| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: warnings.php 5610 2011-09-19 15:02:52Z Tomm $ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'warnings.php'); 14 15 $templatelist = ''; 16 require_once "./global.php"; 17 require_once MYBB_ROOT."/inc/functions_warnings.php"; 18 require_once MYBB_ROOT."inc/functions_modcp.php"; 19 20 require_once MYBB_ROOT."inc/class_parser.php"; 21 $parser = new postParser; 22 23 $lang->load("warnings"); 24 25 if($mybb->settings['enablewarningsystem'] == 0) 26 { 27 error($lang->error_warning_system_disabled); 28 } 29 30 // Expire old warnings 31 expire_warnings(); 32 33 // Actually warn a user 34 if($mybb->input['action'] == "do_warn" && $mybb->request_method == "post") 35 { 36 // Verify incoming POST request 37 verify_post_check($mybb->input['my_post_key']); 38 39 if($mybb->usergroup['canwarnusers'] != 1) 40 { 41 error_no_permission(); 42 } 43 44 // Check we haven't exceeded the maximum number of warnings per day 45 if($mybb->usergroup['maxwarningsday'] != 0) 46 { 47 $timecut = TIME_NOW-60*60*24; 48 $query = $db->simple_select("warnings", "COUNT(wid) AS given_today", "issuedby='{$mybb->user['uid']}' AND dateline>'$timecut'"); 49 $given_today = $db->fetch_field($query, "given_today"); 50 if($given_today >= $mybb->usergroup['maxwarningsday']) 51 { 52 error($lang->sprintf($lang->reached_max_warnings_day, $mybb->usergroup['maxwarningsday'])); 53 } 54 } 55 56 $user = get_user(intval($mybb->input['uid'])); 57 if(!$user['uid']) 58 { 59 error($lang->error_invalid_user); 60 } 61 62 if($user['uid'] == $mybb->user['uid']) 63 { 64 error($lang->cannot_warn_self); 65 } 66 67 if($user['warningpoints'] >= $mybb->settings['maxwarningpoints']) 68 { 69 error($lang->user_reached_max_warning); 70 } 71 72 $group_permissions = user_permissions($user['uid']); 73 74 if($group_permissions['canreceivewarnings'] != 1) 75 { 76 error($lang->error_cant_warn_group); 77 } 78 79 if(!modcp_can_manage_user($user['uid'])) 80 { 81 error($lang->error_cant_warn_user); 82 } 83 84 // Is this warning being given for a post? 85 if($mybb->input['pid']) 86 { 87 $post = get_post(intval($mybb->input['pid'])); 88 $thread = get_thread($post['tid']); 89 if(!$post['pid'] || !$thread['tid']) 90 { 91 error($lang->error_invalid_post); 92 } 93 $forum_permissions = forum_permissions($thread['fid']); 94 if($forum_permissions['canview'] != 1) 95 { 96 error_no_permission(); 97 } 98 } 99 100 $plugins->run_hooks("warnings_do_warn_start"); 101 102 if(!trim($mybb->input['notes'])) 103 { 104 $warn_errors[] = $lang->error_no_note; 105 } 106 107 // Using a predefined warning type 108 if($mybb->input['type'] != "custom") 109 { 110 $query = $db->simple_select("warningtypes", "*", "tid='".intval($mybb->input['type'])."'"); 111 $warning_type = $db->fetch_array($query); 112 if(!$warning_type['tid']) 113 { 114 $warn_errors[] = $lang->error_invalid_type; 115 } 116 $points = $warning_type['points']; 117 $warning_title = ""; 118 if($warning_type['expirationtime']) 119 { 120 $warning_expires = TIME_NOW+$warning_type['expirationtime']; 121 } 122 } 123 // Issuing a custom warning 124 else 125 { 126 if($mybb->settings['allowcustomwarnings'] == 0) 127 { 128 $warn_errors[] = $lang->error_cant_custom_warn; 129 } 130 else 131 { 132 if(!$mybb->input['custom_reason']) 133 { 134 $warn_errors[] = $lang->error_no_custom_reason; 135 } 136 else 137 { 138 $warning_title = $mybb->input['custom_reason']; 139 } 140 if(!is_numeric($mybb->input['custom_points']) || $mybb->input['custom_points'] > $mybb->settings['maxwarningpoints'] || $mybb->input['custom_points'] < 0) 141 { 142 $warn_errors[] = $lang->sprintf($lang->error_invalid_custom_points, $mybb->settings['maxwarningpoints']); 143 } 144 else 145 { 146 $points = round((int)$mybb->input['custom_points']); 147 } 148 // Build expiry date 149 if($mybb->input['expires']) 150 { 151 $warning_expires = intval($mybb->input['expires']); 152 if($mybb->input['expires_period'] == "hours") 153 { 154 $warning_expires = $warning_expires*3600; 155 } 156 else if($mybb->input['expires_period'] == "days") 157 { 158 $warning_expires = $warning_expires*86400; 159 } 160 else if($mybb->input['expires_period'] == "weeks") 161 { 162 $warning_expires = $warning_expires*604800; 163 } 164 else if($mybb->input['expires_period'] == "months") 165 { 166 $warning_expires = $warning_expires*2592000; 167 } 168 // Add on current time and we're there! 169 if($mybb->input['expires_period'] != "never" && $warning_expires) 170 { 171 $warning_expires += TIME_NOW; 172 } 173 } 174 } 175 } 176 177 if($warning_expires <= TIME_NOW) 178 { 179 $warning_expires = 0; 180 } 181 182 // Are we notifying the user? 183 if(!$warn_errors && $mybb->input['send_pm'] == 1 && $group_permissions['canusepms'] != 0 && $mybb->settings['enablepms'] != 0) 184 { 185 // Bring up the PM handler 186 require_once MYBB_ROOT."inc/datahandlers/pm.php"; 187 $pmhandler = new PMDataHandler(); 188 189 $pm = array( 190 "subject" => $mybb->input['pm_subject'], 191 "message" => $mybb->input['pm_message'], 192 "fromid" => $mybb->user['uid'], 193 "toid" => array($user['uid']) 194 ); 195 196 $pm['options'] = array( 197 "signature" => $mybb->input['pm_options']['signature'], 198 "disablesmilies" => $mybb->input['pm_options']['disablesmilies'], 199 "savecopy" => $mybb->input['pm_options']['savecopy'], 200 "readreceipt" => $mybb->input['pm_options']['readreceipt'] 201 ); 202 203 $pmhandler->set_data($pm); 204 $pmhandler->admin_override = true; 205 206 // Now let the pm handler do all the hard work. 207 if(!$pmhandler->validate_pm()) 208 { 209 $pm_errors = $pmhandler->get_friendly_errors(); 210 if($warn_errors) 211 { 212 $warn_errors = array_merge($warn_errors, $pm_errors); 213 } 214 else 215 { 216 $warn_errors = $pm_errors; 217 } 218 } 219 else 220 { 221 $pminfo = $pmhandler->insert_pm(); 222 } 223 } 224 225 // No errors - save warning to database 226 if(!is_array($warn_errors)) 227 { 228 // Build warning level & ensure it doesn't go over 100. 229 $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 230 $new_warning_level = round(($user['warningpoints']+$points)/$mybb->settings['maxwarningpoints']*100); 231 if($new_warning_level > 100) 232 { 233 $new_warning_level = 100; 234 } 235 236 $new_warning = array( 237 "uid" => $user['uid'], 238 "tid" => intval($warning_type['tid']), 239 "pid" => intval($post['pid']), 240 "title" => $db->escape_string($warning_title), 241 "points" => intval($points), 242 "dateline" => TIME_NOW, 243 "issuedby" => $mybb->user['uid'], 244 "expires" => $warning_expires, 245 "expired" => 0, 246 "revokereason" => '', 247 "notes" => $db->escape_string($mybb->input['notes']) 248 ); 249 $db->insert_query("warnings", $new_warning); 250 251 // Update user 252 $updated_user = array( 253 "warningpoints" => $user['warningpoints']+$points 254 ); 255 256 // Fetch warning level 257 $query = $db->simple_select("warninglevels", "*", "percentage<=$new_warning_level", array("order_by" => "percentage", "order_dir" => "desc")); 258 $new_level = $db->fetch_array($query); 259 260 if($new_level['lid']) 261 { 262 $action = unserialize($new_level['action']); 263 switch($action['type']) 264 { 265 // Ban the user for a specified time 266 case 1: 267 if($action['length'] != 0) 268 { 269 $expiration = TIME_NOW+$action['length']; 270 } 271 // Fetch any previous bans for this user 272 $query = $db->simple_select("banned", "*", "uid='{$user['uid']}' AND gid='{$action['usergroup']}' AND lifted>".TIME_NOW); 273 $existing_ban = $db->fetch_array($query); 274 275 // Only perform if no previous ban or new ban expires later than existing ban 276 if(($expiration > $existing_ban['lifted'] && $existing_ban['lifted'] != 0) || $expiration == 0 || !$existing_ban['uid']) 277 { 278 if(!$warning_title) 279 { 280 $warning_title = $warning_type['title']; 281 } 282 283 // Never lift the ban? 284 if($action['length'] == 0) 285 { 286 $bantime = '---'; 287 } 288 else 289 { 290 $bantimes = fetch_ban_times(); 291 foreach($bantimes as $date => $string) 292 { 293 if($date == '---') 294 { 295 continue; 296 } 297 298 $time = 0; 299 list($day, $month, $year) = explode('-', $date); 300 if($day > 0) 301 { 302 $time += 60*60*24*$day; 303 } 304 305 if($month > 0) 306 { 307 $time += 60*60*24*30*$month; 308 } 309 310 if($year > 0) 311 { 312 $time += 60*60*24*365*$year; 313 } 314 315 if($time == $action['length']) 316 { 317 $bantime = $date; 318 break; 319 } 320 } 321 } 322 323 $new_ban = array( 324 "uid" => intval($user['uid']), 325 "gid" => $db->escape_string($action['usergroup']), 326 "oldgroup" => $db->escape_string($user['usergroup']), 327 "oldadditionalgroups" => $db->escape_string($user['additionalgroups']), 328 "olddisplaygroup" => $db->escape_string($user['displaygroup']), 329 "admin" => $mybb->user['uid'], 330 "dateline" => TIME_NOW, 331 "bantime" => $db->escape_string($bantime), 332 "lifted" => $expiration, 333 "reason" => $db->escape_string($warning_title) 334 ); 335 // Delete old ban for this user, taking details 336 if($existing_ban['uid']) 337 { 338 $db->delete_query("banned", "uid='{$user['uid']}' AND gid='{$action['usergroup']}'"); 339 // Override new ban details with old group info 340 $new_ban['oldgroup'] = $db->escape_string($existing_ban['oldgroup']); 341 $new_ban['oldadditionalgroups'] = $db->escape_string($existing_ban['oldadditionalgroups']); 342 $new_ban['olddisplaygroup'] = $db->escape_string($existing_ban['olddisplaygroup']); 343 } 344 345 $db->insert_query("banned", $new_ban); 346 $updated_user['usergroup'] = $action['usergroup']; 347 $updated_user['additionalgroups'] = $updated_user['displaygroup'] = ""; 348 $ban_length = fetch_friendly_expiration($action['length']); 349 $lang_str = "expiration_".$ban_length['period']; 350 $group_name = $groupscache[$action['usergroup']]['title']; 351 $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str); 352 $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_banned, $group_name, $period); 353 } 354 break; 355 // Suspend posting privileges 356 case 2: 357 if($action['length'] != 0) 358 { 359 $expiration = TIME_NOW+$action['length']; 360 } 361 // Only perform if the expiration time is greater than the users current suspension period 362 if($expiration == 0 || $expiration > $user['suspensiontime']) 363 { 364 if(($user['suspensiontime'] != 0 && $user['suspendposting']) || !$user['suspendposting']) 365 { 366 $updated_user['suspensiontime'] = $expiration; 367 $updated_user['suspendposting'] = 1; 368 $period = fetch_friendly_expiration($action['length']); 369 $lang_str = "expiration_".$period['period']; 370 $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str); 371 $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_suspended, $period); 372 } 373 } 374 break; 375 // Moderate new posts 376 case 3: 377 if($action['length'] != 0) 378 { 379 $expiration = TIME_NOW+$action['length']; 380 } 381 // Only perform if the expiration time is greater than the users current suspension period 382 if($expiration == 0 || $expiration > $user['moderationtime']) 383 { 384 if(($user['moderationtime'] != 0 && $user['moderateposts']) || !$user['suspendposting']) 385 { 386 $updated_user['moderationtime'] = $expiration; 387 $updated_user['moderateposts'] = 1; 388 $period = fetch_friendly_expiration($action['length']); 389 $lang_str = "expiration_".$period['period']; 390 $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str); 391 $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_moderate, $period); 392 } 393 } 394 break; 395 } 396 } 397 398 // Save updated details 399 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 400 $cache->update_moderators(); 401 402 $lang->redirect_warned = $lang->sprintf($lang->redirect_warned, $user['username'], $new_warning_level, $friendly_action); 403 404 if($post['pid']) 405 { 406 redirect(get_post_link($post['pid']), $lang->redirect_warned); 407 } 408 else 409 { 410 redirect(get_profile_link($user['uid']), $lang->redirect_warned); 411 } 412 } 413 414 if($warn_errors) 415 { 416 $warn_errors = inline_error($warn_errors); 417 $mybb->input['action'] = "warn"; 418 } 419 } 420 421 // Warn a user 422 if($mybb->input['action'] == "warn") 423 { 424 if($mybb->usergroup['canwarnusers'] != 1) 425 { 426 error_no_permission(); 427 } 428 429 // Check we haven't exceeded the maximum number of warnings per day 430 if($mybb->usergroup['maxwarningsday'] != 0) 431 { 432 $timecut = TIME_NOW-60*60*24; 433 $query = $db->simple_select("warnings", "COUNT(wid) AS given_today", "issuedby='{$mybb->user['uid']}' AND dateline>'$timecut'"); 434 $given_today = $db->fetch_field($query, "given_today"); 435 if($given_today >= $mybb->usergroup['maxwarningsday']) 436 { 437 error($lang->sprintf($lang->reached_max_warnings_day, $mybb->usergroup['maxwarningsday'])); 438 } 439 } 440 441 $user = get_user(intval($mybb->input['uid'])); 442 if(!$user['uid']) 443 { 444 error($lang->error_invalid_user); 445 } 446 447 if($user['uid'] == $mybb->user['uid']) 448 { 449 error($lang->cannot_warn_self); 450 } 451 452 if($user['warningpoints'] >= $mybb->settings['maxwarningpoints']) 453 { 454 error($lang->user_reached_max_warning); 455 } 456 457 $group_permissions = user_permissions($user['uid']); 458 459 if($group_permissions['canreceivewarnings'] != 1) 460 { 461 error($lang->error_cant_warn_group); 462 } 463 464 if(!modcp_can_manage_user($user['uid'])) 465 { 466 error($lang->error_cant_warn_user); 467 } 468 469 // Giving a warning for a specific post 470 if($mybb->input['pid']) 471 { 472 $post = get_post(intval($mybb->input['pid'])); 473 $thread = get_thread($post['tid']); 474 if(!$post['pid'] || !$thread['tid']) 475 { 476 error($lang->error_invalid_post); 477 } 478 $forum_permissions = forum_permissions($thread['fid']); 479 if($forum_permissions['canview'] != 1) 480 { 481 error_no_permission(); 482 } 483 $post['subject'] = $parser->parse_badwords($post['subject']); 484 $post['subject'] = htmlspecialchars_uni($post['subject']); 485 $post_link = get_post_link($post['pid']); 486 eval("\$post = \"".$templates->get("warnings_warn_post")."\";"); 487 488 // Fetch any existing warnings issued for this post 489 $query = $db->query(" 490 SELECT w.*, t.title AS type_title, u.username 491 FROM ".TABLE_PREFIX."warnings w 492 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 493 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 494 WHERE w.pid='{$mybb->input['pid']}' 495 ORDER BY w.expired ASC, w.dateline DESC 496 "); 497 $first = true; 498 while($warning = $db->fetch_array($query)) 499 { 500 if($warning['expired'] != $last_expired || $first) 501 { 502 if($warning['expired'] == 0) 503 { 504 eval("\$warnings .= \"".$templates->get("warnings_active_header")."\";"); 505 } 506 else 507 { 508 eval("\$warnings .= \"".$templates->get("warnings_expired_header")."\";"); 509 } 510 } 511 $last_expired = $warning['expired']; 512 $first = false; 513 514 $post_link = ""; 515 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 516 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 517 if($warning['type_title']) 518 { 519 $warning_type = $warning['type_title']; 520 } 521 else 522 { 523 $warning_type = $warning['title']; 524 } 525 $warning_type = htmlspecialchars_uni($warning_type); 526 if($warning['points'] > 0) 527 { 528 $warning['points'] = "+{$warning['points']}"; 529 } 530 $points = $lang->sprintf($lang->warning_points, $warning['points']); 531 if($warning['expired'] != 1) 532 { 533 if($warning['expires'] == 0) 534 { 535 $expires = $lang->never; 536 } 537 else 538 { 539 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 540 } 541 } 542 else 543 { 544 if($warning['daterevoked']) 545 { 546 $expires = $lang->warning_revoked; 547 } 548 else if($warning['expires']) 549 { 550 $expires = $lang->already_expired; 551 } 552 } 553 $alt_bg = alt_trow(); 554 $plugins->run_hooks("warnings_warning"); 555 eval("\$warnings .= \"".$templates->get("warnings_warning")."\";"); 556 } 557 if($warnings) 558 { 559 eval("\$existing_warnings = \"".$templates->get("warnings_warn_existing")."\";"); 560 } 561 } 562 563 $plugins->run_hooks("warnings_warn_start"); 564 565 // Coming here from failed do_warn? 566 if($warn_errors) 567 { 568 $notes = htmlspecialchars_uni($mybb->input['notes']); 569 $type_checked[$mybb->input['type']] = "checked=\"checked\""; 570 $pm_subject = htmlspecialchars_uni($mybb->input['pm_subject']); 571 $message = htmlspecialchars_uni($mybb->input['pm_message']); 572 if($mybb->input['send_pm']) 573 { 574 $send_pm_checked = "checked=\"checked\""; 575 } 576 $custom_reason = htmlspecialchars_uni($mybb->input['custom_reason']); 577 $custom_points = intval($mybb->input['custom_points']); 578 $expires = intval($mybb->input['expires']); 579 $expires_period[$mybb->input['expires_period']] = "selected=\"selected\""; 580 } 581 else 582 { 583 $notes = $custom_reason = $custom_points = $expires = ''; 584 $expires = 1; 585 $custom_points = 2; 586 $pm_subject = $lang->warning_pm_subject; 587 $message = $lang->sprintf($lang->warning_pm_message, $user['username'], $mybb->settings['bbname']); 588 } 589 590 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 591 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 592 add_breadcrumb($lang->nav_add_warning); 593 594 $user_link = build_profile_link($user['username'], $user['uid']); 595 596 $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 597 598 // Fetch warning levels 599 $levels = array(); 600 $query = $db->simple_select("warninglevels", "*"); 601 while($level = $db->fetch_array($query)) 602 { 603 $level['action'] = unserialize($level['action']); 604 switch($level['action']['type']) 605 { 606 case 1: 607 if($level['action']['length'] > 0) 608 { 609 $ban_length = fetch_friendly_expiration($level['action']['length']); 610 $lang_str = "expiration_".$ban_length['period']; 611 $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str); 612 } 613 $group_name = $groupscache[$level['action']['usergroup']]['title']; 614 $level['friendly_action'] = $lang->sprintf($lang->result_banned, $group_name, $period); 615 break; 616 case 2: 617 if($level['action']['length'] > 0) 618 { 619 $period = fetch_friendly_expiration($level['action']['length']); 620 $lang_str = "expiration_".$period['period']; 621 $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str); 622 } 623 $level['friendly_action'] = $lang->sprintf($lang->result_suspended, $period); 624 break; 625 case 3: 626 if($level['action']['length'] > 0) 627 { 628 $period = fetch_friendly_expiration($level['action']['length']); 629 $lang_str = "expiration_".$period['period']; 630 $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str); 631 } 632 $level['friendly_action'] = $lang->sprintf($lang->result_moderated, $period); 633 break; 634 } 635 $levels[$level['percentage']] = $level; 636 } 637 krsort($levels); 638 639 // Fetch all current warning types 640 $query = $db->simple_select("warningtypes", "*", "", array("order_by" => "title")); 641 while($type = $db->fetch_array($query)) 642 { 643 $checked = $type_checked[$type['tid']]; 644 $type['title'] = htmlspecialchars_uni($type['title']); 645 $new_warning_level = round(($user['warningpoints']+$type['points'])/$mybb->settings['maxwarningpoints']*100); 646 if($new_warning_level > 100) 647 { 648 $new_warning_level = 100; 649 } 650 if($type['points'] > 0) 651 { 652 $type['points'] = "+{$type['points']}"; 653 } 654 $points = $lang->sprintf($lang->warning_points, $type['points']); 655 656 if(is_array($levels)) 657 { 658 foreach($levels as $level) 659 { 660 if($new_warning_level >= $level['percentage']) 661 { 662 $new_level = $level; 663 break; 664 } 665 } 666 } 667 $level_diff = $new_warning_level-$current_level; 668 if($new_level['friendly_action']) 669 { 670 $result = "<div class=\"smalltext\" style=\"clear: left; padding-top: 4px;\">{$lang->result}<br />".$new_level['friendly_action']."</div>"; 671 } 672 eval("\$types .= \"".$templates->get("warnings_warn_type")."\";"); 673 unset($new_level); 674 unset($result); 675 } 676 677 if($mybb->settings['allowcustomwarnings'] != 0) 678 { 679 eval("\$custom_warning = \"".$templates->get("warnings_warn_custom")."\";"); 680 } 681 682 if($group_permissions['canusepms'] != 0 && $mybb->user['receivepms'] != 0 && $mybb->settings['enablepms'] != 0) 683 { 684 $smilieinserter = $codebuttons = ""; 685 686 if($mybb->settings['bbcodeinserter'] != 0 && $mybb->settings['pmsallowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 687 { 688 $codebuttons = build_mycode_inserter(); 689 if($mybb->settings['pmsallowsmilies'] != 0) 690 { 691 $smilieinserter = build_clickable_smilies(); 692 } 693 } 694 eval("\$pm_notify = \"".$templates->get("warnings_warn_pm")."\";"); 695 } 696 697 $plugins->run_hooks("warnings_warn_end"); 698 699 eval("\$warn = \"".$templates->get("warnings_warn")."\";"); 700 output_page($warn); 701 exit; 702 } 703 704 // Revoke a warning 705 if($mybb->input['action'] == "do_revoke" && $mybb->request_method == "post") 706 { 707 // Verify incoming POST request 708 verify_post_check($mybb->input['my_post_key']); 709 710 if($mybb->usergroup['canwarnusers'] != 1) 711 { 712 error_no_permission(); 713 } 714 715 $query = $db->simple_select("warnings", "*", "wid='".intval($mybb->input['wid'])."'"); 716 $warning = $db->fetch_array($query); 717 718 if(!$warning['wid']) 719 { 720 error($lang->error_invalid_warning); 721 } 722 else if($warning['daterevoked']) 723 { 724 error($lang->warning_already_revoked); 725 } 726 727 $user = get_user($warning['uid']); 728 729 $group_permissions = user_permissions($user['uid']); 730 if($group_permissions['canreceivewarnings'] != 1) 731 { 732 error($lang->error_cant_warn_group); 733 } 734 735 $plugins->run_hooks("warnings_do_revoke_start"); 736 737 if(!trim($mybb->input['reason'])) 738 { 739 $warn_errors[] = $lang->no_revoke_reason; 740 $warn_errors = inline_error($warn_errors); 741 $mybb->input['action'] = "view"; 742 } 743 else 744 { 745 // Warning is still active, lower users point count 746 if($warning['expired'] != 1) 747 { 748 $new_warning_points = $user['warningpoints']-$warning['points']; 749 if($new_warning_points < 0) 750 { 751 $new_warning_points = 0; 752 } 753 754 $updated_user = array( 755 "warningpoints" => $new_warning_points 756 ); 757 758 759 // check if we need to revoke any consequences with this warning 760 $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 761 $new_warning_level = round($new_warning_points/$mybb->settings['maxwarningpoints']*100); 762 $query = $db->simple_select("warninglevels", "action", "percentage>$new_warning_level AND percentage<=$current_level"); 763 if($db->num_rows($query)) 764 { 765 // we have some warning levels we need to revoke 766 $max_expiration_times = $check_levels = array(); 767 find_warnlevels_to_check($query, $max_expiration_times, $check_levels); 768 769 // now check warning levels already applied to this user to see if we need to lower any expiration times 770 $query = $db->simple_select("warninglevels", "action", "percentage<=$new_warning_level"); 771 $lower_expiration_times = $lower_levels = array(); 772 find_warnlevels_to_check($query, $lower_expiration_times, $lower_levels); 773 774 // now that we've got all the info, do necessary stuff 775 for($i = 1; $i <= 3; ++$i) 776 { 777 if($check_levels[$i]) 778 { 779 switch($i) 780 { 781 case 1: // Ban 782 // we'll have to resort to letting the admin/mod remove the ban manually, since there's an issue if stacked bans are in force... 783 continue; 784 case 2: // Revoke posting 785 $current_expiry_field = 'suspensiontime'; 786 $current_inforce_field = 'suspendposting'; 787 break; 788 case 3: 789 $current_expiry_field = 'moderationtime'; 790 $current_inforce_field = 'moderateposts'; 791 break; 792 } 793 794 // if the thing isn't in force, don't bother with trying to update anything 795 if(!$user[$current_inforce_field]) 796 { 797 continue; 798 } 799 800 if($lower_levels[$i]) 801 { 802 // lessen the expiration time if necessary 803 804 if(!$lower_expiration_times[$i]) 805 { 806 // doesn't expire - enforce this 807 $updated_user[$current_expiry_field] = 0; 808 continue; 809 } 810 811 if($max_expiration_times[$i]) 812 { 813 // if the old level did have an expiry time... 814 if($max_expiration_times[$i] <= $lower_expiration_times[$i]) 815 { 816 // if the lower expiration time is actually higher than the upper expiration time -> skip 817 continue; 818 } 819 // both new and old max expiry times aren't infinite, so we can take a difference 820 $expire_offset = ($lower_expiration_times[$i] - $max_expiration_times[$i]); 821 } 822 else 823 { 824 // the old level never expired, not much we can do but try to estimate a new expiry time... which will just happen to be starting from today... 825 $expire_offset = TIME_NOW + $lower_expiration_times[$i]; 826 // if the user's expiry time is already less than what we're going to set it to, skip 827 if($user[$current_expiry_field] <= $expire_offset) 828 { 829 continue; 830 } 831 } 832 833 $updated_user[$current_expiry_field] = $user[$current_expiry_field] + $expire_offset; 834 // double-check if it's expired already 835 if($updated_user[$current_expiry_field] < TIME_NOW) 836 { 837 $updated_user[$current_expiry_field] = 0; 838 $updated_user[$current_inforce_field] = 0; 839 } 840 } 841 else 842 { 843 // there's no lower level for this type - remove the consequence entirely 844 $updated_user[$current_expiry_field] = 0; 845 $updated_user[$current_inforce_field] = 0; 846 } 847 } 848 } 849 } 850 851 852 // Update user 853 $db->update_query("users", $updated_user, "uid='{$warning['uid']}'"); 854 } 855 856 // Update warning 857 $updated_warning = array( 858 "expired" => 1, 859 "daterevoked" => TIME_NOW, 860 "revokedby" => $mybb->user['uid'], 861 "revokereason" => $db->escape_string($mybb->input['reason']) 862 ); 863 $db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'"); 864 865 redirect("warnings.php?action=view&wid={$warning['wid']}", $lang->redirect_warning_revoked); 866 } 867 } 868 869 // Detailed view of a warning 870 if($mybb->input['action'] == "view") 871 { 872 if($mybb->usergroup['canwarnusers'] != 1) 873 { 874 error_no_permission(); 875 } 876 877 $query = $db->query(" 878 SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject 879 FROM ".TABLE_PREFIX."warnings w 880 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 881 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 882 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid) 883 WHERE w.wid='".intval($mybb->input['wid'])."' 884 "); 885 $warning = $db->fetch_array($query); 886 887 if(!$warning['wid']) 888 { 889 error($lang->error_invalid_warning); 890 } 891 892 $user = get_user(intval($warning['uid'])); 893 if(!$user['username']) 894 { 895 $user['username'] = $lang->guest; 896 } 897 898 $group_permissions = user_permissions($user['uid']); 899 if($group_permissions['canreceivewarnings'] != 1) 900 { 901 error($lang->error_cant_warn_group); 902 } 903 904 $plugins->run_hooks("warnings_view_start"); 905 906 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 907 if($user['uid']) 908 { 909 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 910 add_breadcrumb($lang->nav_warning_log, "warnings.php?uid={$user['uid']}"); 911 } 912 else 913 { 914 add_breadcrumb($lang->nav_profile); 915 add_breadcrumb($lang->nav_warning_log); 916 } 917 add_breadcrumb($lang->nav_view_warning); 918 919 $user_link = build_profile_link($user['username'], $user['uid']); 920 921 $post_link = ""; 922 if($warning['post_subject']) 923 { 924 $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); 925 $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); 926 $post_link = get_post_link($warning['pid'])."#pid{$warning['pid']}"; 927 eval("\$warning_info = \"".$templates->get("warnings_view_post")."\";"); 928 } 929 else 930 { 931 eval("\$warning_info = \"".$templates->get("warnings_view_user")."\";"); 932 } 933 934 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 935 $notes = nl2br(htmlspecialchars_uni($warning['notes'])); 936 937 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 938 if($warning['type_title']) 939 { 940 $warning_type = $warning['type_title']; 941 } 942 else 943 { 944 $warning_type = $warning['title']; 945 } 946 $warning_type = htmlspecialchars_uni($warning_type); 947 if($warning['points'] > 0) 948 { 949 $warning['points'] = "+{$warning['points']}"; 950 } 951 952 $revoked_date = ''; 953 954 $points = $lang->sprintf($lang->warning_points, $warning['points']); 955 if($warning['expired'] != 1) 956 { 957 if($warning['expires'] == 0) 958 { 959 $expires = $lang->never; 960 } 961 else 962 { 963 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 964 } 965 $status = $lang->warning_active; 966 } 967 else 968 { 969 if($warning['daterevoked']) 970 { 971 $expires = $status = $lang->warning_revoked; 972 } 973 else if($warning['expires']) 974 { 975 $revoked_date = '('.my_date($mybb->settings['dateformat'], $warning['expires']).' '.my_date($mybb->settings['timeformat'], $warning['expires']).')'; 976 $expires = $status = $lang->already_expired; 977 } 978 } 979 980 if(!$warning['daterevoked']) 981 { 982 eval("\$revoke = \"".$templates->get("warnings_view_revoke")."\";"); 983 } 984 else 985 { 986 $date_revoked = my_date($mybb->settings['dateformat'], $warning['daterevoked']).", ".my_date($mybb->settings['timeformat'], $warning['daterevoked']); 987 $revoked_user = get_user($warning['revokedby']); 988 if(!$revoked_user['username']) 989 { 990 $revoked_user['username'] = $lang->guest; 991 } 992 $revoked_by = build_profile_link($revoked_user['username'], $revoked_user['uid']); 993 $revoke_reason = nl2br(htmlspecialchars_uni($warning['revokereason'])); 994 eval("\$revoke = \"".$templates->get("warnings_view_revoked")."\";"); 995 } 996 997 $plugins->run_hooks("warnings_view_end"); 998 999 eval("\$warning = \"".$templates->get("warnings_view")."\";"); 1000 output_page($warning); 1001 } 1002 1003 // Showing list of warnings for a particular user 1004 if(!$mybb->input['action']) 1005 { 1006 if($mybb->usergroup['canwarnusers'] != 1) 1007 { 1008 error_no_permission(); 1009 } 1010 1011 $user = get_user(intval($mybb->input['uid'])); 1012 if(!$user['uid']) 1013 { 1014 error($lang->error_invalid_user); 1015 } 1016 $group_permissions = user_permissions($user['uid']); 1017 if($group_permissions['canreceivewarnings'] != 1) 1018 { 1019 error($lang->error_cant_warn_group); 1020 } 1021 1022 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 1023 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 1024 add_breadcrumb($lang->nav_warning_log); 1025 1026 if(!$mybb->settings['postsperpage']) 1027 { 1028 $mybb->settings['postperpage'] = 20; 1029 } 1030 1031 // Figure out if we need to display multiple pages. 1032 $perpage = $mybb->settings['postsperpage']; 1033 $page = intval($mybb->input['page']); 1034 1035 $query = $db->simple_select("warnings", "COUNT(wid) AS warning_count", "uid='{$user['uid']}'"); 1036 $warning_count = $db->fetch_field($query, "warning_count"); 1037 1038 $pages = ceil($warning_count/$perpage); 1039 1040 if($page > $pages || $page <= 0) 1041 { 1042 $page = 1; 1043 } 1044 if($page) 1045 { 1046 $start = ($page-1) * $perpage; 1047 } 1048 else 1049 { 1050 $start = 0; 1051 $page = 1; 1052 } 1053 1054 $multipage = multipage($warning_count, $perpage, $page, "warnings.php?uid={$user['uid']}"); 1055 1056 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1057 if($warning_level > 100) 1058 { 1059 $warning_level = 100; 1060 } 1061 1062 if($user['warningpoints'] > $mybb->settings['maxwarningpoints']) 1063 { 1064 $user['warningpoints'] = $mybb->settings['maxwarningpoints']; 1065 } 1066 1067 if($warning_level > 0) 1068 { 1069 $lang->current_warning_level = $lang->sprintf($lang->current_warning_level, $warning_level, $user['warningpoints'], $mybb->settings['maxwarningpoints']); 1070 } 1071 else 1072 { 1073 $lang->current_warning_level = ""; 1074 } 1075 1076 // Fetch the actual warnings 1077 $query = $db->query(" 1078 SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject 1079 FROM ".TABLE_PREFIX."warnings w 1080 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 1081 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 1082 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid) 1083 WHERE w.uid='{$user['uid']}' 1084 ORDER BY w.expired ASC, w.dateline DESC 1085 LIMIT {$start}, {$perpage} 1086 "); 1087 $first = true; 1088 while($warning = $db->fetch_array($query)) 1089 { 1090 if($warning['expired'] != $last_expired || $first) 1091 { 1092 if($warning['expired'] == 0) 1093 { 1094 eval("\$warnings .= \"".$templates->get("warnings_active_header")."\";"); 1095 } 1096 else 1097 { 1098 eval("\$warnings .= \"".$templates->get("warnings_expired_header")."\";"); 1099 } 1100 } 1101 $last_expired = $warning['expired']; 1102 $first = false; 1103 1104 $post_link = ""; 1105 if($warning['post_subject']) 1106 { 1107 $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); 1108 $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); 1109 $post_link = "<br /><small>{$lang->warning_for_post} <a href=\"".get_post_link($warning['pid'])."#pid{$warning['pid']}\">{$warning['post_subject']}</a></small>"; 1110 } 1111 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 1112 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 1113 if($warning['type_title']) 1114 { 1115 $warning_type = $warning['type_title']; 1116 } 1117 else 1118 { 1119 $warning_type = $warning['title']; 1120 } 1121 $warning_type = htmlspecialchars_uni($warning_type); 1122 if($warning['points'] > 0) 1123 { 1124 $warning['points'] = "+{$warning['points']}"; 1125 } 1126 $points = $lang->sprintf($lang->warning_points, $warning['points']); 1127 if($warning['expired'] != 1) 1128 { 1129 if($warning['expires'] == 0) 1130 { 1131 $expires = $lang->never; 1132 } 1133 else 1134 { 1135 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 1136 } 1137 } 1138 else 1139 { 1140 if($warning['daterevoked']) 1141 { 1142 $expires = $lang->warning_revoked; 1143 } 1144 else if($warning['expires']) 1145 { 1146 $expires = $lang->already_expired; 1147 } 1148 } 1149 $alt_bg = alt_trow(); 1150 $plugins->run_hooks("warnings_warning"); 1151 eval("\$warnings .= \"".$templates->get("warnings_warning")."\";"); 1152 } 1153 1154 if(!$warnings) 1155 { 1156 eval("\$warnings = \"".$templates->get("warnings_no_warnings")."\";"); 1157 } 1158 1159 $plugins->run_hooks("warnings_end"); 1160 1161 eval("\$warnings = \"".$templates->get("warnings")."\";"); 1162 output_page($warnings); 1163 } 1164 1165 1166 1167 function find_warnlevels_to_check(&$query, &$max_expiration_times, &$check_levels) 1168 { 1169 global $db; 1170 // we have some warning levels we need to revoke 1171 $max_expiration_times = array( 1172 1 => -1, // Ban 1173 2 => -1, // Revoke posting 1174 3 => -1 // Moderate posting 1175 ); 1176 $check_levels = array( 1177 1 => false, // Ban 1178 2 => false, // Revoke posting 1179 3 => false // Moderate posting 1180 ); 1181 while($warn_level = $db->fetch_array($query)) 1182 { 1183 // revoke actions taken at this warning level 1184 $action = unserialize($warn_level['action']); 1185 if($action['type'] < 1 || $action['type'] > 3) // prevent any freak-ish cases 1186 { 1187 continue; 1188 } 1189 1190 $check_levels[$action['type']] = true; 1191 1192 $max_exp_time = &$max_expiration_times[$action['type']]; 1193 if($action['length'] && $max_exp_time != 0) 1194 { 1195 $expiration = $action['length']; 1196 if($expiration > $max_exp_time) 1197 { 1198 $max_exp_time = $expiration; 1199 } 1200 } 1201 else 1202 { 1203 $max_exp_time = 0; 1204 } 1205 } 1206 } 1207 1208 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Jan 1 10:49:49 2012 | Cross-referenced by PHPXref 0.7.1 |