ModerationCenter.php 50 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673
  1. <?php
  2. /**
  3. * Moderation Center.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2014 Simple Machines and individual contributors
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('No direct access...');
  16. /**
  17. * Entry point for the moderation center.
  18. *
  19. * @param bool $dont_call = false
  20. */
  21. function ModerationMain($dont_call = false)
  22. {
  23. global $txt, $context, $scripturl, $sc, $modSettings, $user_info, $sourcedir, $options, $smcFunc;
  24. // Don't run this twice... and don't conflict with the admin bar.
  25. if (isset($context['admin_area']))
  26. return;
  27. $context['can_moderate_boards'] = $user_info['mod_cache']['bq'] != '0=1';
  28. $context['can_moderate_groups'] = $user_info['mod_cache']['gq'] != '0=1';
  29. $context['can_moderate_approvals'] = $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']);
  30. // Everyone using this area must be allowed here!
  31. if (!$context['can_moderate_boards'] && !$context['can_moderate_groups'] && !$context['can_moderate_approvals'])
  32. isAllowedTo('access_mod_center');
  33. // We're gonna want a menu of some kind.
  34. require_once($sourcedir . '/Subs-Menu.php');
  35. // Load the language, and the template.
  36. loadLanguage('ModerationCenter');
  37. loadTemplate(false, 'admin');
  38. $context['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  39. $context['robot_no_index'] = true;
  40. // This is the menu structure - refer to Subs-Menu.php for the details.
  41. $moderation_areas = array(
  42. 'main' => array(
  43. 'title' => $txt['mc_main'],
  44. 'areas' => array(
  45. 'index' => array(
  46. 'label' => $txt['moderation_center'],
  47. 'function' => 'ModerationHome',
  48. 'icon' => 'administration.png',
  49. ),
  50. 'settings' => array(
  51. 'label' => $txt['mc_settings'],
  52. 'function' => 'ModerationSettings',
  53. 'icon' => 'features.png',
  54. ),
  55. 'modlogoff' => array(
  56. 'label' => $txt['mc_logoff'],
  57. 'function' => 'ModEndSession',
  58. 'enabled' => empty($modSettings['securityDisable_moderate']),
  59. 'icon' => 'exit.png',
  60. ),
  61. 'notice' => array(
  62. 'file' => 'ModerationCenter.php',
  63. 'function' => 'ShowNotice',
  64. 'select' => 'index'
  65. ),
  66. ),
  67. ),
  68. 'logs' => array(
  69. 'title' => $txt['mc_logs'],
  70. 'areas' => array(
  71. 'modlog' => array(
  72. 'label' => $txt['modlog_view'],
  73. 'enabled' => !empty($modSettings['modlog_enabled']) && $context['can_moderate_boards'],
  74. 'file' => 'Modlog.php',
  75. 'function' => 'ViewModlog',
  76. 'icon' => 'logs.png',
  77. ),
  78. 'warnings' => array(
  79. 'label' => $txt['mc_warnings'],
  80. 'enabled' => $modSettings['warning_settings'][0] == 1 && $context['can_moderate_boards'],
  81. 'function' => 'ViewWarnings',
  82. 'icon' => 'warning.png',
  83. 'subsections' => array(
  84. 'log' => array($txt['mc_warning_log']),
  85. 'templates' => array($txt['mc_warning_templates'], 'issue_warning'),
  86. ),
  87. ),
  88. ),
  89. ),
  90. 'posts' => array(
  91. 'title' => $txt['mc_posts'],
  92. 'enabled' => $context['can_moderate_boards'] || $context['can_moderate_approvals'],
  93. 'areas' => array(
  94. 'postmod' => array(
  95. 'label' => $txt['mc_unapproved_posts'],
  96. 'enabled' => $context['can_moderate_approvals'],
  97. 'file' => 'PostModeration.php',
  98. 'function' => 'PostModerationMain',
  99. 'icon' => 'posts.png',
  100. 'custom_url' => $scripturl . '?action=moderate;area=postmod',
  101. 'subsections' => array(
  102. 'posts' => array($txt['mc_unapproved_replies']),
  103. 'topics' => array($txt['mc_unapproved_topics']),
  104. ),
  105. ),
  106. 'attachmod' => array(
  107. 'label' => $txt['mc_unapproved_attachments'],
  108. 'enabled' => $context['can_moderate_approvals'],
  109. 'file' => 'PostModeration.php',
  110. 'function' => 'PostModerationMain',
  111. 'icon' => 'post_moderation_attach.png',
  112. 'custom_url' => $scripturl . '?action=moderate;area=attachmod;sa=attachments',
  113. ),
  114. 'reports' => array(
  115. 'label' => $txt['mc_reported_posts'],
  116. 'enabled' => $context['can_moderate_boards'],
  117. 'file' => 'ReportedPosts.php',
  118. 'function' => 'ReportedPosts',
  119. 'icon' => 'reports.png',
  120. 'subsections' => array(
  121. 'show' => array($txt['mc_reportedp_active']),
  122. 'closed' => array($txt['mc_reportedp_closed']),
  123. ),
  124. ),
  125. ),
  126. ),
  127. 'groups' => array(
  128. 'title' => $txt['mc_groups'],
  129. 'enabled' => $context['can_moderate_groups'],
  130. 'areas' => array(
  131. 'userwatch' => array(
  132. 'label' => $txt['mc_watched_users_title'],
  133. 'enabled' => $modSettings['warning_settings'][0] == 1 && $context['can_moderate_boards'],
  134. 'function' => 'ViewWatchedUsers',
  135. 'icon' => 'members_watched.png',
  136. 'subsections' => array(
  137. 'member' => array($txt['mc_watched_users_member']),
  138. 'post' => array($txt['mc_watched_users_post']),
  139. ),
  140. ),
  141. 'groups' => array(
  142. 'label' => $txt['mc_group_requests'],
  143. 'file' => 'Groups.php',
  144. 'function' => 'Groups',
  145. 'icon' => 'members_request.png',
  146. 'custom_url' => $scripturl . '?action=moderate;area=groups;sa=requests',
  147. ),
  148. 'viewgroups' => array(
  149. 'label' => $txt['mc_view_groups'],
  150. 'file' => 'Groups.php',
  151. 'function' => 'Groups',
  152. 'icon' => 'membergroups.png',
  153. ),
  154. ),
  155. ),
  156. );
  157. // Make sure the administrator has a valid session...
  158. validateSession('moderate');
  159. // I don't know where we're going - I don't know where we've been...
  160. $menuOptions = array(
  161. 'action' => 'moderate',
  162. 'disable_url_session_check' => true,
  163. );
  164. $mod_include_data = createMenu($moderation_areas, $menuOptions);
  165. unset($moderation_areas);
  166. // We got something - didn't we? DIDN'T WE!
  167. if ($mod_include_data == false)
  168. fatal_lang_error('no_access', false);
  169. // Retain the ID information in case required by a subaction.
  170. $context['moderation_menu_id'] = $context['max_menu_id'];
  171. $context['moderation_menu_name'] = 'menu_data_' . $context['moderation_menu_id'];
  172. // @todo: html in here is not good
  173. $context[$context['moderation_menu_name']]['tab_data'] = array(
  174. 'title' => $txt['moderation_center'],
  175. 'help' => '',
  176. 'description' => '
  177. <strong>' . $txt['hello_guest'] . ' ' . $context['user']['name'] . '!</strong>
  178. <br><br>
  179. ' . $txt['mc_description']);
  180. // What a pleasant shortcut - even tho we're not *really* on the admin screen who cares...
  181. $context['admin_area'] = $mod_include_data['current_area'];
  182. // Build the link tree.
  183. $context['linktree'][] = array(
  184. 'url' => $scripturl . '?action=moderate',
  185. 'name' => $txt['moderation_center'],
  186. );
  187. if (isset($mod_include_data['current_area']) && $mod_include_data['current_area'] != 'index')
  188. $context['linktree'][] = array(
  189. 'url' => $scripturl . '?action=moderate;area=' . $mod_include_data['current_area'],
  190. 'name' => $mod_include_data['label'],
  191. );
  192. if (!empty($mod_include_data['current_subsection']) && $mod_include_data['subsections'][$mod_include_data['current_subsection']][0] != $mod_include_data['label'])
  193. $context['linktree'][] = array(
  194. 'url' => $scripturl . '?action=moderate;area=' . $mod_include_data['current_area'] . ';sa=' . $mod_include_data['current_subsection'],
  195. 'name' => $mod_include_data['subsections'][$mod_include_data['current_subsection']][0],
  196. );
  197. // Now - finally - the bit before the encore - the main performance of course!
  198. if (!$dont_call)
  199. {
  200. if (isset($mod_include_data['file']))
  201. require_once($sourcedir . '/' . $mod_include_data['file']);
  202. $mod_include_data['function']();
  203. }
  204. }
  205. /**
  206. * This function basically is the home page of the moderation center.
  207. */
  208. function ModerationHome()
  209. {
  210. global $txt, $context, $scripturl, $user_settings, $options;
  211. loadTemplate('ModerationCenter');
  212. loadJavascriptFile('admin.js', array('default_theme' => true), 'admin.js');
  213. $context['page_title'] = $txt['moderation_center'];
  214. $context['sub_template'] = 'moderation_center';
  215. // Handle moderators notes.
  216. ModBlockNotes();
  217. // Load what blocks the user actually can see...
  218. $valid_blocks = array();
  219. if ($context['can_moderate_groups'])
  220. $valid_blocks['g'] = 'GroupRequests';
  221. if ($context['can_moderate_boards'])
  222. {
  223. $valid_blocks['r'] = 'ReportedPosts';
  224. $valid_blocks['w'] = 'WatchedUsers';
  225. }
  226. call_integration_hook('integrate_mod_centre_blocks', array(&$valid_blocks));
  227. $context['mod_blocks'] = array();
  228. foreach ($valid_blocks as $k => $block)
  229. {
  230. $block = 'ModBlock' . $block;
  231. if (function_exists($block))
  232. $context['mod_blocks'][] = $block();
  233. }
  234. $context['admin_prefs'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  235. }
  236. /**
  237. * Show a list of the most active watched users.
  238. */
  239. function ModBlockWatchedUsers()
  240. {
  241. global $context, $smcFunc, $scripturl, $modSettings;
  242. if (($watched_users = cache_get_data('recent_user_watches', 240)) === null)
  243. {
  244. $modSettings['warning_watch'] = empty($modSettings['warning_watch']) ? 1 : $modSettings['warning_watch'];
  245. $request = $smcFunc['db_query']('', '
  246. SELECT id_member, real_name, last_login
  247. FROM {db_prefix}members
  248. WHERE warning >= {int:warning_watch}
  249. ORDER BY last_login DESC
  250. LIMIT 10',
  251. array(
  252. 'warning_watch' => $modSettings['warning_watch'],
  253. )
  254. );
  255. $watched_users = array();
  256. while ($row = $smcFunc['db_fetch_assoc']($request))
  257. $watched_users[] = $row;
  258. $smcFunc['db_free_result']($request);
  259. cache_put_data('recent_user_watches', $watched_users, 240);
  260. }
  261. $context['watched_users'] = array();
  262. foreach ($watched_users as $user)
  263. {
  264. $context['watched_users'][] = array(
  265. 'id' => $user['id_member'],
  266. 'name' => $user['real_name'],
  267. 'link' => '<a href="' . $scripturl . '?action=profile;u=' . $user['id_member'] . '">' . $user['real_name'] . '</a>',
  268. 'href' => $scripturl . '?action=profile;u=' . $user['id_member'],
  269. 'last_login' => !empty($user['last_login']) ? timeformat($user['last_login']) : '',
  270. );
  271. }
  272. return 'watched_users';
  273. }
  274. /**
  275. * Show an area for the moderator to type into.
  276. */
  277. function ModBlockNotes()
  278. {
  279. global $context, $smcFunc, $scripturl, $txt, $user_info;
  280. // Set a nice and informative message.
  281. $context['report_post_action'] = !empty($_SESSION['rc_confirmation']) ? $_SESSION['rc_confirmation'] : array();
  282. unset($_SESSION['rc_confirmation']);
  283. // Couple tokens for add/delete modnotes
  284. createToken('mod-modnote-add');
  285. createToken('mod-modnote-del', 'get');
  286. // Are we saving a note?
  287. if (isset($_GET['modnote']) && isset($_POST['makenote']) && isset($_POST['new_note']))
  288. {
  289. checkSession();
  290. validateToken('mod-modnote-add');
  291. $_POST['new_note'] = $smcFunc['htmlspecialchars'](trim($_POST['new_note']));
  292. // Make sure they actually entered something.
  293. if (!empty($_POST['new_note']) && $_POST['new_note'] !== $txt['mc_click_add_note'])
  294. {
  295. // Insert it into the database then!
  296. $smcFunc['db_insert']('',
  297. '{db_prefix}log_comments',
  298. array(
  299. 'id_member' => 'int', 'member_name' => 'string', 'comment_type' => 'string', 'recipient_name' => 'string',
  300. 'body' => 'string', 'log_time' => 'int',
  301. ),
  302. array(
  303. $user_info['id'], $user_info['name'], 'modnote', '', $_POST['new_note'], time(),
  304. ),
  305. array('id_comment')
  306. );
  307. // Clear the cache.
  308. cache_put_data('moderator_notes', null, 240);
  309. cache_put_data('moderator_notes_total', null, 240);
  310. }
  311. // Everything went better than expected!
  312. $_SESSION['rc_confirmation'] = 'message_saved';
  313. // Redirect otherwise people can resubmit.
  314. redirectexit('action=moderate');
  315. }
  316. // Bye... bye...
  317. if (isset($_GET['notes']) && isset($_GET['delete']) && is_numeric($_GET['delete']))
  318. {
  319. checkSession('get');
  320. validateToken('mod-modnote-del', 'get');
  321. // Lets delete it.
  322. $smcFunc['db_query']('', '
  323. DELETE FROM {db_prefix}log_comments
  324. WHERE id_comment = {int:note}
  325. AND comment_type = {literal:modnote}',
  326. array(
  327. 'note' => $_GET['delete'],
  328. )
  329. );
  330. // Clear the cache.
  331. cache_put_data('moderator_notes', null, 240);
  332. cache_put_data('moderator_notes_total', null, 240);
  333. // Tell them the message was deleted.
  334. $_SESSION['rc_confirmation'] = 'message_deleted';
  335. redirectexit('action=moderate');
  336. }
  337. // How many notes in total?
  338. if (($moderator_notes_total = cache_get_data('moderator_notes_total', 240)) === null)
  339. {
  340. $request = $smcFunc['db_query']('', '
  341. SELECT COUNT(*)
  342. FROM {db_prefix}log_comments AS lc
  343. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lc.id_member)
  344. WHERE lc.comment_type = {literal:modnote}',
  345. array(
  346. )
  347. );
  348. list ($moderator_notes_total) = $smcFunc['db_fetch_row']($request);
  349. $smcFunc['db_free_result']($request);
  350. cache_put_data('moderator_notes_total', $moderator_notes_total, 240);
  351. }
  352. // Grab the current notes. We can only use the cache for the first page of notes.
  353. $offset = isset($_GET['notes']) && isset($_GET['start']) ? $_GET['start'] : 0;
  354. if ($offset != 0 || ($moderator_notes = cache_get_data('moderator_notes', 240)) === null)
  355. {
  356. $request = $smcFunc['db_query']('', '
  357. SELECT IFNULL(mem.id_member, 0) AS id_member, IFNULL(mem.real_name, lc.member_name) AS member_name,
  358. lc.log_time, lc.body, lc.id_comment AS id_note
  359. FROM {db_prefix}log_comments AS lc
  360. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lc.id_member)
  361. WHERE lc.comment_type = {literal:modnote}
  362. ORDER BY id_comment DESC
  363. LIMIT {int:offset}, 10',
  364. array(
  365. 'offset' => $offset,
  366. )
  367. );
  368. $moderator_notes = array();
  369. while ($row = $smcFunc['db_fetch_assoc']($request))
  370. $moderator_notes[] = $row;
  371. $smcFunc['db_free_result']($request);
  372. if ($offset == 0)
  373. cache_put_data('moderator_notes', $moderator_notes, 240);
  374. }
  375. // Lets construct a page index.
  376. $context['page_index'] = constructPageIndex($scripturl . '?action=moderate;area=index;notes', $_GET['start'], $moderator_notes_total, 10);
  377. $context['start'] = $_GET['start'];
  378. $context['notes'] = array();
  379. foreach ($moderator_notes as $note)
  380. {
  381. $context['notes'][] = array(
  382. 'author' => array(
  383. 'id' => $note['id_member'],
  384. 'link' => $note['id_member'] ? ('<a href="' . $scripturl . '?action=profile;u=' . $note['id_member'] . '">' . $note['member_name'] . '</a>') : $note['member_name'],
  385. ),
  386. 'time' => timeformat($note['log_time']),
  387. 'text' => parse_bbc($note['body']),
  388. 'delete_href' => $scripturl . '?action=moderate;area=index;notes;delete=' . $note['id_note'] . ';' . $context['session_var'] . '=' . $context['session_id'],
  389. );
  390. }
  391. // Add a confirm on deleting a modnote
  392. addInlineJavascript('
  393. $(\'.delete_modnote\').on(\'click\', function(){
  394. return confirm('. JavaScriptEscape($txt['mc_reportedp_delete_confirm']) .');
  395. });', true);
  396. return 'notes';
  397. }
  398. /**
  399. * Show a list of the most recent reported posts.
  400. */
  401. function ModBlockReportedPosts()
  402. {
  403. global $context, $user_info, $scripturl, $smcFunc;
  404. // Got the info already?
  405. $cachekey = md5(serialize($user_info['mod_cache']['bq']));
  406. $context['reported_posts'] = array();
  407. if ($user_info['mod_cache']['bq'] == '0=1')
  408. return 'reported_posts_block';
  409. if (($reported_posts = cache_get_data('reported_posts_' . $cachekey, 90)) === null)
  410. {
  411. // By George, that means we in a position to get the reports, jolly good.
  412. $request = $smcFunc['db_query']('', '
  413. SELECT lr.id_report, lr.id_msg, lr.id_topic, lr.id_board, lr.id_member, lr.subject,
  414. lr.num_reports, IFNULL(mem.real_name, lr.membername) AS author_name,
  415. IFNULL(mem.id_member, 0) AS id_author
  416. FROM {db_prefix}log_reported AS lr
  417. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lr.id_member)
  418. WHERE ' . ($user_info['mod_cache']['bq'] == '1=1' || $user_info['mod_cache']['bq'] == '0=1' ? $user_info['mod_cache']['bq'] : 'lr.' . $user_info['mod_cache']['bq']) . '
  419. AND lr.closed = {int:not_closed}
  420. AND lr.ignore_all = {int:not_ignored}
  421. ORDER BY lr.time_updated DESC
  422. LIMIT 10',
  423. array(
  424. 'not_closed' => 0,
  425. 'not_ignored' => 0,
  426. )
  427. );
  428. $reported_posts = array();
  429. while ($row = $smcFunc['db_fetch_assoc']($request))
  430. $reported_posts[] = $row;
  431. $smcFunc['db_free_result']($request);
  432. // Cache it.
  433. cache_put_data('reported_posts_' . $cachekey, $reported_posts, 90);
  434. }
  435. $context['reported_posts'] = array();
  436. foreach ($reported_posts as $i => $row)
  437. {
  438. $context['reported_posts'][] = array(
  439. 'id' => $row['id_report'],
  440. 'alternate' => $i % 2,
  441. 'topic_href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
  442. 'report_href' => $scripturl . '?action=moderate;area=reports;report=' . $row['id_report'],
  443. 'author' => array(
  444. 'id' => $row['id_author'],
  445. 'name' => $row['author_name'],
  446. 'link' => $row['id_author'] ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_author'] . '">' . $row['author_name'] . '</a>' : $row['author_name'],
  447. 'href' => $scripturl . '?action=profile;u=' . $row['id_author'],
  448. ),
  449. 'comments' => array(),
  450. 'subject' => $row['subject'],
  451. 'num_reports' => $row['num_reports'],
  452. );
  453. }
  454. return 'reported_posts_block';
  455. }
  456. /**
  457. * Show a list of all the group requests they can see.
  458. */
  459. function ModBlockGroupRequests()
  460. {
  461. global $context, $user_info, $scripturl, $smcFunc;
  462. $context['group_requests'] = array();
  463. // Make sure they can even moderate someone!
  464. if ($user_info['mod_cache']['gq'] == '0=1')
  465. return 'group_requests_block';
  466. // What requests are outstanding?
  467. $request = $smcFunc['db_query']('', '
  468. SELECT lgr.id_request, lgr.id_member, lgr.id_group, lgr.time_applied, mem.member_name, mg.group_name, mem.real_name
  469. FROM {db_prefix}log_group_requests AS lgr
  470. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  471. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  472. WHERE ' . ($user_info['mod_cache']['gq'] == '1=1' || $user_info['mod_cache']['gq'] == '0=1' ? $user_info['mod_cache']['gq'] : 'lgr.' . $user_info['mod_cache']['gq']) . '
  473. AND lgr.status = {int:status_open}
  474. ORDER BY lgr.id_request DESC
  475. LIMIT 10',
  476. array(
  477. 'status_open' => 0,
  478. )
  479. );
  480. for ($i = 0; $row = $smcFunc['db_fetch_assoc']($request); $i ++)
  481. {
  482. $context['group_requests'][] = array(
  483. 'id' => $row['id_request'],
  484. 'alternate' => $i % 2,
  485. 'request_href' => $scripturl . '?action=groups;sa=requests;gid=' . $row['id_group'],
  486. 'member' => array(
  487. 'id' => $row['id_member'],
  488. 'name' => $row['real_name'],
  489. 'link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  490. 'href' => $scripturl . '?action=profile;u=' . $row['id_member'],
  491. ),
  492. 'group' => array(
  493. 'id' => $row['id_group'],
  494. 'name' => $row['group_name'],
  495. ),
  496. 'time_submitted' => timeformat($row['time_applied']),
  497. );
  498. }
  499. $smcFunc['db_free_result']($request);
  500. return 'group_requests_block';
  501. }
  502. /**
  503. * Act as an entrace for all group related activity.
  504. * @todo As for most things in this file, this needs to be moved somewhere appropriate?
  505. */
  506. function ModerateGroups()
  507. {
  508. global $txt, $context, $scripturl, $user_info;
  509. // You need to be allowed to moderate groups...
  510. if ($user_info['mod_cache']['gq'] == '0=1')
  511. isAllowedTo('manage_membergroups');
  512. // Load the group templates.
  513. loadTemplate('ModerationCenter');
  514. // Setup the subactions...
  515. $subactions = array(
  516. 'requests' => 'GroupRequests',
  517. 'view' => 'ViewGroups',
  518. );
  519. if (!isset($_GET['sa']) || !isset($subactions[$_GET['sa']]))
  520. $_GET['sa'] = 'view';
  521. $context['sub_action'] = $_GET['sa'];
  522. // Call the relevant function.
  523. $subactions[$context['sub_action']]();
  524. }
  525. /**
  526. * Show a notice sent to a user.
  527. */
  528. function ShowNotice()
  529. {
  530. global $smcFunc, $txt, $context;
  531. $context['page_title'] = $txt['show_notice'];
  532. $context['sub_template'] = 'show_notice';
  533. $context['template_layers'] = array();
  534. loadTemplate('ModerationCenter');
  535. // @todo Assumes nothing needs permission more than accessing moderation center!
  536. $id_notice = (int) $_GET['nid'];
  537. $request = $smcFunc['db_query']('', '
  538. SELECT body, subject
  539. FROM {db_prefix}log_member_notices
  540. WHERE id_notice = {int:id_notice}',
  541. array(
  542. 'id_notice' => $id_notice,
  543. )
  544. );
  545. if ($smcFunc['db_num_rows']($request) == 0)
  546. fatal_lang_error('no_access', false);
  547. list ($context['notice_body'], $context['notice_subject']) = $smcFunc['db_fetch_row']($request);
  548. $smcFunc['db_free_result']($request);
  549. $context['notice_body'] = parse_bbc($context['notice_body'], false);
  550. }
  551. /**
  552. * View watched users.
  553. */
  554. function ViewWatchedUsers()
  555. {
  556. global $smcFunc, $modSettings, $context, $txt, $scripturl, $sourcedir;
  557. // Some important context!
  558. $context['page_title'] = $txt['mc_watched_users_title'];
  559. $context['view_posts'] = isset($_GET['sa']) && $_GET['sa'] == 'post';
  560. $context['start'] = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
  561. loadTemplate('ModerationCenter');
  562. // Get some key settings!
  563. $modSettings['warning_watch'] = empty($modSettings['warning_watch']) ? 1 : $modSettings['warning_watch'];
  564. // Put some pretty tabs on cause we're gonna be doing hot stuff here...
  565. $context[$context['moderation_menu_name']]['tab_data'] = array(
  566. 'title' => $txt['mc_watched_users_title'],
  567. 'help' => '',
  568. 'description' => $txt['mc_watched_users_desc'],
  569. );
  570. // First off - are we deleting?
  571. if (!empty($_REQUEST['delete']))
  572. {
  573. checkSession(!is_array($_REQUEST['delete']) ? 'get' : 'post');
  574. $toDelete = array();
  575. if (!is_array($_REQUEST['delete']))
  576. $toDelete[] = (int) $_REQUEST['delete'];
  577. else
  578. foreach ($_REQUEST['delete'] as $did)
  579. $toDelete[] = (int) $did;
  580. if (!empty($toDelete))
  581. {
  582. require_once($sourcedir . '/RemoveTopic.php');
  583. // If they don't have permission we'll let it error - either way no chance of a security slip here!
  584. foreach ($toDelete as $did)
  585. removeMessage($did);
  586. }
  587. }
  588. // Start preparing the list by grabbing relevant permissions.
  589. if (!$context['view_posts'])
  590. {
  591. $approve_query = '';
  592. $delete_boards = array();
  593. }
  594. else
  595. {
  596. // Still obey permissions!
  597. $approve_boards = boardsAllowedTo('approve_posts');
  598. $delete_boards = boardsAllowedTo('delete_any');
  599. if ($approve_boards == array(0))
  600. $approve_query = '';
  601. elseif (!empty($approve_boards))
  602. $approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
  603. // Nada, zip, etc...
  604. else
  605. $approve_query = ' AND 1=0';
  606. }
  607. require_once($sourcedir . '/Subs-List.php');
  608. // This is all the information required for a watched user listing.
  609. $listOptions = array(
  610. 'id' => 'watch_user_list',
  611. 'title' => $txt['mc_watched_users_title'] . ' - ' . ($context['view_posts'] ? $txt['mc_watched_users_post'] : $txt['mc_watched_users_member']),
  612. 'width' => '100%',
  613. 'items_per_page' => $modSettings['defaultMaxMessages'],
  614. 'no_items_label' => $context['view_posts'] ? $txt['mc_watched_users_no_posts'] : $txt['mc_watched_users_none'],
  615. 'base_href' => $scripturl . '?action=moderate;area=userwatch;sa=' . ($context['view_posts'] ? 'post' : 'member'),
  616. 'default_sort_col' => $context['view_posts'] ? '' : 'member',
  617. 'get_items' => array(
  618. 'function' => $context['view_posts'] ? 'list_getWatchedUserPosts' : 'list_getWatchedUsers',
  619. 'params' => array(
  620. $approve_query,
  621. $delete_boards,
  622. ),
  623. ),
  624. 'get_count' => array(
  625. 'function' => $context['view_posts'] ? 'list_getWatchedUserPostsCount' : 'list_getWatchedUserCount',
  626. 'params' => array(
  627. $approve_query,
  628. ),
  629. ),
  630. // This assumes we are viewing by user.
  631. 'columns' => array(
  632. 'member' => array(
  633. 'header' => array(
  634. 'value' => $txt['mc_watched_users_member'],
  635. ),
  636. 'data' => array(
  637. 'sprintf' => array(
  638. 'format' => '<a href="' . $scripturl . '?action=profile;u=%1$d">%2$s</a>',
  639. 'params' => array(
  640. 'id' => false,
  641. 'name' => false,
  642. ),
  643. ),
  644. ),
  645. 'sort' => array(
  646. 'default' => 'real_name',
  647. 'reverse' => 'real_name DESC',
  648. ),
  649. ),
  650. 'warning' => array(
  651. 'header' => array(
  652. 'value' => $txt['mc_watched_users_warning'],
  653. ),
  654. 'data' => array(
  655. 'function' => create_function('$member', '
  656. global $scripturl;
  657. return allowedTo(\'issue_warning\') ? \'<a href="\' . $scripturl . \'?action=profile;area=issuewarning;u=\' . $member[\'id\'] . \'">\' . $member[\'warning\'] . \'%</a>\' : $member[\'warning\'] . \'%\';
  658. '),
  659. ),
  660. 'sort' => array(
  661. 'default' => 'warning',
  662. 'reverse' => 'warning DESC',
  663. ),
  664. ),
  665. 'posts' => array(
  666. 'header' => array(
  667. 'value' => $txt['posts'],
  668. ),
  669. 'data' => array(
  670. 'sprintf' => array(
  671. 'format' => '<a href="' . $scripturl . '?action=profile;u=%1$d;area=showposts;sa=messages">%2$s</a>',
  672. 'params' => array(
  673. 'id' => false,
  674. 'posts' => false,
  675. ),
  676. ),
  677. ),
  678. 'sort' => array(
  679. 'default' => 'posts',
  680. 'reverse' => 'posts DESC',
  681. ),
  682. ),
  683. 'last_login' => array(
  684. 'header' => array(
  685. 'value' => $txt['mc_watched_users_last_login'],
  686. ),
  687. 'data' => array(
  688. 'db' => 'last_login',
  689. ),
  690. 'sort' => array(
  691. 'default' => 'last_login',
  692. 'reverse' => 'last_login DESC',
  693. ),
  694. ),
  695. 'last_post' => array(
  696. 'header' => array(
  697. 'value' => $txt['mc_watched_users_last_post'],
  698. ),
  699. 'data' => array(
  700. 'function' => create_function('$member', '
  701. global $scripturl;
  702. if ($member[\'last_post_id\'])
  703. return \'<a href="\' . $scripturl . \'?msg=\' . $member[\'last_post_id\'] . \'">\' . $member[\'last_post\'] . \'</a>\';
  704. else
  705. return $member[\'last_post\'];
  706. '),
  707. ),
  708. ),
  709. ),
  710. 'form' => array(
  711. 'href' => $scripturl . '?action=moderate;area=userwatch;sa=post',
  712. 'include_sort' => true,
  713. 'include_start' => true,
  714. 'hidden_fields' => array(
  715. $context['session_var'] => $context['session_id'],
  716. ),
  717. ),
  718. 'additional_rows' => array(
  719. $context['view_posts'] ?
  720. array(
  721. 'position' => 'bottom_of_list',
  722. 'value' => '
  723. <input type="submit" name="delete_selected" value="' . $txt['quickmod_delete_selected'] . '" class="button_submit">',
  724. 'align' => 'right',
  725. ) : array(),
  726. ),
  727. );
  728. // If this is being viewed by posts we actually change the columns to call a template each time.
  729. if ($context['view_posts'])
  730. {
  731. $listOptions['columns'] = array(
  732. 'posts' => array(
  733. 'data' => array(
  734. 'function' => create_function('$post', '
  735. return template_user_watch_post_callback($post);
  736. '),
  737. ),
  738. ),
  739. );
  740. }
  741. // Create the watched user list.
  742. createList($listOptions);
  743. $context['sub_template'] = 'show_list';
  744. $context['default_list'] = 'watch_user_list';
  745. }
  746. /**
  747. * Callback for createList().
  748. * @param $approve_query
  749. */
  750. function list_getWatchedUserCount($approve_query)
  751. {
  752. global $smcFunc, $modSettings;
  753. $request = $smcFunc['db_query']('', '
  754. SELECT COUNT(*)
  755. FROM {db_prefix}members
  756. WHERE warning >= {int:warning_watch}',
  757. array(
  758. 'warning_watch' => $modSettings['warning_watch'],
  759. )
  760. );
  761. list ($totalMembers) = $smcFunc['db_fetch_row']($request);
  762. $smcFunc['db_free_result']($request);
  763. return $totalMembers;
  764. }
  765. /**
  766. * Callback for createList().
  767. *
  768. * @param $start
  769. * @param $items_per_page
  770. * @param $sort
  771. * @param $approve_query
  772. * @param $dummy
  773. */
  774. function list_getWatchedUsers($start, $items_per_page, $sort, $approve_query, $dummy)
  775. {
  776. global $smcFunc, $txt, $scripturl, $modSettings, $user_info, $context;
  777. $request = $smcFunc['db_query']('', '
  778. SELECT id_member, real_name, last_login, posts, warning
  779. FROM {db_prefix}members
  780. WHERE warning >= {int:warning_watch}
  781. ORDER BY {raw:sort}
  782. LIMIT ' . $start . ', ' . $items_per_page,
  783. array(
  784. 'warning_watch' => $modSettings['warning_watch'],
  785. 'sort' => $sort,
  786. )
  787. );
  788. $watched_users = array();
  789. $members = array();
  790. while ($row = $smcFunc['db_fetch_assoc']($request))
  791. {
  792. $watched_users[$row['id_member']] = array(
  793. 'id' => $row['id_member'],
  794. 'name' => $row['real_name'],
  795. 'last_login' => $row['last_login'] ? timeformat($row['last_login']) : $txt['never'],
  796. 'last_post' => $txt['not_applicable'],
  797. 'last_post_id' => 0,
  798. 'warning' => $row['warning'],
  799. 'posts' => $row['posts'],
  800. );
  801. $members[] = $row['id_member'];
  802. }
  803. $smcFunc['db_free_result']($request);
  804. if (!empty($members))
  805. {
  806. // First get the latest messages from these users.
  807. $request = $smcFunc['db_query']('', '
  808. SELECT m.id_member, MAX(m.id_msg) AS last_post_id
  809. FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
  810. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
  811. WHERE m.id_member IN ({array_int:member_list})' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
  812. AND m.approved = {int:is_approved}') . '
  813. GROUP BY m.id_member',
  814. array(
  815. 'member_list' => $members,
  816. 'is_approved' => 1,
  817. )
  818. );
  819. $latest_posts = array();
  820. while ($row = $smcFunc['db_fetch_assoc']($request))
  821. $latest_posts[$row['id_member']] = $row['last_post_id'];
  822. if (!empty($latest_posts))
  823. {
  824. // Now get the time those messages were posted.
  825. $request = $smcFunc['db_query']('', '
  826. SELECT id_member, poster_time
  827. FROM {db_prefix}messages
  828. WHERE id_msg IN ({array_int:message_list})',
  829. array(
  830. 'message_list' => $latest_posts,
  831. )
  832. );
  833. while ($row = $smcFunc['db_fetch_assoc']($request))
  834. {
  835. $watched_users[$row['id_member']]['last_post'] = timeformat($row['poster_time']);
  836. $watched_users[$row['id_member']]['last_post_id'] = $latest_posts[$row['id_member']];
  837. }
  838. $smcFunc['db_free_result']($request);
  839. }
  840. $request = $smcFunc['db_query']('', '
  841. SELECT MAX(m.poster_time) AS last_post, MAX(m.id_msg) AS last_post_id, m.id_member
  842. FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
  843. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
  844. WHERE m.id_member IN ({array_int:member_list})' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
  845. AND m.approved = {int:is_approved}') . '
  846. GROUP BY m.id_member',
  847. array(
  848. 'member_list' => $members,
  849. 'is_approved' => 1,
  850. )
  851. );
  852. while ($row = $smcFunc['db_fetch_assoc']($request))
  853. {
  854. $watched_users[$row['id_member']]['last_post'] = timeformat($row['last_post']);
  855. $watched_users[$row['id_member']]['last_post_id'] = $row['last_post_id'];
  856. }
  857. $smcFunc['db_free_result']($request);
  858. }
  859. return $watched_users;
  860. }
  861. /**
  862. * Callback for createList().
  863. *
  864. * @param $approve_query
  865. */
  866. function list_getWatchedUserPostsCount($approve_query)
  867. {
  868. global $smcFunc, $modSettings;
  869. $request = $smcFunc['db_query']('', '
  870. SELECT COUNT(*)
  871. FROM {db_prefix}messages AS m
  872. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  873. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  874. WHERE mem.warning >= {int:warning_watch}
  875. AND {query_see_board}
  876. ' . $approve_query,
  877. array(
  878. 'warning_watch' => $modSettings['warning_watch'],
  879. )
  880. );
  881. list ($totalMemberPosts) = $smcFunc['db_fetch_row']($request);
  882. $smcFunc['db_free_result']($request);
  883. return $totalMemberPosts;
  884. }
  885. /**
  886. * Callback for createList().
  887. *
  888. * @param $start
  889. * @param $items_per_page
  890. * @param $sort
  891. * @param $approve_query
  892. * @param $delete_boards
  893. */
  894. function list_getWatchedUserPosts($start, $items_per_page, $sort, $approve_query, $delete_boards)
  895. {
  896. global $smcFunc, $txt, $scripturl, $modSettings;
  897. $request = $smcFunc['db_query']('', '
  898. SELECT m.id_msg, m.id_topic, m.id_board, m.id_member, m.subject, m.body, m.poster_time,
  899. m.approved, mem.real_name, m.smileys_enabled
  900. FROM {db_prefix}messages AS m
  901. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  902. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  903. WHERE mem.warning >= {int:warning_watch}
  904. AND {query_see_board}
  905. ' . $approve_query . '
  906. ORDER BY m.id_msg DESC
  907. LIMIT ' . $start . ', ' . $items_per_page,
  908. array(
  909. 'warning_watch' => $modSettings['warning_watch'],
  910. )
  911. );
  912. $member_posts = array();
  913. while ($row = $smcFunc['db_fetch_assoc']($request))
  914. {
  915. $row['subject'] = censorText($row['subject']);
  916. $row['body'] = censorText($row['body']);
  917. $member_posts[$row['id_msg']] = array(
  918. 'id' => $row['id_msg'],
  919. 'id_topic' => $row['id_topic'],
  920. 'author_link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  921. 'subject' => $row['subject'],
  922. 'body' => parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']),
  923. 'poster_time' => timeformat($row['poster_time']),
  924. 'approved' => $row['approved'],
  925. 'can_delete' => $delete_boards == array(0) || in_array($row['id_board'], $delete_boards),
  926. );
  927. }
  928. $smcFunc['db_free_result']($request);
  929. return $member_posts;
  930. }
  931. /**
  932. * Entry point for viewing warning related stuff.
  933. */
  934. function ViewWarnings()
  935. {
  936. global $context, $txt;
  937. $subActions = array(
  938. 'log' => array('ViewWarningLog'),
  939. 'templateedit' => array('ModifyWarningTemplate', 'issue_warning'),
  940. 'templates' => array('ViewWarningTemplates', 'issue_warning'),
  941. );
  942. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) && (empty($subActions[$_REQUEST['sa']][1]) || allowedTo($subActions[$_REQUEST['sa']]))? $_REQUEST['sa'] : 'log';
  943. // Some of this stuff is overseas, so to speak.
  944. loadTemplate('ModerationCenter');
  945. loadLanguage('Profile');
  946. // Setup the admin tabs.
  947. $context[$context['moderation_menu_name']]['tab_data'] = array(
  948. 'title' => $txt['mc_warnings'],
  949. 'description' => $txt['mc_warnings_description'],
  950. );
  951. // Call the right function.
  952. $subActions[$_REQUEST['sa']][0]();
  953. }
  954. /**
  955. * Simply put, look at the warning log!
  956. */
  957. function ViewWarningLog()
  958. {
  959. global $smcFunc, $modSettings, $context, $txt, $scripturl, $sourcedir;
  960. // Setup context as always.
  961. $context['page_title'] = $txt['mc_warning_log_title'];
  962. require_once($sourcedir . '/Subs-List.php');
  963. // This is all the information required for a watched user listing.
  964. $listOptions = array(
  965. 'id' => 'warning_list',
  966. 'title' => $txt['mc_warning_log_title'],
  967. 'items_per_page' => $modSettings['defaultMaxMessages'],
  968. 'no_items_label' => $txt['mc_warnings_none'],
  969. 'base_href' => $scripturl . '?action=moderate;area=warnings;sa=log;' . $context['session_var'] . '=' . $context['session_id'],
  970. 'default_sort_col' => 'time',
  971. 'get_items' => array(
  972. 'function' => 'list_getWarnings',
  973. ),
  974. 'get_count' => array(
  975. 'function' => 'list_getWarningCount',
  976. ),
  977. // This assumes we are viewing by user.
  978. 'columns' => array(
  979. 'issuer' => array(
  980. 'header' => array(
  981. 'value' => $txt['profile_warning_previous_issued'],
  982. ),
  983. 'data' => array(
  984. 'db' => 'issuer_link',
  985. ),
  986. 'sort' => array(
  987. 'default' => 'member_name_col',
  988. 'reverse' => 'member_name_col DESC',
  989. ),
  990. ),
  991. 'recipient' => array(
  992. 'header' => array(
  993. 'value' => $txt['mc_warnings_recipient'],
  994. ),
  995. 'data' => array(
  996. 'db' => 'recipient_link',
  997. ),
  998. 'sort' => array(
  999. 'default' => 'recipient_name',
  1000. 'reverse' => 'recipient_name DESC',
  1001. ),
  1002. ),
  1003. 'time' => array(
  1004. 'header' => array(
  1005. 'value' => $txt['profile_warning_previous_time'],
  1006. ),
  1007. 'data' => array(
  1008. 'db' => 'time',
  1009. ),
  1010. 'sort' => array(
  1011. 'default' => 'lc.log_time DESC',
  1012. 'reverse' => 'lc.log_time',
  1013. ),
  1014. ),
  1015. 'reason' => array(
  1016. 'header' => array(
  1017. 'value' => $txt['profile_warning_previous_reason'],
  1018. ),
  1019. 'data' => array(
  1020. 'function' => create_function('$warning', '
  1021. global $scripturl, $txt;
  1022. $output = \'
  1023. <div class="floatleft">
  1024. \' . $warning[\'reason\'] . \'
  1025. </div>\';
  1026. if (!empty($warning[\'id_notice\']))
  1027. $output .= \'
  1028. &nbsp;<a href="\' . $scripturl . \'?action=moderate;area=notice;nid=\' . $warning[\'id_notice\'] . \'" onclick="window.open(this.href, \\\'\\\', \\\'scrollbars=yes,resizable=yes,width=400,height=250\\\');return false;" target="_blank" class="new_win" title="\' . $txt[\'profile_warning_previous_notice\'] . \'"><span class="generic_icons filter centericon"></span></a>\';
  1029. return $output;
  1030. '),
  1031. ),
  1032. ),
  1033. 'points' => array(
  1034. 'header' => array(
  1035. 'value' => $txt['profile_warning_previous_level'],
  1036. ),
  1037. 'data' => array(
  1038. 'db' => 'counter',
  1039. ),
  1040. ),
  1041. ),
  1042. );
  1043. // Create the watched user list.
  1044. createList($listOptions);
  1045. $context['sub_template'] = 'show_list';
  1046. $context['default_list'] = 'warning_list';
  1047. }
  1048. /**
  1049. * Callback for createList().
  1050. */
  1051. function list_getWarningCount()
  1052. {
  1053. global $smcFunc;
  1054. $request = $smcFunc['db_query']('', '
  1055. SELECT COUNT(*)
  1056. FROM {db_prefix}log_comments
  1057. WHERE comment_type = {string:warning}',
  1058. array(
  1059. 'warning' => 'warning',
  1060. )
  1061. );
  1062. list ($totalWarns) = $smcFunc['db_fetch_row']($request);
  1063. $smcFunc['db_free_result']($request);
  1064. return $totalWarns;
  1065. }
  1066. /**
  1067. * Callback for createList().
  1068. *
  1069. * @param $start
  1070. * @param $items_per_page
  1071. * @param $sort
  1072. */
  1073. function list_getWarnings($start, $items_per_page, $sort)
  1074. {
  1075. global $smcFunc, $txt, $scripturl;
  1076. $request = $smcFunc['db_query']('', '
  1077. SELECT IFNULL(mem.id_member, 0) AS id_member, IFNULL(mem.real_name, lc.member_name) AS member_name_col,
  1078. IFNULL(mem2.id_member, 0) AS id_recipient, IFNULL(mem2.real_name, lc.recipient_name) AS recipient_name,
  1079. lc.log_time, lc.body, lc.id_notice, lc.counter
  1080. FROM {db_prefix}log_comments AS lc
  1081. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lc.id_member)
  1082. LEFT JOIN {db_prefix}members AS mem2 ON (mem2.id_member = lc.id_recipient)
  1083. WHERE lc.comment_type = {string:warning}
  1084. ORDER BY ' . $sort . '
  1085. LIMIT ' . $start . ', ' . $items_per_page,
  1086. array(
  1087. 'warning' => 'warning',
  1088. )
  1089. );
  1090. $warnings = array();
  1091. while ($row = $smcFunc['db_fetch_assoc']($request))
  1092. {
  1093. $warnings[] = array(
  1094. 'issuer_link' => $row['id_member'] ? ('<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['member_name_col'] . '</a>') : $row['member_name_col'],
  1095. 'recipient_link' => $row['id_recipient'] ? ('<a href="' . $scripturl . '?action=profile;u=' . $row['id_recipient'] . '">' . $row['recipient_name'] . '</a>') : $row['recipient_name'],
  1096. 'time' => timeformat($row['log_time']),
  1097. 'reason' => $row['body'],
  1098. 'counter' => $row['counter'] > 0 ? '+' . $row['counter'] : $row['counter'],
  1099. 'id_notice' => $row['id_notice'],
  1100. );
  1101. }
  1102. $smcFunc['db_free_result']($request);
  1103. return $warnings;
  1104. }
  1105. /**
  1106. * Load all the warning templates.
  1107. */
  1108. function ViewWarningTemplates()
  1109. {
  1110. global $smcFunc, $modSettings, $context, $txt, $scripturl, $sourcedir, $user_info;
  1111. // Submitting a new one?
  1112. if (isset($_POST['add']))
  1113. return ModifyWarningTemplate();
  1114. elseif (isset($_POST['delete']) && !empty($_POST['deltpl']))
  1115. {
  1116. checkSession();
  1117. validateToken('mod-wt');
  1118. // Log the actions.
  1119. $request = $smcFunc['db_query']('', '
  1120. SELECT recipient_name
  1121. FROM {db_prefix}log_comments
  1122. WHERE id_comment IN ({array_int:delete_ids})
  1123. AND comment_type = {string:warntpl}
  1124. AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})',
  1125. array(
  1126. 'delete_ids' => $_POST['deltpl'],
  1127. 'warntpl' => 'warntpl',
  1128. 'generic' => 0,
  1129. 'current_member' => $user_info['id'],
  1130. )
  1131. );
  1132. while ($row = $smcFunc['db_fetch_assoc']($request))
  1133. logAction('delete_warn_template', array('template' => $row['recipient_name']));
  1134. $smcFunc['db_free_result']($request);
  1135. // Do the deletes.
  1136. $smcFunc['db_query']('', '
  1137. DELETE FROM {db_prefix}log_comments
  1138. WHERE id_comment IN ({array_int:delete_ids})
  1139. AND comment_type = {string:warntpl}
  1140. AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})',
  1141. array(
  1142. 'delete_ids' => $_POST['deltpl'],
  1143. 'warntpl' => 'warntpl',
  1144. 'generic' => 0,
  1145. 'current_member' => $user_info['id'],
  1146. )
  1147. );
  1148. }
  1149. // Setup context as always.
  1150. $context['page_title'] = $txt['mc_warning_templates_title'];
  1151. require_once($sourcedir . '/Subs-List.php');
  1152. // This is all the information required for a watched user listing.
  1153. $listOptions = array(
  1154. 'id' => 'warning_template_list',
  1155. 'title' => $txt['mc_warning_templates_title'],
  1156. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1157. 'no_items_label' => $txt['mc_warning_templates_none'],
  1158. 'base_href' => $scripturl . '?action=moderate;area=warnings;sa=templates;' . $context['session_var'] . '=' . $context['session_id'],
  1159. 'default_sort_col' => 'title',
  1160. 'get_items' => array(
  1161. 'function' => 'list_getWarningTemplates',
  1162. ),
  1163. 'get_count' => array(
  1164. 'function' => 'list_getWarningTemplateCount',
  1165. ),
  1166. // This assumes we are viewing by user.
  1167. 'columns' => array(
  1168. 'title' => array(
  1169. 'header' => array(
  1170. 'value' => $txt['mc_warning_templates_name'],
  1171. ),
  1172. 'data' => array(
  1173. 'sprintf' => array(
  1174. 'format' => '<a href="' . $scripturl . '?action=moderate;area=warnings;sa=templateedit;tid=%1$d">%2$s</a>',
  1175. 'params' => array(
  1176. 'id_comment' => false,
  1177. 'title' => false,
  1178. 'body' => false,
  1179. ),
  1180. ),
  1181. ),
  1182. 'sort' => array(
  1183. 'default' => 'template_title',
  1184. 'reverse' => 'template_title DESC',
  1185. ),
  1186. ),
  1187. 'creator' => array(
  1188. 'header' => array(
  1189. 'value' => $txt['mc_warning_templates_creator'],
  1190. ),
  1191. 'data' => array(
  1192. 'db' => 'creator',
  1193. ),
  1194. 'sort' => array(
  1195. 'default' => 'creator_name',
  1196. 'reverse' => 'creator_name DESC',
  1197. ),
  1198. ),
  1199. 'time' => array(
  1200. 'header' => array(
  1201. 'value' => $txt['mc_warning_templates_time'],
  1202. ),
  1203. 'data' => array(
  1204. 'db' => 'time',
  1205. ),
  1206. 'sort' => array(
  1207. 'default' => 'lc.log_time DESC',
  1208. 'reverse' => 'lc.log_time',
  1209. ),
  1210. ),
  1211. 'delete' => array(
  1212. 'header' => array(
  1213. 'value' => '<input type="checkbox" class="input_check" onclick="invertAll(this, this.form);">',
  1214. 'style' => 'width: 4%;',
  1215. 'class' => 'centercol',
  1216. ),
  1217. 'data' => array(
  1218. 'function' => create_function('$rowData', '
  1219. global $context, $txt, $scripturl;
  1220. return \'<input type="checkbox" name="deltpl[]" value="\' . $rowData[\'id_comment\'] . \'" class="input_check">\';
  1221. '),
  1222. 'class' => 'centercol',
  1223. ),
  1224. ),
  1225. ),
  1226. 'form' => array(
  1227. 'href' => $scripturl . '?action=moderate;area=warnings;sa=templates',
  1228. 'token' => 'mod-wt',
  1229. ),
  1230. 'additional_rows' => array(
  1231. array(
  1232. 'position' => 'below_table_data',
  1233. 'value' => '&nbsp;<input type="submit" name="delete" value="' . $txt['mc_warning_template_delete'] . '" onclick="return confirm(\'' . $txt['mc_warning_template_delete_confirm'] . '\');" class="button_submit">',
  1234. ),
  1235. array(
  1236. 'position' => 'bottom_of_list',
  1237. 'value' => '<input type="submit" name="add" value="' . $txt['mc_warning_template_add'] . '" class="button_submit">',
  1238. ),
  1239. ),
  1240. );
  1241. // Create the watched user list.
  1242. createToken('mod-wt');
  1243. createList($listOptions);
  1244. $context['sub_template'] = 'show_list';
  1245. $context['default_list'] = 'warning_template_list';
  1246. }
  1247. /**
  1248. * Callback for createList().
  1249. */
  1250. function list_getWarningTemplateCount()
  1251. {
  1252. global $smcFunc, $user_info;
  1253. $request = $smcFunc['db_query']('', '
  1254. SELECT COUNT(*)
  1255. FROM {db_prefix}log_comments
  1256. WHERE comment_type = {string:warntpl}
  1257. AND (id_recipient = {string:generic} OR id_recipient = {int:current_member})',
  1258. array(
  1259. 'warntpl' => 'warntpl',
  1260. 'generic' => 0,
  1261. 'current_member' => $user_info['id'],
  1262. )
  1263. );
  1264. list ($totalWarns) = $smcFunc['db_fetch_row']($request);
  1265. $smcFunc['db_free_result']($request);
  1266. return $totalWarns;
  1267. }
  1268. /**
  1269. * Callback for createList().
  1270. *
  1271. * @param $start
  1272. * @param $items_per_page
  1273. * @param $sort
  1274. */
  1275. function list_getWarningTemplates($start, $items_per_page, $sort)
  1276. {
  1277. global $smcFunc, $txt, $scripturl, $user_info;
  1278. $request = $smcFunc['db_query']('', '
  1279. SELECT lc.id_comment, IFNULL(mem.id_member, 0) AS id_member,
  1280. IFNULL(mem.real_name, lc.member_name) AS creator_name, recipient_name AS template_title,
  1281. lc.log_time, lc.body
  1282. FROM {db_prefix}log_comments AS lc
  1283. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lc.id_member)
  1284. WHERE lc.comment_type = {string:warntpl}
  1285. AND (id_recipient = {string:generic} OR id_recipient = {int:current_member})
  1286. ORDER BY ' . $sort . '
  1287. LIMIT ' . $start . ', ' . $items_per_page,
  1288. array(
  1289. 'warntpl' => 'warntpl',
  1290. 'generic' => 0,
  1291. 'current_member' => $user_info['id'],
  1292. )
  1293. );
  1294. $templates = array();
  1295. while ($row = $smcFunc['db_fetch_assoc']($request))
  1296. {
  1297. $templates[] = array(
  1298. 'id_comment' => $row['id_comment'],
  1299. 'creator' => $row['id_member'] ? ('<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['creator_name'] . '</a>') : $row['creator_name'],
  1300. 'time' => timeformat($row['log_time']),
  1301. 'title' => $row['template_title'],
  1302. 'body' => $smcFunc['htmlspecialchars']($row['body']),
  1303. );
  1304. }
  1305. $smcFunc['db_free_result']($request);
  1306. return $templates;
  1307. }
  1308. /**
  1309. * Edit a warning template.
  1310. */
  1311. function ModifyWarningTemplate()
  1312. {
  1313. global $smcFunc, $context, $txt, $user_info, $sourcedir;
  1314. $context['id_template'] = isset($_REQUEST['tid']) ? (int) $_REQUEST['tid'] : 0;
  1315. $context['is_edit'] = $context['id_template'];
  1316. // Standard template things.
  1317. $context['page_title'] = $context['is_edit'] ? $txt['mc_warning_template_modify'] : $txt['mc_warning_template_add'];
  1318. $context['sub_template'] = 'warn_template';
  1319. $context[$context['moderation_menu_name']]['current_subsection'] = 'templates';
  1320. // Defaults.
  1321. $context['template_data'] = array(
  1322. 'title' => '',
  1323. 'body' => $txt['mc_warning_template_body_default'],
  1324. 'personal' => false,
  1325. 'can_edit_personal' => true,
  1326. );
  1327. // If it's an edit load it.
  1328. if ($context['is_edit'])
  1329. {
  1330. $request = $smcFunc['db_query']('', '
  1331. SELECT id_member, id_recipient, recipient_name AS template_title, body
  1332. FROM {db_prefix}log_comments
  1333. WHERE id_comment = {int:id}
  1334. AND comment_type = {string:warntpl}
  1335. AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})',
  1336. array(
  1337. 'id' => $context['id_template'],
  1338. 'warntpl' => 'warntpl',
  1339. 'generic' => 0,
  1340. 'current_member' => $user_info['id'],
  1341. )
  1342. );
  1343. while ($row = $smcFunc['db_fetch_assoc']($request))
  1344. {
  1345. $context['template_data'] = array(
  1346. 'title' => $row['template_title'],
  1347. 'body' => $smcFunc['htmlspecialchars']($row['body']),
  1348. 'personal' => $row['id_recipient'],
  1349. 'can_edit_personal' => $row['id_member'] == $user_info['id'],
  1350. );
  1351. }
  1352. $smcFunc['db_free_result']($request);
  1353. }
  1354. // Wait, we are saving?
  1355. if (isset($_POST['save']))
  1356. {
  1357. checkSession();
  1358. validateToken('mod-wt');
  1359. // To check the BBC is pretty good...
  1360. require_once($sourcedir . '/Subs-Post.php');
  1361. // Bit of cleaning!
  1362. $_POST['template_body'] = trim($_POST['template_body']);
  1363. $_POST['template_title'] = trim($_POST['template_title']);
  1364. // Need something in both boxes.
  1365. if (!empty($_POST['template_body']) && !empty($_POST['template_title']))
  1366. {
  1367. // Safety first.
  1368. $_POST['template_title'] = $smcFunc['htmlspecialchars']($_POST['template_title']);
  1369. // Clean up BBC.
  1370. preparsecode($_POST['template_body']);
  1371. // But put line breaks back!
  1372. $_POST['template_body'] = strtr($_POST['template_body'], array('<br>' => "\n"));
  1373. // Is this personal?
  1374. $recipient_id = !empty($_POST['make_personal']) ? $user_info['id'] : 0;
  1375. // If we are this far it's save time.
  1376. if ($context['is_edit'])
  1377. {
  1378. // Simple update...
  1379. $smcFunc['db_query']('', '
  1380. UPDATE {db_prefix}log_comments
  1381. SET id_recipient = {int:personal}, recipient_name = {string:title}, body = {string:body}
  1382. WHERE id_comment = {int:id}
  1383. AND comment_type = {string:warntpl}
  1384. AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})'.
  1385. ($recipient_id ? ' AND id_member = {int:current_member}' : ''),
  1386. array(
  1387. 'personal' => $recipient_id,
  1388. 'title' => $_POST['template_title'],
  1389. 'body' => $_POST['template_body'],
  1390. 'id' => $context['id_template'],
  1391. 'warntpl' => 'warntpl',
  1392. 'generic' => 0,
  1393. 'current_member' => $user_info['id'],
  1394. )
  1395. );
  1396. // If it wasn't visible and now is they've effectively added it.
  1397. if ($context['template_data']['personal'] && !$recipient_id)
  1398. logAction('add_warn_template', array('template' => $_POST['template_title']));
  1399. // Conversely if they made it personal it's a delete.
  1400. elseif (!$context['template_data']['personal'] && $recipient_id)
  1401. logAction('delete_warn_template', array('template' => $_POST['template_title']));
  1402. // Otherwise just an edit.
  1403. else
  1404. logAction('modify_warn_template', array('template' => $_POST['template_title']));
  1405. }
  1406. else
  1407. {
  1408. $smcFunc['db_insert']('',
  1409. '{db_prefix}log_comments',
  1410. array(
  1411. 'id_member' => 'int', 'member_name' => 'string', 'comment_type' => 'string', 'id_recipient' => 'int',
  1412. 'recipient_name' => 'string-255', 'body' => 'string-65535', 'log_time' => 'int',
  1413. ),
  1414. array(
  1415. $user_info['id'], $user_info['name'], 'warntpl', $recipient_id,
  1416. $_POST['template_title'], $_POST['template_body'], time(),
  1417. ),
  1418. array('id_comment')
  1419. );
  1420. logAction('add_warn_template', array('template' => $_POST['template_title']));
  1421. }
  1422. // Get out of town...
  1423. redirectexit('action=moderate;area=warnings;sa=templates');
  1424. }
  1425. else
  1426. {
  1427. $context['warning_errors'] = array();
  1428. $context['template_data']['title'] = !empty($_POST['template_title']) ? $_POST['template_title'] : '';
  1429. $context['template_data']['body'] = !empty($_POST['template_body']) ? $_POST['template_body'] : $txt['mc_warning_template_body_default'];
  1430. $context['template_data']['personal'] = !empty($_POST['make_personal']);
  1431. if (empty($_POST['template_title']))
  1432. $context['warning_errors'][] = $txt['mc_warning_template_error_no_title'];
  1433. if (empty($_POST['template_body']))
  1434. $context['warning_errors'][] = $txt['mc_warning_template_error_no_body'];
  1435. }
  1436. }
  1437. createToken('mod-wt');
  1438. }
  1439. /**
  1440. * Change moderation preferences.
  1441. */
  1442. function ModerationSettings()
  1443. {
  1444. global $context, $smcFunc, $txt, $sourcedir, $scripturl, $user_settings, $user_info;
  1445. // Some useful context stuff.
  1446. loadTemplate('ModerationCenter');
  1447. $context['page_title'] = $txt['mc_settings'];
  1448. $context['sub_template'] = 'moderation_settings';
  1449. $context[$context['moderation_menu_name']]['tab_data'] = array(
  1450. 'title' => $txt['mc_prefs_title'],
  1451. 'help' => '',
  1452. 'description' => $txt['mc_prefs_desc']
  1453. );
  1454. $mod_blocks = '';
  1455. $pref_binary = 5;
  1456. $show_reports = 0;
  1457. // Are we saving?
  1458. if (isset($_POST['save']))
  1459. {
  1460. checkSession();
  1461. validateToken('mod-set');
  1462. /* Current format of mod_prefs is:
  1463. x|ABCD|yyy
  1464. WHERE:
  1465. x = Show report count on forum header.
  1466. ABCD = Block indexes to show on moderation main page.
  1467. yyy = Integer with the following bit status:
  1468. - yyy & 4 = Notify about posts awaiting approval.
  1469. */
  1470. // Now check other options!
  1471. $pref_binary = 0;
  1472. if ($context['can_moderate_approvals'] && !empty($_POST['mod_notify_approval']))
  1473. $pref_binary |= 4;
  1474. // Put it all together.
  1475. $mod_prefs = '0||' . $pref_binary;
  1476. updateMemberData($user_info['id'], array('mod_prefs' => $mod_prefs));
  1477. }
  1478. // What blocks does the user currently have selected?
  1479. $context['mod_settings'] = array(
  1480. 'notify_approval' => $pref_binary & 4,
  1481. );
  1482. createToken('mod-set');
  1483. }
  1484. /**
  1485. * This ends a moderator session, requiring authentication to access the MCP again.
  1486. */
  1487. function ModEndSession()
  1488. {
  1489. // This is so easy!
  1490. unset($_SESSION['moderate_time']);
  1491. // Clean any moderator tokens as well.
  1492. foreach ($_SESSION['token'] as $key => $token)
  1493. if (strpos($key, '-mod') !== false)
  1494. unset($_SESSION['token'][$key]);
  1495. redirectexit();
  1496. }
  1497. ?>