load("modcp"); $lang->load("announcements"); if($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) { error_no_permission(); } if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20; } $tflist = $flist = $tflist_queue_threads = $flist_queue_threads = $tflist_queue_posts = $flist_queue_posts = $tflist_queue_attach = $flist_queue_attach = $wflist_reports = $tflist_reports = $flist_reports = $tflist_modlog = $flist_modlog = $errors = ''; // SQL for fetching items only related to forums this user moderates $moderated_forums = array(); if($mybb->usergroup['issupermod'] != 1) { $query = $db->simple_select("moderators", "*", "(id='{$mybb->user['uid']}' AND isgroup = '0') OR (id='{$mybb->user['usergroup']}' AND isgroup = '1')"); $numannouncements = $nummodqueuethreads = $nummodqueueposts = $nummodqueueattach = $numreportedposts = $nummodlogs = 0; while($forum = $db->fetch_array($query)) { // For Announcements if($forum['canmanageannouncements'] == 1) { ++$numannouncements; } // For the Mod Queues if($forum['canapproveunapprovethreads'] == 1) { $flist_queue_threads .= ",'{$forum['fid']}'"; $children = get_child_list($forum['fid']); if(!empty($children)) { $flist_queue_threads .= ",'".implode("','", $children)."'"; } ++$nummodqueuethreads; } if($forum['canapproveunapproveposts'] == 1) { $flist_queue_posts .= ",'{$forum['fid']}'"; $children = get_child_list($forum['fid']); if(!empty($children)) { $flist_queue_posts .= ",'".implode("','", $children)."'"; } ++$nummodqueueposts; } if($forum['canapproveunapproveattachs'] == 1) { $flist_queue_attach .= ",'{$forum['fid']}'"; $children = get_child_list($forum['fid']); if(!empty($children)) { $flist_queue_attach .= ",'".implode("','", $children)."'"; } ++$nummodqueueattach; } // For Reported posts if($forum['canmanagereportedposts'] == 1) { $flist_reports .= ",'{$forum['fid']}'"; $children = get_child_list($forum['fid']); if(!empty($children)) { $flist_reports .= ",'".implode("','", $children)."'"; } ++$numreportedposts; } // For the Mod Log if($forum['canviewmodlog'] == 1) { $flist_modlog .= ",'{$forum['fid']}'"; $children = get_child_list($forum['fid']); if(!empty($children)) { $flist_modlog .= ",'".implode("','", $children)."'"; } ++$nummodlogs; } $flist .= ",'{$forum['fid']}'"; $children = get_child_list($forum['fid']); if(!empty($children)) { $flist .= ",'".implode("','", $children)."'"; } $moderated_forums[] = $forum['fid']; } if($flist_queue_threads) { $tflist_queue_threads = " AND t.fid IN (0{$flist_queue_threads})"; $flist_queue_threads = " AND fid IN (0{$flist_queue_threads})"; } if($flist_queue_posts) { $tflist_queue_posts = " AND t.fid IN (0{$flist_queue_posts})"; $flist_queue_posts = " AND fid IN (0{$flist_queue_posts})"; } if($flist_queue_attach) { $tflist_queue_attach = " AND t.fid IN (0{$flist_queue_attach})"; $flist_queue_attach = " AND fid IN (0{$flist_queue_attach})"; } if($flist_reports) { $wflist_reports = "WHERE r.id3 IN (0{$flist_reports})"; $tflist_reports = " AND r.id3 IN (0{$flist_reports})"; $flist_reports = " AND id3 IN (0{$flist_reports})"; } if($flist_modlog) { $tflist_modlog = " AND t.fid IN (0{$flist_modlog})"; $flist_modlog = " AND fid IN (0{$flist_modlog})"; } if($flist) { $tflist = " AND t.fid IN (0{$flist})"; $flist = " AND fid IN (0{$flist})"; } } // Retrieve a list of unviewable forums $unviewableforums = get_unviewable_forums(); $inactiveforums = get_inactive_forums(); $unviewablefids1 = $unviewablefids2 = array(); if($unviewableforums) { $flist .= " AND fid NOT IN ({$unviewableforums})"; $tflist .= " AND t.fid NOT IN ({$unviewableforums})"; $unviewablefids1 = explode(',', $unviewableforums); } if($inactiveforums) { $flist .= " AND fid NOT IN ({$inactiveforums})"; $tflist .= " AND t.fid NOT IN ({$inactiveforums})"; $unviewablefids2 = explode(',', $inactiveforums); } $unviewableforums = array_merge($unviewablefids1, $unviewablefids2); if(!isset($collapsedimg['modcpforums'])) { $collapsedimg['modcpforums'] = ''; } if(!isset($collapsed['modcpforums_e'])) { $collapsed['modcpforums_e'] = ''; } if(!isset($collapsedimg['modcpusers'])) { $collapsedimg['modcpusers'] = ''; } if(!isset($collapsed['modcpusers_e'])) { $collapsed['modcpusers_e'] = ''; } // Fetch the Mod CP menu $nav_announcements = $nav_modqueue = $nav_reportcenter = $nav_modlogs = $nav_editprofile = $nav_banning = $nav_warninglogs = $nav_ipsearch = $nav_forums_posts = $modcp_nav_users = ''; if(($numannouncements > 0 || $mybb->usergroup['issupermod'] == 1) && $mybb->usergroup['canmanageannounce'] == 1) { eval("\$nav_announcements = \"".$templates->get("modcp_nav_announcements")."\";"); } if(($nummodqueuethreads > 0 || $nummodqueueposts > 0 || $nummodqueueattach > 0 || $mybb->usergroup['issupermod'] == 1) && $mybb->usergroup['canmanagemodqueue'] == 1) { eval("\$nav_modqueue = \"".$templates->get("modcp_nav_modqueue")."\";"); } if(($numreportedposts > 0 || $mybb->usergroup['issupermod'] == 1) && $mybb->usergroup['canmanagereportedcontent'] == 1) { eval("\$nav_reportcenter = \"".$templates->get("modcp_nav_reportcenter")."\";"); } if(($nummodlogs > 0 || $mybb->usergroup['issupermod'] == 1) && $mybb->usergroup['canviewmodlogs'] == 1) { eval("\$nav_modlogs = \"".$templates->get("modcp_nav_modlogs")."\";"); } if($mybb->usergroup['caneditprofiles'] == 1) { eval("\$nav_editprofile = \"".$templates->get("modcp_nav_editprofile")."\";"); } if($mybb->usergroup['canbanusers'] == 1) { eval("\$nav_banning = \"".$templates->get("modcp_nav_banning")."\";"); } if($mybb->usergroup['canviewwarnlogs'] == 1) { eval("\$nav_warninglogs = \"".$templates->get("modcp_nav_warninglogs")."\";"); } if($mybb->usergroup['canuseipsearch'] == 1) { eval("\$nav_ipsearch = \"".$templates->get("modcp_nav_ipsearch")."\";"); } $plugins->run_hooks("modcp_nav"); if(!empty($nav_announcements) || !empty($nav_modqueue) || !empty($nav_reportcenter) || !empty($nav_modlogs)) { eval("\$modcp_nav_forums_posts = \"".$templates->get("modcp_nav_forums_posts")."\";"); } if(!empty($nav_editprofile) || !empty($nav_banning) || !empty($nav_warninglogs) || !empty($nav_ipsearch)) { eval("\$modcp_nav_users = \"".$templates->get("modcp_nav_users")."\";"); } eval("\$modcp_nav = \"".$templates->get("modcp_nav")."\";"); $plugins->run_hooks("modcp_start"); // Make navigation add_breadcrumb($lang->nav_modcp, "modcp.php"); $mybb->input['action'] = $mybb->get_input('action'); if($mybb->input['action'] == "do_reports") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $mybb->input['reports'] = $mybb->get_input('reports', MyBB::INPUT_ARRAY); if(empty($mybb->input['reports'])) { error($lang->error_noselected_reports); } $sql = '1=1'; if(empty($mybb->input['allbox'])) { $mybb->input['reports'] = array_map("intval", $mybb->input['reports']); $rids = implode("','", $mybb->input['reports']); $sql = "rid IN ('0','{$rids}')"; } $plugins->run_hooks("modcp_do_reports"); $db->update_query("reportedcontent", array('reportstatus' => 1), "{$sql}{$flist_reports}"); $cache->update_reportedcontent(); $page = $mybb->get_input('page', MyBB::INPUT_INT); redirect("modcp.php?action=reports&page={$page}", $lang->redirect_reportsmarked); } if($mybb->input['action'] == "reports") { if($mybb->usergroup['canmanagereportedcontent'] == 0) { error_no_permission(); } if($numreportedposts == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_view_reported_posts); } $lang->load('report'); add_breadcrumb($lang->mcp_nav_report_center, "modcp.php?action=reports"); $perpage = $mybb->settings['threadsperpage']; if(!$perpage) { $perpage = 20; } // Multipage if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod']) { $query = $db->simple_select("reportedcontent", "COUNT(rid) AS count", "reportstatus ='0'"); $report_count = $db->fetch_field($query, "count"); } else { $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')"); $report_count = 0; while($fid = $db->fetch_field($query, 'id3')) { if(is_moderator($fid, "canmanagereportedposts")) { ++$report_count; } } unset($fid); } $page = $mybb->get_input('page', MyBB::INPUT_INT); $postcount = (int)$report_count; $pages = $postcount / $perpage; $pages = ceil($pages); if($page > $pages || $page <= 0) { $page = 1; } if($page && $page > 0) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $multipage = $reportspages = ''; if($postcount > $perpage) { $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=reports"); eval("\$reportspages = \"".$templates->get("modcp_reports_multipage")."\";"); } $plugins->run_hooks("modcp_reports_start"); // Reports $reports = ''; $query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."reportedcontent r LEFT JOIN ".TABLE_PREFIX."users u ON (r.uid = u.uid) WHERE r.reportstatus = '0'{$tflist_reports} ORDER BY r.reports DESC LIMIT {$start}, {$perpage} "); if(!$db->num_rows($query)) { // No unread reports eval("\$reports = \"".$templates->get("modcp_reports_noreports")."\";"); } else { $reportedcontent = $cache->read("reportedcontent"); $reportcache = $usercache = $postcache = array(); while($report = $db->fetch_array($query)) { if($report['type'] == 'profile' || $report['type'] == 'reputation') { // Profile UID is in ID if(!isset($usercache[$report['id']])) { $usercache[$report['id']] = $report['id']; } // Reputation comment? The offender is the ID2 if($report['type'] == 'reputation') { if(!isset($usercache[$report['id2']])) { $usercache[$report['id2']] = $report['id2']; } if(!isset($usercache[$report['id3']])) { // The user who was offended $usercache[$report['id3']] = $report['id3']; } } } else if(!$report['type'] || $report['type'] == 'post') { // This (should) be a post $postcache[$report['id']] = $report['id']; } // Lastpost info - is it missing (pre-1.8)? $lastposter = $report['uid']; if(!$report['lastreport']) { // Last reporter is our first reporter $report['lastreport'] = $report['dateline']; } if($report['reporters']) { $reporters = my_unserialize($report['reporters']); if(is_array($reporters)) { $lastposter = end($reporters); } } if(!isset($usercache[$lastposter])) { $usercache[$lastposter] = $lastposter; } $report['lastreporter'] = $lastposter; $reportcache[] = $report; } // Report Center gets messy // Find information about our users (because we don't log it when they file a report) if(!empty($usercache)) { $sql = implode(',', array_keys($usercache)); $query = $db->simple_select("users", "uid, username", "uid IN ({$sql})"); while($user = $db->fetch_array($query)) { $usercache[$user['uid']] = $user; } } // Messy * 2 // Find out post information for our reported posts if(!empty($postcache)) { $sql = implode(',', array_keys($postcache)); $query = $db->query(" SELECT p.pid, p.uid, p.username, p.tid, t.subject FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (p.tid = t.tid) WHERE p.pid IN ({$sql}) "); while($post = $db->fetch_array($query)) { $postcache[$post['pid']] = $post; } } $plugins->run_hooks('modcp_reports_intermediate'); // Now that we have all of the information needed, display the reports foreach($reportcache as $report) { $trow = alt_trow(); if(!$report['type']) { // Assume a post $report['type'] = 'post'; } // Report Information $report_data = array(); switch($report['type']) { case 'post': $post = get_post_link($report['id'])."#pid{$report['id']}"; $user = build_profile_link($postcache[$report['id']]['username'], $postcache[$report['id']]['uid']); $report_data['content'] = $lang->sprintf($lang->report_info_post, $post, $user); $thread_link = get_thread_link($postcache[$report['id']]['tid']); $thread_subject = htmlspecialchars_uni($postcache[$report['id']]['subject']); $report_data['content'] .= $lang->sprintf($lang->report_info_post_thread, $thread_link, $thread_subject); break; case 'profile': $user = build_profile_link($usercache[$report['id']]['username'], $usercache[$report['id']]['uid']); $report_data['content'] = $lang->sprintf($lang->report_info_profile, $user); break; case 'reputation': $reputation_link = "reputation.php?uid={$usercache[$report['id3']]['uid']}#rid{$report['id']}"; $bad_user = build_profile_link($usercache[$report['id2']]['username'], $usercache[$report['id2']]['uid']); $report_data['content'] = $lang->sprintf($lang->report_info_reputation, $reputation_link, $bad_user); $good_user = build_profile_link($usercache[$report['id3']]['username'], $usercache[$report['id3']]['uid']); $report_data['content'] .= $lang->sprintf($lang->report_info_rep_profile, $good_user); break; } // Report reason and comment $report_data['comment'] = $lang->na; $report_string = "report_reason_{$report['reason']}"; if(isset($lang->$report_string)) { $report_data['comment'] = $lang->$report_string; } else if(!empty($report['reason'])) { $report_data['comment'] = htmlspecialchars_uni($report['reason']); } $report_reports = 1; if($report['reports']) { $report_data['reports'] = my_number_format($report['reports']); } if($report['lastreporter']) { if(is_array($usercache[$report['lastreporter']])) { $lastreport_user = build_profile_link($usercache[$report['lastreporter']]['username'], $report['lastreporter']); } elseif($usercache[$report['lastreporter']] > 0) { $lastreport_user = $lang->na_deleted; } $lastreport_date = my_date('relative', $report['lastreport']); $report_data['lastreporter'] = $lang->sprintf($lang->report_info_lastreporter, $lastreport_date, $lastreport_user); } $plugins->run_hooks("modcp_reports_report"); eval("\$reports .= \"".$templates->get("modcp_reports_report")."\";"); } } $plugins->run_hooks("modcp_reports_end"); eval("\$reportedcontent = \"".$templates->get("modcp_reports")."\";"); output_page($reportedcontent); } if($mybb->input['action'] == "allreports") { if($mybb->usergroup['canmanagereportedcontent'] == 0) { error_no_permission(); } $lang->load('report'); add_breadcrumb($lang->report_center, "modcp.php?action=reports"); add_breadcrumb($lang->all_reports, "modcp.php?action=allreports"); if(!$mybb->settings['threadsperpage']) { $mybb->settings['threadsperpage'] = 20; } // Figure out if we need to display multiple pages. $perpage = $mybb->settings['threadsperpage']; if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod']) { $query = $db->simple_select("reportedcontent", "COUNT(rid) AS count"); $report_count = $db->fetch_field($query, "count"); } else { $query = $db->simple_select('reportedcontent', 'id3', "type = 'post' OR type = ''"); $report_count = 0; while($fid = $db->fetch_field($query, 'id3')) { if(is_moderator($fid, "canmanagereportedposts")) { ++$report_count; } } unset($fid); } if(isset($mybb->input['rid'])) { $mybb->input['rid'] = $mybb->get_input('rid', MyBB::INPUT_INT); $query = $db->simple_select("reportedcontent", "COUNT(rid) AS count", "rid <= '".$mybb->input['rid']."'"); $result = $db->fetch_field($query, "count"); if(($result % $perpage) == 0) { $page = $result / $perpage; } else { $page = (int)$result / $perpage + 1; } } $postcount = (int)$report_count; $pages = $postcount / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $upper = $start+$perpage; $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=allreports"); $allreportspages = ''; if($postcount > $perpage) { eval("\$allreportspages = \"".$templates->get("modcp_reports_multipage")."\";"); } $plugins->run_hooks("modcp_allreports_start"); $query = $db->query(" SELECT r.*, u.username, p.username AS postusername, up.uid AS postuid, t.subject AS threadsubject, prrep.username AS repusername, pr.username AS profileusername FROM ".TABLE_PREFIX."reportedcontent r LEFT JOIN ".TABLE_PREFIX."posts p ON (r.id=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (p.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (r.uid=u.uid) LEFT JOIN ".TABLE_PREFIX."users up ON (p.uid=up.uid) LEFT JOIN ".TABLE_PREFIX."users pr ON (pr.uid=r.id) LEFT JOIN ".TABLE_PREFIX."users prrep ON (prrep.uid=r.id2) {$wflist_reports} ORDER BY r.dateline DESC LIMIT {$start}, {$perpage} "); $allreports = ''; if(!$db->num_rows($query)) { eval("\$allreports = \"".$templates->get("modcp_reports_allnoreports")."\";"); } else { while($report = $db->fetch_array($query)) { $trow = alt_trow(); if($report['type'] == 'post') { $post = get_post_link($report['id'])."#pid{$report['id']}"; $user = build_profile_link($report['postusername'], $report['postuid']); $report_data['content'] = $lang->sprintf($lang->report_info_post, $post, $user); $thread_link = get_thread_link($report['id2']); $thread_subject = htmlspecialchars_uni($report['threadsubject']); $report_data['content'] .= $lang->sprintf($lang->report_info_post_thread, $thread_link, $thread_subject); } else if($report['type'] == 'profile') { $user = build_profile_link($report['profileusername'], $report['id']); $report_data['content'] = $lang->sprintf($lang->report_info_profile, $user); } else if($report['type'] == 'reputation') { $user = build_profile_link($report['repusername'], $report['id2']); $reputation_link = "reputation.php?uid={$report['id3']}#rid{$report['id']}"; $report_data['content'] = $lang->sprintf($lang->report_info_reputation, $reputation_link, $user); } // Report reason and comment $report_data['comment'] = $lang->na; $report_string = "report_reason_{$report['reason']}"; $report['reporterlink'] = get_profile_link($report['uid']); if(!$report['username']) { $report['username'] = $lang->na_deleted; $report['reporterlink'] = $post; } if(isset($lang->$report_string)) { $report_data['comment'] = $lang->$report_string; } else if(!empty($report['reason'])) { $report_data['comment'] = htmlspecialchars_uni($report['reason']); } $report_data['reports'] = my_number_format($report['reports']); $report_data['time'] = my_date('relative', $report['dateline']); $plugins->run_hooks("modcp_allreports_report"); eval("\$allreports .= \"".$templates->get("modcp_reports_allreport")."\";"); } } $plugins->run_hooks("modcp_allreports_end"); eval("\$allreportedcontent = \"".$templates->get("modcp_reports_allreports")."\";"); output_page($allreportedcontent); } if($mybb->input['action'] == "modlogs") { if($mybb->usergroup['canviewmodlogs'] == 0) { error_no_permission(); } if($nummodlogs == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_view_mod_logs); } add_breadcrumb($lang->mcp_nav_modlogs, "modcp.php?action=modlogs"); $perpage = $mybb->get_input('perpage', MyBB::INPUT_INT); if(!$perpage || $perpage <= 0) { $perpage = $mybb->settings['threadsperpage']; } $where = ''; // Searching for entries by a particular user if($mybb->get_input('uid', MyBB::INPUT_INT)) { $where .= " AND l.uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; } // Searching for entries in a specific forum if($mybb->get_input('fid', MyBB::INPUT_INT)) { $where .= " AND t.fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; } $mybb->input['sortby'] = $mybb->get_input('sortby'); // Order? switch($mybb->input['sortby']) { case "username": $sortby = "u.username"; break; case "forum": $sortby = "f.name"; break; case "thread": $sortby = "t.subject"; break; default: $sortby = "l.dateline"; } $order = $mybb->get_input('order'); if($order != "asc") { $order = "desc"; } $plugins->run_hooks("modcp_modlogs_start"); $query = $db->query(" SELECT COUNT(l.dateline) AS count FROM ".TABLE_PREFIX."moderatorlog l LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) WHERE 1=1 {$where}{$tflist_modlog} "); $rescount = $db->fetch_field($query, "count"); // Figure out if we need to display multiple pages. if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } $postcount = (int)$rescount; $pages = $postcount / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $page_url = 'modcp.php?action=modlogs&perpage='.$perpage; foreach(array('uid', 'fid') as $field) { $mybb->input[$field] = $mybb->get_input($field, MyBB::INPUT_INT); if(!empty($mybb->input[$field])) { $page_url .= "&{$field}=".$mybb->input[$field]; } } foreach(array('sortby', 'order') as $field) { $mybb->input[$field] = htmlspecialchars_uni($mybb->get_input($field)); if(!empty($mybb->input[$field])) { $page_url .= "&{$field}=".$mybb->input[$field]; } } $multipage = multipage($postcount, $perpage, $page, $page_url); $resultspages = ''; if($postcount > $perpage) { eval("\$resultspages = \"".$templates->get("modcp_modlogs_multipage")."\";"); } $query = $db->query(" SELECT l.*, u.username, u.usergroup, u.displaygroup, t.subject AS tsubject, f.name AS fname, p.subject AS psubject FROM ".TABLE_PREFIX."moderatorlog l LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) WHERE 1=1 {$where}{$tflist_modlog} ORDER BY {$sortby} {$order} LIMIT {$start}, {$perpage} "); $results = ''; while($logitem = $db->fetch_array($query)) { $information = ''; $logitem['action'] = htmlspecialchars_uni($logitem['action']); $log_date = my_date('relative', $logitem['dateline']); $trow = alt_trow(); $username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']); $logitem['profilelink'] = build_profile_link($username, $logitem['uid']); $logitem['ipaddress'] = my_inet_ntop($db->unescape_binary($logitem['ipaddress'])); if($logitem['tsubject']) { $logitem['tsubject'] = htmlspecialchars_uni($logitem['tsubject']); $logitem['thread'] = get_thread_link($logitem['tid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_thread")."\";"); } if($logitem['fname']) { $logitem['forum'] = get_forum_link($logitem['fid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_forum")."\";"); } if($logitem['psubject']) { $logitem['psubject'] = htmlspecialchars_uni($logitem['psubject']); $logitem['post'] = get_post_link($logitem['pid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_post")."\";"); } // Edited a user or managed announcement? if(!$logitem['tsubject'] || !$logitem['fname'] || !$logitem['psubject']) { $data = my_unserialize($logitem['data']); if(!empty($data['uid'])) { $information = $lang->sprintf($lang->edited_user_info, htmlspecialchars_uni($data['username']), get_profile_link($data['uid'])); } if(!empty($data['aid'])) { $data['subject'] = htmlspecialchars_uni($data['subject']); $data['announcement'] = get_announcement_link($data['aid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_announcement")."\";"); } } eval("\$results .= \"".$templates->get("modcp_modlogs_result")."\";"); } if(!$results) { eval("\$results = \"".$templates->get("modcp_modlogs_noresults")."\";"); } $plugins->run_hooks("modcp_modlogs_filter"); // Fetch filter options $sortbysel = array('username' => '', 'forum' => '', 'thread' => '', 'dateline' => ''); $sortbysel[$mybb->input['sortby']] = "selected=\"selected\""; $ordersel = array('asc' => '', 'desc' => ''); $ordersel[$order] = "selected=\"selected\""; $user_options = ''; $query = $db->query(" SELECT DISTINCT l.uid, u.username FROM ".TABLE_PREFIX."moderatorlog l LEFT JOIN ".TABLE_PREFIX."users u ON (l.uid=u.uid) ORDER BY u.username ASC "); while($user = $db->fetch_array($query)) { // Deleted Users if(!$user['username']) { $user['username'] = $lang->na_deleted; } $selected = ''; if($mybb->get_input('uid', MyBB::INPUT_INT) == $user['uid']) { $selected = " selected=\"selected\""; } $user['username'] = htmlspecialchars_uni($user['username']); eval("\$user_options .= \"".$templates->get("modcp_modlogs_user")."\";"); } $forum_select = build_forum_jump("", $mybb->get_input('fid', MyBB::INPUT_INT), 1, '', 0, true, '', "fid"); eval("\$modlogs = \"".$templates->get("modcp_modlogs")."\";"); output_page($modlogs); } if($mybb->input['action'] == "do_delete_announcement") { verify_post_check($mybb->get_input('my_post_key')); if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } $aid = $mybb->get_input('aid'); $query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'"); $announcement = $db->fetch_array($query); if(!$announcement) { error($lang->error_invalid_announcement); } if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'], "canmanageannouncements")) || ($unviewableforums && in_array($announcement['fid'], $unviewableforums))) { error_no_permission(); } $plugins->run_hooks("modcp_do_delete_announcement"); $db->delete_query("announcements", "aid='{$aid}'"); log_moderator_action(array("aid" => $announcement['aid'], "subject" => $announcement['subject']), $lang->announcement_deleted); $cache->update_forumsdisplay(); redirect("modcp.php?action=announcements", $lang->redirect_delete_announcement); } if($mybb->input['action'] == "delete_announcement") { if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } $aid = $mybb->get_input('aid'); $query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'"); $announcement = $db->fetch_array($query); $announcement['subject'] = htmlspecialchars_uni($announcement['subject']); if(!$announcement) { error($lang->error_invalid_announcement); } if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'], "canmanageannouncements")) || ($unviewableforums && in_array($announcement['fid'], $unviewableforums))) { error_no_permission(); } $plugins->run_hooks("modcp_delete_announcement"); eval("\$announcements = \"".$templates->get("modcp_announcements_delete")."\";"); output_page($announcements); } if($mybb->input['action'] == "do_new_announcement") { verify_post_check($mybb->get_input('my_post_key')); if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } $announcement_fid = $mybb->get_input('fid', MyBB::INPUT_INT); if(($mybb->usergroup['issupermod'] != 1 && $announcement_fid == -1) || ($announcement_fid != -1 && !is_moderator($announcement_fid, "canmanageannouncements")) || ($unviewableforums && in_array($announcement_fid, $unviewableforums))) { error_no_permission(); } $errors = array(); $mybb->input['title'] = $mybb->get_input('title'); if(!trim($mybb->input['title'])) { $errors[] = $lang->error_missing_title; } $mybb->input['message'] = $mybb->get_input('message'); if(!trim($mybb->input['message'])) { $errors[] = $lang->error_missing_message; } if(!$announcement_fid) { $errors[] = $lang->error_missing_forum; } $mybb->input['starttime_time'] = $mybb->get_input('starttime_time'); $mybb->input['endtime_time'] = $mybb->get_input('endtime_time'); $startdate = @explode(" ", $mybb->input['starttime_time']); $startdate = @explode(":", $startdate[0]); $enddate = @explode(" ", $mybb->input['endtime_time']); $enddate = @explode(":", $enddate[0]); if(stristr($mybb->input['starttime_time'], "pm")) { $startdate[0] = 12+$startdate[0]; if($startdate[0] >= 24) { $startdate[0] = "00"; } } if(stristr($mybb->input['endtime_time'], "pm")) { $enddate[0] = 12+$enddate[0]; if($enddate[0] >= 24) { $enddate[0] = "00"; } } $mybb->input['starttime_month'] = $mybb->get_input('starttime_month'); $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); if(!in_array($mybb->input['starttime_month'], $months)) { $mybb->input['starttime_month'] = '01'; } $startdate = gmmktime((int)$startdate[0], (int)$startdate[1], 0, $mybb->get_input('starttime_month', MyBB::INPUT_INT), $mybb->get_input('starttime_day', MyBB::INPUT_INT), $mybb->get_input('starttime_year', MyBB::INPUT_INT)); if(!checkdate($mybb->get_input('starttime_month', MyBB::INPUT_INT), $mybb->get_input('starttime_day', MyBB::INPUT_INT), $mybb->get_input('starttime_year', MyBB::INPUT_INT)) || $startdate < 0 || $startdate == false) { $errors[] = $lang->error_invalid_start_date; } if($mybb->get_input('endtime_type', MyBB::INPUT_INT) == 2) { $enddate = '0'; $mybb->input['endtime_month'] = '01'; } else { $mybb->input['endtime_month'] = $mybb->get_input('endtime_month'); if(!in_array($mybb->input['endtime_month'], $months)) { $mybb->input['endtime_month'] = '01'; } $enddate = gmmktime((int)$enddate[0], (int)$enddate[1], 0, $mybb->get_input('endtime_month', MyBB::INPUT_INT), $mybb->get_input('endtime_day', MyBB::INPUT_INT), $mybb->get_input('endtime_year', MyBB::INPUT_INT)); if(!checkdate($mybb->get_input('endtime_month', MyBB::INPUT_INT), $mybb->get_input('endtime_day', MyBB::INPUT_INT), $mybb->get_input('endtime_year', MyBB::INPUT_INT)) || $enddate < 0 || $enddate == false) { $errors[] = $lang->error_invalid_end_date; } if($enddate <= $startdate) { $errors[] = $lang->error_end_before_start; } } if($mybb->get_input('allowhtml', MyBB::INPUT_INT) == 1) { $allowhtml = 1; } else { $allowhtml = 0; } if($mybb->get_input('allowmycode', MyBB::INPUT_INT) == 1) { $allowmycode = 1; } else { $allowmycode = 0; } if($mybb->get_input('allowsmilies', MyBB::INPUT_INT) == 1) { $allowsmilies = 1; } else { $allowsmilies = 0; } $plugins->run_hooks("modcp_do_new_announcement_start"); if(!$errors) { if(isset($mybb->input['preview'])) { $preview = array(); $mybb->input['action'] = 'new_announcement'; } else { $insert_announcement = array( 'fid' => $announcement_fid, 'uid' => $mybb->user['uid'], 'subject' => $db->escape_string($mybb->input['title']), 'message' => $db->escape_string($mybb->input['message']), 'startdate' => $startdate, 'enddate' => $enddate, 'allowhtml' => $allowhtml, 'allowmycode' => $allowmycode, 'allowsmilies' => $allowsmilies ); $aid = $db->insert_query("announcements", $insert_announcement); log_moderator_action(array("aid" => $aid, "subject" => $db->escape_string($mybb->input['title'])), $lang->announcement_added); $plugins->run_hooks("modcp_do_new_announcement_end"); $cache->update_forumsdisplay(); redirect("modcp.php?action=announcements", $lang->redirect_add_announcement); } } else { $mybb->input['action'] = 'new_announcement'; } } if($mybb->input['action'] == "new_announcement") { if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); add_breadcrumb($lang->add_announcement, "modcp.php?action=new_announcements"); $announcement_fid = $mybb->get_input('fid', MyBB::INPUT_INT); if(($mybb->usergroup['issupermod'] != 1 && $announcement_fid == -1) || ($announcement_fid != -1 && !is_moderator($announcement_fid, "canmanageannouncements")) || ($unviewableforums && in_array($announcement_fid, $unviewableforums))) { error_no_permission(); } // Deal with inline errors if(!empty($errors) || isset($preview)) { if(!empty($errors)) { $errors = inline_error($errors); } else { $errors = ''; } // Set $announcement to input stuff $announcement['subject'] = $mybb->input['title']; $announcement['message'] = $mybb->input['message']; $announcement['allowhtml'] = $allowhtml; $announcement['allowmycode'] = $allowmycode; $announcement['allowsmilies'] = $allowsmilies; $startmonth = $mybb->input['starttime_month']; $startdateyear = htmlspecialchars_uni($mybb->input['starttime_year']); $startday = $mybb->get_input('starttime_day', MyBB::INPUT_INT); $starttime_time = htmlspecialchars_uni($mybb->input['starttime_time']); $endmonth = $mybb->input['endtime_month']; $enddateyear = htmlspecialchars_uni($mybb->input['endtime_year']); $endday = $mybb->get_input('endtime_day', MyBB::INPUT_INT); $endtime_time = htmlspecialchars_uni($mybb->input['endtime_time']); } else { // Note: dates are in GMT timezone $starttime_time = gmdate("g:i a", TIME_NOW); $endtime_time = gmdate("g:i a", TIME_NOW); $startday = $endday = gmdate("j", TIME_NOW); $startmonth = $endmonth = gmdate("m", TIME_NOW); $startdateyear = gmdate("Y", TIME_NOW); $announcement = array( 'subject' => '', 'message' => '', 'allowhtml' => 1, 'allowmycode' => 1, 'allowsmilies' => 1 ); $enddateyear = $startdateyear+1; } // Generate form elements $startdateday = $enddateday = ''; for($day = 1; $day <= 31; ++$day) { if($startday == $day) { $selected = " selected=\"selected\""; eval("\$startdateday .= \"".$templates->get("modcp_announcements_day")."\";"); } else { $selected = ''; eval("\$startdateday .= \"".$templates->get("modcp_announcements_day")."\";"); } if($endday == $day) { $selected = " selected=\"selected\""; eval("\$enddateday .= \"".$templates->get("modcp_announcements_day")."\";"); } else { $selected = ''; eval("\$enddateday .= \"".$templates->get("modcp_announcements_day")."\";"); } } $startmonthsel = $endmonthsel = array(); foreach(array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12') as $month) { $startmonthsel[$month] = ''; $endmonthsel[$month] = ''; } $startmonthsel[$startmonth] = "selected=\"selected\""; $endmonthsel[$endmonth] = "selected=\"selected\""; $startdatemonth = $enddatemonth = ''; eval("\$startdatemonth .= \"".$templates->get("modcp_announcements_month_start")."\";"); eval("\$enddatemonth .= \"".$templates->get("modcp_announcements_month_end")."\";"); $title = htmlspecialchars_uni($announcement['subject']); $message = htmlspecialchars_uni($announcement['message']); $html_sel = $mycode_sel = $smilies_sel = array('yes' => '', 'no' => ''); if($announcement['allowhtml']) { $html_sel['yes'] = ' checked="checked"'; } else { $html_sel['no'] = ' checked="checked"'; } if($announcement['allowmycode']) { $mycode_sel['yes'] = ' checked="checked"'; } else { $mycode_sel['no'] = ' checked="checked"'; } if($announcement['allowsmilies']) { $smilies_sel['yes'] = ' checked="checked"'; } else { $smilies_sel['no'] = ' checked="checked"'; } $end_type_sel = array('infinite' => '', 'finite' => ''); if(!isset($mybb->input['endtime_type']) || $mybb->input['endtime_type'] == 2) { $end_type_sel['infinite'] = ' checked="checked"'; } else { $end_type_sel['finite'] = ' checked="checked"'; } // MyCode editor $codebuttons = build_mycode_inserter(); $smilieinserter = build_clickable_smilies(); if(isset($preview)) { $announcementarray = array( 'aid' => 0, 'fid' => $announcement_fid, 'uid' => $mybb->user['uid'], 'subject' => $mybb->input['title'], 'message' => $mybb->input['message'], 'allowhtml' => $mybb->get_input('allowhtml', MyBB::INPUT_INT), 'allowmycode' => $mybb->get_input('allowmycode', MyBB::INPUT_INT), 'allowsmilies' => $mybb->get_input('allowsmilies', MyBB::INPUT_INT), 'dateline' => TIME_NOW, 'userusername' => $mybb->user['username'], ); $array = $mybb->user; foreach($array as $key => $element) { $announcementarray[$key] = $element; } // Gather usergroup data from the cache // Field => Array Key $data_key = array( 'title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem' ); foreach($data_key as $field => $key) { $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field]; } require_once MYBB_ROOT."inc/functions_post.php"; $postbit = build_postbit($announcementarray, 3); eval("\$preview = \"".$templates->get("previewpost")."\";"); } else { $preview = ''; } $plugins->run_hooks("modcp_new_announcement"); eval("\$announcements = \"".$templates->get("modcp_announcements_new")."\";"); output_page($announcements); } if($mybb->input['action'] == "do_edit_announcement") { verify_post_check($mybb->get_input('my_post_key')); if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } // Get the announcement $aid = $mybb->get_input('aid', MyBB::INPUT_INT); $query = $db->simple_select("announcements", "*", "aid='{$aid}'"); $announcement = $db->fetch_array($query); // Check that it exists if(!$announcement) { error($lang->error_invalid_announcement); } // Mod has permissions to edit this announcement if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'], "canmanageannouncements")) || ($unviewableforums && in_array($announcement['fid'], $unviewableforums))) { error_no_permission(); } $errors = array(); // Basic error checking $mybb->input['title'] = $mybb->get_input('title'); if(!trim($mybb->input['title'])) { $errors[] = $lang->error_missing_title; } $mybb->input['message'] = $mybb->get_input('message'); if(!trim($mybb->input['message'])) { $errors[] = $lang->error_missing_message; } $mybb->input['starttime_time'] = $mybb->get_input('starttime_time'); $mybb->input['endtime_time'] = $mybb->get_input('endtime_time'); $startdate = @explode(" ", $mybb->input['starttime_time']); $startdate = @explode(":", $startdate[0]); $enddate = @explode(" ", $mybb->input['endtime_time']); $enddate = @explode(":", $enddate[0]); if(stristr($mybb->input['starttime_time'], "pm")) { $startdate[0] = 12+$startdate[0]; if($startdate[0] >= 24) { $startdate[0] = "00"; } } if(stristr($mybb->input['endtime_time'], "pm")) { $enddate[0] = 12+$enddate[0]; if($enddate[0] >= 24) { $enddate[0] = "00"; } } $mybb->input['starttime_month'] = $mybb->get_input('starttime_month'); $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); if(!in_array($mybb->input['starttime_month'], $months)) { $mybb->input['starttime_month'] = '01'; } $startdate = gmmktime((int)$startdate[0], (int)$startdate[1], 0, $mybb->get_input('starttime_month', MyBB::INPUT_INT), $mybb->get_input('starttime_day', MyBB::INPUT_INT), $mybb->get_input('starttime_year', MyBB::INPUT_INT)); if(!checkdate($mybb->get_input('starttime_month', MyBB::INPUT_INT), $mybb->get_input('starttime_day', MyBB::INPUT_INT), $mybb->get_input('starttime_year', MyBB::INPUT_INT)) || $startdate < 0 || $startdate == false) { $errors[] = $lang->error_invalid_start_date; } if($mybb->get_input('endtime_type', MyBB::INPUT_INT) == "2") { $enddate = '0'; $mybb->input['endtime_month'] = '01'; } else { $mybb->input['endtime_month'] = $mybb->get_input('endtime_month'); if(!in_array($mybb->input['endtime_month'], $months)) { $mybb->input['endtime_month'] = '01'; } $enddate = gmmktime((int)$enddate[0], (int)$enddate[1], 0, $mybb->get_input('endtime_month', MyBB::INPUT_INT), $mybb->get_input('endtime_day', MyBB::INPUT_INT), $mybb->get_input('endtime_year', MyBB::INPUT_INT)); if(!checkdate($mybb->get_input('endtime_month', MyBB::INPUT_INT), $mybb->get_input('endtime_day', MyBB::INPUT_INT), $mybb->get_input('endtime_year', MyBB::INPUT_INT)) || $enddate < 0 || $enddate == false) { $errors[] = $lang->error_invalid_end_date; } elseif($enddate <= $startdate) { $errors[] = $lang->error_end_before_start; } } if($mybb->get_input('allowhtml', MyBB::INPUT_INT) == 1) { $allowhtml = 1; } else { $allowhtml = 0; } if($mybb->get_input('allowmycode', MyBB::INPUT_INT) == 1) { $allowmycode = 1; } else { $allowmycode = 0; } if($mybb->get_input('allowsmilies', MyBB::INPUT_INT) == 1) { $allowsmilies = 1; } else { $allowsmilies = 0; } $plugins->run_hooks("modcp_do_edit_announcement_start"); // Proceed to update if no errors if(!$errors) { if(isset($mybb->input['preview'])) { $preview = array(); $mybb->input['action'] = 'edit_announcement'; } else { $update_announcement = array( 'uid' => $mybb->user['uid'], 'subject' => $db->escape_string($mybb->input['title']), 'message' => $db->escape_string($mybb->input['message']), 'startdate' => $startdate, 'enddate' => $enddate, 'allowhtml' => $allowhtml, 'allowmycode' => $allowmycode, 'allowsmilies' => $allowsmilies ); $db->update_query("announcements", $update_announcement, "aid='{$aid}'"); log_moderator_action(array("aid" => $announcement['aid'], "subject" => $db->escape_string($mybb->input['title'])), $lang->announcement_edited); $plugins->run_hooks("modcp_do_edit_announcement_end"); $cache->update_forumsdisplay(); redirect("modcp.php?action=announcements", $lang->redirect_edit_announcement); } } else { $mybb->input['action'] = 'edit_announcement'; } } if($mybb->input['action'] == "edit_announcement") { if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } $aid = $mybb->get_input('aid', MyBB::INPUT_INT); add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); add_breadcrumb($lang->edit_announcement, "modcp.php?action=edit_announcements&aid={$aid}"); // Get announcement if(!isset($announcement) || $mybb->request_method != 'post') { $query = $db->simple_select("announcements", "*", "aid='{$aid}'"); $announcement = $db->fetch_array($query); } if(!$announcement) { error($lang->error_invalid_announcement); } if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'], "canmanageannouncements")) || ($unviewableforums && in_array($announcement['fid'], $unviewableforums))) { error_no_permission(); } if(!$announcement['startdate']) { // No start date? Make it now. $announcement['startdate'] = TIME_NOW; } $makeshift_end = false; if(!$announcement['enddate']) { $makeshift_end = true; $makeshift_time = TIME_NOW; if($announcement['startdate']) { $makeshift_time = $announcement['startdate']; } // No end date? Make it a year from now. $announcement['enddate'] = $makeshift_time + (60 * 60 * 24 * 366); } // Deal with inline errors if(!empty($errors) || isset($preview)) { if(!empty($errors)) { $errors = inline_error($errors); } else { $errors = ''; } // Set $announcement to input stuff $announcement['subject'] = $mybb->input['title']; $announcement['message'] = $mybb->input['message']; $announcement['allowhtml'] = $allowhtml; $announcement['allowmycode'] = $allowmycode; $announcement['allowsmilies'] = $allowsmilies; $startmonth = $mybb->input['starttime_month']; $startdateyear = htmlspecialchars_uni($mybb->input['starttime_year']); $startday = $mybb->get_input('starttime_day', MyBB::INPUT_INT); $starttime_time = htmlspecialchars_uni($mybb->input['starttime_time']); $endmonth = $mybb->input['endtime_month']; $enddateyear = htmlspecialchars_uni($mybb->input['endtime_year']); $endday = $mybb->get_input('endtime_day', MyBB::INPUT_INT); $endtime_time = htmlspecialchars_uni($mybb->input['endtime_time']); $errored = true; } else { // Note: dates are in GMT timezone $starttime_time = gmdate('g:i a', $announcement['startdate']); $endtime_time = gmdate('g:i a', $announcement['enddate']); $startday = gmdate('j', $announcement['startdate']); $endday = gmdate('j', $announcement['enddate']); $startmonth = gmdate('m', $announcement['startdate']); $endmonth = gmdate('m', $announcement['enddate']); $startdateyear = gmdate('Y', $announcement['startdate']); $enddateyear = gmdate('Y', $announcement['enddate']); $errored = false; } // Generate form elements $startdateday = $enddateday = ''; for($day = 1; $day <= 31; ++$day) { if($startday == $day) { $selected = " selected=\"selected\""; eval("\$startdateday .= \"".$templates->get("modcp_announcements_day")."\";"); } else { $selected = ''; eval("\$startdateday .= \"".$templates->get("modcp_announcements_day")."\";"); } if($endday == $day) { $selected = " selected=\"selected\""; eval("\$enddateday .= \"".$templates->get("modcp_announcements_day")."\";"); } else { $selected = ''; eval("\$enddateday .= \"".$templates->get("modcp_announcements_day")."\";"); } } $startmonthsel = $endmonthsel = array(); foreach(array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12') as $month) { $startmonthsel[$month] = ''; $endmonthsel[$month] = ''; } $startmonthsel[$startmonth] = "selected=\"selected\""; $endmonthsel[$endmonth] = "selected=\"selected\""; $startdatemonth = $enddatemonth = ''; eval("\$startdatemonth .= \"".$templates->get("modcp_announcements_month_start")."\";"); eval("\$enddatemonth .= \"".$templates->get("modcp_announcements_month_end")."\";"); $title = htmlspecialchars_uni($announcement['subject']); $message = htmlspecialchars_uni($announcement['message']); $html_sel = $mycode_sel = $smilies_sel = array('yes' => '', 'no' => ''); if($announcement['allowhtml']) { $html_sel['yes'] = ' checked="checked"'; } else { $html_sel['no'] = ' checked="checked"'; } if($announcement['allowmycode']) { $mycode_sel['yes'] = ' checked="checked"'; } else { $mycode_sel['no'] = ' checked="checked"'; } if($announcement['allowsmilies']) { $smilies_sel['yes'] = ' checked="checked"'; } else { $smilies_sel['no'] = ' checked="checked"'; } $end_type_sel = array('infinite' => '', 'finite' => ''); if(($errored && $mybb->get_input('endtime_type', MyBB::INPUT_INT) == 2) || (!$errored && (int)$announcement['enddate'] == 0) || $makeshift_end == true) { $end_type_sel['infinite'] = ' checked="checked"'; } else { $end_type_sel['finite'] = ' checked="checked"'; } // MyCode editor $codebuttons = build_mycode_inserter(); $smilieinserter = build_clickable_smilies(); if(isset($preview)) { $announcementarray = array( 'aid' => $announcement['aid'], 'fid' => $announcement['fid'], 'uid' => $mybb->user['uid'], 'subject' => $mybb->input['title'], 'message' => $mybb->input['message'], 'allowhtml' => $mybb->get_input('allowhtml', MyBB::INPUT_INT), 'allowmycode' => $mybb->get_input('allowmycode', MyBB::INPUT_INT), 'allowsmilies' => $mybb->get_input('allowsmilies', MyBB::INPUT_INT), 'dateline' => TIME_NOW, 'userusername' => $mybb->user['username'], ); $array = $mybb->user; foreach($array as $key => $element) { $announcementarray[$key] = $element; } // Gather usergroup data from the cache // Field => Array Key $data_key = array( 'title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem' ); foreach($data_key as $field => $key) { $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field]; } require_once MYBB_ROOT."inc/functions_post.php"; $postbit = build_postbit($announcementarray, 3); eval("\$preview = \"".$templates->get("previewpost")."\";"); } else { $preview = ''; } $plugins->run_hooks("modcp_edit_announcement"); eval("\$announcements = \"".$templates->get("modcp_announcements_edit")."\";"); output_page($announcements); } if($mybb->input['action'] == "announcements") { if($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } if($numannouncements == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_manage_announcements); } add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); // Fetch announcements into their proper arrays $query = $db->simple_select("announcements", "aid, fid, subject, enddate"); $announcements = $global_announcements = array(); while($announcement = $db->fetch_array($query)) { if($announcement['fid'] == -1) { $global_announcements[$announcement['aid']] = $announcement; continue; } $announcements[$announcement['fid']][$announcement['aid']] = $announcement; } $announcements_global = ''; if($mybb->usergroup['issupermod'] == 1) { if($global_announcements && $mybb->usergroup['issupermod'] == 1) { // Get the global announcements foreach($global_announcements as $aid => $announcement) { $trow = alt_trow(); if($announcement['startdate'] > TIME_NOW || ($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0)) { eval("\$icon = \"".$templates->get("modcp_announcements_announcement_expired")."\";"); } else { eval("\$icon = \"".$templates->get("modcp_announcements_announcement_active")."\";"); } $subject = htmlspecialchars_uni($announcement['subject']); eval("\$announcements_global .= \"".$templates->get("modcp_announcements_announcement_global")."\";"); } } else { // No global announcements eval("\$announcements_global = \"".$templates->get("modcp_no_announcements_global")."\";"); } eval("\$announcements_global = \"".$templates->get("modcp_announcements_global")."\";"); } $announcements_forum = ''; fetch_forum_announcements(); if(!$announcements_forum) { eval("\$announcements_forum = \"".$templates->get("modcp_no_announcements_forum")."\";"); } $plugins->run_hooks("modcp_announcements"); eval("\$announcements = \"".$templates->get("modcp_announcements")."\";"); output_page($announcements); } if($mybb->input['action'] == "do_modqueue") { require_once MYBB_ROOT."inc/class_moderation.php"; $moderation = new Moderation; // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->usergroup['canmanagemodqueue'] == 0) { error_no_permission(); } $plugins->run_hooks("modcp_do_modqueue_start"); $mybb->input['threads'] = $mybb->get_input('threads', MyBB::INPUT_ARRAY); $mybb->input['posts'] = $mybb->get_input('posts', MyBB::INPUT_ARRAY); $mybb->input['attachments'] = $mybb->get_input('attachments', MyBB::INPUT_ARRAY); if(!empty($mybb->input['threads'])) { $threads = array_map("intval", array_keys($mybb->input['threads'])); $threads_to_approve = $threads_to_delete = array(); // Fetch threads $query = $db->simple_select("threads", "tid", "tid IN (".implode(",", $threads)."){$flist_queue_threads}"); while($thread = $db->fetch_array($query)) { if(!isset($mybb->input['threads'][$thread['tid']])) { continue; } $action = $mybb->input['threads'][$thread['tid']]; if($action == "approve") { $threads_to_approve[] = $thread['tid']; } else if($action == "delete") { $threads_to_delete[] = $thread['tid']; } } if(!empty($threads_to_approve)) { $moderation->approve_threads($threads_to_approve); log_moderator_action(array('tids' => $threads_to_approve), $lang->multi_approve_threads); } if(!empty($threads_to_delete)) { if($mybb->settings['soft_delete'] == 1) { $moderation->soft_delete_threads($threads_to_delete); log_moderator_action(array('tids' => $threads_to_delete), $lang->multi_soft_delete_threads); } else { foreach($threads_to_delete as $tid) { $moderation->delete_thread($tid); } log_moderator_action(array('tids' => $threads_to_delete), $lang->multi_delete_threads); } } $plugins->run_hooks("modcp_do_modqueue_end"); redirect("modcp.php?action=modqueue", $lang->redirect_threadsmoderated); } else if(!empty($mybb->input['posts'])) { $posts = array_map("intval", array_keys($mybb->input['posts'])); // Fetch posts $posts_to_approve = $posts_to_delete = array(); $query = $db->simple_select("posts", "pid", "pid IN (".implode(",", $posts)."){$flist_queue_posts}"); while($post = $db->fetch_array($query)) { if(!isset($mybb->input['posts'][$post['pid']])) { continue; } $action = $mybb->input['posts'][$post['pid']]; if($action == "approve") { $posts_to_approve[] = $post['pid']; } else if($action == "delete" && $mybb->settings['soft_delete'] != 1) { $moderation->delete_post($post['pid']); } else if($action == "delete") { $posts_to_delete[] = $post['pid']; } } if(!empty($posts_to_approve)) { $moderation->approve_posts($posts_to_approve); log_moderator_action(array('pids' => $posts_to_approve), $lang->multi_approve_posts); } if(!empty($posts_to_delete)) { if($mybb->settings['soft_delete'] == 1) { $moderation->soft_delete_posts($posts_to_delete); log_moderator_action(array('pids' => $posts_to_delete), $lang->multi_soft_delete_posts); } else { log_moderator_action(array('pids' => $posts_to_delete), $lang->multi_delete_posts); } } $plugins->run_hooks("modcp_do_modqueue_end"); redirect("modcp.php?action=modqueue&type=posts", $lang->redirect_postsmoderated); } else if(!empty($mybb->input['attachments'])) { $attachments = array_map("intval", array_keys($mybb->input['attachments'])); $query = $db->query(" SELECT a.pid, a.aid FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE aid IN (".implode(",", $attachments)."){$tflist_queue_attach} "); while($attachment = $db->fetch_array($query)) { if(!isset($mybb->input['attachments'][$attachment['aid']])) { continue; } $action = $mybb->input['attachments'][$attachment['aid']]; if($action == "approve") { $db->update_query("attachments", array("visible" => 1), "aid='{$attachment['aid']}'"); } else if($action == "delete") { remove_attachment($attachment['pid'], '', $attachment['aid']); } } $plugins->run_hooks("modcp_do_modqueue_end"); redirect("modcp.php?action=modqueue&type=attachments", $lang->redirect_attachmentsmoderated); } } if($mybb->input['action'] == "modqueue") { $navsep = ''; if($mybb->usergroup['canmanagemodqueue'] == 0) { error_no_permission(); } if($nummodqueuethreads == 0 && $nummodqueueposts == 0 && $nummodqueueattach == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_use_mod_queue); } $mybb->input['type'] = $mybb->get_input('type'); $threadqueue = $postqueue = $attachmentqueue = ''; if($mybb->input['type'] == "threads" || !$mybb->input['type'] && ($nummodqueuethreads > 0 || $mybb->usergroup['issupermod'] == 1)) { if($nummodqueuethreads == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_moderate_threads); } $forum_cache = $cache->read("forums"); $query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible='0' {$flist_queue_threads}"); $unapproved_threads = $db->fetch_field($query, "unapprovedthreads"); // Figure out if we need to display multiple pages. if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } $perpage = $mybb->settings['threadsperpage']; $pages = $unapproved_threads / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $multipage = multipage($unapproved_threads, $perpage, $page, "modcp.php?action=modqueue&type=threads"); $query = $db->query(" SELECT t.tid, t.dateline, t.fid, t.subject, t.username AS threadusername, p.message AS postmessage, u.username AS username, t.uid FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=t.firstpost) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) WHERE t.visible='0' {$tflist_queue_threads} ORDER BY t.lastpost DESC LIMIT {$start}, {$perpage} "); $threads = ''; while($thread = $db->fetch_array($query)) { $altbg = alt_trow(); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $thread['threadlink'] = get_thread_link($thread['tid']); $forum_link = get_forum_link($thread['fid']); $forum_name = $forum_cache[$thread['fid']]['name']; $threaddate = my_date('relative', $thread['dateline']); if($thread['username'] == "") { if($thread['threadusername'] != "") { $profile_link = $thread['threadusername']; } else { $profile_link = $lang->guest; } } else { $profile_link = build_profile_link($thread['username'], $thread['uid']); } $thread['postmessage'] = nl2br(htmlspecialchars_uni($thread['postmessage'])); eval("\$forum = \"".$templates->get("modcp_modqueue_link_forum")."\";"); eval("\$threads .= \"".$templates->get("modcp_modqueue_threads_thread")."\";"); } if(!$threads && $mybb->input['type'] == "threads") { eval("\$threads = \"".$templates->get("modcp_modqueue_threads_empty")."\";"); } if($threads) { add_breadcrumb($lang->mcp_nav_modqueue_threads, "modcp.php?action=modqueue&type=threads"); $plugins->run_hooks("modcp_modqueue_threads_end"); if($nummodqueueposts > 0 || $mybb->usergroup['issupermod'] == 1) { $navsep = " | "; eval("\$post_link = \"".$templates->get("modcp_modqueue_post_link")."\";"); } if($mybb->settings['enableattachments'] == 1 && ($nummodqueueattach > 0 || $mybb->usergroup['issupermod'] == 1)) { $navsep = " | "; eval("\$attachment_link = \"".$templates->get("modcp_modqueue_attachment_link")."\";"); } eval("\$mass_controls = \"".$templates->get("modcp_modqueue_masscontrols")."\";"); eval("\$threadqueue = \"".$templates->get("modcp_modqueue_threads")."\";"); output_page($threadqueue); } $type = 'threads'; } if($mybb->input['type'] == "posts" || (!$mybb->input['type'] && !$threadqueue && ($nummodqueueposts > 0 || $mybb->usergroup['issupermod'] == 1))) { if($nummodqueueposts == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_moderate_posts); } $forum_cache = $cache->read("forums"); $query = $db->query(" SELECT COUNT(pid) AS unapprovedposts FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE p.visible='0' {$tflist_queue_posts} AND t.firstpost != p.pid "); $unapproved_posts = $db->fetch_field($query, "unapprovedposts"); // Figure out if we need to display multiple pages. if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } $perpage = $mybb->settings['postsperpage']; $pages = $unapproved_posts / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $multipage = multipage($unapproved_posts, $perpage, $page, "modcp.php?action=modqueue&type=posts"); $query = $db->query(" SELECT p.pid, p.subject, p.message, p.username AS postusername, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) WHERE p.visible='0' {$tflist_queue_posts} AND t.firstpost != p.pid ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} "); $posts = ''; while($post = $db->fetch_array($query)) { $altbg = alt_trow(); $post['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($post['threadsubject'])); $post['threadlink'] = get_thread_link($post['tid']); $post['postlink'] = get_post_link($post['pid'], $post['tid']); $forum_link = get_forum_link($post['fid']); $forum_name = $forum_cache[$post['fid']]['name']; $postdate = my_date('relative', $post['dateline']); if($post['username'] == "") { if($post['postusername'] != "") { $profile_link = $post['postusername']; } else { $profile_link = $lang->guest; } } else { $profile_link = build_profile_link($post['username'], $post['uid']); } eval("\$thread = \"".$templates->get("modcp_modqueue_link_thread")."\";"); eval("\$forum = \"".$templates->get("modcp_modqueue_link_forum")."\";"); $post['message'] = nl2br(htmlspecialchars_uni($post['message'])); eval("\$posts .= \"".$templates->get("modcp_modqueue_posts_post")."\";"); } if(!$posts && $mybb->input['type'] == "posts") { eval("\$posts = \"".$templates->get("modcp_modqueue_posts_empty")."\";"); } if($posts) { add_breadcrumb($lang->mcp_nav_modqueue_posts, "modcp.php?action=modqueue&type=posts"); $plugins->run_hooks("modcp_modqueue_posts_end"); if($nummodqueuethreads > 0 || $mybb->usergroup['issupermod'] == 1) { $navsep = " | "; eval("\$thread_link = \"".$templates->get("modcp_modqueue_thread_link")."\";"); } if($mybb->settings['enableattachments'] == 1 && ($nummodqueueattach > 0 || $mybb->usergroup['issupermod'] == 1)) { $navsep = " | "; eval("\$attachment_link = \"".$templates->get("modcp_modqueue_attachment_link")."\";"); } eval("\$mass_controls = \"".$templates->get("modcp_modqueue_masscontrols")."\";"); eval("\$postqueue = \"".$templates->get("modcp_modqueue_posts")."\";"); output_page($postqueue); } } if($mybb->input['type'] == "attachments" || (!$mybb->input['type'] && !$postqueue && !$threadqueue && $mybb->settings['enableattachments'] == 1 && ($nummodqueueattach > 0 || $mybb->usergroup['issupermod'] == 1))) { if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled); } if($nummodqueueattach == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_moderate_attachments); } $query = $db->query(" SELECT COUNT(aid) AS unapprovedattachments FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.visible='0'{$tflist_queue_attach} "); $unapproved_attachments = $db->fetch_field($query, "unapprovedattachments"); // Figure out if we need to display multiple pages. if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } $perpage = $mybb->settings['postsperpage']; $pages = $unapproved_attachments / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $multipage = multipage($unapproved_attachments, $perpage, $page, "modcp.php?action=modqueue&type=attachments"); $query = $db->query(" SELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) WHERE a.visible='0'{$tflist_queue_attach} ORDER BY a.dateuploaded DESC LIMIT {$start}, {$perpage} "); $attachments = ''; while($attachment = $db->fetch_array($query)) { $altbg = alt_trow(); if(!$attachment['dateuploaded']) { $attachment['dateuploaded'] = $attachment['dateline']; } $attachdate = my_date('relative', $attachment['dateuploaded']); $attachment['postsubject'] = htmlspecialchars_uni($attachment['postsubject']); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); $attachment['threadsubject'] = htmlspecialchars_uni($attachment['threadsubject']); $attachment['filesize'] = get_friendly_size($attachment['filesize']); $link = get_post_link($attachment['pid'], $attachment['tid']) . "#pid{$attachment['pid']}"; $thread_link = get_thread_link($attachment['tid']); $profile_link = build_profile_link($attachment['username'], $attachment['uid']); eval("\$attachments .= \"".$templates->get("modcp_modqueue_attachments_attachment")."\";"); } if(!$attachments && $mybb->input['type'] == "attachments") { eval("\$attachments = \"".$templates->get("modcp_modqueue_attachments_empty")."\";"); } if($attachments) { add_breadcrumb($lang->mcp_nav_modqueue_attachments, "modcp.php?action=modqueue&type=attachments"); $plugins->run_hooks("modcp_modqueue_attachments_end"); if($nummodqueuethreads > 0 || $mybb->usergroup['issupermod'] == 1) { eval("\$thread_link = \"".$templates->get("modcp_modqueue_thread_link")."\";"); $navsep = " | "; } if($nummodqueueposts > 0 || $mybb->usergroup['issupermod'] == 1) { eval("\$post_link = \"".$templates->get("modcp_modqueue_post_link")."\";"); $navsep = " | "; } eval("\$mass_controls = \"".$templates->get("modcp_modqueue_masscontrols")."\";"); eval("\$attachmentqueue = \"".$templates->get("modcp_modqueue_attachments")."\";"); output_page($attachmentqueue); } } // Still nothing? All queues are empty! :-D if(!$threadqueue && !$postqueue && !$attachmentqueue) { add_breadcrumb($lang->mcp_nav_modqueue, "modcp.php?action=modqueue"); $plugins->run_hooks("modcp_modqueue_end"); eval("\$queue = \"".$templates->get("modcp_modqueue_empty")."\";"); output_page($queue); } } if($mybb->input['action'] == "do_editprofile") { // Verify incoming POST request verify_post_check($mybb->input['my_post_key']); if($mybb->usergroup['caneditprofiles'] == 0) { error_no_permission(); } $user = get_user($mybb->input['uid']); if(!$user) { error($lang->error_nomember); } // Check if the current user has permission to edit this user if(!modcp_can_manage_user($user['uid'])) { error_no_permission(); } $plugins->run_hooks("modcp_do_editprofile_start"); if($mybb->get_input('away', MyBB::INPUT_INT) == 1 && $mybb->settings['allowaway'] != 0) { $awaydate = TIME_NOW; if(!empty($mybb->input['awayday'])) { // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT)) { $mybb->input['awaymonth'] = my_date('n', $awaydate); } if(!$mybb->get_input('awayyear', MyBB::INPUT_INT)) { $mybb->input['awayyear'] = my_date('Y', $awaydate); } $return_month = (int)substr($mybb->get_input('awaymonth'), 0, 2); $return_day = (int)substr($mybb->get_input('awayday'), 0, 2); $return_year = min((int)$mybb->get_input('awayyear'), 9999); // Check if return date is after the away date. $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) { error($lang->error_modcp_return_date_past); } $returndate = "{$return_day}-{$return_month}-{$return_year}"; } else { $returndate = ""; } $away = array( "away" => 1, "date" => $awaydate, "returndate" => $returndate, "awayreason" => $mybb->get_input('awayreason') ); } else { $away = array( "away" => 0, "date" => '', "returndate" => '', "awayreason" => '' ); } // Set up user handler. require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler('update'); // Set the data for the new user. $updated_user = array( "uid" => $user['uid'], "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), "profile_fields_editable" => true, "website" => $mybb->get_input('website'), "icq" => $mybb->get_input('icq'), "aim" => $mybb->get_input('aim'), "yahoo" => $mybb->get_input('yahoo'), "skype" => $mybb->get_input('skype'), "google" => $mybb->get_input('google'), "signature" => $mybb->get_input('signature'), "usernotes" => $mybb->get_input('usernotes'), "away" => $away ); $updated_user['birthday'] = array( "day" => $mybb->get_input('birthday_day', MyBB::INPUT_INT), "month" => $mybb->get_input('birthday_month', MyBB::INPUT_INT), "year" => $mybb->get_input('birthday_year', MyBB::INPUT_INT) ); if(!empty($mybb->input['usertitle'])) { $updated_user['usertitle'] = $mybb->get_input('usertitle'); } else if(!empty($mybb->input['reverttitle'])) { $updated_user['usertitle'] = ''; } if(!empty($mybb->input['remove_avatar'])) { $updated_user['avatarurl'] = ''; } // Set the data of the user in the datahandler. $userhandler->set_data($updated_user); $errors = ''; // Validate the user and get any errors that might have occurred. if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); $mybb->input['action'] = "editprofile"; } else { // Are we removing an avatar from this user? if(!empty($mybb->input['remove_avatar'])) { $extra_user_updates = array( "avatar" => "", "avatardimensions" => "", "avatartype" => "" ); remove_avatars($user['uid']); } // Moderator "Options" (suspend signature, suspend/moderate posting) $moderator_options = array( 1 => array( "action" => "suspendsignature", // The moderator action we're performing "period" => "action_period", // The time period we've selected from the dropdown box "time" => "action_time", // The time we've entered "update_field" => "suspendsignature", // The field in the database to update if true "update_length" => "suspendsigtime" // The length of suspension field in the database ), 2 => array( "action" => "moderateposting", "period" => "modpost_period", "time" => "modpost_time", "update_field" => "moderateposts", "update_length" => "moderationtime" ), 3 => array( "action" => "suspendposting", "period" => "suspost_period", "time" => "suspost_time", "update_field" => "suspendposting", "update_length" => "suspensiontime" ) ); require_once MYBB_ROOT."inc/functions_warnings.php"; foreach($moderator_options as $option) { $mybb->input[$option['time']] = $mybb->get_input($option['time'], MyBB::INPUT_INT); $mybb->input[$option['period']] = $mybb->get_input($option['period']); if(empty($mybb->input[$option['action']])) { if($user[$option['update_field']] == 1) { // We're revoking the suspension $extra_user_updates[$option['update_field']] = 0; $extra_user_updates[$option['update_length']] = 0; } // Skip this option if we haven't selected it continue; } else { if($mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) { // User has selected a type of ban, but not entered a valid time frame $string = $option['action']."_error"; $errors[] = $lang->$string; } if(!is_array($errors)) { $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]); if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) { // We already have a suspension, but entered a new time if($suspend_length == "-1") { // Permanent ban on action $extra_user_updates[$option['update_length']] = 0; } elseif($suspend_length && $suspend_length != "-1") { // Temporary ban on action $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; } } elseif(!$user[$option['update_field']]) { // New suspension for this user... bad user! $extra_user_updates[$option['update_field']] = 1; if($suspend_length == "-1") { $extra_user_updates[$option['update_length']] = 0; } else { $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; } } } } } // Those with javascript turned off will be able to select both - cheeky! // Check to make sure we're not moderating AND suspending posting if(isset($extra_user_updates) && $extra_user_updates['moderateposts'] && $extra_user_updates['suspendposting']) { $errors[] = $lang->suspendmoderate_error; } if(is_array($errors)) { $mybb->input['action'] = "editprofile"; } else { $plugins->run_hooks("modcp_do_editprofile_update"); // Continue with the update if there is no errors $user_info = $userhandler->update_user(); if(!empty($extra_user_updates)) { $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); } log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->edited_user); $plugins->run_hooks("modcp_do_editprofile_end"); redirect("modcp.php?action=finduser", $lang->redirect_user_updated); } } } if($mybb->input['action'] == "editprofile") { if($mybb->usergroup['caneditprofiles'] == 0) { error_no_permission(); } add_breadcrumb($lang->mcp_nav_editprofile, "modcp.php?action=editprofile"); $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); if(!$user) { error($lang->error_nomember); } // Check if the current user has permission to edit this user if(!modcp_can_manage_user($user['uid'])) { error_no_permission(); } if($user['website'] == "" || $user['website'] == "http://") { $user['website'] = "http://"; } if($user['icq'] != "0") { $user['icq'] = (int)$user['icq']; } if(!$errors) { $mybb->input = array_merge($user, $mybb->input); $birthday = explode('-', $user['birthday']); if(!isset($birthday[1])) { $birthday[1] = ''; } if(!isset($birthday[2])) { $birthday[2] = ''; } list($mybb->input['birthday_day'], $mybb->input['birthday_month'], $mybb->input['birthday_year']) = $birthday; } else { $errors = inline_error($errors); } // Sanitize all input foreach(array('usertitle', 'website', 'icq', 'aim', 'yahoo', 'skype', 'google', 'signature', 'birthday_day', 'birthday_month', 'birthday_year') as $field) { $mybb->input[$field] = htmlspecialchars_uni($mybb->get_input($field)); } // Custom user title, check to see if we have a default group title if(!$user['displaygroup']) { $user['displaygroup'] = $user['usergroup']; } $displaygroupfields = array('usertitle'); $display_group = usergroup_displaygroup($user['displaygroup']); if(!empty($display_group['usertitle'])) { $defaulttitle = htmlspecialchars_uni($display_group['usertitle']); } else { // Go for post count title if a group default isn't set $usertitles = $cache->read('usertitles'); foreach($usertitles as $title) { if($title['posts'] <= $user['postnum']) { $defaulttitle = $title['title']; break; } } } $user['usertitle'] = htmlspecialchars_uni($user['usertitle']); if(empty($user['usertitle'])) { $lang->current_custom_usertitle = ''; } $bdaydaysel = $selected = ''; for($day = 1; $day <= 31; ++$day) { if($mybb->input['birthday_day'] == $day) { $selected = "selected=\"selected\""; } else { $selected = ''; } eval("\$bdaydaysel .= \"".$templates->get("usercp_profile_day")."\";"); } $bdaymonthsel = array(); foreach(range(1, 12) as $month) { $bdaymonthsel[$month] = ''; } $bdaymonthsel[$mybb->input['birthday_month']] = 'selected="selected"'; if($mybb->settings['allowaway'] != 0) { $awaycheck = array('', ''); if($errors) { if($user['away'] == 1) { $awaycheck[1] = "checked=\"checked\""; } else { $awaycheck[0] = "checked=\"checked\""; } $returndate = array(); $returndate[0] = $mybb->get_input('awayday'); $returndate[1] = $mybb->get_input('awaymonth'); $returndate[2] = $mybb->get_input('awayyear', MyBB::INPUT_INT); $user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason')); } else { $user['awayreason'] = htmlspecialchars_uni($user['awayreason']); if($user['away'] == 1) { $awaydate = my_date($mybb->settings['dateformat'], $user['awaydate']); $awaycheck[1] = "checked=\"checked\""; $awaynotice = $lang->sprintf($lang->away_notice_away, $awaydate); } else { $awaynotice = $lang->away_notice; $awaycheck[0] = "checked=\"checked\""; } $returndate = explode("-", $user['returndate']); } $returndatesel = $selected = ''; for($day = 1; $day <= 31; ++$day) { if($returndate[0] == $day) { $selected = "selected=\"selected\""; } else { $selected = ''; } eval("\$returndatesel .= \"".$templates->get("usercp_profile_day")."\";"); } $returndatemonthsel = array(); foreach(range(1, 12) as $month) { $returndatemonthsel[$month] = ''; } if(isset($returndate[1])) { $returndatemonthsel[$returndate[1]] = " selected=\"selected\""; } if(!isset($returndate[2])) { $returndate[2] = ''; } eval("\$awaysection = \"".$templates->get("usercp_profile_away")."\";"); } $plugins->run_hooks("modcp_editprofile_start"); // Fetch profile fields $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); $user_fields = $db->fetch_array($query); $requiredfields = ''; $customfields = ''; $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); $pfcache = $cache->read('profilefields'); if(is_array($pfcache)) { foreach($pfcache as $profilefield) { $userfield = $code = $select = $val = $options = $expoptions = $useropts = $seloptions = ''; $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); $thing = explode("\n", $profilefield['type'], "2"); $type = $thing[0]; if(isset($thing[1])) { $options = $thing[1]; } $field = "fid{$profilefield['fid']}"; if($errors) { if(isset($mybb->input['profile_fields'][$field])) { $userfield = $mybb->input['profile_fields'][$field]; } } else { $userfield = $user_fields[$field]; } if($type == "multiselect") { if($errors) { $useropts = $userfield; } else { $useropts = explode("\n", $userfield); } if(is_array($useropts)) { foreach($useropts as $key => $val) { $seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val]) { $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); } if(!$profilefield['length']) { $profilefield['length'] = 3; } eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";"); } } elseif($type == "select") { $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = ""; if($val == $userfield) { $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); } if(!$profilefield['length']) { $profilefield['length'] = 1; } eval("\$code = \"".$templates->get("usercp_profile_profilefields_select")."\";"); } } elseif($type == "radio") { $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $checked = ""; if($val == $userfield) { $checked = " checked=\"checked\""; } eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";"); } } } elseif($type == "checkbox") { if($errors) { $useropts = $userfield; } else { $useropts = explode("\n", $userfield); } if(is_array($useropts)) { foreach($useropts as $key => $val) { $seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $checked = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val]) { $checked = " checked=\"checked\""; } eval("\$code .= \"".$templates->get("usercp_profile_profilefields_checkbox")."\";"); } } } elseif($type == "textarea") { $value = htmlspecialchars_uni($userfield); eval("\$code = \"".$templates->get("usercp_profile_profilefields_textarea")."\";"); } else { $value = htmlspecialchars_uni($userfield); $maxlength = ""; if($profilefield['maxlength'] > 0) { $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; } eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";"); } if($profilefield['required'] == 1) { eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";"); } else { eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";"); } $altbg = alt_trow(); } } if($customfields) { eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";"); } $lang->edit_profile = $lang->sprintf($lang->edit_profile, $user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); $codebuttons = build_mycode_inserter("signature"); // Do we mark the suspend signature box? if($user['suspendsignature'] || ($mybb->get_input('suspendsignature', MyBB::INPUT_INT) && !empty($errors))) { $checked = 1; $checked_item = "checked=\"checked\""; } else { $checked = 0; $checked_item = ''; } // Do we mark the moderate posts box? if($user['moderateposts'] || ($mybb->get_input('moderateposting', MyBB::INPUT_INT) && !empty($errors))) { $modpost_check = 1; $modpost_checked = "checked=\"checked\""; } else { $modpost_check = 0; $modpost_checked = ''; } // Do we mark the suspend posts box? if($user['suspendposting'] || ($mybb->get_input('suspendposting', MyBB::INPUT_INT) && !empty($errors))) { $suspost_check = 1; $suspost_checked = "checked=\"checked\""; } else { $suspost_check = 0; $suspost_checked = ''; } $moderator_options = array( 1 => array( "action" => "suspendsignature", // The input action for this option "option" => "suspendsignature", // The field in the database that this option relates to "time" => "action_time", // The time we've entered "length" => "suspendsigtime", // The length of suspension field in the database "select_option" => "action" // The name of the select box of this option ), 2 => array( "action" => "moderateposting", "option" => "moderateposts", "time" => "modpost_time", "length" => "moderationtime", "select_option" => "modpost" ), 3 => array( "action" => "suspendposting", "option" => "suspendposting", "time" => "suspost_time", "length" => "suspensiontime", "select_option" => "suspost" ) ); $periods = array( "hours" => $lang->expire_hours, "days" => $lang->expire_days, "weeks" => $lang->expire_weeks, "months" => $lang->expire_months, "never" => $lang->expire_permanent ); $suspendsignature_info = $moderateposts_info = $suspendposting_info = ''; $action_options = $modpost_options = $suspost_options = ''; foreach($moderator_options as $option) { $mybb->input[$option['time']] = $mybb->get_input($option['time'], MyBB::INPUT_INT); // Display the suspension info, if this user has this option suspended if($user[$option['option']]) { if($user[$option['length']] == 0) { // User has a permanent ban $string = $option['option']."_perm"; $suspension_info = $lang->$string; } else { // User has a temporary (or limited) ban $string = $option['option']."_for"; $for_date = my_date('relative', $user[$option['length']], '', 2); $suspension_info = $lang->sprintf($lang->$string, $for_date); } switch($option['option']) { case "suspendsignature": eval("\$suspendsignature_info = \"".$templates->get("modcp_editprofile_suspensions_info")."\";"); break; case "moderateposts": eval("\$moderateposts_info = \"".$templates->get("modcp_editprofile_suspensions_info")."\";"); break; case "suspendposting": eval("\$suspendposting_info = \"".$templates->get("modcp_editprofile_suspensions_info")."\";"); break; } } // Generate the boxes for this option $selection_options = ''; foreach($periods as $key => $value) { $string = $option['select_option']."_period"; if($mybb->get_input($string) == $key) { $selected = "selected=\"selected\""; } else { $selected = ''; } eval("\$selection_options .= \"".$templates->get("modcp_editprofile_select_option")."\";"); } $select_name = $option['select_option']."_period"; switch($option['option']) { case "suspendsignature": eval("\$action_options = \"".$templates->get("modcp_editprofile_select")."\";"); break; case "moderateposts": eval("\$modpost_options = \"".$templates->get("modcp_editprofile_select")."\";"); break; case "suspendposting": eval("\$suspost_options = \"".$templates->get("modcp_editprofile_select")."\";"); break; } } eval("\$suspend_signature = \"".$templates->get("modcp_editprofile_signature")."\";"); if(!isset($newtitle)) { $newtitle = ''; } $plugins->run_hooks("modcp_editprofile_end"); eval("\$edituser = \"".$templates->get("modcp_editprofile")."\";"); output_page($edituser); } if($mybb->input['action'] == "finduser") { if($mybb->usergroup['caneditprofiles'] == 0) { error_no_permission(); } add_breadcrumb($lang->mcp_nav_users, "modcp.php?action=finduser"); $perpage = $mybb->get_input('perpage', MyBB::INPUT_INT); if(!$perpage || $perpage <= 0) { $perpage = $mybb->settings['threadsperpage']; } $where = ''; if(isset($mybb->input['username'])) { switch($db->type) { case 'mysql': case 'mysqli': $field = 'username'; break; default: $field = 'LOWER(username)'; break; } $where = " AND {$field} LIKE '%".my_strtolower($db->escape_string_like($mybb->get_input('username')))."%'"; } // Sort order & direction switch($mybb->get_input('sortby')) { case "lastvisit": $sortby = "lastvisit"; break; case "postnum": $sortby = "postnum"; break; case "username": $sortby = "username"; break; default: $sortby = "regdate"; } $sortbysel = array('lastvisit' => '', 'postnum' => '', 'username' => '', 'regdate' => ''); $sortbysel[$mybb->get_input('sortby')] = " selected=\"selected\""; $order = $mybb->get_input('order'); if($order != "asc") { $order = "desc"; } $ordersel = array('asc' => '', 'desc' => ''); $ordersel[$order] = " selected=\"selected\""; $query = $db->simple_select("users", "COUNT(uid) AS count", "1=1 {$where}"); $user_count = $db->fetch_field($query, "count"); // Figure out if we need to display multiple pages. if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page'); } $pages = $user_count / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $page_url = 'modcp.php?action=finduser'; foreach(array('username', 'sortby', 'order') as $field) { $mybb->input[$field] = urlencode($mybb->get_input($field)); if(!empty($mybb->input[$field])) { $page_url .= "&{$field}=".$mybb->input[$field]; } } $multipage = multipage($user_count, $perpage, $page, $page_url); $usergroups_cache = $cache->read("usergroups"); $plugins->run_hooks("modcp_finduser_start"); // Fetch out results $query = $db->simple_select("users", "*", "1=1 {$where}", array("order_by" => $sortby, "order_dir" => $order, "limit" => $perpage, "limit_start" => $start)); $users = ''; while($user = $db->fetch_array($query)) { $alt_row = alt_trow(); $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']); $user['postnum'] = my_number_format($user['postnum']); $regdate = my_date('relative', $user['regdate']); if($user['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $user['uid'] != $mybb->user['uid']) { $lastdate = $lang->lastvisit_never; if($user['lastvisit']) { // We have had at least some active time, hide it instead $lastdate = $lang->lastvisit_hidden; } } else { $lastdate = my_date('relative', $user['lastvisit']); } $usergroup = htmlspecialchars_uni($usergroups_cache[$user['usergroup']]['title']); eval("\$users .= \"".$templates->get("modcp_finduser_user")."\";"); } // No results? if(!$users) { eval("\$users = \"".$templates->get("modcp_finduser_noresults")."\";"); } $plugins->run_hooks("modcp_finduser_end"); eval("\$finduser = \"".$templates->get("modcp_finduser")."\";"); output_page($finduser); } if($mybb->input['action'] == "warninglogs") { if($mybb->usergroup['canviewwarnlogs'] == 0) { error_no_permission(); } add_breadcrumb($lang->mcp_nav_warninglogs, "modcp.php?action=warninglogs"); // Filter options $where_sql = ''; $mybb->input['filter'] = $mybb->get_input('filter', MyBB::INPUT_ARRAY); $mybb->input['search'] = $mybb->get_input('search', MyBB::INPUT_ARRAY); if(!empty($mybb->input['filter']['username'])) { $search_user = get_user_by_username($mybb->input['filter']['username']); $mybb->input['filter']['uid'] = (int)$search_user['uid']; $mybb->input['filter']['username'] = htmlspecialchars_uni($mybb->input['filter']['username']); } else { $mybb->input['filter']['username'] = ''; } if(!empty($mybb->input['filter']['uid'])) { $search['uid'] = (int)$mybb->input['filter']['uid']; $where_sql .= " AND w.uid='{$search['uid']}'"; if(!isset($mybb->input['search']['username'])) { $user = get_user($mybb->input['search']['uid']); $mybb->input['search']['username'] = htmlspecialchars_uni($user['username']); } } else { $mybb->input['filter']['uid'] = ''; } if(!empty($mybb->input['filter']['mod_username'])) { $mod_user = get_user_by_username($mybb->input['filter']['mod_username']); $mybb->input['filter']['mod_uid'] = (int)$mod_user['uid']; $mybb->input['filter']['mod_username'] = htmlspecialchars_uni($mybb->input['filter']['mod_username']); } else { $mybb->input['filter']['mod_username'] = ''; } if(!empty($mybb->input['filter']['mod_uid'])) { $search['mod_uid'] = (int)$mybb->input['filter']['mod_uid']; $where_sql .= " AND w.issuedby='{$search['mod_uid']}'"; if(!isset($mybb->input['search']['mod_username'])) { $mod_user = get_user($mybb->input['search']['uid']); $mybb->input['search']['mod_username'] = htmlspecialchars_uni($mod_user['username']); } } else { $mybb->input['filter']['mod_uid'] = ''; } if(!empty($mybb->input['filter']['reason'])) { $search['reason'] = $db->escape_string_like($mybb->input['filter']['reason']); $where_sql .= " AND (w.notes LIKE '%{$search['reason']}%' OR t.title LIKE '%{$search['reason']}%' OR w.title LIKE '%{$search['reason']}%')"; $mybb->input['filter']['reason'] = htmlspecialchars_uni($mybb->input['filter']['reason']); } else { $mybb->input['filter']['reason'] = ''; } $sortbysel = array('username' => '', 'expires' => '', 'issuedby' => '', 'dateline' => ''); if(!isset($mybb->input['filter']['sortby'])) { $mybb->input['filter']['sortby'] = ''; } switch($mybb->input['filter']['sortby']) { case "username": $sortby = "u.username"; $sortbysel['username'] = ' selected="selected"'; break; case "expires": $sortby = "w.expires"; $sortbysel['expires'] = ' selected="selected"'; break; case "issuedby": $sortby = "i.username"; $sortbysel['issuedby'] = ' selected="selected"'; break; default: // "dateline" $sortby = "w.dateline"; $sortbysel['dateline'] = ' selected="selected"'; } if(!isset($mybb->input['filter']['order'])) { $mybb->input['filter']['order'] = ''; } $order = $mybb->input['filter']['order']; $ordersel = array('asc' => '', 'desc' => ''); if($order != "asc") { $order = "desc"; $ordersel['desc'] = ' selected="selected"'; } else { $ordersel['asc'] = ' selected="selected"'; } $plugins->run_hooks("modcp_warninglogs_start"); // Pagination stuff $sql = " SELECT COUNT(wid) as count FROM ".TABLE_PREFIX."warnings w LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (w.tid=t.tid) WHERE 1=1 {$where_sql} "; $query = $db->query($sql); $total_warnings = $db->fetch_field($query, 'count'); $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page <= 0) { $page = 1; } $per_page = 20; if(isset($mybb->input['filter']['per_page']) && (int)$mybb->input['filter']['per_page'] > 0) { $per_page = (int)$mybb->input['filter']['per_page']; } $start = ($page-1) * $per_page; // Build the base URL for pagination links $url = 'modcp.php?action=warninglogs'; if(is_array($mybb->input['filter']) && count($mybb->input['filter'])) { foreach($mybb->input['filter'] as $field => $value) { $value = urlencode($value); $url .= "&filter[{$field}]={$value}"; } } $multipage = multipage($total_warnings, $per_page, $page, $url); // The actual query $sql = " SELECT w.wid, w.title as custom_title, w.points, w.dateline, w.issuedby, w.expires, w.expired, w.daterevoked, w.revokedby, t.title, u.uid, u.username, u.usergroup, u.displaygroup, i.uid as mod_uid, i.username as mod_username, i.usergroup as mod_usergroup, i.displaygroup as mod_displaygroup FROM ".TABLE_PREFIX."warnings w LEFT JOIN ".TABLE_PREFIX."users u ON (w.uid=u.uid) LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (w.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users i ON (i.uid=w.issuedby) WHERE 1=1 {$where_sql} ORDER BY {$sortby} {$order} LIMIT {$start}, {$per_page} "; $query = $db->query($sql); $warning_list = ''; while($row = $db->fetch_array($query)) { $trow = alt_trow(); $username = format_name($row['username'], $row['usergroup'], $row['displaygroup']); $username_link = build_profile_link($username, $row['uid']); $mod_username = format_name($row['mod_username'], $row['mod_usergroup'], $row['mod_displaygroup']); $mod_username_link = build_profile_link($mod_username, $row['mod_uid']); $issued_date = my_date($mybb->settings['dateformat'], $row['dateline']).' '.my_date($mybb->settings['timeformat'], $row['dateline']); $revoked_text = ''; if($row['daterevoked'] > 0) { $revoked_date = my_date('relative', $row['daterevoked']); eval("\$revoked_text = \"".$templates->get("modcp_warninglogs_warning_revoked")."\";"); } if($row['expires'] > 0) { $expire_date = my_date('relative', $row['expires'], '', 2); } else { $expire_date = $lang->never; } $title = $row['title']; if(empty($row['title'])) { $title = $row['custom_title']; } $title = htmlspecialchars_uni($title); if($row['points'] >= 0) { $points = '+'.$row['points']; } eval("\$warning_list .= \"".$templates->get("modcp_warninglogs_warning")."\";"); } if(!$warning_list) { eval("\$warning_list = \"".$templates->get("modcp_warninglogs_nologs")."\";"); } $plugins->run_hooks("modcp_warninglogs_end"); eval("\$warninglogs = \"".$templates->get("modcp_warninglogs")."\";"); output_page($warninglogs); } if($mybb->input['action'] == "ipsearch") { if($mybb->usergroup['canuseipsearch'] == 0) { error_no_permission(); } add_breadcrumb($lang->mcp_nav_ipsearch, "modcp.php?action=ipsearch"); $mybb->input['ipaddress'] = $mybb->get_input('ipaddress'); if($mybb->input['ipaddress']) { if(!is_array($groupscache)) { $groupscache = $cache->read("usergroups"); } $ipaddressvalue = htmlspecialchars_uni($mybb->input['ipaddress']); $ip_range = fetch_ip_range($mybb->input['ipaddress']); $post_results = $user_results = 0; // Searching post IP addresses if(isset($mybb->input['search_posts'])) { if($ip_range) { if(!is_array($ip_range)) { $post_ip_sql = "ipaddress=".$db->escape_binary($ip_range); } else { $post_ip_sql = "ipaddress BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]); } } $plugins->run_hooks("modcp_ipsearch_posts_start"); if($post_ip_sql) { $query = $db->simple_select('posts', 'COUNT(pid) AS count', "$post_ip_sql AND visible >= -1"); $post_results = $db->fetch_field($query, "count"); } } // Searching user IP addresses if(isset($mybb->input['search_users'])) { if($ip_range) { if(!is_array($ip_range)) { $user_ip_sql = "regip=".$db->escape_binary($ip_range)." OR lastip=".$db->escape_binary($ip_range); } else { $user_ip_sql = "regip BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1])." OR lastip BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]); } } $plugins->run_hooks("modcp_ipsearch_users_start"); if($user_ip_sql) { $query = $db->simple_select('users', 'COUNT(uid) AS count', $user_ip_sql); $user_results = $db->fetch_field($query, "count"); } } $total_results = $post_results+$user_results; if(!$total_results) { $total_results = 1; } // Now we have the result counts, paginate $perpage = $mybb->get_input('perpage', MyBB::INPUT_INT); if(!$perpage || $perpage <= 0) { $perpage = $mybb->settings['threadsperpage']; } // Figure out if we need to display multiple pages. if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } $pages = $total_results / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $page_url = "modcp.php?action=ipsearch&perpage={$perpage}"; foreach(array('ipaddress', 'search_users', 'search_posts') as $input) { if(!empty($mybb->input[$input])) { $page_url .= "&{$input}=".urlencode($mybb->input[$input]); } } $multipage = multipage($total_results, $perpage, $page, $page_url); $post_limit = $perpage; $results = ''; if(isset($mybb->input['search_users']) && $user_results && $start <= $user_results) { $query = $db->simple_select('users', 'username, uid, regip, lastip', $user_ip_sql, array('order_by' => 'regdate', 'order_dir' => 'DESC', 'limit_start' => $start, 'limit' => $perpage)); while($ipaddress = $db->fetch_array($query)) { $result = false; $profile_link = build_profile_link($ipaddress['username'], $ipaddress['uid']); $trow = alt_trow(); $ip = false; if(is_array($ip_range)) { if(strcmp($ip_range[0], $ipaddress['regip']) <= 0 && strcmp($ip_range[1], $ipaddress['regip']) >= 0) { eval("\$subject = \"".$templates->get("modcp_ipsearch_result_regip")."\";"); $ip = my_inet_ntop($db->unescape_binary($ipaddress['regip'])); } elseif(strcmp($ip_range[0], $ipaddress['lastip']) <= 0 && strcmp($ip_range[1], $ipaddress['lastip']) >= 0) { eval("\$subject = \"".$templates->get("modcp_ipsearch_result_lastip")."\";"); $ip = my_inet_ntop($db->unescape_binary($ipaddress['lastip'])); } } elseif($ipaddress['regip'] == $ip_range) { eval("\$subject = \"".$templates->get("modcp_ipsearch_result_regip")."\";"); $ip = my_inet_ntop($db->unescape_binary($ipaddress['regip'])); } elseif($ipaddress['lastip'] == $ip_range) { eval("\$subject = \"".$templates->get("modcp_ipsearch_result_lastip")."\";"); $ip = my_inet_ntop($db->unescape_binary($ipaddress['lastip'])); } if($ip) { eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";"); $result = true; } if($result) { --$post_limit; } } } $post_start = 0; if($total_results > $user_results && $post_limit) { $post_start = $start-$user_results; if($post_start < 0) { $post_start = 0; } } if(isset($mybb->input['search_posts']) && $post_results && (!isset($mybb->input['search_users']) || (isset($mybb->input['search_users']) && $post_limit > 0))) { $ipaddresses = $tids = $uids = array(); $query = $db->simple_select('posts', 'username AS postusername, uid, subject, pid, tid, ipaddress', "$post_ip_sql AND visible >= -1", array('order_by' => 'dateline', 'order_dir' => 'DESC', 'limit_start' => $post_start, 'limit' => $post_limit)); while($ipaddress = $db->fetch_array($query)) { $tids[$ipaddress['tid']] = $ipaddress['pid']; $uids[$ipaddress['uid']] = $ipaddress['pid']; $ipaddresses[$ipaddress['pid']] = $ipaddress; } if(!empty($ipaddresses)) { $query = $db->simple_select("threads", "subject, tid", "tid IN(".implode(',', array_keys($tids)).")"); while($thread = $db->fetch_array($query)) { $ipaddresses[$tids[$thread['tid']]]['threadsubject'] = $thread['subject']; } unset($tids); $query = $db->simple_select("users", "username, uid", "uid IN(".implode(',', array_keys($uids)).")"); while($user = $db->fetch_array($query)) { $ipaddresses[$uids[$user['uid']]]['username'] = $user['username']; } unset($uids); foreach($ipaddresses as $ipaddress) { $ip = my_inet_ntop($db->unescape_binary($ipaddress['ipaddress'])); if(!$ipaddress['username']) $ipaddress['username'] = $ipaddress['postusername']; // Guest username support $trow = alt_trow(); if(!$ipaddress['subject']) { $ipaddress['subject'] = "RE: {$ipaddress['threadsubject']}"; } $ipaddress['postlink'] = get_post_link($ipaddress['pid'], $ipaddress['tid']); $ipaddress['subject'] = htmlspecialchars_uni($ipaddress['subject']); $ipaddress['profilelink'] = build_profile_link($ipaddress['username'], $ipaddress['uid']); eval("\$subject = \"".$templates->get("modcp_ipsearch_result_post")."\";"); eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";"); } } } if(!$results) { eval("\$results = \"".$templates->get("modcp_ipsearch_noresults")."\";"); } if($ipaddressvalue) { $lang->ipsearch_results = $lang->sprintf($lang->ipsearch_results, $ipaddressvalue); } else { $lang->ipsearch_results = $lang->ipsearch; } $ipaddress = $ipaddress_url = $misc_info_link = ''; if(!strstr($mybb->input['ipaddress'], "*") && !strstr($mybb->input['ipaddress'], "/")) { $ipaddress = htmlspecialchars_uni($mybb->input['ipaddress']); $ipaddress_url = urlencode($mybb->input['ipaddress']); eval("\$misc_info_link = \"".$templates->get("modcp_ipsearch_results_information")."\";"); } eval("\$ipsearch_results = \"".$templates->get("modcp_ipsearch_results")."\";"); } // Fetch filter options if(!$mybb->input['ipaddress']) { $mybb->input['search_posts'] = 1; $mybb->input['search_users'] = 1; } $usersearchselect = $postsearchselect = ''; if(isset($mybb->input['search_posts'])) { $postsearchselect = "checked=\"checked\""; } if(isset($mybb->input['search_users'])) { $usersearchselect = "checked=\"checked\""; } $plugins->run_hooks("modcp_ipsearch_end"); eval("\$ipsearch = \"".$templates->get("modcp_ipsearch")."\";"); output_page($ipsearch); } if($mybb->input['action'] == "iplookup") { if($mybb->usergroup['canuseipsearch'] == 0) { error_no_permission(); } $mybb->input['ipaddress'] = $mybb->get_input('ipaddress'); $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress'])); $ipaddress_location = $lang->na; $ipaddress_host_name = $lang->na; $modcp_ipsearch_misc_info = ''; if(!strstr($mybb->input['ipaddress'], "*")) { // Return GeoIP information if it is available to us if(function_exists('geoip_record_by_name')) { $ip_record = @geoip_record_by_name($mybb->input['ipaddress']); if($ip_record) { $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name'])); if($ip_record['city']) { $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city'])); } } } $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress'])); // gethostbyaddr returns the same ip on failure if($ipaddress_host_name == $mybb->input['ipaddress']) { $ipaddress_host_name = $lang->na; } } $plugins->run_hooks("modcp_iplookup_end"); eval("\$iplookup = \"".$templates->get('modcp_ipsearch_misc_info', 1, 0)."\";"); echo($iplookup); exit; } if($mybb->input['action'] == "banning") { if($mybb->usergroup['canbanusers'] == 0) { error_no_permission(); } add_breadcrumb($lang->mcp_nav_banning, "modcp.php?action=banning"); if(!$mybb->settings['threadsperpage']) { $mybb->settings['threadsperpage'] = 20; } // Figure out if we need to display multiple pages. $perpage = $mybb->settings['threadsperpage']; if($mybb->get_input('page') != "last") { $page = $mybb->get_input('page', MyBB::INPUT_INT); } $query = $db->simple_select("banned", "COUNT(uid) AS count"); $banned_count = $db->fetch_field($query, "count"); $postcount = (int)$banned_count; $pages = $postcount / $perpage; $pages = ceil($pages); if($mybb->get_input('page') == "last") { $page = $pages; } if($page > $pages || $page <= 0) { $page = 1; } if($page) { $start = ($page-1) * $perpage; } else { $start = 0; $page = 1; } $upper = $start+$perpage; $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=banning"); $plugins->run_hooks("modcp_banning_start"); $query = $db->query(" SELECT b.*, a.username AS adminuser, u.username FROM ".TABLE_PREFIX."banned b LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) LEFT JOIN ".TABLE_PREFIX."users a ON (b.admin=a.uid) ORDER BY dateline DESC LIMIT {$start}, {$perpage} "); // Get the banned users $bannedusers = ''; while($banned = $db->fetch_array($query)) { $profile_link = build_profile_link($banned['username'], $banned['uid']); // Only show the edit & lift links if current user created ban, or is super mod/admin $edit_link = ''; if($mybb->user['uid'] == $banned['admin'] || !$banned['adminuser'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1) { eval("\$edit_link = \"".$templates->get("modcp_banning_edit")."\";"); } $admin_profile = build_profile_link($banned['adminuser'], $banned['admin']); $trow = alt_trow(); if($banned['reason']) { $banned['reason'] = htmlspecialchars_uni($parser->parse_badwords($banned['reason'])); } else { $banned['reason'] = $lang->na; } if($banned['lifted'] == 'perm' || $banned['lifted'] == '' || $banned['bantime'] == 'perm' || $banned['bantime'] == '---') { $banlength = $lang->permanent; $timeremaining = $lang->na; } else { $banlength = $bantimes[$banned['bantime']]; $remaining = $banned['lifted']-TIME_NOW; $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; if($remaining < 3600) { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } else if($remaining < 86400) { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } else if($remaining < 604800) { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } else { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } } eval("\$bannedusers .= \"".$templates->get("modcp_banning_ban")."\";"); } if(!$bannedusers) { eval("\$bannedusers = \"".$templates->get("modcp_banning_nobanned")."\";"); } $plugins->run_hooks("modcp_banning"); eval("\$bannedpage = \"".$templates->get("modcp_banning")."\";"); output_page($bannedpage); } if($mybb->input['action'] == "liftban") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->usergroup['canbanusers'] == 0) { error_no_permission(); } $query = $db->simple_select("banned", "*", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); $ban = $db->fetch_array($query); if(!$ban) { error($lang->error_invalidban); } // Permission to edit this ban? if($mybb->user['uid'] != $ban['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1) { error_no_permission(); } $plugins->run_hooks("modcp_liftban_start"); $query = $db->simple_select("users", "username", "uid = '{$ban['uid']}'"); $username = $db->fetch_field($query, "username"); $updated_group = array( 'usergroup' => $ban['oldgroup'], 'additionalgroups' => $ban['oldadditionalgroups'], 'displaygroup' => $ban['olddisplaygroup'] ); $db->update_query("users", $updated_group, "uid='{$ban['uid']}'"); $db->delete_query("banned", "uid='{$ban['uid']}'"); $cache->update_banned(); $cache->update_moderators(); log_moderator_action(array("uid" => $ban['uid'], "username" => $username), $lang->lifted_ban); $plugins->run_hooks("modcp_liftban_end"); redirect("modcp.php?action=banning", $lang->redirect_banlifted); } if($mybb->input['action'] == "do_banuser" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->usergroup['canbanusers'] == 0) { error_no_permission(); } // Editing an existing ban if($mybb->get_input('uid', MyBB::INPUT_INT)) { // Get the users info from their uid $query = $db->query(" SELECT b.*, u.uid, u.username, u.usergroup, u.additionalgroups, u.displaygroup FROM ".TABLE_PREFIX."banned b LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) WHERE b.uid='{$mybb->input['uid']}' "); $user = $db->fetch_array($query); $existing_ban = false; if($user['uid']) { $existing_ban = true; } // Permission to edit this ban? if($existing_ban && $mybb->user['uid'] != $user['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1) { error_no_permission(); } } // Creating a new ban if(!$existing_ban) { // Get the users info from their Username $options = array( 'fields' => array('username', 'usergroup', 'additionalgroups', 'displaygroup') ); $user = get_user_by_username($mybb->input['username'], $options); if(!$user['uid']) { $errors[] = $lang->invalid_username; } } if($user['uid'] == $mybb->user['uid']) { $errors[] = $lang->error_cannotbanself; } // Have permissions to ban this user? if(!modcp_can_manage_user($user['uid'])) { $errors[] = $lang->error_cannotbanuser; } // Check for an incoming reason if(empty($mybb->input['banreason'])) { $errors[] = $lang->error_nobanreason; } // Check banned group $usergroups_cache = $cache->read('usergroups'); $usergroup = $usergroups_cache[$mybb->get_input('usergroup', MyBB::INPUT_INT)]; $query = $db->simple_select("usergroups", "gid", "isbannedgroup=1 AND gid='".$mybb->get_input('usergroup', MyBB::INPUT_INT)."'"); if(empty($usergroup['gid']) || empty($usergroup['isbannedgroup'])) { $errors[] = $lang->error_nobangroup; } // If this is a new ban, we check the user isn't already part of a banned group if(!$existing_ban && $user['uid']) { $query = $db->simple_select("banned", "uid", "uid='{$user['uid']}'"); if($db->fetch_field($query, "uid")) { $errors[] = $lang->error_useralreadybanned; } } $plugins->run_hooks("modcp_do_banuser_start"); // Still no errors? Ban the user if(!$errors) { // Ban the user if($mybb->get_input('liftafter') == '---') { $lifted = 0; } else { if(!isset($user['dateline'])) { $user['dateline'] = 0; } $lifted = ban_date2timestamp($mybb->get_input('liftafter'), $user['dateline']); } $banreason = my_substr($mybb->get_input('banreason'), 0, 255); if($existing_ban) { $update_array = array( 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 'dateline' => TIME_NOW, 'bantime' => $db->escape_string($mybb->get_input('liftafter')), 'lifted' => $db->escape_string($lifted), 'reason' => $db->escape_string($banreason) ); $db->update_query('banned', $update_array, "uid='{$user['uid']}'"); } else { $insert_array = array( 'uid' => $user['uid'], 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 'oldgroup' => (int)$user['usergroup'], 'oldadditionalgroups' => (string)$user['additionalgroups'], 'olddisplaygroup' => (int)$user['displaygroup'], 'admin' => (int)$mybb->user['uid'], 'dateline' => TIME_NOW, 'bantime' => $db->escape_string($mybb->get_input('liftafter')), 'lifted' => $db->escape_string($lifted), 'reason' => $db->escape_string($banreason) ); $db->insert_query('banned', $insert_array); } // Move the user to the banned group $update_array = array( 'usergroup' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 'displaygroup' => 0, 'additionalgroups' => '', ); $db->update_query('users', $update_array, "uid = {$user['uid']}"); $cache->update_banned(); // Log edit or add ban if($existing_ban) { log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->edited_user_ban); } else { log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->banned_user); } $plugins->run_hooks("modcp_do_banuser_end"); if($existing_ban) { redirect("modcp.php?action=banning", $lang->redirect_banuser_updated); } else { redirect("modcp.php?action=banning", $lang->redirect_banuser); } } // Otherwise has errors, throw back to ban page else { $mybb->input['action'] = "banuser"; } } if($mybb->input['action'] == "banuser") { add_breadcrumb($lang->mcp_nav_banning, "modcp.php?action=banning"); if($mybb->usergroup['canbanusers'] == 0) { error_no_permission(); } $mybb->input['uid'] = $mybb->get_input('uid', MyBB::INPUT_INT); if($mybb->input['uid']) { add_breadcrumb($lang->mcp_nav_ban_user); } else { add_breadcrumb($lang->mcp_nav_editing_ban); } $plugins->run_hooks("modcp_banuser_start"); $banuser_username = ''; $banreason = ''; // If incoming user ID, we are editing a ban if($mybb->input['uid']) { $query = $db->query(" SELECT b.*, u.username, u.uid FROM ".TABLE_PREFIX."banned b LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) WHERE b.uid='{$mybb->input['uid']}' "); $banned = $db->fetch_array($query); if($banned['username']) { $username = htmlspecialchars_uni($banned['username']); $banreason = htmlspecialchars_uni($banned['reason']); $uid = $mybb->input['uid']; $user = get_user($banned['uid']); $lang->ban_user = $lang->edit_ban; // Swap over lang variables eval("\$banuser_username = \"".$templates->get("modcp_banuser_editusername")."\";"); } } // Permission to edit this ban? if($banned['uid'] && $mybb->user['uid'] != $banned['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1) { error_no_permission(); } // New ban! if(!$banuser_username) { if($mybb->input['uid']) { $user = get_user($mybb->input['uid']); $username = $user['username']; } else { $username = htmlspecialchars_uni($mybb->get_input('username')); } eval("\$banuser_username = \"".$templates->get("modcp_banuser_addusername")."\";"); } // Coming back to this page from an error? if($errors) { $errors = inline_error($errors); $banned = array( "bantime" => $mybb->get_input('liftafter'), "reason" => $mybb->get_input('reason'), "gid" => $mybb->get_input('gid', MyBB::INPUT_INT) ); $banreason = htmlspecialchars_uni($mybb->get_input('banreason')); } // Generate the banned times dropdown $liftlist = ''; foreach($bantimes as $time => $title) { $selected = ''; if(isset($banned['bantime']) && $banned['bantime'] == $time) { $selected = " selected=\"selected\""; } $thattime = ''; if($time != '---') { $dateline = TIME_NOW; if(isset($banned['dateline'])) { $dateline = $banned['dateline']; } $thatime = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time, $dateline)); $thattime = " ({$thatime})"; } eval("\$liftlist .= \"".$templates->get("modcp_banuser_liftlist")."\";"); } $bangroup_option = $bangroups = ''; $numgroups = $banned_group = 0; $groupscache = $cache->read("usergroups"); foreach($groupscache as $key => $group) { if($group['isbannedgroup']) { $selected = ""; if(isset($banned['gid']) && $banned['gid'] == $group['gid']) { $selected = " selected=\"selected\""; } $group['title'] = htmlspecialchars_uni($group['title']); eval("\$bangroup_option .= \"".$templates->get("modcp_banuser_bangroups_group")."\";"); $banned_group = $group['gid']; ++$numgroups; } } if($numgroups == 0) { error($lang->no_banned_group); } elseif($numgroups > 1) { eval("\$bangroups = \"".$templates->get("modcp_banuser_bangroups")."\";"); } else { eval("\$bangroups = \"".$templates->get("modcp_banuser_bangroups_hidden")."\";"); } if(!empty($banned['uid'])) { eval("\$lift_link = \"".$templates->get("modcp_banuser_lift")."\";"); $uid = $banned['uid']; } else { $lift_link = ''; $uid = 0; } $plugins->run_hooks("modcp_banuser_end"); eval("\$banuser = \"".$templates->get("modcp_banuser")."\";"); output_page($banuser); } if($mybb->input['action'] == "do_modnotes") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $plugins->run_hooks("modcp_do_modnotes_start"); // Update Moderator Notes cache $update_cache = array( "modmessage" => $mybb->get_input('modnotes') ); $cache->update("modnotes", $update_cache); $plugins->run_hooks("modcp_do_modnotes_end"); redirect("modcp.php", $lang->redirect_modnotes); } if(!$mybb->input['action']) { $awaitingattachments = $awaitingposts = $awaitingthreads = $awaitingmoderation = ''; if($mybb->usergroup['canmanagemodqueue'] == 1) { if($mybb->settings['enableattachments'] == 1 && ($nummodqueueattach > 0 || $mybb->usergroup['issupermod'] == 1)) { if($nummodqueueposts > 0 || $mybb->usergroup['issupermod'] == 1) { $bgcolor = "trow1"; } else { $bgcolor = "trow2"; } $query = $db->query(" SELECT COUNT(aid) AS unapprovedattachments FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.visible='0' {$tflist} "); $unapproved_attachments = $db->fetch_field($query, "unapprovedattachments"); if($unapproved_attachments > 0) { $query = $db->query(" SELECT t.tid, p.pid, p.uid, t.username, a.filename, a.dateuploaded FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.visible='0' {$tflist} ORDER BY a.dateuploaded DESC LIMIT 1 "); $attachment = $db->fetch_array($query); $attachment['date'] = my_date('relative', $attachment['dateuploaded']); $attachment['profilelink'] = build_profile_link($attachment['username'], $attachment['uid']); $attachment['link'] = get_post_link($attachment['pid'], $attachment['tid']); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); $unapproved_attachments = my_number_format($unapproved_attachments); eval("\$latest_attachment = \"".$templates->get("modcp_lastattachment")."\";"); } else { eval("\$latest_attachment = \"".$templates->get("modcp_awaitingmoderation_none")."\";"); } eval("\$awaitingattachments = \"".$templates->get("modcp_awaitingattachments")."\";"); } if($nummodqueueposts > 0 || $mybb->usergroup['issupermod'] == 1) { $query = $db->query(" SELECT COUNT(pid) AS unapprovedposts FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid "); $unapproved_posts = $db->fetch_field($query, "unapprovedposts"); if($unapproved_posts > 0) { $query = $db->query(" SELECT p.pid, p.tid, p.subject, p.uid, p.username, p.dateline FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid ORDER BY p.dateline DESC LIMIT 1 "); $post = $db->fetch_array($query); $post['date'] = my_date('relative', $post['dateline']); $post['profilelink'] = build_profile_link($post['username'], $post['uid']); $post['link'] = get_post_link($post['pid'], $post['tid']); $post['subject'] = $post['fullsubject'] = $parser->parse_badwords($post['subject']); if(my_strlen($post['subject']) > 25) { $post['subject'] = my_substr($post['subject'], 0, 25)."..."; } $post['subject'] = htmlspecialchars_uni($post['subject']); $post['fullsubject'] = htmlspecialchars_uni($post['fullsubject']); $unapproved_posts = my_number_format($unapproved_posts); eval("\$latest_post = \"".$templates->get("modcp_lastpost")."\";"); } else { eval("\$latest_post = \"".$templates->get("modcp_awaitingmoderation_none")."\";"); } eval("\$awaitingposts = \"".$templates->get("modcp_awaitingposts")."\";"); } if($nummodqueuethreads > 0 || $mybb->usergroup['issupermod'] == 1) { $query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible='0' {$flist_queue_threads}"); $unapproved_threads = $db->fetch_field($query, "unapprovedthreads"); if($unapproved_threads > 0) { $query = $db->simple_select("threads", "tid, subject, uid, username, dateline", "visible='0' {$flist_queue_threads}", array('order_by' => 'dateline', 'order_dir' => 'DESC', 'limit' => 1)); $thread = $db->fetch_array($query); $thread['date'] = my_date('relative', $thread['dateline']); $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); $thread['link'] = get_thread_link($thread['tid']); $thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']); if(my_strlen($thread['subject']) > 25) { $post['subject'] = my_substr($thread['subject'], 0, 25)."..."; } $thread['subject'] = htmlspecialchars_uni($thread['subject']); $thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']); $unapproved_threads = my_number_format($unapproved_threads); eval("\$latest_thread = \"".$templates->get("modcp_lastthread")."\";"); } else { eval("\$latest_thread = \"".$templates->get("modcp_awaitingmoderation_none")."\";"); } eval("\$awaitingthreads = \"".$templates->get("modcp_awaitingthreads")."\";"); } if(!empty($awaitingattachments) || !empty($awaitingposts) || !empty($awaitingthreads)) { eval("\$awaitingmoderation = \"".$templates->get("modcp_awaitingmoderation")."\";"); } } $latestfivemodactions = ''; if(($nummodlogs > 0 || $mybb->usergroup['issupermod'] == 1) && $mybb->usergroup['canviewmodlogs'] == 1) { $where = ''; if($tflist_modlog) { $where = "WHERE (t.fid <> 0 {$tflist_modlog}) OR (!l.fid)"; } $query = $db->query(" SELECT l.*, u.username, u.usergroup, u.displaygroup, t.subject AS tsubject, f.name AS fname, p.subject AS psubject FROM ".TABLE_PREFIX."moderatorlog l LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=l.uid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=l.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=l.fid) LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=l.pid) {$where} ORDER BY l.dateline DESC LIMIT 5 "); $modlogresults = ''; while($logitem = $db->fetch_array($query)) { $information = ''; $logitem['action'] = htmlspecialchars_uni($logitem['action']); $log_date = my_date('relative', $logitem['dateline']); $trow = alt_trow(); $username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']); $logitem['profilelink'] = build_profile_link($username, $logitem['uid']); $logitem['ipaddress'] = my_inet_ntop($db->unescape_binary($logitem['ipaddress'])); if($logitem['tsubject']) { $logitem['tsubject'] = htmlspecialchars_uni($logitem['tsubject']); $logitem['thread'] = get_thread_link($logitem['tid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_thread")."\";"); } if($logitem['fname']) { $logitem['forum'] = get_forum_link($logitem['fid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_forum")."\";"); } if($logitem['psubject']) { $logitem['psubject'] = htmlspecialchars_uni($logitem['psubject']); $logitem['post'] = get_post_link($logitem['pid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_post")."\";"); } // Edited a user or managed announcement? if(!$logitem['tsubject'] || !$logitem['fname'] || !$logitem['psubject']) { $data = my_unserialize($logitem['data']); if($data['uid']) { $information = $lang->sprintf($lang->edited_user_info, htmlspecialchars_uni($data['username']), get_profile_link($data['uid'])); } if($data['aid']) { $data['subject'] = htmlspecialchars_uni($data['subject']); $data['announcement'] = get_announcement_link($data['aid']); eval("\$information .= \"".$templates->get("modcp_modlogs_result_announcement")."\";"); } } eval("\$modlogresults .= \"".$templates->get("modcp_modlogs_result")."\";"); } if(!$modlogresults) { eval("\$modlogresults = \"".$templates->get("modcp_modlogs_nologs")."\";"); } eval("\$latestfivemodactions = \"".$templates->get("modcp_latestfivemodactions")."\";"); } $query = $db->query(" SELECT b.*, a.username AS adminuser, u.username FROM ".TABLE_PREFIX."banned b LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) LEFT JOIN ".TABLE_PREFIX."users a ON (b.admin=a.uid) WHERE b.bantime != '---' AND b.bantime != 'perm' ORDER BY lifted ASC LIMIT 5 "); $banned_cache = array(); while($banned = $db->fetch_array($query)) { $banned['remaining'] = $banned['lifted']-TIME_NOW; $banned_cache[$banned['remaining'].$banned['uid']] = $banned; unset($banned); } // Get the banned users $bannedusers = ''; foreach($banned_cache as $banned) { $profile_link = build_profile_link($banned['username'], $banned['uid']); // Only show the edit & lift links if current user created ban, or is super mod/admin $edit_link = ''; if($mybb->user['uid'] == $banned['admin'] || !$banned['adminuser'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1) { eval("\$edit_link = \"".$templates->get("modcp_banning_edit")."\";"); } $admin_profile = build_profile_link($banned['adminuser'], $banned['admin']); $trow = alt_trow(); if($banned['reason']) { $banned['reason'] = htmlspecialchars_uni($parser->parse_badwords($banned['reason'])); } else { $banned['reason'] = $lang->na; } if($banned['lifted'] == 'perm' || $banned['lifted'] == '' || $banned['bantime'] == 'perm' || $banned['bantime'] == '---') { $banlength = $lang->permanent; $timeremaining = $lang->na; } else { $banlength = $bantimes[$banned['bantime']]; $remaining = $banned['remaining']; $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; if($remaining <= 0) { $timeremaining = "({$lang->ban_ending_imminently})"; } else if($remaining < 3600) { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } else if($remaining < 86400) { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } else if($remaining < 604800) { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } else { $timeremaining = "({$timeremaining} {$lang->ban_remaining})"; } } eval("\$bannedusers .= \"".$templates->get("modcp_banning_ban")."\";"); } if(!$bannedusers) { eval("\$bannedusers = \"".$templates->get("modcp_nobanned")."\";"); } $modnotes = $cache->read("modnotes"); $modnotes = htmlspecialchars_uni($modnotes['modmessage']); $plugins->run_hooks("modcp_end"); eval("\$modcp = \"".$templates->get("modcp")."\";"); output_page($modcp); }