Code Coverage for /data/phpBB/includes/mcp/mcp

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 1102
mcp_queue	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 5	43890	0.00% covered (danger)	0.00%	0 / 1098
__construct				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 3
main				0.00% covered (danger)	0.00%	0 / 1	8556	0.00% covered (danger)	0.00%	0 / 481
approve_posts				0.00% covered (danger)	0.00%	0 / 1	1332	0.00% covered (danger)	0.00%	0 / 187
approve_topics				0.00% covered (danger)	0.00%	0 / 1	462	0.00% covered (danger)	0.00%	0 / 139
disapprove_posts				0.00% covered (danger)	0.00%	0 / 1	3540	0.00% covered (danger)	0.00%	0 / 288

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* mcp_queue
24	* Handling the moderation queue
25	*/
26	class mcp_queue
27	{
28	var $p_master;
29	var $u_action;
30
31	public function __construct($p_master)
32	{
33	$this->p_master = $p_master;
34	}
35
36	public function main($id, $mode)
37	{
38	global $auth, $db, $user, $template, $request;
39	global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
40	global $phpbb_dispatcher;
41
42	include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
43
44	$forum_id = $request->variable('f', 0);
45	$start = $request->variable('start', 0);
46
47	$this->page_title = 'MCP_QUEUE';
48
49	switch ($action)
50	{
51	case 'approve':
52	case 'restore':
53	include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
54
55	$post_id_list = $request->variable('post_id_list', array(0));
56	$topic_id_list = $request->variable('topic_id_list', array(0));
57
58	if (!empty($post_id_list))
59	{
60	self::approve_posts($action, $post_id_list, 'queue', $mode);
61	}
62	else if (!empty($topic_id_list))
63	{
64	self::approve_topics($action, $topic_id_list, 'queue', $mode);
65	}
66	else
67	{
68	trigger_error('NO_POST_SELECTED');
69	}
70	break;
71
72	case 'delete':
73	$post_id_list = $request->variable('post_id_list', array(0));
74	$topic_id_list = $request->variable('topic_id_list', array(0));
75	$delete_reason = $request->variable('delete_reason', '', true);
76
77	if (!empty($post_id_list))
78	{
79	if (!function_exists('mcp_delete_post'))
80	{
81	global $phpbb_root_path, $phpEx;
82	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
83	}
84	mcp_delete_post($post_id_list, false, $delete_reason, $action);
85	}
86	else if (!empty($topic_id_list))
87	{
88	if (!function_exists('mcp_delete_topic'))
89	{
90	global $phpbb_root_path, $phpEx;
91	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
92	}
93	mcp_delete_topic($topic_id_list, false, $delete_reason, $action);
94	}
95	else
96	{
97	trigger_error('NO_POST_SELECTED');
98	}
99	break;
100
101	case 'disapprove':
102	$post_id_list = $request->variable('post_id_list', array(0));
103	$topic_id_list = $request->variable('topic_id_list', array(0));
104
105	if (!empty($topic_id_list) && $mode == 'deleted_topics')
106	{
107	if (!function_exists('mcp_delete_topic'))
108	{
109	global $phpbb_root_path, $phpEx;
110	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
111	}
112	mcp_delete_topic($topic_id_list, false, '', 'disapprove');
113	return;
114	}
115
116	if (!class_exists('messenger'))
117	{
118	include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
119	}
120
121	if (!empty($topic_id_list))
122	{
123	$post_visibility = ($mode == 'deleted_topics') ? ITEM_DELETED : array(ITEM_UNAPPROVED, ITEM_REAPPROVE);
124	$sql = 'SELECT post_id
125	FROM ' . POSTS_TABLE . '
126	WHERE ' . $db->sql_in_set('post_visibility', $post_visibility) . '
127	AND ' . $db->sql_in_set('topic_id', $topic_id_list);
128	$result = $db->sql_query($sql);
129
130	$post_id_list = array();
131	while ($row = $db->sql_fetchrow($result))
132	{
133	$post_id_list[] = (int) $row['post_id'];
134	}
135	$db->sql_freeresult($result);
136	}
137
138	if (!empty($post_id_list))
139	{
140	self::disapprove_posts($post_id_list, 'queue', $mode);
141	}
142	else
143	{
144	trigger_error('NO_POST_SELECTED');
145	}
146	break;
147	}
148
149	switch ($mode)
150	{
151	case 'approve_details':
152
153	$this->tpl_name = 'mcp_post';
154
155	$user->add_lang(array('posting', 'viewtopic'));
156
157	$post_id = $request->variable('p', 0);
158	$topic_id = $request->variable('t', 0);
159
160	/* @var $phpbb_notifications \phpbb\notification\manager */
161	$phpbb_notifications = $phpbb_container->get('notification_manager');
162
163	if ($topic_id)
164	{
165	$topic_info = phpbb_get_topic_data(array($topic_id), 'm_approve');
166	if (isset($topic_info[$topic_id]['topic_first_post_id']))
167	{
168	$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
169
170	$phpbb_notifications->mark_notifications('topic_in_queue', $topic_id, $user->data['user_id']);
171	}
172	else
173	{
174	$topic_id = 0;
175	}
176	}
177
178	$phpbb_notifications->mark_notifications('post_in_queue', $post_id, $user->data['user_id']);
179
180	$post_info = phpbb_get_post_data(array($post_id), 'm_approve', true);
181
182	if (!count($post_info))
183	{
184	trigger_error('NO_POST_SELECTED');
185	}
186
187	$post_info = $post_info[$post_id];
188
189	if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
190	{
191	$template->assign_vars(array(
192	'S_TOPIC_REVIEW' => true,
193	'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'],
194	'TOPIC_TITLE' => $post_info['topic_title'],
195	));
196	}
197
198	$attachments = $topic_tracking_info = array();
199
200	// Get topic tracking info
201	if ($config['load_db_lastread'])
202	{
203	$tmp_topic_data = array($post_info['topic_id'] => $post_info);
204	$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
205	unset($tmp_topic_data);
206	}
207	else
208	{
209	$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
210	}
211
212	$post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
213
214	// Process message, leave it uncensored
215	$parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
216	$message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
217
218	if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
219	{
220	$sql = 'SELECT *
221	FROM ' . ATTACHMENTS_TABLE . '
222	WHERE post_msg_id = ' . $post_id . '
223	AND in_message = 0
224	ORDER BY filetime DESC, post_msg_id ASC';
225	$result = $db->sql_query($sql);
226
227	while ($row = $db->sql_fetchrow($result))
228	{
229	$attachments[] = $row;
230	}
231	$db->sql_freeresult($result);
232
233	if (count($attachments))
234	{
235	$update_count = array();
236	parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
237	}
238
239	// Display not already displayed Attachments for this post, we already parsed them. ;)
240	if (!empty($attachments))
241	{
242	$template->assign_var('S_HAS_ATTACHMENTS', true);
243
244	foreach ($attachments as $attachment)
245	{
246	$template->assign_block_vars('attachment', array(
247	'DISPLAY_ATTACHMENT' => $attachment,
248	));
249	}
250	}
251	}
252
253	// Deleting information
254	if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user'])
255	{
256	// User having deleted the post also being the post author?
257	if (!$post_info['post_delete_user'] \|\| $post_info['post_delete_user'] == $post_info['poster_id'])
258	{
259	$display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
260	}
261	else
262	{
263	$sql = 'SELECT u.user_id, u.username, u.user_colour
264	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
265	WHERE p.post_id = ' . $post_info['post_id'] . '
266	AND p.post_delete_user = u.user_id';
267	$result = $db->sql_query($sql);
268	$post_delete_userinfo = $db->sql_fetchrow($result);
269	$db->sql_freeresult($result);
270	$display_username = get_username_string('full', $post_info['post_delete_user'], $post_delete_userinfo['username'], $post_delete_userinfo['user_colour']);
271	}
272
273	$l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
274	}
275	else
276	{
277	$l_deleted_by = '';
278	}
279
280	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
281	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']);
282
283	$post_data = array(
284	'S_MCP_QUEUE' => true,
285	'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f=$forum_id"),
286	'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']),
287	'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
288	'S_POST_REPORTED' => $post_info['post_reported'],
289	'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED \|\| $post_info['post_visibility'] == ITEM_REAPPROVE,
290	'S_POST_LOCKED' => $post_info['post_edit_locked'],
291	'S_USER_NOTES' => true,
292	'S_POST_DELETED' => ($post_info['post_visibility'] == ITEM_DELETED),
293	'DELETED_MESSAGE' => $l_deleted_by,
294	'DELETE_REASON' => $post_info['post_delete_reason'],
295
296	'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '',
297	'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
298	'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
299	'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
300	'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
301	'U_VIEW_POST' => $post_url,
302	'U_VIEW_TOPIC' => $topic_url,
303
304	'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
305
306	'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue' . (($topic_id) ? '&mode=unapproved_topics' : '&mode=unapproved_posts')) . '&start=' . $start . '">', '</a>'),
307	'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'),
308	'RETURN_TOPIC_SIMPLE' => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'),
309	'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
310	'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
311	'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
312
313	'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
314	'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
315	'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
316	'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
317
318	'POST_PREVIEW' => $message,
319	'POST_SUBJECT' => $post_info['post_subject'],
320	'POST_DATE' => $user->format_date($post_info['post_time']),
321	'POST_IP' => $post_info['poster_ip'],
322	'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && $request->variable('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
323	'POST_ID' => $post_info['post_id'],
324	'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id),
325
326	'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : '',
327	);
328
329	/**
330	* Alter post awaiting approval template before it is rendered
331	*
332	* @event core.mcp_queue_approve_details_template
333	* @var int post_id Post ID
334	* @var int topic_id Topic ID
335	* @var array topic_info Topic data
336	* @var array post_info Post data
337	* @var array post_data Post template data
338	* @var string message Post message
339	* @var string post_url Post URL
340	* @var string topic_url Topic URL
341	* @since 3.2.2-RC1
342	*/
343	$vars = array(
344	'post_id',
345	'topic_id',
346	'topic_info',
347	'post_info',
348	'post_data',
349	'message',
350	'post_url',
351	'topic_url',
352	);
353	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_approve_details_template', compact($vars)));
354
355	$template->assign_vars($post_data);
356
357	break;
358
359	case 'unapproved_topics':
360	case 'unapproved_posts':
361	case 'deleted_topics':
362	case 'deleted_posts':
363	$m_perm = 'm_approve';
364	$is_topics = ($mode == 'unapproved_topics' \|\| $mode == 'deleted_topics') ? true : false;
365	$is_restore = ($mode == 'deleted_posts' \|\| $mode == 'deleted_topics') ? true : false;
366	$visibility_const = (!$is_restore) ? array(ITEM_UNAPPROVED, ITEM_REAPPROVE) : ITEM_DELETED;
367
368	$user->add_lang(array('viewtopic', 'viewforum'));
369
370	$topic_id = $request->variable('t', 0);
371	$forum_info = array();
372
373	// If 'sort' is set, "Go" was pressed which is located behind the forums <select> box
374	// Then, unset the topic id so it does not override the forum id
375	$topic_id = $request->is_set_post('sort') ? 0 : $topic_id;
376
377	if ($topic_id)
378	{
379	$topic_info = phpbb_get_topic_data(array($topic_id));
380
381	if (!count($topic_info))
382	{
383	trigger_error('TOPIC_NOT_EXIST');
384	}
385
386	$topic_info = $topic_info[$topic_id];
387	$forum_id = $topic_info['forum_id'];
388	}
389
390	$forum_list_approve = get_forum_list($m_perm, false, true);
391	$forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
392
393	// Remove forums we cannot read
394	foreach ($forum_list_approve as $k => $forum_data)
395	{
396	if (!isset($forum_list_read[$forum_data['forum_id']]))
397	{
398	unset($forum_list_approve[$k]);
399	}
400	}
401	unset($forum_list_read);
402
403	if (!$forum_id)
404	{
405	$forum_list = array();
406	foreach ($forum_list_approve as $row)
407	{
408	$forum_list[] = $row['forum_id'];
409	}
410
411	if (!count($forum_list))
412	{
413	trigger_error('NOT_MODERATOR');
414	}
415
416	$sql = 'SELECT SUM(forum_topics_approved) as sum_forum_topics
417	FROM ' . FORUMS_TABLE . '
418	WHERE ' . $db->sql_in_set('forum_id', $forum_list);
419	$result = $db->sql_query($sql);
420	$forum_info['forum_topics_approved'] = (int) $db->sql_fetchfield('sum_forum_topics');
421	$db->sql_freeresult($result);
422	}
423	else
424	{
425	$forum_info = phpbb_get_forum_data(array($forum_id), $m_perm);
426
427	if (!count($forum_info))
428	{
429	trigger_error('NOT_MODERATOR');
430	}
431
432	$forum_list = $forum_id;
433	}
434
435	$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
436	foreach ($forum_list_approve as $row)
437	{
438	$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('   ', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
439	}
440
441	$sort_days = $total = 0;
442	$sort_key = $sort_dir = '';
443	$sort_by_sql = $sort_order_sql = array();
444	phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
445
446	$limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
447
448	$forum_names = array();
449
450	if (!$is_topics)
451	{
452	$sql = 'SELECT p.post_id
453	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . '
454	WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . '
455	AND ' . $db->sql_in_set('p.post_visibility', $visibility_const) . '
456	' . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
457	' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
458	AND t.topic_id = p.topic_id
459	AND (t.topic_visibility <> p.post_visibility
460	OR t.topic_delete_user = 0)
461	$limit_time_sql
462	ORDER BY $sort_order_sql";
463
464	/**
465	* Alter sql query to get posts in queue to be accepted
466	*
467	* @event core.mcp_queue_get_posts_query_before
468	* @var string sql Associative array with the query to be executed
469	* @var array forum_list List of forums that contain the posts
470	* @var int visibility_const Integer with one of the possible ITEM_* constant values
471	* @var int topic_id If topic_id not equal to 0, the topic id to filter the posts to display
472	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
473	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
474	* @since 3.1.0-RC3
475	*/
476	$vars = array(
477	'sql',
478	'forum_list',
479	'visibility_const',
480	'topic_id',
481	'limit_time_sql',
482	'sort_order_sql',
483	);
484	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_query_before', compact($vars)));
485
486	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
487
488	$i = 0;
489	$post_ids = array();
490	while ($row = $db->sql_fetchrow($result))
491	{
492	$post_ids[] = $row['post_id'];
493	$row_num[$row['post_id']] = $i++;
494	}
495	$db->sql_freeresult($result);
496
497	if (count($post_ids))
498	{
499	$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour
500	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
501	WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
502	AND t.topic_id = p.topic_id
503	AND u.user_id = p.poster_id
504	ORDER BY ' . $sort_order_sql;
505
506	/**
507	* Alter sql query to get information on all posts in queue
508	*
509	* @event core.mcp_queue_get_posts_for_posts_query_before
510	* @var string sql String with the query to be executed
511	* @var array forum_list List of forums that contain the posts
512	* @var int visibility_const Integer with one of the possible ITEM_* constant values
513	* @var int topic_id topic_id in the page request
514	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
515	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
516	* @since 3.2.3-RC2
517	*/
518	$vars = array(
519	'sql',
520	'forum_list',
521	'visibility_const',
522	'topic_id',
523	'limit_time_sql',
524	'sort_order_sql',
525	);
526	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_posts_query_before', compact($vars)));
527
528	$result = $db->sql_query($sql);
529
530	$post_data = $rowset = array();
531	while ($row = $db->sql_fetchrow($result))
532	{
533	$forum_names[] = $row['forum_id'];
534	$post_data[$row['post_id']] = $row;
535	}
536	$db->sql_freeresult($result);
537
538	foreach ($post_ids as $post_id)
539	{
540	$rowset[] = $post_data[$post_id];
541	}
542	unset($post_data, $post_ids);
543	}
544	else
545	{
546	$rowset = array();
547	}
548	}
549	else
550	{
551	$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
552	FROM ' . TOPICS_TABLE . ' t
553	WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
554	AND ' . $db->sql_in_set('topic_visibility', $visibility_const) . "
555	AND topic_delete_user <> 0
556	$limit_time_sql
557	ORDER BY $sort_order_sql";
558
559	/**
560	* Alter sql query to get information on all topics in the list of forums provided.
561	*
562	* @event core.mcp_queue_get_posts_for_topics_query_before
563	* @var string sql String with the query to be executed
564	* @var array forum_list List of forums that contain the posts
565	* @var int visibility_const Integer with one of the possible ITEM_* constant values
566	* @var int topic_id topic_id in the page request
567	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
568	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
569	* @since 3.1.0-RC3
570	*/
571	$vars = array(
572	'sql',
573	'forum_list',
574	'visibility_const',
575	'topic_id',
576	'limit_time_sql',
577	'sort_order_sql',
578	);
579	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_topics_query_before', compact($vars)));
580
581	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
582
583	$rowset = array();
584	while ($row = $db->sql_fetchrow($result))
585	{
586	$forum_names[] = $row['forum_id'];
587	$rowset[] = $row;
588	}
589	$db->sql_freeresult($result);
590	}
591
592	if (count($forum_names))
593	{
594	// Select the names for the forum_ids
595	$sql = 'SELECT forum_id, forum_name
596	FROM ' . FORUMS_TABLE . '
597	WHERE ' . $db->sql_in_set('forum_id', $forum_names);
598	$result = $db->sql_query($sql, 3600);
599
600	$forum_names = array();
601	while ($row = $db->sql_fetchrow($result))
602	{
603	$forum_names[$row['forum_id']] = $row['forum_name'];
604	}
605	$db->sql_freeresult($result);
606	}
607
608	foreach ($rowset as $row)
609	{
610	if (empty($row['post_username']))
611	{
612	$row['post_username'] = $row['username'] ?: $user->lang['GUEST'];
613	}
614
615	$post_row = array(
616	'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']),
617	'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
618	'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
619	'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')),
620
621	'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
622	'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
623	'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
624	'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
625
626	'POST_ID' => $row['post_id'],
627	'TOPIC_ID' => $row['topic_id'],
628	'FORUM_NAME' => $forum_names[$row['forum_id']],
629	'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
630	'TOPIC_TITLE' => $row['topic_title'],
631	'POST_TIME' => $user->format_date($row['post_time']),
632	'S_HAS_ATTACHMENTS' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'],
633	);
634
635	/**
636	* Alter sql query to get information on all topics in the list of forums provided.
637	*
638	* @event core.mcp_queue_get_posts_modify_post_row
639	* @var array post_row Template variables for current post
640	* @var array row Post data
641	* @var array forum_names Forum names
642	* @since 3.2.3-RC2
643	*/
644	$vars = array(
645	'post_row',
646	'row',
647	'forum_names',
648	);
649	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_modify_post_row', compact($vars)));
650
651	$template->assign_block_vars('postrow', $post_row);
652	}
653	unset($rowset, $forum_names);
654
655	/* @var \phpbb\pagination $pagination */
656	$pagination = $phpbb_container->get('pagination');
657
658	$base_url = $this->u_action . "&f=$forum_id&st=$sort_days&sk=$sort_key&sd=$sort_dir";
659	$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
660
661	// Now display the page
662	$template->assign_vars(array(
663	'L_DISPLAY_ITEMS' => (!$is_topics) ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
664	'L_EXPLAIN' => $user->lang['MCP_QUEUE_' . strtoupper($mode) . '_EXPLAIN'],
665	'L_TITLE' => $user->lang['MCP_QUEUE_' . strtoupper($mode)],
666	'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
667
668	'S_FORUM_OPTIONS' => $forum_options,
669	'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')),
670	'S_TOPICS' => $is_topics,
671	'S_RESTORE' => $is_restore,
672
673	'TOPIC_ID' => $topic_id,
674	'TOTAL' => $user->lang(((!$is_topics) ? 'VIEW_TOPIC_POSTS' : 'VIEW_FORUM_TOPICS'), (int) $total),
675	));
676
677	$this->tpl_name = 'mcp_queue';
678	break;
679	}
680	}
681
682	/**
683	* Approve/Restore posts
684	*
685	* @param $action string Action we perform on the posts ('approve' or 'restore')
686	* @param $post_id_list array IDs of the posts to approve/restore
687	* @param $id mixed Category of the current active module
688	* @param $mode string Active module
689	* @return null
690	*/
691	static public function approve_posts($action, $post_id_list, $id, $mode)
692	{
693	global $template, $user, $request, $phpbb_container, $phpbb_dispatcher;
694	global $phpEx, $phpbb_root_path, $phpbb_log;
695
696	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
697	{
698	send_status_line(403, 'Forbidden');
699	trigger_error('NOT_AUTHORISED');
700	}
701
702	$redirect = $request->variable('redirect', build_url(array('quickmod')));
703	$redirect = reapply_sid($redirect);
704	$post_url = '';
705	$approve_log = array();
706	$num_topics = 0;
707
708	$s_hidden_fields = build_hidden_fields(array(
709	'i' => $id,
710	'mode' => $mode,
711	'post_id_list' => $post_id_list,
712	'action' => $action,
713	'redirect' => $redirect,
714	));
715
716	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
717
718	if (confirm_box(true))
719	{
720	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster']));
721
722	$topic_info = array();
723
724	// Group the posts by topic_id
725	foreach ($post_info as $post_id => $post_data)
726	{
727	if ($post_data['post_visibility'] == ITEM_APPROVED)
728	{
729	continue;
730	}
731	$topic_id = (int) $post_data['topic_id'];
732
733	$topic_info[$topic_id]['posts'][] = (int) $post_id;
734	$topic_info[$topic_id]['forum_id'] = (int) $post_data['forum_id'];
735
736	// Refresh the first post, if the time or id is older then the current one
737	if ($post_id <= $post_data['topic_first_post_id'] \|\| $post_data['post_time'] <= $post_data['topic_time'])
738	{
739	$topic_info[$topic_id]['first_post'] = true;
740	}
741
742	// Refresh the last post, if the time or id is newer then the current one
743	if ($post_id >= $post_data['topic_last_post_id'] \|\| $post_data['post_time'] >= $post_data['topic_last_post_time'])
744	{
745	$topic_info[$topic_id]['last_post'] = true;
746	}
747
748	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f={$post_data['forum_id']}&t={$post_data['topic_id']}&p={$post_data['post_id']}") . '#p' . $post_data['post_id'];
749
750	$approve_log[] = array(
751	'forum_id' => $post_data['forum_id'],
752	'topic_id' => $post_data['topic_id'],
753	'post_id' => $post_id,
754	'post_subject' => $post_data['post_subject'],
755	);
756	}
757
758	/* @var $phpbb_content_visibility \phpbb\content_visibility */
759	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
760	foreach ($topic_info as $topic_id => $topic_data)
761	{
762	$phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $topic_data['posts'], $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '', isset($topic_data['first_post']), isset($topic_data['last_post']));
763	}
764
765	foreach ($approve_log as $log_data)
766	{
767	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_' . strtoupper($action) . 'D', false, array(
768	'forum_id' => $log_data['forum_id'],
769	'topic_id' => $log_data['topic_id'],
770	'post_id' => $log_data['post_id'],
771	$log_data['post_subject']
772	));
773	}
774
775	// Only send out the mails, when the posts are being approved
776	if ($action == 'approve')
777	{
778	/* @var $phpbb_notifications \phpbb\notification\manager */
779	$phpbb_notifications = $phpbb_container->get('notification_manager');
780
781	// Handle notifications
782	foreach ($post_info as $post_id => $post_data)
783	{
784	// A single topic approval may also happen here, so handle deleting the respective notification.
785	if (!$post_data['topic_posts_approved'])
786	{
787	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
788
789	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
790	{
791	$phpbb_notifications->add_notifications(array('notification.type.topic'), $post_data);
792	}
793	if ($post_data['post_visibility'] != ITEM_APPROVED)
794	{
795	$num_topics++;
796	}
797	}
798	else
799	{
800	// Only add notifications, if we are not reapproving post
801	// When the topic was already approved, but was edited and
802	// now needs re-approval, we don't want to notify the users
803	// again.
804	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
805	{
806	$phpbb_notifications->add_notifications(array(
807	'notification.type.bookmark',
808	'notification.type.post',
809	), $post_data);
810	}
811	}
812	$phpbb_notifications->add_notifications(array('notification.type.quote'), $post_data);
813	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
814
815	$phpbb_notifications->mark_notifications(array(
816	'notification.type.quote',
817	'notification.type.bookmark',
818	'notification.type.post',
819	), $post_data['post_id'], $user->data['user_id']);
820
821	// Notify Poster?
822	if ($notify_poster)
823	{
824	if ($post_data['poster_id'] == ANONYMOUS)
825	{
826	continue;
827	}
828
829	if (!$post_data['topic_posts_approved'])
830	{
831	$phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data);
832	}
833	else
834	{
835	$phpbb_notifications->add_notifications('notification.type.approve_post', $post_data);
836	}
837	}
838	}
839	}
840
841	if ($num_topics >= 1)
842	{
843	$success_msg = ($num_topics == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
844	}
845	else
846	{
847	$success_msg = (count($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS';
848	}
849
850	/**
851	* Perform additional actions during post(s) approval
852	*
853	* @event core.approve_posts_after
854	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
855	* @var array post_info Array containing info for all posts being approved
856	* @var array topic_info Array containing info for all parent topics of the posts
857	* @var int num_topics Variable containing number of topics
858	* @var bool notify_poster Variable telling if the post should be notified or not
859	* @var string success_msg Variable containing the language key for the success message
860	* @var string redirect Variable containing the redirect url
861	* @since 3.1.4-RC1
862	*/
863	$vars = array(
864	'action',
865	'post_info',
866	'topic_info',
867	'num_topics',
868	'notify_poster',
869	'success_msg',
870	'redirect',
871	);
872	extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars)));
873
874	meta_refresh(3, $redirect);
875	$message = $user->lang[$success_msg];
876
877	if ($request->is_ajax())
878	{
879	$json_response = new \phpbb\json_response;
880	$json_response->send(array(
881	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
882	'MESSAGE_TEXT' => $message,
883	'REFRESH_DATA' => null,
884	'visible' => true,
885	));
886	}
887	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
888
889	// If approving one post, also give links back to post...
890	if (count($post_info) == 1 && $post_url)
891	{
892	$message .= '<br /><br />' . $user->lang('RETURN_POST', '<a href="' . $post_url . '">', '</a>');
893	}
894	trigger_error($message);
895	}
896	else
897	{
898	$show_notify = false;
899
900	if ($action == 'approve')
901	{
902	foreach ($post_info as $post_data)
903	{
904	if (!$post_data['topic_posts_approved'])
905	{
906	$num_topics++;
907	}
908
909	if (!$show_notify && $post_data['poster_id'] != ANONYMOUS)
910	{
911	$show_notify = true;
912	}
913	}
914	}
915
916	$template->assign_vars(array(
917	'S_NOTIFY_POSTER' => $show_notify,
918	'S_' . strtoupper($action) => true,
919	));
920
921	// Create the confirm box message
922	$action_msg = strtoupper($action);
923	$num_posts = count($post_id_list) - $num_topics;
924	if ($num_topics > 0 && $num_posts <= 0)
925	{
926	$action_msg .= '_TOPIC' . (($num_topics == 1) ? '' : 'S');
927	}
928	else
929	{
930	$action_msg .= '_POST' . ((count($post_id_list) == 1) ? '' : 'S');
931	}
932	confirm_box(false, $action_msg, $s_hidden_fields, 'mcp_approve.html');
933	}
934
935	redirect($redirect);
936	}
937
938	/**
939	* Approve/Restore topics
940	*
941	* @param $action string Action we perform on the posts ('approve' or 'restore')
942	* @param $topic_id_list array IDs of the topics to approve/restore
943	* @param $id mixed Category of the current active module
944	* @param $mode string Active module
945	* @return null
946	*/
947	static public function approve_topics($action, $topic_id_list, $id, $mode)
948	{
949	global $db, $template, $user, $phpbb_log;
950	global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher;
951
952	if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
953	{
954	send_status_line(403, 'Forbidden');
955	trigger_error('NOT_AUTHORISED');
956	}
957
958	$redirect = $request->variable('redirect', build_url(array('quickmod')));
959	$redirect = reapply_sid($redirect);
960	$success_msg = $topic_url = '';
961	$approve_log = array();
962
963	$s_hidden_fields = build_hidden_fields(array(
964	'i' => $id,
965	'mode' => $mode,
966	'topic_id_list' => $topic_id_list,
967	'action' => $action,
968	'redirect' => $redirect,
969	));
970
971	$topic_info = phpbb_get_topic_data($topic_id_list, 'm_approve');
972
973	if (confirm_box(true))
974	{
975	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster'])) ? true : false;
976
977	/* @var $phpbb_content_visibility \phpbb\content_visibility */
978	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
979	$first_post_ids = array();
980
981	foreach ($topic_info as $topic_id => $topic_data)
982	{
983	$phpbb_content_visibility->set_topic_visibility(ITEM_APPROVED, $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '');
984	$first_post_ids[$topic_id] = (int) $topic_data['topic_first_post_id'];
985
986	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f={$topic_data['forum_id']}&t={$topic_id}");
987
988	$approve_log[] = array(
989	'forum_id' => $topic_data['forum_id'],
990	'topic_id' => $topic_data['topic_id'],
991	'topic_title' => $topic_data['topic_title'],
992	);
993	}
994
995	if (count($topic_info) >= 1)
996	{
997	$success_msg = (count($topic_info) == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
998	}
999
1000	foreach ($approve_log as $log_data)
1001	{
1002	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_TOPIC_' . strtoupper($action) . 'D', false, array(
1003	'forum_id' => $log_data['forum_id'],
1004	'topic_id' => $log_data['topic_id'],
1005	$log_data['topic_title']
1006	));
1007	}
1008
1009	// Only send out the mails, when the posts are being approved
1010	if ($action == 'approve')
1011	{
1012	// Grab the first post text as it's needed for the quote notification.
1013	$sql = 'SELECT topic_id, post_text
1014	FROM ' . POSTS_TABLE . '
1015	WHERE ' . $db->sql_in_set('post_id', $first_post_ids);
1016	$result = $db->sql_query($sql);
1017
1018	while ($row = $db->sql_fetchrow($result))
1019	{
1020	$topic_info[$row['topic_id']]['post_text'] = $row['post_text'];
1021	}
1022	$db->sql_freeresult($result);
1023
1024	// Handle notifications
1025	/* @var $phpbb_notifications \phpbb\notification\manager */
1026	$phpbb_notifications = $phpbb_container->get('notification_manager');
1027
1028	foreach ($topic_info as $topic_id => $topic_data)
1029	{
1030	$topic_data = array_merge($topic_data, array(
1031	'post_id' => $topic_data['topic_first_post_id'],
1032	'post_subject' => $topic_data['topic_title'],
1033	'post_time' => $topic_data['topic_time'],
1034	'poster_id' => $topic_data['topic_poster'],
1035	'post_username' => $topic_data['topic_first_poster_name'],
1036	));
1037
1038	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $topic_id);
1039
1040	// Only add notifications, if we are not reapproving post
1041	// When the topic was already approved, but was edited and
1042	// now needs re-approval, we don't want to notify the users
1043	// again.
1044	if ($topic_data['topic_visibility'] == ITEM_UNAPPROVED)
1045	{
1046	$phpbb_notifications->add_notifications(array(
1047	'notification.type.quote',
1048	'notification.type.topic',
1049	), $topic_data);
1050	}
1051
1052	$phpbb_notifications->mark_notifications('quote', $topic_data['post_id'], $user->data['user_id']);
1053	$phpbb_notifications->mark_notifications('topic', $topic_id, $user->data['user_id']);
1054
1055	if ($notify_poster)
1056	{
1057	$phpbb_notifications->add_notifications('notification.type.approve_topic', $topic_data);
1058	}
1059	}
1060	}
1061
1062	/**
1063	* Perform additional actions during topics(s) approval
1064	*
1065	* @event core.approve_topics_after
1066	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
1067	* @var mixed topic_info Array containing info for all topics being approved
1068	* @var array first_post_ids Array containing ids of all first posts
1069	* @var bool notify_poster Variable telling if the poster should be notified or not
1070	* @var string success_msg Variable containing the language key for the success message
1071	* @var string redirect Variable containing the redirect url
1072	* @since 3.1.4-RC1
1073	*/
1074	$vars = array(
1075	'action',
1076	'topic_info',
1077	'first_post_ids',
1078	'notify_poster',
1079	'success_msg',
1080	'redirect',
1081	);
1082	extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars)));
1083
1084	meta_refresh(3, $redirect);
1085	$message = $user->lang[$success_msg];
1086
1087	if ($request->is_ajax())
1088	{
1089	$json_response = new \phpbb\json_response;
1090	$json_response->send(array(
1091	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1092	'MESSAGE_TEXT' => $message,
1093	'REFRESH_DATA' => null,
1094	'visible' => true,
1095	));
1096	}
1097	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1098
1099	// If approving one topic, also give links back to topic...
1100	if (count($topic_info) == 1 && $topic_url)
1101	{
1102	$message .= '<br /><br />' . $user->lang('RETURN_TOPIC', '<a href="' . $topic_url . '">', '</a>');
1103	}
1104	trigger_error($message);
1105	}
1106	else
1107	{
1108	$show_notify = false;
1109
1110	if ($action == 'approve')
1111	{
1112	foreach ($topic_info as $topic_data)
1113	{
1114	if ($topic_data['topic_poster'] == ANONYMOUS)
1115	{
1116	continue;
1117	}
1118	else
1119	{
1120	$show_notify = true;
1121	break;
1122	}
1123	}
1124	}
1125
1126	$template->assign_vars(array(
1127	'S_NOTIFY_POSTER' => $show_notify,
1128	'S_' . strtoupper($action) => true,
1129	));
1130
1131	confirm_box(false, strtoupper($action) . '_TOPIC' . ((count($topic_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
1132	}
1133
1134	redirect($redirect);
1135	}
1136
1137	/**
1138	* Disapprove Post
1139	*
1140	* @param $post_id_list array IDs of the posts to disapprove/delete
1141	* @param $id mixed Category of the current active module
1142	* @param $mode string Active module
1143	* @return null
1144	*/
1145	static public function disapprove_posts($post_id_list, $id, $mode)
1146	{
1147	global $db, $template, $user, $phpbb_container, $phpbb_dispatcher;
1148	global $phpEx, $phpbb_root_path, $request, $phpbb_log;
1149
1150	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
1151	{
1152	send_status_line(403, 'Forbidden');
1153	trigger_error('NOT_AUTHORISED');
1154	}
1155
1156	$redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode=$mode");
1157	$redirect = reapply_sid($redirect);
1158	$reason = $request->variable('reason', '', true);
1159	$reason_id = $request->variable('reason_id', 0);
1160	$additional_msg = '';
1161
1162	$s_hidden_fields = build_hidden_fields(array(
1163	'i' => $id,
1164	'mode' => $mode,
1165	'post_id_list' => $post_id_list,
1166	'action' => 'disapprove',
1167	'redirect' => $redirect,
1168	));
1169
1170	$notify_poster = $request->is_set('notify_poster');
1171	$disapprove_reason = '';
1172
1173	if ($reason_id)
1174	{
1175	$sql = 'SELECT reason_title, reason_description
1176	FROM ' . REPORTS_REASONS_TABLE . "
1177	WHERE reason_id = $reason_id";
1178	$result = $db->sql_query($sql);
1179	$row = $db->sql_fetchrow($result);
1180	$db->sql_freeresult($result);
1181
1182	if (!$row \|\| (!$reason && strtolower($row['reason_title']) == 'other'))
1183	{
1184	$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
1185
1186	$request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
1187	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST);
1188	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST);
1189	}
1190	else
1191	{
1192	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
1193	$disapprove_reason = (strtolower($row['reason_title']) != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : '';
1194	$disapprove_reason .= ($reason) ? "\n\n" . $reason : '';
1195
1196	if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
1197	{
1198	$disapprove_reason_lang = strtoupper($row['reason_title']);
1199	}
1200	}
1201	}
1202
1203	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
1204
1205	$is_disapproving = false;
1206	foreach ($post_info as $post_id => $post_data)
1207	{
1208	if ($post_data['post_visibility'] == ITEM_DELETED)
1209	{
1210	continue;
1211	}
1212
1213	$is_disapproving = true;
1214	}
1215
1216	if (confirm_box(true))
1217	{
1218	$disapprove_log_topics = $disapprove_log_posts = array();
1219	$topic_posts_unapproved = $post_disapprove_list = $topic_information = array();
1220
1221	// Build a list of posts to be disapproved and get the related topics real replies count
1222	foreach ($post_info as $post_id => $post_data)
1223	{
1224	if ($mode === 'unapproved_topics' && $post_data['post_visibility'] == ITEM_APPROVED)
1225	{
1226	continue;
1227	}
1228
1229	$post_disapprove_list[$post_id] = $post_data['topic_id'];
1230	if (!isset($topic_posts_unapproved[$post_data['topic_id']]))
1231	{
1232	$topic_information[$post_data['topic_id']] = $post_data;
1233	$topic_posts_unapproved[$post_data['topic_id']] = 0;
1234	}
1235	$topic_posts_unapproved[$post_data['topic_id']]++;
1236	}
1237
1238	// Do not try to disapprove if no posts are selected
1239	if (empty($post_disapprove_list))
1240	{
1241	trigger_error('NO_POST_SELECTED');
1242	}
1243
1244	// Now we build the log array
1245	foreach ($post_disapprove_list as $post_id => $topic_id)
1246	{
1247	// If the count of disapproved posts for the topic is equal
1248	// to the number of unapproved posts in the topic, and there are no different
1249	// posts, we disapprove the hole topic
1250	if ($topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1251	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1252	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id])
1253	{
1254	// Don't write the log more than once for every topic
1255	if (!isset($disapprove_log_topics[$topic_id]))
1256	{
1257	// Build disapproved topics log
1258	$disapprove_log_topics[$topic_id] = array(
1259	'type' => 'topic',
1260	'post_subject' => $post_info[$post_id]['topic_title'],
1261	'forum_id' => $post_info[$post_id]['forum_id'],
1262	'topic_id' => 0, // useless to log a topic id, as it will be deleted
1263	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1264	);
1265	}
1266	}
1267	else
1268	{
1269	// Build disapproved posts log
1270	$disapprove_log_posts[] = array(
1271	'type' => 'post',
1272	'post_subject' => $post_info[$post_id]['post_subject'],
1273	'forum_id' => $post_info[$post_id]['forum_id'],
1274	'topic_id' => $post_info[$post_id]['topic_id'],
1275	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1276	);
1277
1278	}
1279	}
1280
1281	// Get disapproved posts/topics counts separately
1282	$num_disapproved_topics = count($disapprove_log_topics);
1283	$num_disapproved_posts = count($disapprove_log_posts);
1284
1285	// Build the whole log
1286	$disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts);
1287
1288	// Unset unneeded arrays
1289	unset($post_data, $disapprove_log_topics, $disapprove_log_posts);
1290
1291	// Let's do the job - delete disapproved posts
1292	if (count($post_disapprove_list))
1293	{
1294	if (!function_exists('delete_posts'))
1295	{
1296	include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1297	}
1298
1299	// We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
1300	// Note: function delete_posts triggers related forums/topics sync,
1301	// so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually
1302	delete_posts('post_id', array_keys($post_disapprove_list));
1303
1304	foreach ($disapprove_log as $log_data)
1305	{
1306	if ($is_disapproving)
1307	{
1308	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED';
1309	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1310	'forum_id' => $log_data['forum_id'],
1311	'topic_id' => $log_data['topic_id'],
1312	$log_data['post_subject'],
1313	$disapprove_reason,
1314	$log_data['post_username']
1315	));
1316	}
1317	else
1318	{
1319	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST';
1320	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1321	'forum_id' => $log_data['forum_id'],
1322	'topic_id' => $log_data['topic_id'],
1323	$log_data['post_subject'],
1324	$log_data['post_username']
1325	));
1326	}
1327	}
1328	}
1329
1330	/* @var $phpbb_notifications \phpbb\notification\manager */
1331	$phpbb_notifications = $phpbb_container->get('notification_manager');
1332
1333	$lang_reasons = array();
1334
1335	foreach ($post_info as $post_id => $post_data)
1336	{
1337	$disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1338	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1339	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id];
1340
1341	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
1342
1343	// Do we disapprove the whole topic? Remove potential notifications
1344	if ($disapprove_all_posts_in_topic)
1345	{
1346	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
1347	}
1348
1349	// Notify Poster?
1350	if ($notify_poster)
1351	{
1352	if ($post_data['poster_id'] == ANONYMOUS)
1353	{
1354	continue;
1355	}
1356
1357	$post_data['disapprove_reason'] = $disapprove_reason;
1358	if (isset($disapprove_reason_lang))
1359	{
1360	// Okay we need to get the reason from the posters language
1361	if (!isset($lang_reasons[$post_data['user_lang']]))
1362	{
1363	// Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity.
1364	$lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1365
1366	// Only load up the language pack if the language is different to the current one
1367	if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx))
1368	{
1369	// Load up the language pack
1370	$lang = array();
1371	@include($phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx);
1372
1373	// If we find the reason in this language pack use it
1374	if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]))
1375	{
1376	$lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1377	}
1378
1379	unset($lang); // Free memory
1380	}
1381	}
1382
1383	$post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']];
1384	$post_data['disapprove_reason'] .= ($reason) ? "\n\n" . $reason : '';
1385	}
1386
1387	if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1)
1388	{
1389	// If there is only 1 post when disapproving the topic,
1390	// we send the user a "disapprove topic" notification...
1391	$phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data);
1392	}
1393	else
1394	{
1395	// ... otherwise there are multiple unapproved posts and
1396	// all of them are disapproved as posts.
1397	$phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data);
1398	}
1399	}
1400	}
1401
1402	if ($num_disapproved_topics)
1403	{
1404	$success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS';
1405	}
1406	else
1407	{
1408	$success_msg = ($num_disapproved_posts == 1) ? 'POST' : 'POSTS';
1409	}
1410
1411	if ($is_disapproving)
1412	{
1413	$success_msg .= '_DISAPPROVED_SUCCESS';
1414	}
1415	else
1416	{
1417	$success_msg .= '_DELETED_SUCCESS';
1418	}
1419
1420	// If we came from viewtopic, we try to go back to it.
1421	if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0)
1422	{
1423	if ($num_disapproved_topics == 0)
1424	{
1425	// So we need to remove the post id part from the Url
1426	$redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect);
1427	}
1428	else
1429	{
1430	// However this is only possible if the topic still exists,
1431	// Otherwise we go back to the viewforum page
1432	$redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $request->variable('f', 0));
1433	}
1434	}
1435
1436	/**
1437	* Perform additional actions during post(s) disapproval
1438	*
1439	* @event core.disapprove_posts_after
1440	* @var array post_info Array containing info for all posts being disapproved
1441	* @var array topic_information Array containing information for the topics
1442	* @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them
1443	* @var array post_disapprove_list Array containing list of posts and their topic id
1444	* @var int num_disapproved_topics Variable containing the number of disapproved topics
1445	* @var int num_disapproved_posts Variable containing the number of disapproved posts
1446	* @var array lang_reasons Array containing the language keys for reasons
1447	* @var string disapprove_reason Variable containing the language key for the success message
1448	* @var string disapprove_reason_lang Variable containing the language key for the success message
1449	* @var bool is_disapproving Variable telling if anything is going to be disapproved
1450	* @var bool notify_poster Variable telling if the post should be notified or not
1451	* @var string success_msg Variable containing the language key for the success message
1452	* @var string redirect Variable containing the redirect url
1453	* @since 3.1.4-RC1
1454	*/
1455	$vars = array(
1456	'post_info',
1457	'topic_information',
1458	'topic_posts_unapproved',
1459	'post_disapprove_list',
1460	'num_disapproved_topics',
1461	'num_disapproved_posts',
1462	'lang_reasons',
1463	'disapprove_reason',
1464	'disapprove_reason_lang',
1465	'is_disapproving',
1466	'notify_poster',
1467	'success_msg',
1468	'redirect',
1469	);
1470	extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
1471
1472	unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
1473
1474	meta_refresh(3, $redirect);
1475	$message = $user->lang[$success_msg];
1476
1477	if ($request->is_ajax())
1478	{
1479	$json_response = new \phpbb\json_response;
1480	$json_response->send(array(
1481	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1482	'MESSAGE_TEXT' => $message,
1483	'REFRESH_DATA' => null,
1484	'visible' => false,
1485	));
1486	}
1487	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1488	trigger_error($message);
1489	}
1490	else
1491	{
1492	$show_notify = false;
1493
1494	foreach ($post_info as $post_data)
1495	{
1496	if ($post_data['poster_id'] == ANONYMOUS)
1497	{
1498	continue;
1499	}
1500	else
1501	{
1502	$show_notify = true;
1503	break;
1504	}
1505	}
1506
1507	$l_confirm_msg = 'DISAPPROVE_POST';
1508	$confirm_template = 'mcp_approve.html';
1509	if ($is_disapproving)
1510	{
1511	$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
1512	}
1513	else
1514	{
1515	$user->add_lang('posting');
1516
1517	$l_confirm_msg = 'DELETE_POST_PERMANENTLY';
1518	$confirm_template = 'confirm_delete_body.html';
1519	}
1520	$l_confirm_msg .= ((count($post_id_list) == 1) ? '' : 'S');
1521
1522	$template->assign_vars(array(
1523	'S_NOTIFY_POSTER' => $show_notify,
1524	'S_APPROVE' => false,
1525	'REASON' => ($is_disapproving) ? $reason : '',
1526	'ADDITIONAL_MSG' => $additional_msg,
1527	));
1528
1529	confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template);
1530	}
1531
1532	redirect($redirect);
1533	}
1534	}