b2evolution PHP Cross Reference Blogging Systems

Source: /inc/messaging/abuse.ctrl.php - 126 lines - 3551 bytes - Text - Print

   1  <?php
   2  
   3  if( !defined('EVO_MAIN_INIT') ) die( 'Please, do not access this page directly.' );
   4  
   5  // Load classes
   6  load_class( 'messaging/model/_thread.class.php', 'Thread' );
   7  load_class( 'messaging/model/_message.class.php', 'Message' );
   8  
   9  /**
  10   * @var User
  11   */
  12  global $current_User;
  13  
  14  // Check minimum permission:
  15  if( !$current_User->check_perm( 'perm_messaging', 'abuse' ) )
  16  {
  17      $Messages->add( 'Sorry, you are not allowed to abuse management!' );
  18      header_redirect( $admin_url );
  19  }
  20  
  21  /**
  22   * @var set TRUE if we want to see a messages as abuse manager
  23   */
  24  global $perm_abuse_management;
  25  
  26  $perm_abuse_management = true;
  27  
  28  // Set options path:
  29  $AdminUI->set_path( 'messaging', 'abuse' );
  30  
  31  // Get action parameter from request:
  32  param_action();
  33  
  34  if( param( 'thrd_ID', 'integer', '', true) )
  35  {// Load thread from cache:
  36      $ThreadCache = & get_ThreadCache();
  37      if( ($edited_Thread = & $ThreadCache->get_by_ID( $thrd_ID, false )) === false )
  38      {    unset( $edited_Thread );
  39          forget_param( 'thrd_ID' );
  40          $Messages->add( sprintf( T_('Requested &laquo;%s&raquo; object does not exist any longer.'), T_('Thread') ), 'error' );
  41          $action = 'nil';
  42      }
  43  }
  44  
  45  switch( $action )
  46  {
  47      case 'delete':
  48          // Delete thread:
  49          // Check that this action request is not a CSRF hacked request:
  50          $Session->assert_received_crumb( 'messaging_threads' );
  51  
  52          // Check permission:
  53          $current_User->check_perm( 'perm_messaging', 'delete', true );
  54  
  55          // Make sure we got an thrd_ID:
  56          param( 'thrd_ID', 'integer', true );
  57  
  58          if( param( 'confirm', 'integer', 0 ) )
  59          { // confirmed, Delete from DB:
  60              $msg = sprintf( T_('Thread &laquo;%s&raquo; deleted.'), $edited_Thread->dget('title') );
  61              $edited_Thread->dbdelete( true );
  62              unset( $edited_Thread );
  63              unset( $edited_Message );
  64              forget_param( 'thrd_ID' );
  65              forget_param( 'msg_ID' );
  66              $Messages->add( $msg, 'success' );
  67              // Redirect so that a reload doesn't write to the DB twice:
  68              header_redirect( '?ctrl=abuse', 303 ); // Will EXIT
  69              // We have EXITed already at this point!!
  70          }
  71          else
  72          {    // not confirmed, Check for restrictions:
  73              if( ! $edited_Thread->check_delete( sprintf( T_('Cannot delete thread &laquo;%s&raquo;'), $edited_Thread->dget('title') ) ) )
  74              {    // There are restrictions:
  75                  $action = 'view';
  76              }
  77          }
  78          break;
  79  
  80  }
  81  
  82  $AdminUI->breadcrumbpath_init( false );  // fp> I'm playing with the idea of keeping the current blog in the path here...
  83  $AdminUI->breadcrumbpath_add( T_('Messages'), '?ctrl=threads' );
  84  $AdminUI->breadcrumbpath_add( T_('Abuse Management'), '?ctrl=abuse' );
  85  
  86  // Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
  87  $AdminUI->disp_html_head();
  88  
  89  // Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
  90  $AdminUI->disp_body_top();
  91  
  92  $AdminUI->disp_payload_begin();
  93  
  94  /**
  95   * Display payload:
  96   */
  97  switch( $action )
  98  {
  99      case 'nil':
 100          // Do nothing
 101          break;
 102  
 103      case 'delete':
 104          // We need to ask for confirmation:
 105          $edited_Thread->confirm_delete(
 106                  sprintf( T_('Delete thread &laquo;%s&raquo;?'), $edited_Thread->dget('title') ),
 107                  'messaging_threads', $action, get_memorized( 'action' ) );
 108          $AdminUI->disp_view( 'messaging/views/_thread_list.view.php' );
 109          break;
 110  
 111      default:
 112          // No specific request, list all threads:
 113          // Cleanup context:
 114          forget_param( 'thrd_ID' );
 115          forget_param( 'msg_ID' );
 116          // Display threads list:
 117          $AdminUI->disp_view( 'messaging/views/_thread_list.view.php' );
 118          break;
 119  }
 120  
 121  $AdminUI->disp_payload_end();
 122  
 123  // Display body bottom, debug info and close </html>:
 124  $AdminUI->disp_global_footer();
 125  
 126  ?>

title

Description

title

Description

title

Description

title

title

Body