std_error('perms');
}
$appr = isset($_GET['appr']) ? (int) $_GET['appr'] : 0;
$del = isset($_GET['del']) ? (int) $_GET['del'] : 0;
/* we need to determine wether or not the message exists & if the user has access to approve/delete it */
if ($appr || $del) {
if (!q_singleval('SELECT CASE WHEN ((' . $usr->users_opt . ' & 1048576) = 0) THEN mm.id ELSE 1 END FROM phpgw_fud_msg m INNER JOIN phpgw_fud_thread t ON m.thread_id=t.id LEFT JOIN phpgw_fud_mod mm ON t.forum_id=mm.forum_id AND mm.user_id=' . _uid . ' WHERE m.id=' . ($appr ? $appr : $del))) {
if (db_affected()) {
std_error('perms');
} else {
$del = $appr = 0;
}
}
}
if ($appr) {
fud_msg_edit::approve($appr, true);
} else {
if ($del) {
fud_msg_edit::delete(false, $del);
}
}
ses_update_status($usr->sid, '', 0);
/* for sanity sake, we only select up to POSTS_PER_PAGE messages, simply because otherwise the form will
* become unmanageable.
*/
$r = $query_type("SELECT\n\t\tm.*,\n\t\tt.thread_opt, t.root_msg_id, t.last_post_id, t.forum_id,\n\t\tf.message_threshold, f.name AS frm_name,\n\t\tc.name AS cat_name,\n\t\tu.id AS user_id, u.alias AS login, u.avatar_loc, u.email, u.posted_msg_count, u.join_date, u.location,\n\t\tu.sig, u.custom_status, u.icq, u.jabber, u.affero, u.aim, u.msnm, u.yahoo, u.last_visit AS time_sec, u.users_opt,\n\t\tl.name AS level_name, l.level_opt, l.img AS level_img,\n\t\tp.max_votes, p.expiry_date, p.creation_date, p.name AS poll_name, p.total_votes,\n\t\tpot.id AS cant_vote\n\tFROM\n\t\tphpgw_fud_msg m\n\tINNER JOIN phpgw_fud_thread t ON m.thread_id=t.id\n\tINNER JOIN phpgw_fud_forum f ON t.forum_id=f.id\n\tINNER JOIN phpgw_fud_fc_view v ON v.f=f.id\n\t" . ($usr->users_opt & 1048576 ? '' : ' INNER JOIN phpgw_fud_mod mm ON f.id=mm.forum_id AND mm.user_id=' . _uid . ' ') . "\n\tINNER JOIN phpgw_fud_cat c ON f.cat_id=c.id\n\tLEFT JOIN phpgw_fud_users u ON m.poster_id=u.id\n\tLEFT JOIN phpgw_fud_level l ON u.level_id=l.id\n\tLEFT JOIN phpgw_fud_poll p ON m.poll_id=p.id\n\tLEFT JOIN phpgw_fud_poll_opt_track pot ON pot.poll_id=p.id AND pot.user_id=" . _uid . "\n\tWHERE (f.forum_opt>=2 AND (f.forum_opt & 2) > 0) AND m.apr=0\n\tORDER BY v.id, m.post_stamp DESC LIMIT " . $POSTS_PER_PAGE);
$prev_thread_id = $modque_message = '';
$m_num = 0;
/* quick cheat to give us full access to the messages ;) */
$perms = 2147483647;
$_GET['start'] = 0;
$msg_post->post_stamp = !empty($emsg->headers['date']) ? strtotime($emsg->headers['date']) : 0;
if ($msg_post->post_stamp < 1 || $msg_post->post_stamp > __request_timestamp__) {
mlist_error_log("Invalid Date", $emsg->raw_msg);
if (($p = strpos($emsg->headers['received'], '; ')) !== false) {
$p += 2;
$msg_post->post_stamp = strtotime(substr($emsg->headers['received'], $p, strpos($emsg->headers['received'], '00 ', $p) + 2 - $p));
}
if ($msg_post->post_stamp < 1 || $msg_post->post_stamp > __request_timestamp__) {
$msg_post->post_stamp = __request_timestamp__;
}
}
// try to determine whether this message is a reply or a new thread
list($msg_post->reply_to, $msg_post->thread_id) = get_fud_reply_id($mlist->mlist_opt & 32, $frm->id, $msg_post->subject, $emsg->reply_to_msg_id);
$msg_post->add($frm->id, $frm->message_threshold, 0, 0, false);
// Handle File Attachments
if ($mlist->mlist_opt & 8 && isset($emsg->attachments) && is_array($emsg->attachments)) {
foreach ($emsg->attachments as $key => $val) {
$tmpfname = tempnam($TMP, 'FUDf_');
$fp = fopen($tmpfname, 'wb');
fwrite($fp, $val);
fclose($fp);
$id = attach_add(array('name' => $key, 'size' => strlen($val), 'tmp_name' => $tmpfname), $msg_post->poster_id, 0, 1);
$attach_list[$id] = $id;
}
if (isset($attach_list)) {
attach_finalize($attach_list, $msg_post->id);
}
}
if (!($mlist->mlist_opt & 1)) {
$msg_post->approve($msg_post->id, true);
}
