diff -r 000000000000 -r f9ffdbd96607 punbb/moderate.php
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/punbb/moderate.php Wed Jul 11 21:01:48 2007 -0400
@@ -0,0 +1,716 @@
+ PUN_MOD)
+ message($lang_common['No permission']);
+
+ // Is get_host an IP address or a post ID?
+ if (@preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_GET['get_host']))
+ $ip = $_GET['get_host'];
+ else
+ {
+ $get_host = intval($_GET['get_host']);
+ if ($get_host < 1)
+ message($lang_common['Bad request']);
+
+ $result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE id='.$get_host) or error('Unable to fetch post IP address', __FILE__, __LINE__, $db->error());
+ if (!$db->num_rows($result))
+ message($lang_common['Bad request']);
+
+ $ip = $db->result($result);
+ }
+
+ message('The IP address is: '.$ip.'
The host name is: '.@gethostbyaddr($ip).'
Show more users for this IP');
+}
+
+
+// All other functions require moderator/admin access
+$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+if ($fid < 1)
+ message($lang_common['Bad request']);
+
+$result = $db->query('SELECT moderators FROM '.$db->prefix.'forums WHERE id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
+
+$moderators = $db->result($result);
+$mods_array = ($moderators != '') ? unserialize($moderators) : array();
+
+if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_id'] != PUN_MOD || !array_key_exists($pun_user['username'], $mods_array)))
+ message($lang_common['No permission']);
+
+
+// Load the misc.php language file
+require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
+
+
+// All other topic moderation features require a topic id in GET
+if (isset($_GET['tid']))
+{
+ $tid = intval($_GET['tid']);
+ if ($tid < 1)
+ message($lang_common['Bad request']);
+
+ // Fetch some info about the topic
+ $result = $db->query('SELECT t.subject, t.num_replies, f.id AS forum_id, forum_name FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'subscriptions AS s ON (t.id=s.topic_id AND s.user_id='.$pun_user['id'].') LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid.' AND t.id='.$tid.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
+ if (!$db->num_rows($result))
+ message($lang_common['Bad request']);
+
+ $cur_topic = $db->fetch_assoc($result);
+
+
+ // Delete one or more posts
+ if (isset($_POST['delete_posts']) || isset($_POST['delete_posts_comply']))
+ {
+ $posts = $_POST['posts'];
+ if (empty($posts))
+ message($lang_misc['No posts selected']);
+
+ if (isset($_POST['delete_posts_comply']))
+ {
+ confirm_referrer('moderate.php');
+
+ if (@preg_match('/[^0-9,]/', $posts))
+ message($lang_common['Bad request']);
+
+ // Verify that the post IDs are valid
+ $result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
+
+ if ($db->num_rows($result) != substr_count($posts, ',') + 1)
+ message($lang_common['Bad request']);
+
+ // Delete the posts
+ $db->query('DELETE FROM '.$db->prefix.'posts WHERE id IN('.$posts.')') or error('Unable to delete posts', __FILE__, __LINE__, $db->error());
+
+ require PUN_ROOT.'include/search_idx.php';
+ strip_search_index($posts);
+
+ // Get last_post, last_post_id, and last_poster for the topic after deletion
+ $result = $db->query('SELECT id, poster, posted FROM '.$db->prefix.'posts WHERE topic_id='.$tid.' ORDER BY id DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
+ $last_post = $db->fetch_assoc($result);
+
+ // How many posts did we just delete?
+ $num_posts_deleted = substr_count($posts, ',') + 1;
+
+ // Update the topic
+ $db->query('UPDATE '.$db->prefix.'topics SET last_post='.$last_post['posted'].', last_post_id='.$last_post['id'].', last_poster=\''.$db->escape($last_post['poster']).'\', num_replies=num_replies-'.$num_posts_deleted.' WHERE id='.$tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
+
+ update_forum($fid);
+
+ redirect('viewtopic.php?id='.$tid, $lang_misc['Delete posts redirect']);
+ }
+
+
+ $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Moderate'];
+ require PUN_ROOT.'header.php';
+
+?>
+
+ $num_pages) ? 1 : $_GET['p'];
+ $start_from = $pun_user['disp_posts'] * ($p - 1);
+
+ // Generate paging links
+ $paging_links = $lang_common['Pages'].': '.paginate($num_pages, $p, 'moderate.php?fid='.$fid.'&tid='.$tid);
+
+
+ if ($pun_config['o_censoring'] == '1')
+ $cur_topic['subject'] = censor_words($cur_topic['subject']);
+
+
+ $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$cur_topic['subject'];
+ require PUN_ROOT.'header.php';
+
+?>
+
+
+
+query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.implode(',',$topics).') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
+
+ if ($db->num_rows($result) != count($topics))
+ message($lang_common['Bad request']);
+
+ // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from)
+ $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());
+
+ // Move the topic(s)
+ $db->query('UPDATE '.$db->prefix.'topics SET forum_id='.$move_to_forum.' WHERE id IN('.implode(',',$topics).')') or error('Unable to move topics', __FILE__, __LINE__, $db->error());
+
+ // Should we create redirect topics?
+ if (isset($_POST['with_redirect']))
+ {
+ while (list(, $cur_topic) = @each($topics))
+ {
+ // Fetch info for the redirect topic
+ $result = $db->query('SELECT poster, subject, posted, last_post FROM '.$db->prefix.'topics WHERE id='.$cur_topic) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
+ $moved_to = $db->fetch_assoc($result);
+
+ // Create the redirect topic
+ $db->query('INSERT INTO '.$db->prefix.'topics (poster, subject, posted, last_post, moved_to, forum_id) VALUES(\''.$db->escape($moved_to['poster']).'\', \''.$db->escape($moved_to['subject']).'\', '.$moved_to['posted'].', '.$moved_to['last_post'].', '.$cur_topic.', '.$fid.')') or error('Unable to create redirect topic', __FILE__, __LINE__, $db->error());
+ }
+ }
+
+ update_forum($fid); // Update the forum FROM which the topic was moved
+ update_forum($move_to_forum); // Update the forum TO which the topic was moved
+
+ $redirect_msg = (count($topics) > 1) ? $lang_misc['Move topics redirect'] : $lang_misc['Move topic redirect'];
+ redirect('viewforum.php?id='.$move_to_forum, $redirect_msg);
+ }
+
+ if (isset($_POST['move_topics']))
+ {
+ $topics = isset($_POST['topics']) ? $_POST['topics'] : array();
+ if (empty($topics))
+ message($lang_misc['No topics selected']);
+
+ $topics = implode(',', array_keys($topics));
+ $action = 'multi';
+ }
+ else
+ {
+ $topics = intval($_GET['move_topics']);
+ if ($topics < 1)
+ message($lang_common['Bad request']);
+
+ $action = 'single';
+ }
+
+ $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Moderate';
+ require PUN_ROOT.'header.php';
+
+?>
+
+query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.$topics.') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
+
+ if ($db->num_rows($result) != substr_count($topics, ',') + 1)
+ message($lang_common['Bad request']);
+
+ // Delete the topics and any redirect topics
+ $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());
+
+ // Delete any subscriptions
+ $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE topic_id IN('.$topics.')') or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());
+
+ // Create a list of the post ID's in this topic and then strip the search index
+ $result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id IN('.$topics.')') or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
+
+ $post_ids = '';
+ while ($row = $db->fetch_row($result))
+ $post_ids .= ($post_ids != '') ? ','.$row[0] : $row[0];
+
+ // We have to check that we actually have a list of post ID's since we could be deleting just a redirect topic
+ if ($post_ids != '')
+ strip_search_index($post_ids);
+
+ // Delete posts
+ $db->query('DELETE FROM '.$db->prefix.'posts WHERE topic_id IN('.$topics.')') or error('Unable to delete posts', __FILE__, __LINE__, $db->error());
+
+ update_forum($fid);
+
+ redirect('viewforum.php?id='.$fid, $lang_misc['Delete topics redirect']);
+ }
+
+
+ $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Moderate'];
+ require PUN_ROOT.'header.php';
+
+?>
+
+query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).') AND forum_id='.$fid) or error('Unable to close topics', __FILE__, __LINE__, $db->error());
+
+ $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect'];
+ redirect('moderate.php?fid='.$fid, $redirect_msg);
+ }
+ // Or just one in $_GET
+ else
+ {
+ confirm_referrer('viewtopic.php');
+
+ $topic_id = ($action) ? intval($_GET['close']) : intval($_GET['open']);
+ if ($topic_id < 1)
+ message($lang_common['Bad request']);
+
+ $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id.' AND forum_id='.$fid) or error('Unable to close topic', __FILE__, __LINE__, $db->error());
+
+ $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect'];
+ redirect('viewtopic.php?id='.$topic_id, $redirect_msg);
+ }
+}
+
+
+// Stick a topic
+else if (isset($_GET['stick']))
+{
+ confirm_referrer('viewtopic.php');
+
+ $stick = intval($_GET['stick']);
+ if ($stick < 1)
+ message($lang_common['Bad request']);
+
+ $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick.' AND forum_id='.$fid) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());
+
+ redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']);
+}
+
+
+// Unstick a topic
+else if (isset($_GET['unstick']))
+{
+ confirm_referrer('viewtopic.php');
+
+ $unstick = intval($_GET['unstick']);
+ if ($unstick < 1)
+ message($lang_common['Bad request']);
+
+ $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick.' AND forum_id='.$fid) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());
+
+ redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']);
+}
+
+
+// No specific forum moderation action was specified in the query string, so we'll display the moderator forum
+
+// Load the viewforum.php language file
+require PUN_ROOT.'lang/'.$pun_user['language'].'/forum.php';
+
+// Fetch some info about the forum
+$result = $db->query('SELECT f.forum_name, f.redirect_url, f.num_topics FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
+if (!$db->num_rows($result))
+ message($lang_common['Bad request']);
+
+$cur_forum = $db->fetch_assoc($result);
+
+// Is this a redirect forum? In that case, abort!
+if ($cur_forum['redirect_url'] != '')
+ message($lang_common['Bad request']);
+
+$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.pun_htmlspecialchars($cur_forum['forum_name']);
+require PUN_ROOT.'header.php';
+
+// Determine the topic offset (based on $_GET['p'])
+$num_pages = ceil($cur_forum['num_topics'] / $pun_user['disp_topics']);
+
+$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+$start_from = $pun_user['disp_topics'] * ($p - 1);
+
+// Generate paging links
+$paging_links = $lang_common['Pages'].': '.paginate($num_pages, $p, 'moderate.php?fid='.$fid)
+
+?>
+
+
+
+