diff options
author | Ludovic Arnaud <ludovic_arnaud@users.sourceforge.net> | 2003-07-02 22:38:59 +0000 |
---|---|---|
committer | Ludovic Arnaud <ludovic_arnaud@users.sourceforge.net> | 2003-07-02 22:38:59 +0000 |
commit | 01a68f9497aa849d6244742167cc9323b47a030d (patch) | |
tree | 02af6efb320108893c910d1f0b035d8122510433 /phpBB/report.php | |
parent | 2b16fc0874d39c2904b88d52828420ea8a2dd4d2 (diff) | |
download | forums-01a68f9497aa849d6244742167cc9323b47a030d.tar forums-01a68f9497aa849d6244742167cc9323b47a030d.tar.gz forums-01a68f9497aa849d6244742167cc9323b47a030d.tar.bz2 forums-01a68f9497aa849d6244742167cc9323b47a030d.tar.xz forums-01a68f9497aa849d6244742167cc9323b47a030d.zip |
A single post can now only be reported once
git-svn-id: file:///svn/phpbb/trunk@4193 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/report.php')
-rw-r--r-- | phpBB/report.php | 51 |
1 files changed, 17 insertions, 34 deletions
diff --git a/phpBB/report.php b/phpBB/report.php index a37190cec0..32c3b55c13 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -34,9 +34,7 @@ $auth->acl($user->data); $post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : 0; $reason_id = (!empty($_REQUEST['reason_id'])) ? intval($_REQUEST['reason_id']) : 0; $notify = (!empty($_REQUEST['notify']) && $user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE; -$description = (!empty($_REQUEST['description'])) ? stripslashes($_REQUEST['description']) : ''; -$report_id = (!empty($_REQUEST['report_id'])) ? intval($_REQUEST['report_id']) : 0; -$report_text = ''; +$report_text = (!empty($_REQUEST['report_text'])) ? htmlspecialchars(stripslashes($_REQUEST['report_text'])) : ''; // Has the report been cancelled? if (isset($_POST['cancel'])) @@ -68,39 +66,24 @@ foreach ($acl_check_ary as $acl => $error) { if (!$auth->acl_get($acl, $forum_id)) { - trigger_error($user->lang[$error]); + trigger_error($error); } } unset($acl_check_ary); -// Check if the user has already reported this post -if ($user->data['user_id'] != ANONYMOUS) -{ - $result = $db->sql_query('SELECT * FROM ' . REPORTS_TABLE . " WHERE post_id = $post_id AND user_id = " . $user->data['user_id']); +// Check if the post has already been reported +$result = $db->sql_query('SELECT * FROM ' . REPORTS_TABLE . " WHERE post_id = $post_id"); - if ($row = $db->sql_fetchrow($result)) +if ($row = $db->sql_fetchrow($result)) +{ + if ($user->data['user_id'] == $row['user_id'] && $user->data['user_id'] != ANONYMOUS) + { + extract($row); + } + else { - if ($report_id) - { - if ($user->data['user_id'] == $row['user_id']) - { - $report_text = $row['report_text']; - } - else - { - $report_id = 0; - } - } - else - { - $report_id = intval($row['report_id']); - $reason_id = intval($row['reason_id']); - - $return_topic = '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], "<a href=\"viewtopic.$phpEx$SID&p=$post_id#$post_id\">", '</a>'); - $return_report = '<br /><br />' . sprintf($user->lang['EDIT_REPORT'], "<a href=\"report.$phpEx$SID&report_id=$report_id&reason_id=$reason_id&p=$post_id\">", '</a>'); - - trigger_error($user->lang['ALREADY_REPORTED'] . $return_report . $return_topic); - } + $return_topic = '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], "<a href=\"viewtopic.$phpEx$SID&p=$post_id#$post_id\">", '</a>'); + trigger_error($user->lang['ALREADY_REPORTED'] . $return_topic); } } else @@ -116,19 +99,19 @@ if (!empty($_POST['reason_id'])) WHERE reason_id = $reason_id"; $result = $db->sql_query($sql); - if (!($row = $db->sql_fetchrow($result)) || (!$description && $row['reason_name'] == 'other')) + if (!($row = $db->sql_fetchrow($result)) || (!$report_text && $row['reason_name'] == 'other')) { trigger_error('EMPTY_REPORT'); } $db->sql_freeresult($result); $sql_ary = array( - 'reason_id' => (int) $reason_id, + 'reason_id' => (int) $reason_id, 'post_id' => (int) $post_id, 'user_id' => (int) $user->data['user_id'], 'user_notify' => (int) $notify, 'report_time' => (int) time(), - 'report_text' => (string) $description + 'report_text' => (string) $report_text ); if ($report_id) @@ -193,7 +176,7 @@ while ($row = $db->sql_fetchrow($result)) } $template->assign_vars(array( - 'REPORT_TEXT' => htmlspecialchars($report_text), + 'REPORT_TEXT' => $report_text, 'S_REPORT_ACTION' => "report.$phpEx$SID&p=$post_id" . (($report_id) ? "&report_id=$report_id" : ''), 'S_CAN_NOTIFY' => ($user->data['user_id'] == ANONYMOUS) ? FALSE : TRUE )); |