Code Coverage for /data/phpBB/includes/acp/acp

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 292
acp_reasons	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	3660	0.00% covered (danger)	0.00%	0 / 288
main				0.00% covered (danger)	0.00%	0 / 1	3660	0.00% covered (danger)	0.00%	0 / 288

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	class acp_reasons
23	{
24	var $u_action;
25
26	function main($id, $mode)
27	{
28	global $db, $user, $template;
29	global $request, $phpbb_log;
30
31	$user->add_lang(array('mcp', 'acp/posting'));
32
33	// Set up general vars
34	$action = $request->variable('action', '');
35	$submit = (isset($_POST['submit'])) ? true : false;
36	$reason_id = $request->variable('id', 0);
37
38	$this->tpl_name = 'acp_reasons';
39	$this->page_title = 'ACP_REASONS';
40
41	$form_name = 'acp_reason';
42	add_form_key('acp_reason');
43
44	$error = array();
45
46	switch ($action)
47	{
48	case 'add':
49	case 'edit':
50
51	$reason_row = array(
52	'reason_title' => $request->variable('reason_title', '', true),
53	'reason_description' => $request->variable('reason_description', '', true),
54	);
55
56	if ($submit)
57	{
58	if (!check_form_key($form_name))
59	{
60	$error[] = $user->lang['FORM_INVALID'];
61	}
62	// Reason specified?
63	if (!$reason_row['reason_title'] \|\| !$reason_row['reason_description'])
64	{
65	$error[] = $user->lang['NO_REASON_INFO'];
66	}
67
68	$check_double = ($action == 'add') ? true : false;
69
70	if ($action == 'edit')
71	{
72	$sql = 'SELECT reason_title
73	FROM ' . REPORTS_REASONS_TABLE . "
74	WHERE reason_id = $reason_id";
75	$result = $db->sql_query($sql);
76	$row = $db->sql_fetchrow($result);
77	$db->sql_freeresult($result);
78
79	if (strtolower($row['reason_title']) == 'other' \|\| strtolower($reason_row['reason_title']) == 'other')
80	{
81	$reason_row['reason_title'] = 'other';
82	}
83
84	if ($row['reason_title'] != $reason_row['reason_title'])
85	{
86	$check_double = true;
87	}
88	}
89
90	// Check for same reason if adding it...
91	if ($check_double)
92	{
93	$sql = 'SELECT reason_id
94	FROM ' . REPORTS_REASONS_TABLE . "
95	WHERE reason_title = '" . $db->sql_escape($reason_row['reason_title']) . "'";
96	$result = $db->sql_query($sql);
97	$row = $db->sql_fetchrow($result);
98	$db->sql_freeresult($result);
99
100	if ($row \|\| ($action == 'add' && strtolower($reason_row['reason_title']) == 'other'))
101	{
102	$error[] = $user->lang['REASON_ALREADY_EXIST'];
103	}
104	}
105
106	if (!count($error))
107	{
108	// New reason?
109	if ($action == 'add')
110	{
111	// Get new order...
112	$sql = 'SELECT MAX(reason_order) as max_reason_order
113	FROM ' . REPORTS_REASONS_TABLE;
114	$result = $db->sql_query($sql);
115	$max_order = (int) $db->sql_fetchfield('max_reason_order');
116	$db->sql_freeresult($result);
117
118	$sql_ary = array(
119	'reason_title' => (string) $reason_row['reason_title'],
120	'reason_description' => (string) $reason_row['reason_description'],
121	'reason_order' => $max_order + 1
122	);
123
124	$db->sql_query('INSERT INTO ' . REPORTS_REASONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
125
126	$log = 'ADDED';
127	}
128	else if ($reason_id)
129	{
130	$sql_ary = array(
131	'reason_title' => (string) $reason_row['reason_title'],
132	'reason_description' => (string) $reason_row['reason_description'],
133	);
134
135	$db->sql_query('UPDATE ' . REPORTS_REASONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
136	WHERE reason_id = ' . $reason_id);
137
138	$log = 'UPDATED';
139	}
140
141	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_' . $log, false, array($reason_row['reason_title']));
142	trigger_error($user->lang['REASON_' . $log] . adm_back_link($this->u_action));
143	}
144	}
145	else if ($reason_id)
146	{
147	$sql = 'SELECT *
148	FROM ' . REPORTS_REASONS_TABLE . '
149	WHERE reason_id = ' . $reason_id;
150	$result = $db->sql_query($sql);
151	$reason_row = $db->sql_fetchrow($result);
152	$db->sql_freeresult($result);
153
154	if (!$reason_row)
155	{
156	trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
157	}
158	}
159
160	$l_title = ($action == 'edit') ? 'EDIT' : 'ADD';
161
162	$translated = false;
163
164	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
165	if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])]))
166	{
167	$translated = true;
168	}
169
170	$template->assign_vars(array(
171	'L_TITLE' => $user->lang['REASON_' . $l_title],
172	'U_ACTION' => $this->u_action . "&id=$reason_id&action=$action",
173	'U_BACK' => $this->u_action,
174	'ERROR_MSG' => (count($error)) ? implode('<br />', $error) : '',
175
176	'REASON_TITLE' => $reason_row['reason_title'],
177	'REASON_DESCRIPTION' => $reason_row['reason_description'],
178
179	'TRANSLATED_TITLE' => ($translated) ? $user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])] : '',
180	'TRANSLATED_DESCRIPTION'=> ($translated) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])] : '',
181
182	'S_AVAILABLE_TITLES' => implode($user->lang['COMMA_SEPARATOR'], array_map('htmlspecialchars', array_keys($user->lang['report_reasons']['TITLE']))),
183	'S_EDIT_REASON' => true,
184	'S_TRANSLATED' => $translated,
185	'S_ERROR' => (count($error)) ? true : false,
186	)
187	);
188
189	return;
190	break;
191
192	case 'delete':
193
194	$sql = 'SELECT *
195	FROM ' . REPORTS_REASONS_TABLE . '
196	WHERE reason_id = ' . $reason_id;
197	$result = $db->sql_query($sql);
198	$reason_row = $db->sql_fetchrow($result);
199	$db->sql_freeresult($result);
200
201	if (!$reason_row)
202	{
203	trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
204	}
205
206	if (strtolower($reason_row['reason_title']) == 'other')
207	{
208	trigger_error($user->lang['NO_REMOVE_DEFAULT_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
209	}
210
211	// Let the deletion be confirmed...
212	if (confirm_box(true))
213	{
214	$sql = 'SELECT reason_id
215	FROM ' . REPORTS_REASONS_TABLE . "
216	WHERE LOWER(reason_title) = 'other'";
217	$result = $db->sql_query($sql);
218	$other_reason_id = (int) $db->sql_fetchfield('reason_id');
219	$db->sql_freeresult($result);
220
221	switch ($db->get_sql_layer())
222	{
223	// The ugly one!
224	case 'mysqli':
225	case 'mysql4':
226	case 'mysql':
227	// Change the reports using this reason to 'other'
228	$sql = 'UPDATE ' . REPORTS_TABLE . '
229	SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)
230	WHERE reason_id = $reason_id";
231	break;
232
233	// Standard? What's that?
234	case 'mssql_odbc':
235	case 'mssqlnative':
236	// Change the reports using this reason to 'other'
237	$sql = "DECLARE @ptrval binary(16)
238
239	SELECT @ptrval = TEXTPTR(report_text)
240	FROM " . REPORTS_TABLE . "
241	WHERE reason_id = " . $reason_id . "
242
243	UPDATETEXT " . REPORTS_TABLE . ".report_text @ptrval 0 0 '" . $db->sql_escape($reason_row['reason_description']) . "\n\n'
244
245	UPDATE " . REPORTS_TABLE . '
246	SET reason_id = ' . $other_reason_id . "
247	WHERE reason_id = $reason_id";
248	break;
249
250	// Teh standard
251	case 'postgres':
252	case 'oracle':
253	case 'sqlite3':
254	// Change the reports using this reason to 'other'
255	$sql = 'UPDATE ' . REPORTS_TABLE . '
256	SET reason_id = ' . $other_reason_id . ", report_text = '" . $db->sql_escape($reason_row['reason_description']) . "\n\n' \|\| report_text
257	WHERE reason_id = $reason_id";
258	break;
259	}
260	$db->sql_query($sql);
261
262	$db->sql_query('DELETE FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id);
263
264	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_REMOVED', false, array($reason_row['reason_title']));
265	trigger_error($user->lang['REASON_REMOVED'] . adm_back_link($this->u_action));
266	}
267	else
268	{
269	confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
270	'i' => $id,
271	'mode' => $mode,
272	'action' => $action,
273	'id' => $reason_id))
274	);
275	}
276
277	break;
278
279	case 'move_up':
280	case 'move_down':
281
282	if (!check_link_hash($request->variable('hash', ''), 'acp_reasons'))
283	{
284	trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
285	}
286
287	$sql = 'SELECT reason_order
288	FROM ' . REPORTS_REASONS_TABLE . "
289	WHERE reason_id = $reason_id";
290	$result = $db->sql_query($sql);
291	$order = $db->sql_fetchfield('reason_order');
292	$db->sql_freeresult($result);
293
294	if ($order === false \|\| ($order == 0 && $action == 'move_up'))
295	{
296	break;
297	}
298	$order = (int) $order;
299	$order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
300
301	$sql = 'UPDATE ' . REPORTS_REASONS_TABLE . '
302	SET reason_order = ' . $order_total . ' - reason_order
303	WHERE reason_order IN (' . $order . ', ' . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
304	$db->sql_query($sql);
305
306	if ($request->is_ajax())
307	{
308	$json_response = new \phpbb\json_response;
309	$json_response->send(array(
310	'success' => (bool) $db->sql_affectedrows(),
311	));
312	}
313	break;
314	}
315
316	// By default, check that order is valid and fix it if necessary
317	$sql = 'SELECT reason_id, reason_order
318	FROM ' . REPORTS_REASONS_TABLE . '
319	ORDER BY reason_order';
320	$result = $db->sql_query($sql);
321
322	if ($row = $db->sql_fetchrow($result))
323	{
324	$order = 0;
325	do
326	{
327	++$order;
328
329	if ($row['reason_order'] != $order)
330	{
331	$sql = 'UPDATE ' . REPORTS_REASONS_TABLE . "
332	SET reason_order = $order
333	WHERE reason_id = {$row['reason_id']}";
334	$db->sql_query($sql);
335	}
336	}
337	while ($row = $db->sql_fetchrow($result));
338	}
339	$db->sql_freeresult($result);
340
341	$template->assign_vars(array(
342	'U_ACTION' => $this->u_action,
343	)
344	);
345
346	// Reason count
347	$sql = 'SELECT reason_id, COUNT(reason_id) AS reason_count
348	FROM ' . REPORTS_TABLE . '
349	GROUP BY reason_id';
350	$result = $db->sql_query($sql);
351
352	$reason_count = array();
353	while ($row = $db->sql_fetchrow($result))
354	{
355	$reason_count[$row['reason_id']] = $row['reason_count'];
356	}
357	$db->sql_freeresult($result);
358
359	$sql = 'SELECT *
360	FROM ' . REPORTS_REASONS_TABLE . '
361	ORDER BY reason_order ASC';
362	$result = $db->sql_query($sql);
363
364	while ($row = $db->sql_fetchrow($result))
365	{
366	$translated = false;
367	$other_reason = ($row['reason_title'] == 'other') ? true : false;
368
369	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
370	if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
371	{
372	$row['reason_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
373	$row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
374
375	$translated = true;
376	}
377
378	$template->assign_block_vars('reasons', array(
379	'REASON_TITLE' => $row['reason_title'],
380	'REASON_DESCRIPTION' => $row['reason_description'],
381	'REASON_COUNT' => (isset($reason_count[$row['reason_id']])) ? $reason_count[$row['reason_id']] : 0,
382
383	'S_TRANSLATED' => $translated,
384	'S_OTHER_REASON' => $other_reason,
385
386	'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['reason_id'],
387	'U_DELETE' => (!$other_reason) ? $this->u_action . '&action=delete&id=' . $row['reason_id'] : '',
388	'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row['reason_id'] . '&hash=' . generate_link_hash('acp_reasons'),
389	'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row['reason_id'] . '&hash=' . generate_link_hash('acp_reasons'))
390	);
391	}
392	$db->sql_freeresult($result);
393	}
394	}