p_master = &$p_master;
}
function main($id, $mode)
{
global $auth, $db, $user, $template;
global $config, $phpbb_root_path, $phpEx;
$action = request_var('action', array('' => ''));
if (is_array($action))
{
list($action, ) = each($action);
}
$this->page_title = 'MCP_WARN';
add_form_key('mcp_warn');
switch ($mode)
{
case 'front':
$this->mcp_warn_front_view();
$this->tpl_name = 'mcp_warn_front';
break;
case 'list':
$this->mcp_warn_list_view($action);
$this->tpl_name = 'mcp_warn_list';
break;
case 'warn_post':
$this->mcp_warn_post_view($action);
$this->tpl_name = 'mcp_warn_post';
break;
case 'warn_user':
$this->mcp_warn_user_view($action);
$this->tpl_name = 'mcp_warn_user';
break;
}
}
/**
* Generates the summary on the main page of the warning module
*/
function mcp_warn_front_view()
{
global $phpEx, $phpbb_root_path, $config;
global $template, $db, $user, $auth;
$template->assign_vars(array(
'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true'),
'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user'),
));
// Obtain a list of the 5 naughtiest users....
// These are the 5 users with the highest warning count
$highest = array();
$count = 0;
view_warned_users($highest, $count, 5);
foreach ($highest as $row)
{
$template->assign_block_vars('highest', array(
'U_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $row['user_id']),
'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
'USERNAME' => $row['username'],
'USERNAME_COLOUR' => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
'U_USER' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']),
'WARNING_TIME' => $user->format_date($row['user_last_warning']),
'WARNINGS' => $row['user_warnings'],
));
}
// And now the 5 most recent users to get in trouble
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_warnings, w.warning_time
FROM ' . USERS_TABLE . ' u, ' . WARNINGS_TABLE . ' w
WHERE u.user_id = w.user_id
ORDER BY w.warning_time DESC';
$result = $db->sql_query_limit($sql, 5);
while ($row = $db->sql_fetchrow($result))
{
$template->assign_block_vars('latest', array(
'U_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $row['user_id']),
'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
'USERNAME' => $row['username'],
'USERNAME_COLOUR' => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
'U_USER' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']),
'WARNING_TIME' => $user->format_date($row['warning_time']),
'WARNINGS' => $row['user_warnings'],
));
}
$db->sql_freeresult($result);
}
/**
* Lists all users with warnings
*/
function mcp_warn_list_view($action)
{
global $phpEx, $phpbb_root_path, $config;
global $template, $db, $user, $auth;
$user->add_lang('memberlist');
$start = request_var('start', 0);
$st = request_var('st', 0);
$sk = request_var('sk', 'b');
$sd = request_var('sd', 'd');
$limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
$sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_WARNINGS']);
$sort_by_sql = array('a' => 'username_clean', 'b' => 'user_last_warning', 'c' => 'user_warnings');
$s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
gen_sort_selects($limit_days, $sort_by_text, $st, $sk, $sd, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
// Define where and sort sql for use in displaying logs
$sql_where = ($st) ? (time() - ($st * 86400)) : 0;
$sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC');
$users = array();
$user_count = 0;
view_warned_users($users, $user_count, $config['topics_per_page'], $start, $sql_where, $sql_sort);
foreach ($users as $row)
{
$template->assign_block_vars('user', array(
'U_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $row['user_id']),
'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
'USERNAME' => $row['username'],
'USERNAME_COLOUR' => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
'U_USER' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']),
'WARNING_TIME' => $user->format_date($row['user_last_warning']),
'WARNINGS' => $row['user_warnings'],
));
}
$base_url = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=warn&mode=list&st=$st&sk=$sk&sd=$sd");
phpbb_generate_template_pagination($template, $base_url, 'pagination', 'start', $user_count, $config['topics_per_page'], $start);
$template->assign_vars(array(
'U_POST_ACTION' => $this->u_action,
'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false,
'S_SELECT_SORT_DIR' => $s_sort_dir,
'S_SELECT_SORT_KEY' => $s_sort_key,
'S_SELECT_SORT_DAYS' => $s_limit_days,
'PAGE_NUMBER' => phpbb_on_page($template, $user, $base_url, $user_count, $config['topics_per_page'], $start),
'TOTAL_USERS' => $user->lang('LIST_USERS', (int) $user_count),
));
}
/**
* Handles warning the user when the warning is for a specific post
*/
function mcp_warn_post_view($action)
{
global $phpEx, $phpbb_root_path, $config;
global $template, $db, $user, $auth;
$post_id = request_var('p', 0);
$forum_id = request_var('f', 0);
$notify = (isset($_REQUEST['notify_user'])) ? true : false;
$warning = utf8_normalize_nfc(request_var('warning', '', true));
$sql = 'SELECT u.*, p.*
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
WHERE p.post_id = $post_id
AND u.user_id = p.poster_id";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row)
{
trigger_error('NO_POST');
}
// There is no point issuing a warning to ignored users (ie anonymous and bots)
if ($user_row['user_type'] == USER_IGNORE)
{
trigger_error('CANNOT_WARN_ANONYMOUS');
}
// Prevent someone from warning themselves
if ($user_row['user_id'] == $user->data['user_id'])
{
trigger_error('CANNOT_WARN_SELF');
}
// Check if there is already a warning for this post to prevent multiple
// warnings for the same offence
$sql = 'SELECT post_id
FROM ' . WARNINGS_TABLE . "
WHERE post_id = $post_id";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
trigger_error('ALREADY_WARNED');
}
$user_id = $user_row['user_id'];
if (strpos($this->u_action, "&f=$forum_id&p=$post_id") === false)
{
$this->p_master->adjust_url("&f=$forum_id&p=$post_id");
$this->u_action .= "&f=$forum_id&p=$post_id";
}
// Check if can send a notification
if ($config['allow_privmsg'])
{
$auth2 = new \phpbb\auth\auth();
$auth2->acl($user_row);
$s_can_notify = ($auth2->acl_get('u_readpm')) ? true : false;
unset($auth2);
}
else
{
$s_can_notify = false;
}
// Prevent against clever people
if ($notify && !$s_can_notify)
{
$notify = false;
}
if ($warning && $action == 'add_warning')
{
if (check_form_key('mcp_warn'))
{
add_warning($user_row, $warning, $notify, $post_id);
$msg = $user->lang['USER_WARNING_ADDED'];
}
else
{
$msg = $user->lang['FORM_INVALID'];
}
$redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&mode=user_notes&u=$user_id");
meta_refresh(2, $redirect);
trigger_error($msg . '
' . sprintf($user->lang['RETURN_PAGE'], '', ''));
}
// OK, they didn't submit a warning so lets build the page for them to do so
// We want to make the message available here as a reminder
// Parse the message and subject
$parse_flags = OPTION_FLAG_SMILIES | ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0);
$message = generate_text_for_display($user_row['post_text'], $user_row['bbcode_uid'], $user_row['bbcode_bitfield'], $parse_flags, true);
// Generate the appropriate user information for the user we are looking at
if (!function_exists('phpbb_get_user_avatar'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src);
$avatar_img = phpbb_get_user_avatar($user_row);
$template->assign_vars(array(
'U_POST_ACTION' => $this->u_action,
'POST' => $message,
'USERNAME' => $user_row['username'],
'USER_COLOR' => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '',
'RANK_TITLE' => $rank_title,
'JOINED' => $user->format_date($user_row['user_regdate']),
'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0,
'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0,
'AVATAR_IMG' => $avatar_img,
'RANK_IMG' => $rank_img,
'L_WARNING_POST_DEFAULT' => sprintf($user->lang['WARNING_POST_DEFAULT'], generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&p=$post_id#p$post_id"),
'S_CAN_NOTIFY' => $s_can_notify,
));
}
/**
* Handles warning the user
*/
function mcp_warn_user_view($action)
{
global $phpEx, $phpbb_root_path, $config, $module;
global $template, $db, $user, $auth;
$user_id = request_var('u', 0);
$username = request_var('username', '', true);
$notify = (isset($_REQUEST['notify_user'])) ? true : false;
$warning = utf8_normalize_nfc(request_var('warning', '', true));
$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE ' . $sql_where;
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row)
{
trigger_error('NO_USER');
}
// Prevent someone from warning themselves
if ($user_row['user_id'] == $user->data['user_id'])
{
trigger_error('CANNOT_WARN_SELF');
}
$user_id = $user_row['user_id'];
if (strpos($this->u_action, "&u=$user_id") === false)
{
$this->p_master->adjust_url('&u=' . $user_id);
$this->u_action .= "&u=$user_id";
}
// Check if can send a notification
if ($config['allow_privmsg'])
{
$auth2 = new \phpbb\auth\auth();
$auth2->acl($user_row);
$s_can_notify = ($auth2->acl_get('u_readpm')) ? true : false;
unset($auth2);
}
else
{
$s_can_notify = false;
}
// Prevent against clever people
if ($notify && !$s_can_notify)
{
$notify = false;
}
if ($warning && $action == 'add_warning')
{
if (check_form_key('mcp_warn'))
{
add_warning($user_row, $warning, $notify);
$msg = $user->lang['USER_WARNING_ADDED'];
}
else
{
$msg = $user->lang['FORM_INVALID'];
}
$redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&mode=user_notes&u=$user_id");
meta_refresh(2, $redirect);
trigger_error($msg . '
' . sprintf($user->lang['RETURN_PAGE'], '', ''));
}
// Generate the appropriate user information for the user we are looking at
if (!function_exists('phpbb_get_user_avatar'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src);
$avatar_img = phpbb_get_user_avatar($user_row);
// OK, they didn't submit a warning so lets build the page for them to do so
$template->assign_vars(array(
'U_POST_ACTION' => $this->u_action,
'RANK_TITLE' => $rank_title,
'JOINED' => $user->format_date($user_row['user_regdate']),
'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0,
'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0,
'USERNAME_FULL' => get_username_string('full', $user_row['user_id'], $user_row['username'], $user_row['user_colour']),
'USERNAME_COLOUR' => get_username_string('colour', $user_row['user_id'], $user_row['username'], $user_row['user_colour']),
'USERNAME' => get_username_string('username', $user_row['user_id'], $user_row['username'], $user_row['user_colour']),
'U_PROFILE' => get_username_string('profile', $user_row['user_id'], $user_row['username'], $user_row['user_colour']),
'AVATAR_IMG' => $avatar_img,
'RANK_IMG' => $rank_img,
'S_CAN_NOTIFY' => $s_can_notify,
));
return $user_id;
}
}
/**
* Insert the warning into the database
*/
function add_warning($user_row, $warning, $send_pm = true, $post_id = 0)
{
global $phpEx, $phpbb_root_path, $config;
global $template, $db, $user, $auth;
if ($send_pm)
{
include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
$user_row['user_lang'] = (file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mcp.$phpEx")) ? $user_row['user_lang'] : $config['default_lang'];
include($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp.$phpEx");
$message_parser = new parse_message();
$message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning);
$message_parser->parse(true, true, true, false, false, true, true);
$pm_data = array(
'from_user_id' => $user->data['user_id'],
'from_user_ip' => $user->ip,
'from_username' => $user->data['username'],
'enable_sig' => false,
'enable_bbcode' => true,
'enable_smilies' => true,
'enable_urls' => false,
'icon_id' => 0,
'bbcode_bitfield' => $message_parser->bbcode_bitfield,
'bbcode_uid' => $message_parser->bbcode_uid,
'message' => $message_parser->message,
'address_list' => array('u' => array($user_row['user_id'] => 'to')),
);
submit_pm('post', $lang['WARNING_PM_SUBJECT'], $pm_data, false);
}
add_log('admin', 'LOG_USER_WARNING', $user_row['username']);
$log_id = add_log('user', $user_row['user_id'], 'LOG_USER_WARNING_BODY', $warning);
$sql_ary = array(
'user_id' => $user_row['user_id'],
'post_id' => $post_id,
'log_id' => $log_id,
'warning_time' => time(),
);
$db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_warnings = user_warnings + 1,
user_last_warning = ' . time() . '
WHERE user_id = ' . $user_row['user_id'];
$db->sql_query($sql);
// We add this to the mod log too for moderators to see that a specific user got warned.
$sql = 'SELECT forum_id, topic_id
FROM ' . POSTS_TABLE . '
WHERE post_id = ' . $post_id;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_USER_WARNING', $user_row['username']);
}