[ Index ]

PHP Cross Reference of phpBB-3.1.10-deutsch

title

Body

[close]

/ -> report.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  22  
  23  // Start session management
  24  $user->session_begin();
  25  $auth->acl($user->data);
  26  $user->setup('mcp');
  27  
  28  $forum_id        = request_var('f', 0);
  29  $post_id        = request_var('p', 0);
  30  $pm_id            = request_var('pm', 0);
  31  $reason_id        = request_var('reason_id', 0);
  32  $report_text    = utf8_normalize_nfc(request_var('report_text', '', true));
  33  $user_notify    = ($user->data['is_registered']) ? request_var('notify', 0) : false;
  34  
  35  $submit = (isset($_POST['submit'])) ? true : false;
  36  
  37  if (!$post_id && (!$pm_id || !$config['allow_pm_report']))
  38  {
  39      trigger_error('NO_POST_SELECTED');
  40  }
  41  
  42  if ($post_id)
  43  {
  44      $redirect_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;p=$post_id") . "#p$post_id";
  45      $return_forum_url = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id");
  46      $pm_id = 0;
  47  }
  48  else
  49  {
  50      $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&p=$pm_id");
  51      $return_forum_url = '';
  52      $post_id = 0;
  53      $forum_id = 0;
  54  }
  55  
  56  // Has the report been cancelled?
  57  if (isset($_POST['cancel']))
  58  {
  59      redirect($redirect_url);
  60  }
  61  
  62  if ($post_id)
  63  {
  64      // Grab all relevant data
  65      $sql = 'SELECT t.*, p.*
  66          FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t
  67          WHERE p.post_id = $post_id
  68              AND p.topic_id = t.topic_id";
  69      $result = $db->sql_query($sql);
  70      $report_data = $db->sql_fetchrow($result);
  71      $db->sql_freeresult($result);
  72  
  73      if (!$report_data)
  74      {
  75          trigger_error('POST_NOT_EXIST');
  76      }
  77  
  78      $forum_id                             = (int) $report_data['forum_id'];
  79      $topic_id                             = (int) $report_data['topic_id'];
  80      $reported_post_text                    = $report_data['post_text'];
  81      $reported_post_bitfield                = $report_data['bbcode_bitfield'];
  82      $reported_post_uid                    = $report_data['bbcode_uid'];
  83      $reported_post_enable_bbcode        = $report_data['enable_bbcode'];
  84      $reported_post_enable_smilies        = $report_data['enable_smilies'];
  85      $reported_post_enable_magic_url        = $report_data['enable_magic_url'];
  86  
  87      $sql = 'SELECT *
  88          FROM ' . FORUMS_TABLE . '
  89          WHERE forum_id = ' . $forum_id;
  90      $result = $db->sql_query($sql);
  91      $forum_data = $db->sql_fetchrow($result);
  92      $db->sql_freeresult($result);
  93  
  94      if (!$forum_data)
  95      {
  96          trigger_error('FORUM_NOT_EXIST');
  97      }
  98  
  99      // Check required permissions
 100      $acl_check_ary = array('f_list' => 'POST_NOT_EXIST', 'f_read' => 'USER_CANNOT_READ', 'f_report' => 'USER_CANNOT_REPORT');
 101  
 102      /**
 103      * This event allows you to do extra auth checks and verify if the user
 104      * has the required permissions
 105      *
 106      * @event core.report_post_auth
 107      * @var    array    forum_data        All data available from the forums table on this post's forum
 108      * @var    array    report_data        All data available from the topics and the posts tables on this post (and its topic)
 109      * @var    array    acl_check_ary    An array with the ACL to be tested. The evaluation is made in the same order as the array is sorted
 110      *                                The key is the ACL name and the value is the language key for the error message.
 111      * @since 3.1.3-RC1
 112      */
 113      $vars = array(
 114          'forum_data',
 115          'report_data',
 116          'acl_check_ary',
 117      );
 118      extract($phpbb_dispatcher->trigger_event('core.report_post_auth', compact($vars)));
 119  
 120      foreach ($acl_check_ary as $acl => $error)
 121      {
 122          if (!$auth->acl_get($acl, $forum_id))
 123          {
 124              trigger_error($error);
 125          }
 126      }
 127      unset($acl_check_ary);
 128  
 129      if ($report_data['post_reported'])
 130      {
 131          $message = $user->lang['ALREADY_REPORTED'];
 132          $message .= '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $redirect_url . '">', '</a>');
 133          $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . $return_forum_url . '">', '</a>');
 134          trigger_error($message);
 135      }
 136  }
 137  else
 138  {
 139      // Grab all relevant data
 140      $sql = 'SELECT p.*, pt.*
 141          FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . " pt
 142          WHERE p.msg_id = $pm_id
 143              AND p.msg_id = pt.msg_id
 144              AND (p.author_id = " . $user->data['user_id'] . " OR pt.user_id = " . $user->data['user_id'] . ")";
 145      $result = $db->sql_query($sql);
 146      $report_data = $db->sql_fetchrow($result);
 147      $db->sql_freeresult($result);
 148  
 149      if (!$report_data)
 150      {
 151          $user->add_lang('ucp');
 152          trigger_error('NO_MESSAGE');
 153      }
 154  
 155      if ($report_data['message_reported'])
 156      {
 157          $message = $user->lang['ALREADY_REPORTED_PM'];
 158          $message .= '<br /><br />' . sprintf($user->lang['RETURN_PM'], '<a href="' . $redirect_url . '">', '</a>');
 159          trigger_error($message);
 160      }
 161  
 162      $reported_post_text                 = $report_data['message_text'];
 163      $reported_post_bitfield                = $report_data['bbcode_bitfield'];
 164      $reported_post_uid                    = $report_data['bbcode_uid'];
 165      $reported_post_enable_bbcode        = $report_data['enable_bbcode'];
 166      $reported_post_enable_smilies        = $report_data['enable_smilies'];
 167      $reported_post_enable_magic_url        = $report_data['enable_magic_url'];
 168  }
 169  
 170  if ($config['enable_post_confirm'] && !$user->data['is_registered'])
 171  {
 172      $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
 173      $captcha->init(CONFIRM_REPORT);
 174  }
 175  
 176  $error    = array();
 177  $s_hidden_fields = '';
 178  
 179  // Submit report?
 180  if ($submit && $reason_id)
 181  {
 182      if (isset($captcha))
 183      {
 184          $visual_confirmation_response = $captcha->validate();
 185          if ($visual_confirmation_response)
 186          {
 187              $error[] = $visual_confirmation_response;
 188          }
 189      }
 190  
 191      $sql = 'SELECT *
 192          FROM ' . REPORTS_REASONS_TABLE . "
 193          WHERE reason_id = $reason_id";
 194      $result = $db->sql_query($sql);
 195      $row = $db->sql_fetchrow($result);
 196      $db->sql_freeresult($result);
 197  
 198      if (!$row || (!$report_text && strtolower($row['reason_title']) == 'other'))
 199      {
 200          $error[] = $user->lang('EMPTY_REPORT');
 201      }
 202  
 203      if (!sizeof($error))
 204      {
 205          if (isset($captcha))
 206          {
 207              $captcha->reset();
 208          }
 209  
 210          $sql_ary = array(
 211              'reason_id'                            => (int) $reason_id,
 212              'post_id'                            => $post_id,
 213              'pm_id'                                => $pm_id,
 214              'user_id'                            => (int) $user->data['user_id'],
 215              'user_notify'                        => (int) $user_notify,
 216              'report_closed'                        => 0,
 217              'report_time'                        => (int) time(),
 218              'report_text'                        => (string) $report_text,
 219              'reported_post_text'                => $reported_post_text,
 220              'reported_post_uid'                    => $reported_post_uid,
 221              'reported_post_bitfield'            => $reported_post_bitfield,
 222              'reported_post_enable_bbcode'        => $reported_post_enable_bbcode,
 223              'reported_post_enable_smilies'        => $reported_post_enable_smilies,
 224              'reported_post_enable_magic_url'    => $reported_post_enable_magic_url,
 225          );
 226  
 227          $sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
 228          $db->sql_query($sql);
 229          $report_id = $db->sql_nextid();
 230  
 231          $phpbb_notifications = $phpbb_container->get('notification_manager');
 232  
 233          if ($post_id)
 234          {
 235              $sql = 'UPDATE ' . POSTS_TABLE . '
 236                  SET post_reported = 1
 237                  WHERE post_id = ' . $post_id;
 238              $db->sql_query($sql);
 239  
 240              if (!$report_data['topic_reported'])
 241              {
 242                  $sql = 'UPDATE ' . TOPICS_TABLE . '
 243                      SET topic_reported = 1
 244                      WHERE topic_id = ' . $report_data['topic_id'] . '
 245                          OR topic_moved_id = ' . $report_data['topic_id'];
 246                  $db->sql_query($sql);
 247              }
 248  
 249              $lang_return = $user->lang['RETURN_TOPIC'];
 250              $lang_success = $user->lang['POST_REPORTED_SUCCESS'];
 251  
 252              $phpbb_notifications->add_notifications('notification.type.report_post', array_merge($report_data, $row, $forum_data, array(
 253                  'report_text'    => $report_text,
 254              )));
 255          }
 256          else
 257          {
 258              $sql = 'UPDATE ' . PRIVMSGS_TABLE . '
 259                  SET message_reported = 1
 260                  WHERE msg_id = ' . $pm_id;
 261              $db->sql_query($sql);
 262  
 263              $sql_ary = array(
 264                  'msg_id'        => $pm_id,
 265                  'user_id'        => ANONYMOUS,
 266                  'author_id'        => (int) $report_data['author_id'],
 267                  'pm_deleted'    => 0,
 268                  'pm_new'        => 0,
 269                  'pm_unread'        => 0,
 270                  'pm_replied'    => 0,
 271                  'pm_marked'        => 0,
 272                  'pm_forwarded'    => 0,
 273                  'folder_id'        => PRIVMSGS_INBOX,
 274              );
 275  
 276              $sql = 'INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
 277              $db->sql_query($sql);
 278  
 279              $lang_return = $user->lang['RETURN_PM'];
 280              $lang_success = $user->lang['PM_REPORTED_SUCCESS'];
 281  
 282              $phpbb_notifications->add_notifications('notification.type.report_pm', array_merge($report_data, $row, array(
 283                  'report_text'    => $report_text,
 284                  'from_user_id'    => $report_data['author_id'],
 285                  'report_id'        => $report_id,
 286              )));
 287          }
 288  
 289          meta_refresh(3, $redirect_url);
 290  
 291          $message = $lang_success . '<br /><br />' . sprintf($lang_return, '<a href="' . $redirect_url . '">', '</a>');
 292          if ($return_forum_url)
 293          {
 294              $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . $return_forum_url . '">', '</a>');
 295          }
 296          trigger_error($message);
 297      }
 298      else if (isset($captcha) && $captcha->is_solved() !== false)
 299      {
 300          $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
 301      }
 302  }
 303  
 304  // Generate the reasons
 305  display_reasons($reason_id);
 306  
 307  $page_title = ($pm_id) ? $user->lang['REPORT_MESSAGE'] : $user->lang['REPORT_POST'];
 308  
 309  if (isset($captcha) && $captcha->is_solved() === false)
 310  {
 311      $template->assign_vars(array(
 312          'S_CONFIRM_CODE'    => true,
 313          'CAPTCHA_TEMPLATE'    => $captcha->get_template(),
 314      ));
 315  }
 316  
 317  $template->assign_vars(array(
 318      'ERROR'                => (sizeof($error)) ? implode('<br />', $error) : '',
 319      'S_REPORT_POST'        => ($pm_id) ? false : true,
 320      'REPORT_TEXT'        => $report_text,
 321      'S_REPORT_ACTION'    => append_sid("{$phpbb_root_path}report.$phpEx", 'f=' . $forum_id . '&amp;p=' . $post_id . '&amp;pm=' . $pm_id),
 322      'S_HIDDEN_FIELDS'    => (sizeof($s_hidden_fields)) ? $s_hidden_fields : null,
 323  
 324      'S_NOTIFY'            => $user_notify,
 325      'S_CAN_NOTIFY'        => ($user->data['is_registered']) ? true : false,
 326      'S_IN_REPORT'        => true,
 327  ));
 328  
 329  generate_forum_nav($forum_data);
 330  
 331  // Start output of page
 332  page_header($page_title);
 333  
 334  $template->set_filenames(array(
 335      'body' => 'report_body.html')
 336  );
 337  
 338  page_footer();


Generated: Sun Feb 19 19:52:41 2017 Cross-referenced by PHPXref 0.7.1