[ Index ]

PHP Cross Reference of phpBB-3.1.10-deutsch

title

Body

[close]

/ -> mcp.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
  22  include($phpbb_root_path . 'includes/functions_mcp.' . $phpEx);
  23  require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  24  
  25  // Start session management
  26  $user->session_begin();
  27  $auth->acl($user->data);
  28  $user->setup('mcp');
  29  
  30  $module = new p_master();
  31  
  32  // Setting a variable to let the style designer know where he is...
  33  $template->assign_var('S_IN_MCP', true);
  34  
  35  // Basic parameter data
  36  $id = request_var('i', '');
  37  
  38  $mode = request_var('mode', array(''));
  39  $mode = sizeof($mode) ? array_shift($mode) : request_var('mode', '');
  40  
  41  // Only Moderators can go beyond this point
  42  if (!$user->data['is_registered'])
  43  {
  44      if ($user->data['is_bot'])
  45      {
  46          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  47      }
  48  
  49      login_box('', $user->lang['LOGIN_EXPLAIN_MCP']);
  50  }
  51  
  52  $quickmod = (isset($_REQUEST['quickmod'])) ? true : false;
  53  $action = request_var('action', '');
  54  $action_ary = request_var('action', array('' => 0));
  55  
  56  $forum_action = request_var('forum_action', '');
  57  if ($forum_action !== '' && $request->variable('sort', false, false, \phpbb\request\request_interface::POST))
  58  {
  59      $action = $forum_action;
  60  }
  61  
  62  if (sizeof($action_ary))
  63  {
  64      list($action, ) = each($action_ary);
  65  }
  66  unset($action_ary);
  67  
  68  if ($mode == 'topic_logs')
  69  {
  70      $id = 'logs';
  71      $quickmod = false;
  72  }
  73  
  74  $post_id = request_var('p', 0);
  75  $topic_id = request_var('t', 0);
  76  $forum_id = request_var('f', 0);
  77  $report_id = request_var('r', 0);
  78  $user_id = request_var('u', 0);
  79  $username = utf8_normalize_nfc(request_var('username', '', true));
  80  
  81  if ($post_id)
  82  {
  83      // We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
  84      $sql = 'SELECT topic_id, forum_id
  85          FROM ' . POSTS_TABLE . "
  86          WHERE post_id = $post_id";
  87      $result = $db->sql_query($sql);
  88      $row = $db->sql_fetchrow($result);
  89      $db->sql_freeresult($result);
  90  
  91      $topic_id = (int) $row['topic_id'];
  92      $forum_id = (int) $row['forum_id'];
  93  }
  94  else if ($topic_id)
  95  {
  96      $sql = 'SELECT forum_id
  97          FROM ' . TOPICS_TABLE . "
  98          WHERE topic_id = $topic_id";
  99      $result = $db->sql_query($sql);
 100      $row = $db->sql_fetchrow($result);
 101      $db->sql_freeresult($result);
 102  
 103      $forum_id = (int) $row['forum_id'];
 104  }
 105  
 106  // If the user doesn't have any moderator powers (globally or locally) he can't access the mcp
 107  if (!$auth->acl_getf_global('m_'))
 108  {
 109      // Except he is using one of the quickmod tools for users
 110      $user_quickmod_actions = array(
 111          'lock'            => 'f_user_lock',
 112          'make_sticky'    => 'f_sticky',
 113          'make_announce'    => 'f_announce',
 114          'make_global'    => 'f_announce',
 115          'make_normal'    => array('f_announce', 'f_sticky')
 116      );
 117  
 118      $allow_user = false;
 119      if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
 120      {
 121          $topic_info = phpbb_get_topic_data(array($topic_id));
 122          if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id'])
 123          {
 124              $allow_user = true;
 125          }
 126      }
 127  
 128      if (!$allow_user)
 129      {
 130          trigger_error('NOT_AUTHORISED');
 131      }
 132  }
 133  
 134  // if the user cannot read the forum he tries to access then we won't allow mcp access either
 135  if ($forum_id && !$auth->acl_get('f_read', $forum_id))
 136  {
 137      trigger_error('NOT_AUTHORISED');
 138  }
 139  
 140  /**
 141  * Allow applying additional permissions to MCP access besides f_read
 142  *
 143  * @event core.mcp_global_f_read_auth_after
 144  * @var    string        action            The action the user tried to execute
 145  * @var    int            forum_id        The forum the user tried to access
 146  * @var    string        mode            The MCP module the user is trying to access
 147  * @var    p_master    module            Module system class
 148  * @var    bool        quickmod        True if the user is accessing using quickmod tools
 149  * @var    int            topic_id        The topic the user tried to access
 150  * @since 3.1.3-RC1
 151  */
 152  $vars = array(
 153      'action',
 154      'forum_id',
 155      'mode',
 156      'module',
 157      'quickmod',
 158      'topic_id',
 159  );
 160  extract($phpbb_dispatcher->trigger_event('core.mcp_global_f_read_auth_after', compact($vars)));
 161  
 162  if ($forum_id)
 163  {
 164      $module->acl_forum_id = $forum_id;
 165  }
 166  
 167  // Instantiate module system and generate list of available modules
 168  $module->list_modules('mcp');
 169  
 170  if ($quickmod)
 171  {
 172      $mode = 'quickmod';
 173  
 174      switch ($action)
 175      {
 176          case 'lock':
 177          case 'unlock':
 178          case 'lock_post':
 179          case 'unlock_post':
 180          case 'make_sticky':
 181          case 'make_announce':
 182          case 'make_global':
 183          case 'make_normal':
 184          case 'fork':
 185          case 'move':
 186          case 'delete_post':
 187          case 'delete_topic':
 188          case 'restore_topic':
 189              $module->load('mcp', 'main', 'quickmod');
 190              return;
 191          break;
 192  
 193          case 'topic_logs':
 194              // Reset start parameter if we jumped from the quickmod dropdown
 195              if (request_var('start', 0))
 196              {
 197                  $request->overwrite('start', 0);
 198              }
 199  
 200              $module->set_active('logs', 'topic_logs');
 201          break;
 202  
 203          case 'merge_topic':
 204              $module->set_active('main', 'forum_view');
 205          break;
 206  
 207          case 'split':
 208          case 'merge':
 209              $module->set_active('main', 'topic_view');
 210          break;
 211  
 212          default:
 213              // If needed, the flag can be set to true within event listener
 214              // to indicate that the action was handled properly
 215              // and to pass by the trigger_error() call below
 216              $is_valid_action = false;
 217  
 218              /**
 219              * This event allows you to add custom quickmod options
 220              *
 221              * @event core.modify_quickmod_options
 222              * @var    object    module            Instance of module system class
 223              * @var    string    action            Quickmod option
 224              * @var    bool    is_valid_action    Flag indicating if the action was handled properly
 225              * @since 3.1.0-a4
 226              */
 227              $vars = array('module', 'action', 'is_valid_action');
 228              extract($phpbb_dispatcher->trigger_event('core.modify_quickmod_options', compact($vars)));
 229  
 230              if (!$is_valid_action)
 231              {
 232                  trigger_error($user->lang('QUICKMOD_ACTION_NOT_ALLOWED', $action), E_USER_ERROR);
 233              }
 234          break;
 235      }
 236  }
 237  else
 238  {
 239      // Select the active module
 240      $module->set_active($id, $mode);
 241  }
 242  
 243  // Hide some of the options if we don't have the relevant information to use them
 244  if (!$post_id)
 245  {
 246      $module->set_display('main', 'post_details', false);
 247      $module->set_display('warn', 'warn_post', false);
 248  }
 249  
 250  if ($mode == '' || $mode == 'unapproved_topics' || $mode == 'unapproved_posts' || $mode == 'deleted_topics' || $mode == 'deleted_posts')
 251  {
 252      $module->set_display('queue', 'approve_details', false);
 253  }
 254  
 255  if ($mode == '' || $mode == 'reports' || $mode == 'reports_closed' || $mode == 'pm_reports' || $mode == 'pm_reports_closed' || $mode == 'pm_report_details')
 256  {
 257      $module->set_display('reports', 'report_details', false);
 258  }
 259  
 260  if ($mode == '' || $mode == 'reports' || $mode == 'reports_closed' || $mode == 'pm_reports' || $mode == 'pm_reports_closed' || $mode == 'report_details')
 261  {
 262      $module->set_display('pm_reports', 'pm_report_details', false);
 263  }
 264  
 265  if (!$topic_id)
 266  {
 267      $module->set_display('main', 'topic_view', false);
 268      $module->set_display('logs', 'topic_logs', false);
 269  }
 270  
 271  if (!$forum_id)
 272  {
 273      $module->set_display('main', 'forum_view', false);
 274      $module->set_display('logs', 'forum_logs', false);
 275  }
 276  
 277  if (!$user_id && $username == '')
 278  {
 279      $module->set_display('notes', 'user_notes', false);
 280      $module->set_display('warn', 'warn_user', false);
 281  }
 282  
 283  /**
 284  * This event allows you to set display option for custom MCP modules
 285  *
 286  * @event core.modify_mcp_modules_display_option
 287  * @var    p_master    module            Module system class
 288  * @var    string        mode            MCP mode
 289  * @var    int            user_id            User id
 290  * @var    int            forum_id        Forum id
 291  * @var    int            topic_id        Topic id
 292  * @var    int            post_id            Post id
 293  * @var    string        username        User name
 294  * @var    int            id                Parent module id
 295  * @since 3.1.0-b2
 296  */
 297  $vars = array(
 298      'module',
 299      'mode',
 300      'user_id',
 301      'forum_id',
 302      'topic_id',
 303      'post_id',
 304      'username',
 305      'id',
 306  );
 307  extract($phpbb_dispatcher->trigger_event('core.modify_mcp_modules_display_option', compact($vars)));
 308  
 309  // Load and execute the relevant module
 310  $module->load_active();
 311  
 312  // Assign data to the template engine for the list of modules
 313  $module->assign_tpl_vars(append_sid("{$phpbb_root_path}mcp.$phpEx"));
 314  
 315  // Generate urls for letting the moderation control panel being accessed in different modes
 316  $template->assign_vars(array(
 317      'U_MCP'            => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main'),
 318      'U_MCP_FORUM'    => ($forum_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&amp;mode=forum_view&amp;f=$forum_id") : '',
 319      'U_MCP_TOPIC'    => ($forum_id && $topic_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&amp;mode=topic_view&amp;t=$topic_id") : '',
 320      'U_MCP_POST'    => ($forum_id && $topic_id && $post_id) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&amp;mode=post_details&amp;t=$topic_id&amp;p=$post_id") : '',
 321  ));
 322  
 323  // Generate the page, do not display/query online list
 324  $module->display($module->get_page_title());


Generated: Sun Feb 19 19:52:41 2017 Cross-referenced by PHPXref 0.7.1