$id = isset($_POST['eid']) ? COM_sanitizeId($_POST['eid']) : '';
if ($id != '') {
DB_delete($_TABLES['evlist_submissions'], 'id', $id);
DB_delete($_TABLES['evlist_detail'], 'ev_id', $id);
DB_delete($_TABLES['evlist_lookup'], 'eid', $id);
}
echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
exit;
break;
case 'approve':
// Invoke the core moderation approval functions.
// It'd be nice if the MODERATE functions weren't in moderate.php
$id = isset($_POST['eid']) ? COM_sanitizeId($_POST['eid']) : '';
if ($id != '') {
list($key, $table, $fields, $submissiontable) = plugin_moderationvalues_evlist();
DB_copy($table, $fields, $fields, $submissiontable, $key, $id);
plugin_moderationapprove_evlist($id);
}
echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
exit;
break;
case 'view':
$view = $actionval;
break;
case 'importcalendar':
require_once EVLIST_PI_PATH . '/calendar_import.php';
$errors = evlist_import_calendar_events();
if ($errors == -1) {
$content .= COM_showMessageText($LANG_EVLIST['err_cal_notavail'], '', true);
} elseif ($errors > 0) {
$content .= COM_showMessageText(sprintf($LANG_EVLIST['err_cal_import'], $errors), '', true);
/**
* Moderates an item
*
* This will actually perform moderation (approve or delete) one or more items
*
* @param array $mid Array of items
* @param array $action Array of actions to perform on items
* @param string $type Type of items ('story', etc.)
* @param int $count Number of items to moderate
* @return string HTML for "command and control" page
*
*/
function moderation($mid, $action, $type, $count)
{
global $_CONF, $_TABLES;
$retval = '';
switch ($type) {
case 'story':
$id = 'sid';
$table = $_TABLES['stories'];
$submissiontable = $_TABLES['storysubmission'];
$fields = 'sid,uid,tid,title,introtext,date,postmode';
break;
case 'comment':
$id = 'cid';
$submissiontable = $_TABLES['commentsubmissions'];
$sidArray[] = '';
break;
default:
if (strlen($type) <= 0) {
// something is terribly wrong, bail
$retval .= COM_errorLog("Unable to find type of {$type} in moderation() in moderation.php");
return $retval;
}
list($id, $table, $fields, $submissiontable) = PLG_getModerationValues($type);
}
// Set true if an valid action other than delete_all is selected
$formaction = false;
for ($i = 0; $i < $count; $i++) {
if (isset($action[$i]) and $action[$i] != '') {
$formaction = true;
} else {
continue;
}
switch ($action[$i]) {
case 'delete':
if (!empty($type) && $type != 'story' && $type != 'draft') {
// There may be some plugin specific processing that needs to
// happen first.
$retval .= PLG_deleteSubmission($type, $mid[$i]);
}
if (empty($mid[$i])) {
$retval .= COM_errorLog("moderation.php just tried deleting everything in table {$submissiontable} because it got an empty id. Please report this immediately to your site administrator");
return $retval;
}
if ($type == 'draft') {
STORY_deleteStory($mid[$i]);
} else {
DB_delete($submissiontable, "{$id}", $mid[$i]);
}
break;
case 'approve':
if ($type == 'story') {
$result = DB_query("SELECT * FROM {$_TABLES['storysubmission']} WHERE sid = '{$mid[$i]}'");
$A = DB_fetchArray($result);
$A['related'] = addslashes(implode("\n", STORY_extractLinks($A['introtext'])));
$A['owner_id'] = $A['uid'];
$A['title'] = addslashes($A['title']);
$A['introtext'] = addslashes($A['introtext']);
$A['bodytext'] = addslashes($A['bodytext']);
$result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag FROM {$_TABLES['topics']} WHERE tid = '{$A['tid']}'");
$T = DB_fetchArray($result);
if ($T['archive_flag'] == 1) {
$frontpage = 0;
} else {
if (isset($_CONF['frontpage'])) {
$frontpage = $_CONF['frontpage'];
} else {
$frontpage = 1;
}
}
DB_save($_TABLES['stories'], 'sid,uid,tid,title,introtext,bodytext,related,date,show_topic_icon,commentcode,trackbackcode,postmode,frontpage,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$A['sid']}',{$A['uid']},'{$A['tid']}','{$A['title']}','{$A['introtext']}','{$A['bodytext']}','{$A['related']}','{$A['date']}','{$_CONF['show_topic_icon']}','{$_CONF['comment_code']}','{$_CONF['trackback_code']}','{$A['postmode']}',{$frontpage},{$A['owner_id']},{$T['group_id']},{$T['perm_owner']},{$T['perm_group']},{$T['perm_members']},{$T['perm_anon']}");
DB_delete($_TABLES['storysubmission'], "{$id}", $mid[$i]);
PLG_itemSaved($A['sid'], 'article');
COM_rdfUpToDateCheck();
COM_olderStuff();
} else {
if ($type == 'draft') {
DB_query("UPDATE {$_TABLES['stories']} SET draft_flag = 0 WHERE sid = '{$mid[$i]}'");
COM_rdfUpToDateCheck();
COM_olderStuff();
} else {
if ($type == 'comment') {
$sid = CMT_approveModeration($mid[$i]);
if (!in_array($sid, $sidArray)) {
$sidArray[$i] = $sid;
}
} else {
// This is called in case this is a plugin. There may be some
// plugin specific processing that needs to happen.
DB_copy($table, $fields, $fields, $submissiontable, $id, $mid[$i]);
$retval .= PLG_approveSubmission($type, $mid[$i]);
}
}
}
break;
}
}
// after loop update comment tree and count for each story
if (isset($sidArray)) {
foreach ($sidArray as $sid) {
CMT_rebuildTree($sid);
//update comment count of stories;
$comments = DB_count($_TABLES['comments'], 'sid', $sid);
DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $sid);
}
}
//Add new comment users to group comment.submit group
if (isset($_POST['publishfuture'])) {
for ($i = 0; $i < count($_POST['publishfuture']); $i++) {
$uid = COM_applyFilter($_POST['publishfuture'][$i], true);
if ($uid > 1 && !SEC_inGroup('Comment Submitters', $uid)) {
SEC_addUserToGroup($uid, 'Comment Submitters');
}
}
}
// Check if there was no direct action used on the form
// and if the delete_all submit action was used
if (!$formaction and isset($_POST['delitem'])) {
foreach ($_POST['delitem'] as $delitem) {
$delitem = COM_applyFilter($delitem);
if (!empty($type) && $type != 'story' && $type != 'draft') {
// There may be some plugin specific processing that needs to
// happen first.
$retval .= PLG_deleteSubmission($type, $delitem);
}
if ($type == 'draft') {
STORY_deleteStory($delitem);
} else {
DB_delete($submissiontable, "{$id}", $delitem);
}
}
}
$retval .= commandcontrol(SEC_createToken());
return $retval;
}
/**
* Moderates a single item
*
* This will actually perform moderation (approve or delete) one or more items
*
* @param string $action Action to perform ('delete' or 'approve')
* @param string $type Type of item ('user', 'draftstory', 'story', etc.)
* @param string $id ID of item to approve or delete
* @return string HTML for "command and control" page
*
*/
function MODERATE_item($action = '', $type = '', $id = '')
{
global $_CONF, $_TABLES;
$retval = '';
if (empty($action)) {
// null action
$retval .= COM_errorLog("Submissions Error: An attempt was made to moderate an item with a null action.");
return $retval;
}
if (empty($type)) {
// null item type
$retval .= COM_errorLog("Submissions Error: An attempt was made to moderate a null item type.");
return $retval;
}
if (empty($id)) {
// null item type
$retval .= COM_errorLog("Submissions Error: An attempt was made to moderate an item with a null id.");
return $retval;
}
list($key, $table, $fields, $submissiontable) = PLG_getModerationValues($type);
switch ($action) {
case 'delete':
switch ($type) {
case 'user':
// user
if ($id > 1) {
USER_deleteAccount($id);
}
break;
case 'story':
// story (needs to move to a plugin)
DB_delete($submissiontable, "{$key}", $id);
break;
case 'draftstory':
// draft story
STORY_deleteStory($id);
break;
default:
// plugin
$retval .= PLG_deleteSubmission($type, $id);
DB_delete($submissiontable, "{$key}", $id);
break;
}
break;
case 'approve':
switch ($type) {
case 'story':
// story (needs to move to a plugin)
$result = DB_query("SELECT * FROM {$submissiontable} WHERE {$key} = '{$id}'");
$A = DB_fetchArray($result);
$A['related'] = DB_escapeString(implode("\n", STORY_extractLinks($A['introtext'])));
$A['owner_id'] = $A['uid'];
$A['title'] = DB_escapeString($A['title']);
$A['introtext'] = DB_escapeString($A['introtext']);
$A['bodytext'] = DB_escapeString($A['bodytext']);
$result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag FROM {$_TABLES['topics']} WHERE tid = '{$A['tid']}'");
$T = DB_fetchArray($result);
if ($T['archive_flag'] == 1) {
$frontpage = 0;
} else {
if (isset($_CONF['frontpage'])) {
$frontpage = $_CONF['frontpage'];
} else {
$frontpage = 1;
}
}
DB_save($table, 'sid,uid,tid,title,introtext,bodytext,related,date,show_topic_icon,commentcode,trackbackcode,postmode,frontpage,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$A['sid']}',{$A['uid']},'{$A['tid']}','{$A['title']}','{$A['introtext']}','{$A['bodytext']}','{$A['related']}','{$A['date']}','{$_CONF['show_topic_icon']}','{$_CONF['comment_code']}','{$_CONF['trackback_code']}','{$A['postmode']}',{$frontpage},{$A['owner_id']},{$T['group_id']},{$T['perm_owner']},{$T['perm_group']},{$T['perm_members']},{$T['perm_anon']}");
DB_delete($submissiontable, "{$key}", $id);
PLG_itemSaved($A['sid'], 'article');
COM_rdfUpToDateCheck();
COM_olderStuff();
break;
case 'draftstory':
// draft story
DB_query("UPDATE {$table} SET draft_flag = 0 WHERE {$key} = '{$id}'");
COM_rdfUpToDateCheck();
COM_olderStuff();
break;
case 'user':
// user
$result = DB_query("SELECT {$fields} FROM {$table} WHERE {$key} = '{$id}'");
$nrows = DB_numRows($result);
if ($nrows == 1) {
$A = DB_fetchArray($result);
if ($_CONF['registration_type'] == 1) {
$sql = "UPDATE {$table} SET status=" . USER_ACCOUNT_AWAITING_VERIFICATION . " WHERE {$key} = '{$A['uid']}'";
} else {
$sql = "UPDATE {$table} SET status=" . USER_ACCOUNT_AWAITING_ACTIVATION . " WHERE {$key} = '{$A['uid']}'";
}
DB_query($sql);
USER_createAndSendPassword($A['username'], $A['email'], $A['uid']);
}
break;
default:
// plugin
DB_copy($table, $fields, $fields, $submissiontable, $key, $id);
$retval .= PLG_approveSubmission($type, $id);
break;
}
break;
}
// switch ($action)
return $retval;
}