MessageIndex.php 50 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198
  1. <?php
  2. /**
  3. * This file is what shows the listing of topics in a board.
  4. * It's just one or two functions, but don't under estimate it ;).
  5. *
  6. * Simple Machines Forum (SMF)
  7. *
  8. * @package SMF
  9. * @author Simple Machines http://www.simplemachines.org
  10. * @copyright 2012 Simple Machines
  11. * @license http://www.simplemachines.org/about/smf/license.php BSD
  12. *
  13. * @version 2.1 Alpha 1
  14. */
  15. if (!defined('SMF'))
  16. die('Hacking attempt...');
  17. /**
  18. * Show the list of topics in this board, along with any child boards.
  19. */
  20. function MessageIndex()
  21. {
  22. global $txt, $scripturl, $board, $modSettings, $context;
  23. global $options, $settings, $board_info, $user_info, $smcFunc, $sourcedir;
  24. // If this is a redirection board head off.
  25. if ($board_info['redirect'])
  26. {
  27. $smcFunc['db_query']('', '
  28. UPDATE {db_prefix}boards
  29. SET num_posts = num_posts + 1
  30. WHERE id_board = {int:current_board}',
  31. array(
  32. 'current_board' => $board,
  33. )
  34. );
  35. redirectexit($board_info['redirect']);
  36. }
  37. if (WIRELESS)
  38. $context['sub_template'] = WIRELESS_PROTOCOL . '_messageindex';
  39. else
  40. loadTemplate('MessageIndex');
  41. $context['name'] = $board_info['name'];
  42. $context['description'] = $board_info['description'];
  43. // How many topics do we have in total?
  44. $board_info['total_topics'] = allowedTo('approve_posts') ? $board_info['num_topics'] + $board_info['unapproved_topics'] : $board_info['num_topics'] + $board_info['unapproved_user_topics'];
  45. // View all the topics, or just a few?
  46. $context['topics_per_page'] = empty($modSettings['disableCustomPerPage']) && !empty($options['topics_per_page']) && !WIRELESS ? $options['topics_per_page'] : $modSettings['defaultMaxTopics'];
  47. $context['messages_per_page'] = empty($modSettings['disableCustomPerPage']) && !empty($options['messages_per_page']) && !WIRELESS ? $options['messages_per_page'] : $modSettings['defaultMaxMessages'];
  48. $maxindex = isset($_REQUEST['all']) && !empty($modSettings['enableAllMessages']) ? $board_info['total_topics'] : $context['topics_per_page'];
  49. // Right, let's only index normal stuff!
  50. if (count($_GET) > 1)
  51. {
  52. $session_name = session_name();
  53. foreach ($_GET as $k => $v)
  54. {
  55. if (!in_array($k, array('board', 'start', $session_name)))
  56. $context['robot_no_index'] = true;
  57. }
  58. }
  59. if (!empty($_REQUEST['start']) && (!is_numeric($_REQUEST['start']) || $_REQUEST['start'] % $context['messages_per_page'] != 0))
  60. $context['robot_no_index'] = true;
  61. // If we can view unapproved messages and there are some build up a list.
  62. if (allowedTo('approve_posts') && ($board_info['unapproved_topics'] || $board_info['unapproved_posts']))
  63. {
  64. $untopics = $board_info['unapproved_topics'] ? '<a href="' . $scripturl . '?action=moderate;area=postmod;sa=topics;brd=' . $board . '">' . $board_info['unapproved_topics'] . '</a>' : 0;
  65. $unposts = $board_info['unapproved_posts'] ? '<a href="' . $scripturl . '?action=moderate;area=postmod;sa=posts;brd=' . $board . '">' . ($board_info['unapproved_posts'] - $board_info['unapproved_topics']) . '</a>' : 0;
  66. $context['unapproved_posts_message'] = sprintf($txt['there_are_unapproved_topics'], $untopics, $unposts, $scripturl . '?action=moderate;area=postmod;sa=' . ($board_info['unapproved_topics'] ? 'topics' : 'posts') . ';brd=' . $board);
  67. }
  68. // Make sure the starting place makes sense and construct the page index.
  69. if (isset($_REQUEST['sort']))
  70. $context['page_index'] = constructPageIndex($scripturl . '?board=' . $board . '.%1$d;sort=' . $_REQUEST['sort'] . (isset($_REQUEST['desc']) ? ';desc' : ''), $_REQUEST['start'], $board_info['total_topics'], $maxindex, true);
  71. else
  72. $context['page_index'] = constructPageIndex($scripturl . '?board=' . $board . '.%1$d', $_REQUEST['start'], $board_info['total_topics'], $maxindex, true);
  73. $context['start'] = &$_REQUEST['start'];
  74. // Set a canonical URL for this page.
  75. $context['canonical_url'] = $scripturl . '?board=' . $board . '.' . $context['start'];
  76. $context['links'] = array(
  77. 'first' => $_REQUEST['start'] >= $context['topics_per_page'] ? $scripturl . '?board=' . $board . '.0' : '',
  78. 'prev' => $_REQUEST['start'] >= $context['topics_per_page'] ? $scripturl . '?board=' . $board . '.' . ($_REQUEST['start'] - $context['topics_per_page']) : '',
  79. 'next' => $_REQUEST['start'] + $context['topics_per_page'] < $board_info['total_topics'] ? $scripturl . '?board=' . $board . '.' . ($_REQUEST['start'] + $context['topics_per_page']) : '',
  80. 'last' => $_REQUEST['start'] + $context['topics_per_page'] < $board_info['total_topics'] ? $scripturl . '?board=' . $board . '.' . (floor(($board_info['total_topics'] - 1) / $context['topics_per_page']) * $context['topics_per_page']) : '',
  81. 'up' => $board_info['parent'] == 0 ? $scripturl . '?' : $scripturl . '?board=' . $board_info['parent'] . '.0'
  82. );
  83. $context['page_info'] = array(
  84. 'current_page' => $_REQUEST['start'] / $context['topics_per_page'] + 1,
  85. 'num_pages' => floor(($board_info['total_topics'] - 1) / $context['topics_per_page']) + 1
  86. );
  87. if (isset($_REQUEST['all']) && !empty($modSettings['enableAllMessages']) && $maxindex > $modSettings['enableAllMessages'])
  88. {
  89. $maxindex = $modSettings['enableAllMessages'];
  90. $_REQUEST['start'] = 0;
  91. }
  92. // Build a list of the board's moderators.
  93. $context['moderators'] = &$board_info['moderators'];
  94. $context['link_moderators'] = array();
  95. if (!empty($board_info['moderators']))
  96. {
  97. foreach ($board_info['moderators'] as $mod)
  98. $context['link_moderators'][] ='<a href="' . $scripturl . '?action=profile;u=' . $mod['id'] . '" title="' . $txt['board_moderator'] . '">' . $mod['name'] . '</a>';
  99. $context['linktree'][count($context['linktree']) - 1]['extra_after'] = '<span class="board_moderators"> (' . (count($context['link_moderators']) == 1 ? $txt['moderator'] : $txt['moderators']) . ': ' . implode(', ', $context['link_moderators']) . ')</span>';
  100. }
  101. // Mark current and parent boards as seen.
  102. if (!$user_info['is_guest'])
  103. {
  104. // We can't know they read it if we allow prefetches.
  105. if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
  106. {
  107. ob_end_clean();
  108. header('HTTP/1.1 403 Prefetch Forbidden');
  109. die;
  110. }
  111. $smcFunc['db_insert']('replace',
  112. '{db_prefix}log_boards',
  113. array('id_msg' => 'int', 'id_member' => 'int', 'id_board' => 'int'),
  114. array($modSettings['maxMsgID'], $user_info['id'], $board),
  115. array('id_member', 'id_board')
  116. );
  117. if (!empty($board_info['parent_boards']))
  118. {
  119. $smcFunc['db_query']('', '
  120. UPDATE {db_prefix}log_boards
  121. SET id_msg = {int:id_msg}
  122. WHERE id_member = {int:current_member}
  123. AND id_board IN ({array_int:board_list})',
  124. array(
  125. 'current_member' => $user_info['id'],
  126. 'board_list' => array_keys($board_info['parent_boards']),
  127. 'id_msg' => $modSettings['maxMsgID'],
  128. )
  129. );
  130. // We've seen all these boards now!
  131. foreach ($board_info['parent_boards'] as $k => $dummy)
  132. if (isset($_SESSION['topicseen_cache'][$k]))
  133. unset($_SESSION['topicseen_cache'][$k]);
  134. }
  135. if (isset($_SESSION['topicseen_cache'][$board]))
  136. unset($_SESSION['topicseen_cache'][$board]);
  137. $request = $smcFunc['db_query']('', '
  138. SELECT sent
  139. FROM {db_prefix}log_notify
  140. WHERE id_board = {int:current_board}
  141. AND id_member = {int:current_member}
  142. LIMIT 1',
  143. array(
  144. 'current_board' => $board,
  145. 'current_member' => $user_info['id'],
  146. )
  147. );
  148. $context['is_marked_notify'] = $smcFunc['db_num_rows']($request) != 0;
  149. if ($context['is_marked_notify'])
  150. {
  151. list ($sent) = $smcFunc['db_fetch_row']($request);
  152. if (!empty($sent))
  153. {
  154. $smcFunc['db_query']('', '
  155. UPDATE {db_prefix}log_notify
  156. SET sent = {int:is_sent}
  157. WHERE id_board = {int:current_board}
  158. AND id_member = {int:current_member}',
  159. array(
  160. 'current_board' => $board,
  161. 'current_member' => $user_info['id'],
  162. 'is_sent' => 0,
  163. )
  164. );
  165. }
  166. }
  167. $smcFunc['db_free_result']($request);
  168. }
  169. else
  170. $context['is_marked_notify'] = false;
  171. // 'Print' the header and board info.
  172. $context['page_title'] = strip_tags($board_info['name']);
  173. // Set the variables up for the template.
  174. $context['can_mark_notify'] = allowedTo('mark_notify') && !$user_info['is_guest'];
  175. $context['can_post_new'] = allowedTo('post_new') || ($modSettings['postmod_active'] && allowedTo('post_unapproved_topics'));
  176. $context['can_post_poll'] = $modSettings['pollMode'] == '1' && allowedTo('poll_post') && $context['can_post_new'];
  177. $context['can_moderate_forum'] = allowedTo('moderate_forum');
  178. $context['can_approve_posts'] = allowedTo('approve_posts');
  179. require_once($sourcedir . '/Subs-BoardIndex.php');
  180. $boardIndexOptions = array(
  181. 'include_categories' => false,
  182. 'base_level' => $board_info['child_level'] + 1,
  183. 'parent_id' => $board_info['id'],
  184. 'set_latest_post' => false,
  185. 'countChildPosts' => !empty($modSettings['countChildPosts']),
  186. );
  187. $context['boards'] = getBoardIndex($boardIndexOptions);
  188. // Nosey, nosey - who's viewing this topic?
  189. if (!empty($settings['display_who_viewing']))
  190. {
  191. $context['view_members'] = array();
  192. $context['view_members_list'] = array();
  193. $context['view_num_hidden'] = 0;
  194. $request = $smcFunc['db_query']('', '
  195. SELECT
  196. lo.id_member, lo.log_time, mem.real_name, mem.member_name, mem.show_online,
  197. mg.online_color, mg.id_group, mg.group_name
  198. FROM {db_prefix}log_online AS lo
  199. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lo.id_member)
  200. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = CASE WHEN mem.id_group = {int:reg_member_group} THEN mem.id_post_group ELSE mem.id_group END)
  201. WHERE INSTR(lo.url, {string:in_url_string}) > 0 OR lo.session = {string:session}',
  202. array(
  203. 'reg_member_group' => 0,
  204. 'in_url_string' => 's:5:"board";i:' . $board . ';',
  205. 'session' => $user_info['is_guest'] ? 'ip' . $user_info['ip'] : session_id(),
  206. )
  207. );
  208. while ($row = $smcFunc['db_fetch_assoc']($request))
  209. {
  210. if (empty($row['id_member']))
  211. continue;
  212. if (!empty($row['online_color']))
  213. $link = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '" style="color: ' . $row['online_color'] . ';">' . $row['real_name'] . '</a>';
  214. else
  215. $link = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  216. $is_buddy = in_array($row['id_member'], $user_info['buddies']);
  217. if ($is_buddy)
  218. $link = '<strong>' . $link . '</strong>';
  219. if (!empty($row['show_online']) || allowedTo('moderate_forum'))
  220. $context['view_members_list'][$row['log_time'] . $row['member_name']] = empty($row['show_online']) ? '<em>' . $link . '</em>' : $link;
  221. $context['view_members'][$row['log_time'] . $row['member_name']] = array(
  222. 'id' => $row['id_member'],
  223. 'username' => $row['member_name'],
  224. 'name' => $row['real_name'],
  225. 'group' => $row['id_group'],
  226. 'href' => $scripturl . '?action=profile;u=' . $row['id_member'],
  227. 'link' => $link,
  228. 'is_buddy' => $is_buddy,
  229. 'hidden' => empty($row['show_online']),
  230. );
  231. if (empty($row['show_online']))
  232. $context['view_num_hidden']++;
  233. }
  234. $context['view_num_guests'] = $smcFunc['db_num_rows']($request) - count($context['view_members']);
  235. $smcFunc['db_free_result']($request);
  236. // Put them in "last clicked" order.
  237. krsort($context['view_members_list']);
  238. krsort($context['view_members']);
  239. }
  240. // Default sort methods.
  241. $sort_methods = array(
  242. 'subject' => 'mf.subject',
  243. 'starter' => 'IFNULL(memf.real_name, mf.poster_name)',
  244. 'last_poster' => 'IFNULL(meml.real_name, ml.poster_name)',
  245. 'replies' => 't.num_replies',
  246. 'views' => 't.num_views',
  247. 'first_post' => 't.id_topic',
  248. 'last_post' => 't.id_last_msg'
  249. );
  250. // They didn't pick one, default to by last post descending.
  251. if (!isset($_REQUEST['sort']) || !isset($sort_methods[$_REQUEST['sort']]))
  252. {
  253. $context['sort_by'] = 'last_post';
  254. $_REQUEST['sort'] = 'id_last_msg';
  255. $ascending = isset($_REQUEST['asc']);
  256. }
  257. // Otherwise default to ascending.
  258. else
  259. {
  260. $context['sort_by'] = $_REQUEST['sort'];
  261. $_REQUEST['sort'] = $sort_methods[$_REQUEST['sort']];
  262. $ascending = !isset($_REQUEST['desc']);
  263. }
  264. $context['sort_direction'] = $ascending ? 'up' : 'down';
  265. // Calculate the fastest way to get the topics.
  266. $start = (int) $_REQUEST['start'];
  267. if ($start > ($board_info['total_topics'] - 1) / 2)
  268. {
  269. $ascending = !$ascending;
  270. $fake_ascending = true;
  271. $maxindex = $board_info['total_topics'] < $start + $maxindex + 1 ? $board_info['total_topics'] - $start : $maxindex;
  272. $start = $board_info['total_topics'] < $start + $maxindex + 1 ? 0 : $board_info['total_topics'] - $start - $maxindex;
  273. }
  274. else
  275. $fake_ascending = false;
  276. // Setup the default topic icons...
  277. $stable_icons = array('xx', 'thumbup', 'thumbdown', 'exclamation', 'question', 'lamp', 'smiley', 'angry', 'cheesy', 'grin', 'sad', 'wink', 'poll', 'moved', 'recycled', 'wireless', 'clip');
  278. $context['icon_sources'] = array();
  279. foreach ($stable_icons as $icon)
  280. $context['icon_sources'][$icon] = 'images_url';
  281. $topic_ids = array();
  282. $context['topics'] = array();
  283. // Sequential pages are often not optimized, so we add an additional query.
  284. $pre_query = $start > 0;
  285. if ($pre_query && $maxindex > 0)
  286. {
  287. $request = $smcFunc['db_query']('', '
  288. SELECT t.id_topic
  289. FROM {db_prefix}topics AS t' . ($context['sort_by'] === 'last_poster' ? '
  290. INNER JOIN {db_prefix}messages AS ml ON (ml.id_msg = t.id_last_msg)' : (in_array($context['sort_by'], array('starter', 'subject')) ? '
  291. INNER JOIN {db_prefix}messages AS mf ON (mf.id_msg = t.id_first_msg)' : '')) . ($context['sort_by'] === 'starter' ? '
  292. LEFT JOIN {db_prefix}members AS memf ON (memf.id_member = mf.id_member)' : '') . ($context['sort_by'] === 'last_poster' ? '
  293. LEFT JOIN {db_prefix}members AS meml ON (meml.id_member = ml.id_member)' : '') . '
  294. WHERE t.id_board = {int:current_board}' . (!$modSettings['postmod_active'] || $context['can_approve_posts'] ? '' : '
  295. AND (t.approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR t.id_member_started = {int:current_member}') . ')') . '
  296. ORDER BY ' . (!empty($modSettings['enableStickyTopics']) ? 'is_sticky' . ($fake_ascending ? '' : ' DESC') . ', ' : '') . $_REQUEST['sort'] . ($ascending ? '' : ' DESC') . '
  297. LIMIT {int:start}, {int:maxindex}',
  298. array(
  299. 'current_board' => $board,
  300. 'current_member' => $user_info['id'],
  301. 'is_approved' => 1,
  302. 'id_member_guest' => 0,
  303. 'start' => $start,
  304. 'maxindex' => $maxindex,
  305. )
  306. );
  307. $topic_ids = array();
  308. while ($row = $smcFunc['db_fetch_assoc']($request))
  309. $topic_ids[] = $row['id_topic'];
  310. }
  311. // Grab the appropriate topic information...
  312. if (!$pre_query || !empty($topic_ids))
  313. {
  314. // For search engine effectiveness we'll link guests differently.
  315. $context['pageindex_multiplier'] = empty($modSettings['disableCustomPerPage']) && !empty($options['messages_per_page']) && !WIRELESS ? $options['messages_per_page'] : $modSettings['defaultMaxMessages'];
  316. $result = $smcFunc['db_query']('substring', '
  317. SELECT
  318. t.id_topic, t.num_replies, t.locked, t.num_views, t.is_sticky, t.id_poll, t.id_previous_board,
  319. ' . ($user_info['is_guest'] ? '0' : 'IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1') . ' AS new_from,
  320. t.id_last_msg, t.approved, t.unapproved_posts, t.id_redirect_topic, ml.poster_time AS last_poster_time,
  321. ml.id_msg_modified, ml.subject AS last_subject, ml.icon AS last_icon,
  322. ml.poster_name AS last_member_name, ml.id_member AS last_id_member, ' . (!empty($settings['avatars_on_indexes']) ? 'meml.avatar,' : '') . '
  323. IFNULL(meml.real_name, ml.poster_name) AS last_display_name, t.id_first_msg,
  324. mf.poster_time AS first_poster_time, mf.subject AS first_subject, mf.icon AS first_icon,
  325. mf.poster_name AS first_member_name, mf.id_member AS first_id_member,
  326. IFNULL(memf.real_name, mf.poster_name) AS first_display_name, ' . (!empty($modSettings['preview_characters']) ? '
  327. SUBSTRING(ml.body, 1, ' . ($modSettings['preview_characters'] + 256) . ') AS last_body,
  328. SUBSTRING(mf.body, 1, ' . ($modSettings['preview_characters'] + 256) . ') AS first_body,' : '') . 'ml.smileys_enabled AS last_smileys, mf.smileys_enabled AS first_smileys' . (!empty($settings['avatars_on_indexes']) ? ',
  329. IFNULL(a.id_attach, 0) AS id_attach, a.filename, a.attachment_type' : '') . '
  330. FROM {db_prefix}topics AS t
  331. INNER JOIN {db_prefix}messages AS ml ON (ml.id_msg = t.id_last_msg)
  332. INNER JOIN {db_prefix}messages AS mf ON (mf.id_msg = t.id_first_msg)
  333. LEFT JOIN {db_prefix}members AS meml ON (meml.id_member = ml.id_member)
  334. LEFT JOIN {db_prefix}members AS memf ON (memf.id_member = mf.id_member)' . ($user_info['is_guest'] ? '' : '
  335. LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = t.id_topic AND lt.id_member = {int:current_member})
  336. LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = {int:current_board} AND lmr.id_member = {int:current_member})') . (!empty($settings['avatars_on_indexes']) ? '
  337. LEFT JOIN {db_prefix}attachments AS a ON (a.id_member = ml.id_member)' : '') . '
  338. WHERE ' . ($pre_query ? 't.id_topic IN ({array_int:topic_list})' : 't.id_board = {int:current_board}') . (!$modSettings['postmod_active'] || $context['can_approve_posts'] ? '' : '
  339. AND (t.approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR t.id_member_started = {int:current_member}') . ')') . '
  340. ORDER BY ' . ($pre_query ? 'FIND_IN_SET(t.id_topic, {string:find_set_topics})' : (!empty($modSettings['enableStickyTopics']) ? 'is_sticky' . ($fake_ascending ? '' : ' DESC') . ', ' : '') . $_REQUEST['sort'] . ($ascending ? '' : ' DESC')) . '
  341. LIMIT ' . ($pre_query ? '' : '{int:start}, ') . '{int:maxindex}',
  342. array(
  343. 'current_board' => $board,
  344. 'current_member' => $user_info['id'],
  345. 'topic_list' => $topic_ids,
  346. 'is_approved' => 1,
  347. 'find_set_topics' => implode(',', $topic_ids),
  348. 'start' => $start,
  349. 'maxindex' => $maxindex,
  350. )
  351. );
  352. // Begin 'printing' the message index for current board.
  353. while ($row = $smcFunc['db_fetch_assoc']($result))
  354. {
  355. if ($row['id_poll'] > 0 && $modSettings['pollMode'] == '0')
  356. continue;
  357. if (!$pre_query)
  358. $topic_ids[] = $row['id_topic'];
  359. // Does the theme support message previews?
  360. if (!empty($settings['message_index_preview']) && !empty($modSettings['preview_characters']))
  361. {
  362. // Limit them to $modSettings['preview_characters'] characters
  363. $row['first_body'] = strip_tags(strtr(parse_bbc($row['first_body'], $row['first_smileys'], $row['id_first_msg']), array('<br />' => '&#10;')));
  364. if ($smcFunc['strlen']($row['first_body']) > $modSettings['preview_characters'])
  365. $row['first_body'] = $smcFunc['substr']($row['first_body'], 0, $modSettings['preview_characters']) . '...';
  366. $row['last_body'] = strip_tags(strtr(parse_bbc($row['last_body'], $row['last_smileys'], $row['id_last_msg']), array('<br />' => '&#10;')));
  367. if ($smcFunc['strlen']($row['last_body']) > $modSettings['preview_characters'])
  368. $row['last_body'] = $smcFunc['substr']($row['last_body'], 0, $modSettings['preview_characters']) . '...';
  369. // Censor the subject and message preview.
  370. censorText($row['first_subject']);
  371. censorText($row['first_body']);
  372. // Don't censor them twice!
  373. if ($row['id_first_msg'] == $row['id_last_msg'])
  374. {
  375. $row['last_subject'] = $row['first_subject'];
  376. $row['last_body'] = $row['first_body'];
  377. }
  378. else
  379. {
  380. censorText($row['last_subject']);
  381. censorText($row['last_body']);
  382. }
  383. }
  384. else
  385. {
  386. $row['first_body'] = '';
  387. $row['last_body'] = '';
  388. censorText($row['first_subject']);
  389. if ($row['id_first_msg'] == $row['id_last_msg'])
  390. $row['last_subject'] = $row['first_subject'];
  391. else
  392. censorText($row['last_subject']);
  393. }
  394. // Decide how many pages the topic should have.
  395. if ($row['num_replies'] + 1 > $context['messages_per_page'])
  396. {
  397. $pages = '&#171; ';
  398. // We can't pass start by reference.
  399. $start = -1;
  400. $pages .= constructPageIndex($scripturl . '?topic=' . $row['id_topic'] . '.%1$d', $start, $row['num_replies'] + 1, $context['messages_per_page'], true, false);
  401. // If we can use all, show all.
  402. if (!empty($modSettings['enableAllMessages']) && $row['num_replies'] + 1 < $modSettings['enableAllMessages'])
  403. $pages .= ' &nbsp;<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0;all">' . $txt['all'] . '</a>';
  404. $pages .= ' &#187;';
  405. }
  406. else
  407. $pages = '';
  408. // We need to check the topic icons exist...
  409. if (!empty($modSettings['messageIconChecks_enable']))
  410. {
  411. if (!isset($context['icon_sources'][$row['first_icon']]))
  412. $context['icon_sources'][$row['first_icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['first_icon'] . '.png') ? 'images_url' : 'default_images_url';
  413. if (!isset($context['icon_sources'][$row['last_icon']]))
  414. $context['icon_sources'][$row['last_icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['last_icon'] . '.png') ? 'images_url' : 'default_images_url';
  415. }
  416. else
  417. {
  418. if (!isset($context['icon_sources'][$row['first_icon']]))
  419. $context['icon_sources'][$row['first_icon']] = 'images_url';
  420. if (!isset($context['icon_sources'][$row['last_icon']]))
  421. $context['icon_sources'][$row['last_icon']] = 'images_url';
  422. }
  423. if (!empty($settings['avatars_on_indexes']))
  424. {
  425. // Allow themers to show the latest poster's avatar along with the topic
  426. if(!empty($row['avatar']))
  427. {
  428. if ($modSettings['avatar_action_too_large'] == 'option_html_resize' || $modSettings['avatar_action_too_large'] == 'option_js_resize')
  429. {
  430. $avatar_width = !empty($modSettings['avatar_max_width_external']) ? ' width="' . $modSettings['avatar_max_width_external'] . '"' : '';
  431. $avatar_height = !empty($modSettings['avatar_max_height_external']) ? ' height="' . $modSettings['avatar_max_height_external'] . '"' : '';
  432. }
  433. else
  434. {
  435. $avatar_width = '';
  436. $avatar_height = '';
  437. }
  438. }
  439. }
  440. // 'Print' the topic info.
  441. $context['topics'][$row['id_topic']] = array(
  442. 'id' => $row['id_topic'],
  443. 'first_post' => array(
  444. 'id' => $row['id_first_msg'],
  445. 'member' => array(
  446. 'username' => $row['first_member_name'],
  447. 'name' => $row['first_display_name'],
  448. 'id' => $row['first_id_member'],
  449. 'href' => !empty($row['first_id_member']) ? $scripturl . '?action=profile;u=' . $row['first_id_member'] : '',
  450. 'link' => !empty($row['first_id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['first_id_member'] . '" title="' . $txt['profile_of'] . ' ' . $row['first_display_name'] . '" class="preview">' . $row['first_display_name'] . '</a>' : $row['first_display_name']
  451. ),
  452. 'time' => timeformat($row['first_poster_time']),
  453. 'timestamp' => forum_time(true, $row['first_poster_time']),
  454. 'subject' => $row['first_subject'],
  455. 'preview' => $row['first_body'],
  456. 'icon' => $row['first_icon'],
  457. 'icon_url' => $settings[$context['icon_sources'][$row['first_icon']]] . '/post/' . $row['first_icon'] . '.png',
  458. 'href' => $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . '.0',
  459. 'link' => '<a href="' . $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']). '.0">' . $row['first_subject'] . '</a>'
  460. ),
  461. 'last_post' => array(
  462. 'id' => $row['id_last_msg'],
  463. 'member' => array(
  464. 'username' => $row['last_member_name'],
  465. 'name' => $row['last_display_name'],
  466. 'id' => $row['last_id_member'],
  467. 'href' => !empty($row['last_id_member']) ? $scripturl . '?action=profile;u=' . $row['last_id_member'] : '',
  468. 'link' => !empty($row['last_id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['last_id_member'] . '">' . $row['last_display_name'] . '</a>' : $row['last_display_name']
  469. ),
  470. 'time' => timeformat($row['last_poster_time']),
  471. 'timestamp' => forum_time(true, $row['last_poster_time']),
  472. 'subject' => $row['last_subject'],
  473. 'preview' => $row['last_body'],
  474. 'icon' => $row['last_icon'],
  475. 'icon_url' => $settings[$context['icon_sources'][$row['last_icon']]] . '/post/' . $row['last_icon'] . '.png',
  476. 'href' => $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . ($user_info['is_guest'] ? ('.' . (!empty($options['view_newest_first']) ? 0 : ((int) (($row['num_replies']) / $context['pageindex_multiplier'])) * $context['pageindex_multiplier']) . '#msg' . $row['id_last_msg']) : (($row['num_replies'] == 0 ? '.0' : '.msg' . $row['id_last_msg']) . '#new')),
  477. 'link' => '<a href="' . $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . ($user_info['is_guest'] ? ('.' . (!empty($options['view_newest_first']) ? 0 : ((int) (($row['num_replies']) / $context['pageindex_multiplier'])) * $context['pageindex_multiplier']) . '#msg' . $row['id_last_msg']) : (($row['num_replies'] == 0 ? '.0' : '.msg' . $row['id_last_msg']) . '#new')) . '" ' . ($row['num_replies'] == 0 ? '' : 'rel="nofollow"') . '>' . $row['last_subject'] . '</a>'
  478. ),
  479. 'is_sticky' => !empty($modSettings['enableStickyTopics']) && !empty($row['is_sticky']),
  480. 'is_locked' => !empty($row['locked']),
  481. 'is_poll' => $modSettings['pollMode'] == '1' && $row['id_poll'] > 0,
  482. 'is_hot' => $row['num_replies'] >= $modSettings['hotTopicPosts'],
  483. 'is_very_hot' => $row['num_replies'] >= $modSettings['hotTopicVeryPosts'],
  484. 'is_posted_in' => false,
  485. 'icon' => $row['first_icon'],
  486. 'icon_url' => $settings[$context['icon_sources'][$row['first_icon']]] . '/post/' . $row['first_icon'] . '.png',
  487. 'subject' => $row['first_subject'],
  488. 'new' => $row['new_from'] <= $row['id_msg_modified'],
  489. 'new_from' => $row['new_from'],
  490. 'newtime' => $row['new_from'],
  491. 'new_href' => $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . '.msg' . $row['new_from'] . '#new',
  492. 'pages' => $pages,
  493. 'replies' => comma_format($row['num_replies']),
  494. 'views' => comma_format($row['num_views']),
  495. 'approved' => $row['approved'],
  496. 'unapproved_posts' => $row['unapproved_posts'],
  497. );
  498. if (!empty($settings['avatars_on_indexes']))
  499. $context['topics'][$row['id_topic']]['last_post']['member']['avatar'] = array(
  500. 'name' => $row['avatar'],
  501. 'image' => $row['avatar'] == '' ? ($row['id_attach'] > 0 ? '<img class="avatar" src="' . (empty($row['attachment_type']) ? $scripturl . '?action=dlattach;attach=' . $row['id_attach'] . ';type=avatar' : $modSettings['custom_avatar_url'] . '/' . $row['filename']) . '" alt="" />' : '') : (stristr($row['avatar'], 'http://') ? '<img class="avatar" src="' . $row['avatar'] . '"' . $avatar_width . $avatar_height . ' alt="" />' : '<img class="avatar" src="' . $modSettings['avatar_url'] . '/' . htmlspecialchars($row['avatar']) . '" alt="" />'),
  502. 'href' => $row['avatar'] == '' ? ($row['id_attach'] > 0 ? (empty($row['attachment_type']) ? $scripturl . '?action=dlattach;attach=' . $row['id_attach'] . ';type=avatar' : $modSettings['custom_avatar_url'] . '/' . $row['filename']) : '') : (stristr($row['avatar'], 'http://') ? $row['avatar'] : $modSettings['avatar_url'] . '/' . $row['avatar']),
  503. 'url' => $row['avatar'] == '' ? '' : (stristr($row['avatar'], 'http://') ? $row['avatar'] : $modSettings['avatar_url'] . '/' . $row['avatar'])
  504. );
  505. determineTopicClass($context['topics'][$row['id_topic']]);
  506. }
  507. $smcFunc['db_free_result']($result);
  508. // Fix the sequence of topics if they were retrieved in the wrong order. (for speed reasons...)
  509. if ($fake_ascending)
  510. $context['topics'] = array_reverse($context['topics'], true);
  511. if (!empty($modSettings['enableParticipation']) && !$user_info['is_guest'] && !empty($topic_ids))
  512. {
  513. $result = $smcFunc['db_query']('', '
  514. SELECT id_topic
  515. FROM {db_prefix}messages
  516. WHERE id_topic IN ({array_int:topic_list})
  517. AND id_member = {int:current_member}
  518. GROUP BY id_topic
  519. LIMIT ' . count($topic_ids),
  520. array(
  521. 'current_member' => $user_info['id'],
  522. 'topic_list' => $topic_ids,
  523. )
  524. );
  525. while ($row = $smcFunc['db_fetch_assoc']($result))
  526. {
  527. $context['topics'][$row['id_topic']]['is_posted_in'] = true;
  528. $context['topics'][$row['id_topic']]['class'] = 'my_' . $context['topics'][$row['id_topic']]['class'];
  529. }
  530. $smcFunc['db_free_result']($result);
  531. }
  532. }
  533. $context['jump_to'] = array(
  534. 'label' => addslashes(un_htmlspecialchars($txt['jump_to'])),
  535. 'board_name' => htmlspecialchars(strtr(strip_tags($board_info['name']), array('&amp;' => '&'))),
  536. 'child_level' => $board_info['child_level'],
  537. );
  538. // Is Quick Moderation active/needed?
  539. if (!empty($options['display_quick_mod']) && !empty($context['topics']))
  540. {
  541. $context['can_markread'] = $context['user']['is_logged'];
  542. $context['can_lock'] = allowedTo('lock_any');
  543. $context['can_sticky'] = allowedTo('make_sticky') && !empty($modSettings['enableStickyTopics']);
  544. $context['can_move'] = allowedTo('move_any');
  545. $context['can_remove'] = allowedTo('remove_any');
  546. $context['can_merge'] = allowedTo('merge_any');
  547. // Ignore approving own topics as it's unlikely to come up...
  548. $context['can_approve'] = $modSettings['postmod_active'] && allowedTo('approve_posts') && !empty($board_info['unapproved_topics']);
  549. // Can we restore topics?
  550. $context['can_restore'] = allowedTo('move_any') && !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board;
  551. // Set permissions for all the topics.
  552. foreach ($context['topics'] as $t => $topic)
  553. {
  554. $started = $topic['first_post']['member']['id'] == $user_info['id'];
  555. $context['topics'][$t]['quick_mod'] = array(
  556. 'lock' => allowedTo('lock_any') || ($started && allowedTo('lock_own')),
  557. 'sticky' => allowedTo('make_sticky') && !empty($modSettings['enableStickyTopics']),
  558. 'move' => allowedTo('move_any') || ($started && allowedTo('move_own')),
  559. 'modify' => allowedTo('modify_any') || ($started && allowedTo('modify_own')),
  560. 'remove' => allowedTo('remove_any') || ($started && allowedTo('remove_own')),
  561. 'approve' => $context['can_approve'] && $topic['unapproved_posts']
  562. );
  563. $context['can_lock'] |= ($started && allowedTo('lock_own'));
  564. $context['can_move'] |= ($started && allowedTo('move_own'));
  565. $context['can_remove'] |= ($started && allowedTo('remove_own'));
  566. }
  567. // Find the boards/cateogories they can move their topic to.
  568. if ($options['display_quick_mod'] == 1 && $context['can_move'] && !empty($context['topics']))
  569. {
  570. require_once($sourcedir . '/Subs-MessageIndex.php');
  571. $boardListOptions = array(
  572. 'excluded_boards' => array($board),
  573. 'not_redirection' => true,
  574. 'use_permissions' => true,
  575. 'selected_board' => empty($_SESSION['move_to_topic']) ? null : $_SESSION['move_to_topic'],
  576. );
  577. // With no other boards to see, it's useless to move.
  578. if (empty($context['move_to_boards']))
  579. $context['can_move'] = false;
  580. }
  581. // Can we use quick moderation checkboxes?
  582. if ($options['display_quick_mod'] == 1)
  583. $context['can_quick_mod'] = $context['user']['is_logged'] || $context['can_approve'] || $context['can_remove'] || $context['can_lock'] || $context['can_sticky'] || $context['can_move'] || $context['can_merge'] || $context['can_restore'];
  584. // Or the icons?
  585. else
  586. $context['can_quick_mod'] = $context['can_remove'] || $context['can_lock'] || $context['can_sticky'] || $context['can_move'];
  587. }
  588. if (!empty($context['can_quick_mod']) && $options['display_quick_mod'] == 1)
  589. {
  590. $context['qmod_actions'] = array('approve', 'remove', 'lock', 'sticky', 'move', 'merge', 'restore', 'markread');
  591. call_integration_hook('integrate_quick_mod_actions');
  592. }
  593. // If there are children, but no topics and no ability to post topics...
  594. $context['no_topic_listing'] = !empty($context['boards']) && empty($context['topics']) && !$context['can_post_new'];
  595. // Build the message index button array.
  596. $context['normal_buttons'] = array(
  597. 'new_topic' => array('test' => 'can_post_new', 'text' => 'new_topic', 'image' => 'new_topic.png', 'lang' => true, 'url' => $scripturl . '?action=post;board=' . $context['current_board'] . '.0', 'active' => true),
  598. 'post_poll' => array('test' => 'can_post_poll', 'text' => 'new_poll', 'image' => 'new_poll.png', 'lang' => true, 'url' => $scripturl . '?action=post;board=' . $context['current_board'] . '.0;poll'),
  599. 'notify' => array('test' => 'can_mark_notify', 'text' => $context['is_marked_notify'] ? 'unnotify' : 'notify', 'image' => ($context['is_marked_notify'] ? 'un' : ''). 'notify.png', 'lang' => true, 'custom' => 'onclick="return confirm(\'' . ($context['is_marked_notify'] ? $txt['notification_disable_board'] : $txt['notification_enable_board']) . '\');"', 'url' => $scripturl . '?action=notifyboard;sa=' . ($context['is_marked_notify'] ? 'off' : 'on') . ';board=' . $context['current_board'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']),
  600. 'markread' => array('text' => 'mark_read_short', 'image' => 'markread.png', 'lang' => true, 'url' => $scripturl . '?action=markasread;sa=board;board=' . $context['current_board'] . '.0;' . $context['session_var'] . '=' . $context['session_id']),
  601. );
  602. // Allow adding new buttons easily.
  603. call_integration_hook('integrate_messageindex_buttons');
  604. }
  605. /**
  606. * Allows for moderation from the message index.
  607. * @todo refactor this...
  608. */
  609. function QuickModeration()
  610. {
  611. global $sourcedir, $board, $user_info, $modSettings, $smcFunc, $context;
  612. // Check the session = get or post.
  613. checkSession('request');
  614. // Lets go straight to the restore area.
  615. if (isset($_REQUEST['qaction']) && $_REQUEST['qaction'] == 'restore' && !empty($_REQUEST['topics']))
  616. redirectexit('action=restoretopic;topics=' . implode(',', $_REQUEST['topics']) . ';' . $context['session_var'] . '=' . $context['session_id']);
  617. if (isset($_SESSION['topicseen_cache']))
  618. $_SESSION['topicseen_cache'] = array();
  619. // This is going to be needed to send off the notifications and for updateLastMessages().
  620. require_once($sourcedir . '/Subs-Post.php');
  621. // Remember the last board they moved things to.
  622. if (isset($_REQUEST['move_to']))
  623. $_SESSION['move_to_topic'] = $_REQUEST['move_to'];
  624. // Only a few possible actions.
  625. $possibleActions = array();
  626. if (!empty($board))
  627. {
  628. $boards_can = array(
  629. 'make_sticky' => allowedTo('make_sticky') ? array($board) : array(),
  630. 'move_any' => allowedTo('move_any') ? array($board) : array(),
  631. 'move_own' => allowedTo('move_own') ? array($board) : array(),
  632. 'remove_any' => allowedTo('remove_any') ? array($board) : array(),
  633. 'remove_own' => allowedTo('remove_own') ? array($board) : array(),
  634. 'lock_any' => allowedTo('lock_any') ? array($board) : array(),
  635. 'lock_own' => allowedTo('lock_own') ? array($board) : array(),
  636. 'merge_any' => allowedTo('merge_any') ? array($board) : array(),
  637. 'approve_posts' => allowedTo('approve_posts') ? array($board) : array(),
  638. );
  639. $redirect_url = 'board=' . $board . '.' . $_REQUEST['start'];
  640. }
  641. else
  642. {
  643. /**
  644. * @todo Ugly. There's no getting around this, is there?
  645. * @todo Maybe just do this on the actions people want to use?
  646. */
  647. $boards_can = boardsAllowedTo(array('make_sticky', 'move_any', 'move_own', 'remove_any', 'remove_own', 'lock_any', 'lock_own', 'merge_any', 'approve_posts'), true, false);
  648. $redirect_url = isset($_POST['redirect_url']) ? $_POST['redirect_url'] : (isset($_SESSION['old_url']) ? $_SESSION['old_url'] : '');
  649. }
  650. if (!$user_info['is_guest'])
  651. $possibleActions[] = 'markread';
  652. if (!empty($boards_can['make_sticky']) && !empty($modSettings['enableStickyTopics']))
  653. $possibleActions[] = 'sticky';
  654. if (!empty($boards_can['move_any']) || !empty($boards_can['move_own']))
  655. $possibleActions[] = 'move';
  656. if (!empty($boards_can['remove_any']) || !empty($boards_can['remove_own']))
  657. $possibleActions[] = 'remove';
  658. if (!empty($boards_can['lock_any']) || !empty($boards_can['lock_own']))
  659. $possibleActions[] = 'lock';
  660. if (!empty($boards_can['merge_any']))
  661. $possibleActions[] = 'merge';
  662. if (!empty($boards_can['approve_posts']))
  663. $possibleActions[] = 'approve';
  664. // Two methods: $_REQUEST['actions'] (id_topic => action), and $_REQUEST['topics'] and $_REQUEST['qaction'].
  665. // (if action is 'move', $_REQUEST['move_to'] or $_REQUEST['move_tos'][$topic] is used.)
  666. if (!empty($_REQUEST['topics']))
  667. {
  668. // If the action isn't valid, just quit now.
  669. if (empty($_REQUEST['qaction']) || !in_array($_REQUEST['qaction'], $possibleActions))
  670. redirectexit($redirect_url);
  671. // Merge requires all topics as one parameter and can be done at once.
  672. if ($_REQUEST['qaction'] == 'merge')
  673. {
  674. // Merge requires at least two topics.
  675. if (empty($_REQUEST['topics']) || count($_REQUEST['topics']) < 2)
  676. redirectexit($redirect_url);
  677. require_once($sourcedir . '/SplitTopics.php');
  678. return MergeExecute($_REQUEST['topics']);
  679. }
  680. // Just convert to the other method, to make it easier.
  681. foreach ($_REQUEST['topics'] as $topic)
  682. $_REQUEST['actions'][(int) $topic] = $_REQUEST['qaction'];
  683. }
  684. // Weird... how'd you get here?
  685. if (empty($_REQUEST['actions']))
  686. redirectexit($redirect_url);
  687. // Validate each action.
  688. $temp = array();
  689. foreach ($_REQUEST['actions'] as $topic => $action)
  690. {
  691. if (in_array($action, $possibleActions))
  692. $temp[(int) $topic] = $action;
  693. }
  694. $_REQUEST['actions'] = $temp;
  695. if (!empty($_REQUEST['actions']))
  696. {
  697. // Find all topics...
  698. $request = $smcFunc['db_query']('', '
  699. SELECT id_topic, id_member_started, id_board, locked, approved, unapproved_posts
  700. FROM {db_prefix}topics
  701. WHERE id_topic IN ({array_int:action_topic_ids})
  702. LIMIT ' . count($_REQUEST['actions']),
  703. array(
  704. 'action_topic_ids' => array_keys($_REQUEST['actions']),
  705. )
  706. );
  707. while ($row = $smcFunc['db_fetch_assoc']($request))
  708. {
  709. if (!empty($board))
  710. {
  711. if ($row['id_board'] != $board || ($modSettings['postmod_active'] && !$row['approved'] && !allowedTo('approve_posts')))
  712. unset($_REQUEST['actions'][$row['id_topic']]);
  713. }
  714. else
  715. {
  716. // Don't allow them to act on unapproved posts they can't see...
  717. if ($modSettings['postmod_active'] && !$row['approved'] && !in_array(0, $boards_can['approve_posts']) && !in_array($row['id_board'], $boards_can['approve_posts']))
  718. unset($_REQUEST['actions'][$row['id_topic']]);
  719. // Goodness, this is fun. We need to validate the action.
  720. elseif ($_REQUEST['actions'][$row['id_topic']] == 'sticky' && !in_array(0, $boards_can['make_sticky']) && !in_array($row['id_board'], $boards_can['make_sticky']))
  721. unset($_REQUEST['actions'][$row['id_topic']]);
  722. elseif ($_REQUEST['actions'][$row['id_topic']] == 'move' && !in_array(0, $boards_can['move_any']) && !in_array($row['id_board'], $boards_can['move_any']) && ($row['id_member_started'] != $user_info['id'] || (!in_array(0, $boards_can['move_own']) && !in_array($row['id_board'], $boards_can['move_own']))))
  723. unset($_REQUEST['actions'][$row['id_topic']]);
  724. elseif ($_REQUEST['actions'][$row['id_topic']] == 'remove' && !in_array(0, $boards_can['remove_any']) && !in_array($row['id_board'], $boards_can['remove_any']) && ($row['id_member_started'] != $user_info['id'] || (!in_array(0, $boards_can['remove_own']) && !in_array($row['id_board'], $boards_can['remove_own']))))
  725. unset($_REQUEST['actions'][$row['id_topic']]);
  726. // @todo $locked is not set, what are you trying to do? (taking the change it is supposed to be $row['locked'])
  727. elseif ($_REQUEST['actions'][$row['id_topic']] == 'lock' && !in_array(0, $boards_can['lock_any']) && !in_array($row['id_board'], $boards_can['lock_any']) && ($row['id_member_started'] != $user_info['id'] || $row['locked'] == 1 || (!in_array(0, $boards_can['lock_own']) && !in_array($row['id_board'], $boards_can['lock_own']))))
  728. unset($_REQUEST['actions'][$row['id_topic']]);
  729. // If the topic is approved then you need permission to approve the posts within.
  730. elseif ($_REQUEST['actions'][$row['id_topic']] == 'approve' && (!$row['unapproved_posts'] || (!in_array(0, $boards_can['approve_posts']) && !in_array($row['id_board'], $boards_can['approve_posts']))))
  731. unset($_REQUEST['actions'][$row['id_topic']]);
  732. }
  733. }
  734. $smcFunc['db_free_result']($request);
  735. }
  736. $stickyCache = array();
  737. $moveCache = array(0 => array(), 1 => array());
  738. $removeCache = array();
  739. $lockCache = array();
  740. $markCache = array();
  741. $approveCache = array();
  742. // Separate the actions.
  743. foreach ($_REQUEST['actions'] as $topic => $action)
  744. {
  745. $topic = (int) $topic;
  746. if ($action == 'markread')
  747. $markCache[] = $topic;
  748. elseif ($action == 'sticky')
  749. $stickyCache[] = $topic;
  750. elseif ($action == 'move')
  751. {
  752. require_once($sourcedir . '/MoveTopic.php');
  753. moveTopicConcurrence();
  754. // $moveCache[0] is the topic, $moveCache[1] is the board to move to.
  755. $moveCache[1][$topic] = (int) (isset($_REQUEST['move_tos'][$topic]) ? $_REQUEST['move_tos'][$topic] : $_REQUEST['move_to']);
  756. if (empty($moveCache[1][$topic]))
  757. continue;
  758. $moveCache[0][] = $topic;
  759. }
  760. elseif ($action == 'remove')
  761. $removeCache[] = $topic;
  762. elseif ($action == 'lock')
  763. $lockCache[] = $topic;
  764. elseif ($action == 'approve')
  765. $approveCache[] = $topic;
  766. }
  767. if (empty($board))
  768. $affectedBoards = array();
  769. else
  770. $affectedBoards = array($board => array(0, 0));
  771. // Do all the stickies...
  772. if (!empty($stickyCache))
  773. {
  774. $smcFunc['db_query']('', '
  775. UPDATE {db_prefix}topics
  776. SET is_sticky = CASE WHEN is_sticky = {int:is_sticky} THEN 0 ELSE 1 END
  777. WHERE id_topic IN ({array_int:sticky_topic_ids})',
  778. array(
  779. 'sticky_topic_ids' => $stickyCache,
  780. 'is_sticky' => 1,
  781. )
  782. );
  783. // Get the board IDs and Sticky status
  784. $request = $smcFunc['db_query']('', '
  785. SELECT id_topic, id_board, is_sticky
  786. FROM {db_prefix}topics
  787. WHERE id_topic IN ({array_int:sticky_topic_ids})
  788. LIMIT ' . count($stickyCache),
  789. array(
  790. 'sticky_topic_ids' => $stickyCache,
  791. )
  792. );
  793. $stickyCacheBoards = array();
  794. $stickyCacheStatus = array();
  795. while ($row = $smcFunc['db_fetch_assoc']($request))
  796. {
  797. $stickyCacheBoards[$row['id_topic']] = $row['id_board'];
  798. $stickyCacheStatus[$row['id_topic']] = empty($row['is_sticky']);
  799. }
  800. $smcFunc['db_free_result']($request);
  801. }
  802. // Move sucka! (this is, by the by, probably the most complicated part....)
  803. if (!empty($moveCache[0]))
  804. {
  805. // I know - I just KNOW you're trying to beat the system. Too bad for you... we CHECK :P.
  806. $request = $smcFunc['db_query']('', '
  807. SELECT t.id_topic, t.id_board, b.count_posts
  808. FROM {db_prefix}topics AS t
  809. LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)
  810. WHERE t.id_topic IN ({array_int:move_topic_ids})' . (!empty($board) && !allowedTo('move_any') ? '
  811. AND t.id_member_started = {int:current_member}' : '') . '
  812. LIMIT ' . count($moveCache[0]),
  813. array(
  814. 'current_member' => $user_info['id'],
  815. 'move_topic_ids' => $moveCache[0],
  816. )
  817. );
  818. $moveTos = array();
  819. $moveCache2 = array();
  820. $countPosts = array();
  821. while ($row = $smcFunc['db_fetch_assoc']($request))
  822. {
  823. $to = $moveCache[1][$row['id_topic']];
  824. if (empty($to))
  825. continue;
  826. // Does this topic's board count the posts or not?
  827. $countPosts[$row['id_topic']] = empty($row['count_posts']);
  828. if (!isset($moveTos[$to]))
  829. $moveTos[$to] = array();
  830. $moveTos[$to][] = $row['id_topic'];
  831. // For reporting...
  832. $moveCache2[] = array($row['id_topic'], $row['id_board'], $to);
  833. }
  834. $smcFunc['db_free_result']($request);
  835. $moveCache = $moveCache2;
  836. require_once($sourcedir . '/MoveTopic.php');
  837. // Do the actual moves...
  838. foreach ($moveTos as $to => $topics)
  839. moveTopics($topics, $to);
  840. // Does the post counts need to be updated?
  841. if (!empty($moveTos))
  842. {
  843. $topicRecounts = array();
  844. $request = $smcFunc['db_query']('', '
  845. SELECT id_board, count_posts
  846. FROM {db_prefix}boards
  847. WHERE id_board IN ({array_int:move_boards})',
  848. array(
  849. 'move_boards' => array_keys($moveTos),
  850. )
  851. );
  852. while ($row = $smcFunc['db_fetch_assoc']($request))
  853. {
  854. $cp = empty($row['count_posts']);
  855. // Go through all the topics that are being moved to this board.
  856. foreach ($moveTos[$row['id_board']] as $topic)
  857. {
  858. // If both boards have the same value for post counting then no adjustment needs to be made.
  859. if ($countPosts[$topic] != $cp)
  860. {
  861. // If the board being moved to does count the posts then the other one doesn't so add to their post count.
  862. $topicRecounts[$topic] = $cp ? '+' : '-';
  863. }
  864. }
  865. }
  866. $smcFunc['db_free_result']($request);
  867. if (!empty($topicRecounts))
  868. {
  869. $members = array();
  870. // Get all the members who have posted in the moved topics.
  871. $request = $smcFunc['db_query']('', '
  872. SELECT id_member, id_topic
  873. FROM {db_prefix}messages
  874. WHERE id_topic IN ({array_int:moved_topic_ids})',
  875. array(
  876. 'moved_topic_ids' => array_keys($topicRecounts),
  877. )
  878. );
  879. while ($row = $smcFunc['db_fetch_assoc']($request))
  880. {
  881. if (!isset($members[$row['id_member']]))
  882. $members[$row['id_member']] = 0;
  883. if ($topicRecounts[$row['id_topic']] === '+')
  884. $members[$row['id_member']] += 1;
  885. else
  886. $members[$row['id_member']] -= 1;
  887. }
  888. $smcFunc['db_free_result']($request);
  889. // And now update them member's post counts
  890. foreach ($members as $id_member => $post_adj)
  891. updateMemberData($id_member, array('posts' => 'posts + ' . $post_adj));
  892. }
  893. }
  894. }
  895. // Now delete the topics...
  896. if (!empty($removeCache))
  897. {
  898. // They can only delete their own topics. (we wouldn't be here if they couldn't do that..)
  899. $result = $smcFunc['db_query']('', '
  900. SELECT id_topic, id_board
  901. FROM {db_prefix}topics
  902. WHERE id_topic IN ({array_int:removed_topic_ids})' . (!empty($board) && !allowedTo('remove_any') ? '
  903. AND id_member_started = {int:current_member}' : '') . '
  904. LIMIT ' . count($removeCache),
  905. array(
  906. 'current_member' => $user_info['id'],
  907. 'removed_topic_ids' => $removeCache,
  908. )
  909. );
  910. $removeCache = array();
  911. $removeCacheBoards = array();
  912. while ($row = $smcFunc['db_fetch_assoc']($result))
  913. {
  914. $removeCache[] = $row['id_topic'];
  915. $removeCacheBoards[$row['id_topic']] = $row['id_board'];
  916. }
  917. $smcFunc['db_free_result']($result);
  918. // Maybe *none* were their own topics.
  919. if (!empty($removeCache))
  920. {
  921. // Gotta send the notifications *first*!
  922. foreach ($removeCache as $topic)
  923. {
  924. // Only log the topic ID if it's not in the recycle board.
  925. logAction('remove', array((empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $removeCacheBoards[$topic] ? 'topic' : 'old_topic_id') => $topic, 'board' => $removeCacheBoards[$topic]));
  926. sendNotifications($topic, 'remove');
  927. }
  928. require_once($sourcedir . '/RemoveTopic.php');
  929. removeTopics($removeCache);
  930. }
  931. }
  932. // Approve the topics...
  933. if (!empty($approveCache))
  934. {
  935. // We need unapproved topic ids and their authors!
  936. $request = $smcFunc['db_query']('', '
  937. SELECT id_topic, id_member_started
  938. FROM {db_prefix}topics
  939. WHERE id_topic IN ({array_int:approve_topic_ids})
  940. AND approved = {int:not_approved}
  941. LIMIT ' . count($approveCache),
  942. array(
  943. 'approve_topic_ids' => $approveCache,
  944. 'not_approved' => 0,
  945. )
  946. );
  947. $approveCache = array();
  948. $approveCacheMembers = array();
  949. while ($row = $smcFunc['db_fetch_assoc']($request))
  950. {
  951. $approveCache[] = $row['id_topic'];
  952. $approveCacheMembers[$row['id_topic']] = $row['id_member_started'];
  953. }
  954. $smcFunc['db_free_result']($request);
  955. // Any topics to approve?
  956. if (!empty($approveCache))
  957. {
  958. // Handle the approval part...
  959. approveTopics($approveCache);
  960. // Time for some logging!
  961. foreach ($approveCache as $topic)
  962. logAction('approve_topic', array('topic' => $topic, 'member' => $approveCacheMembers[$topic]));
  963. }
  964. }
  965. // And (almost) lastly, lock the topics...
  966. if (!empty($lockCache))
  967. {
  968. $lockStatus = array();
  969. // Gotta make sure they CAN lock/unlock these topics...
  970. if (!empty($board) && !allowedTo('lock_any'))
  971. {
  972. // Make sure they started the topic AND it isn't already locked by someone with higher priv's.
  973. $result = $smcFunc['db_query']('', '
  974. SELECT id_topic, locked, id_board
  975. FROM {db_prefix}topics
  976. WHERE id_topic IN ({array_int:locked_topic_ids})
  977. AND id_member_started = {int:current_member}
  978. AND locked IN (2, 0)
  979. LIMIT ' . count($lockCache),
  980. array(
  981. 'current_member' => $user_info['id'],
  982. 'locked_topic_ids' => $lockCache,
  983. )
  984. );
  985. $lockCache = array();
  986. $lockCacheBoards = array();
  987. while ($row = $smcFunc['db_fetch_assoc']($result))
  988. {
  989. $lockCache[] = $row['id_topic'];
  990. $lockCacheBoards[$row['id_topic']] = $row['id_board'];
  991. $lockStatus[$row['id_topic']] = empty($row['locked']);
  992. }
  993. $smcFunc['db_free_result']($result);
  994. }
  995. else
  996. {
  997. $result = $smcFunc['db_query']('', '
  998. SELECT id_topic, locked, id_board
  999. FROM {db_prefix}topics
  1000. WHERE id_topic IN ({array_int:locked_topic_ids})
  1001. LIMIT ' . count($lockCache),
  1002. array(
  1003. 'locked_topic_ids' => $lockCache,
  1004. )
  1005. );
  1006. $lockCacheBoards = array();
  1007. while ($row = $smcFunc['db_fetch_assoc']($result))
  1008. {
  1009. $lockStatus[$row['id_topic']] = empty($row['locked']);
  1010. $lockCacheBoards[$row['id_topic']] = $row['id_board'];
  1011. }
  1012. $smcFunc['db_free_result']($result);
  1013. }
  1014. // It could just be that *none* were their own topics...
  1015. if (!empty($lockCache))
  1016. {
  1017. // Alternate the locked value.
  1018. $smcFunc['db_query']('', '
  1019. UPDATE {db_prefix}topics
  1020. SET locked = CASE WHEN locked = {int:is_locked} THEN ' . (allowedTo('lock_any') ? '1' : '2') . ' ELSE 0 END
  1021. WHERE id_topic IN ({array_int:locked_topic_ids})',
  1022. array(
  1023. 'locked_topic_ids' => $lockCache,
  1024. 'is_locked' => 0,
  1025. )
  1026. );
  1027. }
  1028. }
  1029. if (!empty($markCache))
  1030. {
  1031. $markArray = array();
  1032. foreach ($markCache as $topic)
  1033. $markArray[] = array($modSettings['maxMsgID'], $user_info['id'], $topic);
  1034. $smcFunc['db_insert']('replace',
  1035. '{db_prefix}log_topics',
  1036. array('id_msg' => 'int', 'id_member' => 'int', 'id_topic' => 'int'),
  1037. $markArray,
  1038. array('id_member', 'id_topic')
  1039. );
  1040. }
  1041. foreach ($moveCache as $topic)
  1042. {
  1043. // Didn't actually move anything!
  1044. if (!isset($topic[0]))
  1045. break;
  1046. logAction('move', array('topic' => $topic[0], 'board_from' => $topic[1], 'board_to' => $topic[2]));
  1047. sendNotifications($topic[0], 'move');
  1048. }
  1049. foreach ($lockCache as $topic)
  1050. {
  1051. logAction($lockStatus[$topic] ? 'lock' : 'unlock', array('topic' => $topic, 'board' => $lockCacheBoards[$topic]));
  1052. sendNotifications($topic, $lockStatus[$topic] ? 'lock' : 'unlock');
  1053. }
  1054. foreach ($stickyCache as $topic)
  1055. {
  1056. logAction($stickyCacheStatus[$topic] ? 'unsticky' : 'sticky', array('topic' => $topic, 'board' => $stickyCacheBoards[$topic]));
  1057. sendNotifications($topic, 'sticky');
  1058. }
  1059. updateStats('topic');
  1060. updateStats('message');
  1061. updateSettings(array(
  1062. 'calendar_updated' => time(),
  1063. ));
  1064. if (!empty($affectedBoards))
  1065. updateLastMessages(array_keys($affectedBoards));
  1066. redirectexit($redirect_url);
  1067. }