/**
  * @param $userID
  * @param $type
  * @return bool
  */
 public static function checkUserDailyLimit($userID, $type)
 {
     global $db;
     $date = date('Y-m-d');
     //Delete Old Data
     $db->query($db->prepare("DELETE FROM " . TABLE_USERS_DAILY_ACTIVITIES . " WHERE userID=%d AND `date` < %s", $userID, $date));
     if (buckys_check_user_acl(USER_ACL_MODERATOR, $userID) || buckys_check_user_acl(USER_ACL_ADMINISTRATOR, $userID)) {
         return true;
     }
     //Get Activities
     $query = $db->prepare("SELECT * FROM " . TABLE_USERS_DAILY_ACTIVITIES . " WHERE userID=%d AND `date` = %s", $userID, $date);
     $row = $db->getRow($query);
     if (!$row) {
         return true;
     }
     switch ($type) {
         case 'posts':
             return $row['posts'] < USER_DAILY_LIMIT_POSTS;
         case 'likes':
             return $row['likes'] < USER_DAILY_LIMIT_LIKES;
         case 'comments':
             return $row['comments'] < USER_DAILY_LIMIT_COMMENTS;
         case 'friendRequests':
             return $row['friendRequests'] < USER_DAILY_LIMIT_FRIEND_REQUESTS;
     }
     return false;
 }
示例#2
0
/**
 * Check that the current user is trade moderator
 */
function buckys_is_trade_moderator()
{
    global $TNB_GLOBALS;
    if (!buckys_check_user_acl(USER_ACL_MODERATOR)) {
        return false;
    }
    if (!BuckysModerator::isModerator($TNB_GLOBALS['user']['userID'])) {
        return false;
    }
    return true;
}
 /**
  * Get Posts Or Post
  *
  * @param integer $userID : Poster
  * @param integer $loggedUserID : viewer
  * @param int $pageID
  * @param boolean $canViewPrivate
  * @param integer $postID
  * @param null $lastDate
  * @param string $postType
  * @return Indexed
  */
 public static function getPostsByUserID($userID, $loggedUserID = null, $pageID = BuckysPost::INDEPENDENT_POST_PAGE_ID, $canViewPrivate = false, $postID = null, $lastDate = null, $postType = 'user')
 {
     global $db;
     $limit = BuckysPost::$post_per_page;
     //Getting Page Parameter
     if (isset($_GET['page']) && buckys_not_null($_GET['page'])) {
         $page = intval($_GET['page']);
     } else {
         $page = 1;
     }
     //Page Limit Query
     $limit_query = ' LIMIT ' . ($page - 1) * $limit . ", " . $limit;
     if (buckys_not_null($loggedUserID)) {
         $query = $db->prepare('SELECT p.*, CONCAT(u.firstName, " ", u.lastName) AS posterFullName, pl.likeID, r.reportID FROM ' . TABLE_POSTS . ' AS p
                             LEFT JOIN ' . TABLE_USERS . ' AS u ON p.poster = u.userID
                             LEFT JOIN ' . TABLE_POSTS_LIKES . ' AS pl ON pl.postID = p.postID AND pl.userID = %d
                             LEFT JOIN ' . TABLE_REPORTS . ' AS r ON r.objectType="post" AND r.objectID=p.postID AND r.reporterID= %d
                             WHERE p.pageID=%d', $loggedUserID, $loggedUserID, $pageID);
         if (!$canViewPrivate) {
             $query .= " AND p.visibility=1 ";
         }
     } else {
         //Get Only Public Posts
         $query = $db->prepare('SELECT p.*, CONCAT(u.firstName, " ", u.lastName) AS posterFullName, 0 AS likedID, 0 AS reportID FROM ' . TABLE_POSTS . ' AS p
                             LEFT JOIN ' . TABLE_USERS . ' AS u ON p.poster = u.userID
                             WHERE p.visibility=1 AND p.pageID=%d', $pageID);
     }
     if (!buckys_check_user_acl(USER_ACL_ADMINISTRATOR, $loggedUserID)) {
         $query .= ' AND p.post_status=1 ';
     }
     //If Post ID is set, get only one post
     if ($postID != null) {
         $query .= $db->prepare(' AND p.postID=%d', $postID);
     }
     if ($lastDate != null) {
         $lastDate = date('Y-m-d H:i:s', strtotime($lastDate));
         $query .= ' AND p.post_date < "' . $lastDate . '"';
     }
     if ($postType == 'user') {
         $query .= $db->prepare(" AND p.poster=%d ", $userID);
     } else {
         if ($postType == 'friends') {
             $query .= $db->prepare(" AND p.profileID=%d ", $userID);
         } else {
             $query .= $db->prepare(" AND (p.poster=%d OR p.profileID=%d)", $userID, $userID);
         }
     }
     $query .= ' ORDER BY p.post_date DESC ' . $limit_query;
     $rows = $db->getResultsArray($query);
     return $rows;
 }
    //For Community Moderator
    if (BuckysModerator::isModerator($userID) && !BuckysBanUser::isBannedUser($profileID)) {
        ?>
            <a href="/profile.php?action=ban-user&userID=<?php 
        echo $profileID;
        ?>
"
                onclick="return confirm('<?php 
        echo MSG_ARE_YOU_SURE_WANT_TO_BAN_THIS_USER;
        ?>
')">Ban User</a>
            <br/>
        <?php 
    }
    //For Administrator
    if (buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
        ?>
            <a href="/banned_users.php?action=deletebyid&userID=<?php 
        echo $profileID;
        ?>
"
                onclick="return confirm('<?php 
        echo MSG_ARE_YOU_SURE_WANT_TO_DELETE_THIS_ACCOUNT;
        ?>
')">Delete Account</a>
            <br/>
        <?php 
    }
}
?>
 /**
  * @return bool
  */
 public static function resetVotes()
 {
     global $db;
     //Check user acl again
     if (!buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
         buckys_add_message(MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
         return false;
     }
     $db->query("DELETE FROM " . TABLE_MODERATOR_CANDIDATES);
     $db->query("DELETE FROM " . TABLE_MODERATOR_VOTES);
     return true;
 }
<?php

require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (!buckys_check_user_acl(USER_ACL_ADMINISTRATOR) && !BuckysModerator::isModerator($TNB_GLOBALS['user']['userID'])) {
    buckys_redirect('/forum', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
//Process Post Actions
if (isset($_POST['action'])) {
    $action = $_POST['action'];
    //Approve Topics
    if ($action == 'approve-topic') {
        //Getting Ids
        $topicIds = isset($_POST['tid']) ? $_POST['tid'] : null;
        if (!$topicIds) {
            buckys_redirect('/forum/pending_topcis.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
        }
        $result = BuckysForumTopic::approvePendingTopics($topicIds);
        if ($result === true) {
            buckys_redirect('/forum/pending_topics.php', MSG_TOPIC_APPROVED_SUCCESSFULLY);
        } else {
            buckys_redirect('/forum/pending_topics.php', $result, MSG_TYPE_ERROR);
        }
    } else {
        if ($action == 'delete-topic') {
            // Delete Pending Topics
            //Getting Ids
            $topicIds = isset($_POST['tid']) ? $_POST['tid'] : null;
            if (!$topicIds) {
                buckys_redirect('/forum/pending_topcis.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
            }
            $result = BuckysForumTopic::deletePendingTopics($topicIds);
示例#7
0
            ?>
            <header id="main_header">
                <div id="rightAlignLinks">      
                    <a href="/trade/additem.php" class="headerLinks">Add Item</a> |
                    <a href="/trade/available.php" class="headerLinks">Control Panel</a>
                </div>
                <a href="index.php"><img src="/images/mainLogoTrade.png"></a>
            </header>
        <?php 
            break;
        case 'forum':
            ?>
            <header id="main_header">
                <div id="rightAlignLinks">                          
                <?php 
            if (buckys_check_user_acl(USER_ACL_ADMINISTRATOR) || BuckysModerator::isModerator($BUCKYS_GLOBALS['user']['userID'], MODERATOR_FOR_FORUM)) {
                ?>
                
                <?php 
                $pendingTopics = BuckysForumTopic::getTotalNumOfTopics('pending');
                $pendingReplies = BuckysForumReply::getTotalNumOfReplies(null, 'pending');
                ?>
                    <?php 
                if ($pendingTopics > 0) {
                    ?>
                    <a href="/forum/pending_topics.php" class="headerLinksBold">Pending Topics (<?php 
                    echo $pendingTopics;
                    ?>
)</a> |
                    <?php 
                }
    if ($_POST['action'] == 'delete_forever') {
        if (!BuckysMessage::deleteMessagesForever($_POST['messageID'])) {
            buckys_redirect('/messages_inbox.php', "Error: " . $db->getLastError(), MSG_TYPE_ERROR);
        } else {
            buckys_redirect('/messages_inbox.php', MSG_MESSAGE_REMOVED, MSG_TYPE_SUCCESS);
        }
        exit;
    }
}
$messageID = buckys_escape_query_integer(isset($_GET['message']) ? $_GET['message'] : null);
if (!$messageID) {
    buckys_redirect('/messages_inbox.php');
}
$message = BuckysMessage::getMessage($messageID);
//If the current user is morderator and this message has been reported
if (!$message && buckys_check_user_acl(USER_ACL_MODERATOR) && BuckysReport::isReported($messageID, 'message')) {
    //Getting Message
    $message = BuckysMessage::getMessageById($messageID);
    $msgType = 'reported';
}
if (!$message) {
    buckys_redirect('/messages_inbox.php');
}
if (!isset($msgType)) {
    //Make Message as read
    BuckysMessage::changeMessageStatus($message['messageID'], 'read');
    //Getting Next Message ID and Prev Message ID
    if ($message['is_trash'] == 1) {
        $msgType = 'trash';
    } else {
        if ($message['receiver'] == $userID) {
<?php

require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
if (!buckys_check_user_acl(USER_ACL_MODERATOR)) {
    buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$classAds = new BuckysAds();
if (isset($_REQUEST['action'])) {
    if (!buckys_check_form_token()) {
        buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
    }
    if ($_REQUEST['action'] == 'reject-ads') {
        $classAds->rejectAds($_REQUEST['adID']);
        buckys_redirect('/manage_ads.php', MSG_AD_ADS_REJECTED);
    } else {
        if ($_REQUEST['action'] == 'approve-ads') {
            $classAds->approveAds($_REQUEST['adID']);
            buckys_redirect('/manage_ads.php', MSG_AD_ADS_APPROVED);
        }
    }
}
$page = isset($_GET['page']) ? $_GET['page'] : 1;
$totalCount = $classAds->getPendingAdsCount();
//Init Pagination Class
$pagination = new Pagination($totalCount, BuckysAds::$COUNT_PER_PAGE, $page);
$page = $pagination->getCurrentPage();
$objects = $classAds->getPendingAds($page, BuckysAds::$COUNT_PER_PAGE);
buckys_enqueue_javascript('manage_ads.js');
buckys_enqueue_stylesheet('account.css');
buckys_enqueue_stylesheet('moderator.css');
示例#10
0
                        <?php 
if (buckys_check_user_acl(USER_ACL_REGISTERED) && !BuckysForumModerator::isBlocked($TNB_GLOBALS['user']['userID'], $topic['categoryID'])) {
    ?>
                            <h2 class="titles left" style="margin-top:6px;">Reply</h2>
                        <?php 
}
?>
                        <?php 
if (count($replies) > 0) {
    echo $pagination->renderPaginate('/forum/topic.php?id=' . $topic['topicID'] . '&orderby=' . $orderBy . '&');
}
?>
                    </td>
                </tr>
                <?php 
if (buckys_check_user_acl(USER_ACL_REGISTERED) && !BuckysForumModerator::isBlocked($TNB_GLOBALS['user']['userID'], $topic['categoryID'])) {
    ?>
                    <tr>
                        <td style="background:#fff;">&nbsp;</td>
                        <td class="icon-column" style="background:#fff;">
                            <a href='/profile.php?user=<?php 
    echo $TNB_GLOBALS['user']['userID'];
    ?>
'> <img
                                    class="profileIcon topic-icon"
                                    src="<?php 
    echo BuckysUser::getProfileIcon(['thumbnail' => $TNB_GLOBALS['user']['thumbnail'], 'userID' => $TNB_GLOBALS['user']['userID']]);
    ?>
"
                                    class="poster-icon"/> </a>
                        </td>
示例#11
0
/**
 * Render report object link
 *
 * @param mixed  $objectID
 * @param string $reportType
 * @param mixed  $ownerID
 * @param mixed  $userID
 * @param bool   $reportID
 * @param string $prefix
 */
function render_report_link($objectID, $reportType = 'post', $ownerID = null, $userID = null, $reportID = false, $prefix = '')
{
    if ($userID) {
        if ($ownerID != $userID && !$reportID) {
            //Show Report Link
            echo $prefix;
            ?>
            <a href="/report_object.php" data-type="<?php 
            echo $reportType;
            ?>
" data-id="<?php 
            echo $objectID;
            ?>
"
                data-idHash="<?php 
            echo buckys_encrypt_id($objectID);
            ?>
" class="report-link">Report</a>
        <?php 
        }
        //Show Moderator Link
        if (buckys_check_user_acl(USER_ACL_MODERATOR) && $reportID) {
            $item_title = '';
            switch ($reportType) {
                case 'post':
                case 'topic':
                case 'reply':
                    $item_title = 'Post';
                    break;
                case 'comment':
                case 'video_comment':
                    $item_title = 'Comment';
                    break;
                case 'message':
                    $item_title = 'Message';
                    break;
                case 'trade_item':
                case 'shop_item':
                    $item_title = 'Item';
                    break;
            }
            ?>
            <?php 
            echo $prefix;
            ?>
            <span class="moderator-action-links">
                <a href="/reported.php?action=delete-objects&reportID=<?php 
            echo $reportID;
            ?>
">Delete <?php 
            echo $item_title;
            ?>
</a>
                &middot;
                <a href="/reported.php?action=approve-objects&reportID=<?php 
            echo $reportID;
            ?>
">Approve <?php 
            echo $item_title;
            ?>
</a>
                &middot;
                <a href="/reported.php?action=ban-users&reportID=<?php 
            echo $reportID;
            ?>
">Ban User</a>                                
            </span>
        <?php 
        }
    }
}
    }
    //Ban User
    BuckysBanUser::banUser($_GET['userID']);
    buckys_redirect('/index.php', MSG_BAN_USER);
    exit;
}
//Getting User ID from Parameter
$profileID = buckys_escape_query_integer(isset($_GET['user']) ? $_GET['user'] : null);
//If the parameter is null, goto homepage
if (!$profileID) {
    buckys_redirect('/index.php');
}
//Getting UserData from Id
$userData = BuckysUser::getUserData($profileID);
//Goto Homepage if the userID is not correct
if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true) && !buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
    buckys_redirect('/index.php');
}
$postType = isset($_GET['type']) ? $_GET['type'] : 'all';
if (!in_array($postType, ['all', 'user', 'friends'])) {
    $postType = 'all';
}
//if logged user can see all resources of the current user
$canViewPrivate = $userID == $profileID || BuckysFriend::isFriend($userID, $profileID) || BuckysFriend::isSentFriendRequest($profileID, $userID);
$friends = BuckysFriend::getAllFriends($profileID, 1, 18, true);
$totalFriendsCount = BuckysFriend::getNumberOfFriends($profileID);
$posts = BuckysPost::getPostsByUserID($profileID, $userID, BuckysPost::INDEPENDENT_POST_PAGE_ID, $canViewPrivate, isset($_GET['post']) ? $_GET['post'] : null, null, $postType);
buckys_enqueue_stylesheet('account.css');
buckys_enqueue_stylesheet('profile.css');
buckys_enqueue_stylesheet('posting.css');
buckys_enqueue_stylesheet('publisher.css');
 /**
  * Ban users
  *
  * @param Array $ids
  * @return int
  */
 public static function banUsers($ids)
 {
     global $db;
     if (!is_array($ids)) {
         $ids = [$ids];
     }
     $query = "SELECT * FROM " . TABLE_REPORTS . " WHERE reportID IN (" . implode(", ", $ids) . ")";
     $rows = $db->getResultsArray($query);
     $bannedUsers = 0;
     $adminUsers = 0;
     foreach ($rows as $row) {
         //Getting User ID
         if ($row['objectType'] == 'post') {
             $query = "SELECT poster FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID'];
         } else {
             if ($row['objectType'] == 'comment') {
                 $query = "SELECT commenter FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID'];
             } else {
                 if ($row['objectType'] == 'video_comment') {
                     $query = "SELECT userID FROM " . TABLE_VIDEO_COMMENTS . " WHERE commentID=" . $row['objectID'];
                 } else {
                     if ($row['objectType'] == 'message') {
                         $query = "SELECT sender FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID'];
                     } else {
                         if ($row['objectType'] == 'topic') {
                             $query = "SELECT creatorID FROM " . TABLE_FORUM_TOPICS . " WHERE topicID=" . $row['objectID'];
                         } else {
                             if ($row['objectType'] == 'reply') {
                                 $query = "SELECT creatorID FROM " . TABLE_FORUM_REPLIES . " WHERE replyID=" . $row['objectID'];
                             }
                         }
                     }
                 }
             }
         }
         $userID = $db->getVar($query);
         if ($userID) {
             if (!buckys_check_user_acl(USER_ACL_MODERATOR, $userID)) {
                 BuckysBanUser::banUser($userID);
                 $bannedUsers++;
             } else {
                 $adminUsers++;
             }
         }
     }
     if ($adminUsers > 0) {
         buckys_add_message(MSG_CAN_NOT_BAN_ADMIN, MSG_TYPE_NOTIFY);
     }
     return $bannedUsers;
 }
示例#14
0
<?php

require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (!buckys_check_user_acl(USER_ACL_REGISTERED)) {
    buckys_redirect('/forum', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
if (isset($_POST['action'])) {
    if ($_POST['action'] == 'create-topic') {
        $result = BuckysForumTopic::createTopic($_POST);
        if ($result == 'publish' || $result == 'pending') {
            buckys_redirect("/forum", MSG_TOPIC_POSTED_SUCCESSFULLY . ($result == 'pending' ? ' ' . MSG_POST_IS_UNDER_PREVIEW : ''), MSG_TYPE_SUCCESS);
        } else {
            buckys_redirect("/forum/create_topic.php", $result, MSG_TYPE_ERROR);
        }
    }
}
$curCatID = isset($_GET['category']) ? $_GET['category'] : 0;
$categories = BuckysForumCategory::getAllCategories();
buckys_enqueue_stylesheet('editor/jquery.cleditor.css');
buckys_enqueue_stylesheet('uploadify.css');
buckys_enqueue_stylesheet('forum.css');
buckys_enqueue_javascript('jquery-migrate-1.2.0.js');
buckys_enqueue_javascript('uploadify/jquery.uploadify.js');
buckys_enqueue_javascript('editor/jquery.cleditor.js');
//buckys_enqueue_javascript('editor/jquery.cleditor.bbcode.js');
$view['action_type'] = 'create';
$BUCKYS_GLOBALS['headerType'] = 'forum';
$BUCKYS_GLOBALS['content'] = 'forum/create_topic';
$BUCKYS_GLOBALS['title'] = 'Create a New Topic - BuckysRoomForum';
require DIR_FS_TEMPLATE . $BUCKYS_GLOBALS['template'] . "/" . $BUCKYS_GLOBALS['layout'] . ".php";
 /**
  * Ban User
  *
  * @param Int $userID
  */
 public static function banUser($userID)
 {
     global $db, $TNB_GLOBALS;
     $cUserID = $TNB_GLOBALS['user']['userID'];
     $bannedID = $db->getVar("SELECT bannedID FROM " . TABLE_BANNED_USERS . " WHERE bannedUserID=" . $userID);
     $userID = intval($userID);
     /*Begin testing banning permissions*/
     if (buckys_check_user_acl(USER_ACL_MODERATOR, $userID)) {
         die("You are not able to ban other Moderators or Administrators.");
     }
     /*End testing banning permissons*/
     if (!$bannedID) {
         //Block User
         $db->query("UPDATE " . TABLE_USERS . " SET status=0 WHERE userID=" . $userID);
         //Block Posts
         $db->query("UPDATE " . TABLE_POSTS . " SET post_status=0 WHERE poster=" . $userID);
         //Block Activities
         $db->query("UPDATE " . TABLE_MAIN_ACTIVITIES . " SET activityStatus=0 WHERE userID=" . $userID);
         //Block Messages
         $db->query("UPDATE " . TABLE_MESSAGES . " SET messageStatus=0 WHERE sender=" . $userID);
         //Fix Comments Count
         $query = $db->prepare("SELECT count(commentID) AS c, postID FROM " . TABLE_POSTS_COMMENTS . " WHERE commenter=%d AND commentStatus=1 GROUP BY postID", $userID);
         $pcRows = $db->getResultsArray($query);
         foreach ($pcRows as $row) {
             $db->query("UPDATE " . TABLE_POSTS . " SET `comments` = `comments` - " . $row['c'] . " WHERE postID=" . $row['postID']);
         }
         //Block Comments
         $db->query("UPDATE " . TABLE_POSTS_COMMENTS . " SET commentStatus=0 WHERE commenter=" . $userID);
         //Fix Likes Count
         $query = $db->prepare("SELECT count(likeID) AS c, postID FROM " . TABLE_POSTS_LIKES . " WHERE userID=%d AND likeStatus=1 GROUP BY postID", $userID);
         $plRows = $db->getResultsArray($query);
         foreach ($plRows as $row) {
             $db->query("UPDATE " . TABLE_POSTS . " SET `likes` = `likes` - " . $row['c'] . " WHERE postID=" . $row['postID']);
         }
         //Block Likes
         $db->query("UPDATE " . TABLE_POSTS_LIKES . " SET likeStatus=0 WHERE userID=" . $userID);
         //Block Votes for Moderator
         $query = $db->prepare("SELECT count(voteID) AS c, candidateID FROM " . TABLE_MODERATOR_VOTES . " WHERE voterID=%d AND voteStatus=1 GROUP BY candidateID", $userID);
         $vRows = $db->getResultsArray($query);
         foreach ($vRows as $row) {
             $db->query("UPDATE " . TABLE_MODERATOR_CANDIDATES . " SET `votes` = `votes` - " . $row['c'] . " WHERE candidateID=" . $row['candidateID']);
         }
         $db->query("UPDATE " . TABLE_MODERATOR_VOTES . " SET voteStatus=0 WHERE voterID=" . $userID);
         //Block Replies
         $query = $db->prepare("SELECT count(r.replyID), r.topicID, t.categoryID FROM " . TABLE_FORUM_REPLIES . " AS r LEFT JOIN " . TABLE_FORUM_TOPICS . " AS t ON t.topicID=r.topicID WHERE r.status='publish' AND r.creatorID=%d GROUP BY r.topicID", $userID);
         $rRows = $db->getResultsArray($query);
         $db->query("UPDATE " . TABLE_FORUM_REPLIES . " SET `status`='suspended' WHERE creatorID=" . $userID . " AND `status`='publish'");
         foreach ($rRows as $row) {
             $db->query("UPDATE " . TABLE_FORUM_TOPICS . " SET `replies` = `replies` - " . $row['c'] . " WHERE topicID=" . $row['topicID']);
             $db->query("UPDATE " . TABLE_FORUM_CATEGORIES . " SET `replies` = `replies` - " . $row['c'] . " WHERE categoryID=" . $row['categoryID']);
             BuckysForumTopic::updateTopicLastReplyID($row['topicID']);
         }
         //Block Topics
         $query = $db->prepare("SELECT count(topicID) AS tc, SUM(replies) AS rc, categoryID FROM " . TABLE_FORUM_TOPICS . " WHERE creatorID=%d AND `status`='publish' GROUP BY categoryID", $userID);
         $tRows = $db->getResultsArray($query);
         $db->query("UPDATE " . TABLE_FORUM_TOPICS . " SET `status`='suspended' WHERE creatorID=" . $userID . " AND `status`='publish'");
         foreach ($tRows as $row) {
             $db->query("UPDATE " . TABLE_FORUM_CATEGORIES . " SET `replies` = `replies` - " . $row['rc'] . ", `topics` = `topics` - " . $row['tc'] . " WHERE categoryID=" . $row['categoryID']);
             BuckysForumCategory::updateCategoryLastTopicID($row['categoryID']);
         }
         //Block Reply Votes
         $query = $db->prepare("SELECT count(voteID) AS c, objectID FROM " . TABLE_FORUM_VOTES . " WHERE voterID=%d AND voteStatus=1 GROUP BY objectID", $userID);
         $vRows = $db->getResultsArray($query);
         foreach ($vRows as $row) {
             $db->query("UPDATE " . TABLE_FORUM_REPLIES . " SET `votes` = `votes` - " . $row['c'] . " WHERE replyID=" . $row['objectID']);
         }
         $db->query("UPDATE " . TABLE_FORUM_VOTES . " SET voteStatus=0 WHERE voterID=" . $userID);
         //Disable Page Section and Trade section
         $tradeItemIns = new BuckysTradeItem();
         $tradeOfferIns = new BuckysTradeOffer();
         $pageIns = new BuckysPage();
         $tradeItemIns->massStatusChange($userID, BuckysTradeItem::STATUS_ITEM_INACTIVE);
         $tradeOfferIns->massStatusChange($userID, BuckysTradeOffer::STATUS_OFFER_INACTIVE);
         $pageIns->massStatusChange($userID, BuckysPage::STATUS_INACTIVE);
         //Disable Shop Products
         $shopProdIns = new BuckysShopProduct();
         $shopProdIns->massStatusChange($userID, BuckysShopProduct::STATUS_INACTIVE);
         //Insert New Row to Ban User Table
         $db->insertFromArray(TABLE_BANNED_USERS, ['userID' => $cUserID, 'bannedUserID' => $userID, 'bannedDate' => date('Y-m-d H:i:s')]);
     }
 }
    ?>
                            <a href="/report_object.php" data-type="message"
                                data-id="<?php 
    echo $message['messageID'];
    ?>
"
                                data-idHash="<?php 
    echo buckys_encrypt_id($message['messageID']);
    ?>
"
                                class="report-link">Report</a>
                        <?php 
}
?>
                        <?php 
if (buckys_check_user_acl(USER_ACL_MODERATOR) && $message['reportID']) {
    ?>
                            <span class="moderator-action-links">
                                <a href="/reported.php?action=approve-objects&reportID=<?php 
    echo $message['reportID'];
    ?>
">Approve Message</a>
                                &middot;
                                <a href="/reported.php?action=delete-objects&reportID=<?php 
    echo $message['reportID'];
    ?>
">Delete Message</a>
                            </span>
                        <?php 
}
?>
示例#17
0
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
//Getting Current User ID
if (!buckys_check_user_acl(USER_ACL_REGISTERED)) {
    buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$userID = buckys_is_logged_in();
$classAds = new BuckysAds();
//Add Funds
if (isset($_POST['action']) && $_POST['action'] == 'add-funds') {
    if (!buckys_check_form_token()) {
        buckys_redirect('/ads/advertiser.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
    }
    $adID = buckys_escape_query_integer($_POST['id']);
    $adDetail = $classAds->getAdById($adID);
    if (!$adDetail || $adDetail['ownerID'] != $userID && buckys_check_user_acl(USER_ACL_MODERATOR)) {
        buckys_redirect('/ads/advertiser.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
    }
    $result = $classAds->addFunds($userID, $adID, $_POST['amount']);
    buckys_add_message($classAds->last_message, $result ? MSG_TYPE_SUCCESS : MSG_TYPE_ERROR);
}
buckys_enqueue_stylesheet('publisher.css');
$adID = buckys_escape_query_integer($_GET['id']);
$adDetail = $classAds->getAdById($adID);
if (!$adDetail || $adDetail['ownerID'] != $userID && buckys_check_user_acl(USER_ACL_MODERATOR)) {
    buckys_redirect('/ads/advertiser.php');
}
$TNB_GLOBALS['headerType'] = "ads";
$TNB_GLOBALS['content'] = "ads/view";
buckys_enqueue_javascript('jquery.number.js');
$TNB_GLOBALS['title'] = "View Ad - thenewboston Ads";
require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
 /**
  * @param $userID
  * @return bool
  */
 public function checkUserDailyFriendRequestsLimits($userID)
 {
     global $db;
     if (buckys_check_user_acl(USER_ACL_MODERATOR) || buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
         return true;
     }
     //Get created posts on today
     $query = $db->prepare("SELECT count(*) FROM " . TABLE_FRIENDS . " WHERE userID=%d AND `status`=0 AND DATE(`created_date`) = %s", $userID, date("Y-m-d"));
     $comments = $db->getVar($query);
     if ($comments > USER_DAILY_LIMIT_COMMENTS) {
         return false;
     }
     return true;
 }
 /**
  * Choose Moderator
  * 
  * @param int $candidateID
  * 
  * @return Error Message or True
  */
 public function chooseModerator($candidateID)
 {
     global $db, $BUCKYS_GLOBALS;
     //Check user acl again
     if (!buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
         return MSG_PERMISSION_DENIED;
     }
     //Check Candidate ID
     $query = $db->prepare("SELECT candidateID, userID, candidateType FROM " . TABLE_MODERATOR_CANDIDATES . " WHERE candidateID=%d", $candidateID);
     $candidate = $db->getRow($query);
     if (!$candidate) {
         return MSG_INVALID_REQUEST;
     }
     //Getting Old Moderator
     $query = $db->prepare("SELECT moderatorID, userID FROM " . TABLE_MODERATOR . " WHERE moderatorType=%d AND moderatorStatus=1", $candidate['candidateType']);
     $oldModerator = $db->getRow($query);
     if ($oldModerator) {
         //Update the status to 0 on the Moderator Table
         $db->query("UPDATE " . TABLE_MODERATOR . " SET moderatorStatus=0 WHERE moderatorID=" . $oldModerator['moderatorID']);
         //Change the user type and acl id on the users table
         $db->update("UPDATE " . TABLE_USERS . " SET user_type='Registered', user_acl_id='" . BuckysUserAcl::getIdFromName('Registered') . "' WHERE userID='" . $oldModerator['userID'] . "' AND user_acl_id='" . BuckysUserAcl::getIdFromName('Moderator') . "'");
     }
     //Create New Moderator
     $mId = $db->insertFromArray(TABLE_MODERATOR, array('moderatorType' => $candidate['candidateType'], 'userID' => $candidate['userID'], 'moderatorStatus' => 1, 'electedDate' => date('Y-m-d H:i:s')));
     //Update user table
     $db->update("UPDATE " . TABLE_USERS . " SET user_type='Moderator', user_acl_id='" . BuckysUserAcl::getIdFromName('Moderator') . "' WHERE userID='" . $candidate['userID'] . "' AND user_acl_id != '" . BuckysUserAcl::getIdFromName('Administrator') . "'");
     //Remove Candidates
     $db->query("DELETE FROM " . TABLE_MODERATOR_CANDIDATES . " WHERE candidateType='" . $candidate['candidateType'] . "'");
     return;
 }