Code Coverage for /data/phpBB/includes/acp/acp

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 290
acp_reasons	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	3422.00	0.00% covered (danger)	0.00%	0 / 286
main				0.00% covered (danger)	0.00%	0 / 1	3422.00	0.00% covered (danger)	0.00%	0 / 286

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	class acp_reasons
23	{
24	var $u_action;
25
26	function main($id, $mode)
27	{
28	global $db, $user, $template;
29	global $request, $phpbb_log;
30
31	$user->add_lang(array('mcp', 'acp/posting'));
32
33	// Set up general vars
34	$action = $request->variable('action', '');
35	$submit = (isset($_POST['submit'])) ? true : false;
36	$reason_id = $request->variable('id', 0);
37
38	$this->tpl_name = 'acp_reasons';
39	$this->page_title = 'ACP_REASONS';
40
41	$form_name = 'acp_reason';
42	add_form_key('acp_reason');
43
44	$error = array();
45
46	switch ($action)
47	{
48	case 'add':
49	case 'edit':
50
51	$reason_row = array(
52	'reason_title' => $request->variable('reason_title', '', true),
53	'reason_description' => $request->variable('reason_description', '', true),
54	);
55
56	if ($submit)
57	{
58	if (!check_form_key($form_name))
59	{
60	$error[] = $user->lang['FORM_INVALID'];
61	}
62	// Reason specified?
63	if (!$reason_row['reason_title'] \|\| !$reason_row['reason_description'])
64	{
65	$error[] = $user->lang['NO_REASON_INFO'];
66	}
67
68	$check_double = ($action == 'add') ? true : false;
69
70	if ($action == 'edit')
71	{
72	$sql = 'SELECT reason_title
73	FROM ' . REPORTS_REASONS_TABLE . "
74	WHERE reason_id = $reason_id";
75	$result = $db->sql_query($sql);
76	$row = $db->sql_fetchrow($result);
77	$db->sql_freeresult($result);
78
79	if (strtolower($row['reason_title']) == 'other' \|\| strtolower($reason_row['reason_title']) == 'other')
80	{
81	$reason_row['reason_title'] = 'other';
82	}
83
84	if ($row['reason_title'] != $reason_row['reason_title'])
85	{
86	$check_double = true;
87	}
88	}
89
90	// Check for same reason if adding it...
91	if ($check_double)
92	{
93	$sql = 'SELECT reason_id
94	FROM ' . REPORTS_REASONS_TABLE . "
95	WHERE reason_title = '" . $db->sql_escape($reason_row['reason_title']) . "'";
96	$result = $db->sql_query($sql);
97	$row = $db->sql_fetchrow($result);
98	$db->sql_freeresult($result);
99
100	if ($row \|\| ($action == 'add' && strtolower($reason_row['reason_title']) == 'other'))
101	{
102	$error[] = $user->lang['REASON_ALREADY_EXIST'];
103	}
104	}
105
106	if (!count($error))
107	{
108	// New reason?
109	if ($action == 'add')
110	{
111	// Get new order...
112	$sql = 'SELECT MAX(reason_order) as max_reason_order
113	FROM ' . REPORTS_REASONS_TABLE;
114	$result = $db->sql_query($sql);
115	$max_order = (int) $db->sql_fetchfield('max_reason_order');
116	$db->sql_freeresult($result);
117
118	$sql_ary = array(
119	'reason_title' => (string) $reason_row['reason_title'],
120	'reason_description' => (string) $reason_row['reason_description'],
121	'reason_order' => $max_order + 1
122	);
123
124	$db->sql_query('INSERT INTO ' . REPORTS_REASONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
125
126	$log = 'ADDED';
127	}
128	else if ($reason_id)
129	{
130	$sql_ary = array(
131	'reason_title' => (string) $reason_row['reason_title'],
132	'reason_description' => (string) $reason_row['reason_description'],
133	);
134
135	$db->sql_query('UPDATE ' . REPORTS_REASONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
136	WHERE reason_id = ' . $reason_id);
137
138	$log = 'UPDATED';
139	}
140
141	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_' . $log, false, array($reason_row['reason_title']));
142	trigger_error($user->lang['REASON_' . $log] . adm_back_link($this->u_action));
143	}
144	}
145	else if ($reason_id)
146	{
147	$sql = 'SELECT *
148	FROM ' . REPORTS_REASONS_TABLE . '
149	WHERE reason_id = ' . $reason_id;
150	$result = $db->sql_query($sql);
151	$reason_row = $db->sql_fetchrow($result);
152	$db->sql_freeresult($result);
153
154	if (!$reason_row)
155	{
156	trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
157	}
158	}
159
160	$l_title = ($action == 'edit') ? 'EDIT' : 'ADD';
161
162	$translated = false;
163
164	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
165	if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])]))
166	{
167	$translated = true;
168	}
169
170	$template->assign_vars(array(
171	'L_TITLE' => $user->lang['REASON_' . $l_title],
172	'U_ACTION' => $this->u_action . "&id=$reason_id&action=$action",
173	'U_BACK' => $this->u_action,
174	'ERROR_MSG' => (count($error)) ? implode('<br />', $error) : '',
175
176	'REASON_TITLE' => $reason_row['reason_title'],
177	'REASON_DESCRIPTION' => $reason_row['reason_description'],
178
179	'TRANSLATED_TITLE' => ($translated) ? $user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])] : '',
180	'TRANSLATED_DESCRIPTION'=> ($translated) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])] : '',
181
182	'S_AVAILABLE_TITLES' => implode($user->lang['COMMA_SEPARATOR'], array_map('htmlspecialchars', array_keys($user->lang['report_reasons']['TITLE']))),
183	'S_EDIT_REASON' => true,
184	'S_TRANSLATED' => $translated,
185	'S_ERROR' => (count($error)) ? true : false,
186	)
187	);
188
189	return;
190	break;
191
192	case 'delete':
193
194	$sql = 'SELECT *
195	FROM ' . REPORTS_REASONS_TABLE . '
196	WHERE reason_id = ' . $reason_id;
197	$result = $db->sql_query($sql);
198	$reason_row = $db->sql_fetchrow($result);
199	$db->sql_freeresult($result);
200
201	if (!$reason_row)
202	{
203	trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
204	}
205
206	if (strtolower($reason_row['reason_title']) == 'other')
207	{
208	trigger_error($user->lang['NO_REMOVE_DEFAULT_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
209	}
210
211	// Let the deletion be confirmed...
212	if (confirm_box(true))
213	{
214	$sql = 'SELECT reason_id
215	FROM ' . REPORTS_REASONS_TABLE . "
216	WHERE LOWER(reason_title) = 'other'";
217	$result = $db->sql_query($sql);
218	$other_reason_id = (int) $db->sql_fetchfield('reason_id');
219	$db->sql_freeresult($result);
220
221	switch ($db->get_sql_layer())
222	{
223	// The ugly one!
224	case 'mysqli':
225	// Change the reports using this reason to 'other'
226	$sql = 'UPDATE ' . REPORTS_TABLE . '
227	SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)
228	WHERE reason_id = $reason_id";
229	break;
230
231	// Standard? What's that?
232	case 'mssql_odbc':
233	case 'mssqlnative':
234	// Change the reports using this reason to 'other'
235	$sql = "DECLARE @ptrval binary(16)
236
237	SELECT @ptrval = TEXTPTR(report_text)
238	FROM " . REPORTS_TABLE . "
239	WHERE reason_id = " . $reason_id . "
240
241	UPDATETEXT " . REPORTS_TABLE . ".report_text @ptrval 0 0 '" . $db->sql_escape($reason_row['reason_description']) . "\n\n'
242
243	UPDATE " . REPORTS_TABLE . '
244	SET reason_id = ' . $other_reason_id . "
245	WHERE reason_id = $reason_id";
246	break;
247
248	// Teh standard
249	case 'postgres':
250	case 'oracle':
251	case 'sqlite3':
252	// Change the reports using this reason to 'other'
253	$sql = 'UPDATE ' . REPORTS_TABLE . '
254	SET reason_id = ' . $other_reason_id . ", report_text = '" . $db->sql_escape($reason_row['reason_description']) . "\n\n' \|\| report_text
255	WHERE reason_id = $reason_id";
256	break;
257	}
258	$db->sql_query($sql);
259
260	$db->sql_query('DELETE FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id);
261
262	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_REMOVED', false, array($reason_row['reason_title']));
263	trigger_error($user->lang['REASON_REMOVED'] . adm_back_link($this->u_action));
264	}
265	else
266	{
267	confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
268	'i' => $id,
269	'mode' => $mode,
270	'action' => $action,
271	'id' => $reason_id))
272	);
273	}
274
275	break;
276
277	case 'move_up':
278	case 'move_down':
279
280	if (!check_link_hash($request->variable('hash', ''), 'acp_reasons'))
281	{
282	trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
283	}
284
285	$sql = 'SELECT reason_order
286	FROM ' . REPORTS_REASONS_TABLE . "
287	WHERE reason_id = $reason_id";
288	$result = $db->sql_query($sql);
289	$order = $db->sql_fetchfield('reason_order');
290	$db->sql_freeresult($result);
291
292	if ($order === false \|\| ($order == 0 && $action == 'move_up'))
293	{
294	break;
295	}
296	$order = (int) $order;
297	$order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
298
299	$sql = 'UPDATE ' . REPORTS_REASONS_TABLE . '
300	SET reason_order = ' . $order_total . ' - reason_order
301	WHERE reason_order IN (' . $order . ', ' . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
302	$db->sql_query($sql);
303
304	if ($request->is_ajax())
305	{
306	$json_response = new \phpbb\json_response;
307	$json_response->send(array(
308	'success' => (bool) $db->sql_affectedrows(),
309	));
310	}
311	break;
312	}
313
314	// By default, check that order is valid and fix it if necessary
315	$sql = 'SELECT reason_id, reason_order
316	FROM ' . REPORTS_REASONS_TABLE . '
317	ORDER BY reason_order';
318	$result = $db->sql_query($sql);
319
320	if ($row = $db->sql_fetchrow($result))
321	{
322	$order = 0;
323	do
324	{
325	++$order;
326
327	if ($row['reason_order'] != $order)
328	{
329	$sql = 'UPDATE ' . REPORTS_REASONS_TABLE . "
330	SET reason_order = $order
331	WHERE reason_id = {$row['reason_id']}";
332	$db->sql_query($sql);
333	}
334	}
335	while ($row = $db->sql_fetchrow($result));
336	}
337	$db->sql_freeresult($result);
338
339	$template->assign_vars(array(
340	'U_ACTION' => $this->u_action,
341	)
342	);
343
344	// Reason count
345	$sql = 'SELECT reason_id, COUNT(reason_id) AS reason_count
346	FROM ' . REPORTS_TABLE . '
347	GROUP BY reason_id';
348	$result = $db->sql_query($sql);
349
350	$reason_count = array();
351	while ($row = $db->sql_fetchrow($result))
352	{
353	$reason_count[$row['reason_id']] = $row['reason_count'];
354	}
355	$db->sql_freeresult($result);
356
357	$sql = 'SELECT *
358	FROM ' . REPORTS_REASONS_TABLE . '
359	ORDER BY reason_order ASC';
360	$result = $db->sql_query($sql);
361
362	while ($row = $db->sql_fetchrow($result))
363	{
364	$translated = false;
365	$other_reason = ($row['reason_title'] == 'other') ? true : false;
366
367	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
368	if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
369	{
370	$row['reason_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
371	$row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
372
373	$translated = true;
374	}
375
376	$template->assign_block_vars('reasons', array(
377	'REASON_TITLE' => $row['reason_title'],
378	'REASON_DESCRIPTION' => $row['reason_description'],
379	'REASON_COUNT' => (isset($reason_count[$row['reason_id']])) ? $reason_count[$row['reason_id']] : 0,
380
381	'S_TRANSLATED' => $translated,
382	'S_OTHER_REASON' => $other_reason,
383
384	'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['reason_id'],
385	'U_DELETE' => (!$other_reason) ? $this->u_action . '&action=delete&id=' . $row['reason_id'] : '',
386	'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row['reason_id'] . '&hash=' . generate_link_hash('acp_reasons'),
387	'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row['reason_id'] . '&hash=' . generate_link_hash('acp_reasons'))
388	);
389	}
390	$db->sql_freeresult($result);
391	}
392	}