Verzeichnisstruktur phpBB-3.1.0
- Veröffentlicht
- 27.10.2014
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
mcp_post.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 /**
015 * @ignore
016 */
017 if (!defined('IN_PHPBB'))
018 {
019 exit;
020 }
021
022 /**
023 * Handling actions in post details screen
024 */
025 function mcp_post_details($id, $mode, $action)
026 {
027 global $phpEx, $phpbb_root_path, $config;
028 global $template, $db, $user, $auth, $cache;
029
030 $user->add_lang('posting');
031
032 $post_id = request_var('p', 0);
033 $start = request_var('start', 0);
034
035 // Get post data
036 $post_info = phpbb_get_post_data(array($post_id), false, true);
037
038 add_form_key('mcp_post_details');
039
040 if (!sizeof($post_info))
041 {
042 trigger_error('POST_NOT_EXIST');
043 }
044
045 $post_info = $post_info[$post_id];
046 $url = append_sid("{$phpbb_root_path}mcp.$phpEx?" . phpbb_extra_url());
047
048 switch ($action)
049 {
050 case 'whois':
051
052 if ($auth->acl_get('m_info', $post_info['forum_id']))
053 {
054 $ip = request_var('ip', '');
055 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
056
057 $template->assign_vars(array(
058 'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&p=$post_id") . '">', '</a>'),
059 'U_RETURN_POST' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&p=$post_id"),
060 'L_RETURN_POST' => sprintf($user->lang['RETURN_POST'], '', ''),
061 'WHOIS' => user_ipwhois($ip),
062 ));
063 }
064
065 // We're done with the whois page so return
066 return;
067
068 break;
069
070 case 'chgposter':
071 case 'chgposter_ip':
072
073 if ($action == 'chgposter')
074 {
075 $username = request_var('username', '', true);
076 $sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
077 }
078 else
079 {
080 $new_user_id = request_var('u', 0);
081 $sql_where = 'user_id = ' . $new_user_id;
082 }
083
084 $sql = 'SELECT *
085 FROM ' . USERS_TABLE . '
086 WHERE ' . $sql_where;
087 $result = $db->sql_query($sql);
088 $row = $db->sql_fetchrow($result);
089 $db->sql_freeresult($result);
090
091 if (!$row)
092 {
093 trigger_error('NO_USER');
094 }
095
096 if ($auth->acl_get('m_chgposter', $post_info['forum_id']))
097 {
098 if (check_form_key('mcp_post_details'))
099 {
100 change_poster($post_info, $row);
101 }
102 else
103 {
104 trigger_error('FORM_INVALID');
105 }
106 }
107
108 break;
109 }
110
111 // Set some vars
112 $users_ary = $usernames_ary = array();
113 $attachments = $extensions = array();
114 $post_id = $post_info['post_id'];
115 $topic_tracking_info = array();
116
117 // Get topic tracking info
118 if ($config['load_db_lastread'])
119 {
120 $tmp_topic_data = array($post_info['topic_id'] => $post_info);
121 $topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
122 unset($tmp_topic_data);
123 }
124 else
125 {
126 $topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
127 }
128
129 $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
130
131 // Process message, leave it uncensored
132 $parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
133 $message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
134
135 if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
136 {
137 $extensions = $cache->obtain_attach_extensions($post_info['forum_id']);
138
139 $sql = 'SELECT *
140 FROM ' . ATTACHMENTS_TABLE . '
141 WHERE post_msg_id = ' . $post_id . '
142 AND in_message = 0
143 ORDER BY filetime DESC, post_msg_id ASC';
144 $result = $db->sql_query($sql);
145
146 while ($row = $db->sql_fetchrow($result))
147 {
148 $attachments[] = $row;
149 }
150 $db->sql_freeresult($result);
151
152 if (sizeof($attachments))
153 {
154 $user->add_lang('viewtopic');
155 $update_count = array();
156 parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
157 }
158
159 // Display not already displayed Attachments for this post, we already parsed them. ;)
160 if (!empty($attachments))
161 {
162 $template->assign_var('S_HAS_ATTACHMENTS', true);
163
164 foreach ($attachments as $attachment)
165 {
166 $template->assign_block_vars('attachment', array(
167 'DISPLAY_ATTACHMENT' => $attachment)
168 );
169 }
170 }
171 }
172
173 // Deleting information
174 if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user'])
175 {
176 // User having deleted the post also being the post author?
177 if (!$post_info['post_delete_user'] || $post_info['post_delete_user'] == $post_info['poster_id'])
178 {
179 $display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
180 }
181 else
182 {
183 $sql = 'SELECT user_id, username, user_colour
184 FROM ' . USERS_TABLE . '
185 WHERE user_id = ' . (int) $post_info['post_delete_user'];
186 $result = $db->sql_query($sql);
187 $user_delete_row = $db->sql_fetchrow($result);
188 $db->sql_freeresult($result);
189 $display_username = get_username_string('full', $post_info['post_delete_user'], $user_delete_row['username'], $user_delete_row['user_colour']);
190 }
191
192 $user->add_lang('viewtopic');
193 $l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
194 }
195 else
196 {
197 $l_deleted_by = '';
198 }
199
200 $template->assign_vars(array(
201 'U_MCP_ACTION' => "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters
202 'U_POST_ACTION' => "$url&i=$id&mode=post_details", // Use this for action parameters
203 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"),
204
205 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
206 'S_CAN_CHGPOSTER' => $auth->acl_get('m_chgposter', $post_info['forum_id']),
207 'S_CAN_LOCK_POST' => $auth->acl_get('m_lock', $post_info['forum_id']),
208 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']),
209
210 'S_POST_REPORTED' => ($post_info['post_reported']) ? true : false,
211 'S_POST_UNAPPROVED' => ($post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE) ? true : false,
212 'S_POST_DELETED' => ($post_info['post_visibility'] == ITEM_DELETED) ? true : false,
213 'S_POST_LOCKED' => ($post_info['post_edit_locked']) ? true : false,
214 'S_USER_NOTES' => true,
215 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false,
216 'DELETED_MESSAGE' => $l_deleted_by,
217 'DELETE_REASON' => $post_info['post_delete_reason'],
218
219 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '',
220 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp_chgposter&field=username&select_single=true'),
221 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
222 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
223 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
224 'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
225 'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
226 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']),
227
228 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
229
230 'RETURN_TOPIC' => sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f={$post_info['forum_id']}&p=$post_id") . "#p$post_id\">", '</a>'),
231 'RETURN_FORUM' => sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", "f={$post_info['forum_id']}&start={$start}") . '">', '</a>'),
232 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
233 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
234 'DELETED_IMG' => $user->img('icon_topic_deleted', $user->lang['POST_DELETED']),
235 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
236 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']),
237
238 'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
239 'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
240 'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
241 'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
242
243 'POST_PREVIEW' => $message,
244 'POST_SUBJECT' => $post_info['post_subject'],
245 'POST_DATE' => $user->format_date($post_info['post_time']),
246 'POST_IP' => $post_info['poster_ip'],
247 'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
248 'POST_ID' => $post_info['post_id'],
249
250 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '',
251 'U_WHOIS' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '',
252 ));
253
254 // Get User Notes
255 $log_data = array();
256 $log_count = false;
257 view_log('user', $log_data, $log_count, $config['posts_per_page'], 0, 0, 0, $post_info['user_id']);
258
259 if (!empty($log_data))
260 {
261 $template->assign_var('S_USER_NOTES', true);
262
263 foreach ($log_data as $row)
264 {
265 $template->assign_block_vars('usernotes', array(
266 'REPORT_BY' => $row['username_full'],
267 'REPORT_AT' => $user->format_date($row['time']),
268 'ACTION' => $row['action'],
269 'ID' => $row['id'])
270 );
271 }
272 }
273
274 // Get Reports
275 if ($auth->acl_get('m_report', $post_info['forum_id']))
276 {
277 $sql = 'SELECT r.*, re.*, u.user_id, u.username
278 FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re
279 WHERE r.post_id = $post_id
280 AND r.reason_id = re.reason_id
281 AND u.user_id = r.user_id
282 ORDER BY r.report_time DESC";
283 $result = $db->sql_query($sql);
284
285 if ($row = $db->sql_fetchrow($result))
286 {
287 $template->assign_var('S_SHOW_REPORTS', true);
288
289 do
290 {
291 // If the reason is defined within the language file, we will use the localized version, else just use the database entry...
292 if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
293 {
294 $row['reson_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
295 $row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
296 }
297
298 $template->assign_block_vars('reports', array(
299 'REPORT_ID' => $row['report_id'],
300 'REASON_TITLE' => $row['reason_title'],
301 'REASON_DESC' => $row['reason_description'],
302 'REPORTER' => get_username_string('username', $row['user_id'], $row['username']),
303 'U_REPORTER' => get_username_string('profile', $row['user_id'], $row['username']),
304 'USER_NOTIFY' => ($row['user_notify']) ? true : false,
305 'REPORT_TIME' => $user->format_date($row['report_time']),
306 'REPORT_TEXT' => bbcode_nl2br(trim($row['report_text'])),
307 ));
308 }
309 while ($row = $db->sql_fetchrow($result));
310 }
311 $db->sql_freeresult($result);
312 }
313
314 // Get IP
315 if ($auth->acl_get('m_info', $post_info['forum_id']))
316 {
317 $rdns_ip_num = request_var('rdns', '');
318
319 if ($rdns_ip_num != 'all')
320 {
321 $template->assign_vars(array(
322 'U_LOOKUP_ALL' => "$url&i=main&mode=post_details&rdns=all")
323 );
324 }
325
326 // Get other users who've posted under this IP
327 $sql = 'SELECT poster_id, COUNT(poster_id) as postings
328 FROM ' . POSTS_TABLE . "
329 WHERE poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "'
330 GROUP BY poster_id
331 ORDER BY postings DESC";
332 $result = $db->sql_query($sql);
333
334 while ($row = $db->sql_fetchrow($result))
335 {
336 // Fill the user select list with users who have posted under this IP
337 if ($row['poster_id'] != $post_info['poster_id'])
338 {
339 $users_ary[$row['poster_id']] = $row;
340 }
341 }
342 $db->sql_freeresult($result);
343
344 if (sizeof($users_ary))
345 {
346 // Get the usernames
347 $sql = 'SELECT user_id, username
348 FROM ' . USERS_TABLE . '
349 WHERE ' . $db->sql_in_set('user_id', array_keys($users_ary));
350 $result = $db->sql_query($sql);
351
352 while ($row = $db->sql_fetchrow($result))
353 {
354 $users_ary[$row['user_id']]['username'] = $row['username'];
355 $usernames_ary[utf8_clean_string($row['username'])] = $users_ary[$row['user_id']];
356 }
357 $db->sql_freeresult($result);
358
359 foreach ($users_ary as $user_id => $user_row)
360 {
361 $template->assign_block_vars('userrow', array(
362 'USERNAME' => get_username_string('username', $user_id, $user_row['username']),
363 'NUM_POSTS' => $user_row['postings'],
364 'L_POST_S' => ($user_row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'],
365
366 'U_PROFILE' => get_username_string('profile', $user_id, $user_row['username']),
367 'U_SEARCHPOSTS' => append_sid("{$phpbb_root_path}search.$phpEx", 'author_id=' . $user_id . '&sr=topics'))
368 );
369 }
370 }
371
372 // Get other IP's this user has posted under
373
374 // A compound index on poster_id, poster_ip (posts table) would help speed up this query a lot,
375 // but the extra size is only valuable if there are persons having more than a thousands posts.
376 // This is better left to the really really big forums.
377
378 $sql = 'SELECT poster_ip, COUNT(poster_ip) AS postings
379 FROM ' . POSTS_TABLE . '
380 WHERE poster_id = ' . $post_info['poster_id'] . "
381 GROUP BY poster_ip
382 ORDER BY postings DESC";
383 $result = $db->sql_query($sql);
384
385 while ($row = $db->sql_fetchrow($result))
386 {
387 $hostname = (($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') && $row['poster_ip']) ? @gethostbyaddr($row['poster_ip']) : '';
388
389 $template->assign_block_vars('iprow', array(
390 'IP' => $row['poster_ip'],
391 'HOSTNAME' => $hostname,
392 'NUM_POSTS' => $row['postings'],
393 'L_POST_S' => ($row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'],
394
395 'U_LOOKUP_IP' => ($rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? '' : "$url&i=$id&mode=post_details&rdns={$row['poster_ip']}#ip",
396 'U_WHOIS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$row['poster_ip']}"))
397 );
398 }
399 $db->sql_freeresult($result);
400
401 $user_select = '';
402
403 if (sizeof($usernames_ary))
404 {
405 ksort($usernames_ary);
406
407 foreach ($usernames_ary as $row)
408 {
409 $user_select .= '<option value="' . $row['poster_id'] . '">' . $row['username'] . "</option>\n";
410 }
411 }
412
413 $template->assign_var('S_USER_SELECT', $user_select);
414 }
415
416 }
417
418 /**
419 * Change a post's poster
420 */
421 function change_poster(&$post_info, $userdata)
422 {
423 global $auth, $db, $config, $phpbb_root_path, $phpEx, $user;
424
425 if (empty($userdata) || $userdata['user_id'] == $post_info['user_id'])
426 {
427 return;
428 }
429
430 $post_id = $post_info['post_id'];
431
432 $sql = 'UPDATE ' . POSTS_TABLE . "
433 SET poster_id = {$userdata['user_id']}
434 WHERE post_id = $post_id";
435 $db->sql_query($sql);
436
437 // Resync topic/forum if needed
438 if ($post_info['topic_last_post_id'] == $post_id || $post_info['forum_last_post_id'] == $post_id || $post_info['topic_first_post_id'] == $post_id)
439 {
440 sync('topic', 'topic_id', $post_info['topic_id'], false, false);
441 sync('forum', 'forum_id', $post_info['forum_id'], false, false);
442 }
443
444 // Adjust post counts... only if the post is approved (else, it was not added the users post count anyway)
445 if ($post_info['post_postcount'] && $post_info['post_visibility'] == ITEM_APPROVED)
446 {
447 $sql = 'UPDATE ' . USERS_TABLE . '
448 SET user_posts = user_posts - 1
449 WHERE user_id = ' . $post_info['user_id'] .'
450 AND user_posts > 0';
451 $db->sql_query($sql);
452
453 $sql = 'UPDATE ' . USERS_TABLE . '
454 SET user_posts = user_posts + 1
455 WHERE user_id = ' . $userdata['user_id'];
456 $db->sql_query($sql);
457 }
458
459 // Add posted to information for this topic for the new user
460 markread('post', $post_info['forum_id'], $post_info['topic_id'], time(), $userdata['user_id']);
461
462 // Remove the dotted topic option if the old user has no more posts within this topic
463 if ($config['load_db_track'] && $post_info['user_id'] != ANONYMOUS)
464 {
465 $sql = 'SELECT topic_id
466 FROM ' . POSTS_TABLE . '
467 WHERE topic_id = ' . $post_info['topic_id'] . '
468 AND poster_id = ' . $post_info['user_id'];
469 $result = $db->sql_query_limit($sql, 1);
470 $topic_id = (int) $db->sql_fetchfield('topic_id');
471 $db->sql_freeresult($result);
472
473 if (!$topic_id)
474 {
475 $sql = 'DELETE FROM ' . TOPICS_POSTED_TABLE . '
476 WHERE user_id = ' . $post_info['user_id'] . '
477 AND topic_id = ' . $post_info['topic_id'];
478 $db->sql_query($sql);
479 }
480 }
481
482 // change the poster_id within the attachments table, else the data becomes out of sync and errors displayed because of wrong ownership
483 if ($post_info['post_attachment'])
484 {
485 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
486 SET poster_id = ' . $userdata['user_id'] . '
487 WHERE poster_id = ' . $post_info['user_id'] . '
488 AND post_msg_id = ' . $post_info['post_id'] . '
489 AND topic_id = ' . $post_info['topic_id'];
490 $db->sql_query($sql);
491 }
492
493 // refresh search cache of this post
494 $search_type = $config['search_type'];
495
496 if (class_exists($search_type))
497 {
498 // We do some additional checks in the module to ensure it can actually be utilised
499 $error = false;
500 $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
501
502 if (!$error && method_exists($search, 'destroy_cache'))
503 {
504 $search->destroy_cache(array(), array($post_info['user_id'], $userdata['user_id']));
505 }
506 }
507
508 $from_username = $post_info['username'];
509 $to_username = $userdata['username'];
510
511 // Renew post info
512 $post_info = phpbb_get_post_data(array($post_id), false, true);
513
514 if (!sizeof($post_info))
515 {
516 trigger_error('POST_NOT_EXIST');
517 }
518
519 $post_info = $post_info[$post_id];
520
521 // Now add log entry
522 add_log('mod', $post_info['forum_id'], $post_info['topic_id'], 'LOG_MCP_CHANGE_POSTER', $post_info['topic_title'], $from_username, $to_username);
523 }
524