author_id'] || ($post['author_id'] == ANONYMOUS && $action != 'delete')) && $msg_id)
{
trigger_error('NO_AUTHOR');
}
if ($action == 'quotepost')
{
// Decode text for message display
decode_message($message_text, $post['bbcode_uid']);
}
if ($action != 'delete')
{
$enable_urls = $post['enable_magic_url'];
$enable_sig = (isset($post['enable_sig'])) ? $post['enable_sig'] : 0;
$message_attachment = (isset($post['message_attachment'])) ? $post['message_attachment'] : 0;
$message_subject = $post['message_subject'];
$message_time = $post['message_time'];
$bbcode_uid = $post['bbcode_uid'];
$quote_username = (isset($post['quote_username'])) ? $post['quote_username'] : '';
$icon_id = (isset($post['icon_id'])) ? $post['icon_id'] : 0;
if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !sizeof($address_list) && !$refresh && !$submit && !$preview)
{
$address_list = array('u' => array($post['author_id'] => 'to'));
}
else if ($action == 'edit' && !sizeof($address_list) && !$refresh && !$submit && !$preview)
{
// Rebuild TO and BCC Header
$address_list = rebuild_header(array('to' => $post['to_address'], 'bcc' => $post['bcc_address']));
}
if ($action == 'quotepost')
{
$check_value = 0;
}
else
{
$check_value = (($post['enable_bbcode']+1) << 8) + (($post['enable_smilies']+1) << 4) + (($enable_urls+1) << 2) + (($post['enable_sig']+1) << 1);
}
}
}
else
{
$message_attachment = 0;
$message_text = $message_subject = '';
if ($to_user_id && $action == 'post')
{
$address_list['u'][$to_user_id] = 'to';
}
else if ($to_group_id && $action == 'post')
{
$address_list['g'][$to_group_id] = 'to';
}
$check_value = 0;
}
if (($to_group_id || isset($address_list['g'])) && (!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')))
{
trigger_error('NO_AUTH_GROUP_MESSAGE');
}
if ($action == 'edit' && !$refresh && !$preview && !$submit)
{
if (!($message_time > time() - ($config['pm_edit_time'] * 60) || !$config['pm_edit_time']))
{
trigger_error('CANNOT_EDIT_MESSAGE_TIME');
}
}
if ($action == 'post')
{
$template->assign_var('S_NEW_MESSAGE', true);
}
if (!isset($icon_id))
{
$icon_id = 0;
}
$message_parser = new parse_message();
$message_parser->message = ($action == 'reply') ? '' : $message_text;
unset($message_text);
$s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id);
$s_action .= ($msg_id) ? "&p=$msg_id" : '';
// Delete triggered ?
if ($action == 'delete')
{
// Folder id has been determined by the SQL Statement
// $folder_id = request_var('f', PRIVMSGS_NO_BOX);
// Do we need to confirm ?
if (confirm_box(true))
{
delete_pm($user->data['user_id'], $msg_id, $folder_id);
// jump to next message in "history"? nope, not for the moment. But able to be included later.
$meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id");
$message = $user->lang['MESSAGE_DELETED'];
meta_refresh(3, $meta_info);
$message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
}
else
{
$s_hidden_fields = array(
'p' => $msg_id,
'f' => $folder_id,
'action' => 'delete'
);
// "{$phpbb_root_path}ucp.$phpEx?i=pm&mode=compose"
confirm_box(false, 'DELETE_MESSAGE', build_hidden_fields($s_hidden_fields));
}
redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&action=view_message&p=' . $msg_id));
}
// Handle User/Group adding/removing
handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc);
// Check for too many recipients
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1)
{
$address_list = get_recipient_pos($address_list, 1);
$error[] = $user->lang['TOO_MANY_RECIPIENTS'];
}
// Always check if the submitted attachment data is valid and belongs to the user.
// Further down (especially in submit_post()) we do not check this again.
$message_parser->get_submitted_attachment_data();
if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit')
{
// Do not change to SELECT *
$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
FROM ' . ATTACHMENTS_TABLE . "
WHERE post_msg_id = $msg_id
AND in_message = 1
AND is_orphan = 0
ORDER BY filetime DESC";
$result = $db->sql_query($sql);
$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
$db->sql_freeresult($result);
}
if (!in_array($action, array('quote', 'edit', 'delete', 'forward')))
{
$enable_sig = ($config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig') && $user->optionget('attachsig'));
$enable_smilies = ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smilies'));
$enable_bbcode = ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode'));
$enable_urls = true;
}
$enable_magic_url = $drafts = false;
// User own some drafts?
if ($auth->acl_get('u_savedrafts') && $action != 'delete')
{
$sql = 'SELECT draft_id
FROM ' . DRAFTS_TABLE . '
WHERE forum_id = 0
AND topic_id = 0
AND user_id = ' . $user->data['user_id'] .
(($draft_id) ? " AND draft_id <> $draft_id" : '');
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
$drafts = true;
}
}
if ($action == 'edit')
{
$message_parser->bbcode_uid = $bbcode_uid;
}
$bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false;
$smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')) ? true : false;
$img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')) ? true : false;
$flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')) ? true : false;
$url_status = ($config['allow_post_links']) ? true : false;
// Save Draft
if ($save && $auth->acl_get('u_savedrafts'))
{
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$subject = (!$subject && $action != 'post') ? $user->lang['NEW_MESSAGE'] : $subject;
$message = utf8_normalize_nfc(request_var('message', '', true));
if ($subject && $message)
{
if (confirm_box(true))
{
$sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'user_id' => $user->data['user_id'],
'topic_id' => 0,
'forum_id' => 0,
'save_time' => $current_time,
'draft_subject' => $subject,
'draft_message' => $message)
);
$db->sql_query($sql);
$redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=$mode");
meta_refresh(3, $redirect_url);
$message = $user->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
trigger_error($message);
}
else
{
$s_hidden_fields = build_hidden_fields(array(
'mode' => $mode,
'action' => $action,
'save' => true,
'subject' => $subject,
'message' => $message,
'u' => $to_user_id,
'g' => $to_group_id,
'p' => $msg_id)
);
confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
}
}
else
{
if (!$subject || !utf8_clean_string($subject))
{
$error[] = $user->lang['EMPTY_MESSAGE_SUBJECT'];
}
if (!$message)
{
$error[] = $user->lang['TOO_FEW_CHARS'];
}
}
unset($subject, $message);
}
// Load Draft
if ($draft_id && $auth->acl_get('u_savedrafts'))
{
$sql = 'SELECT draft_subject, draft_message
FROM ' . DRAFTS_TABLE . "
WHERE draft_id = $draft_id
AND topic_id = 0
AND forum_id = 0
AND user_id = " . $user->data['user_id'];
$result = $db->sql_query_limit($sql, 1);
if ($row = $db->sql_fetchrow($result))
{
$message_parser->message = $row['draft_message'];
$message_subject = $row['draft_subject'];
$template->assign_var('S_DRAFT_LOADED', true);
}
else
{
$draft_id = 0;
}
$db->sql_freeresult($result);
}
// Load Drafts
if ($load && $drafts)
{
load_drafts(0, 0, $id);
}
if ($submit || $preview || $refresh)
{
if (!check_form_key('ucp_pm_compose'))
{
$error[] = $user->lang['FORM_INVALID'];
}
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
$icon_id = request_var('icon', 0);
$enable_bbcode = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
$enable_smilies = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
$enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1;
$enable_sig = (!$config['allow_sig'] ||!$config['allow_sig_pm']) ? false : ((isset($_POST['attach_sig'])) ? true : false);
if ($submit)
{
$status_switch = (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1);
$status_switch = ($status_switch != $check_value);
}
else
{
$status_switch = 1;
}
// Parse Attachments - before checksum is calculated
$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
if (sizeof($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc))
{
$error[] = implode('<br />', $message_parser->warn_msg);
$message_parser->warn_msg = array();
}
// Parse message
$message_parser->parse($enable_bbcode, ($config['allow_post_links']) ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']);
// On a refresh we do not care about message parsing errors
if (sizeof($message_parser->warn_msg) && !$refresh)
{
$error[] = implode('<br />', $message_parser->warn_msg);
}
if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood'))
{
// Flood check
$last_post_time = $user->data['user_lastpost_time'];
if ($last_post_time)
{
if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
{
$error[] = $user->lang['FLOOD_ERROR'];
}
}
}
// Subject defined
if ($submit)
{
if (!$subject || !utf8_clean_string($subject))
{
$error[] = $user->lang['EMPTY_MESSAGE_SUBJECT'];
}
if (!sizeof($address_list))
{
$error[] = $user->lang['NO_RECIPIENT'];
}
}
// Store message, sync counters
if (!sizeof($error) && $submit)
{
$pm_data = array(
'msg_id' => (int) $msg_id,
'from_user_id' => $user->data['user_id'],
'from_user_ip' => $user->ip,
'from_username' => $user->data['username'],
'reply_from_root_level' => (isset($post['root_level'])) ? (int) $post['root_level'] : 0,
'reply_from_msg_id' => (int) $msg_id,
'icon_id' => (int) $icon_id,
'enable_sig' => (bool) $enable_sig,
'enable_bbcode' => (bool) $enable_bbcode,
'enable_smilies' => (bool) $enable_smilies,
'enable_urls' => (bool) $enable_urls,
'bbcode_bitfield' => $message_parser->bbcode_bitfield,
'bbcode_uid' => $message_parser->bbcode_uid,
'message' => $message_parser->message,
'attachment_data' => $message_parser->attachment_data,
'filename_data' => $message_parser->filename_data,
'address_list' => $address_list
);
unset($message_parser);
// ((!$message_subject) ? $subject : $message_subject)
$msg_id = submit_pm($action, $subject, $pm_data);
$return_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&p=' . $msg_id);
$return_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox');
meta_refresh(3, $return_message_url);
$message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $user->lang['PM_OUTBOX']);
trigger_error($message);
}
$message_subject = $subject;
}
// Preview
if (!sizeof($error) && $preview)
{
$user->add_lang('viewtopic');
$preview_message = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
$preview_signature = $user->data['user_sig'];
$preview_signature_uid = $user->data['user_sig_bbcode_uid'];
$preview_signature_bitfield = $user->data['user_sig_bbcode_bitfield'];
// Signature
if ($enable_sig && $config['allow_sig'] && $preview_signature)
{
$parse_sig = new parse_message($preview_signature);
$parse_sig->bbcode_uid = $preview_signature_uid;
$parse_sig->bbcode_bitfield = $preview_signature_bitfield;
$parse_sig->format_display($enable_bbcode, $enable_urls, $enable_smilies);
$preview_signature = $parse_sig->message;
unset($parse_sig);
}
else
{
$preview_signature = '';
}
// Attachment Preview
if (sizeof($message_parser->attachment_data))
{
$template->assign_var('S_HAS_ATTACHMENTS', true);
$update_count = array();
$attachment_data = $message_parser->attachment_data;
parse_attachments(false, $preview_message, $attachment_data, $update_count, true);
foreach ($attachment_data as $i => $attachment)
{
$template->assign_block_vars('attachment', array(
'DISPLAY_ATTACHMENT' => $attachment)
);
}
unset($attachment_data);
}
$preview_subject = censor_text($subject);
if (!sizeof($error))
{
$template->assign_vars(array(
'PREVIEW_SUBJECT' => $preview_subject,
'PREVIEW_MESSAGE' => $preview_message,
'PREVIEW_SIGNATURE' => $preview_signature,
'S_DISPLAY_PREVIEW' => true)
);
}
unset($message_text);
}
// Decode text for message display
$bbcode_uid = (($action == 'quote' || $action == 'forward') && !$preview && !$refresh && !sizeof($error)) ? $bbcode_uid : $message_parser->bbcode_uid;
$message_parser->decode_message($bbcode_uid);
if (($action == 'quote' || $action == 'quotepost') && !$preview && !$refresh && !$submit)
{
if ($action == 'quotepost')
{
$post_id = request_var('p', 0);
if ($config['allow_post_links'])
{
$message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}: {$message_subject}[/url]\n\n";
}
else
{
$message_link = $user->lang['SUBJECT'] . ': ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n";
}
}
else
{
$message_link = '';
}
$message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
}
if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh)
{
$message_subject = ((!preg_match('/^Re:/', $message_subject)) ? 'Re: ' : '') . censor_text($message_subject);
}
if ($action == 'forward' && !$preview && !$refresh && !$submit)
{
$fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true);
if ($config['allow_post_links'])
{
$quote_username_text = '[url=' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]";
}
else
{
$quote_username_text = $quote_username . ' (' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']})";
}
$forward_text = array();
$forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE'];
$forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject));
$forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time));
$forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text);
$forward_text[] = sprintf($user->lang['FWD_TO'], implode(', ', $fwd_to_field['to']));
$message_parser->message = implode("\n", $forward_text) . "\n\n[quote=\"{$quote_username}\"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]";
$message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject);
}
$attachment_data = $message_parser->attachment_data;
$filename_data = $message_parser->filename_data;
$message_text = $message_parser->message;
unset($message_parser);
// MAIN PM PAGE BEGINS HERE
// Generate smiley listing
generate_smilies('inline', 0);
// Generate PM Icons
$s_pm_icons = false;
if ($config['enable_pm_icons'])
{
$s_pm_icons = posting_gen_topic_icons($action, $icon_id);
}
// Generate inline attachment select box
posting_gen_inline_attachments($attachment_data);
// Build address list for display
// array('u' => array($author_id => 'to'));
if (sizeof($address_list))
{
// Get Usernames and Group Names
$result = array();
if (!empty($address_list['u']))
{
$sql = 'SELECT user_id as id, username as name, user_colour as colour
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($address_list['u']))) . '
ORDER BY username_clean ASC';
$result['u'] = $db->sql_query($sql);
}
if (!empty($address_list['g']))
{
$sql = 'SELECT g.group_id AS id, g.group_name AS name, g.group_colour AS colour, g.group_type
FROM ' . GROUPS_TABLE . ' g';
if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
{
$sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug
ON (
g.group_id = ug.group_id
AND ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
)
WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
}
$sql .= ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' WHERE ' : ' AND ';
$sql .= 'g.group_receive_pm = 1
AND ' . $db->sql_in_set('g.group_id', array_map('intval', array_keys($address_list['g']))) . '
ORDER BY g.group_name ASC';
$result['g'] = $db->sql_query($sql);
}
$u = $g = array();
$_types = array('u', 'g');
foreach ($_types as $type)
{
if (isset($result[$type]) && $result[$type])
{
while ($row = $db->sql_fetchrow($result[$type]))
{
if ($type == 'g')
{
$row['name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['name']] : $row['name'];
}
${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']);
}
$db->sql_freeresult($result[$type]);
}
}
// Now Build the address list
$plain_address_field = '';
foreach ($address_list as $type => $adr_ary)
{
foreach ($adr_ary as $id => $field)
{
if (!isset(${$type}[$id]))
{
unset($address_list[$type][$id]);
continue;
}
$field = ($field == 'to') ? 'to' : 'bcc';
$type = ($type == 'u') ? 'u' : 'g';
$id = (int) $id;
$tpl_ary = array(
'IS_GROUP' => ($type == 'g') ? true : false,
'IS_USER' => ($type == 'u') ? true : false,
'UG_ID' => $id,
'NAME' => ${$type}[$id]['name'],
'COLOUR' => (${$type}[$id]['colour']) ? '#' . ${$type}[$id]['colour'] : '',
'TYPE' => $type,
);
if ($type == 'u')
{
$tpl_ary = array_merge($tpl_ary, array(
'U_VIEW' => get_username_string('profile', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']),
'NAME_FULL' => get_username_string('full', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']),
));
}
else
{
$tpl_ary = array_merge($tpl_ary, array(
'U_VIEW' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $id),
));
}
$template->assign_block_vars($field . '_recipient', $tpl_ary);
}
}
}
// Build hidden address list
$s_hidden_address_field = '';
foreach ($address_list as $type => $adr_ary)
{
foreach ($adr_ary as $id => $field)
{
$s_hidden_address_field .= '<input type="hidden" name="address_list[' . (($type == 'u') ? 'u' : 'g') . '][' . (int) $id . ']" value="' . (($field == 'to') ? 'to' : 'bcc') . '" />';
}
}
$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1);
$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0;
$sig_checked = $enable_sig;
switch ($action)
{
case 'post':
$page_title = $user->lang['POST_NEW_PM'];
break;
case 'quote':
$page_title = $user->lang['POST_QUOTE_PM'];
break;
case 'quotepost':
$page_title = $user->lang['POST_PM_POST'];
break;
case 'reply':
$page_title = $user->lang['POST_REPLY_PM'];
break;
case 'edit':
$page_title = $user->lang['POST_EDIT_PM'];
break;
case 'forward':
$page_title = $user->lang['POST_FORWARD_PM'];
break;
default:
trigger_error('NO_ACTION_MODE', E_USER_ERROR);
break;
}
$s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
$s_hidden_fields .= (isset($check_value)) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : '';
$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : '';
$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach')) ? '' : ' enctype="multipart/form-data"';
// Start assigning vars for main posting page ...
$template->assign_vars(array(
'L_POST_A' => $page_title,
'L_ICON' => $user->lang['PM_ICON'],
'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',
'SUBJECT' => (isset($message_subject)) ? $message_subject : '',
'MESSAGE' => $message_text,
'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
'URL_STATUS' => ($url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']),
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'S_COMPOSE_PM' => true,
'S_EDIT_POST' => ($action == 'edit'),
'S_SHOW_PM_ICONS' => $s_pm_icons,
'S_BBCODE_ALLOWED' => $bbcode_status,
'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '',
'S_SMILIES_ALLOWED' => $smilies_status,
'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
'S_SIG_ALLOWED' => ($config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig')),
'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '',
'S_LINKS_ALLOWED' => $url_status,
'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '',
'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $action != 'edit') ? true : false,
'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $drafts),
'S_FORM_ENCTYPE' => $form_enctype,
'S_BBCODE_IMG' => $img_status,
'S_BBCODE_FLASH' => $flash_status,
'S_BBCODE_QUOTE' => true,
'S_BBCODE_URL' => $url_status,
'S_POST_ACTION' => $s_action,
'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']),
'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup'),
'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup')),
));
// Build custom bbcodes array
display_custom_bbcodes();
// Attachment entry
if ($auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype)
{
posting_gen_attachment_entry($attachment_data, $filename_data);
}
// Message History
if ($action == 'reply' || $action == 'quote' || $action == 'forward')
{
if (message_history($msg_id, $user->data['user_id'], $post, array(), true))
{
$template->assign_var('S_DISPLAY_HISTORY', true);
}
}
}
/**
* Fill posts array with data
*
* @param array $row Database row
* @param int $text_length Text length
* @param int $i Array pointer
* @param int $have_icons Whether any post has icons
* @param array $posts The posts array
* @param array $topic_icons List of topic icons
*/
public function fill_posts_array($row, $text_length, $i, &$have_icons, &$posts, &$topic_icons)
{
$update_count = array();
// Get attachments
$attachments = $this->get_post_attachments($row);
$posts[$i]['bbcode_uid'] = $row['bbcode_uid'];
// Format message
$message = $this->format_message($row, $text_length, $posts[$i]['striped']);
$row['bbcode_options'] = $this->get_setting_based_data($row['enable_bbcode'], OPTION_FLAG_BBCODE, 0) + $this->get_setting_based_data($row['enable_smilies'], OPTION_FLAG_SMILIES, 0) + $this->get_setting_based_data($row['enable_magic_url'], OPTION_FLAG_LINKS, 0);
$message = generate_text_for_display($message, $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']);
if (!empty($attachments)) {
parse_attachments($row['forum_id'], $message, $attachments, $update_count);
}
// Get proper global ID
$this->global_id = $this->get_setting_based_data($this->global_id, $this->global_id, $row['forum_id']);
$topic_icons[] = $row['enable_icons'];
$have_icons = $this->get_setting_based_data($row['icon_id'], 1, $have_icons);
$posts[$i] = array_merge($posts[$i], array('post_text' => ap_validate($message), 'topic_id' => $row['topic_id'], 'topic_last_post_id' => $row['topic_last_post_id'], 'topic_type' => $row['topic_type'], 'topic_posted' => $this->get_setting_based_data(isset($row['topic_posted']) && $row['topic_posted'], true, false), 'icon_id' => $row['icon_id'], 'topic_status' => $row['topic_status'], 'forum_id' => $row['forum_id'], 'topic_replies' => $row['topic_posts_approved'] + $row['topic_posts_unapproved'] + $row['topic_posts_softdeleted'] - 1, 'topic_replies_real' => $row['topic_posts_approved'] - 1, 'topic_time' => $this->user->format_date($row['post_time']), 'topic_last_post_time' => $row['topic_last_post_time'], 'topic_title' => $row['topic_title'], 'username' => $row['username'], 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $row['post_username']), 'username_full_last' => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour'], $row['topic_last_poster_name']), 'user_id' => $row['user_id'], 'user_type' => $row['user_type'], 'user_colour' => $row['user_colour'], 'poll' => $this->get_setting_based_data($row['poll_title'], true, false), 'attachment' => $this->get_setting_based_data($row['topic_attachment'], true, false), 'topic_views' => $row['topic_views'], 'forum_name' => $row['forum_name'], 'attachments' => $this->get_setting_based_data($attachments, $attachments, array())));
$posts['global_id'] = $this->global_id;
}
/**
* Topic Review
*/
function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true)
{
global $user, $auth, $db, $template, $bbcode, $cache;
global $config, $phpbb_root_path, $phpEx;
// Go ahead and pull all data for this topic
$sql = 'SELECT p.post_id
FROM ' . POSTS_TABLE . ' p' . "\n\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t" . (!$auth->acl_get('m_approve', $forum_id) ? 'AND p.post_approved = 1' : '') . '
' . ($mode == 'post_review' ? " AND p.post_id > {$cur_post_id}" : '') . '
' . ($mode == 'post_review_edit' ? " AND p.post_id = {$cur_post_id}" : '') . '
ORDER BY p.post_time ';
$sql .= $mode == 'post_review' ? 'ASC' : 'DESC';
$result = $db->sql_query_limit($sql, $config['posts_per_page']);
$post_list = array();
while ($row = $db->sql_fetchrow($result)) {
$post_list[] = $row['post_id'];
}
$db->sql_freeresult($result);
if (!sizeof($post_list)) {
return false;
}
// Handle 'post_review_edit' like 'post_review' from now on
if ($mode == 'post_review_edit') {
$mode = 'post_review';
}
$sql = $db->sql_build_query('SELECT', array('SELECT' => 'u.username, u.user_id, u.user_colour, p.*, z.friend, z.foe', 'FROM' => array(USERS_TABLE => 'u', POSTS_TABLE => 'p'), 'LEFT_JOIN' => array(array('FROM' => array(ZEBRA_TABLE => 'z'), 'ON' => 'z.user_id = ' . $user->data['user_id'] . ' AND z.zebra_id = p.poster_id')), 'WHERE' => $db->sql_in_set('p.post_id', $post_list) . '
AND u.user_id = p.poster_id'));
$result = $db->sql_query($sql);
$bbcode_bitfield = '';
$rowset = array();
$has_attachments = false;
while ($row = $db->sql_fetchrow($result)) {
$rowset[$row['post_id']] = $row;
$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
if ($row['post_attachment']) {
$has_attachments = true;
}
}
$db->sql_freeresult($result);
// Instantiate BBCode class
if (!isset($bbcode) && $bbcode_bitfield !== '') {
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode(base64_encode($bbcode_bitfield));
}
// Grab extensions
$extensions = $attachments = array();
if ($has_attachments && $auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id)) {
$extensions = $cache->obtain_attach_extensions($forum_id);
// Get attachments...
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $post_list) . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) {
// A non-existing rowset only happens if there was no user present for the entered poster_id
// This could be a broken posts table.
if (!isset($rowset[$post_list[$i]])) {
continue;
}
$row =& $rowset[$post_list[$i]];
$poster_id = $row['user_id'];
$post_subject = $row['post_subject'];
$message = censor_text($row['post_text']);
$decoded_message = false;
if ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) {
$decoded_message = $message;
decode_message($decoded_message, $row['bbcode_uid']);
$decoded_message = bbcode_nl2br($decoded_message);
}
if ($row['bbcode_bitfield']) {
$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message, !$row['enable_smilies']);
if (!empty($attachments[$row['post_id']])) {
$update_count = array();
parse_attachments($forum_id, $message, $attachments[$row['post_id']], $update_count);
}
$post_subject = censor_text($post_subject);
$post_anchor = $mode == 'post_review' ? 'ppr' . $row['post_id'] : 'pr' . $row['post_id'];
$u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "f={$forum_id}&t={$topic_id}&p={$row['post_id']}&view=show#p{$row['post_id']}");
$template->assign_block_vars($mode . '_row', array('POST_AUTHOR_FULL' => get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'S_HAS_ATTACHMENTS' => !empty($attachments[$row['post_id']]) ? true : false, 'S_FRIEND' => $row['friend'] ? true : false, 'S_IGNORE_POST' => $row['foe'] ? true : false, 'L_IGNORE_POST' => $row['foe'] ? sprintf($user->lang['POST_BY_FOE'], get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), "<a href=\"{$u_show_post}\" onclick=\"dE('{$post_anchor}', 1); return false;\">", '</a>') : '', 'POST_SUBJECT' => $post_subject, 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 'POST_DATE' => $user->format_date($row['post_time']), 'MESSAGE' => $message, 'DECODED_MESSAGE' => $decoded_message, 'POST_ID' => $row['post_id'], 'U_MINI_POST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'p=' . $row['post_id']) . '#p' . $row['post_id'], 'U_MCP_DETAILS' => $auth->acl_get('m_info', $forum_id) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=main&mode=post_details&f=' . $forum_id . '&p=' . $row['post_id'], true, $user->session_id) : '', 'POSTER_QUOTE' => $show_quote_button && $auth->acl_get('f_reply', $forum_id) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : ''));
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments[$row['post_id']])) {
foreach ($attachments[$row['post_id']] as $attachment) {
$template->assign_block_vars($mode . '_row.attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
unset($rowset[$post_list[$i]]);
}
if ($mode == 'topic_review') {
$template->assign_var('QUOTE_IMG', $user->img('icon_post_quote', $user->lang['REPLY_WITH_QUOTE']));
}
return true;
}
function save_raw_post_func($xmlrpc_params)
{
global $db, $auth, $user, $config, $template, $cache, $phpEx, $phpbb_root_path, $phpbb_home;
$user->setup('posting');
include $phpbb_root_path . 'includes/message_parser.' . $phpEx;
$params = php_xmlrpc_decode($xmlrpc_params);
$submit = true;
$preview = false;
$refresh = false;
$mode = 'edit';
// get post information from parameters
$post_id = intval($params[0]);
$post_title = $params[1];
$post_content = $params[2];
$GLOBALS['return_html'] = isset($params[3]) ? $params[3] : false;
$post_data = array();
$sql = 'SELECT p.*, t.*, f.*, u.username
FROM ' . POSTS_TABLE . ' p
LEFT JOIN ' . TOPICS_TABLE . ' t ON (p.topic_id = t.topic_id)
LEFT JOIN ' . FORUMS_TABLE . ' f ON (t.forum_id = f.forum_id OR (t.topic_type = ' . POST_GLOBAL . ' AND f.forum_type = ' . FORUM_POST . '))
LEFT JOIN ' . USERS_TABLE . ' u ON (p.poster_id = u.user_id)' . "\r\r\n WHERE p.post_id = {$post_id}";
$result = $db->sql_query_limit($sql, 1);
$post_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$post_data) {
trigger_error('NO_POST');
}
// Use post_row values in favor of submitted ones...
$forum_id = (int) $post_data['forum_id'];
$topic_id = (int) $post_data['topic_id'];
$post_id = (int) $post_id;
// Need to login to passworded forum first?
if ($post_data['forum_password'] && !check_forum_password($forum_id)) {
trigger_error('LOGIN_FORUM');
}
// Is the user able to read within this forum?
if (!$auth->acl_get('f_read', $forum_id)) {
trigger_error('USER_CANNOT_READ');
}
// Permission to do the action asked?
if (!($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))) {
trigger_error('USER_CANNOT_EDIT');
}
// Forum/Topic locked?
if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) {
trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
}
// Can we edit this post ... if we're a moderator with rights then always yes
// else it depends on editing times, lock status and if we're the correct user
if (!$auth->acl_get('m_edit', $forum_id)) {
if ($user->data['user_id'] != $post_data['poster_id']) {
trigger_error('USER_CANNOT_EDIT');
}
if (!($post_data['post_time'] > time() - $config['edit_time'] * 60 || !$config['edit_time'])) {
trigger_error('CANNOT_EDIT_TIME');
}
if ($post_data['post_edit_locked']) {
trigger_error('CANNOT_EDIT_POST_LOCKED');
}
}
// Determine some vars
if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) {
$post_data['quote_username'] = !empty($post_data['post_username']) ? $post_data['post_username'] : $user->lang['GUEST'];
} else {
$post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
}
$post_data['post_edit_locked'] = isset($post_data['post_edit_locked']) ? (int) $post_data['post_edit_locked'] : 0;
$post_data['post_subject'] = in_array($mode, array('quote', 'edit')) ? $post_data['post_subject'] : (isset($post_data['topic_title']) ? $post_data['topic_title'] : '');
$post_data['topic_time_limit'] = isset($post_data['topic_time_limit']) ? $post_data['topic_time_limit'] ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit'] : 0;
$post_data['poll_length'] = !empty($post_data['poll_length']) ? (int) $post_data['poll_length'] / 86400 : 0;
$post_data['poll_start'] = !empty($post_data['poll_start']) ? (int) $post_data['poll_start'] : 0;
$post_data['icon_id'] = !isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply')) ? 0 : (int) $post_data['icon_id'];
$post_data['poll_options'] = array();
// Get Poll Data
if ($post_data['poll_start']) {
$sql = 'SELECT poll_option_text
FROM ' . POLL_OPTIONS_TABLE . "\r\r\n WHERE topic_id = {$topic_id}\r\r\n ORDER BY poll_option_id";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$post_data['poll_options'][] = trim($row['poll_option_text']);
}
$db->sql_freeresult($result);
}
$orig_poll_options_size = sizeof($post_data['poll_options']);
$message_parser = new parse_message();
if (isset($post_data['post_text'])) {
$message_parser->message =& $post_data['post_text'];
unset($post_data['post_text']);
}
// Set some default variables
$uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
foreach ($uninit as $var_name => $default_value) {
if (!isset($post_data[$var_name])) {
$post_data[$var_name] = $default_value;
}
}
unset($uninit);
// Always check if the submitted attachment data is valid and belongs to the user.
// Further down (especially in submit_post()) we do not check this again.
$message_parser->get_submitted_attachment_data($post_data['poster_id']);
if ($post_data['post_attachment'] && !$refresh && !$preview && $mode == 'edit') {
// Do not change to SELECT *
$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
FROM ' . ATTACHMENTS_TABLE . "\r\r\n WHERE post_msg_id = {$post_id}\r\r\n AND in_message = 0\r\r\n AND is_orphan = 0\r\r\n ORDER BY filetime DESC";
$result = $db->sql_query($sql);
$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
$db->sql_freeresult($result);
}
if ($post_data['poster_id'] == ANONYMOUS) {
$post_data['username'] = $mode == 'quote' || $mode == 'edit' ? trim($post_data['post_username']) : '';
} else {
$post_data['username'] = $mode == 'quote' || $mode == 'edit' ? trim($post_data['username']) : '';
}
$post_data['enable_urls'] = $post_data['enable_magic_url'];
$post_data['enable_magic_url'] = $post_data['drafts'] = false;
$check_value = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1);
// Check if user is watching this topic
/*if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
{
$sql = 'SELECT topic_id
FROM ' . TOPICS_WATCH_TABLE . '
WHERE topic_id = ' . $topic_id . '
AND user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
$db->sql_freeresult($result);
}*/
// Do we want to edit our post ?
if ($post_data['bbcode_uid']) {
$message_parser->bbcode_uid = $post_data['bbcode_uid'];
}
// HTML, BBCode, Smilies, Images and Flash status
$bbcode_status = $config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id) ? true : false;
$smilies_status = $bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id) ? true : false;
$img_status = $bbcode_status && $auth->acl_get('f_img', $forum_id) ? true : false;
$url_status = $config['allow_post_links'] ? true : false;
$flash_status = $bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash'] ? true : false;
$quote_status = $auth->acl_get('f_reply', $forum_id) ? true : false;
$solved_captcha = false;
$post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0);
$post_data['post_subject'] = utf8_normalize_nfc($post_title);
$message_parser->message = utf8_normalize_nfc(htmlspecialchars($post_content));
$post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
$post_data['post_edit_reason'] = !empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
$post_data['orig_topic_type'] = $post_data['topic_type'];
$post_data['topic_type'] = request_var('topic_type', $mode != 'post' ? (int) $post_data['topic_type'] : POST_NORMAL);
$post_data['topic_time_limit'] = request_var('topic_time_limit', $mode != 'post' ? (int) $post_data['topic_time_limit'] : 0);
$post_data['icon_id'] = request_var('icon', 0);
$post_data['enable_bbcode'] = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true;
$post_data['enable_smilies'] = !$smilies_status || isset($_POST['disable_smilies']) ? false : true;
$post_data['enable_urls'] = isset($_POST['disable_magic_url']) ? 0 : 1;
$post_data['enable_sig'] = !$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig') ? false : ($user->data['is_registered'] ? true : false);
if ($config['allow_topic_notify'] && $user->data['is_registered']) {
$notify = isset($_POST['notify']) ? true : false;
} else {
$notify = false;
}
$topic_lock = isset($_POST['lock_topic']) ? true : $post_data['topic_status'];
$post_lock = isset($_POST['lock_post']) ? true : $post_data['post_edit_locked'];
$poll_delete = isset($_POST['poll_delete']) ? true : false;
$status_switch = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1);
$status_switch = $status_switch != $check_value;
//$post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true));
//$post_data['poll_length'] = request_var('poll_length', 0);
//$post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true));
$post_data['poll_option_text'] = implode("\n", $post_data['poll_options']);
//$post_data['poll_max_options'] = request_var('poll_max_options', 1);
//$post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
// Parse Attachments - before checksum is calculated
$message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
// Grab md5 'checksum' of new message
$message_md5 = md5($message_parser->message);
// Check checksum ... don't re-parse message if the same
$update_message = $mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN ? true : false;
// Parse message
if ($update_message) {
if (sizeof($message_parser->warn_msg)) {
trigger_error(join("\n", $message_parser->warn_msg));
}
$message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
} else {
$message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
}
// Validate username
if ($post_data['username'] && !$user->data['is_registered'] || $mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
if (($result = validate_username($post_data['username'], !empty($post_data['post_username']) ? $post_data['post_username'] : '')) !== false) {
$user->add_lang('ucp');
trigger_error($result . '_USERNAME');
}
}
// Parse subject
if (utf8_clean_string($post_data['post_subject']) === '' && $post_data['topic_first_post_id'] == $post_id) {
trigger_error('EMPTY_SUBJECT');
}
$post_data['poll_last_vote'] = isset($post_data['poll_last_vote']) ? $post_data['poll_last_vote'] : 0;
if ($post_data['poll_option_text'] && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id)) {
$poll = array('poll_title' => $post_data['poll_title'], 'poll_length' => $post_data['poll_length'], 'poll_max_options' => $post_data['poll_max_options'], 'poll_option_text' => $post_data['poll_option_text'], 'poll_start' => $post_data['poll_start'], 'poll_last_vote' => $post_data['poll_last_vote'], 'poll_vote_change' => $post_data['poll_vote_change'], 'enable_bbcode' => $post_data['enable_bbcode'], 'enable_urls' => $post_data['enable_urls'], 'enable_smilies' => $post_data['enable_smilies'], 'img_status' => $img_status);
$message_parser->parse_poll($poll);
$post_data['poll_options'] = isset($poll['poll_options']) ? $poll['poll_options'] : '';
$post_data['poll_title'] = isset($poll['poll_title']) ? $poll['poll_title'] : '';
} else {
$poll = array();
}
// Check topic type
if ($post_data['topic_type'] != POST_NORMAL && $post_data['topic_first_post_id'] == $post_id) {
switch ($post_data['topic_type']) {
case POST_GLOBAL:
case POST_ANNOUNCE:
$auth_option = 'f_announce';
break;
case POST_STICKY:
$auth_option = 'f_sticky';
break;
default:
$auth_option = '';
break;
}
if (!$auth->acl_get($auth_option, $forum_id)) {
// There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
// Another case would be a mod not having sticky permissions for example but edit permissions.
// To prevent non-authed users messing around with the topic type we reset it to the original one.
$post_data['topic_type'] = $post_data['orig_topic_type'];
}
}
// DNSBL check
if ($config['check_dnsbl']) {
if (($dnsbl = $user->check_dnsbl('post')) !== false) {
trigger_error(sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]));
}
}
// Check if we want to de-globalize the topic... and ask for new forum
if ($post_data['topic_type'] != POST_GLOBAL) {
$sql = 'SELECT topic_type, forum_id
FROM ' . TOPICS_TABLE . "\r\r\n WHERE topic_id = {$topic_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL) {
$to_forum_id = request_var('to_forum_id', 0);
if ($to_forum_id) {
$sql = 'SELECT forum_type
FROM ' . FORUMS_TABLE . '
WHERE forum_id = ' . $to_forum_id;
$result = $db->sql_query($sql);
$forum_type = (int) $db->sql_fetchfield('forum_type');
$db->sql_freeresult($result);
if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id)) {
$to_forum_id = 0;
}
}
if (!$to_forum_id) {
include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx;
$template->assign_vars(array('S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true), 'S_UNGLOBALISE' => true));
$submit = false;
$refresh = true;
} else {
if (!$auth->acl_get('f_post', $to_forum_id)) {
// This will only be triggered if the user tried to trick the forum.
trigger_error('NOT_AUTHORISED');
}
$forum_id = $to_forum_id;
}
}
}
// Lock/Unlock Topic
$change_topic_status = $post_data['topic_status'];
$perm_lock_unlock = $auth->acl_get('m_lock', $forum_id) || $auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED ? true : false;
if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) {
$change_topic_status = ITEM_UNLOCKED;
} else {
if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) {
$change_topic_status = ITEM_LOCKED;
}
}
if ($change_topic_status != $post_data['topic_status']) {
$sql = 'UPDATE ' . TOPICS_TABLE . "\r\r\n SET topic_status = {$change_topic_status}\r\r\n WHERE topic_id = {$topic_id}\r\r\n AND topic_moved_id = 0";
$db->sql_query($sql);
$user_lock = $auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster'] ? 'USER_' : '';
add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . ($change_topic_status == ITEM_LOCKED ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']);
}
// Lock/Unlock Post Edit
if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) {
$post_data['post_edit_locked'] = ITEM_UNLOCKED;
} else {
if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) {
$post_data['post_edit_locked'] = ITEM_LOCKED;
}
}
$data = array('topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : time(), 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => $mode == 'edit' ? $user->data['user_id'] : (isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false);
$data['topic_replies_real'] = $post_data['topic_replies_real'];
$data['topic_replies'] = $post_data['topic_replies'];
include $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$cwd = getcwd();
chdir('../');
$redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message);
chdir($cwd);
// Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected.
$approved = true;
if (($config['enable_queue_trigger'] && $user->data['user_posts'] < $config['queue_trigger_posts'] || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id'])) {
$approved = false;
}
$reply_success = false;
$post_id = '';
if ($redirect_url) {
preg_match('/&p=(\\d+)/', $redirect_url, $matches);
$post_id = $matches[1];
$reply_success = true;
// get new post_content
$message = censor_text($data['message']);
$quote_wrote_string = $user->lang['WROTE'];
$message = str_replace('[/quote:' . $data['bbcode_uid'] . ']', '[/quote]', $message);
$message = preg_replace('/\\[quote(?:="(.*?)")?:' . $data['bbcode_uid'] . '\\]/ise', "'[quote]' . ('\$1' ? '\$1' . ' {$quote_wrote_string}:\n' : '\n')", $message);
$blocks = preg_split('/(\\[\\/?quote\\])/i', $message, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
$quote_level = 0;
$message = '';
foreach ($blocks as $block) {
if ($block == '[quote]') {
if ($quote_level == 0) {
$message .= $block;
}
$quote_level++;
} else {
if ($block == '[/quote]') {
if ($quote_level <= 1) {
$message .= $block;
}
if ($quote_level >= 1) {
$quote_level--;
}
} else {
if ($quote_level <= 1) {
$message .= $block;
}
}
}
}
$message = preg_replace('/\\[(youtube|video|googlevideo|gvideo):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $data['bbcode_uid'] . '\\]/sie', "video_bbcode_format('\$1', '\$2')", $message);
$message = preg_replace('/\\[(BBvideo)[\\d, ]+:' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[url=\$2]YouTube Video[/url]", $message);
$message = preg_replace('/\\[(spoil|spoiler):' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[spoiler]\$2[/spoiler]", $message);
$message = preg_replace('/\\[b:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/b:' . $data['bbcode_uid'] . '\\]/si', '[b]$1[/b]', $message);
$message = preg_replace('/\\[i:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/i:' . $data['bbcode_uid'] . '\\]/si', '[i]$1[/i]', $message);
$message = preg_replace('/\\[u:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/u:' . $data['bbcode_uid'] . '\\]/si', '[u]$1[/u]', $message);
$message = preg_replace('/\\[color=#(\\w{6}):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/color:' . $data['bbcode_uid'] . '\\]/si', '[color=#$1]$2[/color]', $message);
// Second parse bbcode here
if ($data['bbcode_bitfield']) {
$bbcode = new bbcode(base64_encode($data['bbcode_bitfield']));
$bbcode->bbcode_second_pass($message, $data['bbcode_uid'], $data['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if (!empty($data['attachment_data'])) {
parse_attachments($forum_id, $message, $data['attachment_data'], $update_count);
}
$updated_post_title = html_entity_decode(strip_tags(censor_text($data['topic_title'])), ENT_QUOTES, 'UTF-8');
}
$xmlrpc_reply_topic = new xmlrpcval(array('result' => new xmlrpcval($reply_success, 'boolean'), 'state' => new xmlrpcval($approved ? 0 : 1, 'int'), 'post_title' => new xmlrpcval($updated_post_title, 'base64'), 'post_content' => new xmlrpcval(post_html_clean($message), 'base64')), 'struct');
return new xmlrpcresp($xmlrpc_reply_topic);
}
function main($id, $mode)
{
global $auth, $db, $user, $template, $cache;
global $config, $phpbb_root_path, $phpEx, $action;
include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$forum_id = request_var('f', 0);
$start = request_var('start', 0);
$this->page_title = 'MCP_QUEUE';
switch ($action) {
case 'approve':
case 'disapprove':
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$post_id_list = request_var('post_id_list', array(0));
if (!sizeof($post_id_list)) {
trigger_error('NO_POST_SELECTED');
}
if ($action == 'approve') {
approve_post($post_id_list, 'queue', $mode);
} else {
disapprove_post($post_id_list, 'queue', $mode);
}
break;
}
switch ($mode) {
case 'approve_details':
$this->tpl_name = 'mcp_post';
$user->add_lang(array('posting', 'viewtopic'));
$post_id = request_var('p', 0);
$topic_id = request_var('t', 0);
if ($topic_id) {
$topic_info = get_topic_data(array($topic_id), 'm_approve');
if (isset($topic_info[$topic_id]['topic_first_post_id'])) {
$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
} else {
$topic_id = 0;
}
}
$post_info = get_post_data(array($post_id), 'm_approve', true);
if (!sizeof($post_info)) {
trigger_error('NO_POST_SELECTED');
}
$post_info = $post_info[$post_id];
if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) {
$template->assign_vars(array('S_TOPIC_REVIEW' => true, 'TOPIC_TITLE' => $post_info['topic_title']));
}
$extensions = $attachments = $topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread']) {
$tmp_topic_data = array($post_info['topic_id'] => $post_info);
$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
unset($tmp_topic_data);
} else {
$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
}
$post_unread = isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']] ? true : false;
// Process message, leave it uncensored
$message = $post_info['post_text'];
if ($post_info['bbcode_bitfield']) {
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode($post_info['bbcode_bitfield']);
$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) {
$extensions = $cache->obtain_attach_extensions($post_info['forum_id']);
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $post_id . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($attachments)) {
$update_count = array();
parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
}
$post_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
$topic_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']);
$template->assign_vars(array('S_MCP_QUEUE' => true, 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&p={$post_id}&f={$forum_id}"), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => !$post_info['post_approved'], 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_NOTES' => true, 'U_EDIT' => $auth->acl_get('m_edit', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}posting.{$phpEx}", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), 'U_MCP_WARN_USER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', 'U_VIEW_POST' => $post_url, 'U_VIEW_TOPIC' => $topic_url, 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'NEW_POST') : $user->img('icon_post_target', 'POST'), 'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue' . ($topic_id ? '&mode=unapproved_topics' : '&mode=unapproved_posts')) . "&start={$start}\">", '</a>'), 'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'), 'RETURN_TOPIC_SIMPLE' => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'), 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'], 'POST_DATE' => $user->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => $auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '') ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], 'U_LOOKUP_IP' => $auth->acl_get('m_info', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : ''));
break;
case 'unapproved_topics':
case 'unapproved_posts':
$user->add_lang(array('viewtopic', 'viewforum'));
$topic_id = request_var('t', 0);
$forum_info = array();
if ($topic_id) {
$topic_info = get_topic_data(array($topic_id));
if (!sizeof($topic_info)) {
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
$forum_id = $topic_info['forum_id'];
}
$forum_list_approve = get_forum_list('m_approve', false, true);
$forum_list_read = array_flip(get_forum_list('f_read', true, true));
// Flipped so we can isset() the forum IDs
// Remove forums we cannot read
foreach ($forum_list_approve as $k => $forum_data) {
if (!isset($forum_list_read[$forum_data['forum_id']])) {
unset($forum_list_approve[$k]);
}
}
unset($forum_list_read);
if (!$forum_id) {
$forum_list = array();
foreach ($forum_list_approve as $row) {
$forum_list[] = $row['forum_id'];
}
if (!sizeof($forum_list)) {
trigger_error('NOT_MODERATOR');
}
$global_id = $forum_list[0];
$forum_list = implode(', ', $forum_list);
$sql = 'SELECT SUM(forum_topics) as sum_forum_topics
FROM ' . FORUMS_TABLE . "\n\t\t\t\t\t\tWHERE forum_id IN (0, {$forum_list})";
$result = $db->sql_query($sql);
$forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
$db->sql_freeresult($result);
} else {
$forum_info = get_forum_data(array($forum_id), 'm_approve');
if (!sizeof($forum_info)) {
trigger_error('NOT_MODERATOR');
}
$forum_info = $forum_info[$forum_id];
$forum_list = $forum_id;
$global_id = $forum_id;
}
$forum_options = '<option value="0"' . ($forum_id == 0 ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
foreach ($forum_list_approve as $row) {
$forum_options .= '<option value="' . $row['forum_id'] . '"' . ($forum_id == $row['forum_id'] ? ' selected="selected"' : '') . '>' . str_repeat(' ', $row['padding']) . $row['forum_name'] . '</option>';
}
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
$forum_topics = $total == -1 ? $forum_info['forum_topics'] : $total;
$limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . (time() - $sort_days * 86400) : '';
$forum_names = array();
if ($mode == 'unapproved_posts') {
$sql = 'SELECT p.post_id
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . "\n\t\t\t\t\t\tWHERE p.forum_id IN (0, {$forum_list})\n\t\t\t\t\t\t\tAND p.post_approved = 0\n\t\t\t\t\t\t\t" . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.poster_id' : '') . '
' . ($topic_id ? 'AND p.topic_id = ' . $topic_id : '') . "\n\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\tAND t.topic_first_post_id <> p.post_id\n\t\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$i = 0;
$post_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$post_ids[] = $row['post_id'];
$row_num[$row['post_id']] = $i++;
}
$db->sql_freeresult($result);
if (sizeof($post_ids)) {
$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username, u.username_clean, u.user_colour
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
AND t.topic_id = p.topic_id
AND u.user_id = p.poster_id
ORDER BY ' . $sort_order_sql;
$result = $db->sql_query($sql);
$post_data = $rowset = array();
while ($row = $db->sql_fetchrow($result)) {
if ($row['forum_id']) {
$forum_names[] = $row['forum_id'];
}
$post_data[$row['post_id']] = $row;
}
$db->sql_freeresult($result);
foreach ($post_ids as $post_id) {
$rowset[] = $post_data[$post_id];
}
unset($post_data, $post_ids);
} else {
$rowset = array();
}
} else {
$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
FROM ' . TOPICS_TABLE . " t\n\t\t\t\t\t\tWHERE forum_id IN (0, {$forum_list})\n\t\t\t\t\t\t\tAND topic_approved = 0\n\t\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$rowset = array();
while ($row = $db->sql_fetchrow($result)) {
if ($row['forum_id']) {
$forum_names[] = $row['forum_id'];
}
$rowset[] = $row;
}
$db->sql_freeresult($result);
}
if (sizeof($forum_names)) {
// Select the names for the forum_ids
$sql = 'SELECT forum_id, forum_name
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_names);
$result = $db->sql_query($sql, 3600);
$forum_names = array();
while ($row = $db->sql_fetchrow($result)) {
$forum_names[$row['forum_id']] = $row['forum_name'];
}
$db->sql_freeresult($result);
}
foreach ($rowset as $row) {
$global_topic = $row['forum_id'] ? false : true;
if ($global_topic) {
$row['forum_id'] = $global_id;
}
if (empty($row['post_username'])) {
$row['post_username'] = $user->lang['GUEST'];
}
$template->assign_block_vars('postrow', array('U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), 'U_VIEWFORUM' => !$global_topic ? append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']) : '', 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . ($mode == 'unapproved_posts' ? '#p' . $row['post_id'] : ''), 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&start={$start}&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . ($mode == 'unapproved_topics' ? "&t={$row['topic_id']}" : '')), 'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_ID' => $row['post_id'], 'FORUM_NAME' => !$global_topic ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'POST_SUBJECT' => $row['post_subject'], 'TOPIC_TITLE' => $row['topic_title'], 'POST_TIME' => $user->format_date($row['post_time'])));
}
unset($rowset, $forum_names);
// Now display the page
$template->assign_vars(array('L_DISPLAY_ITEMS' => $mode == 'unapproved_posts' ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'], 'L_EXPLAIN' => $mode == 'unapproved_posts' ? $user->lang['MCP_QUEUE_UNAPPROVED_POSTS_EXPLAIN'] : $user->lang['MCP_QUEUE_UNAPPROVED_TOPICS_EXPLAIN'], 'L_TITLE' => $mode == 'unapproved_posts' ? $user->lang['MCP_QUEUE_UNAPPROVED_POSTS'] : $user->lang['MCP_QUEUE_UNAPPROVED_TOPICS'], 'L_ONLY_TOPIC' => $topic_id ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '', 'S_FORUM_OPTIONS' => $forum_options, 'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')), 'S_TOPICS' => $mode == 'unapproved_posts' ? false : true, 'PAGINATION' => generate_pagination($this->u_action . "&f={$forum_id}&st={$sort_days}&sk={$sort_key}&sd={$sort_dir}", $total, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start), 'TOPIC_ID' => $topic_id, 'TOTAL' => $total == 1 ? $mode == 'unapproved_posts' ? $user->lang['VIEW_TOPIC_POST'] : $user->lang['VIEW_FORUM_TOPIC'] : sprintf($mode == 'unapproved_posts' ? $user->lang['VIEW_TOPIC_POSTS'] : $user->lang['VIEW_FORUM_TOPICS'], $total)));
$this->tpl_name = 'mcp_queue';
break;
}
}
public function main($id, $mode)
{
global $auth, $db, $user, $template, $cache, $request;
global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
global $phpbb_dispatcher;
include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$forum_id = $request->variable('f', 0);
$start = $request->variable('start', 0);
$this->page_title = 'MCP_QUEUE';
switch ($action) {
case 'approve':
case 'restore':
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$post_id_list = $request->variable('post_id_list', array(0));
$topic_id_list = $request->variable('topic_id_list', array(0));
if (!empty($post_id_list)) {
self::approve_posts($action, $post_id_list, 'queue', $mode);
} else {
if (!empty($topic_id_list)) {
self::approve_topics($action, $topic_id_list, 'queue', $mode);
} else {
trigger_error('NO_POST_SELECTED');
}
}
break;
case 'delete':
$post_id_list = $request->variable('post_id_list', array(0));
$topic_id_list = $request->variable('topic_id_list', array(0));
if (!empty($post_id_list)) {
if (!function_exists('mcp_delete_post')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx;
}
mcp_delete_post($post_id_list, false, '', $action);
} else {
if (!empty($topic_id_list)) {
if (!function_exists('mcp_delete_topic')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx;
}
mcp_delete_topic($topic_id_list, false, '', $action);
} else {
trigger_error('NO_POST_SELECTED');
}
}
break;
case 'disapprove':
$post_id_list = $request->variable('post_id_list', array(0));
$topic_id_list = $request->variable('topic_id_list', array(0));
if (!empty($topic_id_list) && $mode == 'deleted_topics') {
if (!function_exists('mcp_delete_topics')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx;
}
mcp_delete_topic($topic_id_list, false, '', 'disapprove');
return;
}
if (!class_exists('messenger')) {
include $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
}
if (!empty($topic_id_list)) {
$post_visibility = $mode == 'deleted_topics' ? ITEM_DELETED : array(ITEM_UNAPPROVED, ITEM_REAPPROVE);
$sql = 'SELECT post_id
FROM ' . POSTS_TABLE . '
WHERE ' . $db->sql_in_set('post_visibility', $post_visibility) . '
AND ' . $db->sql_in_set('topic_id', $topic_id_list);
$result = $db->sql_query($sql);
$post_id_list = array();
while ($row = $db->sql_fetchrow($result)) {
$post_id_list[] = (int) $row['post_id'];
}
$db->sql_freeresult($result);
}
if (!empty($post_id_list)) {
self::disapprove_posts($post_id_list, 'queue', $mode);
} else {
trigger_error('NO_POST_SELECTED');
}
break;
}
switch ($mode) {
case 'approve_details':
$this->tpl_name = 'mcp_post';
$user->add_lang(array('posting', 'viewtopic'));
$post_id = $request->variable('p', 0);
$topic_id = $request->variable('t', 0);
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
if ($topic_id) {
$topic_info = phpbb_get_topic_data(array($topic_id), 'm_approve');
if (isset($topic_info[$topic_id]['topic_first_post_id'])) {
$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
$phpbb_notifications->mark_notifications('topic_in_queue', $topic_id, $user->data['user_id']);
} else {
$topic_id = 0;
}
}
$phpbb_notifications->mark_notifications('post_in_queue', $post_id, $user->data['user_id']);
$post_info = phpbb_get_post_data(array($post_id), 'm_approve', true);
if (!sizeof($post_info)) {
trigger_error('NO_POST_SELECTED');
}
$post_info = $post_info[$post_id];
if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) {
$template->assign_vars(array('S_TOPIC_REVIEW' => true, 'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'], 'TOPIC_TITLE' => $post_info['topic_title']));
}
$extensions = $attachments = $topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread']) {
$tmp_topic_data = array($post_info['topic_id'] => $post_info);
$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
unset($tmp_topic_data);
} else {
$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
}
$post_unread = isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']] ? true : false;
// Process message, leave it uncensored
$parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) {
$extensions = $cache->obtain_attach_extensions($post_info['forum_id']);
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $post_id . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($attachments)) {
$update_count = array();
parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
}
// Deleting information
if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user']) {
// User having deleted the post also being the post author?
if (!$post_info['post_delete_user'] || $post_info['post_delete_user'] == $post_info['poster_id']) {
$display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
} else {
$sql = 'SELECT u.user_id, u.username, u.user_colour
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE p.post_id = ' . $post_info['post_id'] . '
AND p.post_delete_user = u.user_id';
$result = $db->sql_query($sql);
$post_delete_userinfo = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$display_username = get_username_string('full', $post_info['post_delete_user'], $post_delete_userinfo['username'], $post_delete_userinfo['user_colour']);
}
$l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
} else {
$l_deleted_by = '';
}
$post_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
$topic_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']);
$template->assign_vars(array('S_MCP_QUEUE' => true, 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&p={$post_id}&f={$forum_id}"), 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE, 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_NOTES' => true, 'S_POST_DELETED' => $post_info['post_visibility'] == ITEM_DELETED, 'DELETED_MESSAGE' => $l_deleted_by, 'DELETE_REASON' => $post_info['post_delete_reason'], 'U_EDIT' => $auth->acl_get('m_edit', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}posting.{$phpEx}", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), 'U_MCP_WARN_USER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', 'U_VIEW_POST' => $post_url, 'U_VIEW_TOPIC' => $topic_url, 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue' . ($topic_id ? '&mode=unapproved_topics' : '&mode=unapproved_posts')) . '&start=' . $start . '">', '</a>'), 'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'), 'RETURN_TOPIC_SIMPLE' => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'), 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'], 'POST_DATE' => $user->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => $auth->acl_get('m_info', $post_info['forum_id']) && $request->variable('lookup', '') ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], 'S_FIRST_POST' => $post_info['topic_first_post_id'] == $post_id, 'U_LOOKUP_IP' => $auth->acl_get('m_info', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : ''));
break;
case 'unapproved_topics':
case 'unapproved_posts':
case 'deleted_topics':
case 'deleted_posts':
$m_perm = 'm_approve';
$is_topics = $mode == 'unapproved_topics' || $mode == 'deleted_topics' ? true : false;
$is_restore = $mode == 'deleted_posts' || $mode == 'deleted_topics' ? true : false;
$visibility_const = !$is_restore ? array(ITEM_UNAPPROVED, ITEM_REAPPROVE) : ITEM_DELETED;
$user->add_lang(array('viewtopic', 'viewforum'));
$topic_id = $request->variable('t', 0);
$forum_info = array();
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
if ($topic_id) {
$topic_info = phpbb_get_topic_data(array($topic_id));
if (!sizeof($topic_info)) {
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
$forum_id = $topic_info['forum_id'];
}
$forum_list_approve = get_forum_list($m_perm, false, true);
$forum_list_read = array_flip(get_forum_list('f_read', true, true));
// Flipped so we can isset() the forum IDs
// Remove forums we cannot read
foreach ($forum_list_approve as $k => $forum_data) {
if (!isset($forum_list_read[$forum_data['forum_id']])) {
unset($forum_list_approve[$k]);
}
}
unset($forum_list_read);
if (!$forum_id) {
$forum_list = array();
foreach ($forum_list_approve as $row) {
$forum_list[] = $row['forum_id'];
}
if (!sizeof($forum_list)) {
trigger_error('NOT_MODERATOR');
}
$sql = 'SELECT SUM(forum_topics_approved) as sum_forum_topics
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_list);
$result = $db->sql_query($sql);
$forum_info['forum_topics_approved'] = (int) $db->sql_fetchfield('sum_forum_topics');
$db->sql_freeresult($result);
} else {
$forum_info = phpbb_get_forum_data(array($forum_id), $m_perm);
if (!sizeof($forum_info)) {
trigger_error('NOT_MODERATOR');
}
$forum_info = $forum_info[$forum_id];
$forum_list = $forum_id;
}
$forum_options = '<option value="0"' . ($forum_id == 0 ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
foreach ($forum_list_approve as $row) {
$forum_options .= '<option value="' . $row['forum_id'] . '"' . ($forum_id == $row['forum_id'] ? ' selected="selected"' : '') . '>' . str_repeat(' ', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
}
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
$forum_topics = $total == -1 ? $forum_info['forum_topics_approved'] : $total;
$limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . (time() - $sort_days * 86400) : '';
$forum_names = array();
if (!$is_topics) {
$sql = 'SELECT p.post_id
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . '
WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . '
AND ' . $db->sql_in_set('p.post_visibility', $visibility_const) . '
' . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.poster_id' : '') . '
' . ($topic_id ? 'AND p.topic_id = ' . $topic_id : '') . "\n\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\tAND (t.topic_visibility <> p.post_visibility\n\t\t\t\t\t\t\t\tOR t.topic_delete_user = 0)\n\t\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
/**
* Alter sql query to get posts in queue to be accepted
*
* @event core.mcp_queue_get_posts_query_before
* @var string sql Associative array with the query to be executed
* @var array forum_list List of forums that contain the posts
* @var int visibility_const Integer with one of the possible ITEM_* constant values
* @var int topic_id If topic_id not equal to 0, the topic id to filter the posts to display
* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
* @var string sort_order_sql String with the ORDER BY SQL code used in this query
* @since 3.1.0-RC3
*/
$vars = array('sql', 'forum_list', 'visibility_const', 'topic_id', 'limit_time_sql', 'sort_order_sql');
extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_query_before', compact($vars)));
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$i = 0;
$post_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$post_ids[] = $row['post_id'];
$row_num[$row['post_id']] = $i++;
}
$db->sql_freeresult($result);
if (sizeof($post_ids)) {
$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
AND t.topic_id = p.topic_id
AND u.user_id = p.poster_id
ORDER BY ' . $sort_order_sql;
$result = $db->sql_query($sql);
$post_data = $rowset = array();
while ($row = $db->sql_fetchrow($result)) {
$forum_names[] = $row['forum_id'];
$post_data[$row['post_id']] = $row;
}
$db->sql_freeresult($result);
foreach ($post_ids as $post_id) {
$rowset[] = $post_data[$post_id];
}
unset($post_data, $post_ids);
} else {
$rowset = array();
}
} else {
$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
FROM ' . TOPICS_TABLE . ' t
WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
AND ' . $db->sql_in_set('topic_visibility', $visibility_const) . "\n\t\t\t\t\t\t\tAND topic_delete_user <> 0\n\t\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
/**
* Alter sql query to get information on all topics in the list of forums provided.
*
* @event core.mcp_queue_get_posts_for_topics_query_before
* @var string sql String with the query to be executed
* @var array forum_list List of forums that contain the posts
* @var int visibility_const Integer with one of the possible ITEM_* constant values
* @var int topic_id topic_id in the page request
* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
* @var string sort_order_sql String with the ORDER BY SQL code used in this query
* @since 3.1.0-RC3
*/
$vars = array('sql', 'forum_list', 'visibility_const', 'topic_id', 'limit_time_sql', 'sort_order_sql');
extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_topics_query_before', compact($vars)));
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$rowset = array();
while ($row = $db->sql_fetchrow($result)) {
$forum_names[] = $row['forum_id'];
$rowset[] = $row;
}
$db->sql_freeresult($result);
}
if (sizeof($forum_names)) {
// Select the names for the forum_ids
$sql = 'SELECT forum_id, forum_name
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_names);
$result = $db->sql_query($sql, 3600);
$forum_names = array();
while ($row = $db->sql_fetchrow($result)) {
$forum_names[$row['forum_id']] = $row['forum_name'];
}
$db->sql_freeresult($result);
}
foreach ($rowset as $row) {
if (empty($row['post_username'])) {
$row['post_username'] = $row['username'] ?: $user->lang['GUEST'];
}
$template->assign_block_vars('postrow', array('U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']), 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . ($mode == 'unapproved_posts' ? '#p' . $row['post_id'] : ''), 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&start={$start}&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . ($mode == 'unapproved_topics' ? "&t={$row['topic_id']}" : '')), 'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_ID' => $row['post_id'], 'TOPIC_ID' => $row['topic_id'], 'FORUM_NAME' => $forum_names[$row['forum_id']], 'POST_SUBJECT' => $row['post_subject'] != '' ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'TOPIC_TITLE' => $row['topic_title'], 'POST_TIME' => $user->format_date($row['post_time']), 'ATTACH_ICON_IMG' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'] ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : ''));
}
unset($rowset, $forum_names);
$base_url = $this->u_action . "&f={$forum_id}&st={$sort_days}&sk={$sort_key}&sd={$sort_dir}";
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
// Now display the page
$template->assign_vars(array('L_DISPLAY_ITEMS' => !$is_topics ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'], 'L_EXPLAIN' => $user->lang['MCP_QUEUE_' . strtoupper($mode) . '_EXPLAIN'], 'L_TITLE' => $user->lang['MCP_QUEUE_' . strtoupper($mode)], 'L_ONLY_TOPIC' => $topic_id ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '', 'S_FORUM_OPTIONS' => $forum_options, 'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')), 'S_TOPICS' => $is_topics, 'S_RESTORE' => $is_restore, 'TOPIC_ID' => $topic_id, 'TOTAL' => $user->lang(!$is_topics ? 'VIEW_TOPIC_POSTS' : 'VIEW_FORUM_TOPICS', (int) $total)));
$this->tpl_name = 'mcp_queue';
break;
}
}
function main($id, $mode)
{
global $auth, $db, $user, $template, $cache;
global $config, $phpbb_root_path, $phpEx, $action;
include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx;
$start = request_var('start', 0);
$this->page_title = 'MCP_PM_REPORTS';
switch ($action) {
case 'close':
case 'delete':
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$report_id_list = request_var('report_id_list', array(0));
if (!sizeof($report_id_list)) {
trigger_error('NO_REPORT_SELECTED');
}
if (!function_exists('close_report')) {
include $phpbb_root_path . 'includes/mcp/mcp_reports.' . $phpEx;
}
close_report($report_id_list, $mode, $action, true);
break;
}
switch ($mode) {
case 'pm_report_details':
$user->add_lang(array('posting', 'viewforum', 'viewtopic', 'ucp'));
$report_id = request_var('r', 0);
$sql = 'SELECT r.pm_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
WHERE r.report_id = ' . $report_id . '
AND rr.reason_id = r.reason_id
AND r.user_id = u.user_id
AND r.post_id = 0
ORDER BY report_closed ASC';
$result = $db->sql_query_limit($sql, 1);
$report = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$report_id || !$report) {
trigger_error('NO_REPORT');
}
$pm_id = $report['pm_id'];
$report_id = $report['report_id'];
$pm_info = get_pm_data(array($pm_id));
if (!sizeof($pm_info)) {
trigger_error('NO_REPORT_SELECTED');
}
$pm_info = $pm_info[$pm_id];
write_pm_addresses(array('to' => $pm_info['to_address'], 'bcc' => $pm_info['bcc_address']), (int) $pm_info['author_id']);
$reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']);
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])])) {
$reason['description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])];
$reason['title'] = $user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])];
}
// Process message, leave it uncensored
$message = $pm_info['message_text'];
if ($pm_info['bbcode_bitfield']) {
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode($pm_info['bbcode_bitfield']);
$bbcode->bbcode_second_pass($message, $pm_info['bbcode_uid'], $pm_info['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if ($pm_info['message_attachment'] && $auth->acl_get('u_pm_download')) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $pm_id . '
AND in_message = 1
ORDER BY filetime DESC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($attachments)) {
$update_count = array();
parse_attachments(0, $message, $attachments, $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
}
$template->assign_vars(array('S_MCP_REPORT' => true, 'S_PM' => true, 'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=pm_reports&mode=pm_report_details&r=' . $report_id), 'S_CAN_VIEWIP' => $auth->acl_getf_global('m_info'), 'S_POST_REPORTED' => $pm_info['message_reported'], 'S_USER_NOTES' => true, 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=pm_reports&mode=pm_report_details&r=' . $report_id), 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $report['user_id']), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $pm_info['author_id']), 'U_MCP_WARN_REPORTER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $report['user_id']) : '', 'U_MCP_WARN_USER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $pm_info['author_id']) : '', 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 'MINI_POST_IMG' => $user->img('icon_post_target', 'POST'), 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=pm_reports' . ($pm_info['message_reported'] ? '&mode=pm_reports' : '&mode=pm_reports_closed') . '&start=' . $start) . '">', '</a>'), 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'REPORT_DATE' => $user->format_date($report['report_time']), 'REPORT_ID' => $report_id, 'REPORT_REASON_TITLE' => $reason['title'], 'REPORT_REASON_DESCRIPTION' => $reason['description'], 'REPORT_TEXT' => $report['report_text'], 'POST_AUTHOR_FULL' => get_username_string('full', $pm_info['author_id'], $pm_info['username'], $pm_info['user_colour']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $pm_info['author_id'], $pm_info['username'], $pm_info['user_colour']), 'POST_AUTHOR' => get_username_string('username', $pm_info['author_id'], $pm_info['username'], $pm_info['user_colour']), 'U_POST_AUTHOR' => get_username_string('profile', $pm_info['author_id'], $pm_info['username'], $pm_info['user_colour']), 'REPORTER_FULL' => get_username_string('full', $report['user_id'], $report['username'], $report['user_colour']), 'REPORTER_COLOUR' => get_username_string('colour', $report['user_id'], $report['username'], $report['user_colour']), 'REPORTER_NAME' => get_username_string('username', $report['user_id'], $report['username'], $report['user_colour']), 'U_VIEW_REPORTER_PROFILE' => get_username_string('profile', $report['user_id'], $report['username'], $report['user_colour']), 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $pm_info['message_subject'] ? $pm_info['message_subject'] : $user->lang['NO_SUBJECT'], 'POST_DATE' => $user->format_date($pm_info['message_time']), 'POST_IP' => $pm_info['author_ip'], 'POST_IPADDR' => $auth->acl_getf_global('m_info') && request_var('lookup', '') ? @gethostbyaddr($pm_info['author_ip']) : '', 'POST_ID' => $pm_info['msg_id'], 'U_LOOKUP_IP' => $auth->acl_getf_global('m_info') ? $this->u_action . '&r=' . $report_id . '&pm=' . $pm_id . '&lookup=' . $pm_info['author_ip'] . '#ip' : ''));
$this->tpl_name = 'mcp_post';
break;
case 'pm_reports':
case 'pm_reports_closed':
$user->add_lang(array('ucp'));
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total);
$limit_time_sql = $sort_days ? 'AND r.report_time >= ' . (time() - $sort_days * 86400) : '';
if ($mode == 'pm_reports') {
$report_state = 'p.message_reported = 1 AND r.report_closed = 0';
} else {
$report_state = 'r.report_closed = 1';
}
$sql = 'SELECT r.report_id
FROM ' . PRIVMSGS_TABLE . ' p, ' . REPORTS_TABLE . ' r ' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . ($sort_order_sql[0] == 'r' ? ', ' . USERS_TABLE . ' ru' : '') . "\n\t\t\t\t\tWHERE {$report_state}\n\t\t\t\t\t\tAND r.pm_id = p.msg_id\n\t\t\t\t\t\t" . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.author_id' : '') . '
' . ($sort_order_sql[0] == 'r' ? 'AND ru.user_id = r.user_id' : '') . "\n\t\t\t\t\t\tAND r.post_id = 0\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$i = 0;
$report_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$report_ids[] = $row['report_id'];
$row_num[$row['report_id']] = $i++;
}
$db->sql_freeresult($result);
if (sizeof($report_ids)) {
$sql = 'SELECT p.*, u.username, u.username_clean, u.user_colour, r.user_id as reporter_id, ru.username as reporter_name, ru.user_colour as reporter_colour, r.report_time, r.report_id
FROM ' . REPORTS_TABLE . ' r, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u, ' . USERS_TABLE . ' ru
WHERE ' . $db->sql_in_set('r.report_id', $report_ids) . "\n\t\t\t\t\t\t\tAND r.pm_id = p.msg_id\n\t\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\t\tAND ru.user_id = r.user_id\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
$result = $db->sql_query($sql);
$pm_list = $pm_by_id = array();
while ($row = $db->sql_fetchrow($result)) {
$pm_by_id[(int) $row['msg_id']] = $row;
$pm_list[] = (int) $row['msg_id'];
}
$db->sql_freeresult($result);
if (sizeof($pm_list)) {
$address_list = get_recipient_strings($pm_by_id);
foreach ($pm_list as $message_id) {
$row = $pm_by_id[$message_id];
$template->assign_block_vars('postrow', array('U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=pm_reports&mode=pm_report_details&r={$row['report_id']}"), 'PM_AUTHOR_FULL' => get_username_string('full', $row['author_id'], $row['username'], $row['user_colour']), 'PM_AUTHOR_COLOUR' => get_username_string('colour', $row['author_id'], $row['username'], $row['user_colour']), 'PM_AUTHOR' => get_username_string('username', $row['author_id'], $row['username'], $row['user_colour']), 'U_PM_AUTHOR' => get_username_string('profile', $row['author_id'], $row['username'], $row['user_colour']), 'REPORTER_FULL' => get_username_string('full', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'REPORTER_COLOUR' => get_username_string('colour', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'REPORTER' => get_username_string('username', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'U_REPORTER' => get_username_string('profile', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'PM_SUBJECT' => $row['message_subject'] ? $row['message_subject'] : $user->lang['NO_SUBJECT'], 'PM_TIME' => $user->format_date($row['message_time']), 'REPORT_ID' => $row['report_id'], 'REPORT_TIME' => $user->format_date($row['report_time']), 'RECIPIENTS' => implode(', ', $address_list[$row['msg_id']])));
}
}
}
// Now display the page
$template->assign_vars(array('L_EXPLAIN' => $mode == 'pm_reports' ? $user->lang['MCP_PM_REPORTS_OPEN_EXPLAIN'] : $user->lang['MCP_PM_REPORTS_CLOSED_EXPLAIN'], 'L_TITLE' => $mode == 'pm_reports' ? $user->lang['MCP_PM_REPORTS_OPEN'] : $user->lang['MCP_PM_REPORTS_CLOSED'], 'S_PM' => true, 'S_MCP_ACTION' => $this->u_action, 'S_CLOSED' => $mode == 'pm_reports_closed' ? true : false, 'PAGINATION' => generate_pagination($this->u_action . "&st={$sort_days}&sk={$sort_key}&sd={$sort_dir}", $total, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start), 'TOTAL' => $total, 'TOTAL_REPORTS' => $total == 1 ? $user->lang['LIST_REPORT'] : sprintf($user->lang['LIST_REPORTS'], $total)));
$this->tpl_name = 'mcp_reports';
break;
}
}
/**
* prepares the preview announcement text
*/
function announcement_post($where_sql, $order, $gotopost)
{
global $db, $auth, $user, $template;
global $phpbb_root_path, $phpEx, $config;
if (!class_exists('bbcode')) {
include $phpbb_root_path . 'includes/bbcode.' . $phpEx;
}
$bbcode_bitfield = '';
$sql = 'SELECT *
FROM ' . POSTS_TABLE . " \n\t\t\t{$where_sql}\n\t\tORDER BY post_id {$order}";
$result = $db->sql_query_limit($sql, 1, 0);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row['post_attachment']) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $row['post_id']) . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row2 = $db->sql_fetchrow($result)) {
$attachments[$row2['post_msg_id']][] = $row2;
}
$db->sql_freeresult($result);
}
// Parse the message and subject
$message = censor_text($row['post_text']);
// Define the global bbcode bitfield, will be used to load bbcodes
$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
// Instantiate BBCode if need be
if ($bbcode_bitfield !== '') {
$bbcode = new bbcode(base64_encode($bbcode_bitfield));
}
// Second parse bbcode here
//if ($row['bbcode_bitfield'])
//{
if (!function_exists('Markdown')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'includes/markdown.' . $phpEx;
}
$message = Markdown($message);
//$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
//}
//$message = bbcode_nl2br($message);
$message = smiley_text($message);
if (!empty($attachments[$row['post_id']])) {
parse_attachments($row['forum_id'], $message, $attachments[$row['post_id']], $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments[$row['post_id']])) {
foreach ($attachments[$row['post_id']] as $attachment) {
$template->assign_block_vars('announcement_attachments', array('DISPLAY_ATTACHMENTS' => $attachment));
}
}
// Assign index specific vars
$template->assign_vars(array('S_HASATTACHMENTS' => !empty($attachments[$row['post_id']]) ? true : false, 'U_ANNOUNCEMENT_GOTOPOST' => $gotopost ? append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'p=' . $row['post_id']) . '#p' . $row['post_id'] : ''));
return $message;
}
/**
* Compose private message
* Called from ucp_pm with mode == 'compose'
*/
function compose_pm($id, $mode, $action, $user_folders = array())
{
global $template, $db, $auth, $user, $cache;
global $phpbb_root_path, $phpEx, $config;
global $request, $phpbb_dispatcher, $phpbb_container;
// Damn php and globals - i know, this is horrible
// Needed for handle_message_list_actions()
global $refresh, $submit, $preview;
include $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
include $phpbb_root_path . 'includes/message_parser.' . $phpEx;
if (!$action) {
$action = 'post';
}
add_form_key('ucp_pm_compose');
// Grab only parameters needed here
$to_user_id = request_var('u', 0);
$to_group_id = request_var('g', 0);
$msg_id = request_var('p', 0);
$draft_id = request_var('d', 0);
$lastclick = request_var('lastclick', 0);
// Reply to all triggered (quote/reply)
$reply_to_all = request_var('reply_to_all', 0);
$address_list = $request->variable('address_list', array('' => array(0 => '')));
$submit = isset($_POST['post']) ? true : false;
$preview = isset($_POST['preview']) ? true : false;
$save = isset($_POST['save']) ? true : false;
$load = isset($_POST['load']) ? true : false;
$cancel = isset($_POST['cancel']) && !isset($_POST['save']) ? true : false;
$delete = isset($_POST['delete']) ? true : false;
$remove_u = isset($_REQUEST['remove_u']) ? true : false;
$remove_g = isset($_REQUEST['remove_g']) ? true : false;
$add_to = isset($_REQUEST['add_to']) ? true : false;
$add_bcc = isset($_REQUEST['add_bcc']) ? true : false;
$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc;
$action = $delete && !$preview && !$refresh && $submit ? 'delete' : $action;
$select_single = $config['allow_mass_pm'] && $auth->acl_get('u_masspm') ? false : true;
$error = array();
$current_time = time();
// Was cancel pressed? If so then redirect to the appropriate page
if ($cancel || $current_time - $lastclick < 2 && $submit) {
if ($msg_id) {
redirect(append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=view&action=view_message&p=' . $msg_id));
}
redirect(append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm'));
}
// Since viewtopic.php language entries are used in several modes,
// we include the language file here
$user->add_lang('viewtopic');
/**
* Modify the default vars before composing a PM
*
* @event core.ucp_pm_compose_modify_data
* @var int msg_id post_id in the page request
* @var int to_user_id The id of whom the message is to
* @var int to_group_id The id of the group the message is to
* @var bool submit Whether the form has been submitted
* @var bool preview Whether the user is previewing the PM or not
* @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies
* @var bool delete Whether the user is deleting the PM
* @var int reply_to_all Value of reply_to_all request variable.
* @since 3.1.4-RC1
*/
$vars = array('msg_id', 'to_user_id', 'to_group_id', 'submit', 'preview', 'action', 'delete', 'reply_to_all');
extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_modify_data', compact($vars)));
// Output PM_TO box if message composing
if ($action != 'edit') {
// Add groups to PM box
if ($config['allow_mass_pm'] && $auth->acl_get('u_masspm_group')) {
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g';
if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) {
$sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug
ON (
g.group_id = ug.group_id
AND ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
)
WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
}
$sql .= $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? ' WHERE ' : ' AND ';
$sql .= 'g.group_receive_pm = 1
ORDER BY g.group_type DESC, g.group_name ASC';
$result = $db->sql_query($sql);
$group_options = '';
while ($row = $db->sql_fetchrow($result)) {
$group_options .= '<option' . ($row['group_type'] == GROUP_SPECIAL ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . ($row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
}
$template->assign_vars(array('S_SHOW_PM_BOX' => true, 'S_ALLOW_MASS_PM' => $config['allow_mass_pm'] && $auth->acl_get('u_masspm') ? true : false, 'S_GROUP_OPTIONS' => $config['allow_mass_pm'] && $auth->acl_get('u_masspm_group') ? $group_options : '', 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=searchuser&form=postform&field=username_list&select_single={$select_single}")));
}
$sql = '';
$folder_id = 0;
// What is all this following SQL for? Well, we need to know
// some basic information in all cases before we do anything.
switch ($action) {
case 'post':
if (!$auth->acl_get('u_sendpm')) {
trigger_error('NO_AUTH_SEND_MESSAGE');
}
break;
case 'reply':
case 'quote':
case 'forward':
case 'quotepost':
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
if (!$auth->acl_get('u_sendpm')) {
trigger_error('NO_AUTH_SEND_MESSAGE');
}
if ($action == 'quotepost') {
$sql = 'SELECT p.post_id as msg_id, p.forum_id, p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u\n\t\t\t\t\tWHERE p.post_id = {$msg_id}\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND u.user_id = p.poster_id";
} else {
$sql = 'SELECT t.folder_id, p.*, u.username as quote_username
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\tAND p.msg_id = {$msg_id}";
}
break;
case 'edit':
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
// check for outbox (not read) status, we do not allow editing if one user already having the message
$sql = 'SELECT p.*, t.folder_id
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p
WHERE t.user_id = ' . $user->data['user_id'] . '
AND t.folder_id = ' . PRIVMSGS_OUTBOX . "\n\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\tAND t.msg_id = p.msg_id";
break;
case 'delete':
if (!$auth->acl_get('u_pm_delete')) {
trigger_error('NO_AUTH_DELETE_MESSAGE');
}
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
$sql = 'SELECT msg_id, pm_unread, pm_new, author_id, folder_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\tAND msg_id = {$msg_id}";
break;
case 'smilies':
generate_smilies('window', 0);
break;
default:
trigger_error('NO_ACTION_MODE', E_USER_ERROR);
break;
}
if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward'))) {
trigger_error('NO_AUTH_FORWARD_MESSAGE');
}
if ($action == 'edit' && !$auth->acl_get('u_pm_edit')) {
trigger_error('NO_AUTH_EDIT_MESSAGE');
}
if ($sql) {
/**
* Alter sql query to get message for user to write the PM
*
* @event core.ucp_pm_compose_compose_pm_basic_info_query_before
* @var string sql String with the query to be executed
* @var array forum_list List of forums that contain the posts
* @var int visibility_const Integer with one of the possible ITEM_* constant values
* @var int msg_id topic_id in the page request
* @var int to_user_id The id of whom the message is to
* @var int to_group_id The id of the group whom the message is to
* @var bool submit Whether the user is sending the PM or not
* @var bool preview Whether the user is previewing the PM or not
* @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies
* @var bool delete Whether the user is deleting the PM
* @var int reply_to_all Value of reply_to_all request variable.
* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
* @var string sort_order_sql String with the ORDER BY SQL code used in this query
* @since 3.1.0-RC5
*/
$vars = array('sql', 'forum_list', 'visibility_const', 'msg_id', 'to_user_id', 'to_group_id', 'submit', 'preview', 'action', 'delete', 'reply_to_all', 'limit_time_sql', 'sort_order_sql');
extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_compose_pm_basic_info_query_before', compact($vars)));
$result = $db->sql_query($sql);
$post = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$post) {
// If editing it could be the recipient already read the message...
if ($action == 'edit') {
$sql = 'SELECT p.*, t.folder_id
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p
WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\t\tAND t.msg_id = p.msg_id";
$result = $db->sql_query($sql);
$post = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($post) {
trigger_error('NO_EDIT_READ_MESSAGE');
}
}
trigger_error('NO_MESSAGE');
}
if ($action == 'quotepost') {
if ($post['forum_id'] && !$auth->acl_get('f_read', $post['forum_id']) || !$post['forum_id'] && !$auth->acl_getf_global('f_read')) {
trigger_error('NOT_AUTHORISED');
}
/**
* Get the result of querying for the post to be quoted in the pm message
*
* @event core.ucp_pm_compose_quotepost_query_after
* @var string sql The original SQL used in the query
* @var array post Associative array with the data of the quoted post
* @var array msg_id The post_id that was searched to get the message for quoting
* @var int visibility_const Visibility of the quoted post (one of the possible ITEM_* constant values)
* @var int topic_id Topic ID of the quoted post
* @var int to_user_id Users the message is sent to
* @var int to_group_id Groups the message is sent to
* @var bool submit Whether the user is sending the PM or not
* @var bool preview Whether the user is previewing the PM or not
* @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies
* @var bool delete If deleting message
* @var int reply_to_all Value of reply_to_all request variable.
* @since 3.1.0-RC5
*/
$vars = array('sql', 'post', 'msg_id', 'visibility_const', 'topic_id', 'to_user_id', 'to_group_id', 'submit', 'preview', 'action', 'delete', 'reply_to_all');
extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_quotepost_query_after', compact($vars)));
// Passworded forum?
if ($post['forum_id']) {
$sql = 'SELECT forum_id, forum_name, forum_password
FROM ' . FORUMS_TABLE . '
WHERE forum_id = ' . (int) $post['forum_id'];
$result = $db->sql_query($sql);
$forum_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!empty($forum_data['forum_password'])) {
login_forum_box($forum_data);
}
}
}
$msg_id = (int) $post['msg_id'];
$folder_id = isset($post['folder_id']) ? $post['folder_id'] : 0;
$message_text = isset($post['message_text']) ? $post['message_text'] : '';
if ((!$post['author_id'] || $post['author_id'] == ANONYMOUS && $action != 'delete') && $msg_id) {
trigger_error('NO_AUTHOR');
}
if ($action == 'quotepost') {
// Decode text for message display
decode_message($message_text, $post['bbcode_uid']);
}
if ($action != 'delete') {
$enable_urls = $post['enable_magic_url'];
$enable_sig = isset($post['enable_sig']) ? $post['enable_sig'] : 0;
$message_attachment = isset($post['message_attachment']) ? $post['message_attachment'] : 0;
$message_subject = $post['message_subject'];
$message_time = $post['message_time'];
$bbcode_uid = $post['bbcode_uid'];
$quote_username = isset($post['quote_username']) ? $post['quote_username'] : '';
$icon_id = isset($post['icon_id']) ? $post['icon_id'] : 0;
if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !sizeof($address_list) && !$refresh && !$submit && !$preview) {
// Add the original author as the recipient if quoting a post or only replying and not having checked "reply to all"
if ($action == 'quotepost' || !$reply_to_all) {
$address_list = array('u' => array($post['author_id'] => 'to'));
} else {
// We try to include every previously listed member from the TO Header - Reply to all
$address_list = rebuild_header(array('to' => $post['to_address']));
// Add the author (if he is already listed then this is no shame (it will be overwritten))
$address_list['u'][$post['author_id']] = 'to';
// Now, make sure the user itself is not listed. ;)
if (isset($address_list['u'][$user->data['user_id']])) {
unset($address_list['u'][$user->data['user_id']]);
}
}
} else {
if ($action == 'edit' && !sizeof($address_list) && !$refresh && !$submit && !$preview) {
// Rebuild TO and BCC Header
$address_list = rebuild_header(array('to' => $post['to_address'], 'bcc' => $post['bcc_address']));
}
}
if ($action == 'quotepost') {
$check_value = 0;
} else {
$check_value = ($post['enable_bbcode'] + 1 << 8) + ($post['enable_smilies'] + 1 << 4) + ($enable_urls + 1 << 2) + ($post['enable_sig'] + 1 << 1);
}
}
} else {
$message_attachment = 0;
$message_text = $message_subject = '';
if ($to_user_id && $to_user_id != ANONYMOUS && $action == 'post') {
$address_list['u'][$to_user_id] = 'to';
} else {
if ($to_group_id && $action == 'post') {
$address_list['g'][$to_group_id] = 'to';
}
}
$check_value = 0;
}
if (($to_group_id || isset($address_list['g'])) && (!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group'))) {
trigger_error('NO_AUTH_GROUP_MESSAGE');
}
if ($action == 'edit' && !$refresh && !$preview && !$submit) {
if (!($message_time > time() - $config['pm_edit_time'] * 60 || !$config['pm_edit_time'])) {
trigger_error('CANNOT_EDIT_MESSAGE_TIME');
}
}
if ($action == 'post') {
$template->assign_var('S_NEW_MESSAGE', true);
}
if (!isset($icon_id)) {
$icon_id = 0;
}
$message_parser = new parse_message();
$plupload = $phpbb_container->get('plupload');
$message_parser->set_plupload($plupload);
$message_parser->message = $action == 'reply' ? '' : $message_text;
unset($message_text);
$s_action = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i={$id}&mode={$mode}&action={$action}", true, $user->session_id);
$s_action .= ($folder_id ? "&f={$folder_id}" : '') . ($msg_id ? "&p={$msg_id}" : '');
// Delete triggered ?
if ($action == 'delete') {
// Folder id has been determined by the SQL Statement
// $folder_id = request_var('f', PRIVMSGS_NO_BOX);
// Do we need to confirm ?
if (confirm_box(true)) {
delete_pm($user->data['user_id'], $msg_id, $folder_id);
// jump to next message in "history"? nope, not for the moment. But able to be included later.
$meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=pm&folder={$folder_id}");
$message = $user->lang['MESSAGE_DELETED'];
meta_refresh(3, $meta_info);
$message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
} else {
$s_hidden_fields = array('p' => $msg_id, 'f' => $folder_id, 'action' => 'delete');
// "{$phpbb_root_path}ucp.$phpEx?i=pm&mode=compose"
confirm_box(false, 'DELETE_MESSAGE', build_hidden_fields($s_hidden_fields));
}
redirect(append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=view&action=view_message&p=' . $msg_id));
}
// Get maximum number of allowed recipients
$sql = 'SELECT MAX(g.group_max_recipients) as max_recipients
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
AND ug.group_id = g.group_id';
$result = $db->sql_query($sql);
$max_recipients = (int) $db->sql_fetchfield('max_recipients');
$db->sql_freeresult($result);
$max_recipients = !$max_recipients ? $config['pm_max_recipients'] : $max_recipients;
// If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients
if (($action == 'reply' || $action == 'quote') && $max_recipients && $reply_to_all) {
// We try to include every previously listed member from the TO Header
$list = rebuild_header(array('to' => $post['to_address']));
// Can be an empty array too ;)
$list = !empty($list['u']) ? $list['u'] : array();
$list[$post['author_id']] = 'to';
if (isset($list[$user->data['user_id']])) {
unset($list[$user->data['user_id']]);
}
$max_recipients = $max_recipients < sizeof($list) ? sizeof($list) : $max_recipients;
unset($list);
}
// Handle User/Group adding/removing
handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc);
// Check mass pm to group permission
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g'])) {
$address_list = array();
$error[] = $user->lang['NO_AUTH_GROUP_MESSAGE'];
}
// Check mass pm to users permission
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1) {
$address_list = get_recipients($address_list, 1);
$error[] = $user->lang('TOO_MANY_RECIPIENTS', 1);
}
// Check for too many recipients
if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients) {
$address_list = get_recipients($address_list, $max_recipients);
$error[] = $user->lang('TOO_MANY_RECIPIENTS', $max_recipients);
}
// Always check if the submitted attachment data is valid and belongs to the user.
// Further down (especially in submit_post()) we do not check this again.
$message_parser->get_submitted_attachment_data();
if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') {
// Do not change to SELECT *
$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize
FROM ' . ATTACHMENTS_TABLE . "\n\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\tAND in_message = 1\n\t\t\t\tAND is_orphan = 0\n\t\t\tORDER BY filetime DESC";
$result = $db->sql_query($sql);
$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
$db->sql_freeresult($result);
}
if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) {
$enable_sig = $config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig') && $user->optionget('attachsig');
$enable_smilies = $config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smilies');
$enable_bbcode = $config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode');
$enable_urls = true;
}
$enable_magic_url = $drafts = false;
// User own some drafts?
if ($auth->acl_get('u_savedrafts') && $action != 'delete') {
$sql = 'SELECT draft_id
FROM ' . DRAFTS_TABLE . '
WHERE forum_id = 0
AND topic_id = 0
AND user_id = ' . $user->data['user_id'] . ($draft_id ? " AND draft_id <> {$draft_id}" : '');
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
$drafts = true;
}
}
if ($action == 'edit') {
$message_parser->bbcode_uid = $bbcode_uid;
}
$bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode') ? true : false;
$smilies_status = $config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies') ? true : false;
$img_status = $config['auth_img_pm'] && $auth->acl_get('u_pm_img') ? true : false;
$flash_status = $config['auth_flash_pm'] && $auth->acl_get('u_pm_flash') ? true : false;
$url_status = $config['allow_post_links'] ? true : false;
// Save Draft
if ($save && $auth->acl_get('u_savedrafts')) {
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$subject = !$subject && $action != 'post' ? $user->lang['NEW_MESSAGE'] : $subject;
$message = utf8_normalize_nfc(request_var('message', '', true));
if ($subject && $message) {
if (confirm_box(true)) {
$sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('user_id' => $user->data['user_id'], 'topic_id' => 0, 'forum_id' => 0, 'save_time' => $current_time, 'draft_subject' => $subject, 'draft_message' => $message));
$db->sql_query($sql);
$redirect_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=pm&mode={$mode}");
meta_refresh(3, $redirect_url);
$message = $user->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
trigger_error($message);
} else {
$s_hidden_fields = build_hidden_fields(array('mode' => $mode, 'action' => $action, 'save' => true, 'subject' => $subject, 'message' => $message, 'u' => $to_user_id, 'g' => $to_group_id, 'p' => $msg_id));
$s_hidden_fields .= build_address_field($address_list);
confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
}
} else {
if (utf8_clean_string($subject) === '') {
$error[] = $user->lang['EMPTY_MESSAGE_SUBJECT'];
}
if (utf8_clean_string($message) === '') {
$error[] = $user->lang['TOO_FEW_CHARS'];
}
}
unset($subject, $message);
}
// Load Draft
if ($draft_id && $auth->acl_get('u_savedrafts')) {
$sql = 'SELECT draft_subject, draft_message
FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND topic_id = 0\n\t\t\t\tAND forum_id = 0\n\t\t\t\tAND user_id = " . $user->data['user_id'];
$result = $db->sql_query_limit($sql, 1);
if ($row = $db->sql_fetchrow($result)) {
$message_parser->message = $row['draft_message'];
$message_subject = $row['draft_subject'];
$template->assign_var('S_DRAFT_LOADED', true);
} else {
$draft_id = 0;
}
$db->sql_freeresult($result);
}
// Load Drafts
if ($load && $drafts) {
load_drafts(0, 0, $id, $action, $msg_id);
}
if ($submit || $preview || $refresh) {
if (($submit || $preview) && !check_form_key('ucp_pm_compose')) {
$error[] = $user->lang['FORM_INVALID'];
}
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
$icon_id = request_var('icon', 0);
$enable_bbcode = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true;
$enable_smilies = !$smilies_status || isset($_POST['disable_smilies']) ? false : true;
$enable_urls = isset($_POST['disable_magic_url']) ? 0 : 1;
$enable_sig = !$config['allow_sig'] || !$config['allow_sig_pm'] ? false : (isset($_POST['attach_sig']) ? true : false);
if ($submit) {
$status_switch = ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1);
$status_switch = $status_switch != $check_value;
} else {
$status_switch = 1;
}
// Parse Attachments - before checksum is calculated
$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
if (sizeof($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) {
$error[] = implode('<br />', $message_parser->warn_msg);
$message_parser->warn_msg = array();
}
// Parse message
$message_parser->parse($enable_bbcode, $config['allow_post_links'] ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']);
// On a refresh we do not care about message parsing errors
if (sizeof($message_parser->warn_msg) && !$refresh) {
$error[] = implode('<br />', $message_parser->warn_msg);
}
if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood')) {
// Flood check
$last_post_time = $user->data['user_lastpost_time'];
if ($last_post_time) {
if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) {
$error[] = $user->lang['FLOOD_ERROR'];
}
}
}
// Subject defined
if ($submit) {
if (utf8_clean_string($subject) === '') {
$error[] = $user->lang['EMPTY_MESSAGE_SUBJECT'];
}
if (!sizeof($address_list)) {
$error[] = $user->lang['NO_RECIPIENT'];
}
}
// Store message, sync counters
if (!sizeof($error) && $submit) {
$pm_data = array('msg_id' => (int) $msg_id, 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'reply_from_root_level' => isset($post['root_level']) ? (int) $post['root_level'] : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list);
// ((!$message_subject) ? $subject : $message_subject)
$msg_id = submit_pm($action, $subject, $pm_data);
$return_message_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=view&p=' . $msg_id);
$inbox_folder_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&folder=inbox');
$outbox_folder_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&folder=outbox');
$folder_url = '';
if ($folder_id > 0 && isset($user_folders[$folder_id])) {
$folder_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&folder=' . $folder_id);
}
$return_box_url = $action === 'post' || $action === 'edit' ? $outbox_folder_url : $inbox_folder_url;
$return_box_lang = $action === 'post' || $action === 'edit' ? 'PM_OUTBOX' : 'PM_INBOX';
$save_message = $action === 'edit' ? $user->lang['MESSAGE_EDITED'] : $user->lang['MESSAGE_STORED'];
$message = $save_message . '<br /><br />' . $user->lang('VIEW_PRIVATE_MESSAGE', '<a href="' . $return_message_url . '">', '</a>');
$last_click_type = 'CLICK_RETURN_FOLDER';
if ($folder_url) {
$message .= '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $folder_url . '">', '</a>', $user_folders[$folder_id]['folder_name']);
$last_click_type = 'CLICK_GOTO_FOLDER';
}
$message .= '<br /><br />' . sprintf($user->lang[$last_click_type], '<a href="' . $return_box_url . '">', '</a>', $user->lang[$return_box_lang]);
meta_refresh(3, $return_message_url);
trigger_error($message);
}
$message_subject = $subject;
}
// Preview
if (!sizeof($error) && $preview) {
$preview_message = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
$preview_signature = $user->data['user_sig'];
$preview_signature_uid = $user->data['user_sig_bbcode_uid'];
$preview_signature_bitfield = $user->data['user_sig_bbcode_bitfield'];
// Signature
if ($enable_sig && $config['allow_sig'] && $preview_signature) {
$parse_sig = new parse_message($preview_signature);
$parse_sig->bbcode_uid = $preview_signature_uid;
$parse_sig->bbcode_bitfield = $preview_signature_bitfield;
$parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']);
$preview_signature = $parse_sig->message;
unset($parse_sig);
} else {
$preview_signature = '';
}
// Attachment Preview
if (sizeof($message_parser->attachment_data)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
$update_count = array();
$attachment_data = $message_parser->attachment_data;
parse_attachments(false, $preview_message, $attachment_data, $update_count, true);
foreach ($attachment_data as $i => $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
unset($attachment_data);
}
$preview_subject = censor_text($subject);
if (!sizeof($error)) {
$template->assign_vars(array('PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true));
}
unset($message_text);
}
// Decode text for message display
$bbcode_uid = ($action == 'quote' || $action == 'forward') && !$preview && !$refresh && (!sizeof($error) || sizeof($error) && !$submit) ? $bbcode_uid : $message_parser->bbcode_uid;
$message_parser->decode_message($bbcode_uid);
if (($action == 'quote' || $action == 'quotepost') && !$preview && !$refresh && !$submit) {
if ($action == 'quotepost') {
$post_id = request_var('p', 0);
if ($config['allow_post_links']) {
$message_link = "[url=" . generate_board_url() . "/viewtopic.{$phpEx}?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}{$user->lang['COLON']} {$message_subject}[/url]\n\n";
} else {
$message_link = $user->lang['SUBJECT'] . $user->lang['COLON'] . ' ' . $message_subject . " (" . generate_board_url() . "/viewtopic.{$phpEx}?p={$post_id}#p{$post_id})\n\n";
}
} else {
$message_link = '';
}
$message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
}
if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh) {
$message_subject = (!preg_match('/^Re:/', $message_subject) ? 'Re: ' : '') . censor_text($message_subject);
}
if ($action == 'forward' && !$preview && !$refresh && !$submit) {
$fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true);
if ($config['allow_post_links']) {
$quote_username_text = '[url=' . generate_board_url() . "/memberlist.{$phpEx}?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]";
} else {
$quote_username_text = $quote_username . ' (' . generate_board_url() . "/memberlist.{$phpEx}?mode=viewprofile&u={$post['author_id']})";
}
$forward_text = array();
$forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE'];
$forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject));
$forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time, false, true));
$forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text);
$forward_text[] = sprintf($user->lang['FWD_TO'], implode($user->lang['COMMA_SEPARATOR'], $fwd_to_field['to']));
$message_parser->message = implode("\n", $forward_text) . "\n\n[quote="{$quote_username}"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]";
$message_subject = (!preg_match('/^Fwd:/', $message_subject) ? 'Fwd: ' : '') . censor_text($message_subject);
}
$attachment_data = $message_parser->attachment_data;
$filename_data = $message_parser->filename_data;
$message_text = $message_parser->message;
// MAIN PM PAGE BEGINS HERE
// Generate smiley listing
generate_smilies('inline', 0);
// Generate PM Icons
$s_pm_icons = false;
if ($config['enable_pm_icons']) {
$s_pm_icons = posting_gen_topic_icons($action, $icon_id);
}
// Generate inline attachment select box
posting_gen_inline_attachments($attachment_data);
// Build address list for display
// array('u' => array($author_id => 'to'));
if (sizeof($address_list)) {
// Get Usernames and Group Names
$result = array();
if (!empty($address_list['u'])) {
$sql = 'SELECT user_id as id, username as name, user_colour as colour
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($address_list['u']))) . '
ORDER BY username_clean ASC';
$result['u'] = $db->sql_query($sql);
}
if (!empty($address_list['g'])) {
$sql = 'SELECT g.group_id AS id, g.group_name AS name, g.group_colour AS colour, g.group_type
FROM ' . GROUPS_TABLE . ' g';
if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) {
$sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug
ON (
g.group_id = ug.group_id
AND ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
)
WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
}
$sql .= $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? ' WHERE ' : ' AND ';
$sql .= 'g.group_receive_pm = 1
AND ' . $db->sql_in_set('g.group_id', array_map('intval', array_keys($address_list['g']))) . '
ORDER BY g.group_name ASC';
$result['g'] = $db->sql_query($sql);
}
$u = $g = array();
$_types = array('u', 'g');
foreach ($_types as $type) {
if (isset($result[$type]) && $result[$type]) {
while ($row = $db->sql_fetchrow($result[$type])) {
if ($type == 'g') {
$row['name'] = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['name']] : $row['name'];
}
${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']);
}
$db->sql_freeresult($result[$type]);
}
}
// Now Build the address list
$plain_address_field = '';
foreach ($address_list as $type => $adr_ary) {
foreach ($adr_ary as $id => $field) {
if (!isset(${$type}[$id])) {
unset($address_list[$type][$id]);
continue;
}
$field = $field == 'to' ? 'to' : 'bcc';
$type = $type == 'u' ? 'u' : 'g';
$id = (int) $id;
$tpl_ary = array('IS_GROUP' => $type == 'g' ? true : false, 'IS_USER' => $type == 'u' ? true : false, 'UG_ID' => $id, 'NAME' => ${$type}[$id]['name'], 'COLOUR' => ${$type}[$id]['colour'] ? '#' . ${$type}[$id]['colour'] : '', 'TYPE' => $type);
if ($type == 'u') {
$tpl_ary = array_merge($tpl_ary, array('U_VIEW' => get_username_string('profile', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']), 'NAME_FULL' => get_username_string('full', $id, ${$type}[$id]['name'], ${$type}[$id]['colour'])));
} else {
$tpl_ary = array_merge($tpl_ary, array('U_VIEW' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $id)));
}
$template->assign_block_vars($field . '_recipient', $tpl_ary);
}
}
}
// Build hidden address list
$s_hidden_address_field = build_address_field($address_list);
$bbcode_checked = isset($enable_bbcode) ? !$enable_bbcode : ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') ? !$user->optionget('bbcode') : 1);
$smilies_checked = isset($enable_smilies) ? !$enable_smilies : ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') ? !$user->optionget('smilies') : 1);
$urls_checked = isset($enable_urls) ? !$enable_urls : 0;
$sig_checked = $enable_sig;
switch ($action) {
case 'post':
$page_title = $user->lang['POST_NEW_PM'];
break;
case 'quote':
$page_title = $user->lang['POST_QUOTE_PM'];
break;
case 'quotepost':
$page_title = $user->lang['POST_PM_POST'];
break;
case 'reply':
$page_title = $user->lang['POST_REPLY_PM'];
break;
case 'edit':
$page_title = $user->lang['POST_EDIT_PM'];
break;
case 'forward':
$page_title = $user->lang['POST_FORWARD_PM'];
break;
default:
trigger_error('NO_ACTION_MODE', E_USER_ERROR);
break;
}
$s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
$s_hidden_fields .= isset($check_value) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : '';
$s_hidden_fields .= $draft_id || isset($_REQUEST['draft_loaded']) ? '<input type="hidden" name="draft_loaded" value="' . (isset($_REQUEST['draft_loaded']) ? $request->variable('draft_loaded', 0) : $draft_id) . '" />' : '';
$form_enctype = @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach') ? '' : ' enctype="multipart/form-data"';
// Start assigning vars for main posting page ...
$template->assign_vars(array('L_POST_A' => $page_title, 'L_ICON' => $user->lang['PM_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']), 'SUBJECT' => isset($message_subject) ? $message_subject : '', 'MESSAGE' => $message_text, 'BBCODE_STATUS' => $bbcode_status ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>'), 'IMG_STATUS' => $img_status ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $flash_status ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => $smilies_status ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => $url_status ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'MAX_RECIPIENTS' => $config['allow_mass_pm'] && ($auth->acl_get('u_masspm') || $auth->acl_get('u_masspm_group')) ? $max_recipients : 0, 'S_COMPOSE_PM' => true, 'S_EDIT_POST' => $action == 'edit', 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_BBCODE_ALLOWED' => $bbcode_status ? 1 : 0, 'S_BBCODE_CHECKED' => $bbcode_checked ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => $smilies_checked ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => $config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig'), 'S_SIGNATURE_CHECKED' => $sig_checked ? ' checked="checked"' : '', 'S_LINKS_ALLOWED' => $url_status, 'S_MAGIC_URL_CHECKED' => $urls_checked ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => $auth->acl_get('u_savedrafts') && $action != 'edit' ? true : false, 'S_HAS_DRAFTS' => $auth->acl_get('u_savedrafts') && $drafts, 'S_FORM_ENCTYPE' => $form_enctype, 'S_ATTACH_DATA' => json_encode($message_parser->attachment_data), 'S_BBCODE_IMG' => $img_status, 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => true, 'S_BBCODE_URL' => $url_status, 'S_POST_ACTION' => $s_action, 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']), 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.{$phpEx}", 'f=0&mode=popup'), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.{$phpEx}", 'f=0&mode=popup'))));
// Build custom bbcodes array
display_custom_bbcodes();
// Show attachment box for adding attachments if true
$allowed = $auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype;
if ($allowed) {
$max_files = $auth->acl_gets('a_', 'm_') ? 0 : (int) $config['max_attachments_pm'];
$plupload->configure($cache, $template, $s_action, false, $max_files);
}
// Attachment entry
posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
// Message History
if ($action == 'reply' || $action == 'quote' || $action == 'forward') {
if (message_history($msg_id, $user->data['user_id'], $post, array(), true)) {
$template->assign_var('S_DISPLAY_HISTORY', true);
}
}
}
/**
* View private message
*/
function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
{
global $user, $template, $auth, $db, $cache;
global $phpbb_root_path, $phpEx, $config;
$user->add_lang(array('viewtopic', 'memberlist'));
$msg_id = (int) $msg_id;
$folder_id = (int) $folder_id;
$author_id = (int) $message_row['author_id'];
$view = request_var('view', '');
// Not able to view message, it was deleted by the sender
if ($message_row['pm_deleted']) {
$meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=pm&folder={$folder_id}");
$message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE'];
$message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
}
// Do not allow hold messages to be seen
if ($folder_id == PRIVMSGS_HOLD_BOX) {
trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
}
// Grab icons
$icons = $cache->obtain_icons();
$bbcode = false;
// Instantiate BBCode if need be
if ($message_row['bbcode_bitfield']) {
include $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode($message_row['bbcode_bitfield']);
}
// Assign TO/BCC Addresses to template
write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);
$user_info = get_user_information($author_id, $message_row);
// Parse the message and subject
$message = censor_text($message_row['message_text']);
// Second parse bbcode here
if ($message_row['bbcode_bitfield']) {
$bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']);
}
// Always process smilies after parsing bbcodes
$message = bbcode_nl2br($message);
$message = smiley_text($message);
// Replace naughty words such as farty pants
$message_row['message_subject'] = censor_text($message_row['message_subject']);
// Editing information
if ($message_row['message_edit_count'] && $config['display_last_edited']) {
$l_edit_time_total = $message_row['message_edit_count'] == 1 ? $user->lang['EDITED_TIME_TOTAL'] : $user->lang['EDITED_TIMES_TOTAL'];
$l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, !$message_row['message_edit_user'] ? $message_row['username'] : $message_row['message_edit_user'], $user->format_date($message_row['message_edit_time'], false, true), $message_row['message_edit_count']);
} else {
$l_edited_by = '';
}
// Pull attachment data
$display_notice = false;
$attachments = array();
if ($message_row['message_attachment'] && $config['allow_pm_attach']) {
if ($auth->acl_get('u_pm_download')) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . "\n\t\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime DESC, post_msg_id ASC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
// No attachments exist, but message table thinks they do so go ahead and reset attach flags
if (!sizeof($attachments)) {
$sql = 'UPDATE ' . PRIVMSGS_TABLE . "\n\t\t\t\t\tSET message_attachment = 0\n\t\t\t\t\tWHERE msg_id = {$msg_id}";
$db->sql_query($sql);
}
} else {
$display_notice = true;
}
}
// Assign inline attachments
if (!empty($attachments)) {
$update_count = array();
parse_attachments(false, $message, $attachments, $update_count);
// Update the attachment download counts
if (sizeof($update_count)) {
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
SET download_count = download_count + 1
WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count));
$db->sql_query($sql);
}
}
$user_info['sig'] = '';
$signature = $message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs') ? $user_info['user_sig'] : '';
// End signature parsing, only if needed
if ($signature) {
$signature = censor_text($signature);
if ($user_info['user_sig_bbcode_bitfield']) {
if ($bbcode === false) {
include $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']);
}
$bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']);
}
$signature = bbcode_nl2br($signature);
$signature = smiley_text($signature);
}
$url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm');
// Number of "to" recipients
$num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match);
$template->assign_vars(array('MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'RANK_TITLE' => $user_info['rank_title'], 'RANK_IMG' => $user_info['rank_image'], 'AUTHOR_AVATAR' => isset($user_info['avatar']) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], 'AUTHOR_FROM' => !empty($user_info['user_from']) ? $user_info['user_from'] : '', 'ONLINE_IMG' => !$config['load_onlinetrack'] ? '' : (isset($user_info['online']) && $user_info['online'] ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), 'S_ONLINE' => !$config['load_onlinetrack'] ? false : (isset($user_info['online']) && $user_info['online'] ? true : false), 'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']), 'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']), 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']), 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']), 'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']), 'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']), 'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']), 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'SENT_DATE' => $view == 'print' ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']), 'SUBJECT' => $message_row['message_subject'], 'MESSAGE' => $message, 'SIGNATURE' => $message_row['enable_sig'] ? $signature : '', 'EDITED_MESSAGE' => $l_edited_by, 'MESSAGE_ID' => $message_row['msg_id'], 'U_PM' => $config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) ? append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=compose&u=' . $author_id) : '', 'U_WWW' => !empty($user_info['user_website']) ? $user_info['user_website'] : '', 'U_ICQ' => $user_info['user_icq'] ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($user_info['user_icq']) : '', 'U_AIM' => $user_info['user_aim'] && $auth->acl_get('u_sendim') ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=contact&action=aim&u=' . $author_id) : '', 'U_YIM' => $user_info['user_yim'] ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&.src=pg' : '', 'U_MSN' => $user_info['user_msnm'] && $auth->acl_get('u_sendim') ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=contact&action=msnm&u=' . $author_id) : '', 'U_JABBER' => $user_info['user_jabber'] && $auth->acl_get('u_sendim') ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=contact&action=jabber&u=' . $author_id) : '', 'U_DELETE' => $auth->acl_get('u_pm_delete') ? "{$url}&mode=compose&action=delete&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_EMAIL' => $user_info['email'], 'U_REPORT' => $config['allow_pm_report'] ? append_sid("{$phpbb_root_path}report.{$phpEx}", "pm=" . $message_row['msg_id']) : '', 'U_QUOTE' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&mode=compose&action=quote&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_EDIT' => ($message_row['message_time'] > time() - $config['pm_edit_time'] * 60 || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit') ? "{$url}&mode=compose&action=edit&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_PM' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&mode=compose&action=reply&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_ALL' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&mode=compose&action=reply&f={$folder_id}&reply_to_all=1&p=" . $message_row['msg_id'] : '', 'U_PREVIOUS_PM' => "{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=previous", 'U_NEXT_PM' => "{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=next", 'U_PM_ACTION' => $url . '&mode=compose&f=' . $folder_id . '&p=' . $message_row['msg_id'], 'S_HAS_ATTACHMENTS' => sizeof($attachments) ? true : false, 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], 'S_AUTHOR_DELETED' => $author_id == ANONYMOUS ? true : false, 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'U_PRINT_PM' => $config['print_pm'] && $auth->acl_get('u_pm_printpm') ? "{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=print" : '', 'U_FORWARD_PM' => $config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward') ? "{$url}&mode=compose&action=forward&f={$folder_id}&p=" . $message_row['msg_id'] : ''));
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (isset($attachments) && sizeof($attachments)) {
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print') {
// Message History
if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) {
$template->assign_var('S_DISPLAY_HISTORY', true);
}
}
}
$row['post_text'] = bbcode_nl2br($row['post_text']);
}
else
{
// Second parse bbcode here
if ($row['bbcode_bitfield'])
{
$bbcode->bbcode_second_pass($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield']);
}
$row['post_text'] = bbcode_nl2br($row['post_text']);
$row['post_text'] = smiley_text($row['post_text']);
if (!empty($attachments[$row['post_id']]))
{
parse_attachments($forum_id, $row['post_text'], $attachments[$row['post_id']], $update_count);
// we only display inline attachments
unset($attachments[$row['post_id']]);
}
}
if ($hilit)
{
// post highlighting
$row['post_text'] = preg_replace('#(?!<.*)(?<!\w)(' . $hilit . ')(?!\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">$1</span>', $row['post_text']);
$row['post_subject'] = preg_replace('#(?!<.*)(?<!\w)(' . $hilit . ')(?!\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">$1</span>', $row['post_subject']);
}
$tpl_ary = array(
'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
/**
* View private message
*/
function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
{
global $user, $template, $auth, $db, $cache, $src_container;
global $src_root_path, $request, $phpEx, $config, $src_dispatcher;
$user->add_lang(array('viewtopic', 'memberlist'));
$msg_id = (int) $msg_id;
$folder_id = (int) $folder_id;
$author_id = (int) $message_row['author_id'];
$view = request_var('view', '');
// Not able to view message, it was deleted by the sender
if ($message_row['pm_deleted']) {
$meta_info = append_sid("{$src_root_path}ucp.{$phpEx}", "i=pm&folder={$folder_id}");
$message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE'];
$message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
}
// Do not allow hold messages to be seen
if ($folder_id == PRIVMSGS_HOLD_BOX) {
trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
}
// Grab icons
$icons = $cache->obtain_icons();
// Load the custom profile fields
if ($config['load_cpf_pm']) {
$cp = $src_container->get('profilefields.manager');
$profile_fields = $cp->grab_profile_fields_data($author_id);
}
// Assign TO/BCC Addresses to template
write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);
$user_info = get_user_information($author_id, $message_row);
// Parse the message and subject
$parse_flags = ($message_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$message = generate_text_for_display($message_row['message_text'], $message_row['bbcode_uid'], $message_row['bbcode_bitfield'], $parse_flags, true);
// Replace naughty words such as farty pants
$message_row['message_subject'] = censor_text($message_row['message_subject']);
// Editing information
if ($message_row['message_edit_count'] && $config['display_last_edited']) {
if (!$message_row['message_edit_user']) {
$display_username = get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour']);
} else {
$edit_user_info = get_user_information($message_row['message_edit_user'], false);
$display_username = get_username_string('full', $message_row['message_edit_user'], $edit_user_info['username'], $edit_user_info['user_colour']);
}
$l_edited_by = '<br /><br />' . $user->lang('EDITED_TIMES_TOTAL', (int) $message_row['message_edit_count'], $display_username, $user->format_date($message_row['message_edit_time'], false, true));
} else {
$l_edited_by = '';
}
// Pull attachment data
$display_notice = false;
$attachments = array();
if ($message_row['message_attachment'] && $config['allow_pm_attach']) {
if ($auth->acl_get('u_pm_download')) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . "\n\t\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime DESC, post_msg_id ASC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
// No attachments exist, but message table thinks they do so go ahead and reset attach flags
if (!sizeof($attachments)) {
$sql = 'UPDATE ' . PRIVMSGS_TABLE . "\n\t\t\t\t\tSET message_attachment = 0\n\t\t\t\t\tWHERE msg_id = {$msg_id}";
$db->sql_query($sql);
}
} else {
$display_notice = true;
}
}
// Assign inline attachments
if (!empty($attachments)) {
$update_count = array();
parse_attachments(false, $message, $attachments, $update_count);
// Update the attachment download counts
if (sizeof($update_count)) {
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
SET download_count = download_count + 1
WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count));
$db->sql_query($sql);
}
}
$user_info['sig'] = '';
$signature = $message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs') ? $user_info['user_sig'] : '';
// End signature parsing, only if needed
if ($signature) {
$parse_flags = ($user_info['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$signature = generate_text_for_display($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield'], $parse_flags, true);
}
$url = append_sid("{$src_root_path}ucp.{$phpEx}", 'i=pm');
// Number of "to" recipients
$num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match);
$bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode') ? true : false;
// Get the profile fields template data
$cp_row = array();
if ($config['load_cpf_pm'] && isset($profile_fields[$author_id])) {
// Filter the fields we don't want to show
foreach ($profile_fields[$author_id] as $used_ident => $profile_field) {
if (!$profile_field['data']['field_show_on_pm']) {
unset($profile_fields[$author_id][$used_ident]);
}
}
if (isset($profile_fields[$author_id])) {
$cp_row = $cp->generate_profile_fields_template_data($profile_fields[$author_id]);
}
}
$u_pm = $u_jabber = '';
if ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) {
$u_pm = append_sid("{$src_root_path}ucp.{$phpEx}", 'i=pm&mode=compose&u=' . $author_id);
}
if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim')) {
$u_jabber = append_sid("{$src_root_path}memberlist.{$phpEx}", 'mode=contact&action=jabber&u=' . $author_id);
}
$msg_data = array('MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'RANK_TITLE' => $user_info['rank_title'], 'RANK_IMG' => $user_info['rank_image'], 'AUTHOR_AVATAR' => isset($user_info['avatar']) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], 'U_AUTHOR_POSTS' => $config['load_search'] && $auth->acl_get('u_search') ? append_sid("{$src_root_path}search.{$phpEx}", "author_id={$author_id}&sr=posts") : '', 'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])), 'ONLINE_IMG' => !$config['load_onlinetrack'] ? '' : (isset($user_info['online']) && $user_info['online'] ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), 'S_ONLINE' => !$config['load_onlinetrack'] ? false : (isset($user_info['online']) && $user_info['online'] ? true : false), 'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']), 'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']), 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']), 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']), 'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']), 'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']), 'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']), 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'SENT_DATE' => $view == 'print' ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']), 'SUBJECT' => $message_row['message_subject'], 'MESSAGE' => $message, 'SIGNATURE' => $message_row['enable_sig'] ? $signature : '', 'EDITED_MESSAGE' => $l_edited_by, 'MESSAGE_ID' => $message_row['msg_id'], 'U_PM' => $u_pm, 'U_JABBER' => $u_jabber, 'U_DELETE' => $auth->acl_get('u_pm_delete') ? "{$url}&mode=compose&action=delete&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_EMAIL' => $user_info['email'], 'U_REPORT' => $config['allow_pm_report'] ? append_sid("{$src_root_path}report.{$phpEx}", "pm=" . $message_row['msg_id']) : '', 'U_QUOTE' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&mode=compose&action=quote&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_EDIT' => ($message_row['message_time'] > time() - $config['pm_edit_time'] * 60 || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit') ? "{$url}&mode=compose&action=edit&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_PM' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&mode=compose&action=reply&f={$folder_id}&p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_ALL' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&mode=compose&action=reply&f={$folder_id}&reply_to_all=1&p=" . $message_row['msg_id'] : '', 'U_PREVIOUS_PM' => "{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=previous", 'U_NEXT_PM' => "{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=next", 'U_PM_ACTION' => $url . '&mode=compose&f=' . $folder_id . '&p=' . $message_row['msg_id'], 'S_HAS_ATTACHMENTS' => sizeof($attachments) ? true : false, 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], 'S_AUTHOR_DELETED' => $author_id == ANONYMOUS ? true : false, 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'S_BBCODE_ALLOWED' => $bbcode_status ? 1 : 0, 'S_CUSTOM_FIELDS' => !empty($cp_row['row']) ? true : false, 'U_PRINT_PM' => $config['print_pm'] && $auth->acl_get('u_pm_printpm') ? "{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=print" : '', 'U_FORWARD_PM' => $config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward') ? "{$url}&mode=compose&action=forward&f={$folder_id}&p=" . $message_row['msg_id'] : '');
/**
* Modify pm and sender data before it is assigned to the template
*
* @event core.ucp_pm_view_messsage
* @var mixed id Active module category (can be int or string)
* @var string mode Active module
* @var int folder_id ID of the folder the message is in
* @var int msg_id ID of the private message
* @var array folder Array with data of user's message folders
* @var array message_row Array with message data
* @var array cp_row Array with senders custom profile field data
* @var array msg_data Template array with message data
* @since 3.1.0-a1
*/
$vars = array('id', 'mode', 'folder_id', 'msg_id', 'folder', 'message_row', 'cp_row', 'msg_data');
extract($src_dispatcher->trigger_event('core.ucp_pm_view_messsage', compact($vars)));
$template->assign_vars($msg_data);
$contact_fields = array(array('ID' => 'pm', 'NAME' => $user->lang['SEND_PRIVATE_MESSAGE'], 'U_CONTACT' => $u_pm), array('ID' => 'email', 'NAME' => $user->lang['SEND_EMAIL'], 'U_CONTACT' => $user_info['email']), array('ID' => 'jabber', 'NAME' => $user->lang['JABBER'], 'U_CONTACT' => $u_jabber));
foreach ($contact_fields as $field) {
if ($field['U_CONTACT']) {
$template->assign_block_vars('contact', $field);
}
}
// Display the custom profile fields
if (!empty($cp_row['row'])) {
$template->assign_vars($cp_row['row']);
foreach ($cp_row['blockrow'] as $cp_block_row) {
$template->assign_block_vars('custom_fields', $cp_block_row);
if ($cp_block_row['S_PROFILE_CONTACT']) {
$template->assign_block_vars('contact', array('ID' => $cp_block_row['PROFILE_FIELD_IDENT'], 'NAME' => $cp_block_row['PROFILE_FIELD_NAME'], 'U_CONTACT' => $cp_block_row['PROFILE_FIELD_CONTACT']));
}
}
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (isset($attachments) && sizeof($attachments)) {
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
if (!isset($_REQUEST['view']) || $request->variable('view', '') != 'print') {
// Message History
if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) {
$template->assign_var('S_DISPLAY_HISTORY', true);
}
}
}
// This could be a broken posts table.
if (!isset($rowset[$post_list[$i]])) {
continue;
}
$row = $rowset[$post_list[$i]];
$poster_id = $row['user_id'];
// End signature parsing, only if needed
if ($user_cache[$poster_id]['sig'] && $row['enable_sig'] && empty($user_cache[$poster_id]['sig_parsed'])) {
$parse_flags = ($user_cache[$poster_id]['sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$user_cache[$poster_id]['sig'] = generate_text_for_display($user_cache[$poster_id]['sig'], $user_cache[$poster_id]['sig_bbcode_uid'], $user_cache[$poster_id]['sig_bbcode_bitfield'], $parse_flags, true);
}
// Parse the message and subject
$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
$message = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, true);
if (!empty($attachments[$row['post_id']])) {
parse_attachments($forum_id, $message, $attachments[$row['post_id']], $update_count);
}
// Replace naughty words such as farty pants
$row['post_subject'] = censor_text($row['post_subject']);
// Highlight active words (primarily for search)
if ($highlight_match) {
$message = preg_replace('#(?!<.*)(?<!\\w)(' . $highlight_match . ')(?!\\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">\\1</span>', $message);
$row['post_subject'] = preg_replace('#(?!<.*)(?<!\\w)(' . $highlight_match . ')(?!\\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">\\1</span>', $row['post_subject']);
}
// Editing information
if ($row['post_edit_count'] && $config['display_last_edited'] || $row['post_edit_reason']) {
// Get usernames for all following posts if not already stored
if (!sizeof($post_edit_list) && ($row['post_edit_reason'] || $row['post_edit_user'] && !isset($user_cache[$row['post_edit_user']]))) {
// Remove all post_ids already parsed (we do not have to check them)
$post_storage_list = !$store_reverse ? array_slice($post_list, $i) : array_slice(array_reverse($post_list), $i);
$sql = 'SELECT DISTINCT u.user_id, u.username, u.user_colour
echo "\t<tr>\n";
echo "\t\t<th>" . $text['label-fax_caller_id_name'] . "</th>\n";
echo "\t\t<th>" . $text['label-fax_caller_id_number'] . "</th>\n";
echo "\t\t<th>" . $text['table-file'] . "</th>\n";
echo "\t\t<th>" . $text['label-email_size'] . "</th>\n";
echo "\t\t<th>" . $text['label-email_received'] . "</th>\n";
if (permission_exists('fax_inbox_delete')) {
echo "\t\t<td style='width: 25px;' class='list_control_icons'> </td>\n";
}
echo "\t</tr>";
if ($emails) {
rsort($emails);
// most recent on top
foreach ($emails as $email_id) {
$metadata = object_to_array(imap_fetch_overview($connection, $email_id, FT_UID));
$attachment = parse_attachments($connection, $email_id, FT_UID);
$file_name = $attachment[0]['filename'];
$caller_id_name = substr($file_name, 0, strpos($file_name, '-'));
$caller_id_number = is_numeric($caller_id_name) ? format_phone((int) $caller_id_name) : null;
echo "\t<tr " . ($metadata[0]['seen'] == 0 ? "style='font-weight: bold;'" : null) . ">\n";
echo "\t\t<td valign='top' class='" . $row_style[$c] . "'>" . $caller_id_name . "</td>\n";
echo "\t\t<td valign='top' class='" . $row_style[$c] . "'>" . $caller_id_number . "</td>\n";
echo "\t\t<td valign='top' class='" . $row_style[$c] . "'><a href='?id=" . $fax_uuid . "&email_id=" . $email_id . "&download'>" . $file_name . "</a></td>\n";
echo "\t\t<td valign='top' class='" . $row_style[$c] . "'>" . byte_convert(strlen($attachment[0]['attachment'])) . "</td>\n";
echo "\t\t<td valign='top' class='" . $row_style[$c] . "'>" . $metadata[0]['date'] . "</td>\n";
if (permission_exists('fax_inbox_delete')) {
echo "\t\t<td style='width: 25px;' class='list_control_icons'><a href='?id=" . $fax_uuid . "&email_id=" . $email_id . "&delete' onclick=\"return confirm('" . $text['confirm-delete'] . "')\">" . $v_link_label_delete . "</a></td>\n";
}
echo "\t</tr>\n";
// $fax_message = imap_fetchbody($connection, $email_id, '1.1', FT_UID);
// if ($fax_message == '') {
/**
* View topic in MCP
*/
function mcp_topic_view($id, $mode, $action)
{
global $phpEx, $phpbb_root_path, $config;
global $template, $db, $user, $auth, $cache;
$url = append_sid("{$phpbb_root_path}mcp.{$phpEx}?" . extra_url());
$user->add_lang('viewtopic');
$topic_id = request_var('t', 0);
$topic_info = get_topic_data(array($topic_id), false, true);
if (!sizeof($topic_info)) {
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
// Set up some vars
$icon_id = request_var('icon', 0);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$start = request_var('start', 0);
$sort_days_old = request_var('st_old', 0);
$forum_id = request_var('f', 0);
$to_topic_id = request_var('to_topic_id', 0);
$to_forum_id = request_var('to_forum_id', 0);
$sort = isset($_POST['sort']) ? true : false;
$submitted_id_list = request_var('post_ids', array(0));
$checked_ids = $post_id_list = request_var('post_id_list', array(0));
// Resync Topic?
if ($action == 'resync') {
if (!function_exists('mcp_resync_topics')) {
include $phpbb_root_path . 'includes/mcp/mcp_forum.' . $phpEx;
}
mcp_resync_topics(array($topic_id));
}
// Split Topic?
if ($action == 'split_all' || $action == 'split_beyond') {
if (!$sort) {
split_topic($action, $topic_id, $to_forum_id, $subject);
}
$action = 'split';
}
// Merge Posts?
if ($action == 'merge_posts') {
if (!$sort) {
merge_posts($topic_id, $to_topic_id);
}
$action = 'merge';
}
if ($action == 'split' && !$subject) {
$subject = $topic_info['topic_title'];
}
// Approve posts?
if ($action == 'approve' && $auth->acl_get('m_approve', $topic_info['forum_id'])) {
include $phpbb_root_path . 'includes/mcp/mcp_queue.' . $phpEx;
include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
if (!sizeof($post_id_list)) {
trigger_error('NO_POST_SELECTED');
}
if (!$sort) {
approve_post($post_id_list, $id, $mode);
}
}
// Jumpbox, sort selects and that kind of things
make_jumpbox($url . "&i={$id}&mode=forum_view", $topic_info['forum_id'], false, 'm_', true);
$where_sql = $action == 'reports' ? 'WHERE post_reported = 1 AND ' : 'WHERE';
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
mcp_sorting('viewtopic', $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $topic_info['forum_id'], $topic_id, $where_sql);
$limit_time_sql = $sort_days ? 'AND p.post_time >= ' . (time() - $sort_days * 86400) : '';
if ($total == -1) {
if ($auth->acl_get('m_approve', $topic_info['forum_id'])) {
$total = $topic_info['topic_replies_real'] + 1;
} else {
$total = $topic_info['topic_replies'] + 1;
}
}
$posts_per_page = max(0, request_var('posts_per_page', intval($config['posts_per_page'])));
if ($posts_per_page == 0) {
$posts_per_page = $total;
}
if (!empty($sort_days_old) && $sort_days_old != $sort_days || $total <= $posts_per_page) {
$start = 0;
}
// Make sure $start is set to the last page if it exceeds the amount
if ($start < 0 || $start >= $total) {
$start = $start < 0 ? 0 : floor(($total - 1) / $posts_per_page) * $posts_per_page;
}
$sql = 'SELECT u.username, u.username_clean, u.user_colour, p.*
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE ' . ($action == 'reports' ? 'p.post_reported = 1 AND ' : '') . '
p.topic_id = ' . $topic_id . ' ' . (!$auth->acl_get('m_approve', $topic_info['forum_id']) ? ' AND p.post_approved = 1 ' : '') . '
AND p.poster_id = u.user_id ' . $limit_time_sql . '
ORDER BY ' . $sort_order_sql;
$result = $db->sql_query_limit($sql, $posts_per_page, $start);
$rowset = $post_id_list = array();
$bbcode_bitfield = '';
while ($row = $db->sql_fetchrow($result)) {
$rowset[] = $row;
$post_id_list[] = $row['post_id'];
$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
}
$db->sql_freeresult($result);
if ($bbcode_bitfield !== '') {
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode(base64_encode($bbcode_bitfield));
}
$topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread']) {
$tmp_topic_data = array($topic_id => $topic_info);
$topic_tracking_info = get_topic_tracking($topic_info['forum_id'], $topic_id, $tmp_topic_data, array($topic_info['forum_id'] => $topic_info['forum_mark_time']));
unset($tmp_topic_data);
} else {
$topic_tracking_info = get_complete_topic_tracking($topic_info['forum_id'], $topic_id);
}
$has_unapproved_posts = false;
// Grab extensions
$extensions = $attachments = array();
if ($topic_info['topic_attachment'] && sizeof($post_id_list)) {
$extensions = $cache->obtain_attach_extensions($topic_info['forum_id']);
// Get attachments...
if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $topic_info['forum_id'])) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $post_id_list) . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
}
foreach ($rowset as $i => $row) {
$message = $row['post_text'];
$post_subject = $row['post_subject'] != '' ? $row['post_subject'] : $topic_info['topic_title'];
if ($row['bbcode_bitfield']) {
$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if (!empty($attachments[$row['post_id']])) {
$update_count = array();
parse_attachments($topic_info['forum_id'], $message, $attachments[$row['post_id']], $update_count);
}
if (!$row['post_approved']) {
$has_unapproved_posts = true;
}
$post_unread = isset($topic_tracking_info[$topic_id]) && $row['post_time'] > $topic_tracking_info[$topic_id] ? true : false;
$template->assign_block_vars('postrow', array('POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_DATE' => $user->format_date($row['post_time']), 'POST_SUBJECT' => $post_subject, 'MESSAGE' => $message, 'POST_ID' => $row['post_id'], 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 't=' . $topic_id) . '">', '</a>'), 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 'S_POST_REPORTED' => $row['post_reported'] && $auth->acl_get('m_report', $topic_info['forum_id']), 'S_POST_UNAPPROVED' => !$row['post_approved'] && $auth->acl_get('m_approve', $topic_info['forum_id']), 'S_CHECKED' => $submitted_id_list && !in_array(intval($row['post_id']), $submitted_id_list) || in_array(intval($row['post_id']), $checked_ids) ? true : false, 'S_HAS_ATTACHMENTS' => !empty($attachments[$row['post_id']]) ? true : false, 'U_POST_DETAILS' => "{$url}&i={$id}&p={$row['post_id']}&mode=post_details" . ($forum_id ? "&f={$forum_id}" : ''), 'U_MCP_APPROVE' => $auth->acl_get('m_approve', $topic_info['forum_id']) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '', 'U_MCP_REPORT' => $auth->acl_get('m_report', $topic_info['forum_id']) ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : ''));
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments[$row['post_id']])) {
foreach ($attachments[$row['post_id']] as $attachment) {
$template->assign_block_vars('postrow.attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
unset($rowset[$i]);
}
// Display topic icons for split topic
$s_topic_icons = false;
if ($auth->acl_gets('m_split', 'm_merge', (int) $topic_info['forum_id'])) {
include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$s_topic_icons = posting_gen_topic_icons('', $icon_id);
// Has the user selected a topic for merge?
if ($to_topic_id) {
$to_topic_info = get_topic_data(array($to_topic_id), 'm_merge');
if (!sizeof($to_topic_info)) {
$to_topic_id = 0;
} else {
$to_topic_info = $to_topic_info[$to_topic_id];
if (!$to_topic_info['enable_icons'] || $auth->acl_get('!f_icons', $topic_info['forum_id'])) {
$s_topic_icons = false;
}
}
}
}
$s_hidden_fields = build_hidden_fields(array('st_old' => $sort_days, 'post_ids' => $post_id_list));
$template->assign_vars(array('TOPIC_TITLE' => $topic_info['topic_title'], 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $topic_info['forum_id'] . '&t=' . $topic_info['topic_id']), 'TO_TOPIC_ID' => $to_topic_id, 'TO_TOPIC_INFO' => $to_topic_id ? sprintf($user->lang['YOU_SELECTED_TOPIC'], $to_topic_id, '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $to_topic_info['forum_id'] . '&t=' . $to_topic_id) . '">' . $to_topic_info['topic_title'] . '</a>') : '', 'SPLIT_SUBJECT' => $subject, 'POSTS_PER_PAGE' => $posts_per_page, 'ACTION' => $action, 'REPORTED_IMG' => $user->img('icon_topic_reported', 'POST_REPORTED'), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', 'POST_UNAPPROVED'), 'INFO_IMG' => $user->img('icon_post_info', 'VIEW_INFO'), 'S_MCP_ACTION' => "{$url}&i={$id}&mode={$mode}&action={$action}&start={$start}", 'S_FORUM_SELECT' => $to_forum_id ? make_forum_select($to_forum_id, false, false, true, true, true) : make_forum_select($topic_info['forum_id'], false, false, true, true, true), 'S_CAN_SPLIT' => $auth->acl_get('m_split', $topic_info['forum_id']) ? true : false, 'S_CAN_MERGE' => $auth->acl_get('m_merge', $topic_info['forum_id']) ? true : false, 'S_CAN_DELETE' => $auth->acl_get('m_delete', $topic_info['forum_id']) ? true : false, 'S_CAN_APPROVE' => $has_unapproved_posts && $auth->acl_get('m_approve', $topic_info['forum_id']) ? true : false, 'S_CAN_LOCK' => $auth->acl_get('m_lock', $topic_info['forum_id']) ? true : false, 'S_CAN_REPORT' => $auth->acl_get('m_report', $topic_info['forum_id']) ? true : false, 'S_CAN_SYNC' => $auth->acl_get('m_', $topic_info['forum_id']), 'S_REPORT_VIEW' => $action == 'reports' ? true : false, 'S_MERGE_VIEW' => $action == 'merge' ? true : false, 'S_SPLIT_VIEW' => $action == 'split' ? true : false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 'S_TOPIC_ICON' => $icon_id, 'U_SELECT_TOPIC' => "{$url}&i={$id}&mode=forum_view&action=merge_select" . ($forum_id ? "&f={$forum_id}" : ''), 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", "f={$topic_info['forum_id']}&t={$topic_info['topic_id']}&start={$start}") . '">', '</a>'), 'RETURN_FORUM' => sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", "f={$topic_info['forum_id']}&start={$start}") . '">', '</a>'), 'PAGE_NUMBER' => on_page($total, $posts_per_page, $start), 'PAGINATION' => !$posts_per_page ? '' : generate_pagination(append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i={$id}&t={$topic_info['topic_id']}&mode={$mode}&action={$action}&to_topic_id={$to_topic_id}&posts_per_page={$posts_per_page}&st={$sort_days}&sk={$sort_key}&sd={$sort_dir}"), $total, $posts_per_page, $start), 'TOTAL_POSTS' => $total == 1 ? $user->lang['VIEW_TOPIC_POST'] : sprintf($user->lang['VIEW_TOPIC_POSTS'], $total)));
}
/**
* Enter description here...
*
* @param string $content
* @param int $uid
* @param int $bitfield
* @return string
**/
function generate_content( $content, $uid, $bitfield, $attach_list, $post_id, $forum_id )
{
global $text_limit, $show_text, $board_url;
global $user, $config, $phpbb_root_path, $phpEx;
if ( $show_text && !empty($content) )
{
// Remove Comments from smiles
$content = smiley_text($content);
// Truncates post text ?
$content = generate_truncate_content($content, $text_limit, $uid, false );
// Prepare some bbcodes for better parsing
$content = preg_replace("#\[quote(=".*?")?:$uid\]\s*(.*?)\s*\[/quote:$uid\]#si", "[quote$1:$uid]<br />$2<br />[/quote:$uid]", $content);
/* Just remember : Never use it !
* Commented out so I do not make the same error twice.
$content = html_entity_decode($content);
*/
// Parse it!
$content = generate_text_for_display($content, $uid, $bitfield, 7);
// Fix smilies
$content = str_replace('{SMILIES_PATH}/', "{$phpbb_root_path}{$config['smilies_path']}/", $content);
// Relative Path to Absolute path, Windows style
$content = str_replace('./', "$board_url/", $content);
// Fix some spaces
$content = bbcode_nl2br($content);
// Remove "Select all" link and mouse events
$content = str_replace('<a href="#" onclick="selectCode(this); return false;">' .$user->lang['SELECT_ALL_CODE'] . '</a>', '', $content);
$content = preg_replace('#(onkeypress|onclick)="(.*?)"#si', '', $content);
// Remove Comments from post content
$content = preg_replace('#<!-- ([lmwe]) -->(.*?)<!-- ([lmwe]) -->#si', '$2', $content);
// Remove embed Windows Media Streams
$content = preg_replace( '#<\!--\[if \!IE\]>-->([^[]+)<\!--<!\[endif\]-->#si', '', $content);
// Remove embed and objects
// Use (<|<) and (>|>) because can be contained into [code][/code]
$content = preg_replace( '#(<|<)(object|embed)(.*?) (value|src)=(.*?) ([^[]+)(object|embed)(>|>)#si',' <a href=$5 target="_blank"><strong>$2</strong></a> ',$content);
// Remove some specials html tag, because somewhere there are a mod to allow html tags ;)
// Use (<|<) and (>|>) because can be contained into [code][/code]
$content = preg_replace( '#(<|<)script([^[]+)script(>|>)#si', ' <strong>Script</strong> ', $content);
$content = preg_replace( '#(<|<)iframe([^[]+)iframe(>|>)#si', ' <strong>Iframe</strong> ', $content);
// Resize images ?
if ( $config['rss_image_size'] )
{
$content = preg_replace('#<img.*?src=\"(.*?)\" alt=(.*?)/>#ise', "check_rss_imagesize( '$1' )", $content);
}
/* Convert special HTML entities back to characters
* Some languages will need it
* Commented out so I do not loose the code.
$content = htmlspecialchars_decode($content);
*/
// Other control characters
$content = preg_replace('#(?:[\x00-\x1F\x7F]+|(?:\xC2[\x80-\x9F])+)#', '', $content);
// Pull attachment data
if (sizeof($attach_list))
{
global $auth, $db;
$attachments = $update_count = array();
$attachments['post_id'][] = $post_id;
// Pull attachment data
if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id))
{
$attachments = array();
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $attach_list) . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
// Attach in-line
parse_attachments($forum_id, $content, $attachments[$post_id], $update_count);
// Display not already displayed Attachments for this post, we already parsed them. ;)
if ( !empty($attachments[$post_id]) )
{
$attachment_data = '';
foreach ($attachments[$post_id] as $attachment)
{
$attachment_data .= $attachment;
}
$content .= '<br /><br />' . $user->lang['ATTACHMENTS'] . $attachment_data;
}
}
else
{
// Remove attachments [ia]
$content = preg_replace('#<div class="(inline-attachment|attachtitle)">(.*?)<!-- ia(.*?) -->(.*?)<!-- ia(.*?) -->(.*?)</div>#si','',$content);
}
}
/* Just remember : Never use it !
* Commented out so I do not make the same error twice.
$content = htmlspecialchars($content);
*/
return $content;
}
function main($id, $mode)
{
global $auth, $db, $user, $template, $cache;
global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container, $phpbb_dispatcher;
include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$forum_id = request_var('f', 0);
$start = request_var('start', 0);
$this->page_title = 'MCP_REPORTS';
switch ($action) {
case 'close':
case 'delete':
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$report_id_list = request_var('report_id_list', array(0));
if (!sizeof($report_id_list)) {
trigger_error('NO_REPORT_SELECTED');
}
close_report($report_id_list, $mode, $action);
break;
}
switch ($mode) {
case 'report_details':
$user->add_lang(array('posting', 'viewforum', 'viewtopic'));
$post_id = request_var('p', 0);
// closed reports are accessed by report id
$report_id = request_var('r', 0);
$sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
WHERE ' . ($report_id ? 'r.report_id = ' . $report_id : "r.post_id = {$post_id}") . '
AND rr.reason_id = r.reason_id
AND r.user_id = u.user_id
AND r.pm_id = 0
ORDER BY report_closed ASC';
$result = $db->sql_query_limit($sql, 1);
$report = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$report) {
trigger_error('NO_REPORT');
}
$phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->mark_notifications_read('notification.type.report_post', $post_id, $user->data['user_id']);
if (!$report_id && $report['report_closed']) {
trigger_error('REPORT_CLOSED');
}
$post_id = $report['post_id'];
$report_id = $report['report_id'];
$parse_post_flags = $report['reported_post_enable_bbcode'] ? OPTION_FLAG_BBCODE : 0;
$parse_post_flags += $report['reported_post_enable_smilies'] ? OPTION_FLAG_SMILIES : 0;
$parse_post_flags += $report['reported_post_enable_magic_url'] ? OPTION_FLAG_LINKS : 0;
$post_info = phpbb_get_post_data(array($post_id), 'm_report', true);
if (!sizeof($post_info)) {
trigger_error('NO_REPORT_SELECTED');
}
$post_info = $post_info[$post_id];
$reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']);
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])])) {
$reason['description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])];
$reason['title'] = $user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])];
}
if (topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) {
$template->assign_vars(array('S_TOPIC_REVIEW' => true, 'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'], 'TOPIC_TITLE' => $post_info['topic_title'], 'REPORTED_POST_ID' => $post_id));
}
$topic_tracking_info = $extensions = $attachments = array();
// Get topic tracking info
if ($config['load_db_lastread']) {
$tmp_topic_data = array($post_info['topic_id'] => $post_info);
$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
unset($tmp_topic_data);
} else {
$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
}
$post_unread = isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']] ? true : false;
$message = generate_text_for_display($report['reported_post_text'], $report['reported_post_uid'], $report['reported_post_bitfield'], $parse_post_flags, false);
$report['report_text'] = make_clickable(bbcode_nl2br($report['report_text']));
if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) {
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $post_id . '
AND in_message = 0
AND filetime <= ' . (int) $report['report_time'] . '
ORDER BY filetime DESC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$attachments[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($attachments)) {
$update_count = array();
parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments)) {
$template->assign_var('S_HAS_ATTACHMENTS', true);
foreach ($attachments as $attachment) {
$template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
}
}
}
$template->assign_vars(array('S_MCP_REPORT' => true, 'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE, 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_REPORT_CLOSED' => $report['report_closed'], 'S_USER_NOTES' => true, 'U_EDIT' => $auth->acl_get('m_edit', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}posting.{$phpEx}", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $report['user_id']), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), 'U_MCP_WARN_REPORTER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $report['user_id']) : '', 'U_MCP_WARN_USER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $post_info['forum_id']), 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']), 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports' . ($post_info['post_reported'] ? '&mode=reports' : '&mode=reports_closed') . '&start=' . $start . '&f=' . $post_info['forum_id']) . '">', '</a>'), 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'REPORT_DATE' => $user->format_date($report['report_time']), 'REPORT_ID' => $report_id, 'REPORT_REASON_TITLE' => $reason['title'], 'REPORT_REASON_DESCRIPTION' => $reason['description'], 'REPORT_TEXT' => $report['report_text'], 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'REPORTER_FULL' => get_username_string('full', $report['user_id'], $report['username'], $report['user_colour']), 'REPORTER_COLOUR' => get_username_string('colour', $report['user_id'], $report['username'], $report['user_colour']), 'REPORTER_NAME' => get_username_string('username', $report['user_id'], $report['username'], $report['user_colour']), 'U_VIEW_REPORTER_PROFILE' => get_username_string('profile', $report['user_id'], $report['username'], $report['user_colour']), 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'] ? $post_info['post_subject'] : $user->lang['NO_SUBJECT'], 'POST_DATE' => $user->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => $auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '') ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], 'U_LOOKUP_IP' => $auth->acl_get('m_info', $post_info['forum_id']) ? $this->u_action . '&r=' . $report_id . '&p=' . $post_id . '&f=' . $forum_id . '&lookup=' . $post_info['poster_ip'] . '#ip' : ''));
$this->tpl_name = 'mcp_post';
break;
case 'reports':
case 'reports_closed':
$topic_id = request_var('t', 0);
$forum_info = array();
$forum_list_reports = get_forum_list('m_report', false, true);
$forum_list_read = array_flip(get_forum_list('f_read', true, true));
// Flipped so we can isset() the forum IDs
// Remove forums we cannot read
foreach ($forum_list_reports as $k => $forum_data) {
if (!isset($forum_list_read[$forum_data['forum_id']])) {
unset($forum_list_reports[$k]);
}
}
unset($forum_list_read);
if ($topic_id) {
$topic_info = phpbb_get_topic_data(array($topic_id));
if (!sizeof($topic_info)) {
trigger_error('TOPIC_NOT_EXIST');
}
if ($forum_id != $topic_info[$topic_id]['forum_id']) {
$topic_id = 0;
} else {
$topic_info = $topic_info[$topic_id];
$forum_id = (int) $topic_info['forum_id'];
}
}
$forum_list = array();
if (!$forum_id) {
foreach ($forum_list_reports as $row) {
$forum_list[] = $row['forum_id'];
}
if (!sizeof($forum_list)) {
trigger_error('NOT_MODERATOR');
}
$global_id = $forum_list[0];
$sql = 'SELECT SUM(forum_topics_approved) as sum_forum_topics
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_list);
$result = $db->sql_query($sql);
$forum_info['forum_topics_approved'] = (int) $db->sql_fetchfield('sum_forum_topics');
$db->sql_freeresult($result);
} else {
$forum_info = phpbb_get_forum_data(array($forum_id), 'm_report');
if (!sizeof($forum_info)) {
trigger_error('NOT_MODERATOR');
}
$forum_info = $forum_info[$forum_id];
$forum_list = array($forum_id);
}
$forum_list[] = 0;
$forum_data = array();
$pagination = $phpbb_container->get('pagination');
$forum_options = '<option value="0"' . ($forum_id == 0 ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
foreach ($forum_list_reports as $row) {
$forum_options .= '<option value="' . $row['forum_id'] . '"' . ($forum_id == $row['forum_id'] ? ' selected="selected"' : '') . '>' . str_repeat(' ', $row['padding']) . $row['forum_name'] . '</option>';
$forum_data[$row['forum_id']] = $row;
}
unset($forum_list_reports);
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
$forum_topics = $total == -1 ? $forum_info['forum_topics_approved'] : $total;
$limit_time_sql = $sort_days ? 'AND r.report_time >= ' . (time() - $sort_days * 86400) : '';
if ($mode == 'reports') {
$report_state = 'AND p.post_reported = 1 AND r.report_closed = 0';
} else {
$report_state = 'AND r.report_closed = 1';
}
$sql = 'SELECT r.report_id
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . REPORTS_TABLE . ' r ' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . ($sort_order_sql[0] == 'r' ? ', ' . USERS_TABLE . ' ru' : '') . '
WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . "\n\t\t\t\t\t\t{$report_state}\n\t\t\t\t\t\tAND r.post_id = p.post_id\n\t\t\t\t\t\t" . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.poster_id' : '') . '
' . ($sort_order_sql[0] == 'r' ? 'AND ru.user_id = r.user_id' : '') . '
' . ($topic_id ? 'AND p.topic_id = ' . $topic_id : '') . "\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND r.pm_id = 0\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
/**
* Alter sql query to get report id of all reports for requested forum and topic or just forum
*
* @event core.mcp_reports_get_reports_query_before
* @var string sql String with the query to be executed
* @var array forum_list List of forums that contain the posts
* @var int topic_id topic_id in the page request
* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
* @var string sort_order_sql String with the ORDER BY SQL code used in this query
* @since 3.1.0-RC4
*/
$vars = array('sql', 'forum_list', 'topic_id', 'limit_time_sql', 'sort_order_sql');
extract($phpbb_dispatcher->trigger_event('core.mcp_reports_get_reports_query_before', compact($vars)));
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$i = 0;
$report_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$report_ids[] = $row['report_id'];
$row_num[$row['report_id']] = $i++;
}
$db->sql_freeresult($result);
if (sizeof($report_ids)) {
$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour, r.user_id as reporter_id, ru.username as reporter_name, ru.user_colour as reporter_colour, r.report_time, r.report_id
FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u, ' . USERS_TABLE . ' ru
WHERE ' . $db->sql_in_set('r.report_id', $report_ids) . '
AND t.topic_id = p.topic_id
AND r.post_id = p.post_id
AND u.user_id = p.poster_id
AND ru.user_id = r.user_id
AND r.pm_id = 0
ORDER BY ' . $sort_order_sql;
$result = $db->sql_query($sql);
$report_data = $rowset = array();
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('postrow', array('U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']), 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'], 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=reports&start={$start}&mode=report_details&f={$row['forum_id']}&r={$row['report_id']}"), 'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'REPORTER_FULL' => get_username_string('full', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'REPORTER_COLOUR' => get_username_string('colour', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'REPORTER' => get_username_string('username', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'U_REPORTER' => get_username_string('profile', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'FORUM_NAME' => $forum_data[$row['forum_id']]['forum_name'], 'POST_ID' => $row['post_id'], 'POST_SUBJECT' => $row['post_subject'] ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'POST_TIME' => $user->format_date($row['post_time']), 'REPORT_ID' => $row['report_id'], 'REPORT_TIME' => $user->format_date($row['report_time']), 'TOPIC_TITLE' => $row['topic_title'], 'ATTACH_ICON_IMG' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'] ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : ''));
}
$db->sql_freeresult($result);
unset($report_ids, $row);
}
$base_url = $this->u_action . "&f={$forum_id}&t={$topic_id}&st={$sort_days}&sk={$sort_key}&sd={$sort_dir}";
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
// Now display the page
$template->assign_vars(array('L_EXPLAIN' => $mode == 'reports' ? $user->lang['MCP_REPORTS_OPEN_EXPLAIN'] : $user->lang['MCP_REPORTS_CLOSED_EXPLAIN'], 'L_TITLE' => $mode == 'reports' ? $user->lang['MCP_REPORTS_OPEN'] : $user->lang['MCP_REPORTS_CLOSED'], 'L_ONLY_TOPIC' => $topic_id ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '', 'S_MCP_ACTION' => $this->u_action, 'S_FORUM_OPTIONS' => $forum_options, 'S_CLOSED' => $mode == 'reports_closed' ? true : false, 'TOPIC_ID' => $topic_id, 'TOTAL' => $total, 'TOTAL_REPORTS' => $user->lang('LIST_REPORTS', (int) $total)));
$this->tpl_name = 'mcp_reports';
break;
}
}
function main($id, $mode)
{
global $auth, $db, $user, $template, $cache;
global $config, $phpbb_root_path, $phpEx, $action;
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
$forum_id = request_var('f', 0);
$start = request_var('start', 0);
$this->page_title = 'MCP_REPORTS';
switch ($action)
{
case 'close':
case 'delete':
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
$report_id_list = request_var('report_id_list', array(0));
if (!sizeof($report_id_list))
{
trigger_error('NO_REPORT_SELECTED');
}
close_report($report_id_list, $mode, $action);
break;
}
switch ($mode)
{
case 'report_details':
$user->add_lang('posting');
$post_id = request_var('p', 0);
// closed reports are accessed by report id
$report_id = request_var('r', 0);
$sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . '
AND rr.reason_id = r.reason_id
AND r.user_id = u.user_id
ORDER BY report_closed ASC';
$result = $db->sql_query_limit($sql, 1);
$report = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$report)
{
trigger_error('NO_REPORT');
}
if (!$report_id && $report['report_closed'])
{
trigger_error('REPORT_CLOSED');
}
$post_id = $report['post_id'];
$report_id = $report['report_id'];
$post_info = get_post_data(array($post_id), 'm_report', true);
if (!sizeof($post_info))
{
trigger_error('NO_REPORT_SELECTED');
}
$post_info = $post_info[$post_id];
$reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']);
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])]))
{
$reason['description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])];
$reason['title'] = $user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])];
}
if (topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
{
$template->assign_vars(array(
'S_TOPIC_REVIEW' => true,
'TOPIC_TITLE' => $post_info['topic_title'])
);
}
$topic_tracking_info = $extensions = $attachments = array();
// Get topic tracking info
if ($config['load_db_lastread'])
{
$tmp_topic_data = array($post_info['topic_id'] => $post_info);
$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
unset($tmp_topic_data);
}
else
{
$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
}
$post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
// Process message, leave it uncensored
$message = $post_info['post_text'];
if ($post_info['bbcode_bitfield'])
{
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
$bbcode = new bbcode($post_info['bbcode_bitfield']);
$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
}
$message = bbcode_nl2br($message);
$message = smiley_text($message);
if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
{
$extensions = $cache->obtain_attach_extensions($post_info['forum_id']);
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE post_msg_id = ' . $post_id . '
AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$attachments[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($attachments))
{
$update_count = array();
parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
}
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (!empty($attachments))
{
$template->assign_var('S_HAS_ATTACHMENTS', true);
foreach ($attachments as $attachment)
{
$template->assign_block_vars('attachment', array(
'DISPLAY_ATTACHMENT' => $attachment)
);
}
}
}
$template->assign_vars(array(
'S_MCP_REPORT' => true,
'S_CLOSE_ACTION' => $this->u_action . '&p=' . $post_id . '&f=' . $forum_id,
'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
'S_POST_REPORTED' => $post_info['post_reported'],
'S_POST_UNAPPROVED' => !$post_info['post_approved'],
'S_POST_LOCKED' => $post_info['post_edit_locked'],
'S_USER_NOTES' => true,
'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '',
'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $report['user_id']),
'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
'U_MCP_WARN_REPORTER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $report['user_id']) : '',
'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']),
'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'NEW_POST') : $user->img('icon_post_target', 'POST'),
'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports' . (($post_info['post_reported']) ? '&mode=reports' : '&mode=reports_closed') . '&start=' . $start . '&f=' . $post_info['forum_id']) . '">', '</a>'),
'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
'REPORT_DATE' => $user->format_date($report['report_time']),
'REPORT_ID' => $report_id,
'REPORT_REASON_TITLE' => $reason['title'],
'REPORT_REASON_DESCRIPTION' => $reason['description'],
'REPORT_TEXT' => $report['report_text'],
'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
'REPORTER_FULL' => get_username_string('full', $report['user_id'], $report['username'], $report['user_colour']),
'REPORTER_COLOUR' => get_username_string('colour', $report['user_id'], $report['username'], $report['user_colour']),
'REPORTER_NAME' => get_username_string('username', $report['user_id'], $report['username'], $report['user_colour']),
'U_VIEW_REPORTER_PROFILE' => get_username_string('profile', $report['user_id'], $report['username'], $report['user_colour']),
'POST_PREVIEW' => $message,
'POST_SUBJECT' => ($post_info['post_subject']) ? $post_info['post_subject'] : $user->lang['NO_SUBJECT'],
'POST_DATE' => $user->format_date($post_info['post_time']),
'POST_IP' => $post_info['poster_ip'],
'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
'POST_ID' => $post_info['post_id'],
'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? $this->u_action . '&r=' . $report_id . '&p=' . $post_id . '&f=' . $forum_id . '&lookup=' . $post_info['poster_ip'] . '#ip' : '',
));
$this->tpl_name = 'mcp_post';
break;
case 'reports':
case 'reports_closed':
$topic_id = request_var('t', 0);
$forum_info = array();
$forum_list_reports = get_forum_list('m_report', false, true);
if ($topic_id && $forum_id)
{
$topic_info = get_topic_data(array($topic_id));
if (!sizeof($topic_info))
{
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
$forum_id = $topic_info['forum_id'];
}
else if ($topic_id && !$forum_id)
{
$topic_id = 0;
}
$forum_list = array();
if (!$forum_id)
{
foreach ($forum_list_reports as $row)
{
$forum_list[] = $row['forum_id'];
}
if (!sizeof($forum_list))
{
trigger_error('NOT_MODERATOR');
}
$global_id = $forum_list[0];
$sql = 'SELECT SUM(forum_topics) as sum_forum_topics
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_list);
$result = $db->sql_query($sql);
$forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
$db->sql_freeresult($result);
}
else
{
$forum_info = get_forum_data(array($forum_id), 'm_report');
if (!sizeof($forum_info))
{
trigger_error('NOT_MODERATOR');
}
$forum_info = $forum_info[$forum_id];
$forum_list = array($forum_id);
$global_id = $forum_id;
}
$forum_list[] = 0;
$forum_data = array();
$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
foreach ($forum_list_reports as $row)
{
$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat(' ', $row['padding']) . $row['forum_name'] . '</option>';
$forum_data[$row['forum_id']] = $row;
}
unset($forum_list_reports);
$sort_days = $total = 0;
$sort_key = $sort_dir = '';
$sort_by_sql = $sort_order_sql = array();
mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
$forum_topics = ($total == -1) ? $forum_info['forum_topics'] : $total;
$limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
if ($mode == 'reports')
{
$report_state = 'AND p.post_reported = 1 AND r.report_closed = 0';
}
else
{
$report_state = 'AND r.report_closed = 1';
}
$sql = 'SELECT r.report_id
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . REPORTS_TABLE . ' r ' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . (($sort_order_sql[0] == 'r') ? ', ' . USERS_TABLE . ' ru' : '') . '
WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . "
$report_state
AND r.post_id = p.post_id
" . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
' . (($sort_order_sql[0] == 'r') ? 'AND ru.user_id = p.poster_id' : '') . '
' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
AND t.topic_id = p.topic_id
$limit_time_sql
ORDER BY $sort_order_sql";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$i = 0;
$report_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$report_ids[] = $row['report_id'];
$row_num[$row['report_id']] = $i++;
}
$db->sql_freeresult($result);
if (sizeof($report_ids))
{
$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username, u.username_clean, u.user_colour, r.user_id as reporter_id, ru.username as reporter_name, ru.user_colour as reporter_colour, r.report_time, r.report_id
FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u, ' . USERS_TABLE . ' ru
WHERE ' . $db->sql_in_set('r.report_id', $report_ids) . '
AND t.topic_id = p.topic_id
AND r.post_id = p.post_id
AND u.user_id = p.poster_id
AND ru.user_id = r.user_id
ORDER BY ' . $sort_order_sql;
$result = $db->sql_query($sql);
$report_data = $rowset = array();
while ($row = $db->sql_fetchrow($result))
{
$global_topic = ($row['forum_id']) ? false : true;
if ($global_topic)
{
$row['forum_id'] = $global_id;
}
$template->assign_block_vars('postrow', array(
'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '',
'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'],
'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&start=$start&mode=report_details&f={$row['forum_id']}&r={$row['report_id']}"),
'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'REPORTER_FULL' => get_username_string('full', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
'REPORTER_COLOUR' => get_username_string('colour', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
'REPORTER' => get_username_string('username', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
'U_REPORTER' => get_username_string('profile', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']),
'FORUM_NAME' => (!$global_topic) ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['GLOBAL_ANNOUNCEMENT'],
'POST_ID' => $row['post_id'],
'POST_SUBJECT' => ($row['post_subject']) ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
'POST_TIME' => $user->format_date($row['post_time']),
'REPORT_ID' => $row['report_id'],
'REPORT_TIME' => $user->format_date($row['report_time']),
'TOPIC_TITLE' => $row['topic_title'])
);
}
$db->sql_freeresult($result);
unset($report_ids, $row);
}
// Now display the page
$template->assign_vars(array(
'L_EXPLAIN' => ($mode == 'reports') ? $user->lang['MCP_REPORTS_OPEN_EXPLAIN'] : $user->lang['MCP_REPORTS_CLOSED_EXPLAIN'],
'L_TITLE' => ($mode == 'reports') ? $user->lang['MCP_REPORTS_OPEN'] : $user->lang['MCP_REPORTS_CLOSED'],
'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
'S_MCP_ACTION' => $this->u_action,
'S_FORUM_OPTIONS' => $forum_options,
'S_CLOSED' => ($mode == 'reports_closed') ? true : false,
'PAGINATION' => generate_pagination($this->u_action . "&f=$forum_id&t=$topic_id&st=$sort_days&sk=$sort_key&sd=$sort_dir", $total, $config['topics_per_page'], $start),
'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start),
'TOPIC_ID' => $topic_id,
'TOTAL' => $total,
'TOTAL_REPORTS' => ($total == 1) ? $user->lang['LIST_REPORT'] : sprintf($user->lang['LIST_REPORTS'], $total),
)
);
$this->tpl_name = 'mcp_reports';
break;
}
}
