Code Coverage for /data/phpBB/phpbb/report/report_handler

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 2	CRAP	0.00% covered (danger)	0.00%	0 / 101
report_handler_post	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 2	156	0.00% covered (danger)	0.00%	0 / 101
add_report				0.00% covered (danger)	0.00%	0 / 1	30	0.00% covered (danger)	0.00%	0 / 46
validate_report_request				0.00% covered (danger)	0.00%	0 / 1	56	0.00% covered (danger)	0.00%	0 / 55

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	namespace phpbb\report;
15
16	use phpbb\report\exception\invalid_report_exception;
17	use phpbb\report\exception\empty_report_exception;
18	use phpbb\report\exception\already_reported_exception;
19	use phpbb\report\exception\entity_not_found_exception;
20	use phpbb\report\exception\report_permission_denied_exception;
21
22	class report_handler_post extends report_handler
23	{
24	/**
25	* @var array
26	*/
27	protected $forum_data;
28
29	/**
30	* {@inheritdoc}
31	* @throws \phpbb\report\exception\report_permission_denied_exception when the user does not have permission to report the post
32	*/
33	public function add_report($id, $reason_id, $report_text, $user_notify)
34	{
35	// Cast the input variables
36	$id = (int) $id;
37	$reason_id = (int) $reason_id;
38	$report_text = (string) $report_text;
39	$user_notify = (int) $user_notify;
40
41	$this->validate_report_request($id);
42
43	$sql = 'SELECT *
44	FROM ' . REPORTS_REASONS_TABLE . "
45	WHERE reason_id = $reason_id";
46	$result = $this->db->sql_query($sql);
47	$row = $this->db->sql_fetchrow($result);
48	$this->db->sql_freeresult($result);
49
50	if (!$row \|\| (empty($report_text) && strtolower($row['reason_title']) === 'other'))
51	{
52	throw new empty_report_exception();
53	}
54
55	$report_data = array(
56	'reason_id' => $reason_id,
57	'post_id' => $id,
58	'pm_id' => 0,
59	'user_notify' => $user_notify,
60	'report_text' => $report_text,
61	'reported_post_text' => $this->report_data['post_text'],
62	'reported_post_uid' => $this->report_data['bbcode_uid'],
63	'reported_post_bitfield' => $this->report_data['bbcode_bitfield'],
64	'reported_post_enable_bbcode' => $this->report_data['enable_bbcode'],
65	'reported_post_enable_smilies' => $this->report_data['enable_smilies'],
66	'reported_post_enable_magic_url' => $this->report_data['enable_magic_url'],
67	);
68
69	$this->create_report($report_data);
70
71	$sql = 'UPDATE ' . POSTS_TABLE . '
72	SET post_reported = 1
73	WHERE post_id = ' . $id;
74	$this->db->sql_query($sql);
75
76	if (!$this->report_data['topic_reported'])
77	{
78	$sql = 'UPDATE ' . TOPICS_TABLE . '
79	SET topic_reported = 1
80	WHERE topic_id = ' . $this->report_data['topic_id'] . '
81	OR topic_moved_id = ' . $this->report_data['topic_id'];
82	$this->db->sql_query($sql);
83	}
84
85	$this->notifications->add_notifications('notification.type.report_post', array_merge($this->report_data, $row, $this->forum_data, array(
86	'report_text' => $report_text,
87	)));
88	}
89
90	/**
91	* {@inheritdoc}
92	* @throws \phpbb\report\exception\report_permission_denied_exception when the user does not have permission to report the post
93	*/
94	public function validate_report_request($id)
95	{
96	$id = (int) $id;
97
98	// Check if id is valid
99	if ($id <= 0)
100	{
101	throw new entity_not_found_exception('NO_POST_SELECTED');
102	}
103
104	// Grab all relevant data
105	$sql = 'SELECT t., p.
106	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t
107	WHERE p.post_id = $id
108	AND p.topic_id = t.topic_id";
109	$result = $this->db->sql_query($sql);
110	$report_data = $this->db->sql_fetchrow($result);
111	$this->db->sql_freeresult($result);
112
113	if (!$report_data)
114	{
115	throw new entity_not_found_exception('POST_NOT_EXIST');
116	}
117
118	$forum_id = (int) $report_data['forum_id'];
119
120	$sql = 'SELECT *
121	FROM ' . FORUMS_TABLE . '
122	WHERE forum_id = ' . $forum_id;
123	$result = $this->db->sql_query($sql);
124	$forum_data = $this->db->sql_fetchrow($result);
125	$this->db->sql_freeresult($result);
126
127	if (!$forum_data)
128	{
129	throw new invalid_report_exception('FORUM_NOT_EXIST');
130	}
131
132	$acl_check_ary = array(
133	'f_list' => 'POST_NOT_EXIST',
134	'f_read' => 'USER_CANNOT_READ',
135	'f_report' => 'USER_CANNOT_REPORT'
136	);
137
138	/**
139	* This event allows you to do extra auth checks and verify if the user
140	* has the required permissions
141	*
142	* @event core.report_post_auth
143	* @var array forum_data All data available from the forums table on this post's forum
144	* @var array report_data All data available from the topics and the posts tables on this post (and its topic)
145	* @var array acl_check_ary An array with the ACL to be tested. The evaluation is made in the same order as the array is sorted
146	* The key is the ACL name and the value is the language key for the error message.
147	* @since 3.1.3-RC1
148	*/
149	$vars = array(
150	'forum_data',
151	'report_data',
152	'acl_check_ary',
153	);
154	extract($this->dispatcher->trigger_event('core.report_post_auth', compact($vars)));
155
156	$this->auth->acl($this->user->data);
157
158	foreach ($acl_check_ary as $acl => $error)
159	{
160	if (!$this->auth->acl_get($acl, $forum_id))
161	{
162	throw new report_permission_denied_exception($error);
163	}
164	}
165	unset($acl_check_ary);
166
167	if ($report_data['post_reported'])
168	{
169	throw new already_reported_exception();
170	}
171
172	$this->report_data = $report_data;
173	$this->forum_data = $forum_data;
174	}
175	}