Esempio n. 1
0
/**
 * Handle Stripe webhooks
 */
function stripe_webhook_handler($environment)
{
    $body = get_post_data();
    $event_json = json_decode($body);
    $event_id = $event_json->id;
    $gateway = new StripeClient($environment);
    $event = $gateway->getEvent($event_id);
    if (!$event) {
        return array('success' => false, 'message' => 'Stripe Event for this webhook was not found');
    }
    $ia = elgg_set_ignore_access(true);
    $ha = access_get_show_hidden_status();
    access_show_hidden_entities(true);
    $result = elgg_trigger_plugin_hook_handler($event->type, 'stripe.events', array('environment' => $environment, 'event' => $event), array('success' => true));
    access_show_hidden_entities($ha);
    elgg_set_ignore_access($ia);
    return $result;
}
Esempio n. 2
0
function search_products(ProductCategory $category, $page)
{
    $post_data = array();
    $post_data["ApiKey"] = API_KEY;
    $post_data["SearchRequest"] = array();
    $post_data["SearchRequest"]["Keyword"] = $category->get_name();
    $post_data["SearchRequest"]["Pagination"] = array();
    $post_data["SearchRequest"]["Pagination"]["ItemsPerPage"] = 10;
    $post_data["SearchRequest"]["Pagination"]["PageNumber"] = $page;
    $post_data["SearchRequest"]["Filters"] = array();
    $post_data["SearchRequest"]["Filters"]["Price"] = array();
    $post_data["SearchRequest"]["Filters"]["Price"]["Min"] = 0;
    $post_data["SearchRequest"]["Filters"]["Price"]["Max"] = 0;
    $post_data["SearchRequest"]["Filters"]["Navigation"] = "all";
    $post_data["SearchRequest"]["Filters"]["IncludeMarketPlace"] = false;
    $post_data["SearchRequest"]["Filters"]["Brands"] = array();
    $file = get_post_data(API_SEARCH, json_encode($post_data));
    return json_decode($file, true);
}
 public function block_content($context, array $blocks = array())
 {
     // line 4
     echo "<h4>Alasan laporan</h4>\n";
     // line 5
     echo get_flashdata("laporkan");
     echo "\n\n<p>Mengapa anda melaporkan komentar tersebut?</p>\n\n";
     // line 9
     echo form_open("materi/detail/" . $this->getAttribute(isset($context["materi"]) ? $context["materi"] : null, "id") . "/laporkan/" . $this->getAttribute(isset($context["komentar"]) ? $context["komentar"] : null, "id"));
     echo "\n";
     // line 10
     echo form_error("alasan");
     echo "\n<label class=\"radio\">\n  <input type=\"radio\" ";
     // line 12
     echo twig_escape_filter($this->env, set_radio("alasan", "SARA"), "html", null, true);
     echo " class=\"hide-lain\" name=\"alasan\" value=\"SARA\"> SARA\n</label>\n<label class=\"radio\">\n  <input type=\"radio\" ";
     // line 15
     echo twig_escape_filter($this->env, set_radio("alasan", "Pornografi"), "html", null, true);
     echo " class=\"hide-lain\" name=\"alasan\" value=\"Pornografi\"> Pornografi\n</label>\n<label class=\"radio\">\n  <input type=\"radio\" ";
     // line 18
     echo twig_escape_filter($this->env, set_radio("alasan", "Profokasi/Intimidasi"), "html", null, true);
     echo " class=\"hide-lain\" name=\"alasan\" value=\"Profokasi/Intimidasi\"> Profokasi/Intimidasi\n</label>\n<label class=\"radio\">\n  <input type=\"radio\" ";
     // line 21
     echo twig_escape_filter($this->env, set_radio("alasan", "tulis"), "html", null, true);
     echo " class=\"show-lain\" name=\"alasan\" value=\"tulis\"> Tulis alasan\n</label>\n<div class=\"form-lain ";
     // line 23
     echo twig_test_empty(get_post_data("alasan")) || get_post_data("alasan") != "tulis" ? "hide" : "";
     echo "\">\n    <textarea class=\"span12\" name=\"alasan_lain\" placeholder=\"Tulis alasan anda\">";
     // line 24
     echo twig_escape_filter($this->env, set_value("alasan_lain"), "html", null, true);
     echo "</textarea>\n    ";
     // line 25
     echo form_error("alasan_lain");
     echo "\n</div>\n<p><button type=\"submit\" class=\"btn btn-primary\">Submit</button></p>\n";
     // line 28
     echo form_close();
     echo "\n";
 }
 public function block_content($context, array $blocks = array())
 {
     // line 4
     echo "<div class=\"module\">\n    <div class=\"module-head\">\n        <h3>";
     // line 6
     echo isset($context["module_title"]) ? $context["module_title"] : null;
     echo "</h3>\n    </div>\n    <div class=\"module-body\">\n        ";
     // line 9
     echo get_flashdata("tugas");
     echo "\n\n        <div>\n            ";
     // line 12
     echo form_open("admin/tugas/add_question/" . $this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "id") . "/" . $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "id"));
     echo "\n            <input type=\"hidden\" name=\"jumlah_pilihan\" value=\"4\">\n            <table class=\"table table-bordered table-hover\">\n                <thead>\n                    <tr>\n                        <th>\n                            <div class=\"bs-callout bs-callout-info bs-callout-noborder\">\n                                <div class=\"btn-group pull-right\">\n                                    <a class=\"btn btn-default\" href=\"";
     // line 20
     echo twig_escape_filter($this->env, site_url("admin/tugas/edit/" . $this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "id") . "/" . $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "id") . "/" . enurl_redirect(current_url())), "html", null, true);
     echo "\"><i class=\"icon-edit\"></i> Edit Tugas</a>\n                                    ";
     // line 21
     if ($this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "aktif") == 0) {
         // line 22
         echo "                                        ";
         echo anchor("admin/tugas/tampilkan/" . $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "id") . "/" . enurl_redirect(current_url()), "<i class=\"icon-ok\"></i> Tampilkan</a>", array("class" => "btn btn-default", "data-toggle" => "tooltip", "title" => "Tampilkan agar siswa dapat <br>mengerjakan tugas"));
         echo "\n                                    ";
     } else {
         // line 24
         echo "                                        ";
         echo anchor("admin/tugas/sembunyikan/" . $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "id") . "/" . enurl_redirect(current_url()), "<i class=\"icon-ok\"></i> Sembunyikan</a>", array("class" => "btn btn-success", "data-toggle" => "tooltip", "title" => "Sembunyikan agar siswa sudah <br>tidak dapat mengerjakan tugas"));
         echo "\n                                    ";
     }
     // line 26
     echo "                                </div>\n                                <h2 class=\"title-info\" data-toggle=\"collapse\" data-target=\"#demo\">";
     // line 27
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "judul"), "html", null, true);
     echo "</h2>\n                                <div id=\"demo\" class=\"collapse\">\n                                <label class=\"label label-warning\">Tipe : ";
     // line 29
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "type"), "html", null, true);
     echo "</label>\n                                <label class=\"label label-info\">Durasi : ";
     // line 30
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "durasi"), "html", null, true);
     echo " Menit</label>\n                                <table class=\"table table-condensed table-striped\">\n                                    <thead>\n                                        <tr>\n                                            <th>Pengajar</th>\n                                            <th>Matapelajaran</th>\n                                            <th>Hari</th>\n                                            <th>Jam</th>\n                                            <th>Kelas</th>\n                                        </tr>\n                                    </thead>\n                                    <tbody>\n                                        <tr>\n                                            <td><a href=\"";
     // line 43
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["pengajar"]) ? $context["pengajar"] : null, "link_profil"), "html", null, true);
     echo "\">";
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["pengajar"]) ? $context["pengajar"] : null, "nama"), "html", null, true);
     echo "</a></td>\n                                            <td>";
     // line 44
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["mapel"]) ? $context["mapel"] : null, "nama"), "html", null, true);
     echo "</td>\n                                            <td>";
     // line 45
     echo twig_escape_filter($this->env, get_indo_hari($this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "hari_id")), "html", null, true);
     echo "</td>\n                                            <td>";
     // line 46
     echo twig_escape_filter($this->env, twig_date_format_filter($this->env, $this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "jam_mulai"), "H:i"), "html", null, true);
     echo " - ";
     echo twig_escape_filter($this->env, twig_date_format_filter($this->env, $this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "jam_selesai"), "H:i"), "html", null, true);
     echo "</td>\n                                            <td>";
     // line 47
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["kelas"]) ? $context["kelas"] : null, "nama"), "html", null, true);
     echo " <span class=\"badge badge-info\">";
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["kelas"]) ? $context["kelas"] : null, "jumlah_siswa"), "html", null, true);
     echo " siswa</span></td>\n                                        </tr>\n                                    </tbody>\n                                </table>\n                                </div>\n                            </div>\n                        </th>\n                    </tr>\n                </thead>\n                <tbody>\n                    <tr class=\"info\">\n                        <td>\n                            <ul class=\"unstyled inline\" style=\"margin-left: -5px;\">\n                                ";
     // line 60
     $context['_parent'] = (array) $context;
     $context['_seq'] = twig_ensure_traversable($this->getAttribute(isset($context["retrieve_all_pertanyaan"]) ? $context["retrieve_all_pertanyaan"] : null, "results"));
     foreach ($context['_seq'] as $context["s_key"] => $context["s"]) {
         // line 61
         echo "                                <li>\n                                    ";
         // line 62
         if (!twig_test_empty($this->getAttribute(isset($context["s"]) ? $context["s"] : null, "kunci_index"))) {
             // line 63
             echo "                                        ";
             $context["kunci_index"] = get_abjad($this->getAttribute(isset($context["s"]) ? $context["s"] : null, "kunci_index"));
             // line 64
             echo "                                    ";
         } else {
             // line 65
             echo "                                        ";
             $context["kunci_index"] = "";
             // line 66
             echo "                                    ";
         }
         // line 67
         echo "                                    ";
         echo anchor("admin/tugas/edit_question/" . $this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "id") . "/" . $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "id") . "/" . $this->getAttribute(isset($context["s"]) ? $context["s"] : null, "id"), (isset($context["s_key"]) ? $context["s_key"] : null) . ". " . (isset($context["kunci_index"]) ? $context["kunci_index"] : null), array("class" => "label label-info", "data-toggle" => "tooltip", "title" => word_limiter(strip_tags($this->getAttribute(isset($context["s"]) ? $context["s"] : null, "pertanyaan")), 50)));
         echo "\n                                </li>\n                                ";
     }
     $_parent = $context['_parent'];
     unset($context['_seq'], $context['_iterated'], $context['s_key'], $context['s'], $context['_parent'], $context['loop']);
     $context = array_intersect_key($context, $_parent) + $_parent;
     // line 70
     echo "                            </ul>\n                            <b>Jumlah Soal Tersimpan : ";
     // line 71
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["retrieve_all_pertanyaan"]) ? $context["retrieve_all_pertanyaan"] : null, "total_record"), "html", null, true);
     echo "</b>\n                        </td>\n                    </tr>\n                    <tr>\n                        <td>\n                            <h3>Pertanyaan Soal Ke ";
     // line 76
     echo twig_escape_filter($this->env, $this->getAttribute(isset($context["retrieve_all_pertanyaan"]) ? $context["retrieve_all_pertanyaan"] : null, "total_record") + 1, "html", null, true);
     echo " <span class=\"text-error\">*</span> ";
     echo form_error("pertanyaan");
     echo "</h3>\n                            <textarea id=\"question\" name=\"pertanyaan\" style=\"width:100%;height:200px;\">";
     // line 77
     echo set_value("pertanyaan");
     echo "</textarea>\n                        </td>\n                    </tr>\n                    ";
     // line 80
     if ($this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "type_id") == 3) {
         // line 81
         echo "                    <tr>\n                        <td>\n                            <div class=\"pull-right controls\">\n                                <label class=\"radio inline\"><input type=\"radio\" name=\"kunci\" value=\"pilihan_1\" ";
         // line 84
         echo twig_escape_filter($this->env, set_radio("kunci", "pilihan_1", get_post_data("kunci") == "" ? true : ""), "html", null, true);
         echo "> <b class=\"text-warning\">Jadikan Kunci</b></label>\n                            </div>\n                            <h3>Pilihan A</h3>\n                            <textarea class=\"tiny_options\" name=\"pilihan_1\" style=\"width:100%;height:200px;\">";
         // line 87
         echo set_value("pilihan_1");
         echo "</textarea>\n                        </td>\n                    </tr>\n                    <tr>\n                        <td>\n                            <div class=\"pull-right controls\">\n                                <label class=\"radio inline\"><input type=\"radio\" name=\"kunci\" value=\"pilihan_2\" ";
         // line 93
         echo twig_escape_filter($this->env, set_radio("kunci", "pilihan_2"), "html", null, true);
         echo "> <b class=\"text-warning\">Jadikan Kunci</b></label>\n                            </div>\n                            <h3>Pilihan B</h3>\n                            <textarea class=\"tiny_options\" name=\"pilihan_2\" style=\"width:100%;height:200px;\">";
         // line 96
         echo set_value("pilihan_2");
         echo "</textarea>\n                        </td>\n                    </tr>\n                    <tr>\n                        <td>\n                            <div class=\"pull-right controls\">\n                                <label class=\"radio inline\"><input type=\"radio\" name=\"kunci\" value=\"pilihan_3\" ";
         // line 102
         echo twig_escape_filter($this->env, set_radio("kunci", "pilihan_3"), "html", null, true);
         echo "> <b class=\"text-warning\">Jadikan Kunci</b></label>\n                            </div>\n                            <h3>Pilihan C</h3>\n                            <textarea class=\"tiny_options\" name=\"pilihan_3\" style=\"width:100%;height:200px;\">";
         // line 105
         echo set_value("pilihan_3");
         echo "</textarea>\n                        </td>\n                    </tr>\n                    <tr>\n                        <td>\n                            <div class=\"pull-right controls\">\n                                <label class=\"radio inline\"><input type=\"radio\" name=\"kunci\" value=\"pilihan_4\" ";
         // line 111
         echo twig_escape_filter($this->env, set_radio("kunci", "pilihan_4"), "html", null, true);
         echo "> <b class=\"text-warning\">Jadikan Kunci</b></label>\n                            </div>\n                            <h3>Pilihan D</h3>\n                            <textarea class=\"tiny_options\" name=\"pilihan_4\" style=\"width:100%;height:200px;\">";
         // line 114
         echo set_value("pilihan_4");
         echo "</textarea>\n                        </td>\n                    </tr>\n                    ";
     }
     // line 118
     echo "                    <tr>\n                        <td>\n                            <button class=\"btn btn-primary\" type=\"submit\">Simpan</button>\n                            <a class=\"btn btn-default\" href=\"";
     // line 121
     echo twig_escape_filter($this->env, site_url("admin/tugas/soal/" . $this->getAttribute(isset($context["mapel_ajar"]) ? $context["mapel_ajar"] : null, "id") . "/" . $this->getAttribute(isset($context["tugas"]) ? $context["tugas"] : null, "id")), "html", null, true);
     echo "\">Batal</a>\n                        </td>\n                    </tr>\n                </tbody>\n            </table>\n            ";
     // line 126
     echo form_close();
     echo "\n        </div>\n    </div>\n</div>\n";
 }
/**
* Split topic
*/
function split_topic($action, $topic_id, $to_forum_id, $subject)
{
    global $db, $template, $user, $phpEx, $phpbb_root_path, $auth, $config;
    $post_id_list = request_var('post_id_list', array(0));
    $forum_id = request_var('forum_id', 0);
    $start = request_var('start', 0);
    if (!sizeof($post_id_list)) {
        $template->assign_var('MESSAGE', $user->lang['NO_POST_SELECTED']);
        return;
    }
    if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_split'))) {
        return;
    }
    $post_id = $post_id_list[0];
    $post_info = get_post_data(array($post_id));
    if (!sizeof($post_info)) {
        $template->assign_var('MESSAGE', $user->lang['NO_POST_SELECTED']);
        return;
    }
    $post_info = $post_info[$post_id];
    $subject = trim($subject);
    // Make some tests
    if (!$subject) {
        $template->assign_var('MESSAGE', $user->lang['EMPTY_SUBJECT']);
        return;
    }
    if ($to_forum_id <= 0) {
        $template->assign_var('MESSAGE', $user->lang['NO_DESTINATION_FORUM']);
        return;
    }
    $forum_info = get_forum_data(array($to_forum_id), 'f_post');
    if (!sizeof($forum_info)) {
        $template->assign_var('MESSAGE', $user->lang['USER_CANNOT_POST']);
        return;
    }
    $forum_info = $forum_info[$to_forum_id];
    if ($forum_info['forum_type'] != FORUM_POST) {
        $template->assign_var('MESSAGE', $user->lang['FORUM_NOT_POSTABLE']);
        return;
    }
    $redirect = request_var('redirect', build_url(array('quickmod')));
    $s_hidden_fields = build_hidden_fields(array('i' => 'main', 'post_id_list' => $post_id_list, 'f' => $forum_id, 'mode' => 'topic_view', 'start' => $start, 'action' => $action, 't' => $topic_id, 'redirect' => $redirect, 'subject' => $subject, 'to_forum_id' => $to_forum_id, 'icon' => request_var('icon', 0)));
    $success_msg = $return_link = '';
    if (confirm_box(true)) {
        if ($action == 'split_beyond') {
            $sort_days = $total = 0;
            $sort_key = $sort_dir = '';
            $sort_by_sql = $sort_order_sql = array();
            mcp_sorting('viewtopic', $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
            $limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . (time() - $sort_days * 86400) : '';
            if ($sort_order_sql[0] == 'u') {
                $sql = 'SELECT p.post_id, p.forum_id, p.post_approved
					FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u\n\t\t\t\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t\t\t\tAND p.poster_id = u.user_id\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
            } else {
                $sql = 'SELECT p.post_id, p.forum_id, p.post_approved
					FROM ' . POSTS_TABLE . " p\n\t\t\t\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
            }
            $result = $db->sql_query_limit($sql, 0, $start);
            $store = false;
            $post_id_list = array();
            while ($row = $db->sql_fetchrow($result)) {
                // If split from selected post (split_beyond), we split the unapproved items too.
                if (!$row['post_approved'] && !$auth->acl_get('m_approve', $row['forum_id'])) {
                    //					continue;
                }
                // Start to store post_ids as soon as we see the first post that was selected
                if ($row['post_id'] == $post_id) {
                    $store = true;
                }
                if ($store) {
                    $post_id_list[] = $row['post_id'];
                }
            }
            $db->sql_freeresult($result);
        }
        if (!sizeof($post_id_list)) {
            trigger_error('NO_POST_SELECTED');
        }
        $icon_id = request_var('icon', 0);
        $sql_ary = array('forum_id' => $to_forum_id, 'topic_title' => $subject, 'icon_id' => $icon_id, 'topic_approved' => 1);
        $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
        $db->sql_query($sql);
        $to_topic_id = $db->sql_nextid();
        move_posts($post_id_list, $to_topic_id);
        $topic_info = get_topic_data(array($topic_id));
        $topic_info = $topic_info[$topic_id];
        add_log('mod', $to_forum_id, $to_topic_id, 'LOG_SPLIT_DESTINATION', $subject);
        add_log('mod', $forum_id, $topic_id, 'LOG_SPLIT_SOURCE', $topic_info['topic_title']);
        // Change topic title of first post
        $sql = 'UPDATE ' . POSTS_TABLE . "\n\t\t\tSET post_subject = '" . $db->sql_escape($subject) . "'\n\t\t\tWHERE post_id = {$post_id_list[0]}";
        $db->sql_query($sql);
        $success_msg = 'TOPIC_SPLIT_SUCCESS';
        // Update forum statistics
        set_config_count('num_topics', 1, true);
        // Link back to both topics
        $return_link = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']) . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_NEW_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $to_forum_id . '&amp;t=' . $to_topic_id) . '">', '</a>');
    } else {
        confirm_box(false, $action == 'split_all' ? 'SPLIT_TOPIC_ALL' : 'SPLIT_TOPIC_BEYOND', $s_hidden_fields);
    }
    $redirect = request_var('redirect', "index.{$phpEx}");
    $redirect = reapply_sid($redirect);
    if (!$success_msg) {
        return;
    } else {
        meta_refresh(3, append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", "f={$to_forum_id}&amp;t={$to_topic_id}"));
        trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_link);
    }
}
Esempio n. 6
0
/**
 * PAM: Confirm the HMAC signature
 *
 * @return true if success - otherwise throws exception
 *
 * @throws SecurityException
 * @since 1.7.0
 * @access private
 */
function api_auth_hmac()
{
    global $CONFIG;
    // Get api header
    $api_header = get_and_validate_api_headers();
    // Pull API user details
    $api_user = get_api_user($CONFIG->site_id, $api_header->api_key);
    if (!$api_user) {
        throw new SecurityException(elgg_echo('SecurityException:InvalidAPIKey'), ErrorResult::$RESULT_FAIL_APIKEY_INVALID);
    }
    // Get the secret key
    $secret_key = $api_user->secret;
    // get the query string
    $query = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1);
    // calculate expected HMAC
    $hmac = calculate_hmac($api_header->hmac_algo, $api_header->time, $api_header->nonce, $api_header->api_key, $secret_key, $query, $api_header->method == 'POST' ? $api_header->posthash : "");
    if ($api_header->hmac !== $hmac) {
        throw new SecurityException("HMAC is invalid.  {$api_header->hmac} != [calc]{$hmac}");
    }
    // Now make sure this is not a replay
    if (cache_hmac_check_replay($hmac)) {
        throw new SecurityException(elgg_echo('SecurityException:DupePacket'));
    }
    // Validate post data
    if ($api_header->method == "POST") {
        $postdata = get_post_data();
        $calculated_posthash = calculate_posthash($postdata, $api_header->posthash_algo);
        if (strcmp($api_header->posthash, $calculated_posthash) != 0) {
            $msg = elgg_echo('SecurityException:InvalidPostHash', array($calculated_posthash, $api_header->posthash));
            throw new SecurityException($msg);
        }
    }
    return true;
}
Esempio n. 7
0
                 $comments[] .= $c_line;
             }
         }
     }
 }
 $c_trash = 0;
 if (!empty($comments)) {
     $comments = mn_natcasesort($comments);
     $comments = array_reverse($comments);
     $comments_result = '';
     $c_count = 0;
     $c_authors = array();
     $c_ips = array();
     foreach ($comments as $comments_line) {
         $var = get_values('comments', $comments_line, false);
         $post = get_post_data($var['post_id']);
         $comments_timestamps[$var['timestamp']] = date('Y-m', $var['timestamp']);
         if (isset($var['author_id']) && !empty($var['author_id'])) {
             $c_authors[] = $var['author_id'];
         }
         if (isset($var['ip_address']) && !empty($var['ip_address'])) {
             $c_ips[] = $var['ip_address'];
         }
         if (isset($var['status']) && $var['status'] == 0) {
             $c_trash++;
         }
         $posts[$post['id']] = $post['title'];
         if (!isset($_GET['trash']) && $var['status'] == 0) {
             continue;
         }
         if (isset($_GET['trash']) && $var['status'] != 0) {
Esempio n. 8
0
    function main($id, $mode)
    {
        global $auth, $db, $user, $template;
        global $config, $phpbb_root_path, $phpEx, $action;
        include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
        $forum_id = request_var('f', 0);
        $start = request_var('start', 0);
        $this->page_title = 'MCP_QUEUE';
        switch ($action) {
            case 'approve':
            case 'disapprove':
                include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
                $post_id_list = request_var('post_id_list', array(0));
                if (!sizeof($post_id_list)) {
                    trigger_error('NO_POST_SELECTED');
                }
                if ($action == 'approve') {
                    approve_post($post_id_list, $mode);
                } else {
                    disapprove_post($post_id_list, $mode);
                }
                break;
        }
        switch ($mode) {
            case 'approve_details':
                $user->add_lang('posting');
                $post_id = request_var('p', 0);
                $topic_id = request_var('t', 0);
                if ($topic_id) {
                    $topic_info = get_topic_data(array($topic_id), 'm_approve');
                    if (isset($topic_info[$topic_id]['topic_first_post_id'])) {
                        $post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
                    } else {
                        $topic_id = 0;
                    }
                }
                $post_info = get_post_data(array($post_id), 'm_approve');
                if (!sizeof($post_info)) {
                    trigger_error('NO_POST_SELECTED');
                }
                $post_info = $post_info[$post_id];
                if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) {
                    $template->assign_vars(array('S_TOPIC_REVIEW' => true, 'TOPIC_TITLE' => $post_info['topic_title']));
                }
                // Set some vars
                if ($post_info['user_id'] == ANONYMOUS) {
                    $poster = $post_info['post_username'] ? $post_info['post_username'] : $user->lang['GUEST'];
                }
                $poster = $post_info['user_colour'] ? '<span style="color:#' . $post_info['user_colour'] . '">' . $post_info['username'] . '</span>' : $post_info['username'];
                // Process message, leave it uncensored
                $message = $post_info['post_text'];
                if ($post_info['bbcode_bitfield']) {
                    include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
                    $bbcode = new bbcode($post_info['bbcode_bitfield']);
                    $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
                }
                $message = smiley_text($message);
                $template->assign_vars(array('S_MCP_QUEUE' => true, 'S_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&amp;p={$post_id}&amp;f={$forum_id}"), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => !$post_info['post_approved'], 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_NOTES' => true, 'U_EDIT' => $auth->acl_get('m_edit', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}posting.{$phpEx}", "mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '', 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']), 'U_MCP_WARN_USER' => $auth->acl_getf_global('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '', 'U_VIEW_PROFILE' => $post_info['user_id'] != ANONYMOUS ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=viewprofile&amp;u=' . $post_info['user_id']) : '', 'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue' . ($topic_id ? '&amp;mode=unapproved_topics' : '&amp;mode=unapproved_posts')) . "&amp;start={$start}\">", '</a>'), 'REPORTED_IMG' => $user->img('icon_reported', $user->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $user->img('icon_unapproved', $user->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $user->img('btn_edit', $user->lang['EDIT_POST']), 'POSTER_NAME' => $poster, 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'], 'POST_DATE' => $user->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => @gethostbyaddr($post_info['poster_ip']), 'POST_ID' => $post_info['post_id']));
                $this->tpl_name = 'mcp_post';
                break;
            case 'unapproved_topics':
            case 'unapproved_posts':
                $topic_id = request_var('t', 0);
                $forum_info = array();
                if ($topic_id) {
                    $topic_info = get_topic_data(array($topic_id));
                    if (!sizeof($topic_info)) {
                        trigger_error($user->lang['TOPIC_NOT_EXIST']);
                    }
                    $topic_info = $topic_info[$topic_id];
                    $forum_id = $topic_info['forum_id'];
                }
                $forum_list_approve = get_forum_list('m_approve', false, true);
                if (!$forum_id) {
                    $forum_list = array();
                    foreach ($forum_list_approve as $row) {
                        $forum_list[] = $row['forum_id'];
                    }
                    if (!($forum_list = implode(', ', $forum_list))) {
                        trigger_error('NOT_MODERATOR');
                    }
                    $sql = 'SELECT SUM(forum_topics) as sum_forum_topics
						FROM ' . FORUMS_TABLE . "\n\t\t\t\t\t\tWHERE forum_id IN (0, {$forum_list})";
                    $result = $db->sql_query($sql);
                    $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
                    $db->sql_freeresult($result);
                    $global_id = $forum_list[0];
                } else {
                    $forum_info = get_forum_data(array($forum_id), 'm_approve');
                    if (!sizeof($forum_info)) {
                        trigger_error('NOT_MODERATOR');
                    }
                    $forum_info = $forum_info[$forum_id];
                    $forum_list = $forum_id;
                    $global_id = $forum_id;
                }
                $forum_options = '<option value="0"' . ($forum_id == 0 ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
                foreach ($forum_list_approve as $row) {
                    $forum_options .= '<option value="' . $row['forum_id'] . '"' . ($forum_id == $row['forum_id'] ? ' selected="selected"' : '') . '>' . $row['forum_name'] . '</option>';
                }
                $sort_days = $total = 0;
                $sort_key = $sort_dir = '';
                $sort_by_sql = $sort_order_sql = array();
                mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
                $forum_topics = $total == -1 ? $forum_info['forum_topics'] : $total;
                $limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . (time() - $sort_days * 86400) : '';
                $forum_names = array();
                if ($mode == 'unapproved_posts') {
                    $sql = 'SELECT p.post_id
						FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . "\n\t\t\t\t\t\tWHERE p.forum_id IN (0, {$forum_list})\n\t\t\t\t\t\t\tAND p.post_approved = 0\n\t\t\t\t\t\t\t" . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.poster_id' : '') . '
							' . ($topic_id ? 'AND p.topic_id = ' . $topic_id : '') . "\n\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\tAND t.topic_first_post_id <> p.post_id\n\t\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
                    $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
                    $i = 0;
                    $post_ids = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        $post_ids[] = $row['post_id'];
                        $row_num[$row['post_id']] = $i++;
                    }
                    $db->sql_freeresult($result);
                    if (sizeof($post_ids)) {
                        $sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_username, p.poster_id, p.post_time, u.username
							FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u\n\t\t\t\t\t\t\tWHERE p.post_id IN (" . implode(', ', $post_ids) . ")\n\t\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\t\tAND u.user_id = p.poster_id";
                        $result = $db->sql_query($sql);
                        $post_data = $rowset = array();
                        while ($row = $db->sql_fetchrow($result)) {
                            if ($row['forum_id']) {
                                $forum_names[] = $row['forum_id'];
                            }
                            $post_data[$row['post_id']] = $row;
                        }
                        $db->sql_freeresult($result);
                        foreach ($post_ids as $post_id) {
                            $rowset[] = $post_data[$post_id];
                        }
                        unset($post_data, $post_ids);
                    } else {
                        $rowset = array();
                    }
                } else {
                    $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username
						FROM ' . TOPICS_TABLE . " t\n\t\t\t\t\t\tWHERE topic_approved = 0\n\t\t\t\t\t\t\tAND forum_id IN (0, {$forum_list})\n\t\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
                    $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
                    $rowset = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        if ($row['forum_id']) {
                            $forum_names[] = $row['forum_id'];
                        }
                        $rowset[] = $row;
                    }
                    $db->sql_freeresult($result);
                }
                if (sizeof($forum_names)) {
                    // Select the names for the forum_ids
                    $sql = 'SELECT forum_id, forum_name
						FROM ' . FORUMS_TABLE . '
						WHERE forum_id IN (' . implode(',', $forum_names) . ')';
                    $result = $db->sql_query($sql, 3600);
                    $forum_names = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        $forum_names[$row['forum_id']] = $row['forum_name'];
                    }
                    $db->sql_freeresult($result);
                }
                foreach ($rowset as $row) {
                    if ($row['poster_id'] == ANONYMOUS) {
                        $poster = !empty($row['post_username']) ? $row['post_username'] : $user->lang['GUEST'];
                    } else {
                        $poster = $row['username'];
                    }
                    $global_topic = $row['forum_id'] ? false : true;
                    if ($global_topic) {
                        $row['forum_id'] = $global_id;
                    }
                    $template->assign_block_vars('postrow', array('U_VIEWFORUM' => !$global_topic ? append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']) : '', 'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . ($mode == 'unapproved_posts' ? '#p' . $row['post_id'] : ''), 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=queue&amp;start={$start}&amp;mode=approve_details&amp;f={$row['forum_id']}&amp;p={$row['post_id']}" . ($mode == 'unapproved_topics' ? "&amp;t={$row['topic_id']}" : '')), 'U_VIEWPROFILE' => $row['poster_id'] != ANONYMOUS ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=viewprofile&amp;u=' . $row['poster_id']) : '', 'POST_ID' => $row['post_id'], 'FORUM_NAME' => !$global_topic ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'TOPIC_TITLE' => $row['topic_title'], 'POSTER' => $poster, 'POST_TIME' => $user->format_date($row['post_time'])));
                }
                unset($rowset, $forum_names);
                // Now display the page
                $template->assign_vars(array('L_DISPLAY_ITEMS' => $mode == 'unapproved_posts' ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'], 'L_EXPLAIN' => $mode == 'unapproved_posts' ? $user->lang['MCP_QUEUE_UNAPPROVED_POSTS_EXPLAIN'] : $user->lang['MCP_QUEUE_UNAPPROVED_TOPICS_EXPLAIN'], 'L_TITLE' => $mode == 'unapproved_posts' ? $user->lang['MCP_QUEUE_UNAPPROVED_POSTS'] : $user->lang['MCP_QUEUE_UNAPPROVED_TOPICS'], 'L_ONLY_TOPIC' => $topic_id ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '', 'S_FORUM_OPTIONS' => $forum_options, 'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')), 'PAGINATION' => generate_pagination($this->u_action . "&amp;f={$forum_id}", $total, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start), 'TOPIC_ID' => $topic_id, 'TOTAL' => $total));
                $this->tpl_name = 'mcp_queue';
                break;
        }
    }
Esempio n. 9
0
     echo '<form action="?action=search" method="post"><p><input name="search" type="text" value="' . $post_data['search'] . '"/></p><p><input type="submit" value="搜索" /></p></form>';
     if ($_POST) {
         $search_query = mysql_query('select * from `music_list` where `name` like \'%' . $post_data['search'] . '%\' or `singer` like \'%' . $post_data['search'] . '%\' or `url` like \'%' . $post_data['search'] . '%\'');
         if (mysql_num_rows($search_query) > 0) {
             echo '<ol>';
             while (($value = mysql_fetch_array($search_query)) !== false) {
                 echo '<li>' . $value['name'] . ' - ' . $value['singer'] . '&nbsp;<a href="' . $_SERVER['PHP_SELF'] . '?action=edit&id=' . $value['id'] . '">编辑</a>&nbsp;<a href="' . $_SERVER['PHP_SELF'] . '?action=del&id=' . $value['id'] . '">删除</a></li>';
             }
             echo '</ol><a href="' . $_SERVER['PHP_SELF'] . '">返回首页</a>';
         } else {
             echo '<p>无搜索结果</p>';
         }
     }
 } elseif ($_GET['action'] == 'add') {
     if ($_POST) {
         $post_data = get_post_data();
         $insert_query = mysql_query('insert into `music_list`(`name`,`url`,`singer`,`lrc`,`lrc_data`) values(\'' . $post_data['name'] . '\',\'' . $post_data['url'] . '\',\'' . $post_data['singer'] . '\',\'' . $post_data['lrc'] . '\',\'' . $post_data['lrc_data'] . '\')');
         if ($insert_query) {
             msg('数据插入成功');
         } else {
             msg('数据插入失败<br />' . mysql_errno() . ' ' . mysql_error());
         }
     } else {
         echo '<form action="" method="post"><p><label>歌&nbsp;&nbsp;&nbsp;&nbsp;名:<input type="text" name="name" /></p><p><label>歌&nbsp;&nbsp;&nbsp;&nbsp;手:<input type="text" name="singer" /></p><p><label>下载地址:<input type="text" name="url" value="http://" /></p><p><a href="http://tool.liujiantao.me/upload/" target="_blank">歌曲上传</a></p><p>显示 lrc 歌词: <label><input type="radio" name="lrc" value="1" />是</label>&nbsp;&nbsp;<label><input type="radio" name="lrc" value="0" checked="checked" />否</label></p><p>lrc 歌词(可选):<br /><textarea name="lrc_data">' . htmlspecialchars($select_query['lrc_data']) . '</textarea></p><p><input type="submit" name="submit" value="确定" /><a href="' . $_SERVER['PHP_SELF'] . '">取消</a></p></form>';
     }
 } else {
     echo '<form action="?action=search" method="post"><p><input name="search" type="text" /></p><p><input type="submit" value="搜索" /></p></form>';
     $all_list = get_music();
     echo '<ol>';
     foreach ($all_list as $value) {
         echo '<li>' . $value['name'] . ' - ' . $value['singer'] . '&nbsp;<a href="' . $_SERVER['PHP_SELF'] . '?action=edit&id=' . $value['id'] . '">编辑</a>&nbsp;<a href="' . $_SERVER['PHP_SELF'] . '?action=del&id=' . $value['id'] . '">删除</a></li>';
Esempio n. 10
0
function m_get_report_post_func()
{
    global $template, $auth, $user;
    $posts = array();
    foreach ($template->_tpldata['postrow'] as $postinfo) {
        $posts[] = $postinfo['POST_ID'];
    }
    $posts = get_post_data($posts);
    $post_list = array();
    foreach ($template->_tpldata['postrow'] as $postinfo) {
        $post = $posts[$postinfo['POST_ID']];
        if (empty($post['forum_id'])) {
            $user->setup('viewforum');
            $post['forum_id'] = 0;
            $post['forum_name'] = $user->lang['ANNOUNCEMENTS'];
        }
        $post_list[] = new xmlrpcval(array('forum_id' => new xmlrpcval($post['forum_id']), 'forum_name' => new xmlrpcval(basic_clean($post['forum_name']), 'base64'), 'topic_id' => new xmlrpcval($post['topic_id']), 'topic_title' => new xmlrpcval(basic_clean($post['topic_title']), 'base64'), 'post_id' => new xmlrpcval($post['post_id']), 'post_title' => new xmlrpcval(basic_clean($post['post_subject']), 'base64'), 'post_author_name' => new xmlrpcval(basic_clean($post['username']), 'base64'), 'icon_url' => new xmlrpcval(get_user_avatar_url($post['user_avatar'], $post['user_avatar_type'])), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($post['post_time']), 'dateTime.iso8601'), 'short_content' => new xmlrpcval(process_short_content($post['post_text']), 'base64'), 'can_delete' => new xmlrpcval($auth->acl_get('m_delete', $forum_id), 'boolean')), 'struct');
    }
    $response = new xmlrpcval(array('total_report_num' => new xmlrpcval($template->_rootref['TOTAL'], 'int'), 'reports' => new xmlrpcval($post_list, 'array')), 'struct');
    return new xmlrpcresp($response);
}
Esempio n. 11
0
/**
* Disapprove Post/Topic
*/
function disapprove_post($post_id_list, $mode)
{
    global $_CLASS, $_CORE_CONFIG, $config;
    $forum_id = request_var('f', 0);
    if (!check_ids($post_id_list, FORUMS_POSTS_TABLE, 'post_id', 'm_approve')) {
        trigger_error('NOT_AUTHORIZED');
    }
    $redirect = request_var('redirect', $_CLASS['core_user']->data['session_page']);
    $reason = request_var('reason', '', true);
    $reason_id = request_var('reason_id', 0);
    $success_msg = $additional_msg = '';
    $s_hidden_fields = build_hidden_fields(array('i' => 'queue', 'f' => $forum_id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'mode' => 'disapprove', 'redirect' => $redirect));
    $notify_poster = isset($_REQUEST['notify_poster']);
    $disapprove_reason = '';
    if ($reason_id) {
        $sql = 'SELECT reason_title, reason_description
			FROM ' . FORUMS_REPORTS_REASONS_TABLE . " \n\t\t\tWHERE reason_id = {$reason_id}";
        $result = $_CLASS['core_db']->query($sql);
        $row = $_CLASS['core_db']->fetch_row_assoc($result);
        $_CLASS['core_db']->free_result($result);
        if (!$row || !$reason && $row['reason_name'] === 'other') {
            $additional_msg = $_CLASS['core_user']->lang['NO_REASON_DISAPPROVAL'];
            unset($_POST['confirm']);
        } else {
            $disapprove_reason = $row['reason_title'] != 'other' ? isset($_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : '';
            $disapprove_reason .= $reason ? "\n\n" . $reason : '';
            unset($reason);
        }
    }
    require_once SITE_FILE_ROOT . 'includes/forums/functions_display.php';
    $reason = display_reasons($reason_id);
    $_CLASS['core_template']->assign_array(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => false, 'REASON' => $reason, 'ADDITIONAL_MSG' => $additional_msg));
    if (display_confirmation($_CLASS['core_user']->get_lang('DISAPPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S')), $s_hidden_fields, 'modules/forums/mcp_approve.html')) {
        $post_info = get_post_data($post_id_list, 'm_approve');
        // If Topic -> forum_topics_real -= 1
        // If Post -> topic_replies_real -= 1
        $forum_topics_real = 0;
        $topic_replies_real_sql = $post_disapprove_sql = $topic_id_list = array();
        foreach ($post_info as $post_id => $post_data) {
            $topic_id_list[$post_data['topic_id']] = 1;
            // Topic or Post. ;)
            if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_last_post_id'] == $post_id) {
                if ($post_data['forum_id']) {
                    $forum_topics_real++;
                }
            } else {
                if (!isset($topic_replies_real_sql[$post_data['topic_id']])) {
                    $topic_replies_real_sql[$post_data['topic_id']] = 1;
                } else {
                    $topic_replies_real_sql[$post_data['topic_id']]++;
                }
            }
            $post_disapprove_sql[] = $post_id;
        }
        if ($forum_topics_real) {
            $sql = 'UPDATE ' . FORUMS_FORUMS_TABLE . "\n\t\t\t\tSET forum_topics_real = forum_topics_real - {$forum_topics_real}\n\t\t\t\tWHERE forum_id = {$forum_id}";
            $_CLASS['core_db']->query($sql);
        }
        if (!empty($topic_replies_real_sql)) {
            foreach ($topic_replies_real_sql as $topic_id => $num_replies) {
                $sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies_real = topic_replies_real - {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}";
                $_CLASS['core_db']->query($sql);
            }
        }
        if (sizeof($post_disapprove_sql)) {
            if (!function_exists('delete_posts')) {
                require_once SITE_FILE_ROOT . 'includes/forums/functions_admin.php';
            }
            // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
            delete_posts('post_id', $post_disapprove_sql);
        }
        unset($post_disapprove_sql, $topic_replies_real_sql);
        update_post_information('topic', array_keys($topic_id_list));
        update_post_information('forum', $forum_id);
        unset($topic_id_list);
        // Notify Poster?
        if ($notify_poster) {
            require_once SITE_FILE_ROOT . 'includes/mailer.php';
            $mailer = new core_mailer();
            foreach ($post_info as $post_id => $post_data) {
                if ($post_data['poster_id'] == ANONYMOUS) {
                    continue;
                }
                $post_data['post_subject'] = censor_text($post_data['post_subject'], true);
                $post_data['topic_title'] = censor_text($post_data['topic_title'], true);
                if ($post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id']) {
                    $email_template = 'topic_disapproved.txt';
                    $subject = 'Topic Disapproved - ' . $post_data['topic_title'];
                } else {
                    $email_template = 'post_disapproved.txt';
                    $subject = 'Post Disapproved - ' . $post_data['post_subject'];
                }
                $mailer->to($post_data['user_email'], $post_data['username']);
                //$mailer->reply_to($_CORE_CONFIG['email']['site_email']);
                $mailer->subject($subject);
                //$messenger->im($post_data['user_jabber'], $post_data['username']);
                $_CLASS['core_template']->assign_array(array('SITENAME' => $_CORE_CONFIG['global']['site_name'], 'USERNAME' => $post_data['username'], 'REASON' => stripslashes($disapprove_reason), 'POST_SUBJECT' => $post_data['post_subject'], 'TOPIC_TITLE' => $post_data['topic_title']));
                $mailer->message = trim($_CLASS['core_template']->display('email/forums/' . $email_template, true));
                $mailer->send();
            }
        }
        unset($post_info, $disapprove_reason);
        if ($forum_topics_real) {
            $success_msg = $forum_topics_real == 1 ? 'TOPIC_DISAPPROVED_SUCCESS' : 'TOPICS_DISAPPROVED_SUCCESS';
        } else {
            $success_msg = sizeof($post_id_list) == 1 ? 'POST_DISAPPROVED_SUCCESS' : 'POSTS_DISAPPROVED_SUCCESS';
        }
    }
    $redirect = request_var('redirect', generate_link('forums'));
    if (!$success_msg) {
        redirect($redirect);
    } else {
        $_CLASS['core_display']->meta_refresh(3, generate_link("forums&amp;file=viewforum&amp;f={$forum_id}"));
        trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('forums&amp;file=viewforum&amp;f=' . $forum_id) . '">', '</a>'));
    }
}
Esempio n. 12
0
function mcp_delete_post($post_ids)
{
    global $_CLASS;
    if (!check_ids($post_ids, FORUMS_POSTS_TABLE, 'post_id', 'm_delete')) {
        return;
    }
    $redirect = get_variable('redirect', 'POST', $_CLASS['core_user']->data['session_url']);
    $hidden_fields = generate_hidden_fields(array('post_id_list' => $post_ids, 'mode' => 'delete_post', 'redirect' => $redirect));
    $success_msg = '';
    $message = $_CLASS['core_user']->get_lang(count($post_ids) === 1 ? 'DELETE_POST' : 'DELETE_POSTS');
    if (display_confirmation($message, $hidden_fields)) {
        // Count the number of topics that are affected
        // I did not use COUNT(DISTINCT ...) because I remember having problems
        // with it on older versions of MySQL -- Ashe
        $sql = 'SELECT DISTINCT topic_id
			FROM ' . FORUMS_POSTS_TABLE . '
			WHERE post_id IN (' . implode(', ', $post_ids) . ')';
        $result = $_CLASS['core_db']->query($sql);
        $topic_id_list = array();
        while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
            $topic_id_list[] = $row['topic_id'];
        }
        $_CLASS['core_db']->free_result($result);
        $affected_topics = count($topic_id_list);
        $post_data = get_post_data($post_ids);
        foreach ($post_data as $id => $row) {
            add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_DELETE_POST', $row['post_subject']);
        }
        unset($post_data);
        // Now delete the posts, topics and forums are automatically resync'ed
        delete_posts('post_id', $post_ids);
        $sql = 'SELECT COUNT(topic_id) AS topics_left
			FROM ' . FORUMS_TOPICS_TABLE . '
			WHERE topic_id IN (' . implode(', ', $topic_id_list) . ')';
        $result = $_CLASS['core_db']->query($sql);
        $row = $_CLASS['core_db']->fetch_row_assoc($result);
        $_CLASS['core_db']->free_result($result);
        $deleted_topics = $row['topics_left'] ? $affected_topics - $row['topics_left'] : $affected_topics;
        $topic_id = request_var('t', 0);
        // Return links
        $return_link = array();
        if ($affected_topics === 1 && !$deleted_topics && $topic_id) {
            $return_link[] = sprintf($_CLASS['core_user']->lang['RETURN_TOPIC'], '<a href="' . generate_link("forums&amp;file=viewtopic&amp;f={$forum_id}&amp;t={$topic_id}") . '">', '</a>');
        }
        $return_link[] = sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('forums&amp;file=viewforum&amp;f=' . $forum_id) . '">', '</a>');
        if (count($post_ids) === 1) {
            if ($deleted_topics) {
                // We deleted the only post of a topic, which in turn has
                // been removed from the database
                $success_msg = $_CLASS['core_user']->lang['TOPIC_DELETED_SUCCESS'];
            } else {
                $success_msg = $_CLASS['core_user']->lang['POST_DELETED_SUCCESS'];
            }
        } else {
            if ($deleted_topics) {
                // Some of topics disappeared
                $success_msg = $_CLASS['core_user']->lang['POSTS_DELETED_SUCCESS'] . '<br /><br />' . $_CLASS['core_user']->lang['EMPTY_TOPICS_REMOVED_WARNING'];
            } else {
                $success_msg = $_CLASS['core_user']->lang['POSTS_DELETED_SUCCESS'];
            }
        }
    }
    $redirect = generate_link('forums');
    if (!$success_msg) {
        redirect($redirect);
    } else {
        $_CLASS['core_display']->meta_refresh(3, $redirect);
        trigger_error($success_msg . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>') . '<br /><br />' . implode('<br /><br />', $return_link));
    }
}
Esempio n. 13
0
function mcp_post_details($id, $mode, $action, $url)
{
    global $config, $_CLASS;
    $_CLASS['core_user']->add_lang('posting');
    $_CLASS['core_template']->assign(array('L_POST_DETAILS' => $_CLASS['core_user']->lang['POST_DETAILS'], 'L_POST_SUBJECT' => $_CLASS['core_user']->lang['POST_SUBJECT'], 'L_POSTER' => $_CLASS['core_user']->lang['POSTER'], 'L_READ_PROFILE' => $_CLASS['core_user']->lang['READ_PROFILE'], 'L_READ_USERNOTES' => $_CLASS['core_user']->lang['READ_USERNOTES'], 'L_READ_WARNINGS' => $_CLASS['core_user']->lang['READ_WARNINGS'], 'L_THIS_POST_IP' => $_CLASS['core_user']->lang['THIS_POST_IP'], 'L_POSTED' => $_CLASS['core_user']->lang['POSTED'], 'L_PREVIEW' => $_CLASS['core_user']->lang['PREVIEW'], 'L_APPROVE' => $_CLASS['core_user']->lang['APPROVE'], 'L_DISAPPROVE' => $_CLASS['core_user']->lang['DISAPPROVE'], 'L_REPORTS' => $_CLASS['core_user']->lang['REPORTS'], 'L_ADD_FEEDBACK' => $_CLASS['core_user']->lang['ADD_FEEDBACK'], 'L_FEEDBACK' => $_CLASS['core_user']->lang['FEEDBACK'], 'L_DELETE_MARKED' => $_CLASS['core_user']->lang['DELETE_MARKED'], 'L_DELETE_ALL' => $_CLASS['core_user']->lang['DELETE_ALL'], 'L_REPORTER' => $_CLASS['core_user']->lang['REPORTER'], 'L_MORE_INFO' => $_CLASS['core_user']->lang['MORE_INFO'], 'L_MOD_OPTIONS' => $_CLASS['core_user']->lang['MOD_OPTIONS'], 'L_CHANGE_POSTER' => $_CLASS['core_user']->lang['CHANGE_POSTER'], 'L_CONFIRM' => $_CLASS['core_user']->lang['CONFIRM'], 'L_SEARCH' => $_CLASS['core_user']->lang['SEARCH'], 'L_MOD_OPTIONS' => $_CLASS['core_user']->lang['MOD_OPTIONS'], 'L_UNLOCK_POST' => $_CLASS['core_user']->lang['UNLOCK_POST'], 'L_UNLOCK_POST_EXPLAIN' => $_CLASS['core_user']->lang['UNLOCK_POST_EXPLAIN'], 'L_LOCK_POST' => $_CLASS['core_user']->lang['LOCK_POST'], 'L_LOCK_POST_EXPLAIN' => $_CLASS['core_user']->lang['LOCK_POST_EXPLAIN'], 'L_DELETE_POST' => $_CLASS['core_user']->lang['DELETE_POST'], 'L_SUBMIT' => $_CLASS['core_user']->lang['SUBMIT'], 'L_IP_INFO' => $_CLASS['core_user']->lang['IP_INFO'], 'L_OTHER_USERS' => $_CLASS['core_user']->lang['OTHER_USERS'], 'L_NO_MATCHES_FOUND' => $_CLASS['core_user']->lang['NO_MATCHES_FOUND'], 'L_OTHER_IPS' => $_CLASS['core_user']->lang['OTHER_IPS'], 'L_LOOKUP_ALL' => $_CLASS['core_user']->lang['LOOKUP_ALL'], 'L_JUMP_TO' => $_CLASS['core_user']->lang['JUMP_TO'], 'L_GO' => $_CLASS['core_user']->lang['GO'], 'L_LOOKUP_IP' => $_CLASS['core_user']->lang['LOOKUP_IP']));
    $post_id = request_var('p', 0);
    $start = request_var('start', 0);
    // Get post data
    $post_info = get_post_data(array($post_id));
    if (!sizeof($post_info)) {
        trigger_error($_CLASS['core_user']->lang['POST_NOT_EXIST']);
    }
    $post_info = $post_info[$post_id];
    switch ($action) {
        case 'chgposter_search':
            $username = request_var('username', '');
            if ($username) {
                $users_ary = array();
                if (strpos($username, '*') === false) {
                    $username = "******";
                }
                $username = str_replace('*', '%', str_replace('%', '\\%', $username));
                $sql = 'SELECT user_id, username
					FROM ' . USERS_TABLE . "\r\n\t\t\t\t\tWHERE username LIKE '" . $_CLASS['core_db']->sql_escape($username) . "'\r\n\t\t\t\t\t\tAND user_type NOT IN (" . USER_INACTIVE . ', ' . USER_IGNORE . ')
						AND user_id <> ' . $post_info['user_id'];
                $result = $_CLASS['core_db']->sql_query($sql);
                while ($row = $_CLASS['core_db']->sql_fetchrow($result)) {
                    $users_ary[strtolower($row['username'])] = $row;
                }
                $user_select = '';
                ksort($users_ary);
                foreach ($users_ary as $row) {
                    $user_select .= '<option value="' . $row['user_id'] . '">' . $row['username'] . "</option>\n";
                }
            }
            if (!$user_select) {
                $_CLASS['core_template']->assign('MESSAGE', $_CLASS['core_user']->lang['NO_MATCHES_FOUND']);
            }
            $_CLASS['core_template']->assign(array('S_USER_SELECT' => $user_select, 'SEARCH_USERNAME' => request_var('username', '')));
            break;
        case 'chgposter':
            $new_user = request_var('u', 0);
            if ($new_user && $_CLASS['auth']->acl_get('m_', $post_info['forum_id']) && $new_user != $post_info['user_id']) {
                $sql = 'UPDATE ' . POSTS_TABLE . "\r\n\t\t\t\t\tSET poster_id = {$new_user}\r\n\t\t\t\t\tWHERE post_id = {$post_id}";
                $_CLASS['core_db']->sql_query($sql);
                if ($post_info['topic_last_post_id'] == $post_info['post_id'] || $post_info['forum_last_post_id'] == $post_info['post_id']) {
                    sync('topic', 'topic_id', $post_info['topic_id'], false, false);
                    sync('forum', 'forum_id', $post_info['forum_id'], false, false);
                }
                // Renew post info
                $post_info = get_post_data(array($post_id));
                if (!sizeof($post_info)) {
                    trigger_error($_CLASS['core_user']->lang['POST_NOT_EXIST']);
                }
                $post_info = $post_info[$post_id];
            }
            break;
        case 'del_marked':
        case 'del_all':
        case 'add_feedback':
            $deletemark = $action == 'del_marked' ? true : false;
            $deleteall = $action == 'del_all' ? true : false;
            $marked = request_var('marknote', 0);
            $usernote = request_var('usernote', '');
            if (($deletemark || $deleteall) && $_CLASS['auth']->acl_get('a_clearlogs')) {
                $where_sql = '';
                if ($deletemark && $marked) {
                    $sql_in = array();
                    foreach ($marked as $mark) {
                        $sql_in[] = $mark;
                    }
                    $where_sql = ' AND log_id IN (' . implode(', ', $sql_in) . ')';
                    unset($sql_in);
                }
                $sql = 'DELETE FROM ' . LOG_TABLE . '
					WHERE log_type = ' . LOG_USERS . " \r\n\t\t\t\t\t\t{$where_sql}";
                $_CLASS['core_db']->sql_query($sql);
                add_log('admin', 'LOG_USERS_CLEAR');
                $msg = $deletemark ? 'MARKED_DELETED' : 'ALL_DELETED';
                $redirect = generate_link("{$url}&amp;i={$id}&amp;mode=post_details");
                $_CLASS['core_display']->meta_refresh(2, $redirect);
                trigger_error($_CLASS['core_user']->lang[$msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
            }
            if ($usernote && $action == 'add_feedback') {
                add_log('admin', 'LOG_USER_FEEDBACK', $post_info['username']);
                add_log('user', $post_info['user_id'], 'LOG_USER_GENERAL', $usernote);
                $redirect = generate_link("{$url}&amp;i={$id}&amp;mode=post_details");
                $_CLASS['core_display']->meta_refresh(2, $redirect);
                trigger_error($_CLASS['core_user']->lang['USER_FEEDBACK_ADDED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
            }
            break;
        default:
    }
    // Set some vars
    $users_ary = array();
    $poster = $post_info['user_colour'] ? '<span style="color:#' . $post_info['user_colour'] . '">' . $post_info['username'] . '</span>' : $post_info['username'];
    // Process message, leave it uncensored
    $message = $post_info['post_text'];
    if ($post_info['bbcode_bitfield']) {
        global $site_file_root;
        require_once $site_file_root . 'includes/forums/bbcode.php';
        $bbcode = new bbcode($post_info['bbcode_bitfield']);
        $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
    }
    $message = smiley_text($message);
    $_CLASS['core_template']->assign(array('U_MCP_ACTION' => generate_link($url . '&amp;i=main&amp;quickmod=1'), 'U_POST_ACTION' => generate_link("{$url}&amp;i={$id}&amp;mode=post_details"), 'U_APPROVE_ACTION' => generate_link('Forums&amp;file=mcp&amp;i=queue&amp;p=' . $post_id), 'S_CAN_VIEWIP' => $_CLASS['auth']->acl_get('m_ip', $post_info['forum_id']), 'S_CAN_CHGPOSTER' => $_CLASS['auth']->acl_get('m_', $post_info['forum_id']), 'S_CAN_LOCK_POST' => $_CLASS['auth']->acl_get('m_lock', $post_info['forum_id']), 'S_CAN_DELETE_POST' => $_CLASS['auth']->acl_get('m_delete', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => !$post_info['post_approved'], 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_WARNINGS' => $post_info['user_warnings'] ? true : false, 'S_SHOW_USER_NOTES' => true, 'S_CLEAR_ALLOWED' => $_CLASS['auth']->acl_get('a_clearlogs') ? true : false, 'U_VIEW_PROFILE' => generate_link('Members_List&amp;mode=viewprofile&amp;u=' . $post_info['user_id']), 'U_EDIT' => $_CLASS['auth']->acl_get('m_edit', $post_info['forum_id']) ? generate_link("Forums&amp;file=posting&amp;mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '', 'RETURN_TOPIC' => sprintf($_CLASS['core_user']->lang['RETURN_TOPIC'], '<a href="' . generate_link("Forums&amp;file=viewtopic&amp;p={$post_id}#{$post_id}") . '">', '</a>'), 'RETURN_FORUM' => sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link("Forums&amp;file=viewforum&amp;f={$post_info['forum_id']}&amp;start={$start}") . '">', '</a>'), 'REPORTED_IMG' => $_CLASS['core_user']->img('icon_reported', $_CLASS['core_user']->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $_CLASS['core_user']->img('icon_unapproved', $_CLASS['core_user']->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $_CLASS['core_user']->img('btn_edit', $_CLASS['core_user']->lang['EDIT_POST']), 'POSTER_NAME' => $poster, 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'], 'POST_DATE' => $_CLASS['core_user']->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => @gethostbyaddr($post_info['poster_ip']), 'POST_ID' => $post_info['post_id']));
    // Get User Notes
    $log_data = array();
    $log_count = 0;
    view_log('user', $log_data, $log_count, $config['posts_per_page'], 0, 0, 0, $post_info['user_id']);
    if ($log_count) {
        $_CLASS['core_template']->assign('S_USER_NOTES', true);
        foreach ($log_data as $row) {
            $_CLASS['core_template']->assign_vars_array('usernotes', array('REPORT_BY' => $row['username'], 'REPORT_AT' => $_CLASS['core_user']->format_date($row['time']), 'ACTION' => $row['action'], 'ID' => $row['id']));
        }
    }
    // Get Reports
    if ($_CLASS['auth']->acl_get('m_', $post_info['forum_id'])) {
        $sql = 'SELECT r.*, re.*, u.user_id, u.username 
			FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REASONS_TABLE . " re\r\n\t\t\tWHERE r.post_id = {$post_id}\r\n\t\t\t\tAND r.reason_id = re.reason_id\r\n\t\t\t\tAND u.user_id = r.user_id\r\n\t\t\tORDER BY r.report_time DESC";
        $result = $_CLASS['core_db']->sql_query($sql);
        if ($row = $_CLASS['core_db']->sql_fetchrow($result)) {
            $_CLASS['core_template']->assign('S_SHOW_REPORTS', true);
            do {
                $_CLASS['core_template']->assign_vars_array('reports', array('REPORT_ID' => $row['report_id'], 'REASON_TITLE' => $_CLASS['core_user']->lang['report_reasons']['TITLE'][strtoupper($row['reason_name'])], 'REASON_DESC' => $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_name'])], 'REPORTER' => $row['user_id'] != ANONYMOUS ? $row['username'] : $_CLASS['core_user']->lang['GUEST'], 'U_REPORTER' => $row['user_id'] != ANONYMOUS ? generate_link('Members_List&amp;mode=viewprofile&amp;u=' . $row['user_id']) : '', 'USER_NOTIFY' => $row['user_notify'] ? true : false, 'REPORT_TIME' => $_CLASS['core_user']->format_date($row['report_time']), 'REPORT_TEXT' => str_replace("\n", '<br />', trim($row['report_text']))));
            } while ($row = $_CLASS['core_db']->sql_fetchrow($result));
        }
        $_CLASS['core_db']->sql_freeresult($result);
    }
    // Get IP
    if ($_CLASS['auth']->acl_get('m_ip', $post_info['forum_id'])) {
        $rdns_ip_num = request_var('rdns', '');
        if ($rdns_ip_num != 'all') {
            $_CLASS['core_template']->assign(array('U_LOOKUP_ALL' => generate_link($url . '&amp;i=main&amp;mode=post_details&amp;rdns=all')));
        }
        // Get other users who've posted under this IP
        $sql = 'SELECT u.user_id, u.username, COUNT(*) as postings
			FROM ' . USERS_TABLE . ' u, ' . POSTS_TABLE . " p\r\n\t\t\tWHERE p.poster_id = u.user_id\r\n\t\t\t\tAND p.poster_ip = '{$post_info['poster_ip']}'\r\n\t\t\t\tAND p.poster_id <> {$post_info['user_id']}\r\n\t\t\tGROUP BY u.user_id\r\n\t\t\tORDER BY postings DESC";
        $result = $_CLASS['core_db']->sql_query($sql);
        while ($row = $_CLASS['core_db']->sql_fetchrow($result)) {
            // Fill the user select list with users who have posted
            // under this IP
            if ($row['user_id'] != $post_info['poster_id']) {
                $users_ary[strtolower($row['username'])] = $row;
            }
            $_CLASS['core_template']->assign_vars_array('userrow', array('USERNAME' => $row['user_id'] == ANONYMOUS ? $_CLASS['core_user']->lang['GUEST'] : $row['username'], 'NUM_POSTS' => $row['postings'], 'L_POST_S' => $row['postings'] == 1 ? $_CLASS['core_user']->lang['POST'] : $_CLASS['core_user']->lang['POSTS'], 'U_PROFILE' => $row['user_id'] == ANONYMOUS ? '' : generate_link('Members_List&amp;mode=viewprofile&amp;u=' . $row['user_id']), 'U_SEARCHPOSTS' => generate_link('Forums&amp;file=search&amp;search_author=' . urlencode($row['username']) . '&amp;showresults=topics')));
        }
        $_CLASS['core_db']->sql_freeresult($result);
        // Get other IP's this user has posted under
        $sql = 'SELECT poster_ip, COUNT(*) AS postings
			FROM ' . POSTS_TABLE . '
			WHERE poster_id = ' . $post_info['poster_id'] . '
			GROUP BY poster_ip
			ORDER BY postings DESC';
        $result = $_CLASS['core_db']->sql_query($sql);
        while ($row = $_CLASS['core_db']->sql_fetchrow($result)) {
            $hostname = ($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') && $row['poster_ip'] ? @gethostbyaddr($row['poster_ip']) : '';
            $_CLASS['core_template']->assign_vars_array('iprow', array('IP' => $row['poster_ip'], 'HOSTNAME' => $hostname, 'NUM_POSTS' => $row['postings'], 'L_POST_S' => $row['postings'] == 1 ? $_CLASS['core_user']->lang['POST'] : $_CLASS['core_user']->lang['POSTS'], 'U_LOOKUP_IP' => $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all' ? '' : generate_link("{$url}&amp;i={$id}&amp;mode=post_details&amp;rdns={$row['poster_ip']}#ip"), 'U_WHOIS' => generate_link("Forums&amp;file=mcp&amp;i={$id}&amp;mode=whois&amp;ip={$row['poster_ip']}")));
        }
        $_CLASS['core_db']->sql_freeresult($result);
        // If we were not searching for a specific username fill
        // the user_select box with users who have posted under
        // the same IP
        if ($action != 'chgposter_search') {
            $user_select = '';
            ksort($users_ary);
            foreach ($users_ary as $row) {
                $user_select .= '<option value="' . $row['user_id'] . '">' . $row['username'] . "</option>\n";
            }
            $_CLASS['core_template']->assign('S_USER_SELECT', $user_select);
        }
    }
}
Esempio n. 14
0
 if (isset($_GET['a']) && !empty($_GET['a']) && $temp_var['author'] != $_GET['a']) {
     continue;
 }
 if (isset($_GET['s']) && !empty($_GET['s']) && $temp_var['status'] != $_GET['s']) {
     continue;
 }
 if (isset($_GET['t']) && !empty($_GET['t']) && !in_array($_GET['t'], $temp_var['tags_array'])) {
     continue;
 }
 if (isset($_GET['q']) && strlen($_GET['q']) > 2 && !preg_match('/[!?\'$&\\/()=%*:;,.@\\"#~|_+{}<>]/i', $_GET['q'])) {
     $post_content = file_get_contents(MN_ROOT . $dir['posts'] . 'post_' . $temp_var['post_id'] . '.php');
     if (stripos($post_content, $_GET['q']) === false) {
         continue;
     }
 }
 $var = get_post_data($temp_var['post_id']);
 $approve_button = $auth == 1 && $var['status'] == 4 ? ' &middot; <form action="./mn-posts.php" method="post" id="approve_' . $var['id'] . '"><span class="simurl" onclick="$(\'form:#approve_' . $var['id'] . '\').submit();">' . $lang['uni_approve'] . '</span><input type="hidden" name="id" value="' . $var['id'] . '" /><input type="hidden" name="action" value="approve" /></form>' : '';
 $comments_count = get_comments_count($var['id']);
 $comments_s = $var['comments'] == 1 && $conf['comments'] ? '' : ' off';
 $comments = $comments_count > 0 ? '<!-- ' . $comments_count . ' --><a href="./mn-comments.php?p=' . $var['id'] . '" class="comment-link' . $comments_s . '">' . $comments_count . '</a>' : '<!-- 0 --><span class="trivial' . $comments_s . '">0</span>';
 $author = !empty($users[$var['author']]) ? $users[$var['author']] : '<!-- anonym --><span class="trivial">' . $lang['posts_author_anonym'] . '</span>';
 $status = $var['timestamp'] > mn_time() && ($var['status'] == 1 || $var['status'] == 2) ? '<span class="status_6">' . $lang['posts_future_post'] . '</span>' : '<span class="status_' . $var['status'] . '">' . $lang['posts_status_name_' . $var['status']] . '</span>';
 $datetime = $var['timestamp'] == 9999999999 || empty($var['timestamp']) ? '<span class="trivial">-</span>' : date('d.m.Y', $var['timestamp']) . '<br /><span class="trivial">' . date('H:i', $var['timestamp']) . '</span>';
 $var['title'] = mb_strlen($var['title']) > 38 ? '<span title="' . $var['title'] . '">' . mb_substr($var['title'], 0, 36, 'utf-8') . '&hellip;</span>' : $var['title'];
 if ($var['cat'] == '-1') {
     $category_name = '<!-- uncategorized --><span class="trivial">' . $lang['cats_uncategorized'] . '</span>';
 } elseif (empty($categories[$var['cat']])) {
     $category_name = '<!-- unknown --><span class="trivial">' . $lang['cats_unknown_category'] . '</span>';
 } else {
     $category_name = $categories[$var['cat']];
 }
Esempio n. 15
0
File: api.php Progetto: eokyere/elgg
/**
 * Secure authentication through headers and HMAC.
 */
function pam_auth_hmac($credentials = NULL)
{
    global $CONFIG;
    $api_header = get_and_validate_api_headers();
    // Get api header
    $api_user = get_api_user($CONFIG->site_id, $api_header->api_key);
    // Pull API user details
    if ($api_user) {
        // Get the secret key
        $secret_key = $api_user->secret;
        // Serialise parameters
        $encoded_params = array();
        foreach ($api_header->get_variables as $k => $v) {
            $encoded_params[] = urlencode($k) . '=' . urlencode($v);
        }
        $params = implode('&', $encoded_params);
        // Validate HMAC
        $hmac = calculate_hmac($api_header->hmac_algo, $api_header->time, $api_header->api_key, $secret_key, $params, $api_header->method == 'POST' ? $api_header->posthash : "");
        if (strcmp($api_header->hmac, $hmac) == 0 && $api_header->hmac && $hmac) {
            // Now make sure this is not a replay
            if (!cache_hmac_check_replay($hmac)) {
                // Validate post data
                if ($api_header->method == "POST") {
                    $postdata = get_post_data();
                    $calculated_posthash = calculate_posthash($postdata, $api_header->posthash_algo);
                    if (strcmp($api_header->posthash, $calculated_posthash) != 0) {
                        throw new SecurityException(sprintf(elgg_echo('SecurityException:InvalidPostHash'), $calculated_posthash, $api_header->posthash));
                    }
                }
                // If we've passed all the checks so far then we can be reasonably certain that the request is authentic, so return this fact to the PAM engine.
                return true;
            } else {
                throw new SecurityException(elgg_echo('SecurityException:DupePacket'));
            }
        } else {
            throw new SecurityException("HMAC is invalid.  {$api_header->hmac} != [calc]{$hmac} = {$api_header->hmac_algo}(**SECRET KEY**, time:{$api_header->time}, apikey:{$api_header->api_key}, get_vars:{$params}" . ($api_header->method == "POST" ? "posthash:{$api_header->posthash}}" : ")"));
        }
    } else {
        throw new SecurityException(elgg_echo('SecurityException:InvalidAPIKey'), ErrorResult::$RESULT_FAIL_APIKEY_INVALID);
    }
    return false;
}
Esempio n. 16
0
function split_topic($mode, $post_id_list, $topic_id, $to_forum_id, $subject)
{
    global $_CLASS;
    $start = request_var('start', 0);
    if (empty($post_id_list) || !check_ids($post_id_list, FORUMS_POSTS_TABLE, 'post_id', 'm_split')) {
        return false;
    }
    //$post_id = $post_id_list[0];
    $post_info = get_post_data($post_id_list);
    if (empty($post_info)) {
        return 'NO_POST_SELECTED';
    }
    $subject = trim($subject);
    if (!$subject) {
        return 'EMPTY_SUBJECT';
    }
    if ($to_forum_id <= 0) {
        return 'NO_DESTINATION_FORUM';
    }
    $forum_info = get_forum_data(array($to_forum_id), 'm_split');
    if (empty($forum_info)) {
        return 'NOT_MODERATOR_DESTINATION';
    }
    $forum_info = $forum_info[$to_forum_id];
    if ($forum_info['forum_type'] != FORUM_POST) {
        return 'DESTINATION_FORUM_NOT_POSTABLE';
    }
    $redirect = request_var('redirect', $_CLASS['core_user']->data['session_page']);
    $s_hidden_fields = build_hidden_fields(array('post_id_list' => $post_id_list, 'f' => $forum_id, 'mode' => 'topic_view', 'start' => $start, 'action' => $mode, 't' => $topic_id, 'redirect' => $redirect, 'subject' => $subject, 'to_forum_id' => $to_forum_id, 'icon' => request_var('icon', 0)));
    $success_msg = $return_link = '';
    if (confirm_box(true)) {
        //$post_info = $post_info[$post_id];
        if ($mode == 'split_beyond') {
            mcp_sorting('viewtopic', $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
            $limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . (time() - $sort_days * 86400) : '';
            if ($sort_order_sql[0] == 'u') {
                $sql = 'SELECT p.post_id, p.forum_id, p.post_approved
					FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u\n\t\t\t\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t\t\t\tAND p.poster_id = u.user_id\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
            } else {
                $sql = 'SELECT p.post_id, p.forum_id, p.post_approved
					FROM ' . POSTS_TABLE . " p\n\t\t\t\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
            }
            $result = $_CLASS['core_db']->query_limit($sql, 0, $start);
            $store = false;
            $post_id_list = array();
            while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
                // If splitted from selected post (split_beyond), we split the unapproved items too.
                if (!$row['post_approved'] && !$_CLASS['auth']->acl_get('m_approve', $row['forum_id'])) {
                    //					continue;
                }
                // Start to store post_ids as soon as we see the first post that was selected
                if ($row['post_id'] == $post_id) {
                    $store = true;
                }
                if ($store) {
                    $post_id_list[] = $row['post_id'];
                }
            }
        }
        if (!sizeof($post_id_list)) {
            trigger_error($_CLASS['core_user']->lang['NO_POST_SELECTED']);
        }
        $icon_id = request_var('icon', 0);
        $sql_ary = array('forum_id' => $to_forum_id, 'topic_title' => $subject, 'icon_id' => $icon_id, 'topic_approved' => 1);
        $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $sql_ary);
        $_CLASS['core_db']->sql_query($sql);
        $to_topic_id = $_CLASS['core_db']->sql_nextid();
        move_posts($post_id_list, $to_topic_id);
        // Change topic title of first post
        $sql = 'UPDATE ' . POSTS_TABLE . " \n\t\t\tSET post_subject = '" . $_CLASS['core_db']->sql_escape($subject) . "'\n\t\t\tWHERE post_id = {$post_id_list[0]}";
        $_CLASS['core_db']->sql_query($sql);
        $success_msg = 'TOPIC_SPLIT_SUCCESS';
        // Link back to both topics
        $return_link = sprintf($_CLASS['core_user']->lang['RETURN_TOPIC'], '<a href="' . generate_link('Forums&amp;file=viewtopic&amp;f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']) . '">', '</a>') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_NEW_TOPIC'], '<a href="' . generate_link('Forums&amp;file=viewtopic&amp;f=' . $to_forum_id . '&amp;t=' . $to_topic_id) . '">', '</a>');
    } else {
        confirm_box(false, $mode == 'split_all' ? 'SPLIT_TOPIC_ALL' : 'SPLIT_TOPIC_BEYOND', $s_hidden_fields);
    }
    $redirect = request_var('redirect', generate_link('Forums'));
    /*if (strpos($redirect, '?') === false)
    	{
    		$redirect = substr_replace($redirect, ".$phpEx$SID&", strpos($redirect, '&'), 1);
    	}*/
    if (!$success_msg) {
        return;
    } else {
        $_CLASS['core_display']->meta_refresh(3, generate_link("Forums&amp;file=viewtopic&amp;f={$to_forum_id}&amp;t={$to_topic_id}"));
        trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . $return_link);
    }
}
Esempio n. 17
0
 function get_title()
 {
     global $dir, $lang, $mn_categories, $mn_users;
     if (isset($_GET['mn_post'])) {
         if (is_numeric($_GET['mn_post']) && file_exists(MN_ROOT . $dir['posts'] . 'post_' . $_GET['mn_post'] . '.php')) {
             $mn_post_id = $_GET['mn_post'];
         } else {
             $post_slugs = get_post_slugs();
             if (in_array(check_text($_GET['mn_post'], true), $post_slugs)) {
                 $mn_post_id = array_search(check_text($_GET['mn_post'], true), $post_slugs);
             } else {
                 $mn_post_id = 0;
             }
         }
         $p = get_post_data($mn_post_id);
         return encoding($p['title']);
     } elseif (isset($_GET['mn_page'])) {
         if (is_numeric($_GET['mn_page']) && file_exists(MN_ROOT . $dir['pages'] . 'page_' . $_GET['mn_page'] . '.php')) {
             $mn_page_id = $_GET['mn_page'];
         } else {
             $pages_dir = dir(MN_ROOT . $dir['pages']);
             $mn_page_id = '';
             while ($p_file = $pages_dir->read()) {
                 if (!is_file(MN_ROOT . $dir['pages'] . $p_file)) {
                     continue;
                 } else {
                     $temp_var = get_page_data($p_file, false);
                     if ($temp_var['friendly_url'] == $_GET['mn_page']) {
                         $mn_page_id = $temp_var['id'];
                     } else {
                         continue;
                     }
                 }
             }
         }
         $p = get_page_data($mn_page_id);
         return encoding($p['title']);
     } elseif (isset($_GET['mn_cat']) && !empty($_GET['mn_cat'])) {
         return encoding($lang['cats_category'] . ': ' . $mn_categories[$_GET['mn_cat']]['name']);
     } elseif (isset($_GET['mn_user']) && !empty($_GET['mn_user'])) {
         return encoding($lang['users_user'] . ': ' . $mn_users[$_GET['mn_user']]);
     } else {
         return encoding($lang['posts_posts']);
     }
 }
Esempio n. 18
0
/**
 JSON-LD Wordpress JSON-LD Generator
 For Homepage, Articles, Author Pages & Breadcrumbs
 @Author: Amged Osman
 @Link: https://amged.me
*/
function jsonLD()
{
    //------------------------
    // Start
    //-----------------------
    $jsonLD["@context"] = "http://schema.org/";
    //--------------------------------------------
    // get post/page data
    //--------------------------------------------
    $postData = get_post_data();
    //--------------------------------------------
    // Get Single Tag
    // or category
    //--------------------------------------------
    if (($tags = wp_get_post_tags($postData->ID)) != null) {
        $articleSection = $tags[0]->name;
    } else {
        $category = get_the_category();
        $articleSection = $category[0]->cat_name;
    }
    //--------------------------------------------
    //common
    //--------------------------------------------
    $home_title = get_bloginfo('name');
    $home_url = esc_url(home_url('/'));
    $blog_url = get_permalink(get_option('page_for_posts'));
    $blog_title = get_the_title(get_option('page_for_posts', true));
    //--------------------------------------------
    // Is is a post?
    //--------------------------------------------
    if (is_single()) {
        $authorData = get_userdata($postData->post_author);
        $postUrl = get_permalink();
        $postPhoto = wp_get_attachment_url(get_post_thumbnail_id($post->ID));
        //$postPhoto = get_featured_url('image-1x1');
        $jsonLD["@type"] = "Article";
        $jsonLD["url"] = $postUrl;
        $jsonLD["author"] = array("@type" => "Person", "name" => $authorData->display_name);
        $jsonLD["headline"] = $postData->post_title;
        $jsonLD["datePublished"] = $postData->post_date;
        // get the tags if not get the category if not don't even display it!
        if ($articleSection !== null) {
            $jsonLD["ArticleSection"] = $articleSection;
        }
        // do we have description?
        if ($postData->post_excerpt != '') {
            $jsonLD["description"] = $postData->post_excerpt;
        }
        // photo?
        if ($postPhoto) {
            $jsonLD["image"] = $postPhoto;
        }
        $jsonLD["Publisher"] = $home_title;
    }
    //---------------------------
    // @type: Organization
    // set it up manually!!!
    //----------------------------
    if (is_front_page()) {
        $jsonLD["@type"] = "Organization";
        $jsonLD["name"] = $home_title;
        //------------------------------
        // You can add different name
        //-------------------------------
        $jsonLD["alternateName"] = "أمجد عثمان";
        $jsonLD["logo"] = "https://domain.me/cdn/images/static/logo_a-lato2_300x248.png";
        $jsonLD["url"] = $home_url;
        $jsonLD["sameAs"] = array("https://twitter.com/username", "https://www.facebook.com/username", "https://www.linkedin.com/in/username", "https://instagram.com/username/", "https://soundcloud.com/username", "https://www.pinterest.com/username/", "https://plus.google.com/+username/", "https://www.youtube.com/user/username");
        //--------------------------------
        // for organizations only
        // they can add their contact info
        //----------------------------------
        $jsonLD["contactPoint"] = array(array("@type" => "ContactPoint", "telephone" => "+966 500 000 000", "email" => "*****@*****.**", "contactType" => "sales", "availableLanguage" => array("English", "Arabic")));
        //------------------------------------
        // setup search
        // read here
        // https://developers.google.com/structured-data/slsb-overview
        //-----------------------------------
        $jsonLD["potentialAction"] = array(array("@type" => "SearchAction", "target" => "https://domain.com/?s={searchTerm}", "query-input" => "required name=searchTerm"));
    }
    if (is_author()) {
        //------------------------------
        // get us some authorData
        //------------------------------
        $authorData = get_userdata($postData->post_author);
        //---------------------------------------
        // set up all networks you want to pull
        // you don't need to worry if the author
        // filled it or not
        // because we're performing a checkup
        // the "networks" fields are custom field
        // read here http://davidwalsh.name/add-profile-fields
        // @usage
        // $metas = array('facebook', 'googleplus');
        //----------------------------------------
        $metas = array('twitter', 'url', 'facebook', 'googleplus', 'linkedin', 'soundcloud', 'tumblr');
        $sameAs = array();
        //------------------------------------------------------
        // append Twitter Url
        // because davidwalsh created it for the handle only :D!
        //-------------------------------------------------------
        $twitterUrl = "https://twitter.com/";
        foreach ($metas as $meta) {
            if (get_the_author_meta($meta) != '') {
                $network = get_the_author_meta($meta);
                if ($meta == 'twitter') {
                    $network = $twitterUrl . get_the_author_meta($meta);
                }
                $sameAs[] = $network;
            }
        }
        //----------------------------------
        // now add more author info
        // the "jobTitle" field is custom field
        // read here http://davidwalsh.name/add-profile-fields
        //----------------------------------
        $jsonLD["@type"] = "Person";
        $jsonLD["name"] = $authorData->display_name;
        $jsonLD["email"] = $authorData->user_email;
        if (get_the_author_meta('title') != '') {
            $jsonLD["jobTitle"] = get_the_author_meta('title');
        }
        $jsonLD["sameAs"] = $sameAs;
    }
    return $jsonLD;
}
Esempio n. 19
0
/**
* Delete Posts
*/
function mcp_delete_post($post_ids)
{
    global $auth, $user, $db, $phpEx, $phpbb_root_path;
    if (!check_ids($post_ids, POSTS_TABLE, 'post_id', array('m_delete'))) {
        return;
    }
    $redirect = request_var('redirect', build_url(array('action', 'quickmod')));
    $forum_id = request_var('f', 0);
    $s_hidden_fields = build_hidden_fields(array('post_id_list' => $post_ids, 'f' => $forum_id, 'action' => 'delete_post', 'redirect' => $redirect));
    $success_msg = '';
    if (confirm_box(true)) {
        if (!function_exists('delete_posts')) {
            include $phpbb_root_path . 'includes/functions_admin.' . $phpEx;
        }
        // Count the number of topics that are affected
        // I did not use COUNT(DISTINCT ...) because I remember having problems
        // with it on older versions of MySQL -- Ashe
        $sql = 'SELECT DISTINCT topic_id
			FROM ' . POSTS_TABLE . '
			WHERE ' . $db->sql_in_set('post_id', $post_ids);
        $result = $db->sql_query($sql);
        $topic_id_list = array();
        while ($row = $db->sql_fetchrow($result)) {
            $topic_id_list[] = $row['topic_id'];
        }
        $affected_topics = sizeof($topic_id_list);
        $db->sql_freeresult($result);
        $post_data = get_post_data($post_ids);
        foreach ($post_data as $id => $row) {
            $post_username = $row['poster_id'] == ANONYMOUS && !empty($row['post_username']) ? $row['post_username'] : $row['username'];
            add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_DELETE_POST', $row['post_subject'], $post_username);
        }
        // Now delete the posts, topics and forums are automatically resync'ed
        delete_posts('post_id', $post_ids);
        $sql = 'SELECT COUNT(topic_id) AS topics_left
			FROM ' . TOPICS_TABLE . '
			WHERE ' . $db->sql_in_set('topic_id', $topic_id_list);
        $result = $db->sql_query_limit($sql, 1);
        $deleted_topics = ($row = $db->sql_fetchrow($result)) ? $affected_topics - $row['topics_left'] : $affected_topics;
        $db->sql_freeresult($result);
        $topic_id = request_var('t', 0);
        // Return links
        $return_link = array();
        if ($affected_topics == 1 && !$deleted_topics && $topic_id) {
            $return_link[] = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", "f={$forum_id}&amp;t={$topic_id}") . '">', '</a>');
        }
        $return_link[] = sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $forum_id) . '">', '</a>');
        if (sizeof($post_ids) == 1) {
            if ($deleted_topics) {
                // We deleted the only post of a topic, which in turn has
                // been removed from the database
                $success_msg = $user->lang['TOPIC_DELETED_SUCCESS'];
            } else {
                $success_msg = $user->lang['POST_DELETED_SUCCESS'];
            }
        } else {
            if ($deleted_topics) {
                // Some of topics disappeared
                $success_msg = $user->lang['POSTS_DELETED_SUCCESS'] . '<br /><br />' . $user->lang['EMPTY_TOPICS_REMOVED_WARNING'];
            } else {
                $success_msg = $user->lang['POSTS_DELETED_SUCCESS'];
            }
        }
    } else {
        confirm_box(false, sizeof($post_ids) == 1 ? 'DELETE_POST' : 'DELETE_POSTS', $s_hidden_fields);
    }
    $redirect = request_var('redirect', "index.{$phpEx}");
    $redirect = reapply_sid($redirect);
    if (!$success_msg) {
        redirect($redirect);
    } else {
        if ($affected_topics != 1 || $deleted_topics || !$topic_id) {
            $redirect = append_sid("{$phpbb_root_path}mcp.{$phpEx}", "f={$forum_id}&i=main&mode=forum_view", false);
        }
        meta_refresh(3, $redirect);
        trigger_error($success_msg . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>') . '<br /><br />' . implode('<br /><br />', $return_link));
    }
}
Esempio n. 20
0
function _s_schema_configuration()
{
    // JSON-LD for Wordpress Home Articles and Author Pages written by Pete Wailes and Richard Baxter
    function get_post_data()
    {
        global $post;
        return $post;
    }
    // stuff for any page
    $payload["@context"] = "http://schema.org/";
    // this has all the data of the post/page etc
    $post_data = get_post_data();
    // stuff for any page, if it exists
    $category = get_the_category();
    $payload["@type"] = 'WebPage';
    // Is search results page
    if (is_search()) {
        $payload["@type"] = 'SearchResultsPage';
    }
    // Is contact page
    if (get_theme_mod('page_contact') && is_page(get_theme_mod('page_contact'))) {
        $payload["@type"] = 'ContactPage';
    }
    // Is about page
    if (get_theme_mod('page_about') && is_page(get_theme_mod('page_about'))) {
        $payload["@type"] = 'AboutPage';
    }
    // Is FAQs page
    if (get_theme_mod('page_faqs') && is_page(get_theme_mod('page_faqs'))) {
        $payload["@type"] = 'QAPage';
    }
    // Is gallery page
    if (get_theme_mod('page_gallery') && is_page(get_theme_mod('page_gallery'))) {
        $payload["@type"] = 'ImageGallery';
    }
    // Is single product page
    if (function_exists('is_product') && is_product()) {
        $payload["@type"] = 'ItemPage';
    }
    // Is checkout page
    if (function_exists('is_checkout') && is_checkout()) {
        $payload["@type"] = 'CheckoutPage';
    }
    // stuff for specific pages
    if (is_single()) {
        // this gets the data for the user who wrote that particular item
        $author_data = get_userdata($post_data->post_author);
        $post_url = get_permalink();
        $post_thumb = wp_get_attachment_url(get_post_thumbnail_id($post->ID));
        $payload["@type"] = "Article";
        $payload["url"] = $post_url;
        $payload["author"] = array("@type" => "Person", "name" => $author_data->display_name);
        $payload["headline"] = $post_data->post_title;
        $payload["datePublished"] = $post_data->post_date;
        if ($post_thumb) {
            $payload["image"] = $post_thumb;
        }
        $payload["ArticleSection"] = $category[0]->cat_name;
        $payload["Publisher"] = get_bloginfo('name');
    }
    // we do all this separately so we keep the right things for organization together
    if (is_front_page()) {
        $payload["@type"] = "Organization";
        $payload["name"] = get_bloginfo('name');
        // $payload["logo"] = "";
        $payload["url"] = esc_url(home_url('/'));
        $payload["sameAs"] = array();
        if (get_theme_mod('facebook')) {
            array_push($payload["sameAs"], get_theme_mod('facebook'));
        }
        if (get_theme_mod('googleplus')) {
            array_push($payload["sameAs"], get_theme_mod('googleplus'));
        }
        if (get_theme_mod('twitter')) {
            array_push($payload["sameAs"], get_theme_mod('twitter'));
        }
        if (get_theme_mod('instagram')) {
            array_push($payload["sameAs"], get_theme_mod('instagram'));
        }
        if (get_theme_mod('pinterest')) {
            array_push($payload["sameAs"], get_theme_mod('pinterest'));
        }
        if (get_theme_mod('youtube')) {
            array_push($payload["sameAs"], get_theme_mod('youtube'));
        }
        if (get_theme_mod('linkedin')) {
            array_push($payload["sameAs"], get_theme_mod('linkedin'));
        }
        $payload["contactPoint"] = array();
        $contactPointData = array("@type" => "ContactPoint", "contactType" => "customer service");
        $contactPointData["telephone"] = array();
        if (get_theme_mod('phone')) {
            array_push($contactPointData["telephone"], get_theme_mod('phone'));
        }
        if (get_theme_mod('mobile')) {
            array_push($contactPointData["telephone"], get_theme_mod('mobile'));
        }
        if (get_theme_mod('fax')) {
            array_push($contactPointData["telephone"], get_theme_mod('fax'));
        }
        if (get_theme_mod('email')) {
            $contactPointData["email"] = get_theme_mod('email');
        }
        if (get_theme_mod('address')) {
            $contactPointData["address"] = get_theme_mod('address');
        }
        array_push($payload["contactPoint"], $contactPointData);
    }
    if (is_author()) {
        // this gets the data for the user who wrote that particular item
        $author_data = get_userdata($post_data->post_author);
        $payload["@type"] = "Person";
        $payload["name"] = $author_data->display_name;
        $payload["email"] = $author_data->user_email;
    }
    return $payload;
}
Esempio n. 21
0
    function mcp_queue($id, $mode, $url)
    {
        global $_CLASS, $site_file_root, $config;
        $forum_id = request_var('f', 0);
        $start = request_var('start', 0);
        switch ($mode) {
            case 'approve':
            case 'disapprove':
                require_once $site_file_root . 'includes/forums/functions_messenger.php';
                require_once $site_file_root . 'includes/forums/functions_posting.php';
                $post_id_list = request_var('post_id_list', array(0));
                if (!sizeof($post_id_list)) {
                    trigger_error('NO_POST_SELECTED');
                }
                if ($mode == 'approve') {
                    approve_post($post_id_list);
                } else {
                    disapprove_post($post_id_list);
                }
                break;
            case 'approve_details':
                $_CLASS['core_user']->add_lang('posting');
                require_once $site_file_root . 'includes/forums/functions_posting.php';
                $post_id = request_var('p', 0);
                $topic_id = request_var('t', 0);
                if ($topic_id) {
                    $topic_info = get_topic_data(array($topic_id), 'm_approve');
                    $post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
                }
                $post_info = get_post_data(array($post_id), 'm_approve');
                if (!sizeof($post_info)) {
                    trigger_error('NO_POST_SELECTED');
                }
                $post_info = $post_info[$post_id];
                if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) {
                    $_CLASS['core_template']->assign_array(array('S_TOPIC_REVIEW' => true, 'TOPIC_TITLE' => $post_info['topic_title']));
                }
                // Set some vars
                $poster = $post_info['user_colour'] ? '<span style="color:#' . $post_info['user_colour'] . '">' . $post_info['username'] . '</span>' : $post_info['username'];
                // Process message, leave it uncensored
                $message = $post_info['post_text'];
                if ($post_info['bbcode_bitfield']) {
                    require_once $site_file_root . 'includes/forums/bbcode.php';
                    $bbcode = new bbcode($post_info['bbcode_bitfield']);
                    $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
                }
                $message = smiley_text($message);
                $_CLASS['core_template']->assign_array(array('S_MCP_QUEUE' => true, 'S_APPROVE_ACTION' => generate_link("Forums&amp;file=mcp&amp;i=queue&amp;p={$post_id}&amp;f={$forum_id}"), 'S_CAN_VIEWIP' => $_CLASS['auth']->acl_get('m_ip', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => !$post_info['post_approved'], 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_WARNINGS' => $post_info['user_warnings'] ? true : false, 'U_VIEW_PROFILE' => generate_link('Members_List&amp;mode=viewprofile&amp;u=' . $post_info['user_id']), 'U_MCP_USERNOTES' => generate_link('Forums&amp;file=mcp&amp;i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']), 'U_MCP_WARNINGS' => generate_link('Forums&amp;file=mcp&amp;i=warnings&amp;mode=view_user&amp;u=' . $post_info['user_id']), 'U_EDIT' => $_CLASS['auth']->acl_get('m_edit', $post_info['forum_id']) ? generate_link("Forums&amp;file=posting&amp;mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '', 'REPORTED_IMG' => $_CLASS['core_user']->img('icon_reported', $_CLASS['core_user']->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $_CLASS['core_user']->img('icon_unapproved', $_CLASS['core_user']->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $_CLASS['core_user']->img('btn_edit', $_CLASS['core_user']->lang['EDIT_POST']), 'POSTER_NAME' => $poster, 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'], 'POST_DATE' => $_CLASS['core_user']->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => @gethostbyaddr($post_info['poster_ip']), 'POST_ID' => $post_info['post_id']));
                $this->display($_CLASS['core_user']->lang['MCP_QUEUE'], 'mcp_post.html');
                break;
            case 'unapproved_topics':
            case 'unapproved_posts':
                $forum_info = array();
                $forum_list_approve = get_forum_list('m_approve', false, true);
                if (!$forum_id) {
                    $forum_list = array();
                    foreach ($forum_list_approve as $row) {
                        $forum_list[] = $row['forum_id'];
                    }
                    if (!($forum_list = implode(', ', $forum_list))) {
                        trigger_error('NOT_MODERATOR');
                    }
                    $sql = 'SELECT SUM(forum_topics) as sum_forum_topics 
						FROM ' . FORUMS_FORUMS_TABLE . "\n\t\t\t\t\t\tWHERE forum_id IN ({$forum_list})";
                    $result = $_CLASS['core_db']->query($sql);
                    $row = $_CLASS['core_db']->fetch_row_assoc($result);
                    $_CLASS['core_db']->free_result($result);
                    $forum_info['forum_topics'] = (int) $row['sum_forum_topics'];
                } else {
                    $forum_info = get_forum_data(array($forum_id), 'm_approve');
                    if (!sizeof($forum_info)) {
                        trigger_error('NOT_MODERATOR');
                    }
                    $forum_info = $forum_info[$forum_id];
                    $forum_list = $forum_id;
                }
                $forum_options = '<option value="0"' . ($forum_id == 0 ? ' selected="selected"' : '') . '>' . $_CLASS['core_user']->lang['ALL_FORUMS'] . '</option>';
                foreach ($forum_list_approve as $row) {
                    $forum_options .= '<option value="' . $row['forum_id'] . '"' . ($forum_id == $row['forum_id'] ? ' selected="selected"' : '') . '>' . $row['forum_name'] . '</option>';
                }
                mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id);
                $forum_topics = $total == -1 ? $forum_info['forum_topics'] : $total;
                $limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . (time() - $sort_days * 86400) : '';
                if ($mode == 'unapproved_posts') {
                    $sql = 'SELECT p.post_id
						FROM ' . FORUMS_POSTS_TABLE . ' p, ' . FORUMS_TOPICS_TABLE . ' t' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . "\n\t\t\t\t\t\tWHERE p.forum_id IN ({$forum_list})\n\t\t\t\t\t\t\tAND p.post_approved = 0\n\t\t\t\t\t\t\t" . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.poster_id' : '') . "\n\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\tAND t.topic_first_post_id <> p.post_id\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
                    $result = $_CLASS['core_db']->query_limit($sql, $config['topics_per_page'], $start);
                    $i = 0;
                    $post_ids = array();
                    while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
                        $post_ids[] = $row['post_id'];
                        $row_num[$row['post_id']] = $i++;
                    }
                    if (sizeof($post_ids)) {
                        $sql = 'SELECT f.forum_id, f.forum_name, t.topic_id, t.topic_title, p.post_id, p.post_username, p.poster_id, p.post_time, u.username
							FROM ' . FORUMS_POSTS_TABLE . ' p, ' . FORUMS_FORUMS_TABLE . ' f, ' . FORUMS_TOPICS_TABLE . ' t, ' . USERS_TABLE . " u\n\t\t\t\t\t\t\tWHERE p.post_id IN (" . implode(', ', $post_ids) . ")\n\t\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\t\tAND f.forum_id = p.forum_id\n\t\t\t\t\t\t\t\tAND u.user_id = p.poster_id";
                        $result = $_CLASS['core_db']->query($sql);
                        $post_data = $rowset = array();
                        while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
                            $post_data[$row['post_id']] = $row;
                        }
                        $_CLASS['core_db']->free_result($result);
                        foreach ($post_ids as $post_id) {
                            $rowset[] = $post_data[$post_id];
                        }
                        unset($post_data, $post_ids);
                    } else {
                        $rowset = array();
                    }
                } else {
                    $sql = 'SELECT f.forum_id, f.forum_name, t.topic_id, t.topic_title, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username
						FROM ' . FORUMS_TOPICS_TABLE . ' t, ' . FORUMS_FORUMS_TABLE . " f\n\t\t\t\t\t\tWHERE t.topic_approved = 0\n\t\t\t\t\t\t\tAND t.forum_id IN ({$forum_list})\n\t\t\t\t\t\t\tAND f.forum_id = t.forum_id\n\t\t\t\t\t\tORDER BY {$sort_order_sql}";
                    $result = $_CLASS['core_db']->query_limit($sql, $config['topics_per_page'], $start);
                    $rowset = array();
                    while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
                        $rowset[] = $row;
                    }
                    $_CLASS['core_db']->free_result($result);
                }
                foreach ($rowset as $row) {
                    if ($row['poster_id'] == ANONYMOUS) {
                        $poster = !empty($row['post_username']) ? $row['post_username'] : $_CLASS['core_user']->lang['GUEST'];
                    } else {
                        $poster = $row['username'];
                    }
                    $s_checkbox = '<input type="checkbox" name="post_id_list[]" value="' . $row['post_id'] . '" />';
                    $_CLASS['core_template']->assign_vars_array('postrow', array('U_VIEWFORUM' => generate_link('Forums&amp;file=viewforum&amp;f=' . $row['forum_id']), 'U_VIEWTOPIC' => generate_link('Forums&amp;file=viewtopic&amp;f=' . $row['forum_id'] . '&amp;p=' . $row['post_id'] . ($mode == 'unapproved_posts' ? '#' . $row['post_id'] : '')), 'U_VIEW_DETAILS' => generate_link("Forums&amp;file=mcp&amp;i=queue&amp;start={$start}&amp;mode=approve_details&amp;f={$forum_id}&amp;p={$row['post_id']}"), 'U_VIEWPROFILE' => $row['poster_id'] != ANONYMOUS ? generate_link("Members_List&amp;mode=viewprofile&amp;u={$row['poster_id']}") : '', 'FORUM_NAME' => $row['forum_name'], 'TOPIC_TITLE' => $row['topic_title'], 'POSTER' => $poster, 'POST_TIME' => $_CLASS['core_user']->format_date($row['post_time']), 'S_CHECKBOX' => $s_checkbox));
                }
                unset($rowset);
                // Now display the page
                $_CLASS['core_template']->assign_array(array('L_DISPLAY_ITEMS' => $mode == 'unapproved_posts' ? $_CLASS['core_user']->lang['DISPLAY_POSTS'] : $_CLASS['core_user']->lang['DISPLAY_TOPICS'], 'S_FORUM_OPTIONS' => $forum_options));
                $this->display($_CLASS['core_user']->lang['MCP_QUEUE'], 'mcp_queue.html');
                break;
        }
    }
 public function block_content($context, array $blocks = array())
 {
     // line 4
     echo "<h4>Edit Jadwal Ajar</h4>\n";
     // line 5
     echo get_flashdata("edit");
     echo "\n\n";
     // line 7
     echo form_open("pengajar/edit_ampuan/" . (isset($context["status_id"]) ? $context["status_id"] : null) . "/" . (isset($context["pengajar_id"]) ? $context["pengajar_id"] : null) . "/" . $this->getAttribute(isset($context["ma"]) ? $context["ma"] : null, "id"));
     echo "\n<input type=\"hidden\" name=\"pengajar_id\" value=\"";
     // line 8
     echo twig_escape_filter($this->env, isset($context["pengajar_id"]) ? $context["pengajar_id"] : null, "html", null, true);
     echo "\">\n<table class=\"table table-striped\">\n    <tbody>\n        <tr>\n            <th width=\"27%\">Kelas <span class=\"text-error\">*</span></th>\n            <td>\n                <select name=\"kelas_id\" style=\"width:auto;\" id=\"kelas_id\">\n                    ";
     // line 15
     $context['_parent'] = (array) $context;
     $context['_seq'] = twig_ensure_traversable(isset($context["kelas"]) ? $context["kelas"] : null);
     foreach ($context['_seq'] as $context["_key"] => $context["k"]) {
         // line 16
         echo "                    <option value=\"";
         echo twig_escape_filter($this->env, $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "id"), "html", null, true);
         echo "\" ";
         echo twig_escape_filter($this->env, set_select("kelas_id", $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "id"), $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "id") == $this->getAttribute(isset($context["mk"]) ? $context["mk"] : null, "kelas_id") ? true : false), "html", null, true);
         echo ">";
         echo twig_escape_filter($this->env, $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "nama"), "html", null, true);
         echo "</option>\n                    ";
     }
     $_parent = $context['_parent'];
     unset($context['_seq'], $context['_iterated'], $context['_key'], $context['k'], $context['_parent'], $context['loop']);
     $context = array_intersect_key($context, $_parent) + $_parent;
     // line 18
     echo "                </select>\n                <br>";
     // line 19
     echo form_error("kelas_id");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Mapel <span class=\"text-error\">*</span></th>\n            <td>\n                <select name=\"mapel_kelas_id\" style=\"width:auto\" id=\"mapel_kelas_id\">\n                    ";
     // line 26
     if (!twig_test_empty(get_post_data("kelas_id"))) {
         // line 27
         echo "                        ";
         $context["select_option"] = get_post_data("mapel_kelas_id");
         // line 28
         echo "                        ";
         $context["post_kelas_id"] = get_post_data("kelas_id");
         // line 29
         echo "                        ";
         $context["mapel_kelas"] = get_row_data("mapel_model", "retrieve_all_kelas", array(0 => null, 1 => isset($context["post_kelas_id"]) ? $context["post_kelas_id"] : null));
         // line 30
         echo "                    ";
     } else {
         // line 31
         echo "                        ";
         $context["select_option"] = $this->getAttribute(isset($context["ma"]) ? $context["ma"] : null, "mapel_kelas_id");
         // line 32
         echo "                        ";
         $context["mapel_kelas"] = get_row_data("mapel_model", "retrieve_all_kelas", array(0 => null, 1 => $this->getAttribute(isset($context["mk"]) ? $context["mk"] : null, "kelas_id")));
         // line 33
         echo "                    ";
     }
     // line 34
     echo "\n                    ";
     // line 35
     $context['_parent'] = (array) $context;
     $context['_seq'] = twig_ensure_traversable(isset($context["mapel_kelas"]) ? $context["mapel_kelas"] : null);
     foreach ($context['_seq'] as $context["_key"] => $context["mak"]) {
         // line 36
         echo "                        ";
         $context["m"] = get_row_data("mapel_model", "retrieve", array(0 => $this->getAttribute(isset($context["mak"]) ? $context["mak"] : null, "mapel_id")));
         // line 37
         echo "                        ";
         if (!twig_test_empty(isset($context["m"]) ? $context["m"] : null)) {
             // line 38
             echo "                        <option value=\"";
             echo twig_escape_filter($this->env, $this->getAttribute(isset($context["mak"]) ? $context["mak"] : null, "id"), "html", null, true);
             echo "\" ";
             echo (isset($context["select_option"]) ? $context["select_option"] : null) == $this->getAttribute(isset($context["mak"]) ? $context["mak"] : null, "id") ? "selected" : "";
             echo ">";
             echo twig_escape_filter($this->env, $this->getAttribute(isset($context["m"]) ? $context["m"] : null, "nama"), "html", null, true);
             echo "</option>\n                        ";
         }
         // line 40
         echo "                    ";
     }
     $_parent = $context['_parent'];
     unset($context['_seq'], $context['_iterated'], $context['_key'], $context['mak'], $context['_parent'], $context['loop']);
     $context = array_intersect_key($context, $_parent) + $_parent;
     // line 41
     echo "                </select>\n                <br><span class=\"text-muted\">Pilih kelas terlebih dahulu</span>\n                <br>";
     // line 43
     echo form_error("mapel_kelas_id");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Jam Mulai <span class=\"text-error\">*</span></th>\n            <td>\n                <input type=\"text\" name=\"jam_mulai\" style=\"width:19%\" placeholder=\"hh:mm\" value=\"";
     // line 49
     echo twig_escape_filter($this->env, set_value("jam_mulai", twig_date_format_filter($this->env, $this->getAttribute(isset($context["ma"]) ? $context["ma"] : null, "jam_mulai"), "H:i")), "html", null, true);
     echo "\">\n                <span class=\"pull-right text-muted\">Contoh : 08:30</span>\n                <br>";
     // line 51
     echo form_error("jam_mulai");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Jam Selesai <span class=\"text-error\">*</span></th>\n            <td>\n                <input type=\"text\" name=\"jam_selesai\" style=\"width:19%\" placeholder=\"hh:mm\" value=\"";
     // line 57
     echo twig_escape_filter($this->env, set_value("jam_selesai", twig_date_format_filter($this->env, $this->getAttribute(isset($context["ma"]) ? $context["ma"] : null, "jam_selesai"), "H:i")), "html", null, true);
     echo "\">\n                <span class=\"pull-right text-muted\">Contoh : 13:30</span>\n                <br>";
     // line 59
     echo form_error("jam_selesai");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Status</th>\n            <td>\n                <label class=\"checkbox\"><input type=\"checkbox\" name=\"aktif\" value=\"1\" ";
     // line 65
     echo twig_escape_filter($this->env, set_checkbox("aktif", "1", $this->getAttribute(isset($context["ma"]) ? $context["ma"] : null, "aktif") == 1 ? true : false), "html", null, true);
     echo "> Aktif</label>\n                <br>";
     // line 66
     echo form_error("aktif");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <td colspan=\"2\"><button type=\"submit\" class=\"btn btn-primary\">Simpan</button></td>\n        </tr>\n    </tbody>\n</table>\n";
     // line 74
     echo form_close();
     echo "\n";
 }
 * @author Curverider Ltd
 * @link http://elgg.org/
 */
// Load Elgg engine
define('externalpage', true);
require_once "../start.php";
global $CONFIG;
// Register the error handler
error_reporting(E_ALL);
set_error_handler('__php_xmlrpc_error_handler');
// Register a default exception handler
set_exception_handler('__php_xmlrpc_exception_handler');
// Set some defaults
$result = null;
set_input('view', 'xml');
// Set default view regardless
// Get the post data
$input = get_post_data();
if ($input) {
    // 	Parse structures from xml
    $call = new XMLRPCCall($input);
    // Process call
    $result = trigger_xmlrpc_handler($call);
} else {
    throw new CallException(elgg_echo('xmlrpc:noinputdata'));
}
if (!$result instanceof XMLRPCResponse) {
    throw new APIException(elgg_echo('APIException:ApiResultUnknown'));
}
// Output result
page_draw("XML-RPC", elgg_view("xml-rpc/output", array('result' => $result)));
Esempio n. 24
0
/**
* Change a post's poster
*/
function change_poster(&$post_info, $userdata)
{
    global $auth, $db, $config;
    if (empty($userdata) || $userdata['user_id'] == $post_info['user_id']) {
        return;
    }
    $post_id = $post_info['post_id'];
    $sql = 'UPDATE ' . POSTS_TABLE . "\n\t\tSET poster_id = {$userdata['user_id']}\n\t\tWHERE post_id = {$post_id}";
    $db->sql_query($sql);
    // Resync topic/forum if needed
    if ($post_info['topic_last_post_id'] == $post_id || $post_info['forum_last_post_id'] == $post_id) {
        sync('topic', 'topic_id', $post_info['topic_id'], false, false);
        sync('forum', 'forum_id', $post_info['forum_id'], false, false);
    }
    // Adjust post counts
    $auth_user_from = new auth();
    $auth_user_from->acl($post_info);
    $auth_user_to = new auth();
    $auth_user_to->acl($userdata);
    // Decrease post count by one for the old user
    if ($auth_user_from->acl_get('f_postcount', $post_info['forum_id'])) {
        $sql = 'UPDATE ' . USERS_TABLE . '
			SET user_posts = user_posts - 1
			WHERE user_id = ' . $post_info['user_id'];
        $db->sql_query($sql);
    }
    // Increase post count by one for the new user
    if ($auth_user_to->acl_get('f_postcount', $post_info['forum_id'])) {
        $sql = 'UPDATE ' . USERS_TABLE . '
			SET user_posts = user_posts + 1
			WHERE user_id = ' . $userdata['user_id'];
        $db->sql_query($sql);
    }
    // Add posted to information for this topic for the new user
    markread('post', $post_info['forum_id'], $post_info['topic_id'], time(), $userdata['user_id']);
    // Remove the dotted topic option if the old user has no more posts within this topic
    if ($config['load_db_track'] && $post_info['user_id'] != ANONYMOUS) {
        $sql = 'SELECT topic_id
			FROM ' . POSTS_TABLE . '
			WHERE topic_id = ' . $post_info['topic_id'] . '
				AND poster_id = ' . $post_info['user_id'];
        $result = $db->sql_query_limit($sql, 1);
        $topic_id = (int) $db->sql_fetchfield('topic_id');
        $db->sql_freeresult($result);
        if (!$topic_id) {
            $sql = 'DELETE FROM ' . TOPICS_POSTED_TABLE . '
				WHERE user_id = ' . $post_info['user_id'] . '
					AND topic_id = ' . $post_info['topic_id'];
            $db->sql_query($sql);
        }
    }
    // Do not change the poster_id within the attachments table, since they were still posted by the original user
    $from_username = $post_info['username'];
    $to_username = $userdata['username'];
    // Renew post info
    $post_info = get_post_data(array($post_id));
    if (!sizeof($post_info)) {
        trigger_error($user->lang['POST_NOT_EXIST']);
    }
    $post_info = $post_info[$post_id];
    // Now add log entry
    add_log('mod', $post_info['forum_id'], $post_info['topic_id'], 'LOG_MCP_CHANGE_POSTER', $post_info['topic_title'], $from_username, $to_username);
}
Esempio n. 25
0
/**
* Change a post's poster
*/
function change_poster(&$post_info, $userdata)
{
    global $auth, $db, $config, $phpbb_root_path, $phpEx;
    if (empty($userdata) || $userdata['user_id'] == $post_info['user_id']) {
        return;
    }
    $post_id = $post_info['post_id'];
    $sql = 'UPDATE ' . POSTS_TABLE . "\n\t\tSET poster_id = {$userdata['user_id']}\n\t\tWHERE post_id = {$post_id}";
    $db->sql_query($sql);
    // Resync topic/forum if needed
    if ($post_info['topic_last_post_id'] == $post_id || $post_info['forum_last_post_id'] == $post_id || $post_info['topic_first_post_id'] == $post_id) {
        sync('topic', 'topic_id', $post_info['topic_id'], false, false);
        sync('forum', 'forum_id', $post_info['forum_id'], false, false);
    }
    // Adjust post counts... only if the post is approved (else, it was not added the users post count anyway)
    if ($post_info['post_postcount'] && $post_info['post_approved']) {
        $sql = 'UPDATE ' . USERS_TABLE . '
			SET user_posts = user_posts - 1
			WHERE user_id = ' . $post_info['user_id'] . '
			AND user_posts > 0';
        $db->sql_query($sql);
        $sql = 'UPDATE ' . USERS_TABLE . '
			SET user_posts = user_posts + 1
			WHERE user_id = ' . $userdata['user_id'];
        $db->sql_query($sql);
    }
    // Add posted to information for this topic for the new user
    markread('post', $post_info['forum_id'], $post_info['topic_id'], time(), $userdata['user_id']);
    // Remove the dotted topic option if the old user has no more posts within this topic
    if ($config['load_db_track'] && $post_info['user_id'] != ANONYMOUS) {
        $sql = 'SELECT topic_id
			FROM ' . POSTS_TABLE . '
			WHERE topic_id = ' . $post_info['topic_id'] . '
				AND poster_id = ' . $post_info['user_id'];
        $result = $db->sql_query_limit($sql, 1);
        $topic_id = (int) $db->sql_fetchfield('topic_id');
        $db->sql_freeresult($result);
        if (!$topic_id) {
            $sql = 'DELETE FROM ' . TOPICS_POSTED_TABLE . '
				WHERE user_id = ' . $post_info['user_id'] . '
					AND topic_id = ' . $post_info['topic_id'];
            $db->sql_query($sql);
        }
    }
    // change the poster_id within the attachments table, else the data becomes out of sync and errors displayed because of wrong ownership
    if ($post_info['post_attachment']) {
        $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
			SET poster_id = ' . $userdata['user_id'] . '
			WHERE poster_id = ' . $post_info['user_id'] . '
				AND post_msg_id = ' . $post_info['post_id'] . '
				AND topic_id = ' . $post_info['topic_id'];
        $db->sql_query($sql);
    }
    // refresh search cache of this post
    $search_type = basename($config['search_type']);
    if (file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) {
        require "{$phpbb_root_path}includes/search/{$search_type}.{$phpEx}";
        // We do some additional checks in the module to ensure it can actually be utilised
        $error = false;
        $search = new $search_type($error);
        if (!$error && method_exists($search, 'destroy_cache')) {
            $search->destroy_cache(array(), array($post_info['user_id'], $userdata['user_id']));
        }
    }
    $from_username = $post_info['username'];
    $to_username = $userdata['username'];
    // Renew post info
    $post_info = get_post_data(array($post_id), false, true);
    if (!sizeof($post_info)) {
        trigger_error('POST_NOT_EXIST');
    }
    $post_info = $post_info[$post_id];
    // Now add log entry
    add_log('mod', $post_info['forum_id'], $post_info['topic_id'], 'LOG_MCP_CHANGE_POSTER', $post_info['topic_title'], $from_username, $to_username);
}
Esempio n. 26
0
             } elseif ($c_data[3] == 0) {
                 continue;
             }
             $comments[] .= $c_line;
         }
     }
 }
 if (!empty($comments)) {
     $comments = mn_natcasesort($comments);
     $comments = array_reverse($comments);
     $comments_count = count($comments);
     $j_max = isset($widget_counts[1]) && is_numeric($widget_counts[1]) ? $widget_counts[1] : 5;
     $j_max = $comments_count < $j_max ? $comments_count : $j_max;
     for ($j = 0; $j < $j_max; $j++) {
         $c = get_values('comments', $comments[$j], false);
         $cp = get_post_data($c['post_id']);
         $c['timestamp'] = $c['timestamp'] + $conf['time_adj'] * 3600;
         if (mb_strlen($cp['title']) > 16) {
             $tooltip = ' title="' . $cp['title'] . '"';
             $cp['title'] = mb_substr($cp['title'], 0, 15, 'utf-8') . '&hellip;';
         } else {
             $cp['title'];
             $tooltip = '';
         }
         if (isset($widget_counts[1]) && $widget_counts[1] == 'new' && ($c['timestamp'] < $_SESSION['mn_last_login'] || empty($_SESSION['mn_last_login']))) {
             continue;
         } else {
             $ua_info = get_useragent_info($c['user_agent']);
             $comments_result .= '<tr id="c' . $c['comment_id'] . '"><td class="c_author"><a href="./?p=' . $c['post_id'] . '#c-' . $c['comment_id'] . '">#</a> <strong>' . $c['author_name'] . '</strong><br />&nbsp;<span class="info hide comment_status"><a href="./?p=' . $c['post_id'] . '"' . $tooltip . '>' . $cp['title'] . '</a></span></td><td class="edit"><img src="./stuff/img/icons/information-gray.png" alt="" class="tooltip" title="<strong>' . $lang['uni_date'] . ':</strong> ' . date('d.m.Y H:i', $c['timestamp']) . '<br /><strong>' . $lang['comm_ip_address'] . ':</strong> ' . $c['ip_address'] . '<br /><strong>' . $lang['comm_host'] . ':</strong> ' . $c['host'] . '<br /><strong>' . $lang['comm_user_browser'] . ':</strong> ' . $ua_info['browser'] . '<br /><strong>' . $lang['comm_user_os'] . ':</strong> ' . $ua_info['os'] . '" /><p><a href="./mn-comments.php?action=edit&amp;post=' . $c['post_id'] . '&amp;id=' . $c['comment_id'] . '" class="tooltip" title="' . $lang['uni_edit'] . '"><img src="./stuff/img/icons/edit-gray.png" alt="" /></a></p></td><td class="edit"><a href="./mn-comments.php?action=reply&amp;post=' . $c['post_id'] . '&amp;id=' . $c['comment_id'] . '" class="fancy tooltip" title="' . $lang['comm_reply'] . '"><img src="./stuff/img/icons/reply-gray.png" alt="" /></a><p><a href="./mn-comments.php?a=m&amp;s=0&amp;f=' . $c['post_id'] . '&amp;c=' . $c['comment_id'] . '&amp;t=' . $_SESSION['mn_token'] . '&amp;from=index" class="ajaxcall tooltip" title="' . $lang['uni_delete'] . '"><img src="./stuff/img/icons/cross-gray.png" alt="" /></a></p></td><td><div class="comment-text">' . comment_format($c['comment_text']) . '</div></td></tr>';
         }
     }
Esempio n. 27
0
    function main($id, $mode)
    {
        global $auth, $db, $user, $template, $cache;
        global $config, $phpbb_root_path, $phpEx, $action;
        include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
        $forum_id = request_var('f', 0);
        $start = request_var('start', 0);
        $this->page_title = 'MCP_REPORTS';
        switch ($action) {
            case 'close':
            case 'delete':
                include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
                $report_id_list = request_var('report_id_list', array(0));
                if (!sizeof($report_id_list)) {
                    trigger_error('NO_REPORT_SELECTED');
                }
                close_report($report_id_list, $mode, $action);
                break;
        }
        switch ($mode) {
            case 'report_details':
                $user->add_lang(array('posting', 'viewforum', 'viewtopic'));
                $post_id = request_var('p', 0);
                // closed reports are accessed by report id
                $report_id = request_var('r', 0);
                $sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
					FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
					WHERE ' . ($report_id ? 'r.report_id = ' . $report_id : "r.post_id = {$post_id}") . '
						AND rr.reason_id = r.reason_id
						AND r.user_id = u.user_id
						AND r.pm_id = 0
					ORDER BY report_closed ASC';
                $result = $db->sql_query_limit($sql, 1);
                $report = $db->sql_fetchrow($result);
                $db->sql_freeresult($result);
                if (!$report) {
                    trigger_error('NO_REPORT');
                }
                if (!$report_id && $report['report_closed']) {
                    trigger_error('REPORT_CLOSED');
                }
                $post_id = $report['post_id'];
                $report_id = $report['report_id'];
                $post_info = get_post_data(array($post_id), 'm_report', true);
                if (!sizeof($post_info)) {
                    trigger_error('NO_REPORT_SELECTED');
                }
                $post_info = $post_info[$post_id];
                $reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']);
                if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])])) {
                    $reason['description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])];
                    $reason['title'] = $user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])];
                }
                if (topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) {
                    $template->assign_vars(array('S_TOPIC_REVIEW' => true, 'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'], 'TOPIC_TITLE' => $post_info['topic_title']));
                }
                $topic_tracking_info = $extensions = $attachments = array();
                // Get topic tracking info
                if ($config['load_db_lastread']) {
                    $tmp_topic_data = array($post_info['topic_id'] => $post_info);
                    $topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
                    unset($tmp_topic_data);
                } else {
                    $topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
                }
                $post_unread = isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']] ? true : false;
                // Process message, leave it uncensored
                $message = $post_info['post_text'];
                if ($post_info['bbcode_bitfield']) {
                    include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
                    $bbcode = new bbcode($post_info['bbcode_bitfield']);
                    $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
                }
                $message = bbcode_nl2br($message);
                $message = smiley_text($message);
                if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) {
                    $sql = 'SELECT *
						FROM ' . ATTACHMENTS_TABLE . '
						WHERE post_msg_id = ' . $post_id . '
							AND in_message = 0
						ORDER BY filetime DESC';
                    $result = $db->sql_query($sql);
                    while ($row = $db->sql_fetchrow($result)) {
                        $attachments[] = $row;
                    }
                    $db->sql_freeresult($result);
                    if (sizeof($attachments)) {
                        $update_count = array();
                        parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
                    }
                    // Display not already displayed Attachments for this post, we already parsed them. ;)
                    if (!empty($attachments)) {
                        $template->assign_var('S_HAS_ATTACHMENTS', true);
                        foreach ($attachments as $attachment) {
                            $template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
                        }
                    }
                }
                $template->assign_vars(array('S_MCP_REPORT' => true, 'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => !$post_info['post_approved'], 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_NOTES' => true, 'U_EDIT' => $auth->acl_get('m_edit', $post_info['forum_id']) ? append_sid("{$phpbb_root_path}posting.{$phpEx}", "mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '', 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id), 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&amp;mode=user_notes&amp;u=' . $report['user_id']), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']), 'U_MCP_WARN_REPORTER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&amp;mode=warn_user&amp;u=' . $report['user_id']) : '', 'U_MCP_WARN_USER' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '', 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $post_info['forum_id']), 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&amp;p=' . $post_info['post_id'] . '#p' . $post_info['post_id']), 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), 'MINI_POST_IMG' => $post_unread ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=reports' . ($post_info['post_reported'] ? '&amp;mode=reports' : '&amp;mode=reports_closed') . '&amp;start=' . $start . '&amp;f=' . $post_info['forum_id']) . '">', '</a>'), 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'REPORT_DATE' => $user->format_date($report['report_time']), 'REPORT_ID' => $report_id, 'REPORT_REASON_TITLE' => $reason['title'], 'REPORT_REASON_DESCRIPTION' => $reason['description'], 'REPORT_TEXT' => $report['report_text'], 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']), 'REPORTER_FULL' => get_username_string('full', $report['user_id'], $report['username'], $report['user_colour']), 'REPORTER_COLOUR' => get_username_string('colour', $report['user_id'], $report['username'], $report['user_colour']), 'REPORTER_NAME' => get_username_string('username', $report['user_id'], $report['username'], $report['user_colour']), 'U_VIEW_REPORTER_PROFILE' => get_username_string('profile', $report['user_id'], $report['username'], $report['user_colour']), 'POST_PREVIEW' => $message, 'POST_SUBJECT' => $post_info['post_subject'] ? $post_info['post_subject'] : $user->lang['NO_SUBJECT'], 'POST_DATE' => $user->format_date($post_info['post_time']), 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => $auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '') ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], 'U_LOOKUP_IP' => $auth->acl_get('m_info', $post_info['forum_id']) ? $this->u_action . '&amp;r=' . $report_id . '&amp;p=' . $post_id . '&amp;f=' . $forum_id . '&amp;lookup=' . $post_info['poster_ip'] . '#ip' : ''));
                $this->tpl_name = 'mcp_post';
                break;
            case 'reports':
            case 'reports_closed':
                $topic_id = request_var('t', 0);
                $forum_info = array();
                $forum_list_reports = get_forum_list('m_report', false, true);
                $forum_list_read = array_flip(get_forum_list('f_read', true, true));
                // Flipped so we can isset() the forum IDs
                // Remove forums we cannot read
                foreach ($forum_list_reports as $k => $forum_data) {
                    if (!isset($forum_list_read[$forum_data['forum_id']])) {
                        unset($forum_list_reports[$k]);
                    }
                }
                unset($forum_list_read);
                if ($topic_id) {
                    $topic_info = get_topic_data(array($topic_id));
                    if (!sizeof($topic_info)) {
                        trigger_error('TOPIC_NOT_EXIST');
                    }
                    if ($forum_id != $topic_info[$topic_id]['forum_id']) {
                        $topic_id = 0;
                    } else {
                        $topic_info = $topic_info[$topic_id];
                        $forum_id = (int) $topic_info['forum_id'];
                    }
                }
                $forum_list = array();
                if (!$forum_id) {
                    foreach ($forum_list_reports as $row) {
                        $forum_list[] = $row['forum_id'];
                    }
                    if (!sizeof($forum_list)) {
                        trigger_error('NOT_MODERATOR');
                    }
                    $global_id = $forum_list[0];
                    $sql = 'SELECT SUM(forum_topics) as sum_forum_topics
						FROM ' . FORUMS_TABLE . '
						WHERE ' . $db->sql_in_set('forum_id', $forum_list);
                    $result = $db->sql_query($sql);
                    $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
                    $db->sql_freeresult($result);
                } else {
                    $forum_info = get_forum_data(array($forum_id), 'm_report');
                    if (!sizeof($forum_info)) {
                        trigger_error('NOT_MODERATOR');
                    }
                    $forum_info = $forum_info[$forum_id];
                    $forum_list = array($forum_id);
                    $global_id = $forum_id;
                }
                $forum_list[] = 0;
                $forum_data = array();
                $forum_options = '<option value="0"' . ($forum_id == 0 ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
                foreach ($forum_list_reports as $row) {
                    $forum_options .= '<option value="' . $row['forum_id'] . '"' . ($forum_id == $row['forum_id'] ? ' selected="selected"' : '') . '>' . str_repeat('&nbsp; &nbsp;', $row['padding']) . $row['forum_name'] . '</option>';
                    $forum_data[$row['forum_id']] = $row;
                }
                unset($forum_list_reports);
                $sort_days = $total = 0;
                $sort_key = $sort_dir = '';
                $sort_by_sql = $sort_order_sql = array();
                mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
                $forum_topics = $total == -1 ? $forum_info['forum_topics'] : $total;
                $limit_time_sql = $sort_days ? 'AND r.report_time >= ' . (time() - $sort_days * 86400) : '';
                if ($mode == 'reports') {
                    $report_state = 'AND p.post_reported = 1 AND r.report_closed = 0';
                } else {
                    $report_state = 'AND r.report_closed = 1';
                }
                $sql = 'SELECT r.report_id
					FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . REPORTS_TABLE . ' r ' . ($sort_order_sql[0] == 'u' ? ', ' . USERS_TABLE . ' u' : '') . ($sort_order_sql[0] == 'r' ? ', ' . USERS_TABLE . ' ru' : '') . '
					WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . "\n\t\t\t\t\t\t{$report_state}\n\t\t\t\t\t\tAND r.post_id = p.post_id\n\t\t\t\t\t\t" . ($sort_order_sql[0] == 'u' ? 'AND u.user_id = p.poster_id' : '') . '
						' . ($sort_order_sql[0] == 'r' ? 'AND ru.user_id = r.user_id' : '') . '
						' . ($topic_id ? 'AND p.topic_id = ' . $topic_id : '') . "\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND r.pm_id = 0\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
                $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
                $i = 0;
                $report_ids = array();
                while ($row = $db->sql_fetchrow($result)) {
                    $report_ids[] = $row['report_id'];
                    $row_num[$row['report_id']] = $i++;
                }
                $db->sql_freeresult($result);
                if (sizeof($report_ids)) {
                    $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username, u.username_clean, u.user_colour, r.user_id as reporter_id, ru.username as reporter_name, ru.user_colour as reporter_colour, r.report_time, r.report_id
						FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u, ' . USERS_TABLE . ' ru
						WHERE ' . $db->sql_in_set('r.report_id', $report_ids) . '
							AND t.topic_id = p.topic_id
							AND r.post_id = p.post_id
							AND u.user_id = p.poster_id
							AND ru.user_id = r.user_id
							AND r.pm_id = 0
						ORDER BY ' . $sort_order_sql;
                    $result = $db->sql_query($sql);
                    $report_data = $rowset = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        $global_topic = $row['forum_id'] ? false : true;
                        if ($global_topic) {
                            $row['forum_id'] = $global_id;
                        }
                        $template->assign_block_vars('postrow', array('U_VIEWFORUM' => !$global_topic ? append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']) : '', 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . '#p' . $row['post_id'], 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.{$phpEx}", "i=reports&amp;start={$start}&amp;mode=report_details&amp;f={$row['forum_id']}&amp;r={$row['report_id']}"), 'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'REPORTER_FULL' => get_username_string('full', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'REPORTER_COLOUR' => get_username_string('colour', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'REPORTER' => get_username_string('username', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'U_REPORTER' => get_username_string('profile', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'FORUM_NAME' => !$global_topic ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'POST_ID' => $row['post_id'], 'POST_SUBJECT' => $row['post_subject'] ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'POST_TIME' => $user->format_date($row['post_time']), 'REPORT_ID' => $row['report_id'], 'REPORT_TIME' => $user->format_date($row['report_time']), 'TOPIC_TITLE' => $row['topic_title']));
                    }
                    $db->sql_freeresult($result);
                    unset($report_ids, $row);
                }
                // Now display the page
                $template->assign_vars(array('L_EXPLAIN' => $mode == 'reports' ? $user->lang['MCP_REPORTS_OPEN_EXPLAIN'] : $user->lang['MCP_REPORTS_CLOSED_EXPLAIN'], 'L_TITLE' => $mode == 'reports' ? $user->lang['MCP_REPORTS_OPEN'] : $user->lang['MCP_REPORTS_CLOSED'], 'L_ONLY_TOPIC' => $topic_id ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '', 'S_MCP_ACTION' => $this->u_action, 'S_FORUM_OPTIONS' => $forum_options, 'S_CLOSED' => $mode == 'reports_closed' ? true : false, 'PAGINATION' => generate_pagination($this->u_action . "&amp;f={$forum_id}&amp;t={$topic_id}&amp;st={$sort_days}&amp;sk={$sort_key}&amp;sd={$sort_dir}", $total, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start), 'TOPIC_ID' => $topic_id, 'TOTAL' => $total, 'TOTAL_REPORTS' => $total == 1 ? $user->lang['LIST_REPORT'] : sprintf($user->lang['LIST_REPORTS'], $total)));
                $this->tpl_name = 'mcp_reports';
                break;
        }
    }
 public function block_content($context, array $blocks = array())
 {
     // line 4
     echo "<h4>Tambah Jadwal Mengajar Hari ";
     echo twig_escape_filter($this->env, get_indo_hari(isset($context["hari_id"]) ? $context["hari_id"] : null), "html", null, true);
     echo "</h4>\n";
     // line 5
     echo get_flashdata("add");
     echo "\n\n";
     // line 7
     echo form_open("pengajar/add_ampuan/" . (isset($context["status_id"]) ? $context["status_id"] : null) . "/" . (isset($context["pengajar_id"]) ? $context["pengajar_id"] : null) . "/" . (isset($context["hari_id"]) ? $context["hari_id"] : null));
     echo "\n<input type=\"hidden\" name=\"pengajar_id\" value=\"";
     // line 8
     echo twig_escape_filter($this->env, isset($context["pengajar_id"]) ? $context["pengajar_id"] : null, "html", null, true);
     echo "\">\n<table class=\"table table-striped\">\n    <tbody>\n        <tr>\n            <th width=\"27%\">Kelas <span class=\"text-error\">*</span></th>\n            <td>\n                <select name=\"kelas_id\" style=\"width:auto;\" id=\"kelas_id\">\n                    <option value=\"\">Pilih Kelas</option>\n                    ";
     // line 16
     $context['_parent'] = (array) $context;
     $context['_seq'] = twig_ensure_traversable(isset($context["kelas"]) ? $context["kelas"] : null);
     foreach ($context['_seq'] as $context["_key"] => $context["k"]) {
         // line 17
         echo "                    <option value=\"";
         echo twig_escape_filter($this->env, $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "id"), "html", null, true);
         echo "\" ";
         echo twig_escape_filter($this->env, set_select("kelas_id", $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "id")), "html", null, true);
         echo ">";
         echo twig_escape_filter($this->env, $this->getAttribute(isset($context["k"]) ? $context["k"] : null, "nama"), "html", null, true);
         echo "</option>\n                    ";
     }
     $_parent = $context['_parent'];
     unset($context['_seq'], $context['_iterated'], $context['_key'], $context['k'], $context['_parent'], $context['loop']);
     $context = array_intersect_key($context, $_parent) + $_parent;
     // line 19
     echo "                </select>\n                <br>";
     // line 20
     echo form_error("kelas_id");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Mapel <span class=\"text-error\">*</span></th>\n            <td>\n                <select name=\"mapel_kelas_id\" style=\"width:auto\" id=\"mapel_kelas_id\">\n                    <option value=\"\">Pilih Matapelajaran</option>\n                    ";
     // line 28
     if (!twig_test_empty(get_post_data("kelas_id"))) {
         // line 29
         echo "                        ";
         $context["post_kelas_id"] = get_post_data("kelas_id");
         // line 30
         echo "                        ";
         $context["mapel_kelas"] = get_row_data("mapel_model", "retrieve_all_kelas", array(0 => null, 1 => isset($context["post_kelas_id"]) ? $context["post_kelas_id"] : null));
         // line 31
         echo "                        ";
         $context['_parent'] = (array) $context;
         $context['_seq'] = twig_ensure_traversable(isset($context["mapel_kelas"]) ? $context["mapel_kelas"] : null);
         foreach ($context['_seq'] as $context["_key"] => $context["mk"]) {
             // line 32
             echo "                            ";
             $context["m"] = get_row_data("mapel_model", "retrieve", array(0 => $this->getAttribute(isset($context["mk"]) ? $context["mk"] : null, "mapel_id")));
             // line 33
             echo "                            ";
             if (!twig_test_empty(isset($context["m"]) ? $context["m"] : null)) {
                 // line 34
                 echo "                            <option value=\"";
                 echo twig_escape_filter($this->env, $this->getAttribute(isset($context["mk"]) ? $context["mk"] : null, "id"), "html", null, true);
                 echo "\" ";
                 echo get_post_data("mapel_kelas_id") == $this->getAttribute(isset($context["mk"]) ? $context["mk"] : null, "id") ? "selected" : "";
                 echo ">";
                 echo twig_escape_filter($this->env, $this->getAttribute(isset($context["m"]) ? $context["m"] : null, "nama"), "html", null, true);
                 echo "</option>\n                            ";
             }
             // line 36
             echo "                        ";
         }
         $_parent = $context['_parent'];
         unset($context['_seq'], $context['_iterated'], $context['_key'], $context['mk'], $context['_parent'], $context['loop']);
         $context = array_intersect_key($context, $_parent) + $_parent;
         // line 37
         echo "                    ";
     }
     // line 38
     echo "                </select>\n                <br><span class=\"text-muted\">Pilih kelas terlebih dahulu</span>\n                <br>";
     // line 40
     echo form_error("mapel_kelas_id");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Jam Mulai <span class=\"text-error\">*</span></th>\n            <td>\n                <input type=\"text\" name=\"jam_mulai\" style=\"width:19%\" placeholder=\"hh:mm\" value=\"";
     // line 46
     echo twig_escape_filter($this->env, set_value("jam_mulai"), "html", null, true);
     echo "\">\n                <span class=\"pull-right text-muted\">Contoh : 08:30</span>\n                <br>";
     // line 48
     echo form_error("jam_mulai");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <th>Jam Selesai <span class=\"text-error\">*</span></th>\n            <td>\n                <input type=\"text\" name=\"jam_selesai\" style=\"width:19%\" placeholder=\"hh:mm\" value=\"";
     // line 54
     echo twig_escape_filter($this->env, set_value("jam_selesai"), "html", null, true);
     echo "\">\n                <span class=\"pull-right text-muted\">Contoh : 13:30</span>\n                <br>";
     // line 56
     echo form_error("jam_selesai");
     echo "\n            </td>\n        </tr>\n        <tr>\n            <td colspan=\"2\"><button type=\"submit\" class=\"btn btn-primary\">Simpan</button></td>\n        </tr>\n    </tbody>\n</table>\n";
     // line 64
     echo form_close();
     echo "\n";
 }
Esempio n. 29
0
    function main($id, $mode)
    {
        global $config, $db, $user, $auth, $template, $cache;
        global $phpbb_root_path, $phpEx;
        include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
        // Include the admin banning interface...
        include $phpbb_root_path . 'includes/acp/acp_ban.' . $phpEx;
        $bansubmit = isset($_POST['bansubmit']) ? true : false;
        $unbansubmit = isset($_POST['unbansubmit']) ? true : false;
        $current_time = time();
        $user->add_lang(array('acp/ban', 'acp/users'));
        $this->tpl_name = 'mcp_ban';
        // Ban submitted?
        if ($bansubmit) {
            // Grab the list of entries
            $ban = request_var('ban', '', $mode === 'user' ? true : false);
            if ($mode === 'user') {
                $ban = utf8_normalize_nfc($ban);
            }
            $ban_len = request_var('banlength', 0);
            $ban_len_other = request_var('banlengthother', '');
            $ban_exclude = request_var('banexclude', 0);
            $ban_reason = utf8_normalize_nfc(request_var('banreason', '', true));
            $ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true));
            if ($ban) {
                if (confirm_box(true)) {
                    user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
                    trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">&laquo; ' . $user->lang['BACK_TO_PREV'] . '</a>');
                } else {
                    confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mode' => $mode, 'ban' => $ban, 'bansubmit' => true, 'banlength' => $ban_len, 'banlengthother' => $ban_len_other, 'banexclude' => $ban_exclude, 'banreason' => $ban_reason, 'bangivereason' => $ban_give_reason)));
                }
            }
        } else {
            if ($unbansubmit) {
                $ban = request_var('unban', array(''));
                if ($ban) {
                    if (confirm_box(true)) {
                        user_unban($mode, $ban);
                        trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">&laquo; ' . $user->lang['BACK_TO_PREV'] . '</a>');
                    } else {
                        confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mode' => $mode, 'unbansubmit' => true, 'unban' => $ban)));
                    }
                }
            }
        }
        // Ban length options
        $ban_end_text = array(0 => $user->lang['PERMANENT'], 30 => $user->lang['30_MINS'], 60 => $user->lang['1_HOUR'], 360 => $user->lang['6_HOURS'], 1440 => $user->lang['1_DAY'], 10080 => $user->lang['7_DAYS'], 20160 => $user->lang['2_WEEKS'], 40320 => $user->lang['1_MONTH'], -1 => $user->lang['UNTIL'] . ' -&gt; ');
        $ban_end_options = '';
        foreach ($ban_end_text as $length => $text) {
            $ban_end_options .= '<option value="' . $length . '">' . $text . '</option>';
        }
        // Define language vars
        $this->page_title = $user->lang[strtoupper($mode) . '_BAN'];
        $l_ban_explain = $user->lang[strtoupper($mode) . '_BAN_EXPLAIN'];
        $l_ban_exclude_explain = $user->lang[strtoupper($mode) . '_BAN_EXCLUDE_EXPLAIN'];
        $l_unban_title = $user->lang[strtoupper($mode) . '_UNBAN'];
        $l_unban_explain = $user->lang[strtoupper($mode) . '_UNBAN_EXPLAIN'];
        $l_no_ban_cell = $user->lang[strtoupper($mode) . '_NO_BANNED'];
        switch ($mode) {
            case 'user':
                $l_ban_cell = $user->lang['USERNAME'];
                break;
            case 'ip':
                $l_ban_cell = $user->lang['IP_HOSTNAME'];
                break;
            case 'email':
                $l_ban_cell = $user->lang['EMAIL_ADDRESS'];
                break;
        }
        acp_ban::display_ban_options($mode);
        $template->assign_vars(array('L_TITLE' => $this->page_title, 'L_EXPLAIN' => $l_ban_explain, 'L_UNBAN_TITLE' => $l_unban_title, 'L_UNBAN_EXPLAIN' => $l_unban_explain, 'L_BAN_CELL' => $l_ban_cell, 'L_BAN_EXCLUDE_EXPLAIN' => $l_ban_exclude_explain, 'L_NO_BAN_CELL' => $l_no_ban_cell, 'S_USERNAME_BAN' => $mode == 'user' ? true : false, 'U_ACTION' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&amp;form=mcp_ban&amp;field=ban')));
        if ($mode === 'email' && !$auth->acl_get('a_user')) {
            return;
        }
        // As a "service" we will check if any post id is specified and populate the username of the poster id if given
        $post_id = request_var('p', 0);
        $user_id = request_var('u', 0);
        $username = $pre_fill = false;
        if ($user_id && $user_id != ANONYMOUS) {
            $sql = 'SELECT username, user_email, user_ip
				FROM ' . USERS_TABLE . '
				WHERE user_id = ' . $user_id;
            $result = $db->sql_query($sql);
            switch ($mode) {
                case 'user':
                    $pre_fill = (string) $db->sql_fetchfield('username');
                    break;
                case 'ip':
                    $pre_fill = (string) $db->sql_fetchfield('user_ip');
                    break;
                case 'email':
                    $pre_fill = (string) $db->sql_fetchfield('user_email');
                    break;
            }
            $db->sql_freeresult($result);
        } else {
            if ($post_id) {
                $post_info = get_post_data($post_id, 'm_ban');
                if (sizeof($post_info) && !empty($post_info[$post_id])) {
                    switch ($mode) {
                        case 'user':
                            $pre_fill = $post_info[$post_id]['username'];
                            break;
                        case 'ip':
                            $pre_fill = $post_info[$post_id]['poster_ip'];
                            break;
                        case 'email':
                            $pre_fill = $post_info[$post_id]['user_email'];
                            break;
                    }
                }
            }
        }
        if ($pre_fill) {
            // left for legacy template compatibility
            $template->assign_var('USERNAMES', $pre_fill);
            $template->assign_var('BAN_QUANTIFIER', $pre_fill);
        }
    }
Esempio n. 30
0
	function main($id, $mode)
	{
		global $auth, $db, $user, $template, $cache;
		global $config, $phpbb_root_path, $phpEx, $action;

		include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);

		$forum_id = request_var('f', 0);
		$start = request_var('start', 0);

		$this->page_title = 'MCP_QUEUE';

		switch ($action)
		{
			case 'approve':
			case 'disapprove':
				include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);

				$post_id_list = request_var('post_id_list', array(0));

				if (!sizeof($post_id_list))
				{
					trigger_error('NO_POST_SELECTED');
				}

				if ($action == 'approve')
				{
					approve_post($post_id_list, 'queue', $mode);
				}
				else
				{
					disapprove_post($post_id_list, 'queue', $mode);
				}

			break;
		}

		switch ($mode)
		{
			case 'approve_details':

				$this->tpl_name = 'mcp_post';

				$user->add_lang('posting');

				$post_id = request_var('p', 0);
				$topic_id = request_var('t', 0);

				if ($topic_id)
				{
					$topic_info = get_topic_data(array($topic_id), 'm_approve');
					if (isset($topic_info[$topic_id]['topic_first_post_id']))
					{
						$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
					}
					else
					{
						$topic_id = 0;
					}
				}

				$post_info = get_post_data(array($post_id), 'm_approve', true);

				if (!sizeof($post_info))
				{
					trigger_error('NO_POST_SELECTED');
				}

				$post_info = $post_info[$post_id];

				if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
				{
					$template->assign_vars(array(
						'S_TOPIC_REVIEW'	=> true,
						'TOPIC_TITLE'		=> $post_info['topic_title'])
					);
				}

				$extensions = $attachments = $topic_tracking_info = array();

				// Get topic tracking info
				if ($config['load_db_lastread'])
				{
					$tmp_topic_data = array($post_info['topic_id'] => $post_info);
					$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
					unset($tmp_topic_data);
				}
				else
				{
					$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
				}

				$post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;

				// Process message, leave it uncensored
				$message = $post_info['post_text'];

				if ($post_info['bbcode_bitfield'])
				{
					include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
					$bbcode = new bbcode($post_info['bbcode_bitfield']);
					$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
				}

				$message = bbcode_nl2br($message);
				$message = smiley_text($message);

				if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
				{
					$extensions = $cache->obtain_attach_extensions($post_info['forum_id']);

					$sql = 'SELECT *
						FROM ' . ATTACHMENTS_TABLE . '
						WHERE post_msg_id = ' . $post_id . '
							AND in_message = 0
						ORDER BY filetime DESC, post_msg_id ASC';
					$result = $db->sql_query($sql);

					while ($row = $db->sql_fetchrow($result))
					{
						$attachments[] = $row;
					}
					$db->sql_freeresult($result);

					if (sizeof($attachments))
					{
						$update_count = array();
						parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
					}

					// Display not already displayed Attachments for this post, we already parsed them. ;)
					if (!empty($attachments))
					{
						$template->assign_var('S_HAS_ATTACHMENTS', true);

						foreach ($attachments as $attachment)
						{
							$template->assign_block_vars('attachment', array(
								'DISPLAY_ATTACHMENT'	=> $attachment)
							);
						}
					}
				}

				$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
				$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&amp;t=' . $post_info['topic_id']);

				$template->assign_vars(array(
					'S_MCP_QUEUE'			=> true,
					'U_APPROVE_ACTION'		=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;p=$post_id&amp;f=$forum_id"),
					'S_CAN_VIEWIP'			=> $auth->acl_get('m_info', $post_info['forum_id']),
					'S_POST_REPORTED'		=> $post_info['post_reported'],
					'S_POST_UNAPPROVED'		=> !$post_info['post_approved'],
					'S_POST_LOCKED'			=> $post_info['post_edit_locked'],
					'S_USER_NOTES'			=> true,

					'U_EDIT'				=> ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&amp;f={$post_info['forum_id']}&amp;p={$post_info['post_id']}") : '',
					'U_MCP_APPROVE'			=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
					'U_MCP_REPORT'			=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
					'U_MCP_USER_NOTES'		=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']),
					'U_MCP_WARN_USER'		=> ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '',
					'U_VIEW_POST'			=> $post_url,
					'U_VIEW_TOPIC'			=> $topic_url,

					'MINI_POST_IMG'			=> ($post_unread) ? $user->img('icon_post_target_unread', 'NEW_POST') : $user->img('icon_post_target', 'POST'),

					'RETURN_QUEUE'			=> sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue' . (($topic_id) ? '&amp;mode=unapproved_topics' : '&amp;mode=unapproved_posts')) . "&amp;start=$start\">", '</a>'),
					'RETURN_POST'			=> sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'),
					'RETURN_TOPIC_SIMPLE'	=> sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'),
					'REPORTED_IMG'			=> $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
					'UNAPPROVED_IMG'		=> $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
					'EDIT_IMG'				=> $user->img('icon_post_edit', $user->lang['EDIT_POST']),

					'POST_AUTHOR_FULL'		=> get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
					'POST_AUTHOR_COLOUR'	=> get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
					'POST_AUTHOR'			=> get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
					'U_POST_AUTHOR'			=> get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),

					'POST_PREVIEW'			=> $message,
					'POST_SUBJECT'			=> $post_info['post_subject'],
					'POST_DATE'				=> $user->format_date($post_info['post_time']),
					'POST_IP'				=> $post_info['poster_ip'],
					'POST_IPADDR'			=> ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
					'POST_ID'				=> $post_info['post_id'],

					'U_LOOKUP_IP'			=> ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id . '&amp;lookup=' . $post_info['poster_ip']) . '#ip' : '',
				));

			break;

			case 'unapproved_topics':
			case 'unapproved_posts':
				$user->add_lang(array('viewtopic', 'viewforum'));

				$topic_id = request_var('t', 0);
				$forum_info = array();

				if ($topic_id)
				{
					$topic_info = get_topic_data(array($topic_id));

					if (!sizeof($topic_info))
					{
						trigger_error('TOPIC_NOT_EXIST');
					}

					$topic_info = $topic_info[$topic_id];
					$forum_id = $topic_info['forum_id'];
				}

				$forum_list_approve = get_forum_list('m_approve', false, true);

				if (!$forum_id)
				{
					$forum_list = array();
					foreach ($forum_list_approve as $row)
					{
						$forum_list[] = $row['forum_id'];
					}

					if (!sizeof($forum_list))
					{
						trigger_error('NOT_MODERATOR');
					}

					$global_id = $forum_list[0];

					$forum_list = implode(', ', $forum_list);

					$sql = 'SELECT SUM(forum_topics) as sum_forum_topics
						FROM ' . FORUMS_TABLE . "
						WHERE forum_id IN (0, $forum_list)";
					$result = $db->sql_query($sql);
					$forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
					$db->sql_freeresult($result);
				}
				else
				{
					$forum_info = get_forum_data(array($forum_id), 'm_approve');

					if (!sizeof($forum_info))
					{
						trigger_error('NOT_MODERATOR');
					}

					$forum_info = $forum_info[$forum_id];
					$forum_list = $forum_id;
					$global_id = $forum_id;
				}

				$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
				foreach ($forum_list_approve as $row)
				{
					$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('&nbsp; &nbsp;', $row['padding']) . $row['forum_name'] . '</option>';
				}

				$sort_days = $total = 0;
				$sort_key = $sort_dir = '';
				$sort_by_sql = $sort_order_sql = array();
				mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);

				$forum_topics = ($total == -1) ? $forum_info['forum_topics'] : $total;
				$limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';

				$forum_names = array();

				if ($mode == 'unapproved_posts')
				{
					$sql = 'SELECT p.post_id
						FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . "
						WHERE p.forum_id IN (0, $forum_list)
							AND p.post_approved = 0
							" . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
							' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
							AND t.topic_id = p.topic_id
							AND t.topic_first_post_id <> p.post_id
							$limit_time_sql
						ORDER BY $sort_order_sql";
					$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);

					$i = 0;
					$post_ids = array();
					while ($row = $db->sql_fetchrow($result))
					{
						$post_ids[] = $row['post_id'];
						$row_num[$row['post_id']] = $i++;
					}
					$db->sql_freeresult($result);

					if (sizeof($post_ids))
					{
						$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username, u.username_clean, u.user_colour
							FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
							WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
								AND t.topic_id = p.topic_id
								AND u.user_id = p.poster_id
							ORDER BY ' . $sort_order_sql;
						$result = $db->sql_query($sql);

						$post_data = $rowset = array();
						while ($row = $db->sql_fetchrow($result))
						{
							if ($row['forum_id'])
							{
								$forum_names[] = $row['forum_id'];
							}
							$post_data[$row['post_id']] = $row;
						}
						$db->sql_freeresult($result);

						foreach ($post_ids as $post_id)
						{
							$rowset[] = $post_data[$post_id];
						}
						unset($post_data, $post_ids);
					}
					else
					{
						$rowset = array();
					}
				}
				else
				{
					$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
						FROM ' . TOPICS_TABLE . " t
						WHERE forum_id IN (0, $forum_list)
							AND topic_approved = 0
							$limit_time_sql
						ORDER BY $sort_order_sql";
					$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);

					$rowset = array();
					while ($row = $db->sql_fetchrow($result))
					{
						if ($row['forum_id'])
						{
							$forum_names[] = $row['forum_id'];
						}
						$rowset[] = $row;
					}
					$db->sql_freeresult($result);
				}

				if (sizeof($forum_names))
				{
					// Select the names for the forum_ids
					$sql = 'SELECT forum_id, forum_name
						FROM ' . FORUMS_TABLE . '
						WHERE ' . $db->sql_in_set('forum_id', $forum_names);
					$result = $db->sql_query($sql, 3600);

					$forum_names = array();
					while ($row = $db->sql_fetchrow($result))
					{
						$forum_names[$row['forum_id']] = $row['forum_name'];
					}
					$db->sql_freeresult($result);
				}

				foreach ($rowset as $row)
				{
					$global_topic = ($row['forum_id']) ? false : true;
					if ($global_topic)
					{
						$row['forum_id'] = $global_id;
					}

					if (empty($row['post_username']))
					{
						$row['post_username'] = $user->lang['GUEST'];
					}

					$template->assign_block_vars('postrow', array(
						'U_TOPIC'			=> append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;t=' . $row['topic_id']),
						'U_VIEWFORUM'		=> (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '',
						'U_VIEWPOST'		=> append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
						'U_VIEW_DETAILS'	=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;start=$start&amp;mode=approve_details&amp;f={$row['forum_id']}&amp;p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&amp;t={$row['topic_id']}" : '')),

						'POST_AUTHOR_FULL'		=> get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
						'POST_AUTHOR_COLOUR'	=> get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
						'POST_AUTHOR'			=> get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
						'U_POST_AUTHOR'			=> get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),

						'POST_ID'		=> $row['post_id'],
						'FORUM_NAME'	=> (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'],
						'POST_SUBJECT'	=> $row['post_subject'],
						'TOPIC_TITLE'	=> $row['topic_title'],
						'POST_TIME'		=> $user->format_date($row['post_time']))
					);
				}
				unset($rowset, $forum_names);

				// Now display the page
				$template->assign_vars(array(
					'L_DISPLAY_ITEMS'		=> ($mode == 'unapproved_posts') ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
					'L_EXPLAIN'				=> ($mode == 'unapproved_posts') ? $user->lang['MCP_QUEUE_UNAPPROVED_POSTS_EXPLAIN'] : $user->lang['MCP_QUEUE_UNAPPROVED_TOPICS_EXPLAIN'],
					'L_TITLE'				=> ($mode == 'unapproved_posts') ? $user->lang['MCP_QUEUE_UNAPPROVED_POSTS'] : $user->lang['MCP_QUEUE_UNAPPROVED_TOPICS'],
					'L_ONLY_TOPIC'			=> ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',

					'S_FORUM_OPTIONS'		=> $forum_options,
					'S_MCP_ACTION'			=> build_url(array('t', 'f', 'sd', 'st', 'sk')),
					'S_TOPICS'				=> ($mode == 'unapproved_posts') ? false : true,

					'PAGINATION'			=> generate_pagination($this->u_action . "&amp;f=$forum_id&amp;st=$sort_days&amp;sk=$sort_key&amp;sd=$sort_dir", $total, $config['topics_per_page'], $start),
					'PAGE_NUMBER'			=> on_page($total, $config['topics_per_page'], $start),
					'TOPIC_ID'				=> $topic_id,
					'TOTAL'					=> ($total == 1) ? (($mode == 'unapproved_posts') ? $user->lang['VIEW_TOPIC_POST'] : $user->lang['VIEW_FORUM_TOPIC']) : sprintf((($mode == 'unapproved_posts') ? $user->lang['VIEW_TOPIC_POSTS'] : $user->lang['VIEW_FORUM_TOPICS']), $total),
				));

				$this->tpl_name = 'mcp_queue';
			break;
		}
	}