Code Coverage for /data/phpBB/includes/mcp/mcp

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 1105
mcp_queue	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 5	43890.00	0.00% covered (danger)	0.00%	0 / 1101
__construct				0.00% covered (danger)	0.00%	0 / 1	2.00	0.00% covered (danger)	0.00%	0 / 3
main				0.00% covered (danger)	0.00%	0 / 1	8556.00	0.00% covered (danger)	0.00%	0 / 483
approve_posts				0.00% covered (danger)	0.00%	0 / 1	1332.00	0.00% covered (danger)	0.00%	0 / 187
approve_topics				0.00% covered (danger)	0.00%	0 / 1	462.00	0.00% covered (danger)	0.00%	0 / 139
disapprove_posts				0.00% covered (danger)	0.00%	0 / 1	3540.00	0.00% covered (danger)	0.00%	0 / 289

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* mcp_queue
24	* Handling the moderation queue
25	*/
26	class mcp_queue
27	{
28	var $p_master;
29	var $u_action;
30
31	public function __construct($p_master)
32	{
33	$this->p_master = $p_master;
34	}
35
36	public function main($id, $mode)
37	{
38	global $auth, $db, $user, $template, $request;
39	global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
40	global $phpbb_dispatcher;
41
42	include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
43
44	$forum_id = $request->variable('f', 0);
45	$start = $request->variable('start', 0);
46
47	$this->page_title = 'MCP_QUEUE';
48
49	switch ($action)
50	{
51	case 'approve':
52	case 'restore':
53	include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
54
55	$post_id_list = $request->variable('post_id_list', array(0));
56	$topic_id_list = $request->variable('topic_id_list', array(0));
57
58	if (!empty($post_id_list))
59	{
60	self::approve_posts($action, $post_id_list, 'queue', $mode);
61	}
62	else if (!empty($topic_id_list))
63	{
64	self::approve_topics($action, $topic_id_list, 'queue', $mode);
65	}
66	else
67	{
68	trigger_error('NO_POST_SELECTED');
69	}
70	break;
71
72	case 'delete':
73	$post_id_list = $request->variable('post_id_list', array(0));
74	$topic_id_list = $request->variable('topic_id_list', array(0));
75	$delete_reason = $request->variable('delete_reason', '', true);
76
77	if (!empty($post_id_list))
78	{
79	if (!function_exists('mcp_delete_post'))
80	{
81	global $phpbb_root_path, $phpEx;
82	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
83	}
84	mcp_delete_post($post_id_list, false, $delete_reason, $action);
85	}
86	else if (!empty($topic_id_list))
87	{
88	if (!function_exists('mcp_delete_topic'))
89	{
90	global $phpbb_root_path, $phpEx;
91	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
92	}
93	mcp_delete_topic($topic_id_list, false, $delete_reason, $action);
94	}
95	else
96	{
97	trigger_error('NO_POST_SELECTED');
98	}
99	break;
100
101	case 'disapprove':
102	$post_id_list = $request->variable('post_id_list', array(0));
103	$topic_id_list = $request->variable('topic_id_list', array(0));
104
105	if (!empty($topic_id_list) && $mode == 'deleted_topics')
106	{
107	if (!function_exists('mcp_delete_topic'))
108	{
109	global $phpbb_root_path, $phpEx;
110	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
111	}
112	mcp_delete_topic($topic_id_list, false, '', 'disapprove');
113	return;
114	}
115
116	if (!class_exists('messenger'))
117	{
118	include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
119	}
120
121	if (!empty($topic_id_list))
122	{
123	$post_visibility = ($mode == 'deleted_topics') ? ITEM_DELETED : array(ITEM_UNAPPROVED, ITEM_REAPPROVE);
124	$sql = 'SELECT post_id
125	FROM ' . POSTS_TABLE . '
126	WHERE ' . $db->sql_in_set('post_visibility', $post_visibility) . '
127	AND ' . $db->sql_in_set('topic_id', $topic_id_list);
128	$result = $db->sql_query($sql);
129
130	$post_id_list = array();
131	while ($row = $db->sql_fetchrow($result))
132	{
133	$post_id_list[] = (int) $row['post_id'];
134	}
135	$db->sql_freeresult($result);
136	}
137
138	if (!empty($post_id_list))
139	{
140	self::disapprove_posts($post_id_list, 'queue', $mode);
141	}
142	else
143	{
144	trigger_error('NO_POST_SELECTED');
145	}
146	break;
147	}
148
149	switch ($mode)
150	{
151	case 'approve_details':
152
153	$this->tpl_name = 'mcp_post';
154
155	$user->add_lang(array('posting', 'viewtopic'));
156
157	$post_id = $request->variable('p', 0);
158	$topic_id = $request->variable('t', 0);
159	$topic_info = [];
160
161	/* @var $phpbb_notifications \phpbb\notification\manager */
162	$phpbb_notifications = $phpbb_container->get('notification_manager');
163
164	if ($topic_id)
165	{
166	$topic_info = phpbb_get_topic_data(array($topic_id), 'm_approve');
167	if (isset($topic_info[$topic_id]['topic_first_post_id']))
168	{
169	$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
170
171	$phpbb_notifications->mark_notifications('topic_in_queue', $topic_id, $user->data['user_id']);
172	}
173	else
174	{
175	$topic_id = 0;
176	}
177	}
178
179	$phpbb_notifications->mark_notifications('post_in_queue', $post_id, $user->data['user_id']);
180
181	$post_info = phpbb_get_post_data(array($post_id), 'm_approve', true);
182
183	if (!count($post_info))
184	{
185	trigger_error('NO_POST_SELECTED');
186	}
187
188	$post_info = $post_info[$post_id];
189
190	if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
191	{
192	$template->assign_vars(array(
193	'S_TOPIC_REVIEW' => true,
194	'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'],
195	'TOPIC_TITLE' => $post_info['topic_title'],
196	));
197	}
198
199	$attachments = $topic_tracking_info = array();
200
201	// Get topic tracking info
202	if ($config['load_db_lastread'])
203	{
204	$tmp_topic_data = array($post_info['topic_id'] => $post_info);
205	$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
206	unset($tmp_topic_data);
207	}
208	else
209	{
210	$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
211	}
212
213	$post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
214
215	// Process message, leave it uncensored
216	$parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
217	$message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
218
219	if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
220	{
221	$sql = 'SELECT *
222	FROM ' . ATTACHMENTS_TABLE . '
223	WHERE post_msg_id = ' . $post_id . '
224	AND in_message = 0
225	ORDER BY filetime DESC, post_msg_id ASC';
226	$result = $db->sql_query($sql);
227
228	while ($row = $db->sql_fetchrow($result))
229	{
230	$attachments[] = $row;
231	}
232	$db->sql_freeresult($result);
233
234	if (count($attachments))
235	{
236	$update_count = array();
237	parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
238	}
239
240	// Display not already displayed Attachments for this post, we already parsed them. ;)
241	if (!empty($attachments))
242	{
243	$template->assign_var('S_HAS_ATTACHMENTS', true);
244
245	foreach ($attachments as $attachment)
246	{
247	$template->assign_block_vars('attachment', array(
248	'DISPLAY_ATTACHMENT' => $attachment,
249	));
250	}
251	}
252	}
253
254	// Deleting information
255	if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user'])
256	{
257	// User having deleted the post also being the post author?
258	if (!$post_info['post_delete_user'] \|\| $post_info['post_delete_user'] == $post_info['poster_id'])
259	{
260	$display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
261	}
262	else
263	{
264	$sql = 'SELECT u.user_id, u.username, u.user_colour
265	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
266	WHERE p.post_id = ' . $post_info['post_id'] . '
267	AND p.post_delete_user = u.user_id';
268	$result = $db->sql_query($sql);
269	$post_delete_userinfo = $db->sql_fetchrow($result);
270	$db->sql_freeresult($result);
271	$display_username = get_username_string('full', $post_info['post_delete_user'], $post_delete_userinfo['username'], $post_delete_userinfo['user_colour']);
272	}
273
274	$l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
275	}
276	else
277	{
278	$l_deleted_by = '';
279	}
280
281	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
282	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $post_info['topic_id']);
283
284	$post_data = array(
285	'S_MCP_QUEUE' => true,
286	'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id"),
287	'S_CAN_APPROVE' => $auth->acl_get('m_approve', $post_info['forum_id']),
288	'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']),
289	'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
290	'S_POST_REPORTED' => $post_info['post_reported'],
291	'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED \|\| $post_info['post_visibility'] == ITEM_REAPPROVE,
292	'S_POST_LOCKED' => $post_info['post_edit_locked'],
293	'S_USER_NOTES' => true,
294	'S_POST_DELETED' => ($post_info['post_visibility'] == ITEM_DELETED),
295	'DELETED_MESSAGE' => $l_deleted_by,
296	'DELETE_REASON' => $post_info['post_delete_reason'],
297
298	'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&p={$post_info['post_id']}") : '',
299	'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&p=' . $post_id),
300	'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&p=' . $post_id),
301	'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
302	'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
303	'U_VIEW_POST' => $post_url,
304	'U_VIEW_TOPIC' => $topic_url,
305
306	'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
307
308	'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue' . (($topic_id) ? '&mode=unapproved_topics' : '&mode=unapproved_posts')) . '&start=' . $start . '">', '</a>'),
309	'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'),
310	'RETURN_TOPIC_SIMPLE' => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'),
311	'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
312	'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
313	'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
314
315	'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
316	'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
317	'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
318	'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
319
320	'POST_PREVIEW' => $message,
321	'POST_SUBJECT' => $post_info['post_subject'],
322	'POST_DATE' => $user->format_date($post_info['post_time']),
323	'POST_IP' => $post_info['poster_ip'],
324	'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && $request->variable('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
325	'POST_ID' => $post_info['post_id'],
326	'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id),
327
328	'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : '',
329	);
330
331	/**
332	* Alter post awaiting approval template before it is rendered
333	*
334	* @event core.mcp_queue_approve_details_template
335	* @var int post_id Post ID
336	* @var int topic_id Topic ID
337	* @var array topic_info Topic data
338	* @var array post_info Post data
339	* @var array post_data Post template data
340	* @var string message Post message
341	* @var string post_url Post URL
342	* @var string topic_url Topic URL
343	* @since 3.2.2-RC1
344	*/
345	$vars = array(
346	'post_id',
347	'topic_id',
348	'topic_info',
349	'post_info',
350	'post_data',
351	'message',
352	'post_url',
353	'topic_url',
354	);
355	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_approve_details_template', compact($vars)));
356
357	$template->assign_vars($post_data);
358
359	break;
360
361	case 'unapproved_topics':
362	case 'unapproved_posts':
363	case 'deleted_topics':
364	case 'deleted_posts':
365	$m_perm = 'm_approve';
366	$is_topics = ($mode == 'unapproved_topics' \|\| $mode == 'deleted_topics') ? true : false;
367	$is_restore = ($mode == 'deleted_posts' \|\| $mode == 'deleted_topics') ? true : false;
368	$visibility_const = (!$is_restore) ? array(ITEM_UNAPPROVED, ITEM_REAPPROVE) : ITEM_DELETED;
369
370	$user->add_lang(array('viewtopic', 'viewforum'));
371
372	$topic_id = $request->variable('t', 0);
373	$forum_info = array();
374
375	// If 'sort' is set, "Go" was pressed which is located behind the forums <select> box
376	// Then, unset the topic id so it does not override the forum id
377	$topic_id = $request->is_set_post('sort') ? 0 : $topic_id;
378
379	if ($topic_id)
380	{
381	$topic_info = phpbb_get_topic_data(array($topic_id));
382
383	if (!count($topic_info))
384	{
385	trigger_error('TOPIC_NOT_EXIST');
386	}
387
388	$topic_info = $topic_info[$topic_id];
389	$forum_id = $topic_info['forum_id'];
390	}
391
392	$forum_list_approve = get_forum_list($m_perm, false, true);
393	$forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
394
395	// Remove forums we cannot read
396	foreach ($forum_list_approve as $k => $forum_data)
397	{
398	if (!isset($forum_list_read[$forum_data['forum_id']]))
399	{
400	unset($forum_list_approve[$k]);
401	}
402	}
403	unset($forum_list_read);
404
405	if (!$forum_id)
406	{
407	$forum_list = array();
408	foreach ($forum_list_approve as $row)
409	{
410	$forum_list[] = $row['forum_id'];
411	}
412
413	if (!count($forum_list))
414	{
415	trigger_error('NOT_MODERATOR');
416	}
417
418	$sql = 'SELECT SUM(forum_topics_approved) as sum_forum_topics
419	FROM ' . FORUMS_TABLE . '
420	WHERE ' . $db->sql_in_set('forum_id', $forum_list);
421	$result = $db->sql_query($sql);
422	$forum_info['forum_topics_approved'] = (int) $db->sql_fetchfield('sum_forum_topics');
423	$db->sql_freeresult($result);
424	}
425	else
426	{
427	$forum_info = phpbb_get_forum_data(array($forum_id), $m_perm);
428
429	if (!count($forum_info))
430	{
431	trigger_error('NOT_MODERATOR');
432	}
433
434	$forum_list = $forum_id;
435	}
436
437	$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
438	foreach ($forum_list_approve as $row)
439	{
440	$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('   ', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
441	}
442
443	$sort_days = $total = 0;
444	$sort_key = $sort_dir = '';
445	$sort_by_sql = $sort_order_sql = array();
446	phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
447
448	$limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
449
450	$forum_names = array();
451
452	if (!$is_topics)
453	{
454	$sql = 'SELECT p.post_id
455	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . '
456	WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . '
457	AND ' . $db->sql_in_set('p.post_visibility', $visibility_const) . '
458	' . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
459	' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
460	AND t.topic_id = p.topic_id
461	AND (t.topic_visibility <> p.post_visibility
462	OR t.topic_delete_user = 0)
463	$limit_time_sql
464	ORDER BY $sort_order_sql";
465
466	/**
467	* Alter sql query to get posts in queue to be accepted
468	*
469	* @event core.mcp_queue_get_posts_query_before
470	* @var string sql Associative array with the query to be executed
471	* @var array forum_list List of forums that contain the posts
472	* @var int visibility_const Integer with one of the possible ITEM_* constant values
473	* @var int topic_id If topic_id not equal to 0, the topic id to filter the posts to display
474	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
475	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
476	* @since 3.1.0-RC3
477	*/
478	$vars = array(
479	'sql',
480	'forum_list',
481	'visibility_const',
482	'topic_id',
483	'limit_time_sql',
484	'sort_order_sql',
485	);
486	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_query_before', compact($vars)));
487
488	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
489
490	$i = 0;
491	$post_ids = array();
492	while ($row = $db->sql_fetchrow($result))
493	{
494	$post_ids[] = $row['post_id'];
495	$row_num[$row['post_id']] = $i++;
496	}
497	$db->sql_freeresult($result);
498
499	if (count($post_ids))
500	{
501	$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour
502	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
503	WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
504	AND t.topic_id = p.topic_id
505	AND u.user_id = p.poster_id
506	ORDER BY ' . $sort_order_sql;
507
508	/**
509	* Alter sql query to get information on all posts in queue
510	*
511	* @event core.mcp_queue_get_posts_for_posts_query_before
512	* @var string sql String with the query to be executed
513	* @var array forum_list List of forums that contain the posts
514	* @var int visibility_const Integer with one of the possible ITEM_* constant values
515	* @var int topic_id topic_id in the page request
516	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
517	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
518	* @since 3.2.3-RC2
519	*/
520	$vars = array(
521	'sql',
522	'forum_list',
523	'visibility_const',
524	'topic_id',
525	'limit_time_sql',
526	'sort_order_sql',
527	);
528	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_posts_query_before', compact($vars)));
529
530	$result = $db->sql_query($sql);
531
532	$post_data = $rowset = array();
533	while ($row = $db->sql_fetchrow($result))
534	{
535	$forum_names[] = $row['forum_id'];
536	$post_data[$row['post_id']] = $row;
537	}
538	$db->sql_freeresult($result);
539
540	foreach ($post_ids as $post_id)
541	{
542	$rowset[] = $post_data[$post_id];
543	}
544	unset($post_data, $post_ids);
545	}
546	else
547	{
548	$rowset = array();
549	}
550	}
551	else
552	{
553	$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
554	FROM ' . TOPICS_TABLE . ' t
555	WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
556	AND ' . $db->sql_in_set('topic_visibility', $visibility_const) . "
557	AND topic_delete_user <> 0
558	$limit_time_sql
559	ORDER BY $sort_order_sql";
560
561	/**
562	* Alter sql query to get information on all topics in the list of forums provided.
563	*
564	* @event core.mcp_queue_get_posts_for_topics_query_before
565	* @var string sql String with the query to be executed
566	* @var array forum_list List of forums that contain the posts
567	* @var int visibility_const Integer with one of the possible ITEM_* constant values
568	* @var int topic_id topic_id in the page request
569	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
570	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
571	* @since 3.1.0-RC3
572	*/
573	$vars = array(
574	'sql',
575	'forum_list',
576	'visibility_const',
577	'topic_id',
578	'limit_time_sql',
579	'sort_order_sql',
580	);
581	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_topics_query_before', compact($vars)));
582
583	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
584
585	$rowset = array();
586	while ($row = $db->sql_fetchrow($result))
587	{
588	$forum_names[] = $row['forum_id'];
589	$rowset[] = $row;
590	}
591	$db->sql_freeresult($result);
592	}
593
594	if (count($forum_names))
595	{
596	// Select the names for the forum_ids
597	$sql = 'SELECT forum_id, forum_name
598	FROM ' . FORUMS_TABLE . '
599	WHERE ' . $db->sql_in_set('forum_id', $forum_names);
600	$result = $db->sql_query($sql, 3600);
601
602	$forum_names = array();
603	while ($row = $db->sql_fetchrow($result))
604	{
605	$forum_names[$row['forum_id']] = $row['forum_name'];
606	}
607	$db->sql_freeresult($result);
608	}
609
610	foreach ($rowset as $row)
611	{
612	if (empty($row['post_username']))
613	{
614	$row['post_username'] = $row['username'] ?: $user->lang['GUEST'];
615	}
616
617	$post_row = array(
618	'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $row['topic_id']),
619	'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
620	'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
621	'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')),
622
623	'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
624	'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
625	'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
626	'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
627
628	'POST_ID' => $row['post_id'],
629	'TOPIC_ID' => $row['topic_id'],
630	'FORUM_NAME' => $forum_names[$row['forum_id']],
631	'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
632	'TOPIC_TITLE' => $row['topic_title'],
633	'POST_TIME' => $user->format_date($row['post_time']),
634	'S_HAS_ATTACHMENTS' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'],
635	);
636
637	/**
638	* Alter sql query to get information on all topics in the list of forums provided.
639	*
640	* @event core.mcp_queue_get_posts_modify_post_row
641	* @var array post_row Template variables for current post
642	* @var array row Post data
643	* @var array forum_names Forum names
644	* @since 3.2.3-RC2
645	*/
646	$vars = array(
647	'post_row',
648	'row',
649	'forum_names',
650	);
651	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_modify_post_row', compact($vars)));
652
653	$template->assign_block_vars('postrow', $post_row);
654	}
655	unset($rowset, $forum_names);
656
657	/* @var \phpbb\pagination $pagination */
658	$pagination = $phpbb_container->get('pagination');
659
660	$base_url = $this->u_action . "&f=$forum_id&st=$sort_days&sk=$sort_key&sd=$sort_dir";
661	$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
662
663	// Now display the page
664	$template->assign_vars(array(
665	'L_DISPLAY_ITEMS' => (!$is_topics) ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
666	'L_EXPLAIN' => $user->lang['MCP_QUEUE_' . strtoupper($mode) . '_EXPLAIN'],
667	'L_TITLE' => $user->lang['MCP_QUEUE_' . strtoupper($mode)],
668	'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
669
670	'S_FORUM_OPTIONS' => $forum_options,
671	'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')),
672	'S_TOPICS' => $is_topics,
673	'S_RESTORE' => $is_restore,
674
675	'TOPIC_ID' => $topic_id,
676	'TOTAL' => $user->lang(((!$is_topics) ? 'VIEW_TOPIC_POSTS' : 'VIEW_FORUM_TOPICS'), (int) $total),
677	));
678
679	$this->tpl_name = 'mcp_queue';
680	break;
681	}
682	}
683
684	/**
685	* Approve/Restore posts
686	*
687	* @param $action string Action we perform on the posts ('approve' or 'restore')
688	* @param $post_id_list array IDs of the posts to approve/restore
689	* @param $id mixed Category of the current active module
690	* @param $mode string Active module
691	* @return null
692	*/
693	static public function approve_posts($action, $post_id_list, $id, $mode)
694	{
695	global $template, $user, $request, $phpbb_container, $phpbb_dispatcher;
696	global $phpEx, $phpbb_root_path, $phpbb_log;
697
698	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
699	{
700	send_status_line(403, 'Forbidden');
701	trigger_error('NOT_AUTHORISED');
702	}
703
704	$redirect = $request->variable('redirect', build_url(array('quickmod')));
705	$redirect = reapply_sid($redirect);
706	$post_url = '';
707	$approve_log = array();
708	$num_topics = 0;
709
710	$s_hidden_fields = build_hidden_fields(array(
711	'i' => $id,
712	'mode' => $mode,
713	'post_id_list' => $post_id_list,
714	'action' => $action,
715	'redirect' => $redirect,
716	));
717
718	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
719
720	if (confirm_box(true))
721	{
722	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster']));
723
724	$topic_info = array();
725
726	// Group the posts by topic_id
727	foreach ($post_info as $post_id => $post_data)
728	{
729	if ($post_data['post_visibility'] == ITEM_APPROVED)
730	{
731	continue;
732	}
733	$topic_id = (int) $post_data['topic_id'];
734
735	$topic_info[$topic_id]['posts'][] = (int) $post_id;
736	$topic_info[$topic_id]['forum_id'] = (int) $post_data['forum_id'];
737
738	// Refresh the first post, if the time or id is older then the current one
739	if ($post_id <= $post_data['topic_first_post_id'] \|\| $post_data['post_time'] <= $post_data['topic_time'])
740	{
741	$topic_info[$topic_id]['first_post'] = true;
742	}
743
744	// Refresh the last post, if the time or id is newer then the current one
745	if ($post_id >= $post_data['topic_last_post_id'] \|\| $post_data['post_time'] >= $post_data['topic_last_post_time'])
746	{
747	$topic_info[$topic_id]['last_post'] = true;
748	}
749
750	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$post_data['post_id']}") . '#p' . $post_data['post_id'];
751
752	$approve_log[] = array(
753	'forum_id' => $post_data['forum_id'],
754	'topic_id' => $post_data['topic_id'],
755	'post_id' => $post_id,
756	'post_subject' => $post_data['post_subject'],
757	);
758	}
759
760	/* @var $phpbb_content_visibility \phpbb\content_visibility */
761	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
762	foreach ($topic_info as $topic_id => $topic_data)
763	{
764	$phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $topic_data['posts'], $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '', isset($topic_data['first_post']), isset($topic_data['last_post']));
765	}
766
767	foreach ($approve_log as $log_data)
768	{
769	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_' . strtoupper($action) . 'D', false, array(
770	'forum_id' => $log_data['forum_id'],
771	'topic_id' => $log_data['topic_id'],
772	'post_id' => $log_data['post_id'],
773	$log_data['post_subject']
774	));
775	}
776
777	// Only send out the mails, when the posts are being approved
778	if ($action == 'approve')
779	{
780	/* @var $phpbb_notifications \phpbb\notification\manager */
781	$phpbb_notifications = $phpbb_container->get('notification_manager');
782
783	// Handle notifications
784	foreach ($post_info as $post_id => $post_data)
785	{
786	// A single topic approval may also happen here, so handle deleting the respective notification.
787	if (!$post_data['topic_posts_approved'])
788	{
789	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
790
791	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
792	{
793	$phpbb_notifications->add_notifications(array('notification.type.topic'), $post_data);
794	}
795	if ($post_data['post_visibility'] != ITEM_APPROVED)
796	{
797	$num_topics++;
798	}
799	}
800	else
801	{
802	// Only add notifications, if we are not reapproving post
803	// When the topic was already approved, but was edited and
804	// now needs re-approval, we don't want to notify the users
805	// again.
806	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
807	{
808	$phpbb_notifications->add_notifications(array(
809	'notification.type.bookmark',
810	'notification.type.post',
811	), $post_data);
812	}
813	}
814	$phpbb_notifications->add_notifications(array('notification.type.quote'), $post_data);
815	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
816
817	$phpbb_notifications->mark_notifications(array(
818	'notification.type.quote',
819	'notification.type.bookmark',
820	'notification.type.post',
821	), $post_data['post_id'], $user->data['user_id']);
822
823	// Notify Poster?
824	if ($notify_poster)
825	{
826	if ($post_data['poster_id'] == ANONYMOUS)
827	{
828	continue;
829	}
830
831	if (!$post_data['topic_posts_approved'])
832	{
833	$phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data);
834	}
835	else
836	{
837	$phpbb_notifications->add_notifications('notification.type.approve_post', $post_data);
838	}
839	}
840	}
841	}
842
843	if ($num_topics >= 1)
844	{
845	$success_msg = ($num_topics == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
846	}
847	else
848	{
849	$success_msg = (count($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS';
850	}
851
852	/**
853	* Perform additional actions during post(s) approval
854	*
855	* @event core.approve_posts_after
856	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
857	* @var array post_info Array containing info for all posts being approved
858	* @var array topic_info Array containing info for all parent topics of the posts
859	* @var int num_topics Variable containing number of topics
860	* @var bool notify_poster Variable telling if the post should be notified or not
861	* @var string success_msg Variable containing the language key for the success message
862	* @var string redirect Variable containing the redirect url
863	* @since 3.1.4-RC1
864	*/
865	$vars = array(
866	'action',
867	'post_info',
868	'topic_info',
869	'num_topics',
870	'notify_poster',
871	'success_msg',
872	'redirect',
873	);
874	extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars)));
875
876	meta_refresh(3, $redirect);
877	$message = $user->lang[$success_msg];
878
879	if ($request->is_ajax())
880	{
881	$json_response = new \phpbb\json_response;
882	$json_response->send(array(
883	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
884	'MESSAGE_TEXT' => $message,
885	'REFRESH_DATA' => null,
886	'visible' => true,
887	));
888	}
889	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
890
891	// If approving one post, also give links back to post...
892	if (count($post_info) == 1 && $post_url)
893	{
894	$message .= '<br /><br />' . $user->lang('RETURN_POST', '<a href="' . $post_url . '">', '</a>');
895	}
896	trigger_error($message);
897	}
898	else
899	{
900	$show_notify = false;
901
902	if ($action == 'approve')
903	{
904	foreach ($post_info as $post_data)
905	{
906	if (!$post_data['topic_posts_approved'])
907	{
908	$num_topics++;
909	}
910
911	if (!$show_notify && $post_data['poster_id'] != ANONYMOUS)
912	{
913	$show_notify = true;
914	}
915	}
916	}
917
918	$template->assign_vars(array(
919	'S_NOTIFY_POSTER' => $show_notify,
920	'S_' . strtoupper($action) => true,
921	));
922
923	// Create the confirm box message
924	$action_msg = strtoupper($action);
925	$num_posts = count($post_id_list) - $num_topics;
926	if ($num_topics > 0 && $num_posts <= 0)
927	{
928	$action_msg .= '_TOPIC' . (($num_topics == 1) ? '' : 'S');
929	}
930	else
931	{
932	$action_msg .= '_POST' . ((count($post_id_list) == 1) ? '' : 'S');
933	}
934	confirm_box(false, $action_msg, $s_hidden_fields, 'mcp_approve.html');
935	}
936
937	redirect($redirect);
938	}
939
940	/**
941	* Approve/Restore topics
942	*
943	* @param $action string Action we perform on the posts ('approve' or 'restore')
944	* @param $topic_id_list array IDs of the topics to approve/restore
945	* @param $id mixed Category of the current active module
946	* @param $mode string Active module
947	* @return null
948	*/
949	static public function approve_topics($action, $topic_id_list, $id, $mode)
950	{
951	global $db, $template, $user, $phpbb_log;
952	global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher;
953
954	if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
955	{
956	send_status_line(403, 'Forbidden');
957	trigger_error('NOT_AUTHORISED');
958	}
959
960	$redirect = $request->variable('redirect', build_url(array('quickmod')));
961	$redirect = reapply_sid($redirect);
962	$success_msg = $topic_url = '';
963	$approve_log = array();
964
965	$s_hidden_fields = build_hidden_fields(array(
966	'i' => $id,
967	'mode' => $mode,
968	'topic_id_list' => $topic_id_list,
969	'action' => $action,
970	'redirect' => $redirect,
971	));
972
973	$topic_info = phpbb_get_topic_data($topic_id_list, 'm_approve');
974
975	if (confirm_box(true))
976	{
977	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster'])) ? true : false;
978
979	/* @var $phpbb_content_visibility \phpbb\content_visibility */
980	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
981	$first_post_ids = array();
982
983	foreach ($topic_info as $topic_id => $topic_data)
984	{
985	$phpbb_content_visibility->set_topic_visibility(ITEM_APPROVED, $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '');
986	$first_post_ids[$topic_id] = (int) $topic_data['topic_first_post_id'];
987
988	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$topic_id}");
989
990	$approve_log[] = array(
991	'forum_id' => $topic_data['forum_id'],
992	'topic_id' => $topic_data['topic_id'],
993	'topic_title' => $topic_data['topic_title'],
994	);
995	}
996
997	if (count($topic_info) >= 1)
998	{
999	$success_msg = (count($topic_info) == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
1000	}
1001
1002	foreach ($approve_log as $log_data)
1003	{
1004	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_TOPIC_' . strtoupper($action) . 'D', false, array(
1005	'forum_id' => $log_data['forum_id'],
1006	'topic_id' => $log_data['topic_id'],
1007	$log_data['topic_title']
1008	));
1009	}
1010
1011	// Only send out the mails, when the posts are being approved
1012	if ($action == 'approve')
1013	{
1014	// Grab the first post text as it's needed for the quote notification.
1015	$sql = 'SELECT topic_id, post_text
1016	FROM ' . POSTS_TABLE . '
1017	WHERE ' . $db->sql_in_set('post_id', $first_post_ids);
1018	$result = $db->sql_query($sql);
1019
1020	while ($row = $db->sql_fetchrow($result))
1021	{
1022	$topic_info[$row['topic_id']]['post_text'] = $row['post_text'];
1023	}
1024	$db->sql_freeresult($result);
1025
1026	// Handle notifications
1027	/* @var $phpbb_notifications \phpbb\notification\manager */
1028	$phpbb_notifications = $phpbb_container->get('notification_manager');
1029
1030	foreach ($topic_info as $topic_id => $topic_data)
1031	{
1032	$topic_data = array_merge($topic_data, array(
1033	'post_id' => $topic_data['topic_first_post_id'],
1034	'post_subject' => $topic_data['topic_title'],
1035	'post_time' => $topic_data['topic_time'],
1036	'poster_id' => $topic_data['topic_poster'],
1037	'post_username' => $topic_data['topic_first_poster_name'],
1038	));
1039
1040	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $topic_id);
1041
1042	// Only add notifications, if we are not reapproving post
1043	// When the topic was already approved, but was edited and
1044	// now needs re-approval, we don't want to notify the users
1045	// again.
1046	if ($topic_data['topic_visibility'] == ITEM_UNAPPROVED)
1047	{
1048	$phpbb_notifications->add_notifications(array(
1049	'notification.type.quote',
1050	'notification.type.topic',
1051	), $topic_data);
1052	}
1053
1054	$phpbb_notifications->mark_notifications('quote', $topic_data['post_id'], $user->data['user_id']);
1055	$phpbb_notifications->mark_notifications('topic', $topic_id, $user->data['user_id']);
1056
1057	if ($notify_poster)
1058	{
1059	$phpbb_notifications->add_notifications('notification.type.approve_topic', $topic_data);
1060	}
1061	}
1062	}
1063
1064	/**
1065	* Perform additional actions during topics(s) approval
1066	*
1067	* @event core.approve_topics_after
1068	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
1069	* @var mixed topic_info Array containing info for all topics being approved
1070	* @var array first_post_ids Array containing ids of all first posts
1071	* @var bool notify_poster Variable telling if the poster should be notified or not
1072	* @var string success_msg Variable containing the language key for the success message
1073	* @var string redirect Variable containing the redirect url
1074	* @since 3.1.4-RC1
1075	*/
1076	$vars = array(
1077	'action',
1078	'topic_info',
1079	'first_post_ids',
1080	'notify_poster',
1081	'success_msg',
1082	'redirect',
1083	);
1084	extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars)));
1085
1086	meta_refresh(3, $redirect);
1087	$message = $user->lang[$success_msg];
1088
1089	if ($request->is_ajax())
1090	{
1091	$json_response = new \phpbb\json_response;
1092	$json_response->send(array(
1093	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1094	'MESSAGE_TEXT' => $message,
1095	'REFRESH_DATA' => null,
1096	'visible' => true,
1097	));
1098	}
1099	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1100
1101	// If approving one topic, also give links back to topic...
1102	if (count($topic_info) == 1 && $topic_url)
1103	{
1104	$message .= '<br /><br />' . $user->lang('RETURN_TOPIC', '<a href="' . $topic_url . '">', '</a>');
1105	}
1106	trigger_error($message);
1107	}
1108	else
1109	{
1110	$show_notify = false;
1111
1112	if ($action == 'approve')
1113	{
1114	foreach ($topic_info as $topic_data)
1115	{
1116	if ($topic_data['topic_poster'] == ANONYMOUS)
1117	{
1118	continue;
1119	}
1120	else
1121	{
1122	$show_notify = true;
1123	break;
1124	}
1125	}
1126	}
1127
1128	$template->assign_vars(array(
1129	'S_NOTIFY_POSTER' => $show_notify,
1130	'S_' . strtoupper($action) => true,
1131	));
1132
1133	confirm_box(false, strtoupper($action) . '_TOPIC' . ((count($topic_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
1134	}
1135
1136	redirect($redirect);
1137	}
1138
1139	/**
1140	* Disapprove Post
1141	*
1142	* @param $post_id_list array IDs of the posts to disapprove/delete
1143	* @param $id mixed Category of the current active module
1144	* @param $mode string Active module
1145	* @return null
1146	*/
1147	static public function disapprove_posts($post_id_list, $id, $mode)
1148	{
1149	global $db, $template, $user, $phpbb_container, $phpbb_dispatcher;
1150	global $phpEx, $phpbb_root_path, $request, $phpbb_log;
1151
1152	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
1153	{
1154	send_status_line(403, 'Forbidden');
1155	trigger_error('NOT_AUTHORISED');
1156	}
1157
1158	$redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode=$mode");
1159	$redirect = reapply_sid($redirect);
1160	$reason = $request->variable('reason', '', true);
1161	$reason_id = $request->variable('reason_id', 0);
1162	$additional_msg = '';
1163
1164	$s_hidden_fields = build_hidden_fields(array(
1165	'i' => $id,
1166	'mode' => $mode,
1167	'post_id_list' => $post_id_list,
1168	'action' => 'disapprove',
1169	'redirect' => $redirect,
1170	));
1171
1172	$notify_poster = $request->is_set('notify_poster');
1173	$disapprove_reason = '';
1174
1175	if ($reason_id)
1176	{
1177	$sql = 'SELECT reason_title, reason_description
1178	FROM ' . REPORTS_REASONS_TABLE . "
1179	WHERE reason_id = $reason_id";
1180	$result = $db->sql_query($sql);
1181	$row = $db->sql_fetchrow($result);
1182	$db->sql_freeresult($result);
1183
1184	if (!$row \|\| (!$reason && strtolower($row['reason_title']) == 'other'))
1185	{
1186	$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
1187
1188	$request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
1189	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST);
1190	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST);
1191	}
1192	else
1193	{
1194	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
1195	$disapprove_reason = (strtolower($row['reason_title']) != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : '';
1196	$disapprove_reason .= ($reason) ? "\n\n" . $reason : '';
1197
1198	if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
1199	{
1200	$disapprove_reason_lang = strtoupper($row['reason_title']);
1201	}
1202	}
1203	}
1204
1205	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
1206
1207	$is_disapproving = false;
1208	foreach ($post_info as $post_id => $post_data)
1209	{
1210	if ($post_data['post_visibility'] == ITEM_DELETED)
1211	{
1212	continue;
1213	}
1214
1215	$is_disapproving = true;
1216	}
1217
1218	if (confirm_box(true))
1219	{
1220	$disapprove_log_topics = $disapprove_log_posts = array();
1221	$topic_posts_unapproved = $post_disapprove_list = $topic_information = array();
1222
1223	// Build a list of posts to be disapproved and get the related topics real replies count
1224	foreach ($post_info as $post_id => $post_data)
1225	{
1226	if ($mode === 'unapproved_topics' && $post_data['post_visibility'] == ITEM_APPROVED)
1227	{
1228	continue;
1229	}
1230
1231	$post_disapprove_list[$post_id] = $post_data['topic_id'];
1232	if (!isset($topic_posts_unapproved[$post_data['topic_id']]))
1233	{
1234	$topic_information[$post_data['topic_id']] = $post_data;
1235	$topic_posts_unapproved[$post_data['topic_id']] = 0;
1236	}
1237	$topic_posts_unapproved[$post_data['topic_id']]++;
1238	}
1239
1240	// Do not try to disapprove if no posts are selected
1241	if (empty($post_disapprove_list))
1242	{
1243	trigger_error('NO_POST_SELECTED');
1244	}
1245
1246	// Now we build the log array
1247	foreach ($post_disapprove_list as $post_id => $topic_id)
1248	{
1249	// If the count of disapproved posts for the topic is equal
1250	// to the number of unapproved posts in the topic, and there are no different
1251	// posts, we disapprove the hole topic
1252	if ($topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1253	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1254	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id])
1255	{
1256	// Don't write the log more than once for every topic
1257	if (!isset($disapprove_log_topics[$topic_id]))
1258	{
1259	// Build disapproved topics log
1260	$disapprove_log_topics[$topic_id] = array(
1261	'type' => 'topic',
1262	'post_subject' => $post_info[$post_id]['topic_title'],
1263	'forum_id' => $post_info[$post_id]['forum_id'],
1264	'topic_id' => 0, // useless to log a topic id, as it will be deleted
1265	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1266	);
1267	}
1268	}
1269	else
1270	{
1271	// Build disapproved posts log
1272	$disapprove_log_posts[] = array(
1273	'type' => 'post',
1274	'post_subject' => $post_info[$post_id]['post_subject'],
1275	'forum_id' => $post_info[$post_id]['forum_id'],
1276	'topic_id' => $post_info[$post_id]['topic_id'],
1277	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1278	);
1279
1280	}
1281	}
1282
1283	// Get disapproved posts/topics counts separately
1284	$num_disapproved_topics = count($disapprove_log_topics);
1285	$num_disapproved_posts = count($disapprove_log_posts);
1286
1287	// Build the whole log
1288	$disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts);
1289
1290	// Unset unneeded arrays
1291	unset($post_data, $disapprove_log_topics, $disapprove_log_posts);
1292
1293	// Let's do the job - delete disapproved posts
1294	if (count($post_disapprove_list))
1295	{
1296	if (!function_exists('delete_posts'))
1297	{
1298	include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1299	}
1300
1301	// We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
1302	// Note: function delete_posts triggers related forums/topics sync,
1303	// so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually
1304	delete_posts('post_id', array_keys($post_disapprove_list));
1305
1306	foreach ($disapprove_log as $log_data)
1307	{
1308	if ($is_disapproving)
1309	{
1310	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED';
1311	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1312	'forum_id' => $log_data['forum_id'],
1313	'topic_id' => $log_data['topic_id'],
1314	$log_data['post_subject'],
1315	$disapprove_reason,
1316	$log_data['post_username']
1317	));
1318	}
1319	else
1320	{
1321	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST';
1322	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1323	'forum_id' => $log_data['forum_id'],
1324	'topic_id' => $log_data['topic_id'],
1325	$log_data['post_subject'],
1326	$log_data['post_username']
1327	));
1328	}
1329	}
1330	}
1331
1332	/* @var $phpbb_notifications \phpbb\notification\manager */
1333	$phpbb_notifications = $phpbb_container->get('notification_manager');
1334
1335	$lang_reasons = array();
1336
1337	foreach ($post_info as $post_id => $post_data)
1338	{
1339	$disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1340	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1341	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id];
1342
1343	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
1344
1345	// Do we disapprove the whole topic? Remove potential notifications
1346	if ($disapprove_all_posts_in_topic)
1347	{
1348	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
1349	}
1350
1351	// Notify Poster?
1352	if ($notify_poster)
1353	{
1354	if ($post_data['poster_id'] == ANONYMOUS)
1355	{
1356	continue;
1357	}
1358
1359	$post_data['disapprove_reason'] = $disapprove_reason;
1360	if (isset($disapprove_reason_lang))
1361	{
1362	// Okay we need to get the reason from the posters language
1363	if (!isset($lang_reasons[$post_data['user_lang']]))
1364	{
1365	// Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity.
1366	$lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1367
1368	// Only load up the language pack if the language is different to the current one
1369	if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx))
1370	{
1371	// Load up the language pack
1372	$lang = array();
1373	@include($phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx);
1374
1375	// If we find the reason in this language pack use it
1376	if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]))
1377	{
1378	$lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1379	}
1380
1381	unset($lang); // Free memory
1382	}
1383	}
1384
1385	$post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']];
1386	$post_data['disapprove_reason'] .= ($reason) ? "\n\n" . $reason : '';
1387	}
1388
1389	if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1)
1390	{
1391	// If there is only 1 post when disapproving the topic,
1392	// we send the user a "disapprove topic" notification...
1393	$phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data);
1394	}
1395	else
1396	{
1397	// ... otherwise there are multiple unapproved posts and
1398	// all of them are disapproved as posts.
1399	$phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data);
1400	}
1401	}
1402	}
1403
1404	if ($num_disapproved_topics)
1405	{
1406	$success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS';
1407	}
1408	else
1409	{
1410	$success_msg = ($num_disapproved_posts == 1) ? 'POST' : 'POSTS';
1411	}
1412
1413	if ($is_disapproving)
1414	{
1415	$success_msg .= '_DISAPPROVED_SUCCESS';
1416	}
1417	else
1418	{
1419	$success_msg .= '_DELETED_SUCCESS';
1420	}
1421
1422	// If we came from viewtopic, we try to go back to it.
1423	if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0)
1424	{
1425	if ($num_disapproved_topics == 0)
1426	{
1427	// So we need to remove the post id part from the Url
1428	$redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect);
1429	}
1430	else
1431	{
1432	// However this is only possible if the topic still exists,
1433	// Otherwise we go back to the viewforum page
1434	$redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $post_data['forum_id']);
1435	}
1436	}
1437
1438	$disapprove_reason_lang = $disapprove_reason_lang ?? '';
1439
1440	/**
1441	* Perform additional actions during post(s) disapproval
1442	*
1443	* @event core.disapprove_posts_after
1444	* @var array post_info Array containing info for all posts being disapproved
1445	* @var array topic_information Array containing information for the topics
1446	* @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them
1447	* @var array post_disapprove_list Array containing list of posts and their topic id
1448	* @var int num_disapproved_topics Variable containing the number of disapproved topics
1449	* @var int num_disapproved_posts Variable containing the number of disapproved posts
1450	* @var array lang_reasons Array containing the language keys for reasons
1451	* @var string disapprove_reason Variable containing the language key for the success message
1452	* @var string disapprove_reason_lang Variable containing the language key for the success message
1453	* @var bool is_disapproving Variable telling if anything is going to be disapproved
1454	* @var bool notify_poster Variable telling if the post should be notified or not
1455	* @var string success_msg Variable containing the language key for the success message
1456	* @var string redirect Variable containing the redirect url
1457	* @since 3.1.4-RC1
1458	*/
1459	$vars = array(
1460	'post_info',
1461	'topic_information',
1462	'topic_posts_unapproved',
1463	'post_disapprove_list',
1464	'num_disapproved_topics',
1465	'num_disapproved_posts',
1466	'lang_reasons',
1467	'disapprove_reason',
1468	'disapprove_reason_lang',
1469	'is_disapproving',
1470	'notify_poster',
1471	'success_msg',
1472	'redirect',
1473	);
1474	extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
1475
1476	unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
1477
1478	meta_refresh(3, $redirect);
1479	$message = $user->lang[$success_msg];
1480
1481	if ($request->is_ajax())
1482	{
1483	$json_response = new \phpbb\json_response;
1484	$json_response->send(array(
1485	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1486	'MESSAGE_TEXT' => $message,
1487	'REFRESH_DATA' => null,
1488	'visible' => false,
1489	));
1490	}
1491	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1492	trigger_error($message);
1493	}
1494	else
1495	{
1496	$show_notify = false;
1497
1498	foreach ($post_info as $post_data)
1499	{
1500	if ($post_data['poster_id'] == ANONYMOUS)
1501	{
1502	continue;
1503	}
1504	else
1505	{
1506	$show_notify = true;
1507	break;
1508	}
1509	}
1510
1511	$l_confirm_msg = 'DISAPPROVE_POST';
1512	$confirm_template = 'mcp_approve.html';
1513	if ($is_disapproving)
1514	{
1515	$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
1516	}
1517	else
1518	{
1519	$user->add_lang('posting');
1520
1521	$l_confirm_msg = 'DELETE_POST_PERMANENTLY';
1522	$confirm_template = 'confirm_delete_body.html';
1523	}
1524	$l_confirm_msg .= ((count($post_id_list) == 1) ? '' : 'S');
1525
1526	$template->assign_vars(array(
1527	'S_NOTIFY_POSTER' => $show_notify,
1528	'S_APPROVE' => false,
1529	'REASON' => ($is_disapproving) ? $reason : '',
1530	'ADDITIONAL_MSG' => $additional_msg,
1531	));
1532
1533	confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template);
1534	}
1535
1536	redirect($redirect);
1537	}
1538	}