public function post_mod_actions() { if (!$this->checkCsrfToken()) { return $this->response->setData(['error' => _i('The security token was not found. Please try again.')]); } if (!$this->getAuth()->hasAccess('comment.mod_capcode')) { return $this->response->setData(['error' => _i('Access Denied.')])->setStatusCode(403); } if (!$this->check_board()) { return $this->response->setData(['error' => _i('No board was selected.')])->setStatusCode(422); } if ($this->getPost('action') === 'delete_report') { try { $this->report_coll->delete($this->getPost('id')); } catch (\Foolz\Foolslide\Model\ReportException $e) { return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404); } return $this->response->setData(['success' => _i('The report was deleted.')]); } if ($this->getPost('action') === 'delete_post') { try { $comments = Board::forge($this->getContext())->getPost()->setOptions('doc_id', $this->getPost('id'))->setRadix($this->radix)->getComments(); $comment = current($comments); $comment = new Comment($this->getContext(), $comment); $comment->delete(); } catch (\Foolz\Foolslide\Model\BoardException $e) { return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404); } return $this->response->setData(['success' => _i('This post was deleted.')]); } if ($this->getPost('action') === 'delete_image') { try { $media = $this->media_factory->getByMediaId($this->radix, $this->getPost('id')); $media = new Media($this->getContext(), CommentBulk::forge($this->radix, null, $media)); $media->delete(true, true, true); } catch (\Foolz\Foolslide\Model\MediaNotFoundException $e) { return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404); } return $this->response->setData(['success' => _i('This image was deleted.')]); } if ($this->getPost('action') === 'ban_image_local' || $this->getPost('action') === 'ban_image_global') { $global = false; if ($this->getPost('action') === 'ban_image_global') { $global = true; } try { $media = $this->media_factory->getByMediaId($this->radix, $this->getPost('id')); $media = new Media($this->getContext(), CommentBulk::forge($this->radix, null, $media)); $media->ban($global); } catch (\Foolz\Foolslide\Model\MediaNotFoundException $e) { return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404); } return $this->response->setData(['success' => _i('This image was banned.')]); } if ($this->getPost('action') === 'ban_user') { try { $this->ban_factory->add(Inet::ptod($this->getPost('ip')), $this->getPost('reason'), $this->getPost('length'), $this->getPost('board_ban') === 'global' ? array() : array($this->radix->id)); } catch (\Foolz\Foolslide\Model\BanException $e) { return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404); } return $this->response->setData(['success' => _i('This user was banned.')]); } }
/** * Delete the post and eventually the entire thread if it's OP * Also deletes the images when it's the only post with that image * * @param null $password * @param bool $force * @param bool $thread * @throws CommentSendingDatabaseException * @throws CommentDeleteWrongPassException * @return array|bool */ protected function p_delete($password = null, $force = false, $thread = false) { if (!$this->getAuth()->hasAccess('comment.passwordless_deletion') && $force !== true) { if (!password_verify($password, $this->comment->getDelpass())) { throw new CommentDeleteWrongPassException(_i('You did not provide the correct deletion password.')); } } try { $this->dc->getConnection()->beginTransaction(); // check that the post isn't already in deleted $has_deleted = $this->dc->qb()->select('COUNT(*) as found')->from($this->radix->getTable('_deleted'), 'd')->where('doc_id = :doc_id')->setParameter(':doc_id', $this->comment->doc_id)->execute()->fetch(); if (!$has_deleted['found']) { // throw into _deleted table $this->dc->getConnection()->executeUpdate('INSERT INTO ' . $this->radix->getTable('_deleted') . ' ' . $this->dc->qb()->select('*')->from($this->radix->getTable(), 't')->where('doc_id = ' . $this->dc->getConnection()->quote($this->comment->doc_id))->getSQL()); } // delete post $this->dc->qb()->delete($this->radix->getTable())->where('doc_id = :doc_id')->setParameter(':doc_id', $this->comment->doc_id)->execute(); // purge reports $this->dc->qb()->delete($this->dc->p('reports'))->where('board_id = :board_id')->andWhere('doc_id = :doc_id')->setParameter(':board_id', $this->radix->id)->setParameter(':doc_id', $this->comment->doc_id)->execute(); // clear cache $this->radix_coll->clearCache(); // remove image file if (isset($this->media)) { $media_sql = $this->dc->qb()->select('COUNT(*)')->from($this->radix->getTable(), 't')->where('media_id = :media_id')->setParameter(':media_id', $this->media->media_id)->getSQL(); $this->dc->qb()->update($this->radix->getTable('_images'))->set('total', '(' . $media_sql . ')')->where('media_id = :media_id')->setParameter(':media_id', $this->media->media_id)->execute(); $has_image = $this->dc->qb()->select('total')->from($this->radix->getTable('_images'), 'ti')->where('media_id = :media_id')->setParameter(':media_id', $this->media->media_id)->execute()->fetch(); if (!$has_image || !$has_image['total']) { $media = new Media($this->getContext(), $this->bulk); $media->delete(); } } // if this is OP, delete replies too if ($this->comment->op) { // delete thread data $this->dc->qb()->delete($this->radix->getTable('_threads'))->where('thread_num = :thread_num')->setParameter(':thread_num', $this->comment->thread_num)->execute(); // process each comment $comments = $this->dc->qb()->select('doc_id')->from($this->radix->getTable(), 'b')->where('thread_num = :thread_num')->setParameter(':thread_num', $this->comment->thread_num)->execute()->fetchAll(); foreach ($comments as $comment) { $post = Board::forge($this->getContext())->getPost()->setOptions('doc_id', $comment['doc_id'])->setRadix($this->radix)->getComments(); $post = current($post); $post = new Comment($this->getContext(), $post); $post->delete(null, true, true); } } else { // if this is not triggered by a thread deletion, update the thread table if ($thread === false && !$this->radix->archive) { $time_last = ' ( COALESCE(GREATEST( time_op, ( SELECT MAX(timestamp) FROM ' . $this->radix->getTable() . ' xr WHERE thread_num = ' . $this->dc->getConnection()->quote($this->comment->thread_num) . ' AND subnum = 0 ) ), time_op) )'; $time_bump = ' ( COALESCE(GREATEST( time_op, ( SELECT MAX(timestamp) FROM ' . $this->radix->getTable() . ' xr WHERE thread_num = ' . $this->dc->getConnection()->quote($this->comment->thread_num) . ' AND subnum = 0 AND (email <> \'sage\' OR email IS NULL) ) ), time_op) )'; $time_ghost = ' ( SELECT MAX(timestamp) FROM ' . $this->radix->getTable() . ' xr WHERE thread_num = ' . $this->dc->getConnection()->quote($this->comment->thread_num) . ' AND subnum <> 0 )'; $time_ghost_bump = ' ( SELECT MAX(timestamp) FROM ' . $this->radix->getTable() . ' xr WHERE thread_num = ' . $this->dc->getConnection()->quote($this->comment->thread_num) . ' AND subnum <> 0 AND (email <> \'sage\' OR email IS NULL) )'; // update thread information $this->dc->qb()->update($this->radix->getTable('_threads'))->set('time_last', $time_last)->set('time_bump', $time_bump)->set('time_ghost', $time_ghost)->set('time_ghost_bump', $time_ghost_bump)->set('time_last_modified', ':time')->set('nreplies', 'nreplies - 1')->set('nimages', $this->media === null ? 'nimages' : 'nimages - 1')->where('thread_num = :thread_num')->setParameter(':time', $this->getRadixTime())->setParameter(':thread_num', $this->comment->thread_num)->execute(); } } $this->dc->getConnection()->commit(); // clean up some caches Cache::item('foolslide.model.board.getThreadComments.thread.' . md5(serialize([$this->radix->shortname, $this->comment->thread_num])))->delete(); // clean up the 10 first pages of index and gallery that are cached for ($i = 1; $i <= 10; $i++) { Cache::item('foolslide.model.board.getLatestComments.query.' . $this->radix->shortname . '.by_post.' . $i)->delete(); Cache::item('foolslide.model.board.getLatestComments.query.' . $this->radix->shortname . '.by_thread.' . $i)->delete(); Cache::item('foolslide.model.board.getThreadsComments.query.' . $this->radix->shortname . '.' . $i)->delete(); } } catch (\Doctrine\DBAL\DBALException $e) { $this->logger->error('\\Foolz\\Foolslide\\Model\\CommentInsert: ' . $e->getMessage()); $this->dc->getConnection()->rollBack(); throw new CommentSendingDatabaseException(_i('Something went wrong when deleting the post in the database. Try again.')); } return $this; }