Example #1
0
function UnapprovedPosts()
{
    global $txt, $scripturl, $context, $user_info, $sourcedir, $smcFunc;
    $context['current_view'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? 'topics' : 'replies';
    $context['page_title'] = $txt['mc_unapproved_posts'];
    EoS_Smarty::loadTemplate('modcenter/modcenter_base');
    EoS_Smarty::getConfigInstance()->registerHookTemplate('modcenter_content_area', 'modcenter/unapproved_posts');
    // Work out what boards we can work in!
    $approve_boards = boardsAllowedTo('approve_posts');
    // If we filtered by board remove ones outside of this board.
    //!!! Put a message saying we're filtered?
    if (isset($_REQUEST['brd'])) {
        $filter_board = array((int) $_REQUEST['brd']);
        $approve_boards = $approve_boards == array(0) ? $filter_board : array_intersect($approve_boards, $filter_board);
    }
    if ($approve_boards == array(0)) {
        $approve_query = '';
    } elseif (!empty($approve_boards)) {
        $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
    } else {
        $approve_query = ' AND 0';
    }
    // We also need to know where we can delete topics and/or replies to.
    if ($context['current_view'] == 'topics') {
        $delete_own_boards = boardsAllowedTo('remove_own');
        $delete_any_boards = boardsAllowedTo('remove_any');
        $delete_own_replies = array();
    } else {
        $delete_own_boards = boardsAllowedTo('delete_own');
        $delete_any_boards = boardsAllowedTo('delete_any');
        $delete_own_replies = boardsAllowedTo('delete_own_replies');
    }
    $toAction = array();
    // Check if we have something to do?
    if (isset($_GET['approve'])) {
        $toAction[] = (int) $_GET['approve'];
    } elseif (isset($_GET['delete'])) {
        $toAction[] = (int) $_GET['delete'];
    } elseif (isset($_POST['item'])) {
        foreach ($_POST['item'] as $item) {
            $toAction[] = (int) $item;
        }
    }
    // What are we actually doing.
    if (isset($_GET['approve']) || isset($_POST['do']) && $_POST['do'] == 'approve') {
        $curAction = 'approve';
    } elseif (isset($_GET['delete']) || isset($_POST['do']) && $_POST['do'] == 'delete') {
        $curAction = 'delete';
    }
    // Right, so we have something to do?
    if (!empty($toAction) && isset($curAction)) {
        checkSession('request');
        // Handy shortcut.
        $any_array = $curAction == 'approve' ? $approve_boards : $delete_any_boards;
        // Now for each message work out whether it's actually a topic, and what board it's on.
        $request = smf_db_query('
			SELECT m.id_msg, m.id_member, m.id_board, m.subject, t.id_topic, t.id_first_msg, t.id_member_started
			FROM {db_prefix}messages AS m
				INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
			LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)
			WHERE m.id_msg IN ({array_int:message_list})
				AND m.approved = {int:not_approved}
				AND {query_see_board}', array('message_list' => $toAction, 'not_approved' => 0));
        $toAction = array();
        $details = array();
        while ($row = mysql_fetch_assoc($request)) {
            // If it's not within what our view is ignore it...
            if ($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics' || $row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies') {
                continue;
            }
            $can_add = false;
            // If we're approving this is simple.
            if ($curAction == 'approve' && ($any_array == array(0) || in_array($row['id_board'], $any_array))) {
                $can_add = true;
            } elseif ($curAction == 'delete') {
                // Own post is easy!
                if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
                    $can_add = true;
                } elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
                    $can_add = true;
                } elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
                    $can_add = true;
                }
            }
            if ($can_add) {
                $anItem = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg'];
            }
            $toAction[] = $anItem;
            // All clear. What have we got now, what, what?
            $details[$anItem] = array();
            $details[$anItem]["subject"] = $row['subject'];
            $details[$anItem]["topic"] = $row['id_topic'];
            $details[$anItem]["member"] = $context['current_view'] == 'topics' ? $row['id_member_started'] : $row['id_member'];
            $details[$anItem]["board"] = $row['id_board'];
        }
        mysql_free_result($request);
        // If we have anything left we can actually do the approving (etc).
        if (!empty($toAction)) {
            if ($curAction == 'approve') {
                approveMessages($toAction, $details, $context['current_view']);
            } else {
                removeMessages($toAction, $details, $context['current_view']);
            }
        }
    }
    // How many unapproved posts are there?
    $request = smf_db_query('
		SELECT COUNT(*)
		FROM {db_prefix}messages AS m
			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic AND t.id_first_msg != m.id_msg)
			INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
		WHERE m.approved = {int:not_approved}
			AND {query_see_board}
			' . $approve_query, array('not_approved' => 0));
    list($context['total_unapproved_posts']) = mysql_fetch_row($request);
    mysql_free_result($request);
    // What about topics?  Normally we'd use the table alias t for topics but lets use m so we don't have to redo our approve query.
    $request = smf_db_query('
		SELECT COUNT(m.id_topic)
		FROM {db_prefix}topics AS m
			INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
		WHERE m.approved = {int:not_approved}
			AND {query_see_board}
			' . $approve_query, array('not_approved' => 0));
    list($context['total_unapproved_topics']) = mysql_fetch_row($request);
    mysql_free_result($request);
    $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . (isset($_REQUEST['brd']) ? ';brd=' . (int) $_REQUEST['brd'] : ''), $_GET['start'], $context['current_view'] == 'topics' ? $context['total_unapproved_topics'] : $context['total_unapproved_posts'], 10);
    $context['start'] = $_GET['start'];
    // We have enough to make some pretty tabs!
    $context[$context['moderation_menu_name']]['tab_data'] = array('title' => $txt['mc_unapproved_posts'], 'help' => 'postmod', 'description' => $txt['mc_unapproved_posts_desc']);
    // Update the tabs with the correct number of posts.
    $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] .= ' (' . $context['total_unapproved_posts'] . ')';
    $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] .= ' (' . $context['total_unapproved_topics'] . ')';
    // If we are filtering some boards out then make sure to send that along with the links.
    if (isset($_REQUEST['brd'])) {
        $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
        $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
    }
    // Get all unapproved posts.
    $request = smf_db_query('
		SELECT m.id_msg, m.id_topic, m.id_board, m.subject, m.body, m.id_member,
			IFNULL(mem.real_name, m.poster_name) AS poster_name, m.poster_time, m.smileys_enabled,
			t.id_member_started, t.id_first_msg, b.name AS board_name, c.id_cat, c.name AS cat_name
		FROM {db_prefix}messages AS m
			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
			INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
			LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
			LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
		WHERE m.approved = {int:not_approved}
			AND t.id_first_msg ' . ($context['current_view'] == 'topics' ? '=' : '!=') . ' m.id_msg
			AND {query_see_board}
			' . $approve_query . '
		LIMIT ' . $context['start'] . ', 10', array('not_approved' => 0));
    $context['unapproved_items'] = array();
    for ($i = 1; $row = mysql_fetch_assoc($request); $i++) {
        // Can delete is complicated, let's solve it first... is it their own post?
        if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
            $can_delete = true;
        } elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
            $can_delete = true;
        } elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
            $can_delete = true;
        } else {
            $can_delete = false;
        }
        $context['unapproved_items'][] = array('id' => $row['id_msg'], 'alternate' => $i % 2, 'counter' => $context['start'] + $i, 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'], 'subject' => $row['subject'], 'body' => parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']), 'time' => timeformat($row['poster_time']), 'poster' => array('id' => $row['id_member'], 'name' => $row['poster_name'], 'link' => $row['id_member'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>' : $row['poster_name'], 'href' => $scripturl . '?action=profile;u=' . $row['id_member']), 'topic' => array('id' => $row['id_topic']), 'board' => array('id' => $row['id_board'], 'name' => $row['board_name']), 'category' => array('id' => $row['id_cat'], 'name' => $row['cat_name']), 'can_delete' => $can_delete);
    }
    mysql_free_result($request);
    // Make up some buttons
    $context['approve_button'] = create_button('approve', 'approve');
    $context['remove_button'] = create_button('remove_message', 'remove');
}
    /**
     * View all unapproved posts or topics
     */
    public function action_unapproved()
    {
        global $txt, $scripturl, $context, $user_info;
        $context['current_view'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? 'topics' : 'replies';
        $context['page_title'] = $txt['mc_unapproved_posts'];
        $context['header_title'] = $txt['mc_' . ($context['current_view'] == 'topics' ? 'topics' : 'posts')];
        // Work out what boards we can work in!
        $approve_boards = !empty($user_info['mod_cache']['ap']) ? $user_info['mod_cache']['ap'] : boardsAllowedTo('approve_posts');
        // If we filtered by board remove ones outside of this board.
        // @todo Put a message saying we're filtered?
        if (isset($_REQUEST['brd'])) {
            $filter_board = array((int) $_REQUEST['brd']);
            $approve_boards = $approve_boards == array(0) ? $filter_board : array_intersect($approve_boards, $filter_board);
        }
        if ($approve_boards == array(0)) {
            $approve_query = '';
        } elseif (!empty($approve_boards)) {
            $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
        } else {
            $approve_query = ' AND 1=0';
        }
        // We also need to know where we can delete topics and/or replies to.
        if ($context['current_view'] == 'topics') {
            $delete_own_boards = boardsAllowedTo('remove_own');
            $delete_any_boards = boardsAllowedTo('remove_any');
            $delete_own_replies = array();
        } else {
            $delete_own_boards = boardsAllowedTo('delete_own');
            $delete_any_boards = boardsAllowedTo('delete_any');
            $delete_own_replies = boardsAllowedTo('delete_own_replies');
        }
        $toAction = array();
        // Check if we have something to do?
        if (isset($_GET['approve'])) {
            $toAction[] = (int) $_GET['approve'];
        } elseif (isset($_GET['delete'])) {
            $toAction[] = (int) $_GET['delete'];
        } elseif (isset($_POST['item'])) {
            foreach ($_POST['item'] as $item) {
                $toAction[] = (int) $item;
            }
        }
        // What are we actually doing.
        if (isset($_GET['approve']) || isset($_POST['do']) && $_POST['do'] == 'approve') {
            $curAction = 'approve';
        } elseif (isset($_GET['delete']) || isset($_POST['do']) && $_POST['do'] == 'delete') {
            $curAction = 'delete';
        }
        // Right, so we have something to do?
        if (!empty($toAction) && isset($curAction)) {
            checkSession('request');
            require_once SUBSDIR . '/Topic.subs.php';
            require_once SUBSDIR . '/Messages.subs.php';
            // Handy shortcut.
            $any_array = $curAction == 'approve' ? $approve_boards : $delete_any_boards;
            // Now for each message work out whether it's actually a topic, and what board it's on.
            $request = loadMessageDetails(array('m.id_board', 't.id_topic', 't.id_first_msg', 't.id_member_started'), array('INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)', 'LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)'), array('message_list' => $toAction, 'not_approved' => 0), array('additional_conditions' => '
					AND m.approved = {int:not_approved}
					AND {query_see_board}'));
            $toAction = array();
            $details = array();
            foreach ($request as $row) {
                // If it's not within what our view is ignore it...
                if ($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics' || $row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies') {
                    continue;
                }
                $can_add = false;
                // If we're approving this is simple.
                if ($curAction == 'approve' && ($any_array == array(0) || in_array($row['id_board'], $any_array))) {
                    $can_add = true;
                } elseif ($curAction == 'delete') {
                    // Own post is easy!
                    if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
                        $can_add = true;
                    } elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
                        $can_add = true;
                    } elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
                        $can_add = true;
                    }
                }
                if ($can_add) {
                    $anItem = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg'];
                    $toAction[] = $anItem;
                    // All clear. What have we got now, what, what?
                    $details[$anItem] = array();
                    $details[$anItem]['subject'] = $row['subject'];
                    $details[$anItem]['topic'] = $row['id_topic'];
                    $details[$anItem]['member'] = $context['current_view'] == 'topics' ? $row['id_member_started'] : $row['id_member'];
                    $details[$anItem]['board'] = $row['id_board'];
                }
            }
            // If we have anything left we can actually do the approving (etc).
            if (!empty($toAction)) {
                if ($curAction == 'approve') {
                    approveMessages($toAction, $details, $context['current_view']);
                } else {
                    removeMessages($toAction, $details, $context['current_view']);
                }
                cache_put_data('num_menu_errors', null, 900);
            }
        }
        // Get the moderation values for the board level
        $brd = isset($_REQUEST['brd']) ? (int) $_REQUEST['brd'] : null;
        require_once SUBSDIR . '/Moderation.subs.php';
        $mod_count = loadModeratorMenuCounts($brd);
        $context['total_unapproved_topics'] = $mod_count['topics'];
        $context['total_unapproved_posts'] = $mod_count['posts'];
        $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . (isset($_REQUEST['brd']) ? ';brd=' . (int) $_REQUEST['brd'] : ''), $_GET['start'], $context['current_view'] == 'topics' ? $context['total_unapproved_topics'] : $context['total_unapproved_posts'], 10);
        $context['start'] = $_GET['start'];
        // We have enough to make some pretty tabs!
        $context[$context['moderation_menu_name']]['tab_data'] = array('title' => $txt['mc_unapproved_posts'], 'help' => 'postmod', 'description' => $txt['mc_unapproved_posts_desc']);
        // Update the tabs with the correct number of actions to account for brd filtering
        $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] = $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] . ' [' . $context['total_unapproved_posts'] . ']';
        $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] = $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] . ' [' . $context['total_unapproved_topics'] . ']';
        // If we are filtering some boards out then make sure to send that along with the links.
        if (isset($_REQUEST['brd'])) {
            $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
            $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['add_params'] = ';brd=' . (int) $_REQUEST['brd'];
        }
        // Get all unapproved posts.
        $context['unapproved_items'] = getUnapprovedPosts($approve_query, $context['current_view'], array('delete_own_boards' => $delete_own_boards, 'delete_any_boards' => $delete_any_boards, 'delete_own_replies' => $delete_own_replies), $context['start'], 10);
        foreach ($context['unapproved_items'] as $key => $item) {
            $context['unapproved_items'][$key]['buttons'] = array('quickmod_check' => array('checkbox' => true, 'name' => 'item', 'value' => $item['id']), 'approve' => array('href' => $scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . ';start=' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';approve=' . $item['id'], 'text' => $txt['approve']), 'unapprove' => array('href' => $scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . ';start=' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';delete=' . $item['id'], 'text' => $txt['remove'], 'test' => 'can_delete'));
            $context['unapproved_items'][$key]['tests'] = array('can_delete' => $item['can_delete']);
        }
        $context['sub_template'] = 'unapproved_posts';
    }