public function action_ban_manage($action, $id)
{
try {
$ban = $this->ban_factory->getById($id);
} catch (\Foolz\Foolslide\Model\BanException $e) {
throw new NotFoundHttpException();
}
if ($this->getPost() && !$this->checkCsrfToken()) {
$this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.'));
} elseif ($this->getPost()) {
switch ($action) {
case 'unban':
$ban->delete();
$this->notices->setFlash('success', _i('The poster with IP %s has been unbanned.', Inet::dtop($ban->ip)));
return $this->redirect('admin/moderation/bans');
break;
case 'reject_appeal':
$ban->appealReject();
$this->notices->setFlash('success', _i('The appeal of the poster with IP %s has been rejected.', Inet::dtop($ban->ip)));
return $this->redirect('admin/moderation/bans');
break;
default:
throw new NotFoundHttpException();
}
}
switch ($action) {
case 'unban':
$this->_views['method_title'] = _i('Unbanning') . ' ' . Inet::dtop($ban->ip);
$data['alert_level'] = 'warning';
$data['message'] = _i('Do you want to unban this user?');
break;
case 'reject_appeal':
$this->_views['method_title'] = _i('Rejecting appeal for') . ' ' . Inet::dtop($ban->ip);
$data['alert_level'] = 'warning';
$data['message'] = _i('Do you want to reject the appeal of this user? He won\'t be able to appeal again.');
break;
default:
throw new NotFoundHttpException();
}
$this->builder->createPartial('body', 'confirm')->getParamManager()->setParams($data);
return new Response($this->builder->build());
}
public function post_mod_actions()
{
if (!$this->checkCsrfToken()) {
return $this->response->setData(['error' => _i('The security token was not found. Please try again.')]);
}
if (!$this->getAuth()->hasAccess('comment.mod_capcode')) {
return $this->response->setData(['error' => _i('Access Denied.')])->setStatusCode(403);
}
if (!$this->check_board()) {
return $this->response->setData(['error' => _i('No board was selected.')])->setStatusCode(422);
}
if ($this->getPost('action') === 'delete_report') {
try {
$this->report_coll->delete($this->getPost('id'));
} catch (\Foolz\Foolslide\Model\ReportException $e) {
return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404);
}
return $this->response->setData(['success' => _i('The report was deleted.')]);
}
if ($this->getPost('action') === 'delete_post') {
try {
$comments = Board::forge($this->getContext())->getPost()->setOptions('doc_id', $this->getPost('id'))->setRadix($this->radix)->getComments();
$comment = current($comments);
$comment = new Comment($this->getContext(), $comment);
$comment->delete();
} catch (\Foolz\Foolslide\Model\BoardException $e) {
return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404);
}
return $this->response->setData(['success' => _i('This post was deleted.')]);
}
if ($this->getPost('action') === 'delete_image') {
try {
$media = $this->media_factory->getByMediaId($this->radix, $this->getPost('id'));
$media = new Media($this->getContext(), CommentBulk::forge($this->radix, null, $media));
$media->delete(true, true, true);
} catch (\Foolz\Foolslide\Model\MediaNotFoundException $e) {
return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404);
}
return $this->response->setData(['success' => _i('This image was deleted.')]);
}
if ($this->getPost('action') === 'ban_image_local' || $this->getPost('action') === 'ban_image_global') {
$global = false;
if ($this->getPost('action') === 'ban_image_global') {
$global = true;
}
try {
$media = $this->media_factory->getByMediaId($this->radix, $this->getPost('id'));
$media = new Media($this->getContext(), CommentBulk::forge($this->radix, null, $media));
$media->ban($global);
} catch (\Foolz\Foolslide\Model\MediaNotFoundException $e) {
return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404);
}
return $this->response->setData(['success' => _i('This image was banned.')]);
}
if ($this->getPost('action') === 'ban_user') {
try {
$this->ban_factory->add(Inet::ptod($this->getPost('ip')), $this->getPost('reason'), $this->getPost('length'), $this->getPost('board_ban') === 'global' ? array() : array($this->radix->id));
} catch (\Foolz\Foolslide\Model\BanException $e) {
return $this->response->setData(['error' => $e->getMessage()])->setStatusCode(404);
}
return $this->response->setData(['success' => _i('This user was banned.')]);
}
}
/**
* Adds a new report to the database
*
* @param \Foolz\Foolslide\Model\Radix $radix The Radix to which the Report is referred to
* @param int $id The ID of the object being reported (doc_id or media_id)
* @param string $reason The reason for the report
* @param string $ip_reporter The IP in decimal format
* @param string $mode The type of column (doc_id or media_id)
*
* @return \Foolz\Foolslide\Model\Report The created report
* @throws ReportMediaNotFoundException If the reported media_id doesn't exist
* @throws ReportCommentNotFoundException If the reported doc_id doesn't exist
* @throws ReportReasonTooLongException If the reason inserted was too long
* @throws ReportSentTooManyException If the user sent too many moderation in a timeframe
* @throws ReportReasonNullException If the report reason is null
* @throws ReportAlreadySubmittedException If the reporter’s IP has already submitted a report for the post.
* @throws ReportSubmitterBannedException If the reporter’s IP has been banned.
*/
public function p_add($radix, $id, $reason, $ip_reporter, $mode = 'doc_id')
{
$new = new Report($this->getContext());
$new->radix = $radix;
$new->board_id = $radix->id;
if ($mode === 'media_id') {
try {
$this->media_factory->getByMediaId($new->radix, $id);
} catch (MediaNotFoundException $e) {
throw new ReportMediaNotFoundException(_i('The media file you are reporting could not be found.'));
}
$new->media_id = (int) $id;
} else {
try {
Board::forge($this->getContext())->getPost()->setRadix($new->radix)->setOptions('doc_id', $id)->getComments();
} catch (BoardException $e) {
throw new ReportCommentNotFoundException(_i('The post you are reporting could not be found.'));
}
$new->doc_id = (int) $id;
}
if (trim($reason) === null) {
throw new ReportReasonNullException(_i('A reason must be included with your report.'));
}
if (mb_strlen($reason, 'utf-8') > 2048) {
throw new ReportReasonTooLongException(_i('The reason for you report was too long.'));
}
$new->reason = $reason;
$new->ip_reporter = $ip_reporter;
// check how many moderation have been sent in the last hour to prevent spam
$row = $this->dc->qb()->select('COUNT(*) as count')->from($this->dc->p('reports'), 'r')->where('created > :time')->andWhere('ip_reporter = :ip_reporter')->setParameter(':time', time() - 86400)->setParameter(':ip_reporter', $new->ip_reporter)->execute()->fetch();
if ($row['count'] > 25) {
throw new ReportSentTooManyException(_i('You have submitted too many reports within an hour.'));
}
$reported = $this->dc->qb()->select('COUNT(*) as count')->from($this->dc->p('reports'), 'r')->where('board_id = :board_id')->andWhere('ip_reporter = :ip_reporter')->andWhere('doc_id = :doc_id')->setParameters([':board_id' => $new->board_id, ':doc_id' => $new->doc_id, ':ip_reporter' => $new->ip_reporter])->execute()->fetch();
if ($reported['count'] > 0) {
throw new ReportSubmitterBannedException(_i('You can only submit one report per post.'));
}
if ($ban = $this->ban_factory->isBanned($new->ip_reporter, $new->radix)) {
if ($ban->board_id == 0) {
$banned_string = _i('It looks like you were banned on all boards.');
} else {
$banned_string = _i('It looks like you were banned on /' . $new->radix->shortname . '/.');
}
if ($ban->length) {
$banned_string .= ' ' . _i('This ban will last until:') . ' ' . date(DATE_COOKIE, $ban->start + $ban->length) . '.';
} else {
$banned_string .= ' ' . _i('This ban will last forever.');
}
if ($ban->reason) {
$banned_string .= ' ' . _i('The reason for this ban is:') . ' «' . $ban->reason . '».';
}
if ($ban->appeal_status == Ban::APPEAL_NONE) {
$banned_string .= ' ' . _i('If you\'d like to appeal to your ban, go to the :appeal page.', '<a href="' . $this->uri->create($new->radix->shortname . '/appeal') . '">' . _i('appeal') . '</a>');
} elseif ($ban->appeal_status == Ban::APPEAL_PENDING) {
$banned_string .= ' ' . _i('Your appeal is pending.');
}
throw new ReportSubmitterBannedException($banned_string);
}
$new->created = time();
$this->dc->getConnection()->insert($this->dc->p('reports'), ['board_id' => $new->board_id, 'doc_id' => $new->doc_id, 'media_id' => $new->media_id, 'reason' => $new->reason, 'ip_reporter' => $new->ip_reporter, 'created' => $new->created]);
$this->clearCache();
return $new;
}
