Code Coverage for /data/phpBB/includes/mcp/mcp

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 759	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 1
mcp_queue	0.00% covered (danger)	0.00%	0 / 757	0.00% covered (danger)	0.00%	0 / 5	43890	0.00% covered (danger)	0.00%	0 / 1
__construct	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
main	0.00% covered (danger)	0.00%	0 / 343	0.00% covered (danger)	0.00%	0 / 1	8556
approve_posts	0.00% covered (danger)	0.00%	0 / 124	0.00% covered (danger)	0.00%	0 / 1	1332
approve_topics	0.00% covered (danger)	0.00%	0 / 102	0.00% covered (danger)	0.00%	0 / 1	462
disapprove_posts	0.00% covered (danger)	0.00%	0 / 187	0.00% covered (danger)	0.00%	0 / 1	3540

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* mcp_queue
24	* Handling the moderation queue
25	*/
26	class mcp_queue
27	{
28	var $p_master;
29	var $u_action;
30
31	public function __construct($p_master)
32	{
33	$this->p_master = $p_master;
34	}
35
36	public function main($id, $mode)
37	{
38	global $auth, $db, $user, $template, $request;
39	global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
40	global $phpbb_dispatcher;
41
42	include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
43
44	$forum_id = $request->variable('f', 0);
45	$start = $request->variable('start', 0);
46
47	$this->page_title = 'MCP_QUEUE';
48
49	switch ($action)
50	{
51	case 'approve':
52	case 'restore':
53	include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
54
55	$post_id_list = $request->variable('post_id_list', array(0));
56	$topic_id_list = $request->variable('topic_id_list', array(0));
57
58	if (!empty($post_id_list))
59	{
60	self::approve_posts($action, $post_id_list, 'queue', $mode);
61	}
62	else if (!empty($topic_id_list))
63	{
64	self::approve_topics($action, $topic_id_list, 'queue', $mode);
65	}
66	else
67	{
68	trigger_error('NO_POST_SELECTED');
69	}
70	break;
71
72	case 'delete':
73	$post_id_list = $request->variable('post_id_list', array(0));
74	$topic_id_list = $request->variable('topic_id_list', array(0));
75	$delete_reason = $request->variable('delete_reason', '', true);
76
77	if (!empty($post_id_list))
78	{
79	if (!function_exists('mcp_delete_post'))
80	{
81	global $phpbb_root_path, $phpEx;
82	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
83	}
84	mcp_delete_post($post_id_list, false, $delete_reason, $action);
85	}
86	else if (!empty($topic_id_list))
87	{
88	if (!function_exists('mcp_delete_topic'))
89	{
90	global $phpbb_root_path, $phpEx;
91	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
92	}
93	mcp_delete_topic($topic_id_list, false, $delete_reason, $action);
94	}
95	else
96	{
97	trigger_error('NO_POST_SELECTED');
98	}
99	break;
100
101	case 'disapprove':
102	$post_id_list = $request->variable('post_id_list', array(0));
103	$topic_id_list = $request->variable('topic_id_list', array(0));
104
105	if (!empty($topic_id_list) && $mode == 'deleted_topics')
106	{
107	if (!function_exists('mcp_delete_topic'))
108	{
109	global $phpbb_root_path, $phpEx;
110	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
111	}
112	mcp_delete_topic($topic_id_list, false, '', 'disapprove');
113	return;
114	}
115
116	if (!class_exists('messenger'))
117	{
118	include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
119	}
120
121	if (!empty($topic_id_list))
122	{
123	$post_visibility = ($mode == 'deleted_topics') ? ITEM_DELETED : array(ITEM_UNAPPROVED, ITEM_REAPPROVE);
124	$sql = 'SELECT post_id
125	FROM ' . POSTS_TABLE . '
126	WHERE ' . $db->sql_in_set('post_visibility', $post_visibility) . '
127	AND ' . $db->sql_in_set('topic_id', $topic_id_list);
128	$result = $db->sql_query($sql);
129
130	$post_id_list = array();
131	while ($row = $db->sql_fetchrow($result))
132	{
133	$post_id_list[] = (int) $row['post_id'];
134	}
135	$db->sql_freeresult($result);
136	}
137
138	if (!empty($post_id_list))
139	{
140	self::disapprove_posts($post_id_list, 'queue', $mode);
141	}
142	else
143	{
144	trigger_error('NO_POST_SELECTED');
145	}
146	break;
147	}
148
149	switch ($mode)
150	{
151	case 'approve_details':
152
153	$this->tpl_name = 'mcp_post';
154
155	$user->add_lang(array('posting', 'viewtopic'));
156
157	$post_id = $request->variable('p', 0);
158	$topic_id = $request->variable('t', 0);
159	$topic_info = [];
160
161	/* @var $phpbb_notifications \phpbb\notification\manager */
162	$phpbb_notifications = $phpbb_container->get('notification_manager');
163
164	if ($topic_id)
165	{
166	$topic_info = phpbb_get_topic_data(array($topic_id), 'm_approve');
167	if (isset($topic_info[$topic_id]['topic_first_post_id']))
168	{
169	$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
170
171	$phpbb_notifications->mark_notifications('topic_in_queue', $topic_id, $user->data['user_id']);
172	}
173	else
174	{
175	$topic_id = 0;
176	}
177	}
178
179	$phpbb_notifications->mark_notifications('post_in_queue', $post_id, $user->data['user_id']);
180
181	$post_info = phpbb_get_post_data(array($post_id), 'm_approve', true);
182
183	if (!count($post_info))
184	{
185	trigger_error('NO_POST_SELECTED');
186	}
187
188	$post_info = $post_info[$post_id];
189
190	if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
191	{
192	$template->assign_vars(array(
193	'S_TOPIC_REVIEW' => true,
194	'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'],
195	'TOPIC_TITLE' => $post_info['topic_title'],
196	));
197	}
198
199	$attachments = $topic_tracking_info = array();
200
201	// Get topic tracking info
202	if ($config['load_db_lastread'])
203	{
204	$tmp_topic_data = array($post_info['topic_id'] => $post_info);
205	$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
206	unset($tmp_topic_data);
207	}
208	else
209	{
210	$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
211	}
212
213	$post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
214
215	// Process message, leave it uncensored
216	$parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
217	$message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
218
219	if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
220	{
221	$sql = 'SELECT *
222	FROM ' . ATTACHMENTS_TABLE . '
223	WHERE post_msg_id = ' . $post_id . '
224	AND in_message = 0
225	ORDER BY filetime DESC, post_msg_id ASC';
226	$result = $db->sql_query($sql);
227
228	while ($row = $db->sql_fetchrow($result))
229	{
230	$attachments[] = $row;
231	}
232	$db->sql_freeresult($result);
233
234	if (count($attachments))
235	{
236	$update_count = array();
237	parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
238	}
239
240	// Display not already displayed Attachments for this post, we already parsed them. ;)
241	if (!empty($attachments))
242	{
243	$template->assign_var('S_HAS_ATTACHMENTS', true);
244
245	foreach ($attachments as $attachment)
246	{
247	$template->assign_block_vars('attachment', array(
248	'DISPLAY_ATTACHMENT' => $attachment,
249	));
250	}
251	}
252	}
253
254	// Deleting information
255	if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user'])
256	{
257	// User having deleted the post also being the post author?
258	if (!$post_info['post_delete_user'] \|\| $post_info['post_delete_user'] == $post_info['poster_id'])
259	{
260	$display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
261	}
262	else
263	{
264	$sql = 'SELECT u.user_id, u.username, u.user_colour
265	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
266	WHERE p.post_id = ' . $post_info['post_id'] . '
267	AND p.post_delete_user = u.user_id';
268	$result = $db->sql_query($sql);
269	$post_delete_userinfo = $db->sql_fetchrow($result);
270	$db->sql_freeresult($result);
271	$display_username = get_username_string('full', $post_info['post_delete_user'], $post_delete_userinfo['username'], $post_delete_userinfo['user_colour']);
272	}
273
274	$l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
275	}
276	else
277	{
278	$l_deleted_by = '';
279	}
280
281	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
282	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $post_info['topic_id']);
283
284	$post_data = array(
285	'S_MCP_QUEUE' => true,
286	'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id"),
287	'S_CAN_APPROVE' => $auth->acl_get('m_approve', $post_info['forum_id']),
288	'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']),
289	'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
290	'S_POST_REPORTED' => $post_info['post_reported'],
291	'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED \|\| $post_info['post_visibility'] == ITEM_REAPPROVE,
292	'S_POST_LOCKED' => $post_info['post_edit_locked'],
293	'S_USER_NOTES' => true,
294	'S_POST_DELETED' => ($post_info['post_visibility'] == ITEM_DELETED),
295	'DELETED_MESSAGE' => $l_deleted_by,
296	'DELETE_REASON' => $post_info['post_delete_reason'],
297
298	'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&p={$post_info['post_id']}") : '',
299	'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&p=' . $post_id),
300	'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&p=' . $post_id),
301	'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
302	'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
303	'U_VIEW_POST' => $post_url,
304	'U_VIEW_TOPIC' => $topic_url,
305
306	'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
307
308	'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue' . (($topic_id) ? '&mode=unapproved_topics' : '&mode=unapproved_posts')) . '&start=' . $start . '">', '</a>'),
309	'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'),
310	'RETURN_TOPIC_SIMPLE' => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'),
311	'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
312	'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
313	'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
314
315	'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
316	'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
317	'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
318	'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
319
320	'POST_PREVIEW' => $message,
321	'POST_SUBJECT' => $post_info['post_subject'],
322	'POST_DATE' => $user->format_date($post_info['post_time']),
323	'POST_IP' => $post_info['poster_ip'],
324	'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && $request->variable('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
325	'POST_ID' => $post_info['post_id'],
326	'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id),
327
328	'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : '',
329	);
330
331	/**
332	* Alter post awaiting approval template before it is rendered
333	*
334	* @event core.mcp_queue_approve_details_template
335	* @var int post_id Post ID
336	* @var int topic_id Topic ID
337	* @var array topic_info Topic data
338	* @var array post_info Post data
339	* @var array post_data Post template data
340	* @var string message Post message
341	* @var string post_url Post URL
342	* @var string topic_url Topic URL
343	* @since 3.2.2-RC1
344	*/
345	$vars = array(
346	'post_id',
347	'topic_id',
348	'topic_info',
349	'post_info',
350	'post_data',
351	'message',
352	'post_url',
353	'topic_url',
354	);
355	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_approve_details_template', compact($vars)));
356
357	$template->assign_vars($post_data);
358
359	break;
360
361	case 'unapproved_topics':
362	case 'unapproved_posts':
363	case 'deleted_topics':
364	case 'deleted_posts':
365	$m_perm = 'm_approve';
366	$is_topics = ($mode == 'unapproved_topics' \|\| $mode == 'deleted_topics') ? true : false;
367	$is_restore = ($mode == 'deleted_posts' \|\| $mode == 'deleted_topics') ? true : false;
368	$visibility_const = (!$is_restore) ? array(ITEM_UNAPPROVED, ITEM_REAPPROVE) : ITEM_DELETED;
369
370	$user->add_lang(array('viewtopic', 'viewforum'));
371
372	$topic_id = $request->variable('t', 0);
373
374	// If 'sort' is set, "Go" was pressed which is located behind the forums <select> box
375	// Then, unset the topic id so it does not override the forum id
376	$topic_id = $request->is_set_post('sort') ? 0 : $topic_id;
377
378	if ($topic_id)
379	{
380	$topic_info = phpbb_get_topic_data(array($topic_id));
381
382	if (!count($topic_info))
383	{
384	trigger_error('TOPIC_NOT_EXIST');
385	}
386
387	$topic_info = $topic_info[$topic_id];
388	$forum_id = $topic_info['forum_id'];
389	}
390
391	$forum_list_approve = get_forum_list($m_perm, false, true);
392	$forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
393
394	// Remove forums we cannot read
395	foreach ($forum_list_approve as $k => $forum_data)
396	{
397	if (!isset($forum_list_read[$forum_data['forum_id']]))
398	{
399	unset($forum_list_approve[$k]);
400	}
401	}
402	unset($forum_list_read);
403
404	if (!$forum_id)
405	{
406	$forum_list = array();
407	foreach ($forum_list_approve as $row)
408	{
409	$forum_list[] = $row['forum_id'];
410	}
411
412	if (!count($forum_list))
413	{
414	trigger_error('NOT_MODERATOR');
415	}
416	}
417	else
418	{
419	$forum_info = phpbb_get_forum_data(array($forum_id), $m_perm);
420
421	if (!count($forum_info))
422	{
423	trigger_error('NOT_MODERATOR');
424	}
425
426	$forum_list = $forum_id;
427	}
428
429	$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
430	foreach ($forum_list_approve as $row)
431	{
432	$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('   ', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
433	}
434
435	$sort_days = $total = 0;
436	$sort_key = $sort_dir = '';
437	$sort_by_sql = $sort_order_sql = array();
438	phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
439
440	$limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
441
442	$forum_names = array();
443
444	if (!$is_topics)
445	{
446	$sql = 'SELECT p.post_id
447	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . '
448	WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . '
449	AND ' . $db->sql_in_set('p.post_visibility', $visibility_const) . '
450	' . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
451	' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
452	AND t.topic_id = p.topic_id
453	AND (t.topic_visibility <> p.post_visibility
454	OR t.topic_delete_user = 0)
455	$limit_time_sql
456	ORDER BY $sort_order_sql";
457
458	/**
459	* Alter sql query to get posts in queue to be accepted
460	*
461	* @event core.mcp_queue_get_posts_query_before
462	* @var string sql Associative array with the query to be executed
463	* @var array forum_list List of forums that contain the posts
464	* @var int visibility_const Integer with one of the possible ITEM_* constant values
465	* @var int topic_id If topic_id not equal to 0, the topic id to filter the posts to display
466	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
467	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
468	* @since 3.1.0-RC3
469	*/
470	$vars = array(
471	'sql',
472	'forum_list',
473	'visibility_const',
474	'topic_id',
475	'limit_time_sql',
476	'sort_order_sql',
477	);
478	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_query_before', compact($vars)));
479
480	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
481
482	$post_ids = array();
483	while ($row = $db->sql_fetchrow($result))
484	{
485	$post_ids[] = $row['post_id'];
486	}
487	$db->sql_freeresult($result);
488
489	if (count($post_ids))
490	{
491	$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour
492	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
493	WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
494	AND t.topic_id = p.topic_id
495	AND u.user_id = p.poster_id
496	ORDER BY ' . $sort_order_sql;
497
498	/**
499	* Alter sql query to get information on all posts in queue
500	*
501	* @event core.mcp_queue_get_posts_for_posts_query_before
502	* @var string sql String with the query to be executed
503	* @var array forum_list List of forums that contain the posts
504	* @var int visibility_const Integer with one of the possible ITEM_* constant values
505	* @var int topic_id topic_id in the page request
506	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
507	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
508	* @since 3.2.3-RC2
509	*/
510	$vars = array(
511	'sql',
512	'forum_list',
513	'visibility_const',
514	'topic_id',
515	'limit_time_sql',
516	'sort_order_sql',
517	);
518	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_posts_query_before', compact($vars)));
519
520	$result = $db->sql_query($sql);
521
522	$post_data = $rowset = array();
523	while ($row = $db->sql_fetchrow($result))
524	{
525	$forum_names[] = $row['forum_id'];
526	$post_data[$row['post_id']] = $row;
527	}
528	$db->sql_freeresult($result);
529
530	foreach ($post_ids as $post_id)
531	{
532	$rowset[] = $post_data[$post_id];
533	}
534	unset($post_data, $post_ids);
535	}
536	else
537	{
538	$rowset = array();
539	}
540	}
541	else
542	{
543	$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
544	FROM ' . TOPICS_TABLE . ' t
545	WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
546	AND ' . $db->sql_in_set('topic_visibility', $visibility_const) . "
547	AND topic_delete_user <> 0
548	$limit_time_sql
549	ORDER BY $sort_order_sql";
550
551	/**
552	* Alter sql query to get information on all topics in the list of forums provided.
553	*
554	* @event core.mcp_queue_get_posts_for_topics_query_before
555	* @var string sql String with the query to be executed
556	* @var array forum_list List of forums that contain the posts
557	* @var int visibility_const Integer with one of the possible ITEM_* constant values
558	* @var int topic_id topic_id in the page request
559	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
560	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
561	* @since 3.1.0-RC3
562	*/
563	$vars = array(
564	'sql',
565	'forum_list',
566	'visibility_const',
567	'topic_id',
568	'limit_time_sql',
569	'sort_order_sql',
570	);
571	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_topics_query_before', compact($vars)));
572
573	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
574
575	$rowset = array();
576	while ($row = $db->sql_fetchrow($result))
577	{
578	$forum_names[] = $row['forum_id'];
579	$rowset[] = $row;
580	}
581	$db->sql_freeresult($result);
582	}
583
584	if (count($forum_names))
585	{
586	// Select the names for the forum_ids
587	$sql = 'SELECT forum_id, forum_name
588	FROM ' . FORUMS_TABLE . '
589	WHERE ' . $db->sql_in_set('forum_id', $forum_names);
590	$result = $db->sql_query($sql, 3600);
591
592	$forum_names = array();
593	while ($row = $db->sql_fetchrow($result))
594	{
595	$forum_names[$row['forum_id']] = $row['forum_name'];
596	}
597	$db->sql_freeresult($result);
598	}
599
600	foreach ($rowset as $row)
601	{
602	if (empty($row['post_username']))
603	{
604	$row['post_username'] = $row['username'] ?: $user->lang['GUEST'];
605	}
606
607	$post_row = array(
608	'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $row['topic_id']),
609	'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
610	'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
611	'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')),
612
613	'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
614	'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
615	'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
616	'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
617
618	'POST_ID' => $row['post_id'],
619	'TOPIC_ID' => $row['topic_id'],
620	'FORUM_NAME' => $forum_names[$row['forum_id']],
621	'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
622	'TOPIC_TITLE' => $row['topic_title'],
623	'POST_TIME' => $user->format_date($row['post_time']),
624	'S_HAS_ATTACHMENTS' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'],
625	);
626
627	/**
628	* Alter sql query to get information on all topics in the list of forums provided.
629	*
630	* @event core.mcp_queue_get_posts_modify_post_row
631	* @var array post_row Template variables for current post
632	* @var array row Post data
633	* @var array forum_names Forum names
634	* @since 3.2.3-RC2
635	*/
636	$vars = array(
637	'post_row',
638	'row',
639	'forum_names',
640	);
641	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_modify_post_row', compact($vars)));
642
643	$template->assign_block_vars('postrow', $post_row);
644	}
645	unset($rowset, $forum_names);
646
647	/* @var \phpbb\pagination $pagination */
648	$pagination = $phpbb_container->get('pagination');
649
650	$base_url = $this->u_action . "&f=$forum_id&st=$sort_days&sk=$sort_key&sd=$sort_dir";
651	$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
652
653	// Now display the page
654	$template->assign_vars(array(
655	'L_DISPLAY_ITEMS' => (!$is_topics) ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
656	'L_EXPLAIN' => $user->lang['MCP_QUEUE_' . strtoupper($mode) . '_EXPLAIN'],
657	'L_TITLE' => $user->lang['MCP_QUEUE_' . strtoupper($mode)],
658	'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
659
660	'S_FORUM_OPTIONS' => $forum_options,
661	'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')),
662	'S_TOPICS' => $is_topics,
663	'S_RESTORE' => $is_restore,
664
665	'TOPIC_ID' => $topic_id,
666	'TOTAL' => $user->lang(((!$is_topics) ? 'VIEW_TOPIC_POSTS' : 'VIEW_FORUM_TOPICS'), (int) $total),
667	));
668
669	$this->tpl_name = 'mcp_queue';
670	break;
671	}
672	}
673
674	/**
675	* Approve/Restore posts
676	*
677	* @param $action string Action we perform on the posts ('approve' or 'restore')
678	* @param $post_id_list array IDs of the posts to approve/restore
679	* @param $id mixed Category of the current active module
680	* @param $mode string Active module
681	* @return void\|never
682	*/
683	public static function approve_posts($action, $post_id_list, $id, $mode)
684	{
685	global $template, $user, $request, $phpbb_container, $phpbb_dispatcher;
686	global $phpEx, $phpbb_root_path, $phpbb_log;
687
688	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
689	{
690	send_status_line(403, 'Forbidden');
691	trigger_error('NOT_AUTHORISED');
692	}
693
694	$redirect = $request->variable('redirect', build_url(array('quickmod')));
695	$redirect = reapply_sid($redirect);
696	$post_url = '';
697	$approve_log = array();
698	$num_topics = 0;
699
700	$s_hidden_fields = build_hidden_fields(array(
701	'i' => $id,
702	'mode' => $mode,
703	'post_id_list' => $post_id_list,
704	'action' => $action,
705	'redirect' => $redirect,
706	));
707
708	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
709
710	if (confirm_box(true))
711	{
712	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster']));
713
714	$topic_info = array();
715
716	// Group the posts by topic_id
717	foreach ($post_info as $post_id => $post_data)
718	{
719	if ($post_data['post_visibility'] == ITEM_APPROVED)
720	{
721	continue;
722	}
723	$topic_id = (int) $post_data['topic_id'];
724
725	$topic_info[$topic_id]['posts'][] = (int) $post_id;
726	$topic_info[$topic_id]['forum_id'] = (int) $post_data['forum_id'];
727
728	// Refresh the first post, if the time or id is older then the current one
729	if ($post_id <= $post_data['topic_first_post_id'] \|\| $post_data['post_time'] <= $post_data['topic_time'])
730	{
731	$topic_info[$topic_id]['first_post'] = true;
732	}
733
734	// Refresh the last post, if the time or id is newer then the current one
735	if ($post_id >= $post_data['topic_last_post_id'] \|\| $post_data['post_time'] >= $post_data['topic_last_post_time'])
736	{
737	$topic_info[$topic_id]['last_post'] = true;
738	}
739
740	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$post_data['post_id']}") . '#p' . $post_data['post_id'];
741
742	$approve_log[] = array(
743	'forum_id' => $post_data['forum_id'],
744	'topic_id' => $post_data['topic_id'],
745	'post_id' => $post_id,
746	'post_subject' => $post_data['post_subject'],
747	);
748	}
749
750	/* @var $phpbb_content_visibility \phpbb\content_visibility */
751	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
752	foreach ($topic_info as $topic_id => $topic_data)
753	{
754	$phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $topic_data['posts'], $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '', isset($topic_data['first_post']), isset($topic_data['last_post']));
755	}
756
757	foreach ($approve_log as $log_data)
758	{
759	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_' . strtoupper($action) . 'D', false, array(
760	'forum_id' => $log_data['forum_id'],
761	'topic_id' => $log_data['topic_id'],
762	'post_id' => $log_data['post_id'],
763	$log_data['post_subject']
764	));
765	}
766
767	// Only send out the mails, when the posts are being approved
768	if ($action == 'approve')
769	{
770	/* @var $phpbb_notifications \phpbb\notification\manager */
771	$phpbb_notifications = $phpbb_container->get('notification_manager');
772
773	// Handle notifications
774	foreach ($post_info as $post_id => $post_data)
775	{
776	// A single topic approval may also happen here, so handle deleting the respective notification.
777	if (!$post_data['topic_posts_approved'])
778	{
779	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
780
781	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
782	{
783	$phpbb_notifications->add_notifications(array('notification.type.topic'), $post_data);
784	}
785	if ($post_data['post_visibility'] != ITEM_APPROVED)
786	{
787	$num_topics++;
788	}
789	}
790	else
791	{
792	// Only add notifications, if we are not reapproving post
793	// When the topic was already approved, but was edited and
794	// now needs re-approval, we don't want to notify the users
795	// again.
796	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
797	{
798	$phpbb_notifications->add_notifications(array(
799	'notification.type.bookmark',
800	'notification.type.post',
801	), $post_data);
802	}
803	}
804	$phpbb_notifications->add_notifications(array(
805	'notification.type.mention',
806	'notification.type.quote',
807	), $post_data);
808	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
809
810	$phpbb_notifications->mark_notifications(array(
811	'notification.type.mention',
812	'notification.type.quote',
813	'notification.type.bookmark',
814	'notification.type.post',
815	), $post_data['post_id'], $user->data['user_id']);
816
817	// Notify Poster?
818	if ($notify_poster)
819	{
820	if ($post_data['poster_id'] == ANONYMOUS)
821	{
822	continue;
823	}
824
825	if (!$post_data['topic_posts_approved'])
826	{
827	$phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data);
828	}
829	else
830	{
831	$phpbb_notifications->add_notifications('notification.type.approve_post', $post_data);
832	}
833	}
834	}
835	}
836
837	if ($num_topics >= 1)
838	{
839	$success_msg = ($num_topics == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
840	}
841	else
842	{
843	$success_msg = (count($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS';
844	}
845
846	/**
847	* Perform additional actions during post(s) approval
848	*
849	* @event core.approve_posts_after
850	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
851	* @var array post_info Array containing info for all posts being approved
852	* @var array topic_info Array containing info for all parent topics of the posts
853	* @var int num_topics Variable containing number of topics
854	* @var bool notify_poster Variable telling if the post should be notified or not
855	* @var string success_msg Variable containing the language key for the success message
856	* @var string redirect Variable containing the redirect url
857	* @since 3.1.4-RC1
858	*/
859	$vars = array(
860	'action',
861	'post_info',
862	'topic_info',
863	'num_topics',
864	'notify_poster',
865	'success_msg',
866	'redirect',
867	);
868	extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars)));
869
870	meta_refresh(3, $redirect);
871	$message = $user->lang[$success_msg];
872
873	if ($request->is_ajax())
874	{
875	$json_response = new \phpbb\json_response;
876	$json_response->send(array(
877	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
878	'MESSAGE_TEXT' => $message,
879	'REFRESH_DATA' => null,
880	'visible' => true,
881	));
882	}
883	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
884
885	// If approving one post, also give links back to post...
886	if (count($post_info) == 1 && $post_url)
887	{
888	$message .= '<br /><br />' . $user->lang('RETURN_POST', '<a href="' . $post_url . '">', '</a>');
889	}
890	trigger_error($message);
891	}
892	else
893	{
894	$show_notify = false;
895
896	if ($action == 'approve')
897	{
898	foreach ($post_info as $post_data)
899	{
900	if (!$post_data['topic_posts_approved'])
901	{
902	$num_topics++;
903	}
904
905	if (!$show_notify && $post_data['poster_id'] != ANONYMOUS)
906	{
907	$show_notify = true;
908	}
909	}
910	}
911
912	$template->assign_vars(array(
913	'S_NOTIFY_POSTER' => $show_notify,
914	'S_' . strtoupper($action) => true,
915	));
916
917	// Create the confirm box message
918	$action_msg = strtoupper($action);
919	$num_posts = count($post_id_list) - $num_topics;
920	if ($num_topics > 0 && $num_posts <= 0)
921	{
922	$action_msg .= '_TOPIC' . (($num_topics == 1) ? '' : 'S');
923	}
924	else
925	{
926	$action_msg .= '_POST' . ((count($post_id_list) == 1) ? '' : 'S');
927	}
928	confirm_box(false, $action_msg, $s_hidden_fields, 'mcp_approve.html');
929	}
930
931	redirect($redirect);
932	}
933
934	/**
935	* Approve/Restore topics
936	*
937	* @param $action string Action we perform on the posts ('approve' or 'restore')
938	* @param $topic_id_list array IDs of the topics to approve/restore
939	* @param $id mixed Category of the current active module
940	* @param $mode string Active module
941	* @return void\|never
942	*/
943	public static function approve_topics($action, $topic_id_list, $id, $mode)
944	{
945	global $db, $template, $user, $phpbb_log;
946	global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher;
947
948	if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
949	{
950	send_status_line(403, 'Forbidden');
951	trigger_error('NOT_AUTHORISED');
952	}
953
954	$redirect = $request->variable('redirect', build_url(array('quickmod')));
955	$redirect = reapply_sid($redirect);
956	$success_msg = $topic_url = '';
957	$approve_log = array();
958
959	$s_hidden_fields = build_hidden_fields(array(
960	'i' => $id,
961	'mode' => $mode,
962	'topic_id_list' => $topic_id_list,
963	'action' => $action,
964	'redirect' => $redirect,
965	));
966
967	$topic_info = phpbb_get_topic_data($topic_id_list, 'm_approve');
968
969	if (confirm_box(true))
970	{
971	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster'])) ? true : false;
972
973	/* @var $phpbb_content_visibility \phpbb\content_visibility */
974	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
975	$first_post_ids = array();
976
977	foreach ($topic_info as $topic_id => $topic_data)
978	{
979	$phpbb_content_visibility->set_topic_visibility(ITEM_APPROVED, $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '');
980	$first_post_ids[$topic_id] = (int) $topic_data['topic_first_post_id'];
981
982	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$topic_id}");
983
984	$approve_log[] = array(
985	'forum_id' => $topic_data['forum_id'],
986	'topic_id' => $topic_data['topic_id'],
987	'topic_title' => $topic_data['topic_title'],
988	);
989	}
990
991	if (count($topic_info) >= 1)
992	{
993	$success_msg = (count($topic_info) == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
994	}
995
996	foreach ($approve_log as $log_data)
997	{
998	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_TOPIC_' . strtoupper($action) . 'D', false, array(
999	'forum_id' => $log_data['forum_id'],
1000	'topic_id' => $log_data['topic_id'],
1001	$log_data['topic_title']
1002	));
1003	}
1004
1005	// Only send out the mails, when the posts are being approved
1006	if ($action == 'approve')
1007	{
1008	// Grab the first post text as it's needed for the quote notification.
1009	$sql = 'SELECT topic_id, post_text
1010	FROM ' . POSTS_TABLE . '
1011	WHERE ' . $db->sql_in_set('post_id', $first_post_ids);
1012	$result = $db->sql_query($sql);
1013
1014	while ($row = $db->sql_fetchrow($result))
1015	{
1016	$topic_info[$row['topic_id']]['post_text'] = $row['post_text'];
1017	}
1018	$db->sql_freeresult($result);
1019
1020	// Handle notifications
1021	/* @var $phpbb_notifications \phpbb\notification\manager */
1022	$phpbb_notifications = $phpbb_container->get('notification_manager');
1023
1024	foreach ($topic_info as $topic_id => $topic_data)
1025	{
1026	$topic_data = array_merge($topic_data, array(
1027	'post_id' => $topic_data['topic_first_post_id'],
1028	'post_subject' => $topic_data['topic_title'],
1029	'post_time' => $topic_data['topic_time'],
1030	'poster_id' => $topic_data['topic_poster'],
1031	'post_username' => $topic_data['topic_first_poster_name'],
1032	));
1033
1034	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $topic_id);
1035
1036	// Only add notifications, if we are not reapproving post
1037	// When the topic was already approved, but was edited and
1038	// now needs re-approval, we don't want to notify the users
1039	// again.
1040	if ($topic_data['topic_visibility'] == ITEM_UNAPPROVED)
1041	{
1042	$phpbb_notifications->add_notifications(array(
1043	'notification.type.mention',
1044	'notification.type.quote',
1045	'notification.type.topic',
1046	), $topic_data);
1047	}
1048
1049	$phpbb_notifications->mark_notifications(array('mention', 'quote'), $topic_data['post_id'], $user->data['user_id']);
1050	$phpbb_notifications->mark_notifications('topic', $topic_id, $user->data['user_id']);
1051
1052	if ($notify_poster)
1053	{
1054	$phpbb_notifications->add_notifications('notification.type.approve_topic', $topic_data);
1055	}
1056	}
1057	}
1058
1059	/**
1060	* Perform additional actions during topics(s) approval
1061	*
1062	* @event core.approve_topics_after
1063	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
1064	* @var mixed topic_info Array containing info for all topics being approved
1065	* @var array first_post_ids Array containing ids of all first posts
1066	* @var bool notify_poster Variable telling if the poster should be notified or not
1067	* @var string success_msg Variable containing the language key for the success message
1068	* @var string redirect Variable containing the redirect url
1069	* @since 3.1.4-RC1
1070	*/
1071	$vars = array(
1072	'action',
1073	'topic_info',
1074	'first_post_ids',
1075	'notify_poster',
1076	'success_msg',
1077	'redirect',
1078	);
1079	extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars)));
1080
1081	meta_refresh(3, $redirect);
1082	$message = $user->lang[$success_msg];
1083
1084	if ($request->is_ajax())
1085	{
1086	$json_response = new \phpbb\json_response;
1087	$json_response->send(array(
1088	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1089	'MESSAGE_TEXT' => $message,
1090	'REFRESH_DATA' => null,
1091	'visible' => true,
1092	));
1093	}
1094	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1095
1096	// If approving one topic, also give links back to topic...
1097	if (count($topic_info) == 1 && $topic_url)
1098	{
1099	$message .= '<br /><br />' . $user->lang('RETURN_TOPIC', '<a href="' . $topic_url . '">', '</a>');
1100	}
1101	trigger_error($message);
1102	}
1103	else
1104	{
1105	$show_notify = false;
1106
1107	if ($action == 'approve')
1108	{
1109	foreach ($topic_info as $topic_data)
1110	{
1111	if ($topic_data['topic_poster'] == ANONYMOUS)
1112	{
1113	continue;
1114	}
1115	else
1116	{
1117	$show_notify = true;
1118	break;
1119	}
1120	}
1121	}
1122
1123	$template->assign_vars(array(
1124	'S_NOTIFY_POSTER' => $show_notify,
1125	'S_' . strtoupper($action) => true,
1126	));
1127
1128	confirm_box(false, strtoupper($action) . '_TOPIC' . ((count($topic_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
1129	}
1130
1131	redirect($redirect);
1132	}
1133
1134	/**
1135	* Disapprove Post
1136	*
1137	* @param $post_id_list array IDs of the posts to disapprove/delete
1138	* @param $id mixed Category of the current active module
1139	* @param $mode string Active module
1140	* @return void\|never
1141	*/
1142	public static function disapprove_posts($post_id_list, $id, $mode)
1143	{
1144	global $db, $template, $user, $phpbb_container, $phpbb_dispatcher;
1145	global $phpEx, $phpbb_root_path, $request, $phpbb_log;
1146
1147	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
1148	{
1149	send_status_line(403, 'Forbidden');
1150	trigger_error('NOT_AUTHORISED');
1151	}
1152
1153	$redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode=$mode");
1154	$redirect = reapply_sid($redirect);
1155	$reason = $request->variable('reason', '', true);
1156	$reason_id = $request->variable('reason_id', 0);
1157	$additional_msg = '';
1158
1159	$s_hidden_fields = build_hidden_fields(array(
1160	'i' => $id,
1161	'mode' => $mode,
1162	'post_id_list' => $post_id_list,
1163	'action' => 'disapprove',
1164	'redirect' => $redirect,
1165	));
1166
1167	$notify_poster = $request->is_set('notify_poster');
1168	$disapprove_reason = '';
1169
1170	if ($reason_id)
1171	{
1172	$sql = 'SELECT reason_title, reason_description
1173	FROM ' . REPORTS_REASONS_TABLE . "
1174	WHERE reason_id = $reason_id";
1175	$result = $db->sql_query($sql);
1176	$row = $db->sql_fetchrow($result);
1177	$db->sql_freeresult($result);
1178
1179	if (!$row \|\| (!$reason && strtolower($row['reason_title']) == 'other'))
1180	{
1181	$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
1182
1183	$request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
1184	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST);
1185	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST);
1186	}
1187	else
1188	{
1189	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
1190	$disapprove_reason = (strtolower($row['reason_title']) != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : '';
1191	$disapprove_reason .= ($reason) ? "\n\n" . $reason : '';
1192
1193	if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
1194	{
1195	$disapprove_reason_lang = strtoupper($row['reason_title']);
1196	}
1197	}
1198	}
1199
1200	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
1201
1202	$is_disapproving = false;
1203	foreach ($post_info as $post_id => $post_data)
1204	{
1205	if ($post_data['post_visibility'] == ITEM_DELETED)
1206	{
1207	continue;
1208	}
1209
1210	$is_disapproving = true;
1211	}
1212
1213	if (confirm_box(true))
1214	{
1215	$disapprove_log_topics = $disapprove_log_posts = array();
1216	$topic_posts_unapproved = $post_disapprove_list = $topic_information = array();
1217
1218	// Build a list of posts to be disapproved and get the related topics real replies count
1219	foreach ($post_info as $post_id => $post_data)
1220	{
1221	if ($mode === 'unapproved_topics' && $post_data['post_visibility'] == ITEM_APPROVED)
1222	{
1223	continue;
1224	}
1225
1226	$post_disapprove_list[$post_id] = $post_data['topic_id'];
1227	if (!isset($topic_posts_unapproved[$post_data['topic_id']]))
1228	{
1229	$topic_information[$post_data['topic_id']] = $post_data;
1230	$topic_posts_unapproved[$post_data['topic_id']] = 0;
1231	}
1232	$topic_posts_unapproved[$post_data['topic_id']]++;
1233	}
1234
1235	// Do not try to disapprove if no posts are selected
1236	if (empty($post_disapprove_list))
1237	{
1238	trigger_error('NO_POST_SELECTED');
1239	}
1240
1241	// Now we build the log array
1242	foreach ($post_disapprove_list as $post_id => $topic_id)
1243	{
1244	// If the count of disapproved posts for the topic is equal
1245	// to the number of unapproved posts in the topic, and there are no different
1246	// posts, we disapprove the hole topic
1247	if ($topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1248	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1249	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id])
1250	{
1251	// Don't write the log more than once for every topic
1252	if (!isset($disapprove_log_topics[$topic_id]))
1253	{
1254	// Build disapproved topics log
1255	$disapprove_log_topics[$topic_id] = array(
1256	'type' => 'topic',
1257	'post_subject' => $post_info[$post_id]['topic_title'],
1258	'forum_id' => $post_info[$post_id]['forum_id'],
1259	'topic_id' => 0, // useless to log a topic id, as it will be deleted
1260	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1261	);
1262	}
1263	}
1264	else
1265	{
1266	// Build disapproved posts log
1267	$disapprove_log_posts[] = array(
1268	'type' => 'post',
1269	'post_subject' => $post_info[$post_id]['post_subject'],
1270	'forum_id' => $post_info[$post_id]['forum_id'],
1271	'topic_id' => $post_info[$post_id]['topic_id'],
1272	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1273	);
1274
1275	}
1276	}
1277
1278	// Get disapproved posts/topics counts separately
1279	$num_disapproved_topics = count($disapprove_log_topics);
1280	$num_disapproved_posts = count($disapprove_log_posts);
1281
1282	// Build the whole log
1283	$disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts);
1284
1285	// Unset unneeded arrays
1286	unset($post_data, $disapprove_log_topics, $disapprove_log_posts);
1287
1288	// Let's do the job - delete disapproved posts
1289	if (count($post_disapprove_list))
1290	{
1291	if (!function_exists('delete_posts'))
1292	{
1293	include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1294	}
1295
1296	// We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
1297	// Note: function delete_posts triggers related forums/topics sync,
1298	// so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually
1299	delete_posts('post_id', array_keys($post_disapprove_list));
1300
1301	foreach ($disapprove_log as $log_data)
1302	{
1303	if ($is_disapproving)
1304	{
1305	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED';
1306	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1307	'forum_id' => $log_data['forum_id'],
1308	'topic_id' => $log_data['topic_id'],
1309	$log_data['post_subject'],
1310	$disapprove_reason,
1311	$log_data['post_username']
1312	));
1313	}
1314	else
1315	{
1316	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST';
1317	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1318	'forum_id' => $log_data['forum_id'],
1319	'topic_id' => $log_data['topic_id'],
1320	$log_data['post_subject'],
1321	$log_data['post_username']
1322	));
1323	}
1324	}
1325	}
1326
1327	/* @var $phpbb_notifications \phpbb\notification\manager */
1328	$phpbb_notifications = $phpbb_container->get('notification_manager');
1329
1330	$lang_reasons = array();
1331
1332	foreach ($post_info as $post_id => $post_data)
1333	{
1334	$disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1335	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1336	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id];
1337
1338	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
1339
1340	// Do we disapprove the whole topic? Remove potential notifications
1341	if ($disapprove_all_posts_in_topic)
1342	{
1343	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
1344	}
1345
1346	// Notify Poster?
1347	if ($notify_poster)
1348	{
1349	if ($post_data['poster_id'] == ANONYMOUS)
1350	{
1351	continue;
1352	}
1353
1354	$post_data['disapprove_reason'] = $disapprove_reason;
1355	if (isset($disapprove_reason_lang))
1356	{
1357	// Okay we need to get the reason from the posters language
1358	if (!isset($lang_reasons[$post_data['user_lang']]))
1359	{
1360	// Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity.
1361	$lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1362
1363	// Only load up the language pack if the language is different to the current one
1364	if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx))
1365	{
1366	// Load up the language pack
1367	$lang = array();
1368	@include($phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx);
1369
1370	// If we find the reason in this language pack use it
1371	if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]))
1372	{
1373	$lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1374	}
1375
1376	unset($lang); // Free memory
1377	}
1378	}
1379
1380	$post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']];
1381	$post_data['disapprove_reason'] .= ($reason) ? "\n\n" . $reason : '';
1382	}
1383
1384	if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1)
1385	{
1386	// If there is only 1 post when disapproving the topic,
1387	// we send the user a "disapprove topic" notification...
1388	$phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data);
1389	}
1390	else
1391	{
1392	// ... otherwise there are multiple unapproved posts and
1393	// all of them are disapproved as posts.
1394	$phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data);
1395	}
1396	}
1397	}
1398
1399	if ($num_disapproved_topics)
1400	{
1401	$success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS';
1402	}
1403	else
1404	{
1405	$success_msg = ($num_disapproved_posts == 1) ? 'POST' : 'POSTS';
1406	}
1407
1408	if ($is_disapproving)
1409	{
1410	$success_msg .= '_DISAPPROVED_SUCCESS';
1411	}
1412	else
1413	{
1414	$success_msg .= '_DELETED_SUCCESS';
1415	}
1416
1417	// If we came from viewtopic, we try to go back to it.
1418	if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0)
1419	{
1420	if ($num_disapproved_topics == 0)
1421	{
1422	// So we need to remove the post id part from the Url
1423	$redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect);
1424	}
1425	else
1426	{
1427	// However this is only possible if the topic still exists,
1428	// Otherwise we go back to the viewforum page
1429	$redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $post_data['forum_id']);
1430	}
1431	}
1432
1433	$disapprove_reason_lang = $disapprove_reason_lang ?? '';
1434
1435	/**
1436	* Perform additional actions during post(s) disapproval
1437	*
1438	* @event core.disapprove_posts_after
1439	* @var array post_info Array containing info for all posts being disapproved
1440	* @var array topic_information Array containing information for the topics
1441	* @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them
1442	* @var array post_disapprove_list Array containing list of posts and their topic id
1443	* @var int num_disapproved_topics Variable containing the number of disapproved topics
1444	* @var int num_disapproved_posts Variable containing the number of disapproved posts
1445	* @var array lang_reasons Array containing the language keys for reasons
1446	* @var string disapprove_reason Variable containing the language key for the success message
1447	* @var string disapprove_reason_lang Variable containing the language key for the success message
1448	* @var bool is_disapproving Variable telling if anything is going to be disapproved
1449	* @var bool notify_poster Variable telling if the post should be notified or not
1450	* @var string success_msg Variable containing the language key for the success message
1451	* @var string redirect Variable containing the redirect url
1452	* @since 3.1.4-RC1
1453	*/
1454	$vars = array(
1455	'post_info',
1456	'topic_information',
1457	'topic_posts_unapproved',
1458	'post_disapprove_list',
1459	'num_disapproved_topics',
1460	'num_disapproved_posts',
1461	'lang_reasons',
1462	'disapprove_reason',
1463	'disapprove_reason_lang',
1464	'is_disapproving',
1465	'notify_poster',
1466	'success_msg',
1467	'redirect',
1468	);
1469	extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
1470
1471	unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
1472
1473	meta_refresh(3, $redirect);
1474	$message = $user->lang[$success_msg];
1475
1476	if ($request->is_ajax())
1477	{
1478	$json_response = new \phpbb\json_response;
1479	$json_response->send(array(
1480	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1481	'MESSAGE_TEXT' => $message,
1482	'REFRESH_DATA' => null,
1483	'visible' => false,
1484	));
1485	}
1486	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1487	trigger_error($message);
1488	}
1489	else
1490	{
1491	$show_notify = false;
1492
1493	foreach ($post_info as $post_data)
1494	{
1495	if ($post_data['poster_id'] == ANONYMOUS)
1496	{
1497	continue;
1498	}
1499	else
1500	{
1501	$show_notify = true;
1502	break;
1503	}
1504	}
1505
1506	$l_confirm_msg = 'DISAPPROVE_POST';
1507	$confirm_template = 'mcp_approve.html';
1508	if ($is_disapproving)
1509	{
1510	$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
1511	}
1512	else
1513	{
1514	$user->add_lang('posting');
1515
1516	$l_confirm_msg = 'DELETE_POST_PERMANENTLY';
1517	$confirm_template = 'confirm_delete_body.html';
1518	}
1519	$l_confirm_msg .= ((count($post_id_list) == 1) ? '' : 'S');
1520
1521	$template->assign_vars(array(
1522	'S_NOTIFY_POSTER' => $show_notify,
1523	'S_APPROVE' => false,
1524	'REASON' => ($is_disapproving) ? $reason : '',
1525	'ADDITIONAL_MSG' => $additional_msg,
1526	));
1527
1528	confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template);
1529	}
1530
1531	redirect($redirect);
1532	}
1533	}