Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
Total | |
0.00% |
0 / 1 |
|
0.00% |
0 / 6 |
CRAP | |
0.00% |
0 / 399 |
add_warning | |
0.00% |
0 / 1 |
0 | |
0.00% |
0 / 70 |
|||
mcp_warn | |
0.00% |
0 / 1 |
|
0.00% |
0 / 6 |
2970 | |
0.00% |
0 / 325 |
__construct | |
0.00% |
0 / 1 |
2 | |
0.00% |
0 / 3 |
|||
main | |
0.00% |
0 / 1 |
42 | |
0.00% |
0 / 29 |
|||
mcp_warn_front_view | |
0.00% |
0 / 1 |
12 | |
0.00% |
0 / 35 |
|||
mcp_warn_list_view | |
0.00% |
0 / 1 |
30 | |
0.00% |
0 / 39 |
|||
mcp_warn_post_view | |
0.00% |
0 / 1 |
462 | |
0.00% |
0 / 118 |
|||
mcp_warn_user_view | |
0.00% |
0 / 1 |
342 | |
0.00% |
0 / 101 |
<?php | |
/** | |
* | |
* This file is part of the phpBB Forum Software package. | |
* | |
* @copyright (c) phpBB Limited <https://www.phpbb.com> | |
* @license GNU General Public License, version 2 (GPL-2.0) | |
* | |
* For full copyright and license information, please see | |
* the docs/CREDITS.txt file. | |
* | |
*/ | |
/** | |
* @ignore | |
*/ | |
if (!defined('IN_PHPBB')) | |
{ | |
exit; | |
} | |
/** | |
* mcp_warn | |
* Handling warning the users | |
*/ | |
class mcp_warn | |
{ | |
var $p_master; | |
var $u_action; | |
function __construct($p_master) | |
{ | |
$this->p_master = $p_master; | |
} | |
function main($id, $mode) | |
{ | |
global $request; | |
$action = $request->variable('action', array('' => '')); | |
if (is_array($action)) | |
{ | |
list($action, ) = each($action); | |
} | |
$this->page_title = 'MCP_WARN'; | |
add_form_key('mcp_warn'); | |
switch ($mode) | |
{ | |
case 'front': | |
$this->mcp_warn_front_view(); | |
$this->tpl_name = 'mcp_warn_front'; | |
break; | |
case 'list': | |
$this->mcp_warn_list_view($action); | |
$this->tpl_name = 'mcp_warn_list'; | |
break; | |
case 'warn_post': | |
$this->mcp_warn_post_view($action); | |
$this->tpl_name = 'mcp_warn_post'; | |
break; | |
case 'warn_user': | |
$this->mcp_warn_user_view($action); | |
$this->tpl_name = 'mcp_warn_user'; | |
break; | |
} | |
} | |
/** | |
* Generates the summary on the main page of the warning module | |
*/ | |
function mcp_warn_front_view() | |
{ | |
global $phpEx, $phpbb_root_path; | |
global $template, $db, $user; | |
$template->assign_vars(array( | |
'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true'), | |
'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user'), | |
)); | |
// Obtain a list of the 5 naughtiest users.... | |
// These are the 5 users with the highest warning count | |
$highest = array(); | |
$count = 0; | |
view_warned_users($highest, $count, 5); | |
foreach ($highest as $row) | |
{ | |
$template->assign_block_vars('highest', array( | |
'U_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $row['user_id']), | |
'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), | |
'WARNING_TIME' => $user->format_date($row['user_last_warning']), | |
'WARNINGS' => $row['user_warnings'], | |
)); | |
} | |
// And now the 5 most recent users to get in trouble | |
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_warnings, w.warning_time | |
FROM ' . USERS_TABLE . ' u, ' . WARNINGS_TABLE . ' w | |
WHERE u.user_id = w.user_id | |
ORDER BY w.warning_time DESC'; | |
$result = $db->sql_query_limit($sql, 5); | |
while ($row = $db->sql_fetchrow($result)) | |
{ | |
$template->assign_block_vars('latest', array( | |
'U_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $row['user_id']), | |
'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), | |
'WARNING_TIME' => $user->format_date($row['warning_time']), | |
'WARNINGS' => $row['user_warnings'], | |
)); | |
} | |
$db->sql_freeresult($result); | |
} | |
/** | |
* Lists all users with warnings | |
*/ | |
function mcp_warn_list_view($action) | |
{ | |
global $phpEx, $phpbb_root_path, $config, $phpbb_container; | |
global $template, $user, $auth, $request; | |
/* @var $pagination \phpbb\pagination */ | |
$pagination = $phpbb_container->get('pagination'); | |
$user->add_lang('memberlist'); | |
$start = $request->variable('start', 0); | |
$st = $request->variable('st', 0); | |
$sk = $request->variable('sk', 'b'); | |
$sd = $request->variable('sd', 'd'); | |
$limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); | |
$sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_WARNINGS']); | |
$sort_by_sql = array('a' => 'username_clean', 'b' => 'user_last_warning', 'c' => 'user_warnings'); | |
$s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; | |
gen_sort_selects($limit_days, $sort_by_text, $st, $sk, $sd, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); | |
// Define where and sort sql for use in displaying logs | |
$sql_where = ($st) ? (time() - ($st * 86400)) : 0; | |
$sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC'); | |
$users = array(); | |
$user_count = 0; | |
view_warned_users($users, $user_count, $config['topics_per_page'], $start, $sql_where, $sql_sort); | |
foreach ($users as $row) | |
{ | |
$template->assign_block_vars('user', array( | |
'U_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $row['user_id']), | |
'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), | |
'WARNING_TIME' => $user->format_date($row['user_last_warning']), | |
'WARNINGS' => $row['user_warnings'], | |
)); | |
} | |
$base_url = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=warn&mode=list&st=$st&sk=$sk&sd=$sd"); | |
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $user_count, $config['topics_per_page'], $start); | |
$template->assign_vars(array( | |
'U_POST_ACTION' => $this->u_action, | |
'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, | |
'S_SELECT_SORT_DIR' => $s_sort_dir, | |
'S_SELECT_SORT_KEY' => $s_sort_key, | |
'S_SELECT_SORT_DAYS' => $s_limit_days, | |
'TOTAL_USERS' => $user->lang('LIST_USERS', (int) $user_count), | |
)); | |
} | |
/** | |
* Handles warning the user when the warning is for a specific post | |
*/ | |
function mcp_warn_post_view($action) | |
{ | |
global $phpEx, $phpbb_root_path, $config, $request; | |
global $template, $db, $user, $phpbb_dispatcher; | |
$post_id = $request->variable('p', 0); | |
$forum_id = $request->variable('f', 0); | |
$notify = (isset($_REQUEST['notify_user'])) ? true : false; | |
$warning = $request->variable('warning', '', true); | |
$sql = 'SELECT u.*, p.* | |
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u | |
WHERE p.post_id = $post_id | |
AND u.user_id = p.poster_id"; | |
$result = $db->sql_query($sql); | |
$user_row = $db->sql_fetchrow($result); | |
$db->sql_freeresult($result); | |
if (!$user_row) | |
{ | |
trigger_error('NO_POST'); | |
} | |
// There is no point issuing a warning to ignored users (ie anonymous and bots) | |
if ($user_row['user_type'] == USER_IGNORE) | |
{ | |
trigger_error('CANNOT_WARN_ANONYMOUS'); | |
} | |
// Prevent someone from warning themselves | |
if ($user_row['user_id'] == $user->data['user_id']) | |
{ | |
trigger_error('CANNOT_WARN_SELF'); | |
} | |
// Check if there is already a warning for this post to prevent multiple | |
// warnings for the same offence | |
$sql = 'SELECT post_id | |
FROM ' . WARNINGS_TABLE . " | |
WHERE post_id = $post_id"; | |
$result = $db->sql_query($sql); | |
$row = $db->sql_fetchrow($result); | |
$db->sql_freeresult($result); | |
if ($row) | |
{ | |
trigger_error('ALREADY_WARNED'); | |
} | |
$user_id = $user_row['user_id']; | |
if (strpos($this->u_action, "&f=$forum_id&p=$post_id") === false) | |
{ | |
$this->p_master->adjust_url("&f=$forum_id&p=$post_id"); | |
$this->u_action .= "&f=$forum_id&p=$post_id"; | |
} | |
// Check if can send a notification | |
if ($config['allow_privmsg']) | |
{ | |
$auth2 = new \phpbb\auth\auth(); | |
$auth2->acl($user_row); | |
$s_can_notify = ($auth2->acl_get('u_readpm')) ? true : false; | |
unset($auth2); | |
} | |
else | |
{ | |
$s_can_notify = false; | |
} | |
// Prevent against clever people | |
if ($notify && !$s_can_notify) | |
{ | |
$notify = false; | |
} | |
if ($warning && $action == 'add_warning') | |
{ | |
if (check_form_key('mcp_warn')) | |
{ | |
$s_mcp_warn_post = true; | |
/** | |
* Event for before warning a user for a post. | |
* | |
* @event core.mcp_warn_post_before | |
* @var array user_row The entire user row | |
* @var string warning The warning message | |
* @var bool notify If true, we notify the user for the warning | |
* @var int post_id The post id for which the warning is added | |
* @var bool s_mcp_warn_post If true, we add the warning else we omit it | |
* @since 3.1.0-b4 | |
*/ | |
$vars = array( | |
'user_row', | |
'warning', | |
'notify', | |
'post_id', | |
's_mcp_warn_post', | |
); | |
extract($phpbb_dispatcher->trigger_event('core.mcp_warn_post_before', compact($vars))); | |
if ($s_mcp_warn_post) | |
{ | |
add_warning($user_row, $warning, $notify, $post_id); | |
$message = $user->lang['USER_WARNING_ADDED']; | |
/** | |
* Event for after warning a user for a post. | |
* | |
* @event core.mcp_warn_post_after | |
* @var array user_row The entire user row | |
* @var string warning The warning message | |
* @var bool notify If true, the user was notified for the warning | |
* @var int post_id The post id for which the warning is added | |
* @var string message Message displayed to the moderator | |
* @since 3.1.0-b4 | |
*/ | |
$vars = array( | |
'user_row', | |
'warning', | |
'notify', | |
'post_id', | |
'message', | |
); | |
extract($phpbb_dispatcher->trigger_event('core.mcp_warn_post_after', compact($vars))); | |
} | |
} | |
else | |
{ | |
$message = $user->lang['FORM_INVALID']; | |
} | |
if (!empty($message)) | |
{ | |
$redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&mode=user_notes&u=$user_id"); | |
meta_refresh(2, $redirect); | |
trigger_error($message . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); | |
} | |
} | |
// OK, they didn't submit a warning so lets build the page for them to do so | |
// We want to make the message available here as a reminder | |
// Parse the message and subject | |
$parse_flags = OPTION_FLAG_SMILIES | ($user_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); | |
$message = generate_text_for_display($user_row['post_text'], $user_row['bbcode_uid'], $user_row['bbcode_bitfield'], $parse_flags, true); | |
// Generate the appropriate user information for the user we are looking at | |
if (!function_exists('phpbb_get_user_rank')) | |
{ | |
include($phpbb_root_path . 'includes/functions_display.' . $phpEx); | |
} | |
$user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); | |
$avatar_img = phpbb_get_user_avatar($user_row); | |
$template->assign_vars(array( | |
'U_POST_ACTION' => $this->u_action, | |
'POST' => $message, | |
'USERNAME' => $user_row['username'], | |
'USER_COLOR' => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '', | |
'RANK_TITLE' => $user_rank_data['title'], | |
'JOINED' => $user->format_date($user_row['user_regdate']), | |
'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0, | |
'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0, | |
'AVATAR_IMG' => $avatar_img, | |
'RANK_IMG' => $user_rank_data['img'], | |
'L_WARNING_POST_DEFAULT' => sprintf($user->lang['WARNING_POST_DEFAULT'], generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&p=$post_id#p$post_id"), | |
'S_CAN_NOTIFY' => $s_can_notify, | |
)); | |
} | |
/** | |
* Handles warning the user | |
*/ | |
function mcp_warn_user_view($action) | |
{ | |
global $phpEx, $phpbb_root_path, $config, $request; | |
global $template, $db, $user, $phpbb_dispatcher; | |
$user_id = $request->variable('u', 0); | |
$username = $request->variable('username', '', true); | |
$notify = (isset($_REQUEST['notify_user'])) ? true : false; | |
$warning = $request->variable('warning', '', true); | |
$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; | |
$sql = 'SELECT * | |
FROM ' . USERS_TABLE . ' | |
WHERE ' . $sql_where; | |
$result = $db->sql_query($sql); | |
$user_row = $db->sql_fetchrow($result); | |
$db->sql_freeresult($result); | |
if (!$user_row) | |
{ | |
trigger_error('NO_USER'); | |
} | |
// Prevent someone from warning themselves | |
if ($user_row['user_id'] == $user->data['user_id']) | |
{ | |
trigger_error('CANNOT_WARN_SELF'); | |
} | |
$user_id = $user_row['user_id']; | |
if (strpos($this->u_action, "&u=$user_id") === false) | |
{ | |
$this->p_master->adjust_url('&u=' . $user_id); | |
$this->u_action .= "&u=$user_id"; | |
} | |
// Check if can send a notification | |
if ($config['allow_privmsg']) | |
{ | |
$auth2 = new \phpbb\auth\auth(); | |
$auth2->acl($user_row); | |
$s_can_notify = ($auth2->acl_get('u_readpm')) ? true : false; | |
unset($auth2); | |
} | |
else | |
{ | |
$s_can_notify = false; | |
} | |
// Prevent against clever people | |
if ($notify && !$s_can_notify) | |
{ | |
$notify = false; | |
} | |
if ($warning && $action == 'add_warning') | |
{ | |
if (check_form_key('mcp_warn')) | |
{ | |
$s_mcp_warn_user = true; | |
/** | |
* Event for before warning a user from MCP. | |
* | |
* @event core.mcp_warn_user_before | |
* @var array user_row The entire user row | |
* @var string warning The warning message | |
* @var bool notify If true, we notify the user for the warning | |
* @var bool s_mcp_warn_user If true, we add the warning else we omit it | |
* @since 3.1.0-b4 | |
*/ | |
$vars = array( | |
'user_row', | |
'warning', | |
'notify', | |
's_mcp_warn_user', | |
); | |
extract($phpbb_dispatcher->trigger_event('core.mcp_warn_user_before', compact($vars))); | |
if ($s_mcp_warn_user) | |
{ | |
add_warning($user_row, $warning, $notify); | |
$message = $user->lang['USER_WARNING_ADDED']; | |
/** | |
* Event for after warning a user from MCP. | |
* | |
* @event core.mcp_warn_user_after | |
* @var array user_row The entire user row | |
* @var string warning The warning message | |
* @var bool notify If true, the user was notified for the warning | |
* @var string message Message displayed to the moderator | |
* @since 3.1.0-b4 | |
*/ | |
$vars = array( | |
'user_row', | |
'warning', | |
'notify', | |
'message', | |
); | |
extract($phpbb_dispatcher->trigger_event('core.mcp_warn_user_after', compact($vars))); | |
} | |
} | |
else | |
{ | |
$message = $user->lang['FORM_INVALID']; | |
} | |
if (!empty($message)) | |
{ | |
$redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&mode=user_notes&u=$user_id"); | |
meta_refresh(2, $redirect); | |
trigger_error($message . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); | |
} | |
} | |
// Generate the appropriate user information for the user we are looking at | |
if (!function_exists('phpbb_get_user_rank')) | |
{ | |
include($phpbb_root_path . 'includes/functions_display.' . $phpEx); | |
} | |
$user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); | |
$avatar_img = phpbb_get_user_avatar($user_row); | |
// OK, they didn't submit a warning so lets build the page for them to do so | |
$template->assign_vars(array( | |
'U_POST_ACTION' => $this->u_action, | |
'RANK_TITLE' => $user_rank_data['title'], | |
'JOINED' => $user->format_date($user_row['user_regdate']), | |
'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0, | |
'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0, | |
'USERNAME_FULL' => get_username_string('full', $user_row['user_id'], $user_row['username'], $user_row['user_colour']), | |
'USERNAME_COLOUR' => get_username_string('colour', $user_row['user_id'], $user_row['username'], $user_row['user_colour']), | |
'USERNAME' => get_username_string('username', $user_row['user_id'], $user_row['username'], $user_row['user_colour']), | |
'U_PROFILE' => get_username_string('profile', $user_row['user_id'], $user_row['username'], $user_row['user_colour']), | |
'AVATAR_IMG' => $avatar_img, | |
'RANK_IMG' => $user_rank_data['img'], | |
'S_CAN_NOTIFY' => $s_can_notify, | |
)); | |
return $user_id; | |
} | |
} | |
/** | |
* Insert the warning into the database | |
*/ | |
function add_warning($user_row, $warning, $send_pm = true, $post_id = 0) | |
{ | |
global $phpEx, $phpbb_root_path, $config, $phpbb_log; | |
global $db, $user; | |
if ($send_pm) | |
{ | |
include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); | |
include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx); | |
// Attempt to translate warning to language of user being warned if user's language differs from issuer's language | |
if ($user_row['user_lang'] != $user->lang_name) | |
{ | |
$lang = array(); | |
$user_row['user_lang'] = (file_exists($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp." . $phpEx)) ? $user_row['user_lang'] : $config['default_lang']; | |
include($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp." . $phpEx); | |
$warn_pm_subject = $lang['WARNING_PM_SUBJECT']; | |
$warn_pm_body = sprintf($lang['WARNING_PM_BODY'], $warning); | |
unset($lang); | |
} | |
else | |
{ | |
$warn_pm_subject = $user->lang('WARNING_PM_SUBJECT'); | |
$warn_pm_body = $user->lang('WARNING_PM_BODY', $warning); | |
} | |
$message_parser = new parse_message(); | |
$message_parser->message = $warn_pm_body; | |
$message_parser->parse(true, true, true, false, false, true, true); | |
$pm_data = array( | |
'from_user_id' => $user->data['user_id'], | |
'from_user_ip' => $user->ip, | |
'from_username' => $user->data['username'], | |
'enable_sig' => false, | |
'enable_bbcode' => true, | |
'enable_smilies' => true, | |
'enable_urls' => false, | |
'icon_id' => 0, | |
'bbcode_bitfield' => $message_parser->bbcode_bitfield, | |
'bbcode_uid' => $message_parser->bbcode_uid, | |
'message' => $message_parser->message, | |
'address_list' => array('u' => array($user_row['user_id'] => 'to')), | |
); | |
submit_pm('post', $warn_pm_subject, $pm_data, false); | |
} | |
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING', false, [$user_row['username']]); | |
$log_id = $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING_BODY', false, [ | |
'reportee_id' => $user_row['user_id'], | |
utf8_encode_ucr($warning) | |
]); | |
$sql_ary = array( | |
'user_id' => $user_row['user_id'], | |
'post_id' => $post_id, | |
'log_id' => $log_id, | |
'warning_time' => time(), | |
); | |
$db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); | |
$sql = 'UPDATE ' . USERS_TABLE . ' | |
SET user_warnings = user_warnings + 1, | |
user_last_warning = ' . time() . ' | |
WHERE user_id = ' . $user_row['user_id']; | |
$db->sql_query($sql); | |
// We add this to the mod log too for moderators to see that a specific user got warned. | |
$sql = 'SELECT forum_id, topic_id | |
FROM ' . POSTS_TABLE . ' | |
WHERE post_id = ' . $post_id; | |
$result = $db->sql_query($sql); | |
$row = $db->sql_fetchrow($result); | |
$db->sql_freeresult($result); | |
$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING', false, array( | |
'forum_id' => $row['forum_id'], | |
'topic_id' => $row['topic_id'], | |
'post_id' => $post_id, | |
$user_row['username'] | |
)); | |
} |