//Delete post_reply $userID = buckys_is_logged_in(); $replyID = isset($_GET['replyID']) ? get_secure_integer($_GET['replyID']) : null; $replyData = $forumReplyIns->getReplyByID($replyID); if ($replyData && $replyData['creatorID'] == $userID && $replyData['topicID'] == $topicID) { //then you can delete this one $forumReplyIns->deleteReply($replyID); buckys_redirect("/forum/topic.php?id=" . $topicID, MSG_REPLY_REMOVED_SUCCESSFULLY, MSG_TYPE_SUCCESS); } else { echo MSG_PERMISSION_DENIED; } exit; } else { if (isset($_GET['action']) && $_GET['action'] == 'edit') { //edit post_reply $forumReplyIns = new BuckysForumReply(); $userID = buckys_is_logged_in(); $replyID = isset($_GET['replyID']) ? get_secure_integer($_GET['replyID']) : null; $replyData = $forumReplyIns->getReplyByID($replyID); if ($replyData && $replyData['creatorID'] == $userID && $replyData['topicID'] == $topicID) { //then you can edit this one $view['replyData'] = $replyData; $view['action_type'] = 'edit'; $view['replyID'] = $replyID; } else { //permission error buckys_redirect('/forum', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } } } }
</div> <a href="index.php"><img src="/images/mainLogoTrade.png"></a> </header> <?php break; case 'forum': ?> <header id="main_header"> <div id="rightAlignLinks"> <?php if (buckys_check_user_acl(USER_ACL_ADMINISTRATOR) || BuckysModerator::isModerator($BUCKYS_GLOBALS['user']['userID'], MODERATOR_FOR_FORUM)) { ?> <?php $pendingTopics = BuckysForumTopic::getTotalNumOfTopics('pending'); $pendingReplies = BuckysForumReply::getTotalNumOfReplies(null, 'pending'); ?> <?php if ($pendingTopics > 0) { ?> <a href="/forum/pending_topics.php" class="headerLinksBold">Pending Topics (<?php echo $pendingTopics; ?> )</a> | <?php } ?> <?php if ($pendingReplies > 0) { ?> <a href="/forum/pending_replies.php" class="headerLinksBold">Pending Replies (<?php
$topic = BuckysForumTopic::getTopic($topicID); if (!$topic) { buckys_redirect('/forum'); } $category = BuckysForumCategory::getCategory($topic['categoryID']); //If the topic is not published(pending or suspended), only forum moderator and administrator can see this if ($topic['status'] != 'publish' && !buckys_is_moderator() && $TNB_GLOBALS['user']['userID'] != $topic['creatorID']) { buckys_redirect('/forum'); } $orderBy = isset($_GET['orderby']) ? buckys_escape_query_string($_GET['orderby']) : 'oldest'; //Getting Replies $page = isset($_GET['page']) ? buckys_escape_query_integer($_GET['page']) : 1; $total = BuckysForumReply::getTotalNumOfReplies($topic['topicID'], 'publish'); $pagination = new Pagination($total, BuckysForumReply::$COUNT_PER_PAGE, $page); $page = $pagination->getCurrentPage(); $replies = BuckysForumReply::getReplies($topic['topicID'], 'publish', $page, $orderBy); $hierarchical = BuckysForumCategory::getCategoryHierarchical($topic['categoryID']); //Mark Forum Notifications to read if (buckys_check_user_acl(USER_ACL_REGISTERED)) { BuckysForumNotification::makeNotificationsToRead($TNB_GLOBALS['user']['userID'], null, $topic['topicID']); } if (buckys_check_user_acl(USER_ACL_MODERATOR)) { $reportID = BuckysReport::isReported($topicID, 'topic'); $categories = BuckysForumCategory::getAllCategories(); } buckys_enqueue_javascript('sceditor/jquery.sceditor.bbcode.js'); buckys_enqueue_javascript('uploadify/jquery.uploadify.js'); buckys_enqueue_javascript('highlight.pack.js'); buckys_enqueue_javascript('forum.js'); buckys_enqueue_stylesheet('sceditor/themes/default.css'); buckys_enqueue_stylesheet('obsidian.css');
} else { if ($action == 'delete-reply') { // Delete Pending Topics //Getting Ids $replyIds = isset($_POST['rid']) ? $_POST['rid'] : null; if (!$replyIds) { buckys_redirect('/forum/pending_topcis.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } $result = BuckysForumReply::deletePendingReplies($replyIds); if ($result === true) { buckys_redirect('/forum/pending_replies.php', MSG_REPLY_REMOVED_SUCCESSFULLY); } else { buckys_redirect('/forum/pending_replies.php', $result, MSG_TYPE_ERROR); } } } } //Getting Pending Topics $page = isset($_GET['page']) ? $_GET['page'] : 1; $total = BuckysForumReply::getTotalNumOfReplies(null, 'pending'); $pagination = new Pagination($total, BuckysForumTopic::$COUNT_PER_PAGE, $page); $page = $pagination->getCurrentPage(); $replies = BuckysForumReply::getReplies(null, 'pending', $page); buckys_enqueue_javascript('prettyprint/run_prettify.js'); buckys_enqueue_javascript('jquery-migrate-1.2.0.js'); buckys_enqueue_stylesheet('forum.css'); buckys_enqueue_stylesheet('prettify.css'); $BUCKYS_GLOBALS['headerType'] = 'forum'; $BUCKYS_GLOBALS['content'] = 'forum/pending_replies'; $BUCKYS_GLOBALS['title'] = 'Pending Replies - BuckysRoomForum'; require DIR_FS_TEMPLATE . $BUCKYS_GLOBALS['template'] . "/" . $BUCKYS_GLOBALS['layout'] . ".php";
/** * Delete Objects * * @param Array $ids * @param String $objectType * @param String $modeartorType */ public function deleteObjects($ids, $objectType, $moderatorType) { global $db; if (!is_array($ids)) { $ids = array($ids); } $ids = $db->escapeInput($ids); $query = $db->prepare("SELECT * FROM " . TABLE_REPORTS . " WHERE objectType=%s AND reportID in (" . implode(", ", $ids) . ")", $objectType); $rows = $db->getResultsArray($query); foreach ($rows as $row) { if ($row['objectType'] == 'post') { $post = $db->getRow("SELECT * FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID']); BuckysPost::deletePost($post['poster'], $post['postID']); } else { if ($row['objectType'] == 'comment') { //Getting Data $comment = $db->getRow("SELECT * FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID']); BuckysComment::deleteComment($comment['commenter'], $comment['commentID']); } else { if ($row['objectType'] == 'message') { //Delete Message $db->query("DELETE FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID']); } else { if ($row['objectType'] == 'topic') { //Delete Topic BuckysForumTopic::deleteTopic($row['objectID']); } else { if ($row['objectType'] == 'reply') { //Delete Topic BuckysForumReply::deleteReply($row['objectID']); } } } } } //Delete the row on the report table $db->query("DELETE FROM " . TABLE_REPORTS . " WHERE reportID=" . $row['reportID']); } return; }
/** * @param $userID * @param $categoryID */ public static function blockUser($userID, $categoryID) { global $db; //Getting Users Topics and Replies $query = $db->prepare("SELECT * FROM " . TABLE_FORUM_TOPICS . " WHERE creatorID=%d AND categoryID=%d", $userID, $categoryID); $topics = $db->getResultsArray($query); foreach ($topics as $row) { BuckysForumTopic::deleteTopic($row['topicID']); } $query = $db->prepare("SELECT r.replyID FROM " . TABLE_FORUM_REPLIES . " AS r LEFT JOIN " . TABLE_FORUM_TOPICS . " AS t ON t.topicID=r.topicID WHERE r.creatorID=%d AND t.categoryID=%d", $userID, $categoryID); $replies = $db->getResultsArray($query); foreach ($replies as $row) { BuckysForumReply::deleteReply($row['replyID']); } //Block User $query = $db->prepare("INSERT INTO " . TABLE_FORUM_BLOCKED_USRES . "(userID, categoryID, blockedDate)VALUES(%d, %d, %s)", $userID, $categoryID, date("Y-m-d H:i:s")); $db->query($query); }
break; case 'comment': $tPost = BuckysComment::getPost($row['objectID']); echo '<a href="/posts.php?user='******'poster'] . '&post=' . $tPost['postID'] . '">Comment - ' . $row['objectID'] . '</a>'; break; case 'video_comment': echo '<a href="/videos.php?video=' . BuckysVideo::getVideoIDByCommentID($row['objectID']) . '">Video Comment - ' . $row['objectID'] . '</a>'; break; case 'topic': echo '<a href="/forum/topic.php?id=' . $row['objectID'] . '">Forum Topic - ' . $row['objectID'] . '</a>'; break; case 'message': echo '<a href="/messages_read.php?message=' . $row['objectID'] . '">Message - ' . $row['objectID'] . '</a>'; break; case 'reply': echo '<a href="/forum/topic.php?id=' . BuckysForumReply::getForumID($row['objectID']) . '">Forum Reply - ' . $row['objectID'] . '</a>'; break; case 'trade_item': echo '<a href="/trade/view.php?id=' . $row['objectID'] . '">Trade Item - ' . $row['objectID'] . '</a>'; break; case 'shop_item': echo '<a href="/shop/view.php?id=' . $row['objectID'] . '">Shop Product - ' . $row['objectID'] . '</a>'; break; } ?> </div> <div class="td td-reporter"> <a href="/profile.php?user=<?php echo $row['reporterID']; ?>
/** * Delete Objects * * @param Array $ids */ public static function deleteObjects($ids) { global $db; if (!is_array($ids)) { $ids = [$ids]; } $ids = $db->escapeInput($ids); $query = $db->prepare("SELECT * FROM " . TABLE_REPORTS . " WHERE reportID IN (" . implode(", ", $ids) . ")"); $rows = $db->getResultsArray($query); foreach ($rows as $row) { if ($row['objectType'] == 'post') { $post = $db->getRow("SELECT * FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID']); BuckysPost::deletePost($post['poster'], $post['postID']); } else { if ($row['objectType'] == 'comment') { //Getting Data $comment = $db->getRow("SELECT * FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID']); BuckysComment::deleteComment($comment['commenter'], $comment['commentID']); } else { if ($row['objectType'] == 'video_comment') { //Getting Data $comment = $db->getRow("SELECT * FROM " . TABLE_VIDEO_COMMENTS . " WHERE commentID=" . $row['objectID']); BuckysVideo::deleteVideoComment($comment['commentID']); } else { if ($row['objectType'] == 'message') { //Delete Message $db->query("DELETE FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID']); } else { if ($row['objectType'] == 'topic') { //Delete Topic BuckysForumTopic::deleteTopic($row['objectID']); } else { if ($row['objectType'] == 'reply') { //Delete Topic BuckysForumReply::deleteReply($row['objectID']); } else { if ($row['objectType'] == 'shop_item') { //Delete Shop Product $shopProdIns = new BuckysShopProduct(); $shopProdIns->removeProductByUserID($row['objectID'], $row['reportedID']); } else { if ($row['objectType'] == 'trade_item') { //Delete Trade Item $tradeItemIns = new BuckysTradeItem(); $tradeItemIns->removeItemByUserID($row['objectID'], $row['reportedID']); } } } } } } } } //Delete the row on the report table $db->query("DELETE FROM " . TABLE_REPORTS . " WHERE reportID=" . $row['reportID']); } return; }