/** * Remove just a single post. * On completion redirect to the topic or to the board. * Accessed by ?action=deletemsg */ public function action_deletemsg() { global $user_info, $topic, $board, $modSettings; checkSession('get'); // This has some handy functions for topics require_once SUBSDIR . '/Topic.subs.php'; require_once SUBSDIR . '/Messages.subs.php'; $_REQUEST['msg'] = (int) $_REQUEST['msg']; // Is $topic set? if (empty($topic) && isset($_REQUEST['topic'])) { $topic = (int) $_REQUEST['topic']; } $this->removeDeleteConcurrence(); $topic_info = loadMessageDetails(array('t.id_member_started'), array('LEFT JOIN {db_prefix}topics AS t ON (m.id_topic = t.id_topic)'), array('message_list' => $_REQUEST['msg'])); // Verify they can see this! if ($modSettings['postmod_active'] && !$topic_info['approved'] && !empty($topic_info['id_member']) && $topic_info['id_member'] != $user_info['id']) { isAllowedTo('approve_posts'); } if ($topic_info['id_member'] == $user_info['id']) { if (!allowedTo('delete_own')) { if ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('delete_any')) { isAllowedTo('delete_replies'); } elseif (!allowedTo('delete_any')) { isAllowedTo('delete_own'); } } elseif (!allowedTo('delete_any') && ($topic_info['id_member_started'] != $user_info['id'] || !allowedTo('delete_replies')) && !empty($modSettings['edit_disable_time']) && $topic_info['poster_time'] + $modSettings['edit_disable_time'] * 60 < time()) { fatal_lang_error('modify_post_time_passed', false); } } elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('delete_any')) { isAllowedTo('delete_replies'); } else { isAllowedTo('delete_any'); } // If the full topic was removed go back to the board. require_once SUBSDIR . '/Messages.subs.php'; $full_topic = removeMessage($_REQUEST['msg']); if (allowedTo('delete_any') && (!allowedTo('delete_own') || $topic_info['id_member'] != $user_info['id'])) { logAction('delete', array('topic' => $topic, 'subject' => $topic_info['subject'], 'member' => $topic_info['id_member'], 'board' => $board)); } // We want to redirect back to recent action. if (isset($_REQUEST['recent'])) { redirectexit('action=recent'); } elseif (isset($_REQUEST['profile'], $_REQUEST['start'], $_REQUEST['u'])) { redirectexit('action=profile;u=' . $_REQUEST['u'] . ';area=showposts;start=' . $_REQUEST['start']); } elseif ($full_topic) { redirectexit('board=' . $board . '.0'); } else { redirectexit('topic=' . $topic . '.' . $_REQUEST['start']); } }
/** * View all unapproved posts or topics */ public function action_unapproved() { global $txt, $scripturl, $context, $user_info; $context['current_view'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? 'topics' : 'replies'; $context['page_title'] = $txt['mc_unapproved_posts']; $context['header_title'] = $txt['mc_' . ($context['current_view'] == 'topics' ? 'topics' : 'posts')]; // Work out what boards we can work in! $approve_boards = !empty($user_info['mod_cache']['ap']) ? $user_info['mod_cache']['ap'] : boardsAllowedTo('approve_posts'); // If we filtered by board remove ones outside of this board. // @todo Put a message saying we're filtered? if (isset($_REQUEST['brd'])) { $filter_board = array((int) $_REQUEST['brd']); $approve_boards = $approve_boards == array(0) ? $filter_board : array_intersect($approve_boards, $filter_board); } if ($approve_boards == array(0)) { $approve_query = ''; } elseif (!empty($approve_boards)) { $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')'; } else { $approve_query = ' AND 1=0'; } // We also need to know where we can delete topics and/or replies to. if ($context['current_view'] == 'topics') { $delete_own_boards = boardsAllowedTo('remove_own'); $delete_any_boards = boardsAllowedTo('remove_any'); $delete_own_replies = array(); } else { $delete_own_boards = boardsAllowedTo('delete_own'); $delete_any_boards = boardsAllowedTo('delete_any'); $delete_own_replies = boardsAllowedTo('delete_own_replies'); } $toAction = array(); // Check if we have something to do? if (isset($_GET['approve'])) { $toAction[] = (int) $_GET['approve']; } elseif (isset($_GET['delete'])) { $toAction[] = (int) $_GET['delete']; } elseif (isset($_POST['item'])) { foreach ($_POST['item'] as $item) { $toAction[] = (int) $item; } } // What are we actually doing. if (isset($_GET['approve']) || isset($_POST['do']) && $_POST['do'] == 'approve') { $curAction = 'approve'; } elseif (isset($_GET['delete']) || isset($_POST['do']) && $_POST['do'] == 'delete') { $curAction = 'delete'; } // Right, so we have something to do? if (!empty($toAction) && isset($curAction)) { checkSession('request'); require_once SUBSDIR . '/Topic.subs.php'; require_once SUBSDIR . '/Messages.subs.php'; // Handy shortcut. $any_array = $curAction == 'approve' ? $approve_boards : $delete_any_boards; // Now for each message work out whether it's actually a topic, and what board it's on. $request = loadMessageDetails(array('m.id_board', 't.id_topic', 't.id_first_msg', 't.id_member_started'), array('INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)', 'LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)'), array('message_list' => $toAction, 'not_approved' => 0), array('additional_conditions' => ' AND m.approved = {int:not_approved} AND {query_see_board}')); $toAction = array(); $details = array(); foreach ($request as $row) { // If it's not within what our view is ignore it... if ($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics' || $row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies') { continue; } $can_add = false; // If we're approving this is simple. if ($curAction == 'approve' && ($any_array == array(0) || in_array($row['id_board'], $any_array))) { $can_add = true; } elseif ($curAction == 'delete') { // Own post is easy! if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) { $can_add = true; } elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) { $can_add = true; } elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) { $can_add = true; } } if ($can_add) { $anItem = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg']; $toAction[] = $anItem; // All clear. What have we got now, what, what? $details[$anItem] = array(); $details[$anItem]['subject'] = $row['subject']; $details[$anItem]['topic'] = $row['id_topic']; $details[$anItem]['member'] = $context['current_view'] == 'topics' ? $row['id_member_started'] : $row['id_member']; $details[$anItem]['board'] = $row['id_board']; } } // If we have anything left we can actually do the approving (etc). if (!empty($toAction)) { if ($curAction == 'approve') { approveMessages($toAction, $details, $context['current_view']); } else { removeMessages($toAction, $details, $context['current_view']); } cache_put_data('num_menu_errors', null, 900); } } // Get the moderation values for the board level $brd = isset($_REQUEST['brd']) ? (int) $_REQUEST['brd'] : null; require_once SUBSDIR . '/Moderation.subs.php'; $mod_count = loadModeratorMenuCounts($brd); $context['total_unapproved_topics'] = $mod_count['topics']; $context['total_unapproved_posts'] = $mod_count['posts']; $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . (isset($_REQUEST['brd']) ? ';brd=' . (int) $_REQUEST['brd'] : ''), $_GET['start'], $context['current_view'] == 'topics' ? $context['total_unapproved_topics'] : $context['total_unapproved_posts'], 10); $context['start'] = $_GET['start']; // We have enough to make some pretty tabs! $context[$context['moderation_menu_name']]['tab_data'] = array('title' => $txt['mc_unapproved_posts'], 'help' => 'postmod', 'description' => $txt['mc_unapproved_posts_desc']); // Update the tabs with the correct number of actions to account for brd filtering $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] = $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['label'] . ' [' . $context['total_unapproved_posts'] . ']'; $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] = $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['label'] . ' [' . $context['total_unapproved_topics'] . ']'; // If we are filtering some boards out then make sure to send that along with the links. if (isset($_REQUEST['brd'])) { $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['posts']['add_params'] = ';brd=' . (int) $_REQUEST['brd']; $context['menu_data_' . $context['moderation_menu_id']]['sections']['posts']['areas']['postmod']['subsections']['topics']['add_params'] = ';brd=' . (int) $_REQUEST['brd']; } // Get all unapproved posts. $context['unapproved_items'] = getUnapprovedPosts($approve_query, $context['current_view'], array('delete_own_boards' => $delete_own_boards, 'delete_any_boards' => $delete_any_boards, 'delete_own_replies' => $delete_own_replies), $context['start'], 10); foreach ($context['unapproved_items'] as $key => $item) { $context['unapproved_items'][$key]['buttons'] = array('quickmod_check' => array('checkbox' => true, 'name' => 'item', 'value' => $item['id']), 'approve' => array('href' => $scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . ';start=' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';approve=' . $item['id'], 'text' => $txt['approve']), 'unapprove' => array('href' => $scripturl . '?action=moderate;area=postmod;sa=' . $context['current_view'] . ';start=' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';delete=' . $item['id'], 'text' => $txt['remove'], 'test' => 'can_delete')); $context['unapproved_items'][$key]['tests'] = array('can_delete' => $item['can_delete']); } $context['sub_template'] = 'unapproved_posts'; }