Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
0.00% covered (danger)
0.00%
0 / 759
0.00% covered (danger)
0.00%
0 / 5
CRAP
0.00% covered (danger)
0.00%
0 / 1
mcp_queue
0.00% covered (danger)
0.00%
0 / 757
0.00% covered (danger)
0.00%
0 / 5
43890
0.00% covered (danger)
0.00%
0 / 1
 __construct
0.00% covered (danger)
0.00%
0 / 1
0.00% covered (danger)
0.00%
0 / 1
2
 main
0.00% covered (danger)
0.00%
0 / 343
0.00% covered (danger)
0.00%
0 / 1
8556
 approve_posts
0.00% covered (danger)
0.00%
0 / 124
0.00% covered (danger)
0.00%
0 / 1
1332
 approve_topics
0.00% covered (danger)
0.00%
0 / 102
0.00% covered (danger)
0.00%
0 / 1
462
 disapprove_posts
0.00% covered (danger)
0.00%
0 / 187
0.00% covered (danger)
0.00%
0 / 1
3540
1<?php
2/**
3*
4* This file is part of the phpBB Forum Software package.
5*
6* @copyright (c) phpBB Limited <https://www.phpbb.com>
7* @license GNU General Public License, version 2 (GPL-2.0)
8*
9* For full copyright and license information, please see
10* the docs/CREDITS.txt file.
11*
12*/
13
14/**
15* @ignore
16*/
17if (!defined('IN_PHPBB'))
18{
19    exit;
20}
21
22/**
23* mcp_queue
24* Handling the moderation queue
25*/
26class mcp_queue
27{
28    var $p_master;
29    var $u_action;
30
31    public function __construct($p_master)
32    {
33        $this->p_master = $p_master;
34    }
35
36    public function main($id, $mode)
37    {
38        global $auth, $db, $user, $template, $request;
39        global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
40        global $phpbb_dispatcher;
41
42        include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
43
44        $forum_id = $request->variable('f', 0);
45        $start = $request->variable('start', 0);
46
47        $this->page_title = 'MCP_QUEUE';
48
49        switch ($action)
50        {
51            case 'approve':
52            case 'restore':
53                include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
54
55                $post_id_list = $request->variable('post_id_list', array(0));
56                $topic_id_list = $request->variable('topic_id_list', array(0));
57
58                if (!empty($post_id_list))
59                {
60                    self::approve_posts($action, $post_id_list, 'queue', $mode);
61                }
62                else if (!empty($topic_id_list))
63                {
64                    self::approve_topics($action, $topic_id_list, 'queue', $mode);
65                }
66                else
67                {
68                    trigger_error('NO_POST_SELECTED');
69                }
70            break;
71
72            case 'delete':
73                $post_id_list = $request->variable('post_id_list', array(0));
74                $topic_id_list = $request->variable('topic_id_list', array(0));
75                $delete_reason = $request->variable('delete_reason', '', true);
76
77                if (!empty($post_id_list))
78                {
79                    if (!function_exists('mcp_delete_post'))
80                    {
81                        global $phpbb_root_path, $phpEx;
82                        include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
83                    }
84                    mcp_delete_post($post_id_list, false, $delete_reason, $action);
85                }
86                else if (!empty($topic_id_list))
87                {
88                    if (!function_exists('mcp_delete_topic'))
89                    {
90                        global $phpbb_root_path, $phpEx;
91                        include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
92                    }
93                    mcp_delete_topic($topic_id_list, false, $delete_reason, $action);
94                }
95                else
96                {
97                    trigger_error('NO_POST_SELECTED');
98                }
99            break;
100
101            case 'disapprove':
102                $post_id_list = $request->variable('post_id_list', array(0));
103                $topic_id_list = $request->variable('topic_id_list', array(0));
104
105                if (!empty($topic_id_list) && $mode == 'deleted_topics')
106                {
107                    if (!function_exists('mcp_delete_topic'))
108                    {
109                        global $phpbb_root_path, $phpEx;
110                        include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
111                    }
112                    mcp_delete_topic($topic_id_list, false, '', 'disapprove');
113                    return;
114                }
115
116                if (!class_exists('messenger'))
117                {
118                    include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
119                }
120
121                if (!empty($topic_id_list))
122                {
123                    $post_visibility = ($mode == 'deleted_topics') ? ITEM_DELETED : array(ITEM_UNAPPROVED, ITEM_REAPPROVE);
124                    $sql = 'SELECT post_id
125                        FROM ' . POSTS_TABLE . '
126                        WHERE ' . $db->sql_in_set('post_visibility', $post_visibility) . '
127                            AND ' . $db->sql_in_set('topic_id', $topic_id_list);
128                    $result = $db->sql_query($sql);
129
130                    $post_id_list = array();
131                    while ($row = $db->sql_fetchrow($result))
132                    {
133                        $post_id_list[] = (int) $row['post_id'];
134                    }
135                    $db->sql_freeresult($result);
136                }
137
138                if (!empty($post_id_list))
139                {
140                    self::disapprove_posts($post_id_list, 'queue', $mode);
141                }
142                else
143                {
144                    trigger_error('NO_POST_SELECTED');
145                }
146            break;
147        }
148
149        switch ($mode)
150        {
151            case 'approve_details':
152
153                $this->tpl_name = 'mcp_post';
154
155                $user->add_lang(array('posting', 'viewtopic'));
156
157                $post_id = $request->variable('p', 0);
158                $topic_id = $request->variable('t', 0);
159                $topic_info = [];
160
161                /* @var $phpbb_notifications \phpbb\notification\manager */
162                $phpbb_notifications = $phpbb_container->get('notification_manager');
163
164                if ($topic_id)
165                {
166                    $topic_info = phpbb_get_topic_data(array($topic_id), 'm_approve');
167                    if (isset($topic_info[$topic_id]['topic_first_post_id']))
168                    {
169                        $post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
170
171                        $phpbb_notifications->mark_notifications('topic_in_queue', $topic_id, $user->data['user_id']);
172                    }
173                    else
174                    {
175                        $topic_id = 0;
176                    }
177                }
178
179                $phpbb_notifications->mark_notifications('post_in_queue', $post_id, $user->data['user_id']);
180
181                $post_info = phpbb_get_post_data(array($post_id), 'm_approve', true);
182
183                if (!count($post_info))
184                {
185                    trigger_error('NO_POST_SELECTED');
186                }
187
188                $post_info = $post_info[$post_id];
189
190                if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
191                {
192                    $template->assign_vars(array(
193                        'S_TOPIC_REVIEW'    => true,
194                        'S_BBCODE_ALLOWED'    => $post_info['enable_bbcode'],
195                        'TOPIC_TITLE'        => $post_info['topic_title'],
196                    ));
197                }
198
199                $attachments = $topic_tracking_info = array();
200
201                // Get topic tracking info
202                if ($config['load_db_lastread'])
203                {
204                    $tmp_topic_data = array($post_info['topic_id'] => $post_info);
205                    $topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
206                    unset($tmp_topic_data);
207                }
208                else
209                {
210                    $topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
211                }
212
213                $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
214
215                // Process message, leave it uncensored
216                $parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
217                $message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
218
219                if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
220                {
221                    $sql = 'SELECT *
222                        FROM ' . ATTACHMENTS_TABLE . '
223                        WHERE post_msg_id = ' . $post_id . '
224                            AND in_message = 0
225                        ORDER BY filetime DESC, post_msg_id ASC';
226                    $result = $db->sql_query($sql);
227
228                    while ($row = $db->sql_fetchrow($result))
229                    {
230                        $attachments[] = $row;
231                    }
232                    $db->sql_freeresult($result);
233
234                    if (count($attachments))
235                    {
236                        $update_count = array();
237                        parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
238                    }
239
240                    // Display not already displayed Attachments for this post, we already parsed them. ;)
241                    if (!empty($attachments))
242                    {
243                        $template->assign_var('S_HAS_ATTACHMENTS', true);
244
245                        foreach ($attachments as $attachment)
246                        {
247                            $template->assign_block_vars('attachment', array(
248                                'DISPLAY_ATTACHMENT'    => $attachment,
249                            ));
250                        }
251                    }
252                }
253
254                // Deleting information
255                if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user'])
256                {
257                    // User having deleted the post also being the post author?
258                    if (!$post_info['post_delete_user'] || $post_info['post_delete_user'] == $post_info['poster_id'])
259                    {
260                        $display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
261                    }
262                    else
263                    {
264                        $sql = 'SELECT u.user_id, u.username, u.user_colour
265                            FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
266                            WHERE p.post_id =  ' . $post_info['post_id'] . '
267                                AND p.post_delete_user = u.user_id';
268                        $result = $db->sql_query($sql);
269                        $post_delete_userinfo = $db->sql_fetchrow($result);
270                        $db->sql_freeresult($result);
271                        $display_username = get_username_string('full', $post_info['post_delete_user'], $post_delete_userinfo['username'], $post_delete_userinfo['user_colour']);
272                    }
273
274                    $l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
275                }
276                else
277                {
278                    $l_deleted_by = '';
279                }
280
281                $post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
282                $topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $post_info['topic_id']);
283
284                $post_data = array(
285                    'S_MCP_QUEUE'            => true,
286                    'U_APPROVE_ACTION'        => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;p=$post_id"),
287                    'S_CAN_APPROVE'            => $auth->acl_get('m_approve', $post_info['forum_id']),
288                    'S_CAN_DELETE_POST'        => $auth->acl_get('m_delete', $post_info['forum_id']),
289                    'S_CAN_VIEWIP'            => $auth->acl_get('m_info', $post_info['forum_id']),
290                    'S_POST_REPORTED'        => $post_info['post_reported'],
291                    'S_POST_UNAPPROVED'        => $post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE,
292                    'S_POST_LOCKED'            => $post_info['post_edit_locked'],
293                    'S_USER_NOTES'            => true,
294                    'S_POST_DELETED'        => ($post_info['post_visibility'] == ITEM_DELETED),
295                    'DELETED_MESSAGE'        => $l_deleted_by,
296                    'DELETE_REASON'            => $post_info['post_delete_reason'],
297
298                    'U_EDIT'                => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&amp;p={$post_info['post_id']}") : '',
299                    'U_MCP_APPROVE'            => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;p=' . $post_id),
300                    'U_MCP_REPORT'            => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;p=' . $post_id),
301                    'U_MCP_USER_NOTES'        => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $post_info['user_id']),
302                    'U_MCP_WARN_USER'        => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $post_info['user_id']) : '',
303                    'U_VIEW_POST'            => $post_url,
304                    'U_VIEW_TOPIC'            => $topic_url,
305
306                    'MINI_POST_IMG'            => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
307
308                    'RETURN_QUEUE'            => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue' . (($topic_id) ? '&amp;mode=unapproved_topics' : '&amp;mode=unapproved_posts')) . '&amp;start=' . $start . '">', '</a>'),
309                    'RETURN_POST'            => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'),
310                    'RETURN_TOPIC_SIMPLE'    => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'),
311                    'REPORTED_IMG'            => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
312                    'UNAPPROVED_IMG'        => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
313                    'EDIT_IMG'                => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
314
315                    'POST_AUTHOR_FULL'        => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
316                    'POST_AUTHOR_COLOUR'    => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
317                    'POST_AUTHOR'            => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
318                    'U_POST_AUTHOR'            => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
319
320                    'POST_PREVIEW'            => $message,
321                    'POST_SUBJECT'            => $post_info['post_subject'],
322                    'POST_DATE'                => $user->format_date($post_info['post_time']),
323                    'POST_IP'                => $post_info['poster_ip'],
324                    'POST_IPADDR'            => ($auth->acl_get('m_info', $post_info['forum_id']) && $request->variable('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
325                    'POST_ID'                => $post_info['post_id'],
326                    'S_FIRST_POST'            => ($post_info['topic_first_post_id'] == $post_id),
327
328                    'U_LOOKUP_IP'            => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;p=' . $post_id . '&amp;lookup=' . $post_info['poster_ip']) . '#ip' : '',
329                );
330
331                /**
332                * Alter post awaiting approval template before it is rendered
333                *
334                * @event core.mcp_queue_approve_details_template
335                * @var    int        post_id        Post ID
336                * @var    int        topic_id    Topic ID
337                * @var    array    topic_info    Topic data
338                * @var    array    post_info    Post data
339                * @var array    post_data    Post template data
340                * @var    string    message        Post message
341                * @var    string    post_url    Post URL
342                * @var    string    topic_url    Topic URL
343                * @since 3.2.2-RC1
344                */
345                $vars = array(
346                    'post_id',
347                    'topic_id',
348                    'topic_info',
349                    'post_info',
350                    'post_data',
351                    'message',
352                    'post_url',
353                    'topic_url',
354                );
355                extract($phpbb_dispatcher->trigger_event('core.mcp_queue_approve_details_template', compact($vars)));
356
357                $template->assign_vars($post_data);
358
359            break;
360
361            case 'unapproved_topics':
362            case 'unapproved_posts':
363            case 'deleted_topics':
364            case 'deleted_posts':
365                $m_perm = 'm_approve';
366                $is_topics = ($mode == 'unapproved_topics' || $mode == 'deleted_topics') ? true : false;
367                $is_restore = ($mode == 'deleted_posts' || $mode == 'deleted_topics') ? true : false;
368                $visibility_const = (!$is_restore) ? array(ITEM_UNAPPROVED, ITEM_REAPPROVE) : ITEM_DELETED;
369
370                $user->add_lang(array('viewtopic', 'viewforum'));
371
372                $topic_id = $request->variable('t', 0);
373
374                // If 'sort' is set, "Go" was pressed which is located behind the forums <select> box
375                // Then, unset the topic id so it does not override the forum id
376                $topic_id = $request->is_set_post('sort') ? 0 : $topic_id;
377
378                if ($topic_id)
379                {
380                    $topic_info = phpbb_get_topic_data(array($topic_id));
381
382                    if (!count($topic_info))
383                    {
384                        trigger_error('TOPIC_NOT_EXIST');
385                    }
386
387                    $topic_info = $topic_info[$topic_id];
388                    $forum_id = $topic_info['forum_id'];
389                }
390
391                $forum_list_approve = get_forum_list($m_perm, false, true);
392                $forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
393
394                // Remove forums we cannot read
395                foreach ($forum_list_approve as $k => $forum_data)
396                {
397                    if (!isset($forum_list_read[$forum_data['forum_id']]))
398                    {
399                        unset($forum_list_approve[$k]);
400                    }
401                }
402                unset($forum_list_read);
403
404                if (!$forum_id)
405                {
406                    $forum_list = array();
407                    foreach ($forum_list_approve as $row)
408                    {
409                        $forum_list[] = $row['forum_id'];
410                    }
411
412                    if (!count($forum_list))
413                    {
414                        trigger_error('NOT_MODERATOR');
415                    }
416                }
417                else
418                {
419                    $forum_info = phpbb_get_forum_data(array($forum_id), $m_perm);
420
421                    if (!count($forum_info))
422                    {
423                        trigger_error('NOT_MODERATOR');
424                    }
425
426                    $forum_list = $forum_id;
427                }
428
429                $forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
430                foreach ($forum_list_approve as $row)
431                {
432                    $forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('&nbsp; &nbsp;', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
433                }
434
435                $sort_days = $total = 0;
436                $sort_key = $sort_dir = '';
437                $sort_by_sql = $sort_order_sql = array();
438                phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
439
440                $limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
441
442                $forum_names = array();
443
444                if (!$is_topics)
445                {
446                    $sql = 'SELECT p.post_id
447                        FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . '
448                        WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . '
449                            AND ' . $db->sql_in_set('p.post_visibility', $visibility_const) . '
450                            ' . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
451                            ' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
452                            AND t.topic_id = p.topic_id
453                            AND (t.topic_visibility <> p.post_visibility
454                                OR t.topic_delete_user = 0)
455                            $limit_time_sql
456                        ORDER BY $sort_order_sql";
457
458                    /**
459                    * Alter sql query to get posts in queue to be accepted
460                    *
461                    * @event core.mcp_queue_get_posts_query_before
462                    * @var    string    sql                        Associative array with the query to be executed
463                    * @var    array    forum_list                List of forums that contain the posts
464                    * @var    int        visibility_const        Integer with one of the possible ITEM_* constant values
465                    * @var    int        topic_id                If topic_id not equal to 0, the topic id to filter the posts to display
466                    * @var    string    limit_time_sql            String with the SQL code to limit the time interval of the post (Note: May be empty string)
467                    * @var    string    sort_order_sql            String with the ORDER BY SQL code used in this query
468                    * @since 3.1.0-RC3
469                    */
470                    $vars = array(
471                        'sql',
472                        'forum_list',
473                        'visibility_const',
474                        'topic_id',
475                        'limit_time_sql',
476                        'sort_order_sql',
477                    );
478                    extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_query_before', compact($vars)));
479
480                    $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
481
482                    $post_ids = array();
483                    while ($row = $db->sql_fetchrow($result))
484                    {
485                        $post_ids[] = $row['post_id'];
486                    }
487                    $db->sql_freeresult($result);
488
489                    if (count($post_ids))
490                    {
491                        $sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour
492                            FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
493                            WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
494                                AND t.topic_id = p.topic_id
495                                AND u.user_id = p.poster_id
496                            ORDER BY ' . $sort_order_sql;
497
498                        /**
499                        * Alter sql query to get information on all posts in queue
500                        *
501                        * @event core.mcp_queue_get_posts_for_posts_query_before
502                        * @var    string    sql                        String with the query to be executed
503                        * @var    array    forum_list                List of forums that contain the posts
504                        * @var    int        visibility_const        Integer with one of the possible ITEM_* constant values
505                        * @var    int        topic_id                topic_id in the page request
506                        * @var    string    limit_time_sql            String with the SQL code to limit the time interval of the post (Note: May be empty string)
507                        * @var    string    sort_order_sql            String with the ORDER BY SQL code used in this query
508                        * @since 3.2.3-RC2
509                        */
510                        $vars = array(
511                            'sql',
512                            'forum_list',
513                            'visibility_const',
514                            'topic_id',
515                            'limit_time_sql',
516                            'sort_order_sql',
517                        );
518                        extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_posts_query_before', compact($vars)));
519
520                        $result = $db->sql_query($sql);
521
522                        $post_data = $rowset = array();
523                        while ($row = $db->sql_fetchrow($result))
524                        {
525                            $forum_names[] = $row['forum_id'];
526                            $post_data[$row['post_id']] = $row;
527                        }
528                        $db->sql_freeresult($result);
529
530                        foreach ($post_ids as $post_id)
531                        {
532                            $rowset[] = $post_data[$post_id];
533                        }
534                        unset($post_data, $post_ids);
535                    }
536                    else
537                    {
538                        $rowset = array();
539                    }
540                }
541                else
542                {
543                    $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
544                        FROM ' . TOPICS_TABLE . ' t
545                        WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
546                            AND  ' . $db->sql_in_set('topic_visibility', $visibility_const) . "
547                            AND topic_delete_user <> 0
548                            $limit_time_sql
549                        ORDER BY $sort_order_sql";
550
551                    /**
552                    * Alter sql query to get information on all topics in the list of forums provided.
553                    *
554                    * @event core.mcp_queue_get_posts_for_topics_query_before
555                    * @var    string    sql                        String with the query to be executed
556                    * @var    array    forum_list                List of forums that contain the posts
557                    * @var    int        visibility_const        Integer with one of the possible ITEM_* constant values
558                    * @var    int        topic_id                topic_id in the page request
559                    * @var    string    limit_time_sql            String with the SQL code to limit the time interval of the post (Note: May be empty string)
560                    * @var    string    sort_order_sql            String with the ORDER BY SQL code used in this query
561                    * @since 3.1.0-RC3
562                    */
563                    $vars = array(
564                        'sql',
565                        'forum_list',
566                        'visibility_const',
567                        'topic_id',
568                        'limit_time_sql',
569                        'sort_order_sql',
570                    );
571                    extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_topics_query_before', compact($vars)));
572
573                    $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
574
575                    $rowset = array();
576                    while ($row = $db->sql_fetchrow($result))
577                    {
578                        $forum_names[] = $row['forum_id'];
579                        $rowset[] = $row;
580                    }
581                    $db->sql_freeresult($result);
582                }
583
584                if (count($forum_names))
585                {
586                    // Select the names for the forum_ids
587                    $sql = 'SELECT forum_id, forum_name
588                        FROM ' . FORUMS_TABLE . '
589                        WHERE ' . $db->sql_in_set('forum_id', $forum_names);
590                    $result = $db->sql_query($sql, 3600);
591
592                    $forum_names = array();
593                    while ($row = $db->sql_fetchrow($result))
594                    {
595                        $forum_names[$row['forum_id']] = $row['forum_name'];
596                    }
597                    $db->sql_freeresult($result);
598                }
599
600                foreach ($rowset as $row)
601                {
602                    if (empty($row['post_username']))
603                    {
604                        $row['post_username'] = $row['username'] ?: $user->lang['GUEST'];
605                    }
606
607                    $post_row = array(
608                        'U_TOPIC'            => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $row['topic_id']),
609                        'U_VIEWFORUM'        => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
610                        'U_VIEWPOST'        => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
611                        'U_VIEW_DETAILS'    => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;start=$start&amp;mode=approve_details&amp;p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&amp;t={$row['topic_id']}" : '')),
612
613                        'POST_AUTHOR_FULL'        => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
614                        'POST_AUTHOR_COLOUR'    => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
615                        'POST_AUTHOR'            => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
616                        'U_POST_AUTHOR'            => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
617
618                        'POST_ID'        => $row['post_id'],
619                        'TOPIC_ID'        => $row['topic_id'],
620                        'FORUM_NAME'    => $forum_names[$row['forum_id']],
621                        'POST_SUBJECT'    => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
622                        'TOPIC_TITLE'    => $row['topic_title'],
623                        'POST_TIME'        => $user->format_date($row['post_time']),
624                        'S_HAS_ATTACHMENTS'    => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'],
625                    );
626
627                    /**
628                    * Alter sql query to get information on all topics in the list of forums provided.
629                    *
630                    * @event core.mcp_queue_get_posts_modify_post_row
631                    * @var    array    post_row    Template variables for current post
632                    * @var    array    row            Post data
633                    * @var    array    forum_names    Forum names
634                    * @since 3.2.3-RC2
635                    */
636                    $vars = array(
637                        'post_row',
638                        'row',
639                        'forum_names',
640                    );
641                    extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_modify_post_row', compact($vars)));
642
643                    $template->assign_block_vars('postrow', $post_row);
644                }
645                unset($rowset, $forum_names);
646
647                /* @var \phpbb\pagination $pagination */
648                $pagination = $phpbb_container->get('pagination');
649
650                $base_url = $this->u_action . "&amp;f=$forum_id&amp;st=$sort_days&amp;sk=$sort_key&amp;sd=$sort_dir";
651                $pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
652
653                // Now display the page
654                $template->assign_vars(array(
655                    'L_DISPLAY_ITEMS'        => (!$is_topics) ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
656                    'L_EXPLAIN'                => $user->lang['MCP_QUEUE_' . strtoupper($mode) . '_EXPLAIN'],
657                    'L_TITLE'                => $user->lang['MCP_QUEUE_' . strtoupper($mode)],
658                    'L_ONLY_TOPIC'            => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
659
660                    'S_FORUM_OPTIONS'        => $forum_options,
661                    'S_MCP_ACTION'            => build_url(array('t', 'f', 'sd', 'st', 'sk')),
662                    'S_TOPICS'                => $is_topics,
663                    'S_RESTORE'                => $is_restore,
664
665                    'TOPIC_ID'                => $topic_id,
666                    'TOTAL'                    => $user->lang(((!$is_topics) ? 'VIEW_TOPIC_POSTS' : 'VIEW_FORUM_TOPICS'), (int) $total),
667                ));
668
669                $this->tpl_name = 'mcp_queue';
670            break;
671        }
672    }
673
674    /**
675    * Approve/Restore posts
676    *
677    * @param $action        string    Action we perform on the posts ('approve' or 'restore')
678    * @param $post_id_list    array    IDs of the posts to approve/restore
679    * @param $id            mixed    Category of the current active module
680    * @param $mode            string    Active module
681    * @return void|never
682    */
683    public static function approve_posts($action, $post_id_list, $id, $mode)
684    {
685        global $template, $user, $request, $phpbb_container, $phpbb_dispatcher;
686        global $phpEx, $phpbb_root_path, $phpbb_log;
687
688        if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
689        {
690            send_status_line(403, 'Forbidden');
691            trigger_error('NOT_AUTHORISED');
692        }
693
694        $redirect = $request->variable('redirect', build_url(array('quickmod')));
695        $redirect = reapply_sid($redirect);
696        $post_url = '';
697        $approve_log = array();
698        $num_topics = 0;
699
700        $s_hidden_fields = build_hidden_fields(array(
701            'i'                => $id,
702            'mode'            => $mode,
703            'post_id_list'    => $post_id_list,
704            'action'        => $action,
705            'redirect'        => $redirect,
706        ));
707
708        $post_info = phpbb_get_post_data($post_id_list, 'm_approve');
709
710        if (confirm_box(true))
711        {
712            $notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster']));
713
714            $topic_info = array();
715
716            // Group the posts by topic_id
717            foreach ($post_info as $post_id => $post_data)
718            {
719                if ($post_data['post_visibility'] == ITEM_APPROVED)
720                {
721                    continue;
722                }
723                $topic_id = (int) $post_data['topic_id'];
724
725                $topic_info[$topic_id]['posts'][] = (int) $post_id;
726                $topic_info[$topic_id]['forum_id'] = (int) $post_data['forum_id'];
727
728                // Refresh the first post, if the time or id is older then the current one
729                if ($post_id <= $post_data['topic_first_post_id'] || $post_data['post_time'] <= $post_data['topic_time'])
730                {
731                    $topic_info[$topic_id]['first_post'] = true;
732                }
733
734                // Refresh the last post, if the time or id is newer then the current one
735                if ($post_id >= $post_data['topic_last_post_id'] || $post_data['post_time'] >= $post_data['topic_last_post_time'])
736                {
737                    $topic_info[$topic_id]['last_post'] = true;
738                }
739
740                $post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$post_data['post_id']}") . '#p' . $post_data['post_id'];
741
742                $approve_log[] = array(
743                    'forum_id'        => $post_data['forum_id'],
744                    'topic_id'        => $post_data['topic_id'],
745                    'post_id'        => $post_id,
746                    'post_subject'    => $post_data['post_subject'],
747                );
748            }
749
750            /* @var $phpbb_content_visibility \phpbb\content_visibility */
751            $phpbb_content_visibility = $phpbb_container->get('content.visibility');
752            foreach ($topic_info as $topic_id => $topic_data)
753            {
754                $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $topic_data['posts'], $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '', isset($topic_data['first_post']), isset($topic_data['last_post']));
755            }
756
757            foreach ($approve_log as $log_data)
758            {
759                $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_' . strtoupper($action) . 'D', false, array(
760                    'forum_id' => $log_data['forum_id'],
761                    'topic_id' => $log_data['topic_id'],
762                    'post_id'  => $log_data['post_id'],
763                    $log_data['post_subject']
764                ));
765            }
766
767            // Only send out the mails, when the posts are being approved
768            if ($action == 'approve')
769            {
770                /* @var $phpbb_notifications \phpbb\notification\manager */
771                $phpbb_notifications = $phpbb_container->get('notification_manager');
772
773                // Handle notifications
774                foreach ($post_info as $post_id => $post_data)
775                {
776                    // A single topic approval may also happen here, so handle deleting the respective notification.
777                    if (!$post_data['topic_posts_approved'])
778                    {
779                        $phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
780
781                        if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
782                        {
783                            $phpbb_notifications->add_notifications(array('notification.type.topic'), $post_data);
784                        }
785                        if ($post_data['post_visibility'] != ITEM_APPROVED)
786                        {
787                            $num_topics++;
788                        }
789                    }
790                    else
791                    {
792                        // Only add notifications, if we are not reapproving post
793                        // When the topic was already approved, but was edited and
794                        // now needs re-approval, we don't want to notify the users
795                        // again.
796                        if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
797                        {
798                            $phpbb_notifications->add_notifications(array(
799                                'notification.type.bookmark',
800                                'notification.type.post',
801                            ), $post_data);
802                        }
803                    }
804                    $phpbb_notifications->add_notifications(array(
805                        'notification.type.mention',
806                        'notification.type.quote',
807                    ), $post_data);
808                    $phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
809
810                    $phpbb_notifications->mark_notifications(array(
811                        'notification.type.mention',
812                        'notification.type.quote',
813                        'notification.type.bookmark',
814                        'notification.type.post',
815                    ), $post_data['post_id'], $user->data['user_id']);
816
817                    // Notify Poster?
818                    if ($notify_poster)
819                    {
820                        if ($post_data['poster_id'] == ANONYMOUS)
821                        {
822                            continue;
823                        }
824
825                        if (!$post_data['topic_posts_approved'])
826                        {
827                            $phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data);
828                        }
829                        else
830                        {
831                            $phpbb_notifications->add_notifications('notification.type.approve_post', $post_data);
832                        }
833                    }
834                }
835            }
836
837            if ($num_topics >= 1)
838            {
839                $success_msg = ($num_topics == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
840            }
841            else
842            {
843                $success_msg = (count($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS';
844            }
845
846            /**
847             * Perform additional actions during post(s) approval
848             *
849             * @event core.approve_posts_after
850             * @var    string    action                Variable containing the action we perform on the posts ('approve' or 'restore')
851             * @var    array    post_info            Array containing info for all posts being approved
852             * @var    array    topic_info            Array containing info for all parent topics of the posts
853             * @var    int        num_topics            Variable containing number of topics
854             * @var bool    notify_poster        Variable telling if the post should be notified or not
855             * @var    string    success_msg            Variable containing the language key for the success message
856             * @var string    redirect            Variable containing the redirect url
857             * @since 3.1.4-RC1
858             */
859            $vars = array(
860                'action',
861                'post_info',
862                'topic_info',
863                'num_topics',
864                'notify_poster',
865                'success_msg',
866                'redirect',
867            );
868            extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars)));
869
870            meta_refresh(3, $redirect);
871            $message = $user->lang[$success_msg];
872
873            if ($request->is_ajax())
874            {
875                $json_response = new \phpbb\json_response;
876                $json_response->send(array(
877                    'MESSAGE_TITLE'        => $user->lang['INFORMATION'],
878                    'MESSAGE_TEXT'        => $message,
879                    'REFRESH_DATA'        => null,
880                    'visible'            => true,
881                ));
882            }
883            $message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
884
885            // If approving one post, also give links back to post...
886            if (count($post_info) == 1 && $post_url)
887            {
888                $message .= '<br /><br />' . $user->lang('RETURN_POST', '<a href="' . $post_url . '">', '</a>');
889            }
890            trigger_error($message);
891        }
892        else
893        {
894            $show_notify = false;
895
896            if ($action == 'approve')
897            {
898                foreach ($post_info as $post_data)
899                {
900                    if (!$post_data['topic_posts_approved'])
901                    {
902                        $num_topics++;
903                    }
904
905                    if (!$show_notify && $post_data['poster_id'] != ANONYMOUS)
906                    {
907                        $show_notify = true;
908                    }
909                }
910            }
911
912            $template->assign_vars(array(
913                'S_NOTIFY_POSTER'            => $show_notify,
914                'S_' . strtoupper($action)    => true,
915            ));
916
917            // Create the confirm box message
918            $action_msg = strtoupper($action);
919            $num_posts = count($post_id_list) - $num_topics;
920            if ($num_topics > 0 && $num_posts <= 0)
921            {
922                $action_msg .= '_TOPIC' . (($num_topics == 1) ? '' : 'S');
923            }
924            else
925            {
926                $action_msg .= '_POST' . ((count($post_id_list) == 1) ? '' : 'S');
927            }
928            confirm_box(false, $action_msg, $s_hidden_fields, 'mcp_approve.html');
929        }
930
931        redirect($redirect);
932    }
933
934    /**
935    * Approve/Restore topics
936    *
937    * @param $action        string    Action we perform on the posts ('approve' or 'restore')
938    * @param $topic_id_list    array    IDs of the topics to approve/restore
939    * @param $id            mixed    Category of the current active module
940    * @param $mode            string    Active module
941    * @return void|never
942    */
943    public static function approve_topics($action, $topic_id_list, $id, $mode)
944    {
945        global $db, $template, $user, $phpbb_log;
946        global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher;
947
948        if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
949        {
950            send_status_line(403, 'Forbidden');
951            trigger_error('NOT_AUTHORISED');
952        }
953
954        $redirect = $request->variable('redirect', build_url(array('quickmod')));
955        $redirect = reapply_sid($redirect);
956        $success_msg = $topic_url = '';
957        $approve_log = array();
958
959        $s_hidden_fields = build_hidden_fields(array(
960            'i'                => $id,
961            'mode'            => $mode,
962            'topic_id_list'    => $topic_id_list,
963            'action'        => $action,
964            'redirect'        => $redirect,
965        ));
966
967        $topic_info = phpbb_get_topic_data($topic_id_list, 'm_approve');
968
969        if (confirm_box(true))
970        {
971            $notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster'])) ? true : false;
972
973            /* @var $phpbb_content_visibility \phpbb\content_visibility */
974            $phpbb_content_visibility = $phpbb_container->get('content.visibility');
975            $first_post_ids = array();
976
977            foreach ($topic_info as $topic_id => $topic_data)
978            {
979                $phpbb_content_visibility->set_topic_visibility(ITEM_APPROVED, $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '');
980                $first_post_ids[$topic_id] = (int) $topic_data['topic_first_post_id'];
981
982                $topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$topic_id}");
983
984                $approve_log[] = array(
985                    'forum_id'        => $topic_data['forum_id'],
986                    'topic_id'        => $topic_data['topic_id'],
987                    'topic_title'    => $topic_data['topic_title'],
988                );
989            }
990
991            if (count($topic_info) >= 1)
992            {
993                $success_msg = (count($topic_info) == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
994            }
995
996            foreach ($approve_log as $log_data)
997            {
998                $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_TOPIC_' . strtoupper($action) . 'D', false, array(
999                    'forum_id' => $log_data['forum_id'],
1000                    'topic_id' => $log_data['topic_id'],
1001                    $log_data['topic_title']
1002                ));
1003            }
1004
1005            // Only send out the mails, when the posts are being approved
1006            if ($action == 'approve')
1007            {
1008                // Grab the first post text as it's needed for the quote notification.
1009                $sql = 'SELECT topic_id, post_text
1010                    FROM ' . POSTS_TABLE . '
1011                    WHERE ' . $db->sql_in_set('post_id', $first_post_ids);
1012                $result = $db->sql_query($sql);
1013
1014                while ($row = $db->sql_fetchrow($result))
1015                {
1016                    $topic_info[$row['topic_id']]['post_text'] = $row['post_text'];
1017                }
1018                $db->sql_freeresult($result);
1019
1020                // Handle notifications
1021                /* @var $phpbb_notifications \phpbb\notification\manager */
1022                $phpbb_notifications = $phpbb_container->get('notification_manager');
1023
1024                foreach ($topic_info as $topic_id => $topic_data)
1025                {
1026                    $topic_data = array_merge($topic_data, array(
1027                        'post_id'        => $topic_data['topic_first_post_id'],
1028                        'post_subject'    => $topic_data['topic_title'],
1029                        'post_time'        => $topic_data['topic_time'],
1030                        'poster_id'        => $topic_data['topic_poster'],
1031                        'post_username'    => $topic_data['topic_first_poster_name'],
1032                    ));
1033
1034                    $phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $topic_id);
1035
1036                    // Only add notifications, if we are not reapproving post
1037                    // When the topic was already approved, but was edited and
1038                    // now needs re-approval, we don't want to notify the users
1039                    // again.
1040                    if ($topic_data['topic_visibility'] == ITEM_UNAPPROVED)
1041                    {
1042                        $phpbb_notifications->add_notifications(array(
1043                            'notification.type.mention',
1044                            'notification.type.quote',
1045                            'notification.type.topic',
1046                        ), $topic_data);
1047                    }
1048
1049                    $phpbb_notifications->mark_notifications(array('mention', 'quote'), $topic_data['post_id'], $user->data['user_id']);
1050                    $phpbb_notifications->mark_notifications('topic', $topic_id, $user->data['user_id']);
1051
1052                    if ($notify_poster)
1053                    {
1054                        $phpbb_notifications->add_notifications('notification.type.approve_topic', $topic_data);
1055                    }
1056                }
1057            }
1058
1059            /**
1060             * Perform additional actions during topics(s) approval
1061             *
1062             * @event core.approve_topics_after
1063             * @var    string    action                Variable containing the action we perform on the posts ('approve' or 'restore')
1064             * @var    mixed    topic_info            Array containing info for all topics being approved
1065             * @var    array    first_post_ids        Array containing ids of all first posts
1066             * @var bool    notify_poster        Variable telling if the poster should be notified or not
1067             * @var    string    success_msg            Variable containing the language key for the success message
1068             * @var string    redirect            Variable containing the redirect url
1069             * @since 3.1.4-RC1
1070             */
1071            $vars = array(
1072                'action',
1073                'topic_info',
1074                'first_post_ids',
1075                'notify_poster',
1076                'success_msg',
1077                'redirect',
1078            );
1079            extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars)));
1080
1081            meta_refresh(3, $redirect);
1082            $message = $user->lang[$success_msg];
1083
1084            if ($request->is_ajax())
1085            {
1086                $json_response = new \phpbb\json_response;
1087                $json_response->send(array(
1088                    'MESSAGE_TITLE'        => $user->lang['INFORMATION'],
1089                    'MESSAGE_TEXT'        => $message,
1090                    'REFRESH_DATA'        => null,
1091                    'visible'            => true,
1092                ));
1093            }
1094            $message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1095
1096            // If approving one topic, also give links back to topic...
1097            if (count($topic_info) == 1 && $topic_url)
1098            {
1099                $message .= '<br /><br />' . $user->lang('RETURN_TOPIC', '<a href="' . $topic_url . '">', '</a>');
1100            }
1101            trigger_error($message);
1102        }
1103        else
1104        {
1105            $show_notify = false;
1106
1107            if ($action == 'approve')
1108            {
1109                foreach ($topic_info as $topic_data)
1110                {
1111                    if ($topic_data['topic_poster'] == ANONYMOUS)
1112                    {
1113                        continue;
1114                    }
1115                    else
1116                    {
1117                        $show_notify = true;
1118                        break;
1119                    }
1120                }
1121            }
1122
1123            $template->assign_vars(array(
1124                'S_NOTIFY_POSTER'            => $show_notify,
1125                'S_' . strtoupper($action)    => true,
1126            ));
1127
1128            confirm_box(false, strtoupper($action) . '_TOPIC' . ((count($topic_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
1129        }
1130
1131        redirect($redirect);
1132    }
1133
1134    /**
1135    * Disapprove Post
1136    *
1137    * @param $post_id_list    array    IDs of the posts to disapprove/delete
1138    * @param $id            mixed    Category of the current active module
1139    * @param $mode            string    Active module
1140    * @return void|never
1141    */
1142    public static function disapprove_posts($post_id_list, $id, $mode)
1143    {
1144        global $db, $template, $user, $phpbb_container, $phpbb_dispatcher;
1145        global $phpEx, $phpbb_root_path, $request, $phpbb_log;
1146
1147        if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
1148        {
1149            send_status_line(403, 'Forbidden');
1150            trigger_error('NOT_AUTHORISED');
1151        }
1152
1153        $redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&amp;mode=$mode");
1154        $redirect = reapply_sid($redirect);
1155        $reason = $request->variable('reason', '', true);
1156        $reason_id = $request->variable('reason_id', 0);
1157        $additional_msg = '';
1158
1159        $s_hidden_fields = build_hidden_fields(array(
1160            'i'                => $id,
1161            'mode'            => $mode,
1162            'post_id_list'    => $post_id_list,
1163            'action'        => 'disapprove',
1164            'redirect'        => $redirect,
1165        ));
1166
1167        $notify_poster = $request->is_set('notify_poster');
1168        $disapprove_reason = '';
1169
1170        if ($reason_id)
1171        {
1172            $sql = 'SELECT reason_title, reason_description
1173                FROM ' . REPORTS_REASONS_TABLE . "
1174                WHERE reason_id = $reason_id";
1175            $result = $db->sql_query($sql);
1176            $row = $db->sql_fetchrow($result);
1177            $db->sql_freeresult($result);
1178
1179            if (!$row || (!$reason && strtolower($row['reason_title']) == 'other'))
1180            {
1181                $additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
1182
1183                $request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
1184                $request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST);
1185                $request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST);
1186            }
1187            else
1188            {
1189                // If the reason is defined within the language file, we will use the localized version, else just use the database entry...
1190                $disapprove_reason = (strtolower($row['reason_title']) != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : '';
1191                $disapprove_reason .= ($reason) ? "\n\n" . $reason : '';
1192
1193                if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
1194                {
1195                    $disapprove_reason_lang = strtoupper($row['reason_title']);
1196                }
1197            }
1198        }
1199
1200        $post_info = phpbb_get_post_data($post_id_list, 'm_approve');
1201
1202        $is_disapproving = false;
1203        foreach ($post_info as $post_id => $post_data)
1204        {
1205            if ($post_data['post_visibility'] == ITEM_DELETED)
1206            {
1207                continue;
1208            }
1209
1210            $is_disapproving = true;
1211        }
1212
1213        if (confirm_box(true))
1214        {
1215            $disapprove_log_topics = $disapprove_log_posts = array();
1216            $topic_posts_unapproved = $post_disapprove_list = $topic_information = array();
1217
1218            // Build a list of posts to be disapproved and get the related topics real replies count
1219            foreach ($post_info as $post_id => $post_data)
1220            {
1221                if ($mode === 'unapproved_topics' && $post_data['post_visibility'] == ITEM_APPROVED)
1222                {
1223                    continue;
1224                }
1225
1226                $post_disapprove_list[$post_id] = $post_data['topic_id'];
1227                if (!isset($topic_posts_unapproved[$post_data['topic_id']]))
1228                {
1229                    $topic_information[$post_data['topic_id']] = $post_data;
1230                    $topic_posts_unapproved[$post_data['topic_id']] = 0;
1231                }
1232                $topic_posts_unapproved[$post_data['topic_id']]++;
1233            }
1234
1235            // Do not try to disapprove if no posts are selected
1236            if (empty($post_disapprove_list))
1237            {
1238                trigger_error('NO_POST_SELECTED');
1239            }
1240
1241            // Now we build the log array
1242            foreach ($post_disapprove_list as $post_id => $topic_id)
1243            {
1244                // If the count of disapproved posts for the topic is equal
1245                // to the number of unapproved posts in the topic, and there are no different
1246                // posts, we disapprove the hole topic
1247                if ($topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1248                    $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1249                    $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id])
1250                {
1251                    // Don't write the log more than once for every topic
1252                    if (!isset($disapprove_log_topics[$topic_id]))
1253                    {
1254                        // Build disapproved topics log
1255                        $disapprove_log_topics[$topic_id] = array(
1256                            'type'            => 'topic',
1257                            'post_subject'    => $post_info[$post_id]['topic_title'],
1258                            'forum_id'        => $post_info[$post_id]['forum_id'],
1259                            'topic_id'        => 0, // useless to log a topic id, as it will be deleted
1260                            'post_username'    => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1261                        );
1262                    }
1263                }
1264                else
1265                {
1266                    // Build disapproved posts log
1267                    $disapprove_log_posts[] = array(
1268                        'type'            => 'post',
1269                        'post_subject'    => $post_info[$post_id]['post_subject'],
1270                        'forum_id'        => $post_info[$post_id]['forum_id'],
1271                        'topic_id'        => $post_info[$post_id]['topic_id'],
1272                        'post_username'    => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1273                    );
1274
1275                }
1276            }
1277
1278            // Get disapproved posts/topics counts separately
1279            $num_disapproved_topics = count($disapprove_log_topics);
1280            $num_disapproved_posts = count($disapprove_log_posts);
1281
1282            // Build the whole log
1283            $disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts);
1284
1285            // Unset unneeded arrays
1286            unset($post_data, $disapprove_log_topics, $disapprove_log_posts);
1287
1288            // Let's do the job - delete disapproved posts
1289            if (count($post_disapprove_list))
1290            {
1291                if (!function_exists('delete_posts'))
1292                {
1293                    include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1294                }
1295
1296                // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
1297                // Note: function delete_posts triggers related forums/topics sync,
1298                // so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually
1299                delete_posts('post_id', array_keys($post_disapprove_list));
1300
1301                foreach ($disapprove_log as $log_data)
1302                {
1303                    if ($is_disapproving)
1304                    {
1305                        $l_log_message = ($log_data['type'] == 'topic') ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED';
1306                        $phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1307                            'forum_id' => $log_data['forum_id'],
1308                            'topic_id' => $log_data['topic_id'],
1309                            $log_data['post_subject'],
1310                            $disapprove_reason,
1311                            $log_data['post_username']
1312                        ));
1313                    }
1314                    else
1315                    {
1316                        $l_log_message = ($log_data['type'] == 'topic') ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST';
1317                        $phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1318                            'forum_id' => $log_data['forum_id'],
1319                            'topic_id' => $log_data['topic_id'],
1320                            $log_data['post_subject'],
1321                            $log_data['post_username']
1322                        ));
1323                    }
1324                }
1325            }
1326
1327            /* @var $phpbb_notifications \phpbb\notification\manager */
1328            $phpbb_notifications = $phpbb_container->get('notification_manager');
1329
1330            $lang_reasons = array();
1331
1332            foreach ($post_info as $post_id => $post_data)
1333            {
1334                $disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1335                    $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1336                    $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id];
1337
1338                $phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
1339
1340                // Do we disapprove the whole topic? Remove potential notifications
1341                if ($disapprove_all_posts_in_topic)
1342                {
1343                    $phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
1344                }
1345
1346                // Notify Poster?
1347                if ($notify_poster)
1348                {
1349                    if ($post_data['poster_id'] == ANONYMOUS)
1350                    {
1351                        continue;
1352                    }
1353
1354                    $post_data['disapprove_reason'] = $disapprove_reason;
1355                    if (isset($disapprove_reason_lang))
1356                    {
1357                        // Okay we need to get the reason from the posters language
1358                        if (!isset($lang_reasons[$post_data['user_lang']]))
1359                        {
1360                            // Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity.
1361                            $lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1362
1363                            // Only load up the language pack if the language is different to the current one
1364                            if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx))
1365                            {
1366                                // Load up the language pack
1367                                $lang = array();
1368                                @include($phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx);
1369
1370                                // If we find the reason in this language pack use it
1371                                if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]))
1372                                {
1373                                    $lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1374                                }
1375
1376                                unset($lang); // Free memory
1377                            }
1378                        }
1379
1380                        $post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']];
1381                        $post_data['disapprove_reason'] .= ($reason) ? "\n\n" . $reason : '';
1382                    }
1383
1384                    if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1)
1385                    {
1386                        // If there is only 1 post when disapproving the topic,
1387                        // we send the user a "disapprove topic" notification...
1388                        $phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data);
1389                    }
1390                    else
1391                    {
1392                        // ... otherwise there are multiple unapproved posts and
1393                        // all of them are disapproved as posts.
1394                        $phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data);
1395                    }
1396                }
1397            }
1398
1399            if ($num_disapproved_topics)
1400            {
1401                $success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS';
1402            }
1403            else
1404            {
1405                $success_msg = ($num_disapproved_posts == 1) ? 'POST' : 'POSTS';
1406            }
1407
1408            if ($is_disapproving)
1409            {
1410                $success_msg .= '_DISAPPROVED_SUCCESS';
1411            }
1412            else
1413            {
1414                $success_msg .= '_DELETED_SUCCESS';
1415            }
1416
1417            // If we came from viewtopic, we try to go back to it.
1418            if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0)
1419            {
1420                if ($num_disapproved_topics == 0)
1421                {
1422                    // So we need to remove the post id part from the Url
1423                    $redirect = str_replace("&amp;p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect);
1424                }
1425                else
1426                {
1427                    // However this is only possible if the topic still exists,
1428                    // Otherwise we go back to the viewforum page
1429                    $redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $post_data['forum_id']);
1430                }
1431            }
1432
1433            $disapprove_reason_lang = $disapprove_reason_lang ?? '';
1434
1435            /**
1436             * Perform additional actions during post(s) disapproval
1437             *
1438             * @event core.disapprove_posts_after
1439             * @var    array    post_info                    Array containing info for all posts being disapproved
1440             * @var    array    topic_information            Array containing information for the topics
1441             * @var    array    topic_posts_unapproved        Array containing list of topic ids and the count of disapproved posts in them
1442             * @var    array    post_disapprove_list        Array containing list of posts and their topic id
1443             * @var    int        num_disapproved_topics        Variable containing the number of disapproved topics
1444             * @var    int        num_disapproved_posts        Variable containing the number of disapproved posts
1445             * @var array    lang_reasons                Array containing the language keys for reasons
1446             * @var    string    disapprove_reason            Variable containing the language key for the success message
1447             * @var    string    disapprove_reason_lang        Variable containing the language key for the success message
1448             * @var bool    is_disapproving                Variable telling if anything is going to be disapproved
1449             * @var bool    notify_poster                Variable telling if the post should be notified or not
1450             * @var    string    success_msg                    Variable containing the language key for the success message
1451             * @var string    redirect                    Variable containing the redirect url
1452             * @since 3.1.4-RC1
1453             */
1454            $vars = array(
1455                'post_info',
1456                'topic_information',
1457                'topic_posts_unapproved',
1458                'post_disapprove_list',
1459                'num_disapproved_topics',
1460                'num_disapproved_posts',
1461                'lang_reasons',
1462                'disapprove_reason',
1463                'disapprove_reason_lang',
1464                'is_disapproving',
1465                'notify_poster',
1466                'success_msg',
1467                'redirect',
1468            );
1469            extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
1470
1471            unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
1472
1473            meta_refresh(3, $redirect);
1474            $message = $user->lang[$success_msg];
1475
1476            if ($request->is_ajax())
1477            {
1478                $json_response = new \phpbb\json_response;
1479                $json_response->send(array(
1480                    'MESSAGE_TITLE'        => $user->lang['INFORMATION'],
1481                    'MESSAGE_TEXT'        => $message,
1482                    'REFRESH_DATA'        => null,
1483                    'visible'            => false,
1484                ));
1485            }
1486            $message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1487            trigger_error($message);
1488        }
1489        else
1490        {
1491            $show_notify = false;
1492
1493            foreach ($post_info as $post_data)
1494            {
1495                if ($post_data['poster_id'] == ANONYMOUS)
1496                {
1497                    continue;
1498                }
1499                else
1500                {
1501                    $show_notify = true;
1502                    break;
1503                }
1504            }
1505
1506            $l_confirm_msg = 'DISAPPROVE_POST';
1507            $confirm_template = 'mcp_approve.html';
1508            if ($is_disapproving)
1509            {
1510                $phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
1511            }
1512            else
1513            {
1514                $user->add_lang('posting');
1515
1516                $l_confirm_msg = 'DELETE_POST_PERMANENTLY';
1517                $confirm_template = 'confirm_delete_body.html';
1518            }
1519            $l_confirm_msg .= ((count($post_id_list) == 1) ? '' : 'S');
1520
1521            $template->assign_vars(array(
1522                'S_NOTIFY_POSTER'    => $show_notify,
1523                'S_APPROVE'            => false,
1524                'REASON'            => ($is_disapproving) ? $reason : '',
1525                'ADDITIONAL_MSG'    => $additional_msg,
1526            ));
1527
1528            confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template);
1529        }
1530
1531        redirect($redirect);
1532    }
1533}