diff options
| author | Nils Adermann <naderman@naderman.de> | 2010-03-02 01:05:34 +0100 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2010-03-02 01:05:34 +0100 |
| commit | 07633a66e8c9bbb2b288a286bfbea6f562eeca4d (patch) | |
| tree | a255efa70ed6f202542649148c0445445504d181 /phpBB/includes/mcp | |
| parent | ee82970d96e0a6772b24c48aab8ebd1888ec5216 (diff) | |
| parent | 5cfa0ec0c32ddc424f9651d8766db3e4ced59f96 (diff) | |
| download | forums-07633a66e8c9bbb2b288a286bfbea6f562eeca4d.tar forums-07633a66e8c9bbb2b288a286bfbea6f562eeca4d.tar.gz forums-07633a66e8c9bbb2b288a286bfbea6f562eeca4d.tar.bz2 forums-07633a66e8c9bbb2b288a286bfbea6f562eeca4d.tar.xz forums-07633a66e8c9bbb2b288a286bfbea6f562eeca4d.zip | |
Merge commit 'release-3.0-B3'
Diffstat (limited to 'phpBB/includes/mcp')
| -rw-r--r-- | phpBB/includes/mcp/mcp_forum.php | 14 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_front.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_main.php | 25 | ||||
| -rwxr-xr-x | phpBB/includes/mcp/mcp_notes.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_post.php | 132 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_queue.php | 57 | ||||
| -rwxr-xr-x | phpBB/includes/mcp/mcp_reports.php | 19 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_topic.php | 13 | ||||
| -rwxr-xr-x | phpBB/includes/mcp/mcp_warn.php | 10 |
9 files changed, 151 insertions, 127 deletions
diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index 09470b8269..b20bd63a08 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -74,6 +74,7 @@ function mcp_forum_view($id, $mode, $action, $forum_info) 'S_CAN_LOCK' => $auth->acl_get('m_lock', $forum_id), 'S_CAN_SYNC' => $auth->acl_get('m_', $forum_id), 'S_CAN_APPROVE' => $auth->acl_get('m_approve', $forum_id), + 'S_MERGE_SELECT' => ($action == 'merge_select') ? true : false, 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id), 'U_VIEW_FORUM_LOGS' => ($auth->acl_gets('a_', 'm_', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=logs&mode=forum_logs&f=' . $forum_id) : '', @@ -86,8 +87,7 @@ function mcp_forum_view($id, $mode, $action, $forum_info) ); // Grab icons - $icons = array(); - $cache->obtain_icons($icons); + $icons = $cache->obtain_icons(); $topic_rows = array(); @@ -117,8 +117,8 @@ function mcp_forum_view($id, $mode, $action, $forum_info) $topic_title = censor_text($row['topic_title']); - $topic_unapproved = (!$row['topic_approved'] && $auth->acl_gets('m_approve', $row['forum_id'])) ? true : false; - $posts_unapproved = ($row['topic_approved'] && $row['topic_replies'] < $row['topic_replies_real'] && $auth->acl_gets('m_approve', $row['forum_id'])) ? true : false; + $topic_unapproved = (!$row['topic_approved'] && $auth->acl_get('m_approve', $row['forum_id'])) ? true : false; + $posts_unapproved = ($row['topic_approved'] && $row['topic_replies'] < $row['topic_replies_real'] && $auth->acl_get('m_approve', $row['forum_id'])) ? true : false; $u_mcp_queue = ($topic_unapproved || $posts_unapproved) ? $url . '&i=queue&mode=' . (($topic_unapproved) ? 'approve_details' : 'unapproved_posts') . '&t=' . $row['topic_id'] : ''; $template->assign_block_vars('topicrow', array( @@ -129,7 +129,7 @@ function mcp_forum_view($id, $mode, $action, $forum_info) 'U_MCP_QUEUE' => $u_mcp_queue, 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=topic_view&t=' . $row['topic_id'] . '&action=reports'), - 'ATTACH_ICON_IMG' => ($auth->acl_gets('f_download', 'u_download', $row['forum_id']) && $row['topic_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', + 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['topic_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '', @@ -144,7 +144,7 @@ function mcp_forum_view($id, $mode, $action, $forum_info) 'TOPIC_ID' => $row['topic_id'], 'S_TOPIC_CHECKED' => ($topic_id_list && in_array($row['topic_id'], $topic_id_list)) ? 'checked="checked" ' : '', - 'S_TOPIC_REPORTED' => (!empty($row['topic_reported']) && $auth->acl_gets('m_report', $row['forum_id'])) ? true : false, + 'S_TOPIC_REPORTED' => (!empty($row['topic_reported']) && $auth->acl_get('m_report', $row['forum_id'])) ? true : false, 'S_TOPIC_UNAPPROVED' => $topic_unapproved, 'S_POSTS_UNAPPROVED' => $posts_unapproved) ); @@ -191,7 +191,7 @@ function mcp_resync_topics($topic_ids) $redirect = request_var('redirect', $user->data['session_page']); - meta_refresh(2, $redirect); + meta_refresh(3, $redirect); trigger_error($msg . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); return; diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index 745b2c0d61..8b798fc1b2 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -114,7 +114,7 @@ function mcp_front_view($id, $mode, $action) } // Latest 5 reported - $forum_list = get_forum_list('m_'); + $forum_list = get_forum_list('m_report'); $template->assign_var('S_SHOW_REPORTS', (!empty($forum_list)) ? true : false); diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index b77c3e4451..1fe9233ba9 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -207,9 +207,18 @@ function lock_unlock($action, $ids) $l_prefix = 'POST'; } - if (!($forum_id = check_ids($ids, $table, $sql_id, array('f_user_lock', 'm_lock')))) + if (!($forum_id = check_ids($ids, $table, $sql_id, array('m_lock')))) { - return; + // Make sure that for f_user_lock only the lock action is triggered. + if ($action != 'lock') + { + return; + } + + if (!($forum_id = check_ids($ids, $table, $sql_id, array('f_user_lock')))) + { + return; + } } $redirect = request_var('redirect', $user->data['session_page']); @@ -474,8 +483,17 @@ function mcp_move_topic($topic_ids) $forum_ids[] = $row['forum_id']; add_log('mod', $to_forum_id, $topic_id, 'LOG_MOVE', $row['forum_name']); + // If we have moved a global announcement, we need to correct the topic type + if ($row['topic_type'] == POST_GLOBAL) + { + $sql = 'UPDATE ' . TOPICS_TABLE . ' + SET topic_type = ' . POST_ANNOUNCE . ' + WHERE topic_id = ' . (int) $row['topic_id']; + $db->sql_query($sql); + } + // Leave a redirection if required and only if the topic is visible to users - if ($leave_shadow && $row['topic_approved']) + if ($leave_shadow && $row['topic_approved'] && $row['topic_type'] != POST_GLOBAL) { $shadow = array( 'forum_id' => (int) $row['forum_id'], @@ -884,7 +902,6 @@ function mcp_fork_topic($topic_ids) 'post_edit_reason' => (string) $row['post_edit_reason'], 'post_edit_user' => (int) $row['post_edit_user'], 'post_checksum' => (string) $row['post_checksum'], - 'post_encoding' => (string) $row['post_encoding'], 'post_attachment' => (int) $row['post_attachment'], 'bbcode_bitfield' => $row['bbcode_bitfield'], 'bbcode_uid' => (string) $row['bbcode_uid'], diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php index cc4ed0e72b..302ace9755 100755 --- a/phpBB/includes/mcp/mcp_notes.php +++ b/phpBB/includes/mcp/mcp_notes.php @@ -68,13 +68,13 @@ class mcp_notes global $template, $db, $user, $auth; $user_id = request_var('u', 0); - $username = request_var('username', ''); + $username = request_var('username', '', true); $start = request_var('start', 0); $st = request_var('st', 0); $sk = request_var('sk', 'b'); $sd = request_var('sd', 'd'); - $sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'"; + $sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $sql = 'SELECT * FROM ' . USERS_TABLE . " @@ -161,7 +161,7 @@ class mcp_notes $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_IP'], 'd' => $user->lang['SORT_ACTION']); - $sort_by_sql = array('a' => 'l.username', 'b' => 'l.log_time', 'c' => 'l.log_ip', 'd' => 'l.log_operation'); + $sort_by_sql = array('a' => 'u.username', 'b' => 'l.log_time', 'c' => 'l.log_ip', 'd' => 'l.log_operation'); $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; gen_sort_selects($limit_days, $sort_by_text, $st, $sk, $sd, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index 08bcc713f8..201137a9a4 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -42,7 +42,7 @@ function mcp_post_details($id, $mode, $action) $whois = user_ipwhois($ip); $whois = preg_replace('#(\s)([\w\-\._\+]+@[\w\-\.]+)(\s)#', '\1<a href="mailto:\2">\2</a>\3', $whois); - $whois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2" target="_blank">\2</a>\3', $whois); + $whois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2">\2</a>\3', $whois); $template->assign_vars(array( 'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&p=$post_id") . '">', '</a>'), @@ -59,8 +59,8 @@ function mcp_post_details($id, $mode, $action) if ($action == 'chgposter') { - $username = request_var('username', ''); - $sql_where = "username = '" . $db->sql_escape($username) . "'"; + $username = request_var('username', '', true); + $sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; } else { @@ -89,12 +89,13 @@ function mcp_post_details($id, $mode, $action) } // Set some vars - $users_ary = array(); + $users_ary = $usernames_ary = array(); $post_id = $post_info['post_id']; $poster = ($post_info['user_colour']) ? '<span style="color:#' . $post_info['user_colour'] . '">' . $post_info['username'] . '</span>' : $post_info['username']; // Process message, leave it uncensored $message = $post_info['post_text']; + $message = str_replace("\n", '<br />', $message); if ($post_info['bbcode_bitfield']) { include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); @@ -102,7 +103,6 @@ function mcp_post_details($id, $mode, $action) $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']); } $message = smiley_text($message); - $message = str_replace("\n", '<br />', $message); $template->assign_vars(array( 'U_MCP_ACTION' => "$url&i=main&quickmod=1", // Use this for mode paramaters @@ -134,6 +134,7 @@ function mcp_post_details($id, $mode, $action) 'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']), + 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']), 'POSTER_NAME' => $poster, 'POST_PREVIEW' => $message, @@ -217,75 +218,62 @@ function mcp_post_details($id, $mode, $action) } // Get other users who've posted under this IP + $sql = 'SELECT poster_id, COUNT(poster_id) as postings + FROM ' . POSTS_TABLE . " + WHERE poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "' + GROUP BY poster_id + ORDER BY postings DESC"; + $result = $db->sql_query($sql); - // Firebird does not support ORDER BY on aliased columns - // MySQL does not support ORDER BY on functions - switch (SQL_LAYER) + while ($row = $db->sql_fetchrow($result)) { - case 'firebird': - $sql = 'SELECT u.user_id, u.username, COUNT(*) as postings - FROM ' . USERS_TABLE . ' u, ' . POSTS_TABLE . " p - WHERE p.poster_id = u.user_id - AND p.poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "' - AND p.poster_id <> {$post_info['user_id']} - GROUP BY u.user_id, u.username - ORDER BY COUNT(*) DESC"; - break; - - default: - $sql = 'SELECT u.user_id, u.username, COUNT(*) as postings - FROM ' . USERS_TABLE . ' u, ' . POSTS_TABLE . " p - WHERE p.poster_id = u.user_id - AND p.poster_ip = '" . $db->sql_escape($post_info['poster_ip']) . "' - AND p.poster_id <> {$post_info['user_id']} - GROUP BY u.user_id, u.username - ORDER BY postings DESC"; - break; + // Fill the user select list with users who have posted under this IP + if ($row['poster_id'] != $post_info['poster_id']) + { + $users_ary[$row['poster_id']] = $row; + } } - $result = $db->sql_query($sql); + $db->sql_freeresult($result); - while ($row = $db->sql_fetchrow($result)) + if (sizeof($users_ary)) { - // Fill the user select list with users who have posted - // under this IP - if ($row['user_id'] != $post_info['poster_id']) + // Get the usernames + $sql = 'SELECT user_id, username + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', array_keys($users_ary)); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) { - $users_ary[strtolower($row['username'])] = $row; + $users_ary[$row['user_id']]['username'] = $row['username']; + $usernames_ary[utf8_clean_string($row['username'])] = $users_ary[$row['user_id']]; } + $db->sql_freeresult($result); - $template->assign_block_vars('userrow', array( - 'USERNAME' => ($row['user_id'] == ANONYMOUS) ? $user->lang['GUEST'] : $row['username'], - 'NUM_POSTS' => $row['postings'], - 'L_POST_S' => ($row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'], + foreach ($users_ary as $user_id => $user_row) + { + $template->assign_block_vars('userrow', array( + 'USERNAME' => ($user_id == ANONYMOUS) ? $user->lang['GUEST'] : $user_row['username'], + 'NUM_POSTS' => $user_row['postings'], + 'L_POST_S' => ($user_row['postings'] == 1) ? $user->lang['POST'] : $user->lang['POSTS'], - 'U_PROFILE' => ($row['user_id'] == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']), - 'U_SEARCHPOSTS' => append_sid("{$phpbb_root_path}search.$phpEx", 'author=' . urlencode($row['username']) . '&sr=topics')) - ); + 'U_PROFILE' => ($user_id == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $user_id), + 'U_SEARCHPOSTS' => append_sid("{$phpbb_root_path}search.$phpEx", 'author_id=' . $user_id . '&sr=topics')) + ); + } } - $db->sql_freeresult($result); // Get other IP's this user has posted under - // Firebird does not support ORDER BY on aliased columns - // MySQL does not support ORDER BY on functions - switch (SQL_LAYER) - { - case 'firebird': - $sql = 'SELECT poster_ip, COUNT(*) AS postings - FROM ' . POSTS_TABLE . ' - WHERE poster_id = ' . $post_info['poster_id'] . ' - GROUP BY poster_ip - ORDER BY COUNT(*) DESC'; - break; - - default: - $sql = 'SELECT poster_ip, COUNT(*) AS postings - FROM ' . POSTS_TABLE . ' - WHERE poster_id = ' . $post_info['poster_id'] . ' - GROUP BY poster_ip - ORDER BY postings DESC'; - break; - } + // A compound index on poster_id, poster_ip (posts table) would help speed up this query a lot, + // but the extra size is only valuable if there are persons having more than a thousands posts. + // This is better left to the really really big forums. + + $sql = 'SELECT poster_ip, COUNT(poster_ip) AS postings + FROM ' . POSTS_TABLE . ' + WHERE poster_id = ' . $post_info['poster_id'] . ' + GROUP BY poster_ip + ORDER BY postings DESC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) @@ -305,12 +293,17 @@ function mcp_post_details($id, $mode, $action) $db->sql_freeresult($result); $user_select = ''; - ksort($users_ary); - foreach ($users_ary as $row) + if (sizeof($usernames_ary)) { - $user_select .= '<option value="' . $row['user_id'] . '">' . $row['username'] . "</option>\n"; + ksort($usernames_ary); + + foreach ($usernames_ary as $row) + { + $user_select .= '<option value="' . $row['poster_id'] . '">' . $row['username'] . "</option>\n"; + } } + $template->assign_var('S_USER_SELECT', $user_select); } @@ -379,7 +372,16 @@ function change_poster(&$post_info, $userdata) } } - // Do not change the poster_id within the attachments table, since they were still posted by the original user + // change the poster_id within the attachments table, else the data becomes out of sync and errors displayed because of wrong ownership + if ($post_info['post_attachment']) + { + $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' + SET poster_id = ' . $userdata['user_id'] . ' + WHERE poster_id = ' . $post_info['user_id'] . ' + AND post_msg_id = ' . $post_info['post_id'] . ' + AND topic_id = ' . $post_info['topic_id']; + $db->sql_query($sql); + } $from_username = $post_info['username']; $to_username = $userdata['username']; diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 95e89fa9dc..0f6fae18ee 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -109,6 +109,7 @@ class mcp_queue // Process message, leave it uncensored $message = $post_info['post_text']; + $message = str_replace("\n", '<br />', $message); if ($post_info['bbcode_bitfield']) { include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); @@ -181,13 +182,15 @@ class mcp_queue $forum_list[] = $row['forum_id']; } - $global_id = $forum_list[0]; - - if (!($forum_list = implode(', ', $forum_list))) + if (!sizeof($forum_list)) { trigger_error('NOT_MODERATOR'); } + $global_id = $forum_list[0]; + + $forum_list = implode(', ', $forum_list); + $sql = 'SELECT SUM(forum_topics) as sum_forum_topics FROM ' . FORUMS_TABLE . " WHERE forum_id IN (0, $forum_list)"; @@ -228,10 +231,10 @@ class mcp_queue if ($mode == 'unapproved_posts') { $sql = 'SELECT p.post_id - FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql{0} == 'u') ? ', ' . USERS_TABLE . ' u' : '') . " + FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . " WHERE p.forum_id IN (0, $forum_list) AND p.post_approved = 0 - " . (($sort_order_sql{0} == 'u') ? 'AND u.user_id = p.poster_id' : '') . ' + " . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . ' ' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . " AND t.topic_id = p.topic_id AND t.topic_first_post_id <> p.post_id @@ -283,8 +286,8 @@ class mcp_queue { $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username FROM ' . TOPICS_TABLE . " t - WHERE topic_approved = 0 - AND forum_id IN (0, $forum_list) + WHERE forum_id IN (0, $forum_list) + AND topic_approved = 0 $limit_time_sql ORDER BY $sort_order_sql"; $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); @@ -409,6 +412,8 @@ function approve_post($post_id_list, $mode) $total_topics = $total_posts = $forum_topics = $forum_posts = 0; $topic_approve_sql = $topic_replies_sql = $post_approve_sql = $topic_id_list = array(); + $update_forum_information = false; + foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; @@ -443,6 +448,12 @@ function approve_post($post_id_list, $mode) } $post_approve_sql[] = $post_id; + + // If the post is newer than the last post information stored we need to update the forum information + if ($post_data['post_time'] >= $post_data['forum_last_post_time']) + { + $update_forum_information = true; + } } if (sizeof($topic_approve_sql)) @@ -496,7 +507,11 @@ function approve_post($post_id_list, $mode) unset($topic_approve_sql, $topic_replies_sql, $post_approve_sql); update_post_information('topic', array_keys($topic_id_list)); - update_post_information('forum', $forum_id); + + if ($update_forum_information) + { + update_post_information('forum', $forum_id); + } unset($topic_id_list); $messenger = new messenger(); @@ -504,8 +519,6 @@ function approve_post($post_id_list, $mode) // Notify Poster? if ($notify_poster) { - $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); - foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) @@ -522,11 +535,9 @@ function approve_post($post_id_list, $mode) $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array( - 'EMAIL_SIG' => $email_sig, - 'SITENAME' => $config['sitename'], - 'USERNAME' => html_entity_decode($post_data['username']), - 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), - 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])), + 'USERNAME' => htmlspecialchars_decode($post_data['username']), + 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($post_data['post_subject'])), + 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($post_data['topic_title'])), 'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0", 'U_VIEW_POST' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id") @@ -629,7 +640,7 @@ function disapprove_post($post_id_list, $mode) $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if (!$row || (!$reason && $row['reason_title'] == 'other')) + if (!$row || (!$reason && strtolower($row['reason_title']) == 'other')) { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; unset($_POST['confirm']); @@ -637,7 +648,7 @@ function disapprove_post($post_id_list, $mode) else { // If the reason is defined within the language file, we will use the localized version, else just use the database entry... - $disapprove_reason = ($row['reason_title'] != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : ''; + $disapprove_reason = (strtolower($row['reason_title']) != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : ''; $disapprove_reason .= ($reason) ? "\n\n" . $reason : ''; } } @@ -719,8 +730,6 @@ function disapprove_post($post_id_list, $mode) // Notify Poster? if ($notify_poster) { - $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); - foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) @@ -737,12 +746,10 @@ function disapprove_post($post_id_list, $mode) $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array( - 'EMAIL_SIG' => $email_sig, - 'SITENAME' => $config['sitename'], - 'USERNAME' => html_entity_decode($post_data['username']), - 'REASON' => html_entity_decode($disapprove_reason), - 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), - 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title']))) + 'USERNAME' => htmlspecialchars_decode($post_data['username']), + 'REASON' => htmlspecialchars_decode($disapprove_reason), + 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($post_data['post_subject'])), + 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($post_data['topic_title']))) ); $messenger->send($post_data['user_notify_type']); diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index a52bc02359..ebd1295090 100755 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -117,6 +117,7 @@ class mcp_reports // Process message, leave it uncensored $message = $post_info['post_text']; + $message = str_replace("\n", '<br />', $message); if ($post_info['bbcode_bitfield']) { include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); @@ -200,13 +201,13 @@ class mcp_reports $forum_list[] = $row['forum_id']; } - $global_id = $forum_list[0]; - if (!sizeof($forum_list)) { trigger_error('NOT_MODERATOR'); } + $global_id = $forum_list[0]; + $sql = 'SELECT SUM(forum_topics) as sum_forum_topics FROM ' . FORUMS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $forum_list); @@ -363,7 +364,7 @@ function close_report($post_id_list, $mode, $action) trigger_error('NOT_AUTHORIZED'); } - if (($action == 'delete') && (strpos($user->data['session_page'], 'mode=report_details') !== false)) + if ($action == 'delete' && strpos($user->data['session_page'], 'mode=report_details') !== false) { $redirect = request_var('redirect', build_url(array('mode')) . '&mode=reports'); } @@ -474,8 +475,6 @@ function close_report($post_id_list, $mode, $action) // Notify reporters if (sizeof($notify_reporters)) { - $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); - foreach ($notify_reporters as $post_id => $reporter) { if ($reporter['user_id'] == ANONYMOUS) @@ -490,12 +489,10 @@ function close_report($post_id_list, $mode, $action) $messenger->im($reporter['user_jabber'], $reporter['username']); $messenger->assign_vars(array( - 'EMAIL_SIG' => $email_sig, - 'SITENAME' => $config['sitename'], - 'USERNAME' => html_entity_decode($reporter['username']), - 'CLOSER_NAME' => html_entity_decode($user->data['username']), - 'POST_SUBJECT' => html_entity_decode(censor_text($post_info[$post_id]['post_subject'])), - 'TOPIC_TITLE' => html_entity_decode(censor_text($post_info[$post_id]['topic_title']))) + 'USERNAME' => htmlspecialchars_decode($reporter['username']), + 'CLOSER_NAME' => htmlspecialchars_decode($user->data['username']), + 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($post_info[$post_id]['post_subject'])), + 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($post_info[$post_id]['topic_title']))) ); $messenger->send($reporter['user_notify_type']); diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index 691b92bd36..3b674139e9 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -37,6 +37,8 @@ function mcp_topic_view($id, $mode, $action) $to_topic_id = request_var('to_topic_id', 0); $to_forum_id = request_var('to_forum_id', 0); $post_id_list = request_var('post_id_list', array(0)); + + utf8_normalize_nfc(&$subject); // Split Topic? if ($action == 'split_all' || $action == 'split_beyond') @@ -96,10 +98,10 @@ function mcp_topic_view($id, $mode, $action) } $db->sql_freeresult($result); - if ($bbcode_bitfield) + if ($bbcode_bitfield !== '') { include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode($bbcode_bitfield); + $bbcode = new bbcode(base64_encode($bbcode_bitfield)); } foreach ($rowset as $i => $row) @@ -110,6 +112,7 @@ function mcp_topic_view($id, $mode, $action) $message = $row['post_text']; $post_subject = ($row['post_subject'] != '') ? $row['post_subject'] : $topic_info['topic_title']; + $message = str_replace("\n", '<br />', $message); if ($row['bbcode_bitfield']) { @@ -117,7 +120,6 @@ function mcp_topic_view($id, $mode, $action) } $message = smiley_text($message); - $message = str_replace("\n", '<br />', $message); if (!$row['post_approved']) { @@ -180,7 +182,7 @@ function mcp_topic_view($id, $mode, $action) 'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $topic_info['forum_id'] . '&t=' . $topic_info['topic_id']), 'TO_TOPIC_ID' => $to_topic_id, - 'TO_TOPIC_INFO' => ($to_topic_id) ? sprintf($user->lang['YOU_SELECTED_TOPIC'], $to_topic_id, '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $to_topic_info['forum_id'] . '&t=' . $to_topic_id) . '" target="_new">' . $to_topic_info['topic_title'] . '</a>') : '', + 'TO_TOPIC_INFO' => ($to_topic_id) ? sprintf($user->lang['YOU_SELECTED_TOPIC'], $to_topic_id, '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $to_topic_info['forum_id'] . '&t=' . $to_topic_id) . '">' . $to_topic_info['topic_title'] . '</a>') : '', 'SPLIT_SUBJECT' => $subject, 'POSTS_PER_PAGE' => $posts_per_page, @@ -197,6 +199,7 @@ function mcp_topic_view($id, $mode, $action) 'S_CAN_APPROVE' => ($has_unapproved_posts && $auth->acl_get('m_approve', $topic_info['forum_id'])) ? true : false, 'S_CAN_LOCK' => ($auth->acl_get('m_lock', $topic_info['forum_id'])) ? true : false, 'S_REPORT_VIEW' => ($action == 'reports') ? true : false, + 'S_MERGE_VIEW' => ($action == 'merge') ? true : false, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 'S_TOPIC_ICON' => $icon_id, @@ -302,7 +305,7 @@ function split_topic($action, $topic_id, $to_forum_id, $subject) $limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : ''; - if ($sort_order_sql{0} == 'u') + if ($sort_order_sql[0] == 'u') { $sql = 'SELECT p.post_id, p.forum_id, p.post_approved FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php index bc428570ab..da76dc8b58 100755 --- a/phpBB/includes/mcp/mcp_warn.php +++ b/phpBB/includes/mcp/mcp_warn.php @@ -247,6 +247,7 @@ function mcp_warn_post_view($id, $mode, $action) // We want to make the message available here as a reminder // Parse the message and subject $message = $userrow['post_text']; + $message = str_replace("\n", '<br />', censor_text($message)); // Second parse bbcode here if ($userrow['bbcode_bitfield']) @@ -260,9 +261,6 @@ function mcp_warn_post_view($id, $mode, $action) // Always process smilies after parsing bbcodes $message = smiley_text($message); - // Replace naughty words such as farty pants - $message = str_replace("\n", '<br />', censor_text($message)); - // Generate the appropriate user information for the user we are looking at $rank_title = $rank_img = ''; // get_user_rank($userrow['user_rank'], $userrow['user_posts'], $rank_title, $rank_img); @@ -312,11 +310,11 @@ function mcp_warn_user_view($id, $mode, $action) global $template, $db, $user, $auth; $user_id = request_var('u', 0); - $username = request_var('username', ''); + $username = request_var('username', '', true); $notify = (isset($_REQUEST['notify_user'])) ? true : false; $warning = request_var('warning', '', true); - $sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'"; + $sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $sql = 'SELECT * FROM ' . USERS_TABLE . ' @@ -405,7 +403,7 @@ function add_warning($userrow, $warning, $send_pm = true, $post_id = 0) $message_parser = new parse_message(); $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning); - $message_parser->parse(true, true, true, false, false, true); + $message_parser->parse(true, true, true, false, false, true, true); $pm_data = array( 'from_user_id' => $user->data['user_id'], |