Example #1
0
/**
 * Remove a batch of messages (or topics)
 *
 * @param int[] $messages
 * @param mixed[] $messageDetails
 * @param string $type = replies
 */
function removeMessages($messages, $messageDetails, $type = 'replies')
{
    global $modSettings;
    // @todo something's not right, removeMessage() does check permissions,
    // removeTopics() doesn't
    if ($type == 'topics') {
        removeTopics($messages);
        // and tell the world about it
        foreach ($messages as $topic) {
            // Note, only log topic ID in native form if it's not gone forever.
            logAction('remove', array(empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$topic]['board'] ? 'topic' : 'old_topic_id' => $topic, 'subject' => $messageDetails[$topic]['subject'], 'member' => $messageDetails[$topic]['member'], 'board' => $messageDetails[$topic]['board']));
        }
    } else {
        require_once SUBSDIR . '/Messages.subs.php';
        foreach ($messages as $post) {
            removeMessage($post);
            logAction('delete', array(empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$post]['board'] ? 'topic' : 'old_topic_id' => $messageDetails[$post]['topic'], 'subject' => $messageDetails[$post]['subject'], 'member' => $messageDetails[$post]['member'], 'board' => $messageDetails[$post]['board']));
        }
    }
}
function deleteAccount2($profile_vars, $post_errors, $memID)
{
    global $user_info, $sourcedir, $context, $cur_profile, $modSettings, $smcFunc;
    // Try get more time...
    @set_time_limit(600);
    // !!! Add a way to delete pms as well?
    if (!$context['user']['is_owner']) {
        isAllowedTo('profile_remove_any');
    } elseif (!allowedTo('profile_remove_any')) {
        isAllowedTo('profile_remove_own');
    }
    checkSession();
    $old_profile =& $cur_profile;
    // Too often, people remove/delete their own only account.
    if (in_array(1, explode(',', $old_profile['additional_groups'])) || $old_profile['id_group'] == 1) {
        // Are you allowed to administrate the forum, as they are?
        isAllowedTo('admin_forum');
        $request = $smcFunc['db_query']('', '
			SELECT id_member
			FROM {db_prefix}members
			WHERE (id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0)
				AND id_member != {int:selected_member}
			LIMIT 1', array('admin_group' => 1, 'selected_member' => $memID));
        list($another) = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);
        if (empty($another)) {
            fatal_lang_error('at_least_one_admin', 'critical');
        }
    }
    // This file is needed for the deleteMembers function.
    require_once $sourcedir . '/Subs-Members.php';
    // Do you have permission to delete others profiles, or is that your profile you wanna delete?
    if ($memID != $user_info['id']) {
        isAllowedTo('profile_remove_any');
        // Now, have you been naughty and need your posts deleting?
        // !!! Should this check board permissions?
        if ($_POST['remove_type'] != 'none' && allowedTo('moderate_forum')) {
            // Include RemoveTopics - essential for this type of work!
            require_once $sourcedir . '/RemoveTopic.php';
            // First off we delete any topics the member has started - if they wanted topics being done.
            if ($_POST['remove_type'] == 'topics') {
                // Fetch all topics started by this user within the time period.
                $request = $smcFunc['db_query']('', '
					SELECT t.id_topic
					FROM {db_prefix}topics AS t
					WHERE t.id_member_started = {int:selected_member}', array('selected_member' => $memID));
                $topicIDs = array();
                while ($row = $smcFunc['db_fetch_assoc']($request)) {
                    $topicIDs[] = $row['id_topic'];
                }
                $smcFunc['db_free_result']($request);
                // Actually remove the topics.
                // !!! This needs to check permissions, but we'll let it slide for now because of moderate_forum already being had.
                removeTopics($topicIDs);
            }
            // Now delete the remaining messages.
            $request = $smcFunc['db_query']('', '
				SELECT m.id_msg
				FROM {db_prefix}messages AS m
					INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic
						AND t.id_first_msg != m.id_msg)
				WHERE m.id_member = {int:selected_member}', array('selected_member' => $memID));
            // This could take a while... but ya know it's gonna be worth it in the end.
            while ($row = $smcFunc['db_fetch_assoc']($request)) {
                if (function_exists('apache_reset_timeout')) {
                    @apache_reset_timeout();
                }
                removeMessage($row['id_msg']);
            }
            $smcFunc['db_free_result']($request);
        }
        // Only delete this poor members account if they are actually being booted out of camp.
        if (isset($_POST['deleteAccount'])) {
            deleteMembers($memID);
        }
    } elseif (empty($post_errors) && !empty($modSettings['approveAccountDeletion']) && !allowedTo('moderate_forum')) {
        // Setup their account for deletion ;)
        updateMemberData($memID, array('is_activated' => 4));
        // Another account needs approval...
        updateSettings(array('unapprovedMembers' => true), true);
    } elseif (empty($post_errors)) {
        deleteMembers($memID);
        require_once $sourcedir . '/LogInOut.php';
        LogOut(true);
        redirectExit();
    }
}
Example #3
0
function deleteAccount2($profile_vars, $post_errors, $memID)
{
    global $ID_MEMBER, $user_info, $sourcedir, $context, $db_prefix, $user_profile, $modSettings;
    // !!! Add a way to delete pms as well?
    if (!$context['user']['is_owner']) {
        isAllowedTo('profile_remove_any');
    } elseif (!allowedTo('profile_remove_any')) {
        isAllowedTo('profile_remove_own');
    }
    checkSession();
    $old_profile =& $user_profile[$memID];
    // Too often, people remove/delete their own only account.
    if (in_array(1, explode(',', $old_profile['additionalGroups'])) || $old_profile['ID_GROUP'] == 1) {
        // Are you allowed to administrate the forum, as they are?
        isAllowedTo('admin_forum');
        $request = db_query("\n\t\t\tSELECT ID_MEMBER\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE (ID_GROUP = 1 OR FIND_IN_SET(1, additionalGroups))\n\t\t\t\tAND ID_MEMBER != {$memID}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
        list($another) = mysql_fetch_row($request);
        mysql_free_result($request);
        if (empty($another)) {
            fatal_lang_error('at_least_one_admin');
        }
    }
    // This file is needed for the deleteMembers function.
    require_once $sourcedir . '/Subs-Members.php';
    // Do you have permission to delete others profiles, or is that your profile you wanna delete?
    if ($memID != $ID_MEMBER) {
        isAllowedTo('profile_remove_any');
        // Now, have you been naughty and need your posts deleting?
        // !!! Should this check board permissions?
        if ($_POST['remove_type'] != 'none' && allowedTo('moderate_forum')) {
            // Include RemoveTopics - essential for this type of work!
            require_once $sourcedir . '/RemoveTopic.php';
            // First off we delete any topics the member has started - if they wanted topics being done.
            if ($_POST['remove_type'] == 'topics') {
                // Fetch all topics started by this user within the time period.
                $request = db_query("\n\t\t\t\t\tSELECT t.ID_TOPIC\n\t\t\t\t\tFROM {$db_prefix}topics AS t\n\t\t\t\t\tWHERE t.ID_MEMBER_STARTED = {$memID}", __FILE__, __LINE__);
                $topicIDs = array();
                while ($row = mysql_fetch_assoc($request)) {
                    $topicIDs[] = $row['ID_TOPIC'];
                }
                mysql_free_result($request);
                // Actually remove the topics.
                // !!! This needs to check permissions, but we'll let it slide for now because of moderate_forum already being had.
                removeTopics($topicIDs);
            }
            // Now delete the remaining messages.
            $request = db_query("\n\t\t\t\tSELECT m.ID_MSG\n\t\t\t\tFROM ({$db_prefix}messages AS m, {$db_prefix}topics AS t)\n\t\t\t\tWHERE m.ID_MEMBER = {$memID}\n\t\t\t\t\tAND m.ID_TOPIC = t.ID_TOPIC\n\t\t\t\t\tAND t.ID_FIRST_MSG != m.ID_MSG", __FILE__, __LINE__);
            // This could take a while... but ya know it's gonna be worth it in the end.
            while ($row = mysql_fetch_assoc($request)) {
                removeMessage($row['ID_MSG']);
            }
            mysql_free_result($request);
        }
        // Only delete this poor members account if they are actually being booted out of camp.
        if (isset($_POST['deleteAccount'])) {
            deleteMembers($memID);
        }
    } elseif (empty($post_errors) && !empty($modSettings['approveAccountDeletion']) && !allowedTo('moderate_forum')) {
        // Setup their account for deletion ;)
        updateMemberData($memID, array('is_activated' => 4));
        // Another account needs approval...
        updateSettings(array('unapprovedMembers' => true), true);
    } elseif (empty($post_errors)) {
        deleteMembers($memID);
    }
}
Example #4
0
function mob_m_ban_user($rpcmsg)
{
    global $mobdb, $context, $func, $user_info, $modSettings, $user_info, $sourcedir;
    checkSession('session');
    // Cannot ban an user?
    if (!allowedTo('manage_bans')) {
        mob_error('cannot ban users');
    }
    $reason = strtr($func['htmlspecialchars']($rpcmsg->getParam(2) ? $rpcmsg->getScalarValParam(2) : ''), array("\r" => '', "\n" => '', "\t" => ''));
    $username = $rpcmsg->getScalarValParam(0);
    require_once $sourcedir . '/Subs-Auth.php';
    // If we have an user ID, use it otherwise search for the user
    if (!is_null($id_user)) {
        $request = $mobdb->query('
			SELECT ID_MEMBER
			FROM {db_prefix}members
			WHERE ID_MEMBER = {int:member}', array('member' => $id_user));
        if ($mobdb->num_rows($request) == 0) {
            $id_user = null;
        } else {
            list($id_user) = $mobdb->fetch_row($request);
        }
        $mobdb->free_result($request);
    }
    // Otherwise search from the DB,
    if (is_null($id_user)) {
        $username = utf8ToAscii($username);
        $members = findMembers($username);
        if (empty($members)) {
            mob_error('user not found');
        }
        $member_ids = array_keys($members);
        $id_user = $members[$member_ids[0]]['id'];
    }
    $member = $id_user;
    // Create the ban
    $mobdb->query('
		INSERT INTO {db_prefix}ban_groups
			(name, ban_time, cannot_access, expire_time, reason)
		VALUES
			({string:name}, {int:time}, 1, NULL, {string:reason})', array('time' => time(), 'name' => 'Tapatalk ban (' . $username . ')', 'reason' => $reason));
    $id_ban_group = $mobdb->insert_id();
    // Insert the user into the ban
    $mobdb->query('
		INSERT INTO {db_prefix}ban_items
			(ID_BAN_GROUP, ID_MEMBER)
		VALUES
			({int:group}, {int:member})', array('group' => $id_ban_group, 'member' => $member));
    // Do we have to delete every post made by this user?
    // !!! Optimize this
    if ($rpcmsg->getScalarValParam(1) == 2) {
        require_once $sourcedir . '/RemoveTopic.php';
        @ignore_user_abort();
        @set_time_limit(0);
        $request = $mobdb->query('
			SELECT m.ID_MSG AS id_msg
			FROM {db_prefix}messages AS m
				LEFT JOIN {db_prefix}topics AS t ON (t.ID_TOPIC = m.ID_TOPIC)
			WHERE m.ID_MEMBER = {int:member}
				AND (t.ID_FIRST_MSG != m.ID_MSG OR t.numReplies = 0)', array('member' => $member));
        while ($row = $mobdb->fetch_assoc($request)) {
            removeMessage($row['id_msg']);
        }
        $mobdb->free_result($request);
    }
    // Return a true response
    return new xmlrpcresp(new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean')), 'struct'));
}
function ViewWatchedUsers()
{
    global $smcFunc, $modSettings, $context, $txt, $scripturl, $user_info, $sourcedir;
    // Some important context!
    $context['page_title'] = $txt['mc_watched_users_title'];
    $context['view_posts'] = isset($_GET['sa']) && $_GET['sa'] == 'post';
    $context['start'] = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
    loadTemplate('ModerationCenter');
    // Get some key settings!
    $modSettings['warning_watch'] = empty($modSettings['warning_watch']) ? 1 : $modSettings['warning_watch'];
    // Put some pretty tabs on cause we're gonna be doing hot stuff here...
    $context[$context['moderation_menu_name']]['tab_data'] = array('title' => $txt['mc_watched_users_title'], 'help' => '', 'description' => $txt['mc_watched_users_desc']);
    // First off - are we deleting?
    if (!empty($_REQUEST['delete'])) {
        checkSession(!is_array($_REQUEST['delete']) ? 'get' : 'post');
        $toDelete = array();
        if (!is_array($_REQUEST['delete'])) {
            $toDelete[] = (int) $_REQUEST['delete'];
        } else {
            foreach ($_REQUEST['delete'] as $did) {
                $toDelete[] = (int) $did;
            }
        }
        if (!empty($toDelete)) {
            require_once $sourcedir . '/RemoveTopic.php';
            // If they don't have permission we'll let it error - either way no chance of a security slip here!
            foreach ($toDelete as $did) {
                removeMessage($did);
            }
        }
    }
    // Start preparing the list by grabbing relevant permissions.
    if (!$context['view_posts']) {
        $approve_query = '';
        $delete_boards = array();
    } else {
        // Still obey permissions!
        $approve_boards = boardsAllowedTo('approve_posts');
        $delete_boards = boardsAllowedTo('delete_any');
        if ($approve_boards == array(0)) {
            $approve_query = '';
        } elseif (!empty($approve_boards)) {
            $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
        } else {
            $approve_query = ' AND 0';
        }
    }
    require_once $sourcedir . '/Subs-List.php';
    // This is all the information required for a watched user listing.
    $listOptions = array('id' => 'watch_user_list', 'title' => $txt['mc_watched_users_title'] . ' - ' . ($context['view_posts'] ? $txt['mc_watched_users_post'] : $txt['mc_watched_users_member']), 'width' => '100%', 'items_per_page' => $modSettings['defaultMaxMessages'], 'no_items_label' => $context['view_posts'] ? $txt['mc_watched_users_no_posts'] : $txt['mc_watched_users_none'], 'base_href' => $scripturl . '?action=moderate;area=userwatch;sa=' . ($context['view_posts'] ? 'post' : 'member'), 'default_sort_col' => $context['view_posts'] ? '' : 'member', 'get_items' => array('function' => $context['view_posts'] ? 'list_getWatchedUserPosts' : 'list_getWatchedUsers', 'params' => array($approve_query, $delete_boards)), 'get_count' => array('function' => $context['view_posts'] ? 'list_getWatchedUserPostsCount' : 'list_getWatchedUserCount', 'params' => array($approve_query)), 'columns' => array('member' => array('header' => array('value' => $txt['mc_watched_users_member']), 'data' => array('sprintf' => array('format' => '<a href="' . $scripturl . '?action=profile;u=%1$d">%2$s</a>', 'params' => array('id' => false, 'name' => false))), 'sort' => array('default' => 'real_name', 'reverse' => 'real_name DESC')), 'warning' => array('header' => array('value' => $txt['mc_watched_users_warning']), 'data' => array('function' => create_function('$member', '
						global $scripturl;

						return allowedTo(\'issue_warning\') ? \'<a href="\' . $scripturl . \'?action=profile;area=issuewarning;u=\' . $member[\'id\'] . \'">\' . $member[\'warning\'] . \'%</a>\' : $member[\'warning\'] . \'%\';
					')), 'sort' => array('default' => 'warning', 'reverse' => 'warning DESC')), 'posts' => array('header' => array('value' => $txt['posts']), 'data' => array('sprintf' => array('format' => '<a href="' . $scripturl . '?action=profile;u=%1$d;area=showposts;sa=messages">%2$s</a>', 'params' => array('id' => false, 'posts' => false))), 'sort' => array('default' => 'posts', 'reverse' => 'posts DESC')), 'last_login' => array('header' => array('value' => $txt['mc_watched_users_last_login']), 'data' => array('db' => 'last_login'), 'sort' => array('default' => 'last_login', 'reverse' => 'last_login DESC')), 'last_post' => array('header' => array('value' => $txt['mc_watched_users_last_post']), 'data' => array('function' => create_function('$member', '
						global $scripturl;

						if ($member[\'last_post_id\'])
							return \'<a href="\' . $scripturl . \'?msg=\' . $member[\'last_post_id\'] . \'">\' . $member[\'last_post\'] . \'</a>\';
						else
							return $member[\'last_post\'];
					')))), 'form' => array('href' => $scripturl . '?action=moderate;area=userwatch;sa=post', 'include_sort' => true, 'include_start' => true, 'hidden_fields' => array($context['session_var'] => $context['session_id'])), 'additional_rows' => array($context['view_posts'] ? array('position' => 'bottom_of_list', 'value' => '
					<input type="submit" name="delete_selected" value="' . $txt['quickmod_delete_selected'] . '" class="button_submit" />', 'align' => 'right') : array()));
    // If this is being viewed by posts we actually change the columns to call a template each time.
    if ($context['view_posts']) {
        $listOptions['columns'] = array('posts' => array('data' => array('function' => create_function('$post', '
						return template_user_watch_post_callback($post);
					'))));
    }
    // Create the watched user list.
    createList($listOptions);
    $context['sub_template'] = 'show_list';
    $context['default_list'] = 'watch_user_list';
}
Example #6
0
function showPosts($memID)
{
    global $txt, $user_info, $scripturl, $modSettings;
    global $context, $user_profile, $sourcedir, $board, $memberContext, $options;
    EoS_Smarty::loadTemplate('profile/profile_base');
    $context['need_synhlt'] = true;
    // Some initial context.
    $context['start'] = (int) $_REQUEST['start'];
    $context['current_member'] = $memID;
    // Create the tabs for the template.
    $context[$context['profile_menu_name']]['tab_data'] = array('title' => $txt['showPosts'], 'description' => $txt['showPosts_help'], 'tabs' => array('messages' => array(), 'topics' => array(), 'attach' => array()));
    // Set the page title
    $context['page_title'] = $txt['showPosts'] . ' - ' . $user_profile[$memID]['real_name'];
    $context['pageindex_multiplier'] = commonAPI::getMessagesPerPage();
    $context['can_approve_posts'] = false;
    // Is the load average too high to allow searching just now?
    if (!empty($context['load_average']) && !empty($modSettings['loadavg_show_posts']) && $context['load_average'] >= $modSettings['loadavg_show_posts']) {
        fatal_lang_error('loadavg_show_posts_disabled', false);
    }
    if (isset($_GET['sa']) && !empty($modSettings['karmaMode']) && ($_GET['sa'] == 'likes' || $_GET['sa'] == 'likesout')) {
        require_once $sourcedir . '/Ratings.php';
        return LikesByUser($memID);
    }
    EoS_Smarty::getConfigInstance()->registerHookTemplate('profile_content_area', 'profile/show_content');
    $boards_hidden_1 = boardsAllowedTo('see_hidden1');
    $boards_hidden_2 = boardsAllowedTo('see_hidden2');
    $boards_hidden_3 = boardsAllowedTo('see_hidden3');
    // If we're specifically dealing with attachments use that function!
    if (isset($_GET['sa']) && $_GET['sa'] == 'attach') {
        return showAttachments($memID);
    }
    // Are we just viewing topics?
    $context['is_topics'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? true : false;
    // If just deleting a message, do it and then redirect back.
    if (isset($_GET['delete']) && !$context['is_topics']) {
        checkSession('get');
        // We need msg info for logging.
        $request = smf_db_query('
			SELECT subject, id_member, id_topic, id_board
			FROM {db_prefix}messages
			WHERE id_msg = {int:id_msg}', array('id_msg' => (int) $_GET['delete']));
        $info = mysql_fetch_row($request);
        mysql_free_result($request);
        // Trying to remove a message that doesn't exist.
        if (empty($info)) {
            redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
        }
        // We can be lazy, since removeMessage() will check the permissions for us.
        require_once $sourcedir . '/RemoveTopic.php';
        removeMessage((int) $_GET['delete']);
        // Add it to the mod log.
        if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id'])) {
            logAction('delete', array('topic' => $info[2], 'subject' => $info[0], 'member' => $info[1], 'board' => $info[3]));
        }
        // Back to... where we are now ;).
        redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
    }
    // Default to 10.
    if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount'])) {
        $_REQUEST['viewscount'] = '10';
    }
    if ($context['is_topics']) {
        $request = smf_db_query('
			SELECT COUNT(*)
			FROM {db_prefix}topics AS t' . ($user_info['query_see_board'] == '1=1' ? '' : '
				INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board AND {query_see_board})') . '
			WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
				AND t.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
				AND t.approved = {int:is_approved}'), array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
    } else {
        $request = smf_db_query('
			SELECT COUNT(*)
			FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
				INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
			WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
				AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
				AND m.approved = {int:is_approved}'), array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
    }
    list($msgCount) = mysql_fetch_row($request);
    mysql_free_result($request);
    $request = smf_db_query('
		SELECT MIN(id_msg), MAX(id_msg)
		FROM {db_prefix}messages AS m
		WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
			AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
			AND m.approved = {int:is_approved}'), array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
    list($min_msg_member, $max_msg_member) = mysql_fetch_row($request);
    mysql_free_result($request);
    $reverse = false;
    $range_limit = '';
    $maxIndex = (int) $modSettings['defaultMaxMessages'];
    // Make sure the starting place makes sense and construct our friend the page index.
    $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts' . ($context['is_topics'] ? ';sa=topics' : '') . (!empty($board) ? ';board=' . $board : ''), $context['start'], $msgCount, $maxIndex);
    $context['current_page'] = $context['start'] / $maxIndex;
    // Reverse the query if we're past 50% of the pages for better performance.
    $start = $context['start'];
    $reverse = $_REQUEST['start'] > $msgCount / 2;
    if ($reverse && !$context['is_topics']) {
        $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages'];
        $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages'];
    }
    // Guess the range of messages to be shown.
    if ($msgCount > 1000) {
        $margin = floor(($max_msg_member - $min_msg_member) * (($start + $modSettings['defaultMaxMessages']) / $msgCount) + 0.1 * ($max_msg_member - $min_msg_member));
        // Make a bigger margin for topics only.
        if ($context['is_topics']) {
            $margin *= 5;
            $range_limit = $reverse ? 't.id_first_msg < ' . ($min_msg_member + $margin) : 't.id_first_msg > ' . ($max_msg_member - $margin);
        } else {
            $range_limit = $reverse ? 'm.id_msg < ' . ($min_msg_member + $margin) : 'm.id_msg > ' . ($max_msg_member - $margin);
        }
    }
    // Find this user's posts.  The left join on categories somehow makes this faster, weird as it looks.
    $context['results_counter'] = 0;
    $topicids = array();
    if ($context['is_topics']) {
        $context['postbit_callback'] = 'template_topicbit';
        $prereq = smf_db_query('
			SELECT t.id_topic FROM {db_prefix}topics AS t
			LEFT JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
			WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
				AND t.id_board = {int:board}' : '') . '
				AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
				AND t.approved = {int:is_approved}') . '
			ORDER BY t.id_topic DESC
			LIMIT ' . $start . ', ' . $modSettings['defaultMaxMessages'], array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
        while ($row = mysql_fetch_row($prereq)) {
            $topicids[] = $row[0];
        }
        mysql_free_result($prereq);
        if (count($topicids)) {
            $request = smf_db_query('
				SELECT
					b.id_board, b.name AS board_name, t.id_member_started, t.id_first_msg, t.id_last_msg, t.id_prefix, t.is_sticky, t.locked, t.num_views, t.num_replies, t.id_poll,
					t.approved, t.unapproved_posts, m.id_member, m.subject AS first_subject, m.poster_time, m.id_topic, m.id_msg, m.icon,
					m2.poster_name AS last_member_name, m2.id_member AS last_id_member, m2.poster_time AS last_post_time,
					IFNULL(meml.real_name, m2.poster_name) AS last_display_name, m2.subject AS last_subject, m2.icon AS last_icon,
					p.name AS prefix_name
				FROM {db_prefix}topics AS t
					LEFT JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
					LEFT JOIN {db_prefix}members AS meml ON (meml.id_member = t.id_member_updated)
					LEFT JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
					LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
					LEFT JOIN {db_prefix}messages AS m2 ON (m2.id_msg = t.id_last_msg)
					LEFT JOIN {db_prefix}prefixes AS p ON (p.id_prefix = t.id_prefix)
				WHERE t.id_topic IN({array_int:topicids})
				ORDER BY t.id_topic DESC', array('topicids' => $topicids));
        }
    } else {
        $context['postbit_callback'] = 'template_postbit_compact';
        $request = smf_db_query('
			SELECT
				b.id_board, b.name AS bname, c.id_cat, c.name AS cname, m.id_topic, m.id_msg,
				t.id_member_started, t.id_first_msg, t.id_last_msg, m.body, m.smileys_enabled, m.id_member, m.icon,
				m.subject, m.poster_time, m.modified_time, m.approved, mc.body AS cached_body, ' . (!empty($modSettings['karmaMode']) ? 'c1.likes_count, c1.like_status, c1.updated AS like_updated, l.rtype AS liked, ' : '0 AS likes_count, 0 AS like_status, 0 AS like_updated, 0 AS liked, ') . '
				m2.id_member AS id_first_member, m2.subject AS first_subject, m2.poster_time AS time_started,
				IFNULL(mem2.real_name, m2.poster_name) AS first_poster_name
			FROM {db_prefix}messages AS m
				INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
				INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
				INNER JOIN {db_prefix}messages AS m2 ON (m2.id_msg = t.id_first_msg)
				LEFT JOIN {db_prefix}members AS mem2 ON (mem2.id_member = m2.id_member)
				LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat) ' . (!empty($modSettings['karmaMode']) ? '
					LEFT JOIN {db_prefix}likes AS l ON (l.id_msg = m.id_msg AND l.ctype = 1 AND l.id_user = {int:id_user})
					LEFT JOIN {db_prefix}like_cache AS c1 ON (c1.id_msg = m.id_msg AND c1.ctype = 1)' : '') . '
				LEFT JOIN {db_prefix}messages_cache AS mc on mc.id_msg = m.id_msg AND mc.style = {int:style} AND mc.lang = {int:lang}
			WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
				AND b.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
				AND ' . $range_limit) . '
				AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
				AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
			ORDER BY m.id_msg ' . ($reverse ? 'ASC' : 'DESC') . '
			LIMIT ' . $start . ', ' . $maxIndex, array('current_member' => $memID, 'is_approved' => 1, 'board' => $board, 'style' => $user_info['smiley_set_id'], 'lang' => $user_info['language_id'], 'id_user' => $user_info['id']));
    }
    // Start counting at the number of the first message displayed.
    $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start'];
    $context['posts'] = array();
    $board_ids = array('own' => array(), 'any' => array());
    if (!empty($modSettings['karmaMode'])) {
        require_once $sourcedir . '/lib/Subs-Ratings.php';
        $boards_like_see = boardsAllowedTo('like_see');
        $boards_like_give = boardsAllowedTo('like_give');
    } else {
        $boards_like_see = array();
        $boards_like_give = array();
        $context['can_see_like'] = $context['can_give_like'] = false;
    }
    $time_now = time();
    if ($context['is_topics']) {
        $context['topics_per_page'] = empty($modSettings['disableCustomPerPage']) && !empty($options['topics_per_page']) ? $options['topics_per_page'] : $modSettings['defaultMaxTopics'];
        $context['messages_per_page'] = commonAPI::getMessagesPerPage();
        if (count($topicids)) {
            loadMemberContext($memID, true);
            while ($row = mysql_fetch_assoc($request)) {
                $context['results_counter']++;
                if ($row['num_replies'] + 1 > $context['messages_per_page']) {
                    $pages = '&nbsp;&nbsp;';
                    // We can't pass start by reference.
                    $start = -1;
                    $pages .= constructPageIndex(URL::topic($row['id_topic'], $row['first_subject'], '%1$d'), $start, $row['num_replies'] + 1, $context['messages_per_page'], true);
                    // If we can use all, show all.
                    if (!empty($modSettings['enableAllMessages']) && $row['num_replies'] + 1 < $modSettings['enableAllMessages']) {
                        $pages .= '<a class="navPages" href="' . URL::topic($row['id_topic'], $row['first_subject'], 0) . ';all">' . $txt['show_all'] . '</a>';
                    }
                    $pages .= ' ';
                } else {
                    $pages = '';
                }
                $f_post_mem_href = !empty($row['id_member_started']) ? URL::user($row['id_member_started'], $memberContext[$memID]['name']) : '';
                $t_href = URL::topic($row['id_topic'], $row['first_subject'], 0);
                $l_post_mem_href = !empty($row['last_id_member']) ? URL::user($row['last_id_member'], $row['last_display_name']) : '';
                $l_post_msg_href = URL::topic($row['id_topic'], $row['last_subject'], $user_info['is_guest'] ? !empty($options['view_newest_first']) ? 0 : (int) ($row['num_replies'] / $context['pageindex_multiplier']) * $context['pageindex_multiplier'] : 0, $user_info['is_guest'] ? true : false, $user_info['is_guest'] ? '' : '.msg' . $row['id_last_msg'], $user_info['is_guest'] ? '#msg' . $row['id_last_msg'] : '#new');
                $context['topics'][$row['id_topic']] = array('id' => $row['id_topic'], 'first_post' => array('member' => array('username' => $memberContext[$memID]['username'], 'name' => $memberContext[$memID]['name'], 'id' => $memID, 'href' => $f_post_mem_href, 'link' => !empty($row['first_id_member']) ? '<a onclick="getMcard(' . $row['id_member_started'] . ', $(this));return(false);" href="' . $f_post_mem_href . '" title="' . $txt['profile_of'] . ' ' . $row['first_display_name'] . '">' . $row['first_display_name'] . '</a>' : $memberContext[$memID]['name'], 'avatar' => &$memberContext[$memID]['avatar']['image']), 'icon_url' => getPostIcon($row['icon']), 'time' => timeformat($row['poster_time']), 'href' => $t_href, 'link' => '<a href="' . $t_href . '">' . $row['first_subject'] . '</a>', 'id' => $row['id_first_msg']), 'last_post' => array('id' => $row['id_last_msg'], 'member' => array('username' => $row['last_member_name'], 'name' => $row['last_display_name'], 'id' => $row['last_id_member'], 'href' => $l_post_mem_href, 'link' => !empty($row['last_id_member']) ? '<a onclick="getMcard(' . $row['last_id_member'] . ', $(this));return(false);" href="' . $l_post_mem_href . '">' . $row['last_display_name'] . '</a>' : $row['last_display_name']), 'time' => timeformat($row['last_post_time']), 'timestamp' => forum_time(true, $row['last_post_time']), 'subject' => $row['last_subject'], 'icon' => $row['last_icon'], 'icon_url' => getPostIcon($row['last_icon']), 'href' => $l_post_msg_href, 'link' => '<a href="' . $l_post_msg_href . ($row['num_replies'] == 0 ? '' : ' rel="nofollow"') . '>' . $row['last_subject'] . '</a>'), 'is_posted_in' => false, 'new' => false, 'is_sticky' => $row['is_sticky'], 'is_locked' => $row['locked'], 'is_poll' => $modSettings['pollMode'] == '1' && $row['id_poll'] > 0, 'is_hot' => $row['num_replies'] >= $modSettings['hotTopicPosts'], 'is_very_hot' => $row['num_replies'] >= $modSettings['hotTopicVeryPosts'], 'views' => $row['num_views'], 'replies' => $row['num_replies'], 'prefix' => $row['prefix_name'] ? '<a href="' . $scripturl . '?board=' . $board . ';prefix=' . $row['id_prefix'] . '" class="prefix">' . (html_entity_decode($row['prefix_name']) . '</a>') : '', 'pages' => $pages, 'approved' => $row['approved'], 'unapproved_posts' => $row['unapproved_posts'], 'is_old' => !empty($modSettings['oldTopicDays']) ? $context['time_now'] - $row['last_post_time'] > $modSettings['oldTopicDays'] * 86400 : false, 'board' => isset($row['id_board']) && !empty($row['id_board']) ? array('name' => $row['board_name'], 'id' => $row['id_board'], 'href' => URL::board($row['id_board'], $row['board_name'])) : array('name' => '', 'id' => 0, 'href' => ''));
                determineTopicClass($context['topics'][$row['id_topic']]);
            }
            mysql_free_result($request);
        }
    } else {
        loadMemberContext($memID);
        while ($row = mysql_fetch_assoc($request)) {
            $context['results_counter']++;
            $check_boards = array(0, $row['id_board']);
            // 0 is for admin
            $context['can_see_hidden_level1'] = count(array_intersect($check_boards, $boards_hidden_1)) > 0;
            $context['can_see_hidden_level2'] = count(array_intersect($check_boards, $boards_hidden_2)) > 0;
            $context['can_see_hidden_level3'] = count(array_intersect($check_boards, $boards_hidden_3)) > 0;
            $context['can_see_like'] = count(array_intersect($check_boards, $boards_like_see)) > 0;
            $context['can_give_like'] = count(array_intersect($check_boards, $boards_like_give)) > 0;
            // Censor....
            censorText($row['body']);
            censorText($row['subject']);
            getCachedPost($row);
            // And the array...
            $i = $counter += $reverse ? -1 : 1;
            $thref = URL::topic($row['id_topic'], $row['first_subject'], 0, false, '.msg' . $row['id_msg'], '#' . $row['id_msg']);
            $topichref = URL::topic($row['id_topic'], $row['first_subject'], 0);
            $bhref = URL::board($row['id_board'], $row['bname'], 0, false);
            $fhref = empty($row['id_first_member']) ? '' : URL::user($row['id_first_member'], $row['first_poster_name']);
            $context['posts'][$i] = array('body' => $row['body'], 'counter' => $counter, 'icon' => $row['icon'], 'icon_url' => getPostIcon($row['icon']), 'category' => array('id' => $row['id_cat'], 'name' => $row['cname'], 'href' => $scripturl . '#c' . $row['id_cat'], 'link' => '<a href="' . $scripturl . '#c' . $row['id_cat'] . '">' . $row['cname'] . '</a>'), 'board' => array('id' => $row['id_board'], 'name' => $row['bname'], 'href' => $bhref, 'link' => '<a href="' . $bhref . '">' . $row['bname'] . '</a>'), 'member' => &$memberContext[$memID], 'href' => $thref, 'link' => '<a href="' . $thref . '" rel="nofollow">' . $row['subject'] . '</a>', 'subject' => $row['subject'], 'time' => timeformat($row['poster_time']), 'timestamp' => forum_time(true, $row['poster_time']), 'first_poster' => array('id' => $row['id_first_member'], 'name' => $row['first_poster_name'], 'href' => $fhref, 'link' => empty($row['id_first_member']) ? $row['first_poster_name'] : '<a href="' . $fhref . '">' . $row['first_poster_name'] . '</a>', 'time' => timeformat($row['time_started'])), 'topic' => array('id' => $row['id_topic'], 'href' => $topichref, 'link' => '<a href="' . $topichref . '" rel="nofollow">' . $row['first_subject'] . '</a>'), 'permahref' => $scripturl . '?msg=' . $row['id_msg'], 'permalink' => $txt['view_in_thread'], 'id' => $row['id_msg'], 'id_member' => $memID, 'can_reply' => false, 'can_mark_notify' => false, 'can_delete' => false, 'delete_possible' => ($row['id_first_msg'] != $row['id_msg'] || $row['id_last_msg'] == $row['id_msg']) && (empty($modSettings['edit_disable_time']) || $row['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()), 'approved' => $row['approved'], 'likes_count' => $row['likes_count'], 'like_status' => $row['like_status'], 'liked' => $row['liked'], 'like_updated' => $row['like_updated'], 'likers' => '', 'likelink' => '');
            if ($context['can_see_like']) {
                Ratings::addContent($context['posts'][$i], $context['can_give_like'], $time_now);
            }
            if ($user_info['id'] == $row['id_member_started']) {
                $board_ids['own'][$row['id_board']][] = $counter;
            }
            $board_ids['any'][$row['id_board']][] = $counter;
        }
        mysql_free_result($request);
    }
    // All posts were retrieved in reverse order, get them right again.
    if ($reverse) {
        $context['posts'] = array_reverse($context['posts'], true);
    }
    // These are all the permissions that are different from board to board..
    if ($context['is_topics']) {
        $permissions = array('own' => array('post_reply_own' => 'can_reply'), 'any' => array('post_reply_any' => 'can_reply', 'mark_any_notify' => 'can_mark_notify'));
    } else {
        $permissions = array('own' => array('post_reply_own' => 'can_reply', 'delete_own' => 'can_delete'), 'any' => array('post_reply_any' => 'can_reply', 'mark_any_notify' => 'can_mark_notify', 'delete_any' => 'can_delete'));
    }
    // For every permission in the own/any lists...
    foreach ($permissions as $type => $list) {
        foreach ($list as $permission => $allowed) {
            // Get the boards they can do this on...
            $boards = boardsAllowedTo($permission);
            // Hmm, they can do it on all boards, can they?
            if (!empty($boards) && $boards[0] == 0) {
                $boards = array_keys($board_ids[$type]);
            }
            // Now go through each board they can do the permission on.
            foreach ($boards as $board_id) {
                // There aren't any posts displayed from this board.
                if (!isset($board_ids[$type][$board_id])) {
                    continue;
                }
                // Set the permission to true ;).
                foreach ($board_ids[$type][$board_id] as $counter) {
                    $context['posts'][$counter][$allowed] = true;
                }
            }
        }
    }
    // Clean up after posts that cannot be deleted and quoted.
    $quote_enabled = empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC']));
    foreach ($context['posts'] as $counter => $dummy) {
        $context['posts'][$counter]['can_delete'] &= $context['posts'][$counter]['delete_possible'];
        $context['posts'][$counter]['can_quote'] = $context['posts'][$counter]['can_reply'] && $quote_enabled;
    }
}
Example #7
0
function removeMessages($messages, $messageDetails, $current_view = 'replies')
{
    global $sourcedir, $modSettings;
    require_once $sourcedir . '/RemoveTopic.php';
    if ($current_view == 'topics') {
        removeTopics($messages);
        // and tell the world about it
        foreach ($messages as $topic) {
            // Note, only log topic ID in native form if it's not gone forever.
            logAction('remove', array(empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$topic]['board'] ? 'topic' : 'old_topic_id' => $topic, 'subject' => $messageDetails[$topic]['subject'], 'member' => $messageDetails[$topic]['member'], 'board' => $messageDetails[$topic]['board']));
        }
    } else {
        foreach ($messages as $post) {
            removeMessage($post);
            logAction('delete', array(empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$post]['board'] ? 'topic' : 'old_topic_id' => $messageDetails[$post]['topic'], 'subject' => $messageDetails[$post]['subject'], 'member' => $messageDetails[$post]['member'], 'board' => $messageDetails[$post]['board']));
        }
    }
}
Example #8
0
 /**
  * In-topic quick moderation.
  * Accessed by ?action=quickmod2
  */
 public function action_quickmod2()
 {
     global $topic, $board, $user_info, $context;
     // Check the session = get or post.
     checkSession('request');
     require_once SUBSDIR . '/Messages.subs.php';
     if (empty($_REQUEST['msgs'])) {
         redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
     }
     $messages = array();
     foreach ($_REQUEST['msgs'] as $dummy) {
         $messages[] = (int) $dummy;
     }
     // We are restoring messages. We handle this in another place.
     if (isset($_REQUEST['restore_selected'])) {
         redirectexit('action=restoretopic;msgs=' . implode(',', $messages) . ';' . $context['session_var'] . '=' . $context['session_id']);
     }
     if (isset($_REQUEST['split_selection'])) {
         $mgsOptions = basicMessageInfo(min($messages), true);
         $_SESSION['split_selection'][$topic] = $messages;
         redirectexit('action=splittopics;sa=selectTopics;topic=' . $topic . '.0;subname_enc=' . urlencode($mgsOptions['subject']) . ';' . $context['session_var'] . '=' . $context['session_id']);
     }
     require_once SUBSDIR . '/Topic.subs.php';
     $topic_info = getTopicInfo($topic);
     // Allowed to delete any message?
     if (allowedTo('delete_any')) {
         $allowed_all = true;
     } elseif (allowedTo('delete_replies')) {
         $allowed_all = $topic_info['id_member_started'] == $user_info['id'];
     } else {
         $allowed_all = false;
     }
     // Make sure they're allowed to delete their own messages, if not any.
     if (!$allowed_all) {
         isAllowedTo('delete_own');
     }
     // Allowed to remove which messages?
     $messages = determineRemovableMessages($topic, $messages, $allowed_all);
     // Get the first message in the topic - because you can't delete that!
     $first_message = $topic_info['id_first_msg'];
     $last_message = $topic_info['id_last_msg'];
     // Delete all the messages we know they can delete. ($messages)
     foreach ($messages as $message => $info) {
         // Just skip the first message - if it's not the last.
         if ($message == $first_message && $message != $last_message) {
             continue;
         } elseif ($message == $first_message) {
             $topicGone = true;
         }
         removeMessage($message);
         // Log this moderation action ;).
         if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id'])) {
             logAction('delete', array('topic' => $topic, 'subject' => $info[0], 'member' => $info[1], 'board' => $board));
         }
     }
     redirectexit(!empty($topicGone) ? 'board=' . $board : 'topic=' . $topic . '.' . $_REQUEST['start']);
 }
Example #9
0
function DeleteMessage()
{
    global $ID_MEMBER, $db_prefix, $topic, $board, $modSettings;
    checkSession('get');
    $_REQUEST['msg'] = (int) $_REQUEST['msg'];
    // Is $topic set?
    if (empty($topic) && isset($_REQUEST['topic'])) {
        $topic = (int) $_REQUEST['topic'];
    }
    $request = db_query("\n\t\tSELECT t.ID_MEMBER_STARTED, m.ID_MEMBER, m.subject, m.posterTime\n\t\tFROM ({$db_prefix}topics AS t, {$db_prefix}messages AS m)\n\t\tWHERE t.ID_TOPIC = {$topic}\n\t\t\tAND m.ID_TOPIC = {$topic}\n\t\t\tAND m.ID_MSG = {$_REQUEST['msg']}\n\t\tLIMIT 1", __FILE__, __LINE__);
    list($starter, $poster, $subject, $post_time) = mysql_fetch_row($request);
    mysql_free_result($request);
    if ($poster == $ID_MEMBER) {
        if (!allowedTo('delete_own')) {
            if ($starter == $ID_MEMBER && !allowedTo('delete_any')) {
                isAllowedTo('delete_replies');
            } elseif (!allowedTo('delete_any')) {
                isAllowedTo('delete_own');
            }
        } elseif (!allowedTo('delete_any') && ($starter != $ID_MEMBER || !allowedTo('delete_replies')) && !empty($modSettings['edit_disable_time']) && $post_time + $modSettings['edit_disable_time'] * 60 < time()) {
            fatal_lang_error('modify_post_time_passed', false);
        }
    } elseif ($starter == $ID_MEMBER && !allowedTo('delete_any')) {
        isAllowedTo('delete_replies');
    } else {
        isAllowedTo('delete_any');
    }
    // If the full topic was removed go back to the board.
    $full_topic = removeMessage($_REQUEST['msg']);
    if (allowedTo('delete_any') && (!allowedTo('delete_own') || $poster != $ID_MEMBER)) {
        logAction('delete', array('topic' => $topic, 'subject' => $subject, 'member' => $starter));
    }
    // We want to redirect back to recent action.
    if (isset($_REQUEST['recent'])) {
        redirectexit('action=recent');
    } elseif ($full_topic) {
        redirectexit('board=' . $board . '.0');
    } else {
        redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
    }
}
Example #10
0
/**
 * This function removes all the messages of a certain user that are *not*
 * first messages of a topic
 *
 * @param int $memID The member id
 */
function removeNonTopicMessages($memID)
{
    $db = database();
    $request = $db->query('', '
		SELECT m.id_msg
		FROM {db_prefix}messages AS m
			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic
				AND t.id_first_msg != m.id_msg)
		WHERE m.id_member = {int:selected_member}', array('selected_member' => $memID));
    // This could take a while... but ya know it's gonna be worth it in the end.
    while ($row = $db->fetch_assoc($request)) {
        if (function_exists('apache_reset_timeout')) {
            @apache_reset_timeout();
        }
        removeMessage($row['id_msg']);
    }
    $db->free_result($request);
}
Example #11
0
function QuickModeration2()
{
    global $sourcedir, $db_prefix, $topic, $board, $ID_MEMBER, $modSettings;
    // Check the session = get or post.
    checkSession('request');
    require_once $sourcedir . '/RemoveTopic.php';
    if (empty($_REQUEST['msgs'])) {
        redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
    }
    $messages = array();
    foreach ($_REQUEST['msgs'] as $dummy) {
        $messages[] = (int) $dummy;
    }
    // Allowed to delete any message?
    if (allowedTo('delete_any')) {
        $allowed_all = true;
    } elseif (allowedTo('delete_replies')) {
        $request = db_query("\n\t\t\tSELECT ID_MEMBER_STARTED\n\t\t\tFROM {$db_prefix}topics\n\t\t\tWHERE ID_TOPIC = {$topic}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
        list($starter) = mysql_fetch_row($request);
        mysql_free_result($request);
        $allowed_all = $starter == $ID_MEMBER;
    } else {
        $allowed_all = false;
    }
    // Make sure they're allowed to delete their own messages, if not any.
    if (!$allowed_all) {
        isAllowedTo('delete_own');
    }
    // Allowed to remove which messages?
    $request = db_query("\n\t\tSELECT ID_MSG, subject, ID_MEMBER, posterTime\n\t\tFROM {$db_prefix}messages\n\t\tWHERE ID_MSG IN (" . implode(', ', $messages) . ")\n\t\t\tAND ID_TOPIC = {$topic}" . (!$allowed_all ? "\n\t\t\tAND ID_MEMBER = {$ID_MEMBER}" : '') . "\n\t\tLIMIT " . count($messages), __FILE__, __LINE__);
    $messages = array();
    while ($row = mysql_fetch_assoc($request)) {
        if (!$allowed_all && !empty($modSettings['edit_disable_time']) && $row['posterTime'] + $modSettings['edit_disable_time'] * 60 < time()) {
            continue;
        }
        $messages[$row['ID_MSG']] = array($row['subject'], $row['ID_MEMBER']);
    }
    mysql_free_result($request);
    // Get the first message in the topic - because you can't delete that!
    $request = db_query("\n\t\tSELECT ID_FIRST_MSG, ID_LAST_MSG\n\t\tFROM {$db_prefix}topics\n\t\tWHERE ID_TOPIC = {$topic}\n\t\tLIMIT 1", __FILE__, __LINE__);
    list($first_message, $last_message) = mysql_fetch_row($request);
    mysql_free_result($request);
    // Delete all the messages we know they can delete. ($messages)
    foreach ($messages as $message => $info) {
        // Just skip the first message.
        if ($message == $first_message && $message != $last_message) {
            continue;
        }
        removeMessage($message);
        // Log this moderation action ;).
        if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $ID_MEMBER)) {
            logAction('delete', array('topic' => $topic, 'subject' => $info[0], 'member' => $info[1]));
        }
    }
    redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
}
Example #12
0
}
function getCategories($Database)
{
    $result = $Database->query('SELECT DISTINCT action FROM message');
    if (!$result) {
        echo 'Could not get categories: ';
        print_r($Database->errorInfo());
        die;
    }
    return $result;
}
//And now ladies and gentlemen, procedural hell...
//open the database
$db = openDatabase($databaseFilename);
//delete a message if one has been toggled for removal
removeMessage($db, $remove);
//this array is filled with the id's of every message display in this instance of this page.
//at the end, the showCount columns for these messages are updated to reflect they have been shown.
//(this is handy for marking new items are being viewed, and for seeing which messages are looked
// at the most, "favourites" if you will.)
$shownIds = array();
//display the filter option column titles
echo '<form action="monkeyview.php" method="get">';
echo $filterTableHeader;
//"added" filter box
echo '<tr>';
echo '<td><select name="added">';
foreach ($addedOptions as $option) {
    $selected = $option == $added ? ' selected' : '';
    echo '<option' . $selected . '>' . $option . '</option>';
}
 /**
  * Show all posts by the current user.
  *
  * @todo This function needs to be split up properly.
  */
 public function action_showPosts()
 {
     global $txt, $user_info, $scripturl, $modSettings, $context, $user_profile, $board;
     $memID = currentMemberID();
     // Some initial context.
     $context['start'] = (int) $_REQUEST['start'];
     $context['current_member'] = $memID;
     loadTemplate('ProfileInfo');
     // Create the tabs for the template.
     $context[$context['profile_menu_name']]['tab_data'] = array('title' => $txt['showPosts'], 'description' => $txt['showPosts_help'], 'class' => 'profile', 'tabs' => array('messages' => array(), 'topics' => array(), 'unwatchedtopics' => array(), 'attach' => array()));
     // Set the page title
     $context['page_title'] = $txt['showPosts'] . ' - ' . $user_profile[$memID]['real_name'];
     // Is the load average too high to allow searching just now?
     if (!empty($modSettings['loadavg_show_posts']) && $modSettings['current_load'] >= $modSettings['loadavg_show_posts']) {
         fatal_lang_error('loadavg_show_posts_disabled', false);
     }
     // If we're specifically dealing with attachments use that function!
     if (isset($_GET['sa']) && $_GET['sa'] == 'attach') {
         return $this->action_showAttachments();
     } elseif (isset($_GET['sa']) && $_GET['sa'] == 'unwatchedtopics' && $modSettings['enable_unwatch']) {
         return $this->action_showUnwatched();
     }
     // Are we just viewing topics?
     $context['is_topics'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? true : false;
     // If just deleting a message, do it and then redirect back.
     if (isset($_GET['delete']) && !$context['is_topics']) {
         checkSession('get');
         // We need msg info for logging.
         require_once SUBSDIR . '/Messages.subs.php';
         $info = basicMessageInfo((int) $_GET['delete'], true);
         // Trying to remove a message that doesn't exist.
         if (empty($info)) {
             redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
         }
         // We can be lazy, since removeMessage() will check the permissions for us.
         removeMessage((int) $_GET['delete']);
         // Add it to the mod log.
         if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info['id_member'] != $user_info['id'])) {
             logAction('delete', array('topic' => $info['id_topic'], 'subject' => $info['subject'], 'member' => $info['id_member'], 'board' => $info['id_board']));
         }
         // Back to... where we are now ;).
         redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
     }
     // Default to 10.
     if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount'])) {
         $_REQUEST['viewscount'] = '10';
     }
     if ($context['is_topics']) {
         $msgCount = count_user_topics($memID, $board);
     } else {
         $msgCount = count_user_posts($memID, $board);
     }
     list($min_msg_member, $max_msg_member) = findMinMaxUserMessage($memID, $board);
     $range_limit = '';
     $maxIndex = (int) $modSettings['defaultMaxMessages'];
     // Make sure the starting place makes sense and construct our friend the page index.
     $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts' . ($context['is_topics'] ? ';sa=topics' : ';sa=messages') . (!empty($board) ? ';board=' . $board : ''), $context['start'], $msgCount, $maxIndex);
     $context['current_page'] = $context['start'] / $maxIndex;
     // Reverse the query if we're past 50% of the pages for better performance.
     $start = $context['start'];
     $reverse = $_REQUEST['start'] > $msgCount / 2;
     if ($reverse) {
         $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages'];
         $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages'];
     }
     // Guess the range of messages to be shown to help minimize what the query needs to do
     if ($msgCount > 1000) {
         $margin = floor(($max_msg_member - $min_msg_member) * (($start + $modSettings['defaultMaxMessages']) / $msgCount) + 0.1 * ($max_msg_member - $min_msg_member));
         // Make a bigger margin for topics only.
         if ($context['is_topics']) {
             $margin *= 5;
             $range_limit = $reverse ? 't.id_first_msg < ' . ($min_msg_member + $margin) : 't.id_first_msg > ' . ($max_msg_member - $margin);
         } else {
             $range_limit = $reverse ? 'm.id_msg < ' . ($min_msg_member + $margin) : 'm.id_msg > ' . ($max_msg_member - $margin);
         }
     }
     // Find this user's posts or topics started
     if ($context['is_topics']) {
         $rows = load_user_topics($memID, $start, $maxIndex, $range_limit, $reverse, $board);
     } else {
         $rows = load_user_posts($memID, $start, $maxIndex, $range_limit, $reverse, $board);
     }
     // Start counting at the number of the first message displayed.
     $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start'];
     $context['posts'] = array();
     $board_ids = array('own' => array(), 'any' => array());
     foreach ($rows as $row) {
         // Censor....
         censorText($row['body']);
         censorText($row['subject']);
         // Do the code.
         $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
         // And the array...
         $context['posts'][$counter += $reverse ? -1 : 1] = array('body' => $row['body'], 'counter' => $counter, 'alternate' => $counter % 2, 'category' => array('name' => $row['cname'], 'id' => $row['id_cat']), 'board' => array('name' => $row['bname'], 'id' => $row['id_board'], 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['bname'] . '</a>'), 'topic' => array('id' => $row['id_topic'], 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'] . '">' . $row['subject'] . '</a>'), 'subject' => $row['subject'], 'start' => 'msg' . $row['id_msg'], 'time' => standardTime($row['poster_time']), 'html_time' => htmlTime($row['poster_time']), 'timestamp' => forum_time(true, $row['poster_time']), 'id' => $row['id_msg'], 'tests' => array('can_reply' => false, 'can_mark_notify' => false, 'can_delete' => false), 'delete_possible' => ($row['id_first_msg'] != $row['id_msg'] || $row['id_last_msg'] == $row['id_msg']) && (empty($modSettings['edit_disable_time']) || $row['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()), 'approved' => $row['approved'], 'buttons' => array('remove' => array('href' => $scripturl . '?action=deletemsg;msg=' . $row['id_msg'] . ';topic=' . $row['id_topic'] . ';profile;u=' . $context['member']['id'] . ';start=' . $context['start'], 'text' => $txt['remove'], 'test' => 'can_delete', 'custom' => 'onclick="return confirm(' . JavaScriptEscape($txt['remove_message'] . '?') . ');"'), 'notify' => array('href' => $scripturl . '?action=notify;topic=' . $row['id_topic'] . '.msg' . $row['id_msg'], 'text' => $txt['notify'], 'test' => 'can_mark_notify'), 'reply' => array('href' => $scripturl . '?action=post;topic=' . $row['id_topic'] . '.msg' . $row['id_msg'], 'text' => $txt['reply'], 'test' => 'can_reply'), 'quote' => array('href' => $scripturl . '?action=post;topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . ';quote=' . $row['id_msg'], 'text' => $txt['quote'], 'test' => 'can_quote')));
         if ($user_info['id'] == $row['id_member_started']) {
             $board_ids['own'][$row['id_board']][] = $counter;
         }
         $board_ids['any'][$row['id_board']][] = $counter;
     }
     // All posts were retrieved in reverse order, get them right again.
     if ($reverse) {
         $context['posts'] = array_reverse($context['posts'], true);
     }
     // These are all the permissions that are different from board to board..
     if ($context['is_topics']) {
         $permissions = array('own' => array('post_reply_own' => 'can_reply'), 'any' => array('post_reply_any' => 'can_reply', 'mark_any_notify' => 'can_mark_notify'));
     } else {
         $permissions = array('own' => array('post_reply_own' => 'can_reply', 'delete_own' => 'can_delete'), 'any' => array('post_reply_any' => 'can_reply', 'mark_any_notify' => 'can_mark_notify', 'delete_any' => 'can_delete'));
     }
     // For every permission in the own/any lists...
     foreach ($permissions as $type => $list) {
         foreach ($list as $permission => $allowed) {
             // Get the boards they can do this on...
             $boards = boardsAllowedTo($permission);
             // Hmm, they can do it on all boards, can they?
             if (!empty($boards) && $boards[0] == 0) {
                 $boards = array_keys($board_ids[$type]);
             }
             // Now go through each board they can do the permission on.
             foreach ($boards as $board_id) {
                 // There aren't any posts displayed from this board.
                 if (!isset($board_ids[$type][$board_id])) {
                     continue;
                 }
                 // Set the permission to true ;).
                 foreach ($board_ids[$type][$board_id] as $counter) {
                     $context['posts'][$counter]['tests'][$allowed] = true;
                 }
             }
         }
     }
     // Clean up after posts that cannot be deleted and quoted.
     $quote_enabled = empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC']));
     foreach ($context['posts'] as $counter => $dummy) {
         $context['posts'][$counter]['tests']['can_delete'] &= $context['posts'][$counter]['delete_possible'];
         $context['posts'][$counter]['tests']['can_quote'] = $context['posts'][$counter]['tests']['can_reply'] && $quote_enabled;
     }
 }
Example #14
0
/**
 * Remove just a single post.
 * On completion redirect to the topic or to the board.
 */
function DeleteMessage()
{
    global $user_info, $topic, $board, $modSettings, $smcFunc;
    checkSession('get');
    $_REQUEST['msg'] = (int) $_REQUEST['msg'];
    // Is $topic set?
    if (empty($topic) && isset($_REQUEST['topic'])) {
        $topic = (int) $_REQUEST['topic'];
    }
    removeDeleteConcurrence();
    $request = $smcFunc['db_query']('', '
		SELECT t.id_member_started, m.id_member, m.subject, m.poster_time, m.approved
		FROM {db_prefix}topics AS t
			INNER JOIN {db_prefix}messages AS m ON (m.id_msg = {int:id_msg} AND m.id_topic = {int:current_topic})
		WHERE t.id_topic = {int:current_topic}
		LIMIT 1', array('current_topic' => $topic, 'id_msg' => $_REQUEST['msg']));
    list($starter, $poster, $subject, $post_time, $approved) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    // Verify they can see this!
    if ($modSettings['postmod_active'] && !$approved && !empty($poster) && $poster != $user_info['id']) {
        isAllowedTo('approve_posts');
    }
    if ($poster == $user_info['id']) {
        if (!allowedTo('delete_own')) {
            if ($starter == $user_info['id'] && !allowedTo('delete_any')) {
                isAllowedTo('delete_replies');
            } elseif (!allowedTo('delete_any')) {
                isAllowedTo('delete_own');
            }
        } elseif (!allowedTo('delete_any') && ($starter != $user_info['id'] || !allowedTo('delete_replies')) && !empty($modSettings['edit_disable_time']) && $post_time + $modSettings['edit_disable_time'] * 60 < time()) {
            fatal_lang_error('modify_post_time_passed', false);
        }
    } elseif ($starter == $user_info['id'] && !allowedTo('delete_any')) {
        isAllowedTo('delete_replies');
    } else {
        isAllowedTo('delete_any');
    }
    // If the full topic was removed go back to the board.
    $full_topic = removeMessage($_REQUEST['msg']);
    if (allowedTo('delete_any') && (!allowedTo('delete_own') || $poster != $user_info['id'])) {
        logAction('delete', array('topic' => $topic, 'subject' => $subject, 'member' => $poster, 'board' => $board));
    }
    // We want to redirect back to recent action.
    if (isset($_REQUEST['recent'])) {
        redirectexit('action=recent');
    } elseif (isset($_REQUEST['profile'], $_REQUEST['start'], $_REQUEST['u'])) {
        redirectexit('action=profile;u=' . $_REQUEST['u'] . ';area=showposts;start=' . $_REQUEST['start']);
    } elseif ($full_topic) {
        redirectexit('board=' . $board . '.0');
    } else {
        redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
    }
}
Example #15
0
<?php

session_start();
header("Content-Type:text/plain;charset=utf-8");
include_once 'fun.inc.php';
linkDB();
$uid = $_SESSION["uid"];
$data = returnMessage($uid);
removeMessage($uid);
echo json_encode($data, JSON_UNESCAPED_UNICODE);
Example #16
0
function showPosts($memID)
{
    global $txt, $user_info, $scripturl, $modSettings;
    global $context, $user_profile, $sourcedir, $smcFunc, $board;
    // Some initial context.
    $context['start'] = (int) $_REQUEST['start'];
    $context['current_member'] = $memID;
    // Create the tabs for the template.
    $context[$context['profile_menu_name']]['tab_data'] = array('title' => $txt['showPosts'], 'description' => $txt['showPosts_help'], 'icon' => 'profile_sm.gif', 'tabs' => array('messages' => array(), 'topics' => array(), 'attach' => array()));
    // Set the page title
    $context['page_title'] = $txt['showPosts'] . ' - ' . $user_profile[$memID]['real_name'];
    // Is the load average too high to allow searching just now?
    if (!empty($context['load_average']) && !empty($modSettings['loadavg_show_posts']) && $context['load_average'] >= $modSettings['loadavg_show_posts']) {
        fatal_lang_error('loadavg_show_posts_disabled', false);
    }
    // If we're specifically dealing with attachments use that function!
    if (isset($_GET['sa']) && $_GET['sa'] == 'attach') {
        return showAttachments($memID);
    }
    // Are we just viewing topics?
    $context['is_topics'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? true : false;
    // If just deleting a message, do it and then redirect back.
    if (isset($_GET['delete']) && !$context['is_topics']) {
        checkSession('get');
        // We need msg info for logging.
        $request = $smcFunc['db_query']('', '
			SELECT subject, id_member, id_topic, id_board
			FROM {db_prefix}messages
			WHERE id_msg = {int:id_msg}', array('id_msg' => (int) $_GET['delete']));
        $info = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);
        // Trying to remove a message that doesn't exist.
        if (empty($info)) {
            redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
        }
        // We can be lazy, since removeMessage() will check the permissions for us.
        require_once $sourcedir . '/RemoveTopic.php';
        removeMessage((int) $_GET['delete']);
        // Add it to the mod log.
        if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id'])) {
            logAction('delete', array('topic' => $info[2], 'subject' => $info[0], 'member' => $info[1], 'board' => $info[3]));
        }
        // Back to... where we are now ;).
        redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
    }
    // Default to 10.
    if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount'])) {
        $_REQUEST['viewscount'] = '10';
    }
    if ($context['is_topics']) {
        $request = $smcFunc['db_query']('', '
			SELECT COUNT(*)
			FROM {db_prefix}topics AS t' . ($user_info['query_see_board'] == '1=1' ? '' : '
				INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board AND {query_see_board})') . '
			WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
				AND t.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
				AND t.approved = {int:is_approved}'), array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
    } else {
        $request = $smcFunc['db_query']('', '
			SELECT COUNT(*)
			FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
				INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
			WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
				AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
				AND m.approved = {int:is_approved}'), array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
    }
    list($msgCount) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    $request = $smcFunc['db_query']('', '
		SELECT MIN(id_msg), MAX(id_msg)
		FROM {db_prefix}messages AS m
		WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
			AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
			AND m.approved = {int:is_approved}'), array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
    list($min_msg_member, $max_msg_member) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    $reverse = false;
    $range_limit = '';
    $maxIndex = (int) $modSettings['defaultMaxMessages'];
    // Make sure the starting place makes sense and construct our friend the page index.
    $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts' . ($context['is_topics'] ? ';sa=topics' : '') . (!empty($board) ? ';board=' . $board : ''), $context['start'], $msgCount, $maxIndex);
    $context['current_page'] = $context['start'] / $maxIndex;
    // Reverse the query if we're past 50% of the pages for better performance.
    $start = $context['start'];
    $reverse = $_REQUEST['start'] > $msgCount / 2;
    if ($reverse) {
        $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages'];
        $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages'];
    }
    // Guess the range of messages to be shown.
    if ($msgCount > 1000) {
        $margin = floor(($max_msg_member - $min_msg_member) * (($start + $modSettings['defaultMaxMessages']) / $msgCount) + 0.1 * ($max_msg_member - $min_msg_member));
        // Make a bigger margin for topics only.
        if ($context['is_topics']) {
            $margin *= 5;
            $range_limit = $reverse ? 't.id_first_msg < ' . ($min_msg_member + $margin) : 't.id_first_msg > ' . ($max_msg_member - $margin);
        } else {
            $range_limit = $reverse ? 'm.id_msg < ' . ($min_msg_member + $margin) : 'm.id_msg > ' . ($max_msg_member - $margin);
        }
    }
    // Find this user's posts.  The left join on categories somehow makes this faster, weird as it looks.
    $looped = false;
    while (true) {
        if ($context['is_topics']) {
            $request = $smcFunc['db_query']('', '
				SELECT
					b.id_board, b.name AS bname, c.id_cat, c.name AS cname, t.id_member_started, t.id_first_msg, t.id_last_msg,
					t.approved, m.body, m.smileys_enabled, m.subject, m.poster_time, m.id_topic, m.id_msg
				FROM {db_prefix}topics AS t
					INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
					LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
					INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
				WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
					AND t.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
					AND ' . $range_limit) . '
					AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
					AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
				ORDER BY t.id_first_msg ' . ($reverse ? 'ASC' : 'DESC') . '
				LIMIT ' . $start . ', ' . $maxIndex, array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
        } else {
            $request = $smcFunc['db_query']('', '
				SELECT
					b.id_board, b.name AS bname, c.id_cat, c.name AS cname, m.id_topic, m.id_msg,
					t.id_member_started, t.id_first_msg, t.id_last_msg, m.body, m.smileys_enabled,
					m.subject, m.poster_time, m.approved
				FROM {db_prefix}messages AS m
					INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
					INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
					LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
				WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
					AND b.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
					AND ' . $range_limit) . '
					AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
					AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
				ORDER BY m.id_msg ' . ($reverse ? 'ASC' : 'DESC') . '
				LIMIT ' . $start . ', ' . $maxIndex, array('current_member' => $memID, 'is_approved' => 1, 'board' => $board));
        }
        // Make sure we quit this loop.
        if ($smcFunc['db_num_rows']($request) === $maxIndex || $looped) {
            break;
        }
        $looped = true;
        $range_limit = '';
    }
    // Start counting at the number of the first message displayed.
    $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start'];
    $context['posts'] = array();
    $board_ids = array('own' => array(), 'any' => array());
    while ($row = $smcFunc['db_fetch_assoc']($request)) {
        // Censor....
        censorText($row['body']);
        censorText($row['subject']);
        // Do the code.
        $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
        // And the array...
        $context['posts'][$counter += $reverse ? -1 : 1] = array('body' => $row['body'], 'counter' => $counter, 'alternate' => $counter % 2, 'category' => array('name' => $row['cname'], 'id' => $row['id_cat']), 'board' => array('name' => $row['bname'], 'id' => $row['id_board']), 'topic' => $row['id_topic'], 'subject' => $row['subject'], 'start' => 'msg' . $row['id_msg'], 'time' => timeformat($row['poster_time']), 'timestamp' => forum_time(true, $row['poster_time']), 'id' => $row['id_msg'], 'can_reply' => false, 'can_mark_notify' => false, 'can_delete' => false, 'delete_possible' => ($row['id_first_msg'] != $row['id_msg'] || $row['id_last_msg'] == $row['id_msg']) && (empty($modSettings['edit_disable_time']) || $row['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()), 'approved' => $row['approved']);
        if ($user_info['id'] == $row['id_member_started']) {
            $board_ids['own'][$row['id_board']][] = $counter;
        }
        $board_ids['any'][$row['id_board']][] = $counter;
    }
    $smcFunc['db_free_result']($request);
    // All posts were retrieved in reverse order, get them right again.
    if ($reverse) {
        $context['posts'] = array_reverse($context['posts'], true);
    }
    // These are all the permissions that are different from board to board..
    if ($context['is_topics']) {
        $permissions = array('own' => array('post_reply_own' => 'can_reply'), 'any' => array('post_reply_any' => 'can_reply', 'mark_any_notify' => 'can_mark_notify'));
    } else {
        $permissions = array('own' => array('post_reply_own' => 'can_reply', 'delete_own' => 'can_delete'), 'any' => array('post_reply_any' => 'can_reply', 'mark_any_notify' => 'can_mark_notify', 'delete_any' => 'can_delete'));
    }
    // For every permission in the own/any lists...
    foreach ($permissions as $type => $list) {
        foreach ($list as $permission => $allowed) {
            // Get the boards they can do this on...
            $boards = boardsAllowedTo($permission);
            // Hmm, they can do it on all boards, can they?
            if (!empty($boards) && $boards[0] == 0) {
                $boards = array_keys($board_ids[$type]);
            }
            // Now go through each board they can do the permission on.
            foreach ($boards as $board_id) {
                // There aren't any posts displayed from this board.
                if (!isset($board_ids[$type][$board_id])) {
                    continue;
                }
                // Set the permission to true ;).
                foreach ($board_ids[$type][$board_id] as $counter) {
                    $context['posts'][$counter][$allowed] = true;
                }
            }
        }
    }
    // Clean up after posts that cannot be deleted and quoted.
    $quote_enabled = empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC']));
    foreach ($context['posts'] as $counter => $dummy) {
        $context['posts'][$counter]['can_delete'] &= $context['posts'][$counter]['delete_possible'];
        $context['posts'][$counter]['can_quote'] = $context['posts'][$counter]['can_reply'] && $quote_enabled;
    }
}
Example #17
0
 /**
  * Remove just a single post.
  * On completion redirect to the topic or to the board.
  * Accessed by ?action=deletemsg
  */
 public function action_deletemsg()
 {
     global $user_info, $topic, $board, $modSettings;
     checkSession('get');
     // This has some handy functions for topics
     require_once SUBSDIR . '/Topic.subs.php';
     require_once SUBSDIR . '/Messages.subs.php';
     $_REQUEST['msg'] = (int) $_REQUEST['msg'];
     // Is $topic set?
     if (empty($topic) && isset($_REQUEST['topic'])) {
         $topic = (int) $_REQUEST['topic'];
     }
     $this->removeDeleteConcurrence();
     $topic_info = loadMessageDetails(array('t.id_member_started'), array('LEFT JOIN {db_prefix}topics AS t ON (m.id_topic = t.id_topic)'), array('message_list' => $_REQUEST['msg']));
     // Verify they can see this!
     if ($modSettings['postmod_active'] && !$topic_info['approved'] && !empty($topic_info['id_member']) && $topic_info['id_member'] != $user_info['id']) {
         isAllowedTo('approve_posts');
     }
     if ($topic_info['id_member'] == $user_info['id']) {
         if (!allowedTo('delete_own')) {
             if ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('delete_any')) {
                 isAllowedTo('delete_replies');
             } elseif (!allowedTo('delete_any')) {
                 isAllowedTo('delete_own');
             }
         } elseif (!allowedTo('delete_any') && ($topic_info['id_member_started'] != $user_info['id'] || !allowedTo('delete_replies')) && !empty($modSettings['edit_disable_time']) && $topic_info['poster_time'] + $modSettings['edit_disable_time'] * 60 < time()) {
             fatal_lang_error('modify_post_time_passed', false);
         }
     } elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('delete_any')) {
         isAllowedTo('delete_replies');
     } else {
         isAllowedTo('delete_any');
     }
     // If the full topic was removed go back to the board.
     require_once SUBSDIR . '/Messages.subs.php';
     $full_topic = removeMessage($_REQUEST['msg']);
     if (allowedTo('delete_any') && (!allowedTo('delete_own') || $topic_info['id_member'] != $user_info['id'])) {
         logAction('delete', array('topic' => $topic, 'subject' => $topic_info['subject'], 'member' => $topic_info['id_member'], 'board' => $board));
     }
     // We want to redirect back to recent action.
     if (isset($_REQUEST['recent'])) {
         redirectexit('action=recent');
     } elseif (isset($_REQUEST['profile'], $_REQUEST['start'], $_REQUEST['u'])) {
         redirectexit('action=profile;u=' . $_REQUEST['u'] . ';area=showposts;start=' . $_REQUEST['start']);
     } elseif ($full_topic) {
         redirectexit('board=' . $board . '.0');
     } else {
         redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
     }
 }
Example #18
0
}
switch ($task) {
    case "view":
        viewMessage($cid[0], $option);
        break;
    case "new":
        newMessage($option, NULL, NULL);
        break;
    case "reply":
        newMessage($option, mosGetParam($_REQUEST, 'userid', 0), mosGetParam($_REQUEST, 'subject', ''));
        break;
    case "save":
        saveMessage($option);
        break;
    case "remove":
        removeMessage($cid, $option);
        break;
    case "config":
        editConfig($option);
        break;
    case "saveconfig":
        saveConfig($option);
        break;
    default:
        showMessages($option);
        break;
}
function editConfig($option)
{
    global $database, $my;
    $database->setQuery("SELECT cfg_name, cfg_value FROM #__messages_cfg WHERE user_id='{$my->id}'");
Example #19
0
function UnapprovedPosts()
{
    global $txt, $scripturl, $context, $user_info, $sourcedir, $smcFunc;
    $context['current_view'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? 'topics' : 'replies';
    $context['page_title'] = $txt['mc_unapproved_posts'];
    // Work out what boards we can work in!
    $approve_boards = boardsAllowedTo('approve_posts');
    // If we filtered by board remove ones outside of this board.
    //!!! Put a message saying we're filtered?
    if (isset($_REQUEST['brd'])) {
        $filter_board = array((int) $_REQUEST['brd']);
        $approve_boards = $approve_boards == array(0) ? $filter_board : array_intersect($approve_boards, $filter_board);
    }
    if ($approve_boards == array(0)) {
        $approve_query = '';
    } elseif (!empty($approve_boards)) {
        $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
    } else {
        $approve_query = ' AND 0';
    }
    // We also need to know where we can delete topics and/or replies to.
    if ($context['current_view'] == 'topics') {
        $delete_own_boards = boardsAllowedTo('remove_own');
        $delete_any_boards = boardsAllowedTo('remove_any');
        $delete_own_replies = array();
    } else {
        $delete_own_boards = boardsAllowedTo('delete_own');
        $delete_any_boards = boardsAllowedTo('delete_any');
        $delete_own_replies = boardsAllowedTo('delete_own_replies');
    }
    $toAction = array();
    // Check if we have something to do?
    if (isset($_GET['approve'])) {
        $toAction[] = (int) $_GET['approve'];
    } elseif (isset($_GET['delete'])) {
        $toAction[] = (int) $_GET['delete'];
    } elseif (isset($_POST['item'])) {
        foreach ($_POST['item'] as $item) {
            $toAction[] = (int) $item;
        }
    }
    // What are we actually doing.
    if (isset($_GET['approve']) || isset($_POST['do']) && $_POST['do'] == 'approve') {
        $curAction = 'approve';
    } elseif (isset($_GET['delete']) || isset($_POST['do']) && $_POST['do'] == 'delete') {
        $curAction = 'delete';
    }
    // Right, so we have something to do?
    if (!empty($toAction) && isset($curAction)) {
        checkSession('request');
        // Handy shortcut.
        $any_array = $curAction == 'approve' ? $approve_boards : $delete_any_boards;
        // Now for each message work out whether it's actually a topic, and what board it's on.
        $request = $smcFunc['db_query']('', '
			SELECT m.id_msg, m.id_member, m.id_board, t.id_topic, t.id_first_msg, t.id_member_started
			FROM {db_prefix}messages AS m
				INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
			LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)
			WHERE m.id_msg IN ({array_int:message_list})
				AND m.approved = {int:not_approved}
				AND {query_see_board}', array('message_list' => $toAction, 'not_approved' => 0));
        $toAction = array();
        while ($row = $smcFunc['db_fetch_assoc']($request)) {
            // If it's not within what our view is ignore it...
            if ($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics' || $row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies') {
                continue;
            }
            $can_add = false;
            // If we're approving this is simple.
            if ($curAction == 'approve' && ($any_array == array(0) || in_array($row['id_board'], $any_array))) {
                $can_add = true;
            } elseif ($curAction == 'delete') {
                // Own post is easy!
                if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
                    $can_add = true;
                } elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
                    $can_add = true;
                } elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
                    $can_add = true;
                }
            }
            if ($can_add) {
                $toAction[] = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg'];
            }
        }
        $smcFunc['db_free_result']($request);
        // If we have anything left we can actually do the approving (etc).
        if (!empty($toAction)) {
            if ($curAction == 'approve') {
                require_once $sourcedir . '/Subs-Post.php';
                if ($context['current_view'] == 'topics') {
                    approveTopics($toAction);
                } else {
                    approvePosts($toAction);
                }
            } else {
                require_once $sourcedir . '/RemoveTopic.php';
                if ($context['current_view'] == 'topics') {
                    removeTopics($toAction);
                } else {
                    foreach ($toAction as $id) {
                        removeMessage($id);
                    }
                }
            }
        }
    }
    // How many unapproved posts are there?
    $request = $smcFunc['db_query']('', '
		SELECT COUNT(*)
		FROM {db_prefix}messages AS m
			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic AND t.id_first_msg != m.id_msg)
			INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
		WHERE m.approved = {int:not_approved}
			AND {query_see_board}
			' . $approve_query, array('not_approved' => 0));
    list($context['total_unapproved_posts']) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    // What about topics?  Normally we'd use the table alias t for topics but lets use m so we don't have to redo our approve query.
    $request = $smcFunc['db_query']('', '
		SELECT COUNT(m.id_topic)
		FROM {db_prefix}topics AS m
			INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
		WHERE m.approved = {int:not_approved}
			AND {query_see_board}
			' . $approve_query, array('not_approved' => 0));
    list($context['total_unapproved_topics']) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . (isset($_REQUEST['brd']) ? ';brd=' . (int) $_REQUEST['brd'] : ''), $_GET['start'], $context['current_view'] == 'topics' ? $context['total_unapproved_topics'] : $context['total_unapproved_posts'], 10);
    $context['start'] = $_GET['start'];
    // We have enough to make some pretty tabs!
    $context[$context['moderation_menu_name']]['tab_data'] = array('title' => $txt['mc_unapproved_posts'], 'help' => 'postmod', 'description' => $txt['mc_unapproved_posts_desc']);
    // Update the tabs with the correct number of posts.
    $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] .= ' (' . $context['total_unapproved_posts'] . ')';
    $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] .= ' (' . $context['total_unapproved_topics'] . ')';
    // If we are filtering some boards out then make sure to send that along with the links.
    if (isset($_REQUEST['brd'])) {
        $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
        $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
    }
    // Get all unapproved posts.
    $request = $smcFunc['db_query']('', '
		SELECT m.id_msg, m.id_topic, m.id_board, m.subject, m.body, m.id_member,
			IFNULL(mem.real_name, m.poster_name) AS poster_name, m.poster_time, m.smileys_enabled,
			t.id_member_started, t.id_first_msg, b.name AS board_name, c.id_cat, c.name AS cat_name
		FROM {db_prefix}messages AS m
			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
			INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
			LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
			LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
		WHERE m.approved = {int:not_approved}
			AND t.id_first_msg ' . ($context['current_view'] == 'topics' ? '=' : '!=') . ' m.id_msg
			AND {query_see_board}
			' . $approve_query . '
		LIMIT ' . $context['start'] . ', 10', array('not_approved' => 0));
    $context['unapproved_items'] = array();
    for ($i = 1; $row = $smcFunc['db_fetch_assoc']($request); $i++) {
        // Can delete is complicated, let's solve it first... is it their own post?
        if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
            $can_delete = true;
        } elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
            $can_delete = true;
        } elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
            $can_delete = true;
        } else {
            $can_delete = false;
        }
        $context['unapproved_items'][] = array('id' => $row['id_msg'], 'alternate' => $i % 2, 'counter' => $context['start'] + $i, 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'], 'subject' => $row['subject'], 'body' => parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']), 'time' => timeformat($row['poster_time']), 'poster' => array('id' => $row['id_member'], 'name' => $row['poster_name'], 'link' => $row['id_member'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>' : $row['poster_name'], 'href' => $scripturl . '?action=profile;u=' . $row['id_member']), 'topic' => array('id' => $row['id_topic']), 'board' => array('id' => $row['id_board'], 'name' => $row['board_name']), 'category' => array('id' => $row['id_cat'], 'name' => $row['cat_name']), 'can_delete' => $can_delete);
    }
    $smcFunc['db_free_result']($request);
    $context['sub_template'] = 'unapproved_posts';
}
function QuickInTopicModeration()
{
    global $sourcedir, $topic, $board, $user_info, $smcFunc, $modSettings, $context;
    // Check the session = get or post.
    checkSession('request');
    require_once $sourcedir . '/RemoveTopic.php';
    if (empty($_REQUEST['msgs'])) {
        redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
    }
    $messages = array();
    foreach ($_REQUEST['msgs'] as $dummy) {
        $messages[] = (int) $dummy;
    }
    // We are restoring messages. We handle this in another place.
    if (isset($_REQUEST['restore_selected'])) {
        redirectexit('action=restoretopic;msgs=' . implode(',', $messages) . ';' . $context['session_var'] . '=' . $context['session_id']);
    }
    // Allowed to delete any message?
    if (allowedTo('delete_any')) {
        $allowed_all = true;
    } elseif (allowedTo('delete_replies')) {
        $request = $smcFunc['db_query']('', '
			SELECT id_member_started
			FROM {db_prefix}topics
			WHERE id_topic = {int:current_topic}
			LIMIT 1', array('current_topic' => $topic));
        list($starter) = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);
        $allowed_all = $starter == $user_info['id'];
    } else {
        $allowed_all = false;
    }
    // Make sure they're allowed to delete their own messages, if not any.
    if (!$allowed_all) {
        isAllowedTo('delete_own');
    }
    // Allowed to remove which messages?
    $request = $smcFunc['db_query']('', '
		SELECT id_msg, subject, id_member, poster_time, GREATEST(poster_time, modified_time) AS last_modified_time
		FROM {db_prefix}messages
		WHERE id_msg IN ({array_int:message_list})
			AND id_topic = {int:current_topic}' . (!$allowed_all ? '
			AND id_member = {int:current_member}' : '') . '
		LIMIT ' . count($messages), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'message_list' => $messages));
    $messages = array();
    while ($row = $smcFunc['db_fetch_assoc']($request)) {
        if (!$allowed_all && !empty($modSettings['edit_disable_time']) && $row['last_modified_time'] + $modSettings['edit_disable_time'] * 60 < time()) {
            continue;
        }
        $messages[$row['id_msg']] = array($row['subject'], $row['id_member']);
    }
    $smcFunc['db_free_result']($request);
    // Get the first message in the topic - because you can't delete that!
    $request = $smcFunc['db_query']('', '
		SELECT id_first_msg, id_last_msg
		FROM {db_prefix}topics
		WHERE id_topic = {int:current_topic}
		LIMIT 1', array('current_topic' => $topic));
    list($first_message, $last_message) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    // Delete all the messages we know they can delete. ($messages)
    foreach ($messages as $message => $info) {
        // Just skip the first message - if it's not the last.
        if ($message == $first_message && $message != $last_message) {
            continue;
        } elseif ($message == $first_message) {
            $topicGone = true;
        }
        removeMessage($message);
        // Log this moderation action ;).
        if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id'])) {
            logAction('delete', array('topic' => $topic, 'subject' => $info[0], 'member' => $info[1], 'board' => $board));
        }
    }
    redirectexit(!empty($topicGone) ? 'board=' . $board : 'topic=' . $topic . '.' . $_REQUEST['start']);
}
Example #21
0
function postAction()
{
    global $username;
    global $action;
    global $postid;
    global $global_username;
    global $forumid;
    global $reason;
    global $nmDataService;
    global $access_token;
    if (!$forumid || !$postid || !$action) {
        echo json_encode(array("success" => false, "msg" => "Missing arguments"));
        return;
    }
    $action_username = $global_username;
    $author_username = $username;
    $token = $access_token;
    $hubDS = $nmDataService->getForumHubDataService($forumid);
    switch ($action) {
        case 'pa-apr':
            //$nativeid=$hubDS->getPostNativeId($postid);
            $txt = $hubDS->setPostStatus('approved', $forumid, $action_username, $postid, $reason);
            if ($txt) {
                updateMessageText($token, $postid, $txt);
            }
            if (approveMessage($token, $postid)) {
                $hubDS->recordPostAction(1, $postid, "", $forumid);
                $status_name = $hubDS->getStatusName(6);
            } else {
                $hubDS->recordPostAction(9, $postid, "", $forumid);
            }
            break;
        case 'pa-mod':
            //$nativeid=$hubDS->getPostNativeId($postid);
            $latestText = replaceMessageText($token, $postid, $hubDS->getForumModerationText($forumid));
            // latesttext to make sure that we are not losing any user edits
            //removeMessage($token,$id);
            $hubDS->updatePostText($postid, $latestText);
            $hubDS->setPostStatus('pending', $forumid, $action_username, $postid, $reason);
            $status_name = $hubDS->getStatusName(2);
            break;
        case 'pa-mov':
            break;
        case 'pa-del':
            // $nativeid=$hubDS->getPostNativeId($postid);
            // $latestText=replaceMessageText($token,$nativeid,$hubDS->getForumDeletionText($forumid)); // latesttext to make sure that we are not losing any user edits
            if (removeMessage($token, $postid)) {
                $hubDS->recordPostAction(3, $postid, "", $forumid);
                $hubDS->setPostStatus('deleted', $forumid, $action_username, $postid, $reason);
                $status_name = $hubDS->getStatusName(3);
            } else {
                $hubDS->recordPostAction(7, $postid, "", $forumid);
            }
            break;
    }
    //$ds->insertAsyncAction($forumid,$action,$postid,$global_username,$username,$reason);
    echo json_encode(array("success" => true));
}