Code Coverage for /data/phpBB/includes/mcp/mcp

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 756	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 1
mcp_queue	0.00% covered (danger)	0.00%	0 / 754	0.00% covered (danger)	0.00%	0 / 5	43472	0.00% covered (danger)	0.00%	0 / 1
__construct	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
main	0.00% covered (danger)	0.00%	0 / 340	0.00% covered (danger)	0.00%	0 / 1	8372
approve_posts	0.00% covered (danger)	0.00%	0 / 124	0.00% covered (danger)	0.00%	0 / 1	1332
approve_topics	0.00% covered (danger)	0.00%	0 / 102	0.00% covered (danger)	0.00%	0 / 1	462
disapprove_posts	0.00% covered (danger)	0.00%	0 / 187	0.00% covered (danger)	0.00%	0 / 1	3540

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* mcp_queue
24	* Handling the moderation queue
25	*/
26	class mcp_queue
27	{
28	var $p_master;
29	var $u_action;
30
31	public function __construct($p_master)
32	{
33	$this->p_master = $p_master;
34	}
35
36	public function main($id, $mode)
37	{
38	global $auth, $db, $user, $template, $request;
39	global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container;
40	global $phpbb_dispatcher;
41
42	include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
43
44	$forum_id = $request->variable('f', 0);
45	$start = $request->variable('start', 0);
46
47	$this->page_title = 'MCP_QUEUE';
48
49	switch ($action)
50	{
51	case 'approve':
52	case 'restore':
53	$post_id_list = $request->variable('post_id_list', array(0));
54	$topic_id_list = $request->variable('topic_id_list', array(0));
55
56	if (!empty($post_id_list))
57	{
58	self::approve_posts($action, $post_id_list, 'queue', $mode);
59	}
60	else if (!empty($topic_id_list))
61	{
62	self::approve_topics($action, $topic_id_list, 'queue', $mode);
63	}
64	else
65	{
66	trigger_error('NO_POST_SELECTED');
67	}
68	break;
69
70	case 'delete':
71	$post_id_list = $request->variable('post_id_list', array(0));
72	$topic_id_list = $request->variable('topic_id_list', array(0));
73	$delete_reason = $request->variable('delete_reason', '', true);
74
75	if (!empty($post_id_list))
76	{
77	if (!function_exists('mcp_delete_post'))
78	{
79	global $phpbb_root_path, $phpEx;
80	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
81	}
82	mcp_delete_post($post_id_list, false, $delete_reason, $action);
83	}
84	else if (!empty($topic_id_list))
85	{
86	if (!function_exists('mcp_delete_topic'))
87	{
88	global $phpbb_root_path, $phpEx;
89	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
90	}
91	mcp_delete_topic($topic_id_list, false, $delete_reason, $action);
92	}
93	else
94	{
95	trigger_error('NO_POST_SELECTED');
96	}
97	break;
98
99	case 'disapprove':
100	$post_id_list = $request->variable('post_id_list', array(0));
101	$topic_id_list = $request->variable('topic_id_list', array(0));
102
103	if (!empty($topic_id_list) && $mode == 'deleted_topics')
104	{
105	if (!function_exists('mcp_delete_topic'))
106	{
107	global $phpbb_root_path, $phpEx;
108	include($phpbb_root_path . 'includes/mcp/mcp_main.' . $phpEx);
109	}
110	mcp_delete_topic($topic_id_list, false, '', 'disapprove');
111	return;
112	}
113
114	if (!empty($topic_id_list))
115	{
116	$post_visibility = ($mode == 'deleted_topics') ? ITEM_DELETED : array(ITEM_UNAPPROVED, ITEM_REAPPROVE);
117	$sql = 'SELECT post_id
118	FROM ' . POSTS_TABLE . '
119	WHERE ' . $db->sql_in_set('post_visibility', $post_visibility) . '
120	AND ' . $db->sql_in_set('topic_id', $topic_id_list);
121	$result = $db->sql_query($sql);
122
123	$post_id_list = array();
124	while ($row = $db->sql_fetchrow($result))
125	{
126	$post_id_list[] = (int) $row['post_id'];
127	}
128	$db->sql_freeresult($result);
129	}
130
131	if (!empty($post_id_list))
132	{
133	self::disapprove_posts($post_id_list, 'queue', $mode);
134	}
135	else
136	{
137	trigger_error('NO_POST_SELECTED');
138	}
139	break;
140	}
141
142	switch ($mode)
143	{
144	case 'approve_details':
145
146	$this->tpl_name = 'mcp_post';
147
148	$user->add_lang(array('posting', 'viewtopic'));
149
150	$post_id = $request->variable('p', 0);
151	$topic_id = $request->variable('t', 0);
152	$topic_info = [];
153
154	/* @var $phpbb_notifications \phpbb\notification\manager */
155	$phpbb_notifications = $phpbb_container->get('notification_manager');
156
157	if ($topic_id)
158	{
159	$topic_info = phpbb_get_topic_data(array($topic_id), 'm_approve');
160	if (isset($topic_info[$topic_id]['topic_first_post_id']))
161	{
162	$post_id = (int) $topic_info[$topic_id]['topic_first_post_id'];
163
164	$phpbb_notifications->mark_notifications('topic_in_queue', $topic_id, $user->data['user_id']);
165	}
166	else
167	{
168	$topic_id = 0;
169	}
170	}
171
172	$phpbb_notifications->mark_notifications('post_in_queue', $post_id, $user->data['user_id']);
173
174	$post_info = phpbb_get_post_data(array($post_id), 'm_approve', true);
175
176	if (!count($post_info))
177	{
178	trigger_error('NO_POST_SELECTED');
179	}
180
181	$post_info = $post_info[$post_id];
182
183	if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
184	{
185	$template->assign_vars(array(
186	'S_TOPIC_REVIEW' => true,
187	'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'],
188	'TOPIC_TITLE' => $post_info['topic_title'],
189	));
190	}
191
192	$attachments = $topic_tracking_info = array();
193
194	// Get topic tracking info
195	if ($config['load_db_lastread'])
196	{
197	$tmp_topic_data = array($post_info['topic_id'] => $post_info);
198	$topic_tracking_info = get_topic_tracking($post_info['forum_id'], $post_info['topic_id'], $tmp_topic_data, array($post_info['forum_id'] => $post_info['forum_mark_time']));
199	unset($tmp_topic_data);
200	}
201	else
202	{
203	$topic_tracking_info = get_complete_topic_tracking($post_info['forum_id'], $post_info['topic_id']);
204	}
205
206	$post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false;
207
208	// Process message, leave it uncensored
209	$parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
210	$message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false);
211
212	if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
213	{
214	$sql = 'SELECT *
215	FROM ' . ATTACHMENTS_TABLE . '
216	WHERE post_msg_id = ' . $post_id . '
217	AND in_message = 0
218	ORDER BY filetime DESC, post_msg_id ASC';
219	$result = $db->sql_query($sql);
220
221	while ($row = $db->sql_fetchrow($result))
222	{
223	$attachments[] = $row;
224	}
225	$db->sql_freeresult($result);
226
227	if (count($attachments))
228	{
229	$update_count = array();
230	parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
231	}
232
233	// Display not already displayed Attachments for this post, we already parsed them. ;)
234	if (!empty($attachments))
235	{
236	$template->assign_var('S_HAS_ATTACHMENTS', true);
237
238	foreach ($attachments as $attachment)
239	{
240	$template->assign_block_vars('attachment', array(
241	'DISPLAY_ATTACHMENT' => $attachment,
242	));
243	}
244	}
245	}
246
247	// Deleting information
248	if ($post_info['post_visibility'] == ITEM_DELETED && $post_info['post_delete_user'])
249	{
250	// User having deleted the post also being the post author?
251	if (!$post_info['post_delete_user'] \|\| $post_info['post_delete_user'] == $post_info['poster_id'])
252	{
253	$display_username = get_username_string('full', $post_info['poster_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']);
254	}
255	else
256	{
257	$sql = 'SELECT u.user_id, u.username, u.user_colour
258	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
259	WHERE p.post_id = ' . $post_info['post_id'] . '
260	AND p.post_delete_user = u.user_id';
261	$result = $db->sql_query($sql);
262	$post_delete_userinfo = $db->sql_fetchrow($result);
263	$db->sql_freeresult($result);
264	$display_username = get_username_string('full', $post_info['post_delete_user'], $post_delete_userinfo['username'], $post_delete_userinfo['user_colour']);
265	}
266
267	$l_deleted_by = $user->lang('DELETED_INFORMATION', $display_username, $user->format_date($post_info['post_delete_time'], false, true));
268	}
269	else
270	{
271	$l_deleted_by = '';
272	}
273
274	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_info['post_id'] . '#p' . $post_info['post_id']);
275	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $post_info['topic_id']);
276
277	$post_data = array(
278	'S_MCP_QUEUE' => true,
279	'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id"),
280	'S_CAN_APPROVE' => $auth->acl_get('m_approve', $post_info['forum_id']),
281	'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']),
282	'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
283	'S_POST_REPORTED' => $post_info['post_reported'],
284	'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED \|\| $post_info['post_visibility'] == ITEM_REAPPROVE,
285	'S_POST_LOCKED' => $post_info['post_edit_locked'],
286	'S_USER_NOTES' => true,
287	'S_POST_DELETED' => ($post_info['post_visibility'] == ITEM_DELETED),
288	'DELETED_MESSAGE' => $l_deleted_by,
289	'DELETE_REASON' => $post_info['post_delete_reason'],
290
291	'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&p={$post_info['post_id']}") : '',
292	'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&p=' . $post_id),
293	'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&p=' . $post_id),
294	'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
295	'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
296	'U_VIEW_POST' => $post_url,
297	'U_VIEW_TOPIC' => $topic_url,
298
299	'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
300
301	'RETURN_QUEUE' => sprintf($user->lang['RETURN_QUEUE'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue' . (($topic_id) ? '&mode=unapproved_topics' : '&mode=unapproved_posts')) . '&start=' . $start . '">', '</a>'),
302	'RETURN_POST' => sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'),
303	'RETURN_TOPIC_SIMPLE' => sprintf($user->lang['RETURN_TOPIC_SIMPLE'], '<a href="' . $topic_url . '">', '</a>'),
304	'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
305	'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
306	'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
307
308	'POST_AUTHOR_FULL' => get_username_string('full', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
309	'POST_AUTHOR_COLOUR' => get_username_string('colour', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
310	'POST_AUTHOR' => get_username_string('username', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
311	'U_POST_AUTHOR' => get_username_string('profile', $post_info['user_id'], $post_info['username'], $post_info['user_colour'], $post_info['post_username']),
312
313	'POST_PREVIEW' => $message,
314	'POST_SUBJECT' => $post_info['post_subject'],
315	'POST_DATE' => $user->format_date($post_info['post_time']),
316	'POST_IP' => $post_info['poster_ip'],
317	'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && $request->variable('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
318	'POST_ID' => $post_info['post_id'],
319	'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id),
320
321	'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : '',
322	);
323
324	/**
325	* Alter post awaiting approval template before it is rendered
326	*
327	* @event core.mcp_queue_approve_details_template
328	* @var int post_id Post ID
329	* @var int topic_id Topic ID
330	* @var array topic_info Topic data
331	* @var array post_info Post data
332	* @var array post_data Post template data
333	* @var string message Post message
334	* @var string post_url Post URL
335	* @var string topic_url Topic URL
336	* @since 3.2.2-RC1
337	*/
338	$vars = array(
339	'post_id',
340	'topic_id',
341	'topic_info',
342	'post_info',
343	'post_data',
344	'message',
345	'post_url',
346	'topic_url',
347	);
348	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_approve_details_template', compact($vars)));
349
350	$template->assign_vars($post_data);
351
352	break;
353
354	case 'unapproved_topics':
355	case 'unapproved_posts':
356	case 'deleted_topics':
357	case 'deleted_posts':
358	$m_perm = 'm_approve';
359	$is_topics = ($mode == 'unapproved_topics' \|\| $mode == 'deleted_topics') ? true : false;
360	$is_restore = ($mode == 'deleted_posts' \|\| $mode == 'deleted_topics') ? true : false;
361	$visibility_const = (!$is_restore) ? array(ITEM_UNAPPROVED, ITEM_REAPPROVE) : ITEM_DELETED;
362
363	$user->add_lang(array('viewtopic', 'viewforum'));
364
365	$topic_id = $request->variable('t', 0);
366
367	// If 'sort' is set, "Go" was pressed which is located behind the forums <select> box
368	// Then, unset the topic id so it does not override the forum id
369	$topic_id = $request->is_set_post('sort') ? 0 : $topic_id;
370
371	if ($topic_id)
372	{
373	$topic_info = phpbb_get_topic_data(array($topic_id));
374
375	if (!count($topic_info))
376	{
377	trigger_error('TOPIC_NOT_EXIST');
378	}
379
380	$topic_info = $topic_info[$topic_id];
381	$forum_id = $topic_info['forum_id'];
382	}
383
384	$forum_list_approve = get_forum_list($m_perm, false, true);
385	$forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
386
387	// Remove forums we cannot read
388	foreach ($forum_list_approve as $k => $forum_data)
389	{
390	if (!isset($forum_list_read[$forum_data['forum_id']]))
391	{
392	unset($forum_list_approve[$k]);
393	}
394	}
395	unset($forum_list_read);
396
397	if (!$forum_id)
398	{
399	$forum_list = array();
400	foreach ($forum_list_approve as $row)
401	{
402	$forum_list[] = $row['forum_id'];
403	}
404
405	if (!count($forum_list))
406	{
407	trigger_error('NOT_MODERATOR');
408	}
409	}
410	else
411	{
412	$forum_info = phpbb_get_forum_data(array($forum_id), $m_perm);
413
414	if (!count($forum_info))
415	{
416	trigger_error('NOT_MODERATOR');
417	}
418
419	$forum_list = $forum_id;
420	}
421
422	$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
423	foreach ($forum_list_approve as $row)
424	{
425	$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('   ', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
426	}
427
428	$sort_days = $total = 0;
429	$sort_key = $sort_dir = '';
430	$sort_by_sql = $sort_order_sql = array();
431	phpbb_mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id, $topic_id);
432
433	$limit_time_sql = ($sort_days) ? 'AND t.topic_last_post_time >= ' . (time() - ($sort_days * 86400)) : '';
434
435	$forum_names = array();
436
437	if (!$is_topics)
438	{
439	$sql = 'SELECT p.post_id
440	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . '
441	WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . '
442	AND ' . $db->sql_in_set('p.post_visibility', $visibility_const) . '
443	' . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . '
444	' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . "
445	AND t.topic_id = p.topic_id
446	AND (t.topic_visibility <> p.post_visibility
447	OR t.topic_delete_user = 0)
448	$limit_time_sql
449	ORDER BY $sort_order_sql";
450
451	/**
452	* Alter sql query to get posts in queue to be accepted
453	*
454	* @event core.mcp_queue_get_posts_query_before
455	* @var string sql Associative array with the query to be executed
456	* @var array forum_list List of forums that contain the posts
457	* @var int visibility_const Integer with one of the possible ITEM_* constant values
458	* @var int topic_id If topic_id not equal to 0, the topic id to filter the posts to display
459	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
460	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
461	* @since 3.1.0-RC3
462	*/
463	$vars = array(
464	'sql',
465	'forum_list',
466	'visibility_const',
467	'topic_id',
468	'limit_time_sql',
469	'sort_order_sql',
470	);
471	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_query_before', compact($vars)));
472
473	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
474
475	$post_ids = array();
476	while ($row = $db->sql_fetchrow($result))
477	{
478	$post_ids[] = $row['post_id'];
479	}
480	$db->sql_freeresult($result);
481
482	if (count($post_ids))
483	{
484	$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour
485	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
486	WHERE ' . $db->sql_in_set('p.post_id', $post_ids) . '
487	AND t.topic_id = p.topic_id
488	AND u.user_id = p.poster_id
489	ORDER BY ' . $sort_order_sql;
490
491	/**
492	* Alter sql query to get information on all posts in queue
493	*
494	* @event core.mcp_queue_get_posts_for_posts_query_before
495	* @var string sql String with the query to be executed
496	* @var array forum_list List of forums that contain the posts
497	* @var int visibility_const Integer with one of the possible ITEM_* constant values
498	* @var int topic_id topic_id in the page request
499	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
500	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
501	* @since 3.2.3-RC2
502	*/
503	$vars = array(
504	'sql',
505	'forum_list',
506	'visibility_const',
507	'topic_id',
508	'limit_time_sql',
509	'sort_order_sql',
510	);
511	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_posts_query_before', compact($vars)));
512
513	$result = $db->sql_query($sql);
514
515	$post_data = $rowset = array();
516	while ($row = $db->sql_fetchrow($result))
517	{
518	$forum_names[] = $row['forum_id'];
519	$post_data[$row['post_id']] = $row;
520	}
521	$db->sql_freeresult($result);
522
523	foreach ($post_ids as $post_id)
524	{
525	$rowset[] = $post_data[$post_id];
526	}
527	unset($post_data, $post_ids);
528	}
529	else
530	{
531	$rowset = array();
532	}
533	}
534	else
535	{
536	$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour
537	FROM ' . TOPICS_TABLE . ' t
538	WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
539	AND ' . $db->sql_in_set('topic_visibility', $visibility_const) . "
540	AND topic_delete_user <> 0
541	$limit_time_sql
542	ORDER BY $sort_order_sql";
543
544	/**
545	* Alter sql query to get information on all topics in the list of forums provided.
546	*
547	* @event core.mcp_queue_get_posts_for_topics_query_before
548	* @var string sql String with the query to be executed
549	* @var array forum_list List of forums that contain the posts
550	* @var int visibility_const Integer with one of the possible ITEM_* constant values
551	* @var int topic_id topic_id in the page request
552	* @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)
553	* @var string sort_order_sql String with the ORDER BY SQL code used in this query
554	* @since 3.1.0-RC3
555	*/
556	$vars = array(
557	'sql',
558	'forum_list',
559	'visibility_const',
560	'topic_id',
561	'limit_time_sql',
562	'sort_order_sql',
563	);
564	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_topics_query_before', compact($vars)));
565
566	$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
567
568	$rowset = array();
569	while ($row = $db->sql_fetchrow($result))
570	{
571	$forum_names[] = $row['forum_id'];
572	$rowset[] = $row;
573	}
574	$db->sql_freeresult($result);
575	}
576
577	if (count($forum_names))
578	{
579	// Select the names for the forum_ids
580	$sql = 'SELECT forum_id, forum_name
581	FROM ' . FORUMS_TABLE . '
582	WHERE ' . $db->sql_in_set('forum_id', $forum_names);
583	$result = $db->sql_query($sql, 3600);
584
585	$forum_names = array();
586	while ($row = $db->sql_fetchrow($result))
587	{
588	$forum_names[$row['forum_id']] = $row['forum_name'];
589	}
590	$db->sql_freeresult($result);
591	}
592
593	foreach ($rowset as $row)
594	{
595	if (empty($row['post_username']))
596	{
597	$row['post_username'] = $row['username'] ?: $user->lang['GUEST'];
598	}
599
600	$post_row = array(
601	'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $row['topic_id']),
602	'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
603	'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
604	'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')),
605
606	'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
607	'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
608	'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
609	'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
610
611	'POST_ID' => $row['post_id'],
612	'TOPIC_ID' => $row['topic_id'],
613	'FORUM_NAME' => $forum_names[$row['forum_id']],
614	'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],
615	'TOPIC_TITLE' => $row['topic_title'],
616	'POST_TIME' => $user->format_date($row['post_time']),
617	'S_HAS_ATTACHMENTS' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'],
618	);
619
620	/**
621	* Alter sql query to get information on all topics in the list of forums provided.
622	*
623	* @event core.mcp_queue_get_posts_modify_post_row
624	* @var array post_row Template variables for current post
625	* @var array row Post data
626	* @var array forum_names Forum names
627	* @since 3.2.3-RC2
628	*/
629	$vars = array(
630	'post_row',
631	'row',
632	'forum_names',
633	);
634	extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_modify_post_row', compact($vars)));
635
636	$template->assign_block_vars('postrow', $post_row);
637	}
638	unset($rowset, $forum_names);
639
640	/* @var \phpbb\pagination $pagination */
641	$pagination = $phpbb_container->get('pagination');
642
643	$base_url = $this->u_action . "&f=$forum_id&st=$sort_days&sk=$sort_key&sd=$sort_dir";
644	$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total, $config['topics_per_page'], $start);
645
646	// Now display the page
647	$template->assign_vars(array(
648	'L_DISPLAY_ITEMS' => (!$is_topics) ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
649	'L_EXPLAIN' => $user->lang['MCP_QUEUE_' . strtoupper($mode) . '_EXPLAIN'],
650	'L_TITLE' => $user->lang['MCP_QUEUE_' . strtoupper($mode)],
651	'L_ONLY_TOPIC' => ($topic_id) ? sprintf($user->lang['ONLY_TOPIC'], $topic_info['topic_title']) : '',
652
653	'S_FORUM_OPTIONS' => $forum_options,
654	'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')),
655	'S_TOPICS' => $is_topics,
656	'S_RESTORE' => $is_restore,
657
658	'TOPIC_ID' => $topic_id,
659	'TOTAL' => $user->lang(((!$is_topics) ? 'VIEW_TOPIC_POSTS' : 'VIEW_FORUM_TOPICS'), (int) $total),
660	));
661
662	$this->tpl_name = 'mcp_queue';
663	break;
664	}
665	}
666
667	/**
668	* Approve/Restore posts
669	*
670	* @param $action string Action we perform on the posts ('approve' or 'restore')
671	* @param $post_id_list array IDs of the posts to approve/restore
672	* @param $id mixed Category of the current active module
673	* @param $mode string Active module
674	* @return void\|never
675	*/
676	public static function approve_posts($action, $post_id_list, $id, $mode)
677	{
678	global $template, $user, $request, $phpbb_container, $phpbb_dispatcher;
679	global $phpEx, $phpbb_root_path, $phpbb_log;
680
681	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
682	{
683	send_status_line(403, 'Forbidden');
684	trigger_error('NOT_AUTHORISED');
685	}
686
687	$redirect = $request->variable('redirect', build_url(array('quickmod')));
688	$redirect = reapply_sid($redirect);
689	$post_url = '';
690	$approve_log = array();
691	$num_topics = 0;
692
693	$s_hidden_fields = build_hidden_fields(array(
694	'i' => $id,
695	'mode' => $mode,
696	'post_id_list' => $post_id_list,
697	'action' => $action,
698	'redirect' => $redirect,
699	));
700
701	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
702
703	if (confirm_box(true))
704	{
705	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster']));
706
707	$topic_info = array();
708
709	// Group the posts by topic_id
710	foreach ($post_info as $post_id => $post_data)
711	{
712	if ($post_data['post_visibility'] == ITEM_APPROVED)
713	{
714	continue;
715	}
716	$topic_id = (int) $post_data['topic_id'];
717
718	$topic_info[$topic_id]['posts'][] = (int) $post_id;
719	$topic_info[$topic_id]['forum_id'] = (int) $post_data['forum_id'];
720
721	// Refresh the first post, if the time or id is older then the current one
722	if ($post_id <= $post_data['topic_first_post_id'] \|\| $post_data['post_time'] <= $post_data['topic_time'])
723	{
724	$topic_info[$topic_id]['first_post'] = true;
725	}
726
727	// Refresh the last post, if the time or id is newer then the current one
728	if ($post_id >= $post_data['topic_last_post_id'] \|\| $post_data['post_time'] >= $post_data['topic_last_post_time'])
729	{
730	$topic_info[$topic_id]['last_post'] = true;
731	}
732
733	$post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$post_data['post_id']}") . '#p' . $post_data['post_id'];
734
735	$approve_log[] = array(
736	'forum_id' => $post_data['forum_id'],
737	'topic_id' => $post_data['topic_id'],
738	'post_id' => $post_id,
739	'post_subject' => $post_data['post_subject'],
740	);
741	}
742
743	/* @var $phpbb_content_visibility \phpbb\content_visibility */
744	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
745	foreach ($topic_info as $topic_id => $topic_data)
746	{
747	$phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $topic_data['posts'], $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '', isset($topic_data['first_post']), isset($topic_data['last_post']));
748	}
749
750	foreach ($approve_log as $log_data)
751	{
752	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_' . strtoupper($action) . 'D', false, array(
753	'forum_id' => $log_data['forum_id'],
754	'topic_id' => $log_data['topic_id'],
755	'post_id' => $log_data['post_id'],
756	$log_data['post_subject']
757	));
758	}
759
760	// Only send out the mails, when the posts are being approved
761	if ($action == 'approve')
762	{
763	/* @var $phpbb_notifications \phpbb\notification\manager */
764	$phpbb_notifications = $phpbb_container->get('notification_manager');
765
766	// Handle notifications
767	foreach ($post_info as $post_id => $post_data)
768	{
769	// A single topic approval may also happen here, so handle deleting the respective notification.
770	if (!$post_data['topic_posts_approved'])
771	{
772	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
773
774	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
775	{
776	$phpbb_notifications->add_notifications(array('notification.type.topic'), $post_data);
777	}
778	if ($post_data['post_visibility'] != ITEM_APPROVED)
779	{
780	$num_topics++;
781	}
782	}
783	else
784	{
785	// Only add notifications, if we are not reapproving post
786	// When the topic was already approved, but was edited and
787	// now needs re-approval, we don't want to notify the users
788	// again.
789	if ($post_data['post_visibility'] == ITEM_UNAPPROVED)
790	{
791	$phpbb_notifications->add_notifications(array(
792	'notification.type.bookmark',
793	'notification.type.post',
794	), $post_data);
795	}
796	}
797	$phpbb_notifications->add_notifications(array(
798	'notification.type.mention',
799	'notification.type.quote',
800	), $post_data);
801	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
802
803	$phpbb_notifications->mark_notifications(array(
804	'notification.type.mention',
805	'notification.type.quote',
806	'notification.type.bookmark',
807	'notification.type.post',
808	), $post_data['post_id'], $user->data['user_id']);
809
810	// Notify Poster?
811	if ($notify_poster)
812	{
813	if ($post_data['poster_id'] == ANONYMOUS)
814	{
815	continue;
816	}
817
818	if (!$post_data['topic_posts_approved'])
819	{
820	$phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data);
821	}
822	else
823	{
824	$phpbb_notifications->add_notifications('notification.type.approve_post', $post_data);
825	}
826	}
827	}
828	}
829
830	if ($num_topics >= 1)
831	{
832	$success_msg = ($num_topics == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
833	}
834	else
835	{
836	$success_msg = (count($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS';
837	}
838
839	/**
840	* Perform additional actions during post(s) approval
841	*
842	* @event core.approve_posts_after
843	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
844	* @var array post_info Array containing info for all posts being approved
845	* @var array topic_info Array containing info for all parent topics of the posts
846	* @var int num_topics Variable containing number of topics
847	* @var bool notify_poster Variable telling if the post should be notified or not
848	* @var string success_msg Variable containing the language key for the success message
849	* @var string redirect Variable containing the redirect url
850	* @since 3.1.4-RC1
851	*/
852	$vars = array(
853	'action',
854	'post_info',
855	'topic_info',
856	'num_topics',
857	'notify_poster',
858	'success_msg',
859	'redirect',
860	);
861	extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars)));
862
863	meta_refresh(3, $redirect);
864	$message = $user->lang[$success_msg];
865
866	if ($request->is_ajax())
867	{
868	$json_response = new \phpbb\json_response;
869	$json_response->send(array(
870	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
871	'MESSAGE_TEXT' => $message,
872	'REFRESH_DATA' => null,
873	'visible' => true,
874	));
875	}
876	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
877
878	// If approving one post, also give links back to post...
879	if (count($post_info) == 1 && $post_url)
880	{
881	$message .= '<br /><br />' . $user->lang('RETURN_POST', '<a href="' . $post_url . '">', '</a>');
882	}
883	trigger_error($message);
884	}
885	else
886	{
887	$show_notify = false;
888
889	if ($action == 'approve')
890	{
891	foreach ($post_info as $post_data)
892	{
893	if (!$post_data['topic_posts_approved'])
894	{
895	$num_topics++;
896	}
897
898	if (!$show_notify && $post_data['poster_id'] != ANONYMOUS)
899	{
900	$show_notify = true;
901	}
902	}
903	}
904
905	$template->assign_vars(array(
906	'S_NOTIFY_POSTER' => $show_notify,
907	'S_' . strtoupper($action) => true,
908	));
909
910	// Create the confirm box message
911	$action_msg = strtoupper($action);
912	$num_posts = count($post_id_list) - $num_topics;
913	if ($num_topics > 0 && $num_posts <= 0)
914	{
915	$action_msg .= '_TOPIC' . (($num_topics == 1) ? '' : 'S');
916	}
917	else
918	{
919	$action_msg .= '_POST' . ((count($post_id_list) == 1) ? '' : 'S');
920	}
921	confirm_box(false, $action_msg, $s_hidden_fields, 'mcp_approve.html');
922	}
923
924	redirect($redirect);
925	}
926
927	/**
928	* Approve/Restore topics
929	*
930	* @param $action string Action we perform on the posts ('approve' or 'restore')
931	* @param $topic_id_list array IDs of the topics to approve/restore
932	* @param $id mixed Category of the current active module
933	* @param $mode string Active module
934	* @return void\|never
935	*/
936	public static function approve_topics($action, $topic_id_list, $id, $mode)
937	{
938	global $db, $template, $user, $phpbb_log;
939	global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher;
940
941	if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
942	{
943	send_status_line(403, 'Forbidden');
944	trigger_error('NOT_AUTHORISED');
945	}
946
947	$redirect = $request->variable('redirect', build_url(array('quickmod')));
948	$redirect = reapply_sid($redirect);
949	$success_msg = $topic_url = '';
950	$approve_log = array();
951
952	$s_hidden_fields = build_hidden_fields(array(
953	'i' => $id,
954	'mode' => $mode,
955	'topic_id_list' => $topic_id_list,
956	'action' => $action,
957	'redirect' => $redirect,
958	));
959
960	$topic_info = phpbb_get_topic_data($topic_id_list, 'm_approve');
961
962	if (confirm_box(true))
963	{
964	$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster'])) ? true : false;
965
966	/* @var $phpbb_content_visibility \phpbb\content_visibility */
967	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
968	$first_post_ids = array();
969
970	foreach ($topic_info as $topic_id => $topic_data)
971	{
972	$phpbb_content_visibility->set_topic_visibility(ITEM_APPROVED, $topic_id, $topic_data['forum_id'], $user->data['user_id'], time(), '');
973	$first_post_ids[$topic_id] = (int) $topic_data['topic_first_post_id'];
974
975	$topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$topic_id}");
976
977	$approve_log[] = array(
978	'forum_id' => $topic_data['forum_id'],
979	'topic_id' => $topic_data['topic_id'],
980	'topic_title' => $topic_data['topic_title'],
981	);
982	}
983
984	if (count($topic_info) >= 1)
985	{
986	$success_msg = (count($topic_info) == 1) ? 'TOPIC_' . strtoupper($action) . 'D_SUCCESS' : 'TOPICS_' . strtoupper($action) . 'D_SUCCESS';
987	}
988
989	foreach ($approve_log as $log_data)
990	{
991	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_TOPIC_' . strtoupper($action) . 'D', false, array(
992	'forum_id' => $log_data['forum_id'],
993	'topic_id' => $log_data['topic_id'],
994	$log_data['topic_title']
995	));
996	}
997
998	// Only send out the mails, when the posts are being approved
999	if ($action == 'approve')
1000	{
1001	// Grab the first post text as it's needed for the quote notification.
1002	$sql = 'SELECT topic_id, post_text
1003	FROM ' . POSTS_TABLE . '
1004	WHERE ' . $db->sql_in_set('post_id', $first_post_ids);
1005	$result = $db->sql_query($sql);
1006
1007	while ($row = $db->sql_fetchrow($result))
1008	{
1009	$topic_info[$row['topic_id']]['post_text'] = $row['post_text'];
1010	}
1011	$db->sql_freeresult($result);
1012
1013	// Handle notifications
1014	/* @var $phpbb_notifications \phpbb\notification\manager */
1015	$phpbb_notifications = $phpbb_container->get('notification_manager');
1016
1017	foreach ($topic_info as $topic_id => $topic_data)
1018	{
1019	$topic_data = array_merge($topic_data, array(
1020	'post_id' => $topic_data['topic_first_post_id'],
1021	'post_subject' => $topic_data['topic_title'],
1022	'post_time' => $topic_data['topic_time'],
1023	'poster_id' => $topic_data['topic_poster'],
1024	'post_username' => $topic_data['topic_first_poster_name'],
1025	));
1026
1027	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $topic_id);
1028
1029	// Only add notifications, if we are not reapproving post
1030	// When the topic was already approved, but was edited and
1031	// now needs re-approval, we don't want to notify the users
1032	// again.
1033	if ($topic_data['topic_visibility'] == ITEM_UNAPPROVED)
1034	{
1035	$phpbb_notifications->add_notifications(array(
1036	'notification.type.mention',
1037	'notification.type.quote',
1038	'notification.type.topic',
1039	), $topic_data);
1040	}
1041
1042	$phpbb_notifications->mark_notifications(array('mention', 'quote'), $topic_data['post_id'], $user->data['user_id']);
1043	$phpbb_notifications->mark_notifications('topic', $topic_id, $user->data['user_id']);
1044
1045	if ($notify_poster)
1046	{
1047	$phpbb_notifications->add_notifications('notification.type.approve_topic', $topic_data);
1048	}
1049	}
1050	}
1051
1052	/**
1053	* Perform additional actions during topics(s) approval
1054	*
1055	* @event core.approve_topics_after
1056	* @var string action Variable containing the action we perform on the posts ('approve' or 'restore')
1057	* @var mixed topic_info Array containing info for all topics being approved
1058	* @var array first_post_ids Array containing ids of all first posts
1059	* @var bool notify_poster Variable telling if the poster should be notified or not
1060	* @var string success_msg Variable containing the language key for the success message
1061	* @var string redirect Variable containing the redirect url
1062	* @since 3.1.4-RC1
1063	*/
1064	$vars = array(
1065	'action',
1066	'topic_info',
1067	'first_post_ids',
1068	'notify_poster',
1069	'success_msg',
1070	'redirect',
1071	);
1072	extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars)));
1073
1074	meta_refresh(3, $redirect);
1075	$message = $user->lang[$success_msg];
1076
1077	if ($request->is_ajax())
1078	{
1079	$json_response = new \phpbb\json_response;
1080	$json_response->send(array(
1081	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1082	'MESSAGE_TEXT' => $message,
1083	'REFRESH_DATA' => null,
1084	'visible' => true,
1085	));
1086	}
1087	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1088
1089	// If approving one topic, also give links back to topic...
1090	if (count($topic_info) == 1 && $topic_url)
1091	{
1092	$message .= '<br /><br />' . $user->lang('RETURN_TOPIC', '<a href="' . $topic_url . '">', '</a>');
1093	}
1094	trigger_error($message);
1095	}
1096	else
1097	{
1098	$show_notify = false;
1099
1100	if ($action == 'approve')
1101	{
1102	foreach ($topic_info as $topic_data)
1103	{
1104	if ($topic_data['topic_poster'] == ANONYMOUS)
1105	{
1106	continue;
1107	}
1108	else
1109	{
1110	$show_notify = true;
1111	break;
1112	}
1113	}
1114	}
1115
1116	$template->assign_vars(array(
1117	'S_NOTIFY_POSTER' => $show_notify,
1118	'S_' . strtoupper($action) => true,
1119	));
1120
1121	confirm_box(false, strtoupper($action) . '_TOPIC' . ((count($topic_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
1122	}
1123
1124	redirect($redirect);
1125	}
1126
1127	/**
1128	* Disapprove Post
1129	*
1130	* @param $post_id_list array IDs of the posts to disapprove/delete
1131	* @param $id mixed Category of the current active module
1132	* @param $mode string Active module
1133	* @return void\|never
1134	*/
1135	public static function disapprove_posts($post_id_list, $id, $mode)
1136	{
1137	global $db, $template, $user, $phpbb_container, $phpbb_dispatcher;
1138	global $phpEx, $phpbb_root_path, $request, $phpbb_log;
1139
1140	if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
1141	{
1142	send_status_line(403, 'Forbidden');
1143	trigger_error('NOT_AUTHORISED');
1144	}
1145
1146	$redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode=$mode");
1147	$redirect = reapply_sid($redirect);
1148	$reason = $request->variable('reason', '', true);
1149	$reason_id = $request->variable('reason_id', 0);
1150	$additional_msg = '';
1151
1152	$s_hidden_fields = build_hidden_fields(array(
1153	'i' => $id,
1154	'mode' => $mode,
1155	'post_id_list' => $post_id_list,
1156	'action' => 'disapprove',
1157	'redirect' => $redirect,
1158	));
1159
1160	$notify_poster = $request->is_set('notify_poster');
1161	$disapprove_reason = '';
1162
1163	if ($reason_id)
1164	{
1165	$sql = 'SELECT reason_title, reason_description
1166	FROM ' . REPORTS_REASONS_TABLE . "
1167	WHERE reason_id = $reason_id";
1168	$result = $db->sql_query($sql);
1169	$row = $db->sql_fetchrow($result);
1170	$db->sql_freeresult($result);
1171
1172	if (!$row \|\| (!$reason && strtolower($row['reason_title']) == 'other'))
1173	{
1174	$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
1175
1176	$request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
1177	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST);
1178	$request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST);
1179	}
1180	else
1181	{
1182	// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
1183	$disapprove_reason = (strtolower($row['reason_title']) != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : '';
1184	$disapprove_reason .= ($reason) ? "\n\n" . $reason : '';
1185
1186	if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
1187	{
1188	$disapprove_reason_lang = strtoupper($row['reason_title']);
1189	}
1190	}
1191	}
1192
1193	$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
1194
1195	$is_disapproving = false;
1196	foreach ($post_info as $post_id => $post_data)
1197	{
1198	if ($post_data['post_visibility'] == ITEM_DELETED)
1199	{
1200	continue;
1201	}
1202
1203	$is_disapproving = true;
1204	}
1205
1206	if (confirm_box(true))
1207	{
1208	$disapprove_log_topics = $disapprove_log_posts = array();
1209	$topic_posts_unapproved = $post_disapprove_list = $topic_information = array();
1210
1211	// Build a list of posts to be disapproved and get the related topics real replies count
1212	foreach ($post_info as $post_id => $post_data)
1213	{
1214	if ($mode === 'unapproved_topics' && $post_data['post_visibility'] == ITEM_APPROVED)
1215	{
1216	continue;
1217	}
1218
1219	$post_disapprove_list[$post_id] = $post_data['topic_id'];
1220	if (!isset($topic_posts_unapproved[$post_data['topic_id']]))
1221	{
1222	$topic_information[$post_data['topic_id']] = $post_data;
1223	$topic_posts_unapproved[$post_data['topic_id']] = 0;
1224	}
1225	$topic_posts_unapproved[$post_data['topic_id']]++;
1226	}
1227
1228	// Do not try to disapprove if no posts are selected
1229	if (empty($post_disapprove_list))
1230	{
1231	trigger_error('NO_POST_SELECTED');
1232	}
1233
1234	// Now we build the log array
1235	foreach ($post_disapprove_list as $post_id => $topic_id)
1236	{
1237	// If the count of disapproved posts for the topic is equal
1238	// to the number of unapproved posts in the topic, and there are no different
1239	// posts, we disapprove the hole topic
1240	if ($topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1241	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1242	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id])
1243	{
1244	// Don't write the log more than once for every topic
1245	if (!isset($disapprove_log_topics[$topic_id]))
1246	{
1247	// Build disapproved topics log
1248	$disapprove_log_topics[$topic_id] = array(
1249	'type' => 'topic',
1250	'post_subject' => $post_info[$post_id]['topic_title'],
1251	'forum_id' => $post_info[$post_id]['forum_id'],
1252	'topic_id' => 0, // useless to log a topic id, as it will be deleted
1253	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1254	);
1255	}
1256	}
1257	else
1258	{
1259	// Build disapproved posts log
1260	$disapprove_log_posts[] = array(
1261	'type' => 'post',
1262	'post_subject' => $post_info[$post_id]['post_subject'],
1263	'forum_id' => $post_info[$post_id]['forum_id'],
1264	'topic_id' => $post_info[$post_id]['topic_id'],
1265	'post_username' => ($post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username'])) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username'],
1266	);
1267
1268	}
1269	}
1270
1271	// Get disapproved posts/topics counts separately
1272	$num_disapproved_topics = count($disapprove_log_topics);
1273	$num_disapproved_posts = count($disapprove_log_posts);
1274
1275	// Build the whole log
1276	$disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts);
1277
1278	// Unset unneeded arrays
1279	unset($post_data, $disapprove_log_topics, $disapprove_log_posts);
1280
1281	// Let's do the job - delete disapproved posts
1282	if (count($post_disapprove_list))
1283	{
1284	if (!function_exists('delete_posts'))
1285	{
1286	include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1287	}
1288
1289	// We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
1290	// Note: function delete_posts triggers related forums/topics sync,
1291	// so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually
1292	delete_posts('post_id', array_keys($post_disapprove_list));
1293
1294	foreach ($disapprove_log as $log_data)
1295	{
1296	if ($is_disapproving)
1297	{
1298	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED';
1299	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1300	'forum_id' => $log_data['forum_id'],
1301	'topic_id' => $log_data['topic_id'],
1302	$log_data['post_subject'],
1303	$disapprove_reason,
1304	$log_data['post_username']
1305	));
1306	}
1307	else
1308	{
1309	$l_log_message = ($log_data['type'] == 'topic') ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST';
1310	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array(
1311	'forum_id' => $log_data['forum_id'],
1312	'topic_id' => $log_data['topic_id'],
1313	$log_data['post_subject'],
1314	$log_data['post_username']
1315	));
1316	}
1317	}
1318	}
1319
1320	/* @var $phpbb_notifications \phpbb\notification\manager */
1321	$phpbb_notifications = $phpbb_container->get('notification_manager');
1322
1323	$lang_reasons = array();
1324
1325	foreach ($post_info as $post_id => $post_data)
1326	{
1327	$disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 &&
1328	$topic_information[$topic_id]['topic_posts_softdeleted'] == 0 &&
1329	$topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id];
1330
1331	$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
1332
1333	// Do we disapprove the whole topic? Remove potential notifications
1334	if ($disapprove_all_posts_in_topic)
1335	{
1336	$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
1337	}
1338
1339	// Notify Poster?
1340	if ($notify_poster)
1341	{
1342	if ($post_data['poster_id'] == ANONYMOUS)
1343	{
1344	continue;
1345	}
1346
1347	$post_data['disapprove_reason'] = $disapprove_reason;
1348	if (isset($disapprove_reason_lang))
1349	{
1350	// Okay we need to get the reason from the posters language
1351	if (!isset($lang_reasons[$post_data['user_lang']]))
1352	{
1353	// Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity.
1354	$lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1355
1356	// Only load up the language pack if the language is different to the current one
1357	if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx))
1358	{
1359	// Load up the language pack
1360	$lang = array();
1361	@include($phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx);
1362
1363	// If we find the reason in this language pack use it
1364	if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]))
1365	{
1366	$lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
1367	}
1368
1369	unset($lang); // Free memory
1370	}
1371	}
1372
1373	$post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']];
1374	$post_data['disapprove_reason'] .= ($reason) ? "\n\n" . $reason : '';
1375	}
1376
1377	if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1)
1378	{
1379	// If there is only 1 post when disapproving the topic,
1380	// we send the user a "disapprove topic" notification...
1381	$phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data);
1382	}
1383	else
1384	{
1385	// ... otherwise there are multiple unapproved posts and
1386	// all of them are disapproved as posts.
1387	$phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data);
1388	}
1389	}
1390	}
1391
1392	if ($num_disapproved_topics)
1393	{
1394	$success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS';
1395	}
1396	else
1397	{
1398	$success_msg = ($num_disapproved_posts == 1) ? 'POST' : 'POSTS';
1399	}
1400
1401	if ($is_disapproving)
1402	{
1403	$success_msg .= '_DISAPPROVED_SUCCESS';
1404	}
1405	else
1406	{
1407	$success_msg .= '_DELETED_SUCCESS';
1408	}
1409
1410	// If we came from viewtopic, we try to go back to it.
1411	if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0)
1412	{
1413	if ($num_disapproved_topics == 0)
1414	{
1415	// So we need to remove the post id part from the Url
1416	$redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect);
1417	}
1418	else
1419	{
1420	// However this is only possible if the topic still exists,
1421	// Otherwise we go back to the viewforum page
1422	$redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $post_data['forum_id']);
1423	}
1424	}
1425
1426	$disapprove_reason_lang = $disapprove_reason_lang ?? '';
1427
1428	/**
1429	* Perform additional actions during post(s) disapproval
1430	*
1431	* @event core.disapprove_posts_after
1432	* @var array post_info Array containing info for all posts being disapproved
1433	* @var array topic_information Array containing information for the topics
1434	* @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them
1435	* @var array post_disapprove_list Array containing list of posts and their topic id
1436	* @var int num_disapproved_topics Variable containing the number of disapproved topics
1437	* @var int num_disapproved_posts Variable containing the number of disapproved posts
1438	* @var array lang_reasons Array containing the language keys for reasons
1439	* @var string disapprove_reason Variable containing the language key for the success message
1440	* @var string disapprove_reason_lang Variable containing the language key for the success message
1441	* @var bool is_disapproving Variable telling if anything is going to be disapproved
1442	* @var bool notify_poster Variable telling if the post should be notified or not
1443	* @var string success_msg Variable containing the language key for the success message
1444	* @var string redirect Variable containing the redirect url
1445	* @since 3.1.4-RC1
1446	*/
1447	$vars = array(
1448	'post_info',
1449	'topic_information',
1450	'topic_posts_unapproved',
1451	'post_disapprove_list',
1452	'num_disapproved_topics',
1453	'num_disapproved_posts',
1454	'lang_reasons',
1455	'disapprove_reason',
1456	'disapprove_reason_lang',
1457	'is_disapproving',
1458	'notify_poster',
1459	'success_msg',
1460	'redirect',
1461	);
1462	extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
1463
1464	unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
1465
1466	meta_refresh(3, $redirect);
1467	$message = $user->lang[$success_msg];
1468
1469	if ($request->is_ajax())
1470	{
1471	$json_response = new \phpbb\json_response;
1472	$json_response->send(array(
1473	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
1474	'MESSAGE_TEXT' => $message,
1475	'REFRESH_DATA' => null,
1476	'visible' => false,
1477	));
1478	}
1479	$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
1480	trigger_error($message);
1481	}
1482	else
1483	{
1484	$show_notify = false;
1485
1486	foreach ($post_info as $post_data)
1487	{
1488	if ($post_data['poster_id'] == ANONYMOUS)
1489	{
1490	continue;
1491	}
1492	else
1493	{
1494	$show_notify = true;
1495	break;
1496	}
1497	}
1498
1499	$l_confirm_msg = 'DISAPPROVE_POST';
1500	$confirm_template = 'mcp_approve.html';
1501	if ($is_disapproving)
1502	{
1503	$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
1504	}
1505	else
1506	{
1507	$user->add_lang('posting');
1508
1509	$l_confirm_msg = 'DELETE_POST_PERMANENTLY';
1510	$confirm_template = 'confirm_delete_body.html';
1511	}
1512	$l_confirm_msg .= ((count($post_id_list) == 1) ? '' : 'S');
1513
1514	$template->assign_vars(array(
1515	'S_NOTIFY_POSTER' => $show_notify,
1516	'S_APPROVE' => false,
1517	'REASON' => ($is_disapproving) ? $reason : '',
1518	'ADDITIONAL_MSG' => $additional_msg,
1519	));
1520
1521	confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template);
1522	}
1523
1524	redirect($redirect);
1525	}
1526	}