| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: modcp.php 4111 2008-08-13 06:14:12Z Tikitiki $
| * $Id: modcp.php 4267 2008-11-10 21:28:36Z Tikitiki $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
| Zeile 20 | Zeile 20 |
|---|
$templatelist .= ",codebuttons,smilieinsert,modcp_announcements_new,modcp_modqueue_empty,forumjump_bit,forumjump_special";
$templatelist .= ",modcp_modlogs,modcp_finduser_user,modcp_finduser,usercp_profile_customfield,usercp_profile_profilefields";
$templatelist .= ",modcp_editprofile,modcp_ipsearch,modcp_banuser_addusername,modcp_banuser,modcp_warninglogs_nologs";
|
$templatelist .= ",codebuttons,smilieinsert,modcp_announcements_new,modcp_modqueue_empty,forumjump_bit,forumjump_special";
$templatelist .= ",modcp_modlogs,modcp_finduser_user,modcp_finduser,usercp_profile_customfield,usercp_profile_profilefields";
$templatelist .= ",modcp_editprofile,modcp_ipsearch,modcp_banuser_addusername,modcp_banuser,modcp_warninglogs_nologs";
|
$templatelist .= ",modcp_warninglogs";
| $templatelist .= ",modcp_warninglogs,modcp_modlogs_result";
|
require_once "./global.php";
require_once MYBB_ROOT."inc/functions_user.php";
|
require_once "./global.php";
require_once MYBB_ROOT."inc/functions_user.php";
|
| Zeile 50 | Zeile 50 |
|---|
while($forum = $db->fetch_array($query))
{
$flist .= ",'{$forum['fid']}'";
|
while($forum = $db->fetch_array($query))
{
$flist .= ",'{$forum['fid']}'";
|
| |
$children = get_child_list($forum['fid']);
if(!empty($children))
{
$flist .= ",'".implode("','", $children)."'";
}
|
$moderated_forums[] = $forum['fid'];
|
$moderated_forums[] = $forum['fid'];
|
}
| }
|
if($flist)
{
$tflist = " AND t.fid IN (0{$flist})";
| if($flist)
{
$tflist = " AND t.fid IN (0{$flist})";
|
| Zeile 59 | Zeile 65 |
|---|
}
}
else
|
}
}
else
|
{
| {
|
$flist = $tflist = '';
}
| $flist = $tflist = '';
}
|
| Zeile 79 | Zeile 85 |
|---|
if(!is_array($mybb->input['reports']))
{
error($lang->error_noselected_reports);
|
if(!is_array($mybb->input['reports']))
{
error($lang->error_noselected_reports);
|
}
| }
|
|
|
array_walk($mybb->input['reports'], "intval");
| $mybb->input['reports'] = array_map("intval", $mybb->input['reports']);
|
$rids = implode($mybb->input['reports'], "','");
$rids = "'0','{$rids}'";
| $rids = implode($mybb->input['reports'], "','");
$rids = "'0','{$rids}'";
|
| Zeile 99 | Zeile 105 |
|---|
if(!$mybb->settings['threadsperpage'])
{
$mybb->settings['threadsperpage'] = 20;
|
if(!$mybb->settings['threadsperpage'])
{
$mybb->settings['threadsperpage'] = 20;
|
}
| }
|
// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['threadsperpage'];
if($mybb->input['page'] != "last")
| // Figure out if we need to display multiple pages.
$perpage = $mybb->settings['threadsperpage'];
if($mybb->input['page'] != "last")
|
| Zeile 110 | Zeile 116 |
|---|
$query = $db->simple_select("reportedposts", "COUNT(rid) AS count", "reportstatus ='0'");
$report_count = $db->fetch_field($query, "count");
|
$query = $db->simple_select("reportedposts", "COUNT(rid) AS count", "reportstatus ='0'");
$report_count = $db->fetch_field($query, "count");
|
|
|
$mybb->input['rid'] = intval($mybb->input['rid']);
if($mybb->input['rid'])
| $mybb->input['rid'] = intval($mybb->input['rid']);
if($mybb->input['rid'])
|
| Zeile 120 | Zeile 126 |
|---|
if(($result % $perpage) == 0)
{
$page = $result / $perpage;
|
if(($result % $perpage) == 0)
{
$page = $result / $perpage;
|
}
| }
|
else
{
$page = intval($result / $perpage) + 1;
}
}
|
else
{
$page = intval($result / $perpage) + 1;
}
}
|
$postcount = intval($report_count)+1;
| $postcount = intval($report_count);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
|
| |
|
if($mybb->input['page'] == "last")
|
if($mybb->input['page'] == "last")
|
| |
{
$page = $pages;
}
| {
$page = $pages;
}
|
| Zeile 236 | Zeile 243 |
|---|
$page = intval($result / $perpage) + 1;
}
}
|
$page = intval($result / $perpage) + 1;
}
}
|
$postcount = intval($warnings)+1;
| $postcount = intval($warnings);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
| $pages = $postcount / $perpage;
$pages = ceil($pages);
|
| Zeile 334 | Zeile 341 |
|---|
add_breadcrumb($lang->mcp_nav_modlogs, "modcp.php?action=modlogs");
$perpage = intval($mybb->input['perpage']);
|
add_breadcrumb($lang->mcp_nav_modlogs, "modcp.php?action=modlogs");
$perpage = intval($mybb->input['perpage']);
|
if(!$perpage)
| if(!$perpage || $perpage <= 0)
|
{
$perpage = $mybb->settings['threadsperpage'];
}
| {
$perpage = $mybb->settings['threadsperpage'];
}
|
| Zeile 413 | Zeile 420 |
|---|
$page = 1;
}
|
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modlogs&perpage=$perpage&uid={$mybb->input['uid']}&fid={$mybb->input['fid']}&orderby=$mybb->input['sortby']&order={$mybb->input['order']}");
| $multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modlogs&perpage=$perpage&uid={$mybb->input['uid']}&fid={$mybb->input['fid']}&sortby={$mybb->input['sortby']}&order={$mybb->input['order']}");
|
if($postcount > $perpage)
{
eval("\$resultspages = \"".$templates->get("modcp_modlogs_multipage")."\";");
| if($postcount > $perpage)
{
eval("\$resultspages = \"".$templates->get("modcp_modlogs_multipage")."\";");
|
| Zeile 601 | Zeile 608 |
|---|
{
$mybb->input['endtime_month'] = 1;
}
|
{
$mybb->input['endtime_month'] = 1;
}
|
$enddate = gmmktime($enddatehour, intval($mybb->input['endtime_time']), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
| $enddate = gmmktime(intval($enddate[0]), intval($enddate[1]), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
|
if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
| if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
|
| Zeile 689 | Zeile 696 |
|---|
$startdateyear = gmdate("Y", TIME_NOW);
$enddateyear = $startdateyear+1;
|
$startdateyear = gmdate("Y", TIME_NOW);
$enddateyear = $startdateyear+1;
|
}
// Generate form elements
for($i = 1; $i <= 31; ++$i)
{
if($startday == $i)
{
$startdateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
}
else
{
$startdateday .= "<option value=\"$i\">$i</option>\n";
}
if($endday == $i)
{
$enddateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
}
else
{
$enddateday .= "<option value=\"$i\">$i</option>\n";
}
}
| }
// Generate form elements
for($i = 1; $i <= 31; ++$i)
{
if($startday == $i)
{
$startdateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
}
else
{
$startdateday .= "<option value=\"$i\">$i</option>\n";
}
if($endday == $i)
{
$enddateday .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
}
else
{
$enddateday .= "<option value=\"$i\">$i</option>\n";
}
}
|
$startmonthsel = $endmonthsel = array();
$startmonthsel[$startmonth] = "selected=\"selected\"";
|
$startmonthsel = $endmonthsel = array();
$startmonthsel[$startmonth] = "selected=\"selected\"";
|
| Zeile 753 | Zeile 760 |
|---|
else
{
$html_sel['no'] = ' checked="checked"';
|
else
{
$html_sel['no'] = ' checked="checked"';
|
}
| }
|
if($mybb->input['allowmycode'] || !isset($mybb->input['allowmycode']))
|
if($mybb->input['allowmycode'] || !isset($mybb->input['allowmycode']))
|
{
| {
|
$mycode_sel['yes'] = ' checked="checked"';
|
$mycode_sel['yes'] = ' checked="checked"';
|
}
| }
|
else
|
else
|
{
| {
|
$mycode_sel['no'] = ' checked="checked"';
}
if($mybb->input['allowsmilies'] || !isset($mybb->input['allowsmilies']))
{
$smilies_sel['yes'] = ' checked="checked"';
|
$mycode_sel['no'] = ' checked="checked"';
}
if($mybb->input['allowsmilies'] || !isset($mybb->input['allowsmilies']))
{
$smilies_sel['yes'] = ' checked="checked"';
|
}
else
| }
else
|
{
$smilies_sel['no'] = ' checked="checked"';
}
| {
$smilies_sel['no'] = ' checked="checked"';
}
|
| Zeile 809 | Zeile 816 |
|---|
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
{
error_no_permission();
|
if(($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1) || ($announcement['fid'] != -1 && !is_moderator($announcement['fid'])))
{
error_no_permission();
|
}
| }
|
// Basic error checking
if(!trim($mybb->input['title']))
{
$errors[] = $lang->error_missing_title;
|
// Basic error checking
if(!trim($mybb->input['title']))
{
$errors[] = $lang->error_missing_title;
|
}
| }
|
if(!trim($mybb->input['message']))
{
$errors[] = $lang->error_missing_message;
}
|
if(!trim($mybb->input['message']))
{
$errors[] = $lang->error_missing_message;
}
|
if(!trim($mybb->input['fid']))
| if(!trim($mybb->input['fid']))
{
$errors[] = $lang->error_missing_forum;
}
$startdate = @explode(" ", $mybb->input['starttime_time']);
$startdate = @explode(":", $startdate[0]);
$enddate = @explode(" ", $mybb->input['endtime_time']);
$enddate = @explode(":", $enddate[0]);
if(stristr($mybb->input['starttime_time'], "pm"))
{
$startdate[0] = 12+$startdate[0];
if($startdate[0] >= 24)
{
$startdate[0] = "00";
}
}
if(stristr($mybb->input['endtime_time'], "pm"))
|
{
|
{
|
$errors[] = $lang->error_missing_forum;
| $enddate[0] = 12+$enddate[0];
if($enddate[0] >= 24)
{
$enddate[0] = "00";
}
|
}
$months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12');
| }
$months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12');
|
| Zeile 849 | Zeile 879 |
|---|
{
$mybb->input['endtime_month'] = 1;
}
|
{
$mybb->input['endtime_month'] = 1;
}
|
$enddate = gmmktime($enddatehour, intval($mybb->input['endtime_time']), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
| $enddate = gmmktime(intval($enddate[0]), intval($enddate[1]), 0, (int)$mybb->input['endtime_month'], intval($mybb->input['endtime_day']), intval($mybb->input['endtime_year']));
|
if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
| if($enddate < 0 || $enddate == false)
{
$errors[] = $lang->error_invalid_end_date;
|
| Zeile 1171 | Zeile 1201 |
|---|
}
else if(is_array($mybb->input['attachments']))
{
|
}
else if(is_array($mybb->input['attachments']))
{
|
$query = $db->simple_select("attachments", "aid, pid", "aid IN (".implode(",", array_map("intval", array_keys($mybb->input['attachments'])))."){$flist}");
| $query = $db->query("
SELECT a.pid, a.aid
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE aid IN (".implode(",", array_map("intval", array_keys($mybb->input['attachments'])))."){$tflist}
");
|
while($attachment = $db->fetch_array($query))
{
$action = $mybb->input['attachments'][$attachment['aid']];
if($action == "approve")
{
$db->update_query("attachments", array("visible" => 1), "aid='{$attachment['aid']}'");
|
while($attachment = $db->fetch_array($query))
{
$action = $mybb->input['attachments'][$attachment['aid']];
if($action == "approve")
{
$db->update_query("attachments", array("visible" => 1), "aid='{$attachment['aid']}'");
|
}
| }
|
else if($action == "delete")
{
remove_attachment($attachment['pid'], '', $attachment['aid']);
| else if($action == "delete")
{
remove_attachment($attachment['pid'], '', $attachment['aid']);
|
| Zeile 1187 | Zeile 1223 |
|---|
redirect("modcp.php?action=modqueue&type=attachments", $lang->redirect_attachmentsmoderated);
}
}
|
redirect("modcp.php?action=modqueue&type=attachments", $lang->redirect_attachmentsmoderated);
}
}
|
|
|
if($mybb->input['action'] == "modqueue")
{
if($mybb->input['type'] == "threads" || !$mybb->input['type'])
| if($mybb->input['action'] == "modqueue")
{
if($mybb->input['type'] == "threads" || !$mybb->input['type'])
|
| Zeile 1196 | Zeile 1232 |
|---|
$query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible=0 {$flist}");
$unapproved_threads = $db->fetch_field($query, "unapprovedthreads");
|
$query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible=0 {$flist}");
$unapproved_threads = $db->fetch_field($query, "unapprovedthreads");
|
|
|
// Figure out if we need to display multiple pages.
if($mybb->input['page'] != "last")
|
// Figure out if we need to display multiple pages.
if($mybb->input['page'] != "last")
|
{
| {
|
$page = intval($mybb->input['page']);
|
$page = intval($mybb->input['page']);
|
}
| }
|
$perpage = $mybb->settings['threadsperpage'];
$pages = $unapproved_threads / $perpage;
|
$perpage = $mybb->settings['threadsperpage'];
$pages = $unapproved_threads / $perpage;
|
$pages = ceil($pages);
if($mybb->input['page'] == "last")
{
$page = $pages;
}
if($page > $pages || $page <= 0)
{
$page = 1;
}
if($page)
{
$start = ($page-1) * $perpage;
}
else
| $pages = ceil($pages);
if($mybb->input['page'] == "last")
{
$page = $pages;
}
if($page > $pages || $page <= 0)
{
$page = 1;
}
if($page)
{
$start = ($page-1) * $perpage;
}
else
|
{
$start = 0;
$page = 1;
}
|
{
$start = 0;
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modqueue&type=threads");
| $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=threads");
|
$query = $db->query("
SELECT t.tid, t.dateline, t.fid, t.subject, p.message AS postmessage, u.username AS username, t.uid
|
$query = $db->query("
SELECT t.tid, t.dateline, t.fid, t.subject, p.message AS postmessage, u.username AS username, t.uid
|
| Zeile 1271 | Zeile 1307 |
|---|
if($mybb->input['type'] == "posts" || (!$mybb->input['type'] && !$threadqueue))
{
$forum_cache = $cache->read("forums");
|
if($mybb->input['type'] == "posts" || (!$mybb->input['type'] && !$threadqueue))
{
$forum_cache = $cache->read("forums");
|
|
|
$query = $db->query("
SELECT COUNT(pid) AS unapprovedposts
FROM ".TABLE_PREFIX."posts p
| $query = $db->query("
SELECT COUNT(pid) AS unapprovedposts
FROM ".TABLE_PREFIX."posts p
|
| Zeile 1284 | Zeile 1320 |
|---|
if($mybb->input['page'] != "last")
{
$page = intval($mybb->input['page']);
|
if($mybb->input['page'] != "last")
{
$page = intval($mybb->input['page']);
|
}
| }
|
$perpage = $mybb->settings['postsperpage'];
$pages = $unapproved_posts / $perpage;
|
$perpage = $mybb->settings['postsperpage'];
$pages = $unapproved_posts / $perpage;
|
| Zeile 1296 | Zeile 1332 |
|---|
}
if($page > $pages || $page <= 0)
|
}
if($page > $pages || $page <= 0)
|
{
| {
|
$page = 1;
}
if($page)
{
$start = ($page-1) * $perpage;
|
$page = 1;
}
if($page)
{
$start = ($page-1) * $perpage;
|
}
| }
|
else
{
$start = 0;
$page = 1;
}
|
else
{
$start = 0;
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modqueue&type=posts");
| $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=posts");
|
$query = $db->query("
SELECT p.pid, p.subject, p.message, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline
FROM ".TABLE_PREFIX."posts p
| $query = $db->query("
SELECT p.pid, p.subject, p.message, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline
FROM ".TABLE_PREFIX."posts p
|
| Zeile 1322 | Zeile 1358 |
|---|
LIMIT {$start}, {$perpage}
");
while($post = $db->fetch_array($query))
|
LIMIT {$start}, {$perpage}
");
while($post = $db->fetch_array($query))
|
{
| {
|
$altbg = alt_trow();
$post['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($post['threadsubject']));
$post['threadlink'] = get_thread_link($post['tid']);
| $altbg = alt_trow();
$post['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($post['threadsubject']));
$post['threadlink'] = get_thread_link($post['tid']);
|
| Zeile 1370 | Zeile 1406 |
|---|
}
$perpage = $mybb->settings['postsperpage'];
|
}
$perpage = $mybb->settings['postsperpage'];
|
$pages = $unapprovedthreads / $perpage;
$pages = ceil($pages);
| $pages = $unapproved_attachments / $perpage;
$pages = ceil($pages);
|
if($mybb->input['page'] == "last")
{
$page = $pages;
}
|
if($mybb->input['page'] == "last")
{
$page = $pages;
}
|
if($page > $pages || $page <= 0)
{
$page = 1;
}
| if($page > $pages || $page <= 0)
{
$page = 1;
}
|
if($page)
{
$start = ($page-1) * $perpage;
| if($page)
{
$start = ($page-1) * $perpage;
|
| Zeile 1393 | Zeile 1429 |
|---|
$page = 1;
}
|
$page = 1;
}
|
$multipage = multipage($postcount, $perpage, $page, "modcp.php?action=modqueue&type=attachments");
| $multipage = multipage($pages, $perpage, $page, "modcp.php?action=modqueue&type=attachments");
|
$query = $db->query("
SELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject
|
$query = $db->query("
SELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject
|
| Zeile 1412 | Zeile 1448 |
|---|
if(!$attachment['dateuploaded'])
{
$attachment['dateuploaded'] = $attachment['dateline'];
|
if(!$attachment['dateuploaded'])
{
$attachment['dateuploaded'] = $attachment['dateline'];
|
}
| }
|
$attachdate = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']);
$attachtime = my_date($mybb->settings['timeformat'], $attachment['dateuploaded']);
|
$attachdate = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']);
$attachtime = my_date($mybb->settings['timeformat'], $attachment['dateuploaded']);
|
| Zeile 1427 | Zeile 1463 |
|---|
$profile_link = build_profile_link($attachment['username'], $attachment['uid']);
eval("\$attachments .= \"".$templates->get("modcp_modqueue_attachments_attachment")."\";");
|
$profile_link = build_profile_link($attachment['username'], $attachment['uid']);
eval("\$attachments .= \"".$templates->get("modcp_modqueue_attachments_attachment")."\";");
|
}
| }
|
if(!$attachments && $mybb->input['type'] == "attachments")
{
eval("\$attachments = \"".$templates->get("modcp_modqueue_attachments_empty")."\";");
|
if(!$attachments && $mybb->input['type'] == "attachments")
{
eval("\$attachments = \"".$templates->get("modcp_modqueue_attachments_empty")."\";");
|
}
| }
|
if($attachments)
{
|
if($attachments)
{
|
| Zeile 1441 | Zeile 1477 |
|---|
eval("\$attachmentqueue = \"".$templates->get("modcp_modqueue_attachments")."\";");
output_page($attachmentqueue);
}
|
eval("\$attachmentqueue = \"".$templates->get("modcp_modqueue_attachments")."\";");
output_page($attachmentqueue);
}
|
}
| }
|
// Still nothing? All queues are empty! :-D
if(!$threadqueue && !$postqueue && !$attachmentqueue)
{
| // Still nothing? All queues are empty! :-D
if(!$threadqueue && !$postqueue && !$attachmentqueue)
{
|
| Zeile 1453 | Zeile 1489 |
|---|
}
if($mybb->input['action'] == "do_editprofile")
|
}
if($mybb->input['action'] == "do_editprofile")
|
{
| {
|
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
| // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
| Zeile 1472 | Zeile 1508 |
|---|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
else if($mybb->usergroup['issupermod'] == 1 && $user_permissions['cancp'] == 1 || (is_super_admin($user['uid']) && !is_super_admin($user['uid'])))
| else if(!modcp_can_manage_user($user['uid']))
|
{
error_no_permission();
}
| {
error_no_permission();
}
|
| Zeile 1536 | Zeile 1572 |
|---|
"avatartype" => ""
);
remove_avatars($user['uid']);
|
"avatartype" => ""
);
remove_avatars($user['uid']);
|
}
| }
|
$user_info = $userhandler->update_user();
$db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'");
|
$user_info = $userhandler->update_user();
$db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'");
|
| Zeile 1561 | Zeile 1597 |
|---|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
error_no_permission();
}
// Current user is a super mod or is an administrator and the user we are editing is a super admin, cannot edit admins
|
else if($mybb->usergroup['issupermod'] == 1 && $user_permissions['cancp'] == 1 || (is_super_admin($user['uid']) && !is_super_admin($user['uid'])))
| else if(!modcp_can_manage_user($user['uid']))
|
{
error_no_permission();
}
| {
error_no_permission();
}
|
| Zeile 1619 | Zeile 1655 |
|---|
if($mybb->input['birthday_day'] == $i)
{
$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
if($mybb->input['birthday_day'] == $i)
{
$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
}
| }
|
else
{
$bdaydaysel .= "<option value=\"$i\">$i</option>\n";
| else
{
$bdaydaysel .= "<option value=\"$i\">$i</option>\n";
|
| Zeile 1701 | Zeile 1737 |
|---|
$val = trim($val);
$val = str_replace("\n", "\\n", $val);
$sel = "";
|
$val = trim($val);
$val = str_replace("\n", "\\n", $val);
$sel = "";
|
if($val == $userfield)
{
$sel = " selected=\"selected\"";
| if($val == $userfield)
{
$sel = " selected=\"selected\"";
|
}
$select .= "<option value=\"$val\"$sel>$val</option>";
}
| }
$select .= "<option value=\"$val\"$sel>$val</option>";
}
|
| Zeile 1715 | Zeile 1751 |
|---|
}
}
elseif($type == "radio")
|
}
}
elseif($type == "radio")
|
{
$expoptions = explode("\n", $options);
| {
$expoptions = explode("\n", $options);
|
if(is_array($expoptions))
{
foreach($expoptions as $key => $val)
| if(is_array($expoptions))
{
foreach($expoptions as $key => $val)
|
| Zeile 1727 | Zeile 1763 |
|---|
$checked = " checked=\"checked\"";
}
$code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";
|
$checked = " checked=\"checked\"";
}
$code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";
|
}
}
| }
}
|
}
elseif($type == "checkbox")
{
if($errors)
|
}
elseif($type == "checkbox")
{
if($errors)
|
{
| {
|
$useropts = $userfield;
|
$useropts = $userfield;
|
}
| }
|
else
{
$useropts = explode("\n", $userfield);
}
if(is_array($useropts))
|
else
{
$useropts = explode("\n", $userfield);
}
if(is_array($useropts))
|
{
| {
|
foreach($useropts as $key => $val)
{
$seloptions[$val] = $val;
| foreach($useropts as $key => $val)
{
$seloptions[$val] = $val;
|
| Zeile 1765 | Zeile 1801 |
|---|
{
$value = htmlspecialchars_uni($userfield);
$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>";
|
{
$value = htmlspecialchars_uni($userfield);
$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>";
|
}
| }
|
else
{
$value = htmlspecialchars_uni($userfield);
| else
{
$value = htmlspecialchars_uni($userfield);
|
| Zeile 1803 | Zeile 1839 |
|---|
if($mybb->input['action'] == "finduser")
{
|
if($mybb->input['action'] == "finduser")
{
|
if(!$perpage)
| $perpage = intval($mybb->input['perpage']);
if(!$perpage || $perpage <= 0)
|
{
$perpage = $mybb->settings['threadsperpage'];
}
| {
$perpage = $mybb->settings['threadsperpage'];
}
|
| Zeile 1872 | Zeile 1909 |
|---|
if($mybb->input[$field])
{
$page_url .= "&{$field}=".htmlspecialchars_uni($mybb->input[$field]);
|
if($mybb->input[$field])
{
$page_url .= "&{$field}=".htmlspecialchars_uni($mybb->input[$field]);
|
| | $mybb->input[$field] = htmlspecialchars_uni($mybb->input[$field]);
|
}
}
| }
}
|
| Zeile 1888 | Zeile 1926 |
|---|
$user['postnum'] = my_number_format($user['postnum']);
$regdate = my_date($mybb->settings['dateformat'], $user['regdate']);
$regtime = my_date($mybb->settings['timeformat'], $user['regdate']);
|
$user['postnum'] = my_number_format($user['postnum']);
$regdate = my_date($mybb->settings['dateformat'], $user['regdate']);
$regtime = my_date($mybb->settings['timeformat'], $user['regdate']);
|
$lastdate = my_date($mybb->settings['dateformat'], $user['lastactive']);
$lasttime = my_date($mybb->settings['timeformat'], $user['lastactive']);
| $lastdate = my_date($mybb->settings['dateformat'], $user['lastvisit']);
$lasttime = my_date($mybb->settings['timeformat'], $user['lastvisit']);
|
$usergroup = $usergroups_cache[$user['usergroup']]['title'];
eval("\$users .= \"".$templates->get("modcp_finduser_user")."\";");
}
| $usergroup = $usergroups_cache[$user['usergroup']]['title'];
eval("\$users .= \"".$templates->get("modcp_finduser_user")."\";");
}
|
| Zeile 1915 | Zeile 1953 |
|---|
$search['username'] = $db->escape_string($mybb->input['filter']['username']);
$query = $db->simple_select("users", "uid", "username='{$search['username']}'");
$mybb->input['filter']['uid'] = $db->fetch_field($query, "uid");
|
$search['username'] = $db->escape_string($mybb->input['filter']['username']);
$query = $db->simple_select("users", "uid", "username='{$search['username']}'");
$mybb->input['filter']['uid'] = $db->fetch_field($query, "uid");
|
| | $mybb->input['filter']['username'] = htmlspecialchars_uni($mybb->input['filter']['username']);
|
}
if($mybb->input['filter']['uid'])
{
| }
if($mybb->input['filter']['uid'])
{
|
| Zeile 1923 | Zeile 1962 |
|---|
if(!isset($mybb->input['search']['username']))
{
$user = get_user($mybb->input['search']['uid']);
|
if(!isset($mybb->input['search']['username']))
{
$user = get_user($mybb->input['search']['uid']);
|
$mybb->input['search']['username'] = $user['username'];
| $mybb->input['search']['username'] = htmlspecialchars_uni($user['username']);
|
}
}
if($mybb->input['filter']['mod_username'])
| }
}
if($mybb->input['filter']['mod_username'])
|
| Zeile 1931 | Zeile 1970 |
|---|
$search['mod_username'] = $db->escape_string($mybb->input['filter']['mod_username']);
$query = $db->simple_select("users", "uid", "username='{$search['mod_username']}'");
$mybb->input['filter']['mod_uid'] = $db->fetch_field($query, "uid");
|
$search['mod_username'] = $db->escape_string($mybb->input['filter']['mod_username']);
$query = $db->simple_select("users", "uid", "username='{$search['mod_username']}'");
$mybb->input['filter']['mod_uid'] = $db->fetch_field($query, "uid");
|
| | $mybb->input['filter']['mod_username'] = htmlspecialchars_uni($mybb->input['filter']['mod_username']);
|
}
if($mybb->input['filter']['mod_uid'])
{
| }
if($mybb->input['filter']['mod_uid'])
{
|
| Zeile 1939 | Zeile 1979 |
|---|
if(!isset($mybb->input['search']['mod_username']))
{
$mod_user = get_user($mybb->input['search']['uid']);
|
if(!isset($mybb->input['search']['mod_username']))
{
$mod_user = get_user($mybb->input['search']['uid']);
|
$mybb->input['search']['mod_username'] = $mod_user['username'];
| $mybb->input['search']['mod_username'] = htmlspecialchars_uni($mod_user['username']);
|
}
}
if($mybb->input['filter']['reason'])
{
$search['reason'] = $db->escape_string($mybb->input['filter']['reason']);
$where_sql .= " AND (w.notes LIKE '%{$search['reason']}%' OR t.title LIKE '%{$search['reason']}%' OR w.title LIKE '%{$search['reason']}%')";
|
}
}
if($mybb->input['filter']['reason'])
{
$search['reason'] = $db->escape_string($mybb->input['filter']['reason']);
$where_sql .= " AND (w.notes LIKE '%{$search['reason']}%' OR t.title LIKE '%{$search['reason']}%' OR w.title LIKE '%{$search['reason']}%')";
|
| | $mybb->input['filter']['reason'] = htmlspecialchars_uni($mybb->input['filter']['reason']);
|
}
$sortbysel = array();
switch($mybb->input['filter']['sortby'])
| }
$sortbysel = array();
switch($mybb->input['filter']['sortby'])
|
| Zeile 2150 | Zeile 2191 |
|---|
// Now we have the result counts, paginate
$perpage = intval($mybb->input['perpage']);
|
// Now we have the result counts, paginate
$perpage = intval($mybb->input['perpage']);
|
if(!$perpage)
| if(!$perpage || $perpage <= 0)
|
{
$perpage = $mybb->settings['threadsperpage'];
}
| {
$perpage = $mybb->settings['threadsperpage'];
}
|
| Zeile 2257 | Zeile 2298 |
|---|
{
$ipaddress['subject'] = "RE: {$ipaddress['threadsubject']}";
}
|
{
$ipaddress['subject'] = "RE: {$ipaddress['threadsubject']}";
}
|
$subject = "<strong>{$lang->ipresult_post}</strong> <a href=\"".get_post_link($ipaddress['pid'], $ipaddress['tid'])."\">".htmlspecialchars_uni($ipaddress['subject'])."</a> by ".build_profile_link($ipaddress['username'], $ipaddress['uid']);
| $subject = "<strong>{$lang->ipresult_post}</strong> <a href=\"".get_post_link($ipaddress['pid'], $ipaddress['tid'])."\">".htmlspecialchars_uni($ipaddress['subject'])."</a> {$lang->by} ".build_profile_link($ipaddress['username'], $ipaddress['uid']);
|
eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";");
}
}
| eval("\$results .= \"".$templates->get("modcp_ipsearch_result")."\";");
}
}
|
| Zeile 2317 | Zeile 2358 |
|---|
$query = $db->simple_select("banned", "COUNT(uid) AS count");
$banned_count = $db->fetch_field($query, "count");
|
$query = $db->simple_select("banned", "COUNT(uid) AS count");
$banned_count = $db->fetch_field($query, "count");
|
$postcount = intval($banned_count)+1;
| $postcount = intval($banned_count);
|
$pages = $postcount / $perpage;
$pages = ceil($pages);
| $pages = $postcount / $perpage;
$pages = ceil($pages);
|
| Zeile 2367 | Zeile 2408 |
|---|
if($mybb->user['uid'] == $banned['admin'] || !$banned['adminuser'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1)
{
$edit_link = "<br /><span class=\"smalltext\"><a href=\"modcp.php?action=banuser&uid={$banned['uid']}\">{$lang->edit_ban}</a> | <a href=\"modcp.php?action=liftban&uid={$banned['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></span>";
|
if($mybb->user['uid'] == $banned['admin'] || !$banned['adminuser'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1)
{
$edit_link = "<br /><span class=\"smalltext\"><a href=\"modcp.php?action=banuser&uid={$banned['uid']}\">{$lang->edit_ban}</a> | <a href=\"modcp.php?action=liftban&uid={$banned['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></span>";
|
}
| }
|
$admin_profile = build_profile_link($banned['adminuser'], $banned['admin']);
|
$admin_profile = build_profile_link($banned['adminuser'], $banned['admin']);
|
| Zeile 2436 | Zeile 2477 |
|---|
if(!$ban['uid'])
{
|
if(!$ban['uid'])
{
|
$lang->error_invalidban;
| error($lang->error_invalidban);
|
}
// Permission to edit this ban?
| }
// Permission to edit this ban?
|
| Zeile 2485 | Zeile 2526 |
|---|
{
error_no_permission();
}
|
{
error_no_permission();
}
|
$lift_link = "<div class=\"float_right\"><a href=\"modcp.php?action=liftban&bid={$user['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></div>";
| |
}
// Creating a new ban
else
| }
// Creating a new ban
else
|
| Zeile 2614 | Zeile 2653 |
|---|
else
{
add_breadcrumb($lang->mcp_nav_editing_ban);
|
else
{
add_breadcrumb($lang->mcp_nav_editing_ban);
|
}
| }
|
// If incoming user ID, we are editing a ban
if($mybb->input['uid'])
{
| // If incoming user ID, we are editing a ban
if($mybb->input['uid'])
{
|
| Zeile 2635 | Zeile 2674 |
|---|
eval("\$banuser_username = \"".$templates->get("modcp_banuser_editusername")."\";");
}
}
|
eval("\$banuser_username = \"".$templates->get("modcp_banuser_editusername")."\";");
}
}
|
| |
|
// New ban!
|
// New ban!
|
if(!$banuer_username)
| if(!$banuser_username)
|
{
if($mybb->input['uid'])
{
| {
if($mybb->input['uid'])
{
|
| Zeile 2680 | Zeile 2720 |
|---|
$liftlist .= ">{$title} ({$thatime})</option>\n";
}
}
|
$liftlist .= ">{$title} ({$thatime})</option>\n";
}
}
|
|
|
$bangroups = '';
$query = $db->simple_select("usergroups", "gid, title", "isbannedgroup=1");
while($item = $db->fetch_array($query))
| $bangroups = '';
$query = $db->simple_select("usergroups", "gid, title", "isbannedgroup=1");
while($item = $db->fetch_array($query))
|
| Zeile 2692 | Zeile 2732 |
|---|
}
$bangroups .= "<option value=\"{$item['gid']}\"{$selected}>".htmlspecialchars_uni($item['title'])."</option>\n";
}
|
}
$bangroups .= "<option value=\"{$item['gid']}\"{$selected}>".htmlspecialchars_uni($item['title'])."</option>\n";
}
|
| |
$lift_link = "<div class=\"float_right\"><a href=\"modcp.php?action=liftban&uid={$user['uid']}&my_post_key={$mybb->post_code}\">{$lang->lift_ban}</a></div>";
|
eval("\$banuser = \"".$templates->get("modcp_banuser")."\";");
output_page($banuser);
|
eval("\$banuser = \"".$templates->get("modcp_banuser")."\";");
output_page($banuser);
|
| Zeile 2699 | Zeile 2741 |
|---|
if($mybb->input['action'] == "do_modnotes")
{
|
if($mybb->input['action'] == "do_modnotes")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
// Update Moderator Notes cache
$update_cache = array(
"modmessage" => $mybb->input['modnotes']
| // Update Moderator Notes cache
$update_cache = array(
"modmessage" => $mybb->input['modnotes']
|
| Zeile 2722 | Zeile 2767 |
|---|
if($unapproved_attachments > 0)
{
$query = $db->query("
|
if($unapproved_attachments > 0)
{
$query = $db->query("
|
SELECT t.tid, p.pid, t.uid, t.username, a.filename, a.dateuploaded
| SELECT t.tid, p.pid, p.uid, t.username, a.filename, a.dateuploaded
|
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
| FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=a.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
|
| Zeile 2755 | Zeile 2800 |
|---|
if($unapproved_posts > 0)
{
$query = $db->query("
|
if($unapproved_posts > 0)
{
$query = $db->query("
|
SELECT p.pid, p.tid, p.subject, p.uid, p.username
| SELECT p.pid, p.tid, p.subject, p.uid, p.username, p.dateline
|
FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid
| FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid
|
| Zeile 2770 | Zeile 2815 |
|---|
$post['subject'] = $post['fullsubject'] = $parser->parse_badwords($post['subject']);
if(my_strlen($post['subject']) > 25)
{
|
$post['subject'] = $post['fullsubject'] = $parser->parse_badwords($post['subject']);
if(my_strlen($post['subject']) > 25)
{
|
$lastpost_subject = my_substr($post['subject'], 0, 25)."...";
| $post['subject'] = my_substr($post['subject'], 0, 25)."...";
|
}
$post['subject'] = htmlspecialchars_uni($post['subject']);
$post['fullsubject'] = htmlspecialchars_uni($post['fullsubject']);
| }
$post['subject'] = htmlspecialchars_uni($post['subject']);
$post['fullsubject'] = htmlspecialchars_uni($post['fullsubject']);
|
| Zeile 2796 | Zeile 2841 |
|---|
$thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']);
if(my_strlen($thread['subject']) > 25)
{
|
$thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']);
if(my_strlen($thread['subject']) > 25)
{
|
$lastpost_subject = my_substr($thread['subject'], 0, 25)."...";
| $post['subject'] = my_substr($thread['subject'], 0, 25)."...";
|
}
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']);
| }
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']);
|