+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\controller;

+

+use phpbb\exception\http_exception;

+use Symfony\Component\HttpFoundation\RedirectResponse;

+

+class report

+{

+ /**

+ * @var \phpbb\config\db

+ */

+ protected $config;

+

+ /**

+ * @var \phpbb\user

+ */

+ protected $user;

+

+ /**

+ * @var \phpbb\template\template

+ */

+ protected $template;

+

+ /**

+ * @var \phpbb\controller\helper

+ */

+ protected $helper;

+

+ /**

+ * @var \phpbb\request\request_interface

+ */

+ protected $request;

+

+ /**

+ * @var \phpbb\captcha\factory

+ */

+ protected $captcha_factory;

+

+ /**

+ * @var string

+ */

+ protected $phpbb_root_path;

+

+ /**

+ * @var string

+ */

+ protected $php_ext;

+

+ /**

+ * @var \phpbb\report\report_handler_interface

+ */

+ protected $report_handler;

+

+ /**

+ * @var \phpbb\report\report_reason_list_provider

+ */

+ protected $report_reason_provider;

+

+ public function __construct(\phpbb\config\db $config, \phpbb\user $user, \phpbb\template\template $template, \phpbb\controller\helper $helper, \phpbb\request\request_interface $request, \phpbb\captcha\factory $captcha_factory, \phpbb\report\handler_factory $report_factory, \phpbb\report\report_reason_list_provider $ui_provider, $phpbb_root_path, $php_ext)

+ {

+ $this->config = $config;

+ $this->user = $user;

+ $this->template = $template;

+ $this->helper = $helper;

+ $this->request = $request;

+ $this->phpbb_root_path = $phpbb_root_path;

+ $this->php_ext = $php_ext;

+ $this->captcha_factory = $captcha_factory;

+ $this->report_handler = $report_factory;

+

+ // User interface factory

+ $this->report_reason_provider = $ui_provider;

+ }

+

+ /**

+ * Controller for /path_to_entities/{id}/report routes

+ *

+ * Because of how phpBB organizes routes $mode must be set in the route config.

+ *

+ * @param int $id ID of the entity to report

+ * @param string $mode

+ * @return \Symfony\Component\HttpFoundation\Response a Symfony response object

+ * @throws \phpbb\exception\http_exception when $mode or $id is invalid for some reason

+ */

+ public function handle($id, $mode)

+ {

+ // Get report handler

+ $this->report_handler = $this->report_handler->get_instance($mode);

+

+ $this->user->add_lang('mcp');

+

+ $user_notify = ($this->user->data['is_registered']) ? $this->request->variable('notify', 0) : false;

+ $reason_id = $this->request->variable('reason_id', 0);

+ $report_text = $this->request->variable('report_text', '', true);

+

+ $submit = $this->request->variable('submit', '');

+ $cancel = $this->request->variable('cancel', '');

+

+ $error = array();

+ $s_hidden_fields = '';

+

+ $redirect_url = append_sid(

+ $this->phpbb_root_path . ( ($mode === 'pm') ? 'ucp' : 'viewtopic' ) . ".{$this->php_ext}",

+ ($mode == 'pm') ? "i=pm&mode=view&p=$id" : "p=$id"

+ );

+ $redirect_url .= ($mode === 'post') ? "#p$id" : '';

+

+ // Set up CAPTCHA if necessary

+ if ($this->config['enable_post_confirm'] && !$this->user->data['is_registered'])

+ {

+ $captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']);

+ $captcha->init(CONFIRM_REPORT);

+ }

+

+ //Has the report been cancelled?

+ if (!empty($cancel))

+ {

+ return new RedirectResponse($redirect_url, 302);

+ }

+

+ // Check CAPTCHA, if the form was submited

+ if (!empty($submit) && isset($captcha))

+ {

+ $captcha_template_array = $this->check_captcha($captcha);

+ $error = $captcha_template_array['error'];

+ $s_hidden_fields = $captcha_template_array['hidden_fields'];

+ }

+

+ // Handle request

+ try

+ {

+ if (!empty($submit) && sizeof($error) === 0)

+ {

+ $this->report_handler->add_report(

+ (int) $id,

+ (int) $reason_id,

+ (string) $report_text,

+ (int) $user_notify

+ );

+

+ // Send success message

+ switch ($mode)

+ {

+ case 'pm':

+ $lang_return = $this->user->lang['RETURN_PM'];

+ $lang_success = $this->user->lang['PM_REPORTED_SUCCESS'];

+ break;

+ case 'post':

+ $lang_return = $this->user->lang['RETURN_TOPIC'];

+ $lang_success = $this->user->lang['POST_REPORTED_SUCCESS'];

+ break;

+ }

+

+ $this->helper->assign_meta_refresh_var(3, $redirect_url);

+ $message = $lang_success . '<br /><br />' . sprintf($lang_return, '<a href="' . $redirect_url . '">', '</a>');

+ return $this->helper->message($message);

+ }

+ else

+ {

+ $this->report_handler->validate_report_request($id);

+ }

+ }

+ catch (\phpbb\report\exception\pm_reporting_disabled_exception $exception)

+ {

+ throw new http_exception(404, 'PAGE_NOT_FOUND');

+ }

+ catch (\phpbb\report\exception\already_reported_exception $exception)

+ {

+ switch ($mode)

+ {

+ case 'pm':

+ $message = $this->user->lang['ALREADY_REPORTED_PM'];

+ $message .= '<br /><br />' . sprintf($this->user->lang['RETURN_PM'], '<a href="' . $redirect_url . '">', '</a>');

+ break;

+ case 'post':

+ $message = $this->user->lang['ALREADY_REPORTED'];

+ $message .= '<br /><br />' . sprintf($this->user->lang['RETURN_TOPIC'], '<a href="' . $redirect_url . '">', '</a>');

+ break;

+ }

+

+ return $this->helper->message($message);

+ }

+ catch (\phpbb\report\exception\report_permission_denied_exception $exception)

+ {

+ $message = $exception->getMessage();

+ if (isset($this->user->lang[$message]))

+ {

+ $message = $this->user->lang[$message];

+ }

+

+ throw new http_exception(403, $message);

+ }

+ catch (\phpbb\report\exception\entity_not_found_exception $exception)

+ {

+ $message = $exception->getMessage();

+ if (isset($this->user->lang[$message]))

+ {

+ $message = $this->user->lang[$message];

+ }

+

+ throw new http_exception(404, $message);

+ }

+ catch (\phpbb\report\exception\empty_report_exception $exception)

+ {

+ $error[] = $this->user->lang['EMPTY_REPORT'];

+ }

+ catch (\phpbb\report\exception\invalid_report_exception $exception)

+ {

+ return $this->helper->message($exception->getMessage());

+ }

+

+ // Setting up an rendering template

+ $page_title = ($mode === 'pm') ? $this->user->lang['REPORT_MESSAGE'] : $this->user->lang['REPORT_POST'];

+ $this->assign_template_data(

+ $mode,

+ $id,

+ $reason_id,

+ $report_text,

+ $user_notify,

+ $error,

+ $s_hidden_fields,

+ ( isset($captcha) ? $captcha : false )

+ );

+

+ return $this->helper->render('report_body.html', $page_title);

+ }

+

+ /**

+ * Assigns template variables

+ *

+ * @param int $mode

+ * @param int $id

+ * @param int $reason_id

+ * @param string $report_text

+ * @param mixed $user_notify

+ * @param array $error

+ * @param string $s_hidden_fields

+ * @param mixed $captcha

+ * @return null

+ */

+ protected function assign_template_data($mode, $id, $reason_id, $report_text, $user_notify, $error = array(), $s_hidden_fields = '', $captcha = false)

+ {

+ if ($captcha !== false && $captcha->is_solved() === false)

+ {

+ $this->template->assign_vars(array(

+ 'S_CONFIRM_CODE' => true,

+ 'CAPTCHA_TEMPLATE' => $captcha->get_template(),

+ ));

+ }

+

+ $this->report_reason_provider->display_reasons($reason_id);

+

+ switch ($mode)

+ {

+ case 'pm':

+ $report_route = $this->helper->route('phpbb_report_pm_controller', array('id' => $id));

+ break;

+ case 'post':

+ $report_route = $this->helper->route('phpbb_report_post_controller', array('id' => $id));

+ break;

+ }

+

+ $this->template->assign_vars(array(

+ 'ERROR' => (sizeof($error) > 0) ? implode('<br />', $error) : '',

+ 'S_REPORT_POST' => ($mode === 'pm') ? false : true,

+ 'REPORT_TEXT' => $report_text,

+ 'S_HIDDEN_FIELDS' => (!empty($s_hidden_fields)) ? $s_hidden_fields : null,

+ 'S_REPORT_ACTION' => $report_route,

+

+ 'S_NOTIFY' => $user_notify,

+ 'S_CAN_NOTIFY' => ($this->user->data['is_registered']) ? true : false,

+ 'S_IN_REPORT' => true,

+ ));

+ }

+

+ /**

+ * Check CAPTCHA

+ *

+ * @param object $captcha A phpBB CAPTCHA object

+ * @return array template variables which ensures that CAPTCHA's work correctly

+ */

+ protected function check_captcha($captcha)

+ {

+ $error = array();

+ $captcha_hidden_fields = '';

+

+ $visual_confirmation_response = $captcha->validate();

+ if ($visual_confirmation_response)

+ {

+ $error[] = $visual_confirmation_response;

+ }

+

+ if (sizeof($error) === 0)

+ {

+ $captcha->reset();

+ }

+ else if ($captcha->is_solved() !== false)

+ {

+ $captcha_hidden_fields = build_hidden_fields($captcha->get_hidden_fields());

+ }

+

+ return array(

+ 'error' => $error,

+ 'hidden_fields' => $captcha_hidden_fields,

+ );

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+class already_reported_exception extends invalid_report_exception

+{

+

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+class empty_report_exception extends invalid_report_exception

+{

+ public function __construct()

+ {

+ parent::__construct('EMPTY_REPORT');

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+class entity_not_found_exception extends invalid_report_exception

+{

+

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+use \phpbb\exception\runtime_exception;

+

+class factory_invalid_argument_exception extends runtime_exception

+{

+

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+use \phpbb\exception\runtime_exception;

+

+class invalid_report_exception extends runtime_exception

+{

+

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+class pm_reporting_disabled_exception extends invalid_report_exception

+{

+ public function __construct()

+ {

+

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report\exception;

+

+class report_permission_denied_exception extends invalid_report_exception

+{

+

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report;

+

+use phpbb\report\exception\factory_invalid_argument_exception;

+

+class handler_factory

+{

+ /**

+ * @var \Symfony\Component\DependencyInjection\ContainerInterface

+ */

+ protected $container;

+

+ /**

+ * Constructor

+ *

+ * @param \Symfony\Component\DependencyInjection\ContainerInterface $container

+ */

+ public function __construct(\Symfony\Component\DependencyInjection\ContainerInterface $container)

+ {

+ $this->container = $container;

+ }

+

+ /**

+ * Return a new instance of an appropriate report handler

+ *

+ * @param string $type

+ * @return \phpbb\report\report_handler_interface

+ * @throws \phpbb\report\exception\factory_invalid_argument_exception if $type is not valid

+ */

+ public function get_instance($type)

+ {

+ switch ($type)

+ {

+ case 'pm':

+ return $this->container->get('phpbb.report.handlers.report_handler_pm');

+ break;

+ case 'post':

+ return $this->container->get('phpbb.report.handlers.report_handler_post');

+ break;

+ }

+

+ throw new factory_invalid_argument_exception();

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report;

+

+abstract class report_handler implements report_handler_interface

+{

+ /**

+ * @var \phpbb\db\driver\driver_interface

+ */

+ protected $db;

+

+ /**

+ * @var \phpbb\event\dispatcher_interface

+ */

+ protected $dispatcher;

+

+ /**

+ * @var \phpbb\config\db

+ */

+ protected $config;

+

+ /**

+ * @var \phpbb\auth\auth

+ */

+ protected $auth;

+

+ /**

+ * @var \phpbb\user

+ */

+ protected $user;

+

+ /**

+ * @var \phpbb\notification\manager

+ */

+ protected $notifications;

+

+ /**

+ * @var array

+ */

+ protected $report_data;

+

+ /**

+ * Construtor

+ *

+ * @param \phpbb\db\driver\driver_interface $db

+ * @param \phpbb\event\dispatcher_interface $dispatcher

+ * @param \phpbb\config\db $config

+ * @param \phpbb\auth\auth $auth

+ * @param \phpbb\user $user

+ * @param \phpbb\notification\manager $notification

+ */

+ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\config\db $config, \phpbb\auth\auth $auth, \phpbb\user $user, \phpbb\notification\manager $notification)

+ {

+ $this->db = $db;

+ $this->dispatcher = $dispatcher;

+ $this->config = $config;

+ $this->auth = $auth;

+ $this->user = $user;

+ $this->notifications = $notification;

+ $this->report_data = array();

+ }

+

+ /**

+ * Creates a report entity in the database

+ *

+ * @param array $report_data

+ * @return int the ID of the created entity

+ */

+ protected function create_report(array $report_data)

+ {

+ $sql_ary = array(

+ 'reason_id' => (int) $report_data['reason_id'],

+ 'post_id' => $report_data['post_id'],

+ 'pm_id' => $report_data['pm_id'],

+ 'user_id' => (int) $this->user->data['user_id'],

+ 'user_notify' => (int) $report_data['user_notify'],

+ 'report_closed' => 0,

+ 'report_time' => (int) time(),

+ 'report_text' => (string) $report_data['report_text'],

+ 'reported_post_text' => $report_data['reported_post_text'],

+ 'reported_post_uid' => $report_data['reported_post_uid'],

+ 'reported_post_bitfield' => $report_data['reported_post_bitfield'],

+ 'reported_post_enable_bbcode' => $report_data['reported_post_enable_bbcode'],

+ 'reported_post_enable_smilies' => $report_data['reported_post_enable_smilies'],

+ 'reported_post_enable_magic_url' => $report_data['reported_post_enable_magic_url'],

+ );

+

+ $sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);

+ $this->db->sql_query($sql);

+

+ return $this->db->sql_nextid();

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report;

+

+interface report_handler_interface

+{

+ /**

+ * Reports a message

+ *

+ * @param int $id

+ * @param int $reason_id

+ * @param string $report_text

+ * @param int $user_notify

+ * @return null

+ * @throws \phpbb\report\exception\empty_report_exception when the given report is empty

+ * @throws \phpbb\report\exception\already_reported_exception when the entity is already reported

+ * @throws \phpbb\report\exception\entity_not_found_exception when the entity does not exist or the user does not have viewing permissions for it

+ * @throws \phpbb\report\exception\invalid_report_exception when the entity cannot be reported for some other reason

+ */

+ public function add_report($id, $reason_id, $report_text, $user_notify);

+

+ /**

+ * Checks if the message is reportable

+ *

+ * @param int $id

+ * @return null

+ * @throws \phpbb\report\exception\already_reported_exception when the entity is already reported

+ * @throws \phpbb\report\exception\entity_not_found_exception when the entity does not exist or the user does not have viewing permissions for it

+ * @throws \phpbb\report\exception\invalid_report_exception when the entity cannot be reported for some other reason

+ */

+ public function validate_report_request($id);

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report;

+

+use phpbb\report\exception\empty_report_exception;

+use phpbb\report\exception\already_reported_exception;

+use phpbb\report\exception\pm_reporting_disabled_exception;

+use phpbb\report\exception\entity_not_found_exception;

+

+class report_handler_pm extends report_handler

+{

+ /**

+ * {@inheritdoc}

+ * @throws \phpbb\report\exception\pm_reporting_disabled_exception when PM reporting is disabled on the board

+ */

+ public function add_report($id, $reason_id, $report_text, $user_notify)

+ {

+ // Cast the input variables

+ $id = (int) $id;

+ $reason_id = (int) $reason_id;

+ $report_text = (string) $report_text;

+ $user_notify = (int) $user_notify;

+

+ $this->validate_report_request($id);

+

+ $sql = 'SELECT *

+ FROM ' . REPORTS_REASONS_TABLE . "

+ WHERE reason_id = $reason_id";

+ $result = $this->db->sql_query($sql);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ if (!$row || (empty($report_text) && strtolower($row['reason_title']) === 'other'))

+ {

+ throw new empty_report_exception();

+ }

+

+ $report_data = array(

+ 'reason_id' => $reason_id,

+ 'post_id' => 0,

+ 'pm_id' => $id,

+ 'user_notify' => $user_notify,

+ 'report_text' => $report_text,

+ 'reported_post_text' => $this->report_data['message_text'],

+ 'reported_post_uid' => $this->report_data['bbcode_bitfield'],

+ 'reported_post_bitfield' => $this->report_data['bbcode_uid'],

+ 'reported_post_enable_bbcode' => $this->report_data['enable_bbcode'],

+ 'reported_post_enable_smilies' => $this->report_data['enable_smilies'],

+ 'reported_post_enable_magic_url' => $this->report_data['enable_magic_url'],

+ );

+

+ $report_id = $this->create_report($report_data);

+

+ $sql = 'UPDATE ' . PRIVMSGS_TABLE . '

+ SET message_reported = 1

+ WHERE msg_id = ' . $id;

+ $this->db->sql_query($sql);

+

+ $sql_ary = array(

+ 'msg_id' => $id,

+ 'user_id' => ANONYMOUS,

+ 'author_id' => (int) $this->report_data['author_id'],

+ 'pm_deleted' => 0,

+ 'pm_new' => 0,

+ 'pm_unread' => 0,

+ 'pm_replied' => 0,

+ 'pm_marked' => 0,

+ 'pm_forwarded' => 0,

+ 'folder_id' => PRIVMSGS_INBOX,

+ );

+

+ $sql = 'INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);

+ $this->db->sql_query($sql);

+

+ $this->notifications->add_notifications('notification.type.report_pm', array_merge($this->report_data, $row, array(

+ 'report_text' => $report_text,

+ 'from_user_id' => $this->report_data['author_id'],

+ 'report_id' => $report_id,

+ )));

+ }

+

+ /**

+ * {@inheritdoc}

+ * @throws \phpbb\report\exception\pm_reporting_disabled_exception when PM reporting is disabled on the board

+ */

+ public function validate_report_request($id)

+ {

+ $id = (int) $id;

+

+ // Check if reporting PMs is enabled

+ if (!$this->config['allow_pm_report'])

+ {

+ throw new pm_reporting_disabled_exception();

+ }

+ else if ($id <= 0)

+ {

+ throw new entity_not_found_exception('NO_POST_SELECTED');

+ }

+

+ // Grab all relevant data

+ $sql = 'SELECT p.*, pt.*

+ FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . " pt

+ WHERE p.msg_id = $id

+ AND p.msg_id = pt.msg_id

+ AND (p.author_id = " . $this->user->data['user_id'] . "

+ OR pt.user_id = " . $this->user->data['user_id'] . ")";

+ $result = $this->db->sql_query($sql);

+ $report_data = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ // Check if message exists

+ if (!$report_data)

+ {

+ $this->user->add_lang('ucp');

+ throw new entity_not_found_exception('NO_MESSAGE');

+ }

+

+ // Check if message is already reported

+ if ($report_data['message_reported'])

+ {

+ throw new already_reported_exception();

+ }

+

+ $this->report_data = $report_data;

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report;

+

+use phpbb\report\exception\invalid_report_exception;

+use phpbb\report\exception\empty_report_exception;

+use phpbb\report\exception\already_reported_exception;

+use phpbb\report\exception\entity_not_found_exception;

+use phpbb\report\exception\report_permission_denied_exception;

+

+class report_handler_post extends report_handler

+{

+ /**

+ * @var array

+ */

+ protected $forum_data;

+

+ /**

+ * {@inheritdoc}

+ * @throws \phpbb\report\exception\report_permission_denied_exception when the user does not have permission to report the post

+ */

+ public function add_report($id, $reason_id, $report_text, $user_notify)

+ {

+ // Cast the input variables

+ $id = (int) $id;

+ $reason_id = (int) $reason_id;

+ $report_text = (string) $report_text;

+ $user_notify = (int) $user_notify;

+

+ $this->validate_report_request($id);

+

+ $sql = 'SELECT *

+ FROM ' . REPORTS_REASONS_TABLE . "

+ WHERE reason_id = $reason_id";

+ $result = $this->db->sql_query($sql);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ if (!$row || (empty($report_text) && strtolower($row['reason_title']) === 'other'))

+ {

+ throw new empty_report_exception();

+ }

+

+ $report_data = array(

+ 'reason_id' => $reason_id,

+ 'post_id' => $id,

+ 'pm_id' => 0,

+ 'user_notify' => $user_notify,

+ 'report_text' => $report_text,

+ 'reported_post_text' => $this->report_data['post_text'],

+ 'reported_post_uid' => $this->report_data['bbcode_bitfield'],

+ 'reported_post_bitfield' => $this->report_data['bbcode_uid'],

+ 'reported_post_enable_bbcode' => $this->report_data['enable_bbcode'],

+ 'reported_post_enable_smilies' => $this->report_data['enable_smilies'],

+ 'reported_post_enable_magic_url' => $this->report_data['enable_magic_url'],

+ );

+

+ $report_id = $this->create_report($report_data);

+

+ $sql = 'UPDATE ' . POSTS_TABLE . '

+ SET post_reported = 1

+ WHERE post_id = ' . $id;

+ $this->db->sql_query($sql);

+

+ if (!$this->report_data['topic_reported'])

+ {

+ $sql = 'UPDATE ' . TOPICS_TABLE . '

+ SET topic_reported = 1

+ WHERE topic_id = ' . $this->report_data['topic_id'] . '

+ OR topic_moved_id = ' . $this->report_data['topic_id'];

+ $this->db->sql_query($sql);

+ }

+

+ $this->notifications->add_notifications('notification.type.report_post', array_merge($this->report_data, $row, $this->forum_data, array(

+ 'report_text' => $report_text,

+ )));

+ }

+

+ /**

+ * {@inheritdoc}

+ * @throws \phpbb\report\exception\report_permission_denied_exception when the user does not have permission to report the post

+ */

+ public function validate_report_request($id)

+ {

+ $id = (int) $id;

+

+ // Check if id is valid

+ if ($id <= 0)

+ {

+ throw new entity_not_found_exception('NO_POST_SELECTED');

+ }

+

+ // Grab all relevant data

+ $sql = 'SELECT t.*, p.*

+ FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t

+ WHERE p.post_id = $id

+ AND p.topic_id = t.topic_id";

+ $result = $this->db->sql_query($sql);

+ $report_data = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ if (!$report_data)

+ {

+ throw new entity_not_found_exception('POST_NOT_EXIST');

+ }

+

+ $forum_id = (int) $report_data['forum_id'];

+

+ $sql = 'SELECT *

+ FROM ' . FORUMS_TABLE . '

+ WHERE forum_id = ' . $forum_id;

+ $result = $this->db->sql_query($sql);

+ $forum_data = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ if (!$forum_data)

+ {

+ throw new invalid_report_exception('FORUM_NOT_EXIST');

+ }

+

+ $acl_check_ary = array(

+ 'f_list' => 'POST_NOT_EXIST',

+ 'f_read' => 'USER_CANNOT_READ',

+ 'f_report' => 'USER_CANNOT_REPORT'

+ );

+

+ /**

+ * This event allows you to do extra auth checks and verify if the user

+ * has the required permissions

+ *

+ * @event core.report_post_auth

+ * @var array forum_data All data available from the forums table on this post's forum

+ * @var array report_data All data available from the topics and the posts tables on this post (and its topic)

+ * @var array acl_check_ary An array with the ACL to be tested. The evaluation is made in the same order as the array is sorted

+ * The key is the ACL name and the value is the language key for the error message.

+ * @since 3.1.3-RC1

+ */

+ $vars = array(

+ 'forum_data',

+ 'report_data',

+ 'acl_check_ary',

+ );

+ extract($this->dispatcher->trigger_event('core.report_post_auth', compact($vars)));

+

+ $this->auth->acl($this->user->data);

+

+ foreach ($acl_check_ary as $acl => $error)

+ {

+ if (!$this->auth->acl_get($acl, $forum_id))

+ {

+ throw new report_permission_denied_exception($error);

+ }

+ }

+ unset($acl_check_ary);

+

+ if ($report_data['post_reported'])

+ {

+ throw new already_reported_exception();

+ }

+

+ $this->report_data = $report_data;

+ $this->forum_data = $forum_data;

+ }

+}

+<?php

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\report;

+

+class report_reason_list_provider

+{

+ /**

+ * @var \phpbb\db\driver\driver_interface

+ */

+ protected $db;

+

+ /**

+ * @var \phpbb\template\template

+ */

+ protected $template;

+

+ /**

+ * @var \phpbb\user

+ */

+ protected $user;

+

+ /**

+ * Constructor

+ *

+ * @param \phpbb\db\driver\driver_interface $db

+ * @param \phpbb\template\template $template

+ * @param \phpbb\user $user

+ */

+ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\template\template $template, \phpbb\user $user)

+ {

+ $this->db = $db;

+ $this->template = $template;

+ $this->user = $user;

+ }

+

+ /**

+ * Sets template variables to render report reasons select HTML input

+ *

+ * @param int $reason_id

+ * @return null

+ */

+ public function display_reasons($reason_id = 0)

+ {

+ $sql = 'SELECT *

+ FROM ' . REPORTS_REASONS_TABLE . '

+ ORDER BY reason_order ASC';

+ $result = $this->db->sql_query($sql);

+

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ // If the reason is defined within the language file, we will use the localized version, else just use the database entry...

+ if (isset($this->user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($this->user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))

+ {

+ $row['reason_description'] = $this->user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];

+ $row['reason_title'] = $this->user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];

+ }

+

+ $this->template->assign_block_vars('reason', array(

+ 'ID' => $row['reason_id'],

+ 'TITLE' => $row['reason_title'],

+ 'DESCRIPTION' => $row['reason_description'],

+ 'S_SELECTED' => ($row['reason_id'] == $reason_id) ? true : false,

+ ));

+ }

+ $this->db->sql_freeresult($result);

+ }

+}