| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: modcp.php 4111 2008-08-13 06:14:12Z Tikitiki $
| * $Id: modcp.php 4184 2008-09-10 04:40:17Z Tikitiki $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
| Zeile 81 | Zeile 81 |
|---|
error($lang->error_noselected_reports);
}
|
error($lang->error_noselected_reports);
}
|
array_walk($mybb->input['reports'], "intval");
| $mybb->input['reports'] = array_map("intval", $mybb->input['reports']);
|
$rids = implode($mybb->input['reports'], "','");
$rids = "'0','{$rids}'";
| $rids = implode($mybb->input['reports'], "','");
$rids = "'0','{$rids}'";
|
| Zeile 126 | Zeile 126 |
|---|
$page = intval($result / $perpage) + 1;
}
}
|
$page = intval($result / $perpage) + 1;
}
}
|
$postcount = intval($report_count)+1;
| $postcount = intval($report_count);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
|
| |
|
if($mybb->input['page'] == "last")
|
if($mybb->input['page'] == "last")
|
| |
{
$page = $pages;
|
{
$page = $pages;
|
}
| }
|
if($page > $pages || $page <= 0)
|
if($page > $pages || $page <= 0)
|
{
$page = 1;
| {
$page = 1;
|
}
if($page && $page > 0)
| }
if($page && $page > 0)
|
| Zeile 156 | Zeile 158 |
|---|
if($postcount > $perpage)
{
eval("\$reportspages = \"".$templates->get("modcp_reports_multipage")."\";");
|
if($postcount > $perpage)
{
eval("\$reportspages = \"".$templates->get("modcp_reports_multipage")."\";");
|
}
$query = $db->simple_select("forums", "fid, name");
while($forum = $db->fetch_array($query))
{
$forums[$forum['fid']] = $forum['name'];
}
$reports = '';
$query = $db->query("
SELECT r.*, u.username, up.username AS postusername, up.uid AS postuid, t.subject AS threadsubject
FROM ".TABLE_PREFIX."reportedposts r
LEFT JOIN ".TABLE_PREFIX."posts p ON (r.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (p.tid=t.tid)
| }
$query = $db->simple_select("forums", "fid, name");
while($forum = $db->fetch_array($query))
{
$forums[$forum['fid']] = $forum['name'];
}
$reports = '';
$query = $db->query("
SELECT r.*, u.username, up.username AS postusername, up.uid AS postuid, t.subject AS threadsubject
FROM ".TABLE_PREFIX."reportedposts r
LEFT JOIN ".TABLE_PREFIX."posts p ON (r.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (p.tid=t.tid)
|
LEFT JOIN ".TABLE_PREFIX."users u ON (r.uid=u.uid)
LEFT JOIN ".TABLE_PREFIX."users up ON (p.uid=up.uid)
WHERE r.reportstatus='0'
| LEFT JOIN ".TABLE_PREFIX."users u ON (r.uid=u.uid)
LEFT JOIN ".TABLE_PREFIX."users up ON (p.uid=up.uid)
WHERE r.reportstatus='0'
|
| Zeile 230 | Zeile 232 |
|---|
if(($result % $perpage) == 0)
{
$page = $result / $perpage;
|
if(($result % $perpage) == 0)
{
$page = $result / $perpage;
|
}
else
{
$page = intval($result / $perpage) + 1;
}
}
$postcount = intval($warnings)+1;
$pages = $postcount / $perpage;
$pages = ceil($pages);
if($mybb->input['page'] == "last")
{
$page = $pages;
}
if($page > $pages || $page <= 0)
{
$page = 1;
}
if($page)
| }
else
{
$page = intval($result / $perpage) + 1;
}
}
$postcount = intval($warnings);
$pages = $postcount / $perpage;
$pages = ceil($pages);
if($mybb->input['page'] == "last")
{
$page = $pages;
}
if($page > $pages || $page <= 0)
{
$page = 1;
}
if($page)
|
{
$start = ($page-1) * $perpage;
}
else
|
{
$start = ($page-1) * $perpage;
}
else
|
{
| {
|
$start = 0;
$page = 1;
}
$upper = $start+$perpage;
|
$start = 0;
$page = 1;
}
$upper = $start+$perpage;
|
|
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=allreports");
if($postcount > $perpage)
{
eval("\$allreportspages = \"".$templates->get("modcp_reports_multipage")."\";");
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=allreports");
if($postcount > $perpage)
{
eval("\$allreportspages = \"".$templates->get("modcp_reports_multipage")."\";");
|
}
| }
|
$query = $db->simple_select("forums", "fid, name");
while($forum = $db->fetch_array($query))
|
$query = $db->simple_select("forums", "fid, name");
while($forum = $db->fetch_array($query))
|
| Zeile 290 | Zeile 292 |
|---|
$report['threadlink'] = get_thread_link($report['tid']);
$report['posterlink'] = get_profile_link($report['postuid']);
$report['reporterlink'] = get_profile_link($report['uid']);
|
$report['threadlink'] = get_thread_link($report['tid']);
$report['posterlink'] = get_profile_link($report['postuid']);
$report['reporterlink'] = get_profile_link($report['uid']);
|
|
|
$reportdate = my_date($mybb->settings['dateformat'], $report['dateline']);
$reporttime = my_date($mybb->settings['timeformat'], $report['dateline']);
| $reportdate = my_date($mybb->settings['dateformat'], $report['dateline']);
$reporttime = my_date($mybb->settings['timeformat'], $report['dateline']);
|
| Zeile 334 | Zeile 336 |
|---|
add_breadcrumb($lang->mcp_nav_modlogs, "modcp.php?action=modlogs");
$perpage = intval($mybb->input['perpage']);
|
add_breadcrumb($lang->mcp_nav_modlogs, "modcp.php?action=modlogs");
$perpage = intval($mybb->input['perpage']);
|
if(!$perpage)
| if(!$perpage || $pagepage <= 0)
|
{
$perpage = $mybb->settings['threadsperpage'];
}
| {
$perpage = $mybb->settings['threadsperpage'];
}
|
| Zeile 411 | Zeile 413 |
|---|
{
$start = 0;
$page = 1;
|
{
$start = 0;
$page = 1;
|
}
| }
|
|
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modlogs&perpage=$perpage&uid={$mybb->input['uid']}&fid={$mybb->input['fid']}&orderby=$mybb->input['sortby']&order={$mybb->input['order']}");
| $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modlogs&perpage=$perpage&uid={$mybb->input['uid']}&fid={$mybb->input['fid']}&sortby={$mybb->input['sortby']}&order={$mybb->input['order']}");
|
if($postcount > $perpage)
{
eval("\$resultspages = \"".$templates->get("modcp_modlogs_multipage")."\";");
| if($postcount > $perpage)
{
eval("\$resultspages = \"".$templates->get("modcp_modlogs_multipage")."\";");
|
| Zeile 442 | Zeile 444 |
|---|
$information = "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($logitem['tid'])."\" target=\"_blank\">".htmlspecialchars_uni($logitem['tsubject'])."</a><br />";
}
if($logitem['fname'])
|
$information = "<strong>{$lang->thread}</strong> <a href=\"".get_thread_link($logitem['tid'])."\" target=\"_blank\">".htmlspecialchars_uni($logitem['tsubject'])."</a><br />";
}
if($logitem['fname'])
|
{
| {
|
$information .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($logitem['fid'])."\" target=\"_blank\">{$logitem['fname']}</a><br />";
}
if($logitem['psubject'])
| $information .= "<strong>{$lang->forum}</strong> <a href=\"".get_forum_link($logitem['fid'])."\" target=\"_blank\">{$logitem['fname']}</a><br />";
}
if($logitem['psubject'])
|
| Zeile 451 | Zeile 453 |
|---|
}
eval("\$results .= \"".$templates->get("modcp_modlogs_result")."\";");
|
}
eval("\$results .= \"".$templates->get("modcp_modlogs_result")."\";");
|
}
| }
|
if(!$results)
{
eval("\$results = \"".$templates->get("modcp_modlogs_noresults")."\";");
|
if(!$results)
{
eval("\$results = \"".$templates->get("modcp_modlogs_noresults")."\";");
|
}
| }
|
// Fetch filter options
$sortbysel[$mybb->input['sortby']] = "selected=\"selected\"";
|
// Fetch filter options
$sortbysel[$mybb->input['sortby']] = "selected=\"selected\"";
|
| Zeile 490 | Zeile 492 |
|---|
}
if($mybb->input['action'] == "do_delete_announcement")
|
}
if($mybb->input['action'] == "do_delete_announcement")
|
{
| {
|
verify_post_check($mybb->input['my_post_key']);
|
verify_post_check($mybb->input['my_post_key']);
|
$aid = intval($mybb->input['aid']);
$query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'");
$announcement = $db->fetch_array($query);
if(!$announcement['aid'])
{
error($lang->error_invalid_announcement);
}
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
{
error_no_permission();
}
| $aid = intval($mybb->input['aid']);
$query = $db->simple_select("announcements", "aid, subject, fid", "aid='{$aid}'");
$announcement = $db->fetch_array($query);
if(!$announcement['aid'])
{
error($lang->error_invalid_announcement);
}
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
{
error_no_permission();
}
|
$db->delete_query("announcements", "aid='{$aid}'");
redirect("modcp.php?action=announcements", $lang->redirect_delete_announcement);
| $db->delete_query("announcements", "aid='{$aid}'");
redirect("modcp.php?action=announcements", $lang->redirect_delete_announcement);
|
| Zeile 518 | Zeile 520 |
|---|
$announcement = $db->fetch_array($query);
if(!$announcement['aid'])
|
$announcement = $db->fetch_array($query);
if(!$announcement['aid'])
|
{
| {
|
error($lang->error_invalid_announcement);
}
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
| error($lang->error_invalid_announcement);
}
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
|
| Zeile 528 | Zeile 530 |
|---|
eval("\$announcements = \"".$templates->get("modcp_announcements_delete")."\";");
output_page($announcements);
|
eval("\$announcements = \"".$templates->get("modcp_announcements_delete")."\";");
output_page($announcements);
|
}
| }
|
if($mybb->input['action'] == "do_new_announcement")
{
verify_post_check($mybb->input['my_post_key']);
| if($mybb->input['action'] == "do_new_announcement")
{
verify_post_check($mybb->input['my_post_key']);
|
| Zeile 546 | Zeile 548 |
|---|
}
if(!trim($mybb->input['message']))
|
}
if(!trim($mybb->input['message']))
|
{
| {
|
$errors[] = $lang->error_missing_message;
}
if(!trim($mybb->input['fid']))
|
$errors[] = $lang->error_missing_message;
}
if(!trim($mybb->input['fid']))
|
{
| {
|
$errors[] = $lang->error_missing_forum;
}
| $errors[] = $lang->error_missing_forum;
}
|
| Zeile 566 | Zeile 568 |
|---|
if($startdate[0] >= 24)
{
$startdate[0] = "00";
|
if($startdate[0] >= 24)
{
$startdate[0] = "00";
|
}
}
| }
}
|
if(stristr($mybb->input['endtime_time'], "pm"))
{
$enddate[0] = 12+$enddate[0];
| if(stristr($mybb->input['endtime_time'], "pm"))
{
$enddate[0] = 12+$enddate[0];
|
| Zeile 601 | Zeile 603 |
|---|
{
$mybb->input['endtime_month'] = 1;
}
|
{
$mybb->input['endtime_month'] = 1;
}
|
$enddate = gmmktime($enddatehour, intval($mybb->input['endtime_time']), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
| $enddate = gmmktime(intval($enddate[0]), intval($enddate[1]), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
|
if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
| if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
|
| Zeile 765 | Zeile 767 |
|---|
}
if($mybb->input['allowsmilies'] || !isset($mybb->input['allowsmilies']))
|
}
if($mybb->input['allowsmilies'] || !isset($mybb->input['allowsmilies']))
|
{
$smilies_sel['yes'] = ' checked="checked"';
}
else
{
$smilies_sel['no'] = ' checked="checked"';
| {
$smilies_sel['yes'] = ' checked="checked"';
}
else
{
$smilies_sel['no'] = ' checked="checked"';
|
}
if($mybb->input['endtime_type'] == 2 || !isset($mybb->input['endtime_type']))
| }
if($mybb->input['endtime_type'] == 2 || !isset($mybb->input['endtime_type']))
|
| Zeile 803 | Zeile 805 |
|---|
if(!$announcement['aid'])
{
error($lang->error_invalid_announcement);
|
if(!$announcement['aid'])
{
error($lang->error_invalid_announcement);
|
}
| }
|
// Mod has permissions to edit this announcement
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
{
| // Mod has permissions to edit this announcement
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
{
|
| Zeile 818 | Zeile 820 |
|---|
}
if(!trim($mybb->input['message']))
|
}
if(!trim($mybb->input['message']))
|
{
| {
|
$errors[] = $lang->error_missing_message;
}
|
$errors[] = $lang->error_missing_message;
}
|
if(!trim($mybb->input['fid']))
| if(!trim($mybb->input['fid']))
{
$errors[] = $lang->error_missing_forum;
}
$startdate = @explode(" ", $mybb->input['starttime_time']);
$startdate = @explode(":", $startdate[0]);
$enddate = @explode(" ", $mybb->input['endtime_time']);
$enddate = @explode(":", $enddate[0]);
if(stristr($mybb->input['starttime_time'], "pm"))
{
$startdate[0] = 12+$startdate[0];
if($startdate[0] >= 24)
{
$startdate[0] = "00";
}
}
if(stristr($mybb->input['endtime_time'], "pm"))
|
{
|
{
|
$errors[] = $lang->error_missing_forum;
| $enddate[0] = 12+$enddate[0];
if($enddate[0] >= 24)
{
$enddate[0] = "00";
}
|
}
$months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12');
| }
$months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12');
|
| Zeile 849 | Zeile 874 |
|---|
{
$mybb->input['endtime_month'] = 1;
}
|
{
$mybb->input['endtime_month'] = 1;
}
|
$enddate = gmmktime($enddatehour, intval($mybb->input['endtime_time']), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
| $enddate = gmmktime(intval($enddate[0]), intval($enddate[1]), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
|
if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
| if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
|
| Zeile 1171 | Zeile 1196 |
|---|
}
else if(is_array($mybb->input['attachments']))
{
|
}
else if(is_array($mybb->input['attachments']))
{
|
$query = $db->simple_select("attachments", "aid, pid", "aid IN (".implode(",", array_map("intval", array_keys($mybb->input['attachments'])))."){$flist}");
| $query = $db->query("
SELECT a.pid, a.aid
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE aid IN (".implode(",", array_map("intval", array_keys($mybb->input['attachments'])))."){$flist}
");
|
while($attachment = $db->fetch_array($query))
{
$action = $mybb->input['attachments'][$attachment['aid']];
if($action == "approve")
{
$db->update_query("attachments", array("visible" => 1), "aid='{$attachment['aid']}'");
|
while($attachment = $db->fetch_array($query))
{
$action = $mybb->input['attachments'][$attachment['aid']];
if($action == "approve")
{
$db->update_query("attachments", array("visible" => 1), "aid='{$attachment['aid']}'");
|
}
| }
|
else if($action == "delete")
{
remove_attachment($attachment['pid'], '', $attachment['aid']);
| else if($action == "delete")
{
remove_attachment($attachment['pid'], '', $attachment['aid']);
|
| Zeile 1187 | Zeile 1217 |
|---|
redirect("modcp.php?action=modqueue&type=attachments", $lang->redirect_attachmentsmoderated);
}
}
|
redirect("modcp.php?action=modqueue&type=attachments", $lang->redirect_attachmentsmoderated);
}
}
|
|
|
if($mybb->input['action'] == "modqueue")
{
if($mybb->input['type'] == "threads" || !$mybb->input['type'])
| if($mybb->input['action'] == "modqueue")
{
if($mybb->input['type'] == "threads" || !$mybb->input['type'])
|
| Zeile 1196 | Zeile 1226 |
|---|
$query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible=0 {$flist}");
$unapproved_threads = $db->fetch_field($query, "unapprovedthreads");
|
$query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible=0 {$flist}");
$unapproved_threads = $db->fetch_field($query, "unapprovedthreads");
|
|
|
// Figure out if we need to display multiple pages.
if($mybb->input['page'] != "last")
|
// Figure out if we need to display multiple pages.
if($mybb->input['page'] != "last")
|
{
| {
|
$page = intval($mybb->input['page']);
|
$page = intval($mybb->input['page']);
|
}
| }
|
$perpage = $mybb->settings['threadsperpage'];
$pages = $unapproved_threads / $perpage;
|
$perpage = $mybb->settings['threadsperpage'];
$pages = $unapproved_threads / $perpage;
|
$pages = ceil($pages);
if($mybb->input['page'] == "last")
{
$page = $pages;
}
if($page > $pages || $page <= 0)
{
$page = 1;
}
if($page)
{
$start = ($page-1) * $perpage;
}
else
| $pages = ceil($pages);
if($mybb->input['page'] == "last")
{
$page = $pages;
}
if($page > $pages || $page <= 0)
{
$page = 1;
}
if($page)
{
$start = ($page-1) * $perpage;
}
else
|
{
$start = 0;
$page = 1;
}
|
{
$start = 0;
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modqueue&type=threads");
| $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=threads");
|
$query = $db->query("
SELECT t.tid, t.dateline, t.fid, t.subject, p.message AS postmessage, u.username AS username, t.uid
|
$query = $db->query("
SELECT t.tid, t.dateline, t.fid, t.subject, p.message AS postmessage, u.username AS username, t.uid
|
| Zeile 1271 | Zeile 1301 |
|---|
if($mybb->input['type'] == "posts" || (!$mybb->input['type'] && !$threadqueue))
{
$forum_cache = $cache->read("forums");
|
if($mybb->input['type'] == "posts" || (!$mybb->input['type'] && !$threadqueue))
{
$forum_cache = $cache->read("forums");
|
|
|
$query = $db->query("
SELECT COUNT(pid) AS unapprovedposts
FROM ".TABLE_PREFIX."posts p
| $query = $db->query("
SELECT COUNT(pid) AS unapprovedposts
FROM ".TABLE_PREFIX."posts p
|
| Zeile 1284 | Zeile 1314 |
|---|
if($mybb->input['page'] != "last")
{
$page = intval($mybb->input['page']);
|
if($mybb->input['page'] != "last")
{
$page = intval($mybb->input['page']);
|
}
| }
|
$perpage = $mybb->settings['postsperpage'];
$pages = $unapproved_posts / $perpage;
|
$perpage = $mybb->settings['postsperpage'];
$pages = $unapproved_posts / $perpage;
|
| Zeile 1296 | Zeile 1326 |
|---|
}
if($page > $pages || $page <= 0)
|
}
if($page > $pages || $page <= 0)
|
{
| {
|
$page = 1;
}
| $page = 1;
}
|
| Zeile 1310 | Zeile 1340 |
|---|
$page = 1;
}
|
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modqueue&type=posts");
| $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=posts");
|
$query = $db->query("
SELECT p.pid, p.subject, p.message, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline
|
$query = $db->query("
SELECT p.pid, p.subject, p.message, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline
|
| Zeile 1370 | Zeile 1400 |
|---|
}
$perpage = $mybb->settings['postsperpage'];
|
}
$perpage = $mybb->settings['postsperpage'];
|
$pages = $unapprovedthreads / $perpage;
| $pages = $unapproved_attachments / $perpage;
|
$pages = ceil($pages);
|
$pages = ceil($pages);
|
| |
|
if($mybb->input['page'] == "last")
{
|
if($mybb->input['page'] == "last")
{
|
| Zeile 1393 | Zeile 1424 |
|---|
$page = 1;
}
|
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modqueue&type=attachments");
| $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=attachments");
|
$query = $db->query("
SELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject
|
$query = $db->query("
SELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject
|
| Zeile 1472 | Zeile 1503 |
|---|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
else if($mybb->usergroup['issupermod'] == 1 && $user_permissions['cancp'] == 1 || (is_super_admin($user['uid']) && !is_super_admin($user['uid'])))
| else if(!modcp_can_manage_user($user['uid']))
|
{
error_no_permission();
}
| {
error_no_permission();
}
|
| Zeile 1561 | Zeile 1592 |
|---|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
else if($mybb->usergroup['issupermod'] == 1 && $user_permissions['cancp'] == 1 || (is_super_admin($user['uid']) && !is_super_admin($user['uid'])))
| else if(!modcp_can_manage_user($user['uid']))
|
{
error_no_permission();
}
| {
error_no_permission();
}
|
| Zeile 1803 | Zeile 1834 |
|---|
if($mybb->input['action'] == "finduser")
{
|
if($mybb->input['action'] == "finduser")
{
|
if(!$perpage)
| $perpage = intval($mybb->input['perpage']);
if(!$perpage || $pagepage <= 0)
|
{
$perpage = $mybb->settings['threadsperpage'];
}
| {
$perpage = $mybb->settings['threadsperpage'];
}
|
| Zeile 1872 | Zeile 1904 |
|---|
if($mybb->input[$field])
{
$page_url .= "&{$field}=".htmlspecialchars_uni($mybb->input[$field]);
|
if($mybb->input[$field])
{
$page_url .= "&{$field}=".htmlspecialchars_uni($mybb->input[$field]);
|
| | $mybb->input[$field] = htmlspecialchars_uni($mybb->input[$field]);
|
}
}
| }
}
|
| Zeile 1915 | Zeile 1948 |
|---|
$search['username'] = $db->escape_string($mybb->input['filter']['username']);
$query = $db->simple_select("users", "uid", "username='{$search['username']}'");
$mybb->input['filter']['uid'] = $db->fetch_field($query, "uid");
|
$search['username'] = $db->escape_string($mybb->input['filter']['username']);
$query = $db->simple_select("users", "uid", "username='{$search['username']}'");
$mybb->input['filter']['uid'] = $db->fetch_field($query, "uid");
|
| | $mybb->input['filter']['username'] = htmlspecialchars_uni($mybb->input['filter']['username']);
|
}
if($mybb->input['filter']['uid'])
{
| }
if($mybb->input['filter']['uid'])
{
|
| Zeile 1923 | Zeile 1957 |
|---|
if(!isset($mybb->input['search']['username']))
{
$user = get_user($mybb->input['search']['uid']);
|
if(!isset($mybb->input['search']['username']))
{
$user = get_user($mybb->input['search']['uid']);
|
$mybb->input['search']['username'] = $user['username'];
| $mybb->input['search']['username'] = htmlspecialchars_uni($user['username']);
|
}
}
if($mybb->input['filter']['mod_username'])
| }
}
if($mybb->input['filter']['mod_username'])
|
| Zeile 1931 | Zeile 1965 |
|---|
$search['mod_username'] = $db->escape_string($mybb->input['filter']['mod_username']);
$query = $db->simple_select("users", "uid", "username='{$search['mod_username']}'");
$mybb->input['filter']['mod_uid'] = $db->fetch_field($query, "uid");
|
$search['mod_username'] = $db->escape_string($mybb->input['filter']['mod_username']);
$query = $db->simple_select("users", "uid", "username='{$search['mod_username']}'");
$mybb->input['filter']['mod_uid'] = $db->fetch_field($query, "uid");
|
| | $mybb->input['filter']['mod_username'] = htmlspecialchars_uni($mybb->input['filter']['mod_username']);
|
}
if($mybb->input['filter']['mod_uid'])
{
| }
if($mybb->input['filter']['mod_uid'])
{
|
| Zeile 1939 | Zeile 1974 |
|---|
if(!isset($mybb->input['search']['mod_username']))
{
$mod_user = get_user($mybb->input['search']['uid']);
|
if(!isset($mybb->input['search']['mod_username']))
{
$mod_user = get_user($mybb->input['search']['uid']);
|
$mybb->input['search']['mod_username'] = $mod_user['username'];
| $mybb->input['search']['mod_username'] = htmlspecialchars_uni($mod_user['username']);
|
}
}
if($mybb->input['filter']['reason'])
{
$search['reason'] = $db->escape_string($mybb->input['filter']['reason']);
$where_sql .= " AND (w.notes LIKE '%{$search['reason']}%' OR t.title LIKE '%{$search['reason']}%' OR w.title LIKE '%{$search['reason']}%')";
|
}
}
if($mybb->input['filter']['reason'])
{
$search['reason'] = $db->escape_string($mybb->input['filter']['reason']);
$where_sql .= " AND (w.notes LIKE '%{$search['reason']}%' OR t.title LIKE '%{$search['reason']}%' OR w.title LIKE '%{$search['reason']}%')";
|
| | $mybb->input['filter']['reason'] = htmlspecialchars_uni($mybb->input['filter']['reason']);
|
}
$sortbysel = array();
switch($mybb->input['filter']['sortby'])
| }
$sortbysel = array();
switch($mybb->input['filter']['sortby'])
|
| Zeile 2150 | Zeile 2186 |
|---|
// Now we have the result counts, paginate
$perpage = intval($mybb->input['perpage']);
|
// Now we have the result counts, paginate
$perpage = intval($mybb->input['perpage']);
|
if(!$perpage)
| if(!$perpage || $pagepage <= 0)
|
{
$perpage = $mybb->settings['threadsperpage'];
}
| {
$perpage = $mybb->settings['threadsperpage'];
}
|
| Zeile 2257 | Zeile 2293 |
|---|
{
$ipaddress['subject'] = "RE: {$ipaddress['threadsubject']}";
}
|
{
$ipaddress['subject'] = "RE: {$ipaddress['threadsubject']}";
}
|
$subject = "<strong>{$lang->ipresult_post}</strong> <a href=\"".get_post_link($ipaddress['pid'], $ipaddress['tid'])."\">".htmlspecialchars_uni($ipaddress['subject'])."</a> by ".build_profile_link($ipaddress['username'], $ipaddress['uid']);
| $subject = "<strong>{$lang->ipresult_post}</strong> <a href=\"".get_post_link($ipaddress['pid'], $ipaddress['tid'])."\">".htmlspecialchars_uni($ipaddress['subject'])."</a> {$lang->by} ".build_profile_link($ipaddress['username'], $ipaddress['uid']);
|
eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";");
}
}
| eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";");
}
}
|
| Zeile 2317 | Zeile 2353 |
|---|
$query = $db->simple_select("banned", "COUNT(uid) AS count");
$banned_count = $db->fetch_field($query, "count");
|
$query = $db->simple_select("banned", "COUNT(uid) AS count");
$banned_count = $db->fetch_field($query, "count");
|
$postcount = intval($banned_count)+1;
| $postcount = intval($banned_count);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
| $pages = $postcount / $perpage;
$pages = ceil($pages);
|
| Zeile 2376 | Zeile 2412 |
|---|
if($banned['reason'])
{
$banned['reason'] = htmlspecialchars_uni($parser->parse_badwords($banned['reason']));
|
if($banned['reason'])
{
$banned['reason'] = htmlspecialchars_uni($parser->parse_badwords($banned['reason']));
|
}
else
| }
else
|
{
$banned['reason'] = $lang->na;
}
| {
$banned['reason'] = $lang->na;
}
|
| Zeile 2436 | Zeile 2472 |
|---|
if(!$ban['uid'])
{
|
if(!$ban['uid'])
{
|
$lang->error_invalidban;
| error($lang->error_invalidban);
|
}
// Permission to edit this ban?
| }
// Permission to edit this ban?
|
| Zeile 2457 | Zeile 2493 |
|---|
$cache->update_moderators();
redirect("modcp.php?action=banning", $lang->redirect_banlifted);
|
$cache->update_moderators();
redirect("modcp.php?action=banning", $lang->redirect_banlifted);
|
}
| }
|
if($mybb->input['action'] == "do_banuser" && $mybb->request_method == "post")
{
// Verify incoming POST request
| if($mybb->input['action'] == "do_banuser" && $mybb->request_method == "post")
{
// Verify incoming POST request
|
| Zeile 2466 | Zeile 2502 |
|---|
// Editing an existing ban
if($mybb->input['uid'])
|
// Editing an existing ban
if($mybb->input['uid'])
|
{
| {
|
// Get the users info from their uid
$query = $db->query("
SELECT b.*, u.uid, u.usergroup, u.additionalgroups, u.displaygroup
| // Get the users info from their uid
$query = $db->query("
SELECT b.*, u.uid, u.usergroup, u.additionalgroups, u.displaygroup
|
| Zeile 2474 | Zeile 2510 |
|---|
LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid)
WHERE b.uid='{$mybb->input['uid']}'
");
|
LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid)
WHERE b.uid='{$mybb->input['uid']}'
");
|
$user = $db->fetch_array($query);
if(!$user['uid'])
| $user = $db->fetch_array($query);
if(!$user['uid'])
|
{
error($lang->error_invalidban);
}
| {
error($lang->error_invalidban);
}
|
| Zeile 2484 | Zeile 2520 |
|---|
if($mybb->user['uid'] != $user['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1)
{
error_no_permission();
|
if($mybb->user['uid'] != $user['admin'] && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['cancp'] != 1)
{
error_no_permission();
|
}
$lift_link = "<div class=\"float_right\"><a href=\"modcp.php?action=liftban&bid={$user['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></div>";
}
| }
}
|
// Creating a new ban
else
{
| // Creating a new ban
else
{
|
| Zeile 2497 | Zeile 2531 |
|---|
if(!$user['uid'])
{
$errors[] = $lang->invalid_username;
|
if(!$user['uid'])
{
$errors[] = $lang->invalid_username;
|
}
}
| }
}
|
if($user['uid'] == $mybb->user['uid'])
{
$errors[] = $lang->error_cannotbanself;
|
if($user['uid'] == $mybb->user['uid'])
{
$errors[] = $lang->error_cannotbanself;
|
}
| }
|
// Have permissions to ban this user?
if(!modcp_can_manage_user($user['uid']))
{
$errors[] = $lang->error_cannotbanuser;
|
// Have permissions to ban this user?
if(!modcp_can_manage_user($user['uid']))
{
$errors[] = $lang->error_cannotbanuser;
|
}
| }
|
// Check for an incoming reason
if(!$mybb->input['banreason'])
|
// Check for an incoming reason
if(!$mybb->input['banreason'])
|
| Zeile 2519 | Zeile 2553 |
|---|
// Check banned group
if(!$db->fetch_field($db->simple_select("usergroups", "gid", "isbannedgroup=1 AND gid='".intval($mybb->input['usergroup'])."'"), "gid"))
|
// Check banned group
if(!$db->fetch_field($db->simple_select("usergroups", "gid", "isbannedgroup=1 AND gid='".intval($mybb->input['usergroup'])."'"), "gid"))
|
{
| {
|
$errors[] = $lang->error_nobangroup;
}
| $errors[] = $lang->error_nobangroup;
}
|
| Zeile 2538 | Zeile 2572 |
|---|
{
// Ban the user
if($mybb->input['liftafter'] == '---')
|
{
// Ban the user
if($mybb->input['liftafter'] == '---')
|
{
| {
|
$lifted = 0;
}
else
| $lifted = 0;
}
else
|
| Zeile 2618 | Zeile 2652 |
|---|
// If incoming user ID, we are editing a ban
if($mybb->input['uid'])
|
// If incoming user ID, we are editing a ban
if($mybb->input['uid'])
|
{
| {
|
$query = $db->query("
SELECT b.*, u.username
FROM ".TABLE_PREFIX."banned b
| $query = $db->query("
SELECT b.*, u.username
FROM ".TABLE_PREFIX."banned b
|
| Zeile 2635 | Zeile 2669 |
|---|
eval("\$banuser_username = \"".$templates->get("modcp_banuser_editusername")."\";");
}
}
|
eval("\$banuser_username = \"".$templates->get("modcp_banuser_editusername")."\";");
}
}
|
| |
|
// New ban!
|
// New ban!
|
if(!$banuer_username)
| if(!$banuser_username)
|
{
if($mybb->input['uid'])
{
| {
if($mybb->input['uid'])
{
|
| Zeile 2680 | Zeile 2715 |
|---|
$liftlist .= ">{$title} ({$thatime})</option>\n";
}
}
|
$liftlist .= ">{$title} ({$thatime})</option>\n";
}
}
|
|
|
$bangroups = '';
$query = $db->simple_select("usergroups", "gid, title", "isbannedgroup=1");
while($item = $db->fetch_array($query))
| $bangroups = '';
$query = $db->simple_select("usergroups", "gid, title", "isbannedgroup=1");
while($item = $db->fetch_array($query))
|
| Zeile 2692 | Zeile 2727 |
|---|
}
$bangroups .= "<option value=\"{$item['gid']}\"{$selected}>".htmlspecialchars_uni($item['title'])."</option>\n";
}
|
}
$bangroups .= "<option value=\"{$item['gid']}\"{$selected}>".htmlspecialchars_uni($item['title'])."</option>\n";
}
|
| |
$lift_link = "<div class=\"float_right\"><a href=\"modcp.php?action=liftban&uid={$user['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></div>";
|
eval("\$banuser = \"".$templates->get("modcp_banuser")."\";");
output_page($banuser);
|
eval("\$banuser = \"".$templates->get("modcp_banuser")."\";");
output_page($banuser);
|
| Zeile 2699 | Zeile 2736 |
|---|
if($mybb->input['action'] == "do_modnotes")
{
|
if($mybb->input['action'] == "do_modnotes")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
// Update Moderator Notes cache
$update_cache = array(
"modmessage" => $mybb->input['modnotes']
| // Update Moderator Notes cache
$update_cache = array(
"modmessage" => $mybb->input['modnotes']
|
| Zeile 2722 | Zeile 2762 |
|---|
if($unapproved_attachments > 0)
{
$query = $db->query("
|
if($unapproved_attachments > 0)
{
$query = $db->query("
|
SELECT t.tid, p.pid, t.uid, t.username, a.filename, a.dateuploaded
| SELECT t.tid, p.pid, p.uid, t.username, a.filename, a.dateuploaded
|
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
| FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
|
| Zeile 2755 | Zeile 2795 |
|---|
if($unapproved_posts > 0)
{
$query = $db->query("
|
if($unapproved_posts > 0)
{
$query = $db->query("
|
SELECT p.pid, p.tid, p.subject, p.uid, p.username
| SELECT p.pid, p.tid, p.subject, p.uid, p.username, p.dateline
|
FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid
| FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid
|
| Zeile 2770 | Zeile 2810 |
|---|
$post['subject'] = $post['fullsubject'] = $parser->parse_badwords($post['subject']);
if(my_strlen($post['subject']) > 25)
{
|
$post['subject'] = $post['fullsubject'] = $parser->parse_badwords($post['subject']);
if(my_strlen($post['subject']) > 25)
{
|
$lastpost_subject = my_substr($post['subject'], 0, 25)."...";
| $post['subject'] = my_substr($post['subject'], 0, 25)."...";
|
}
$post['subject'] = htmlspecialchars_uni($post['subject']);
$post['fullsubject'] = htmlspecialchars_uni($post['fullsubject']);
| }
$post['subject'] = htmlspecialchars_uni($post['subject']);
$post['fullsubject'] = htmlspecialchars_uni($post['fullsubject']);
|
| Zeile 2796 | Zeile 2836 |
|---|
$thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']);
if(my_strlen($thread['subject']) > 25)
{
|
$thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']);
if(my_strlen($thread['subject']) > 25)
{
|
$lastpost_subject = my_substr($thread['subject'], 0, 25)."...";
| $post['subject'] = my_substr($thread['subject'], 0, 25)."...";
|
}
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']);
| }
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']);
|