MyBB PHP Cross Reference Discussion Forums

Source: /warnings.php - 1233 lines - 37164 bytes - Summary - Text - Print

Description: MyBB 1.6 Copyright 2010 MyBB Group, All Rights Reserved

   1  <?php
   2  /**

   3   * MyBB 1.6

   4   * Copyright 2010 MyBB Group, All Rights Reserved

   5   *

   6   * Website: http://mybb.com

   7   * License: http://mybb.com/about/license

   8   *

   9   * $Id$

  10   */
  11  
  12  define("IN_MYBB", 1);
  13  define('THIS_SCRIPT', 'warnings.php');
  14  
  15  $templatelist = 'warnings,warnings_warn_post,warnings_active_header,warnings_expired_header,warnings_warning,warnings_warn_existing,warnings_warn_type,warnings_warn_custom,warnings_warn_pm';
  16  $templatelist .= ',warnings_warn,warnings_view_post,warnings_view_user,warnings_view_revoke,warnings_view_revoked,warnings_view,warnings_no_warnings,codebuttons,smilieinsert_getmore,smilieinsert';
  17  $templatelist .= ',multipage_prevpage,multipage_start,multipage_end,multipage_nextpage,multipage,multipage_page_current';
  18  require_once  "./global.php";
  19  require_once  MYBB_ROOT."/inc/functions_warnings.php";
  20  require_once  MYBB_ROOT."inc/functions_modcp.php";
  21  
  22  require_once  MYBB_ROOT."inc/class_parser.php";
  23  $parser = new postParser;
  24  
  25  $lang->load("warnings");
  26  
  27  if($mybb->settings['enablewarningsystem'] == 0)
  28  {
  29      error($lang->error_warning_system_disabled);
  30  }
  31  
  32  // Expire old warnings

  33  expire_warnings();
  34  
  35  // Actually warn a user

  36  if($mybb->input['action'] == "do_warn" && $mybb->request_method == "post")
  37  {
  38      // Verify incoming POST request

  39      verify_post_check($mybb->input['my_post_key']);
  40  
  41      if($mybb->usergroup['canwarnusers'] != 1)
  42      {
  43          error_no_permission();
  44      }
  45      
  46      // Check we haven't exceeded the maximum number of warnings per day

  47      if($mybb->usergroup['maxwarningsday'] != 0)
  48      {
  49          $timecut = TIME_NOW-60*60*24;
  50          $query = $db->simple_select("warnings", "COUNT(wid) AS given_today", "issuedby='{$mybb->user['uid']}' AND dateline>'$timecut'");
  51          $given_today = $db->fetch_field($query, "given_today");
  52          if($given_today >= $mybb->usergroup['maxwarningsday'])
  53          {
  54              error($lang->sprintf($lang->reached_max_warnings_day, $mybb->usergroup['maxwarningsday']));
  55          }
  56      }
  57  
  58      $user = get_user(intval($mybb->input['uid']));
  59      if(!$user['uid'])
  60      {
  61          error($lang->error_invalid_user);
  62      }
  63  
  64      if($user['uid'] == $mybb->user['uid'])
  65      {
  66          error($lang->cannot_warn_self);
  67      }
  68  
  69      if($user['warningpoints'] >= $mybb->settings['maxwarningpoints'])
  70      {
  71          error($lang->user_reached_max_warning);
  72      }
  73  
  74      $group_permissions = user_permissions($user['uid']);
  75  
  76      if($group_permissions['canreceivewarnings'] != 1)
  77      {
  78          error($lang->error_cant_warn_group);
  79      }
  80  
  81      if(!modcp_can_manage_user($user['uid']))
  82      {
  83          error($lang->error_cant_warn_user);
  84      }
  85  
  86      // Is this warning being given for a post?

  87      if($mybb->input['pid'])
  88      {
  89          $post = get_post(intval($mybb->input['pid']));
  90          $thread = get_thread($post['tid']);
  91          if(!$post['pid'] || !$thread['tid'])
  92          {
  93              error($lang->error_invalid_post);
  94          }
  95          $forum_permissions = forum_permissions($thread['fid']);
  96          if($forum_permissions['canview'] != 1)
  97          {
  98              error_no_permission();
  99          }
 100      }
 101  
 102      $plugins->run_hooks("warnings_do_warn_start");
 103  
 104      if(!trim($mybb->input['notes']))
 105      {
 106          $warn_errors[] = $lang->error_no_note;
 107      }
 108  
 109      // Using a predefined warning type

 110      if($mybb->input['type'] != "custom")
 111      {
 112          $query = $db->simple_select("warningtypes", "*", "tid='".intval($mybb->input['type'])."'");
 113          $warning_type = $db->fetch_array($query);
 114          if(!$warning_type['tid'])
 115          {
 116              $warn_errors[] = $lang->error_invalid_type;
 117          }
 118          $points = $warning_type['points'];
 119          $warning_title = "";
 120          if($warning_type['expirationtime'])
 121          {
 122              $warning_expires = TIME_NOW+$warning_type['expirationtime'];
 123          }
 124      }
 125      // Issuing a custom warning

 126      else
 127      {
 128          if($mybb->settings['allowcustomwarnings'] == 0)
 129          {
 130              $warn_errors[] = $lang->error_cant_custom_warn;
 131          }
 132          else
 133          {
 134              if(!$mybb->input['custom_reason'])
 135              {
 136                  $warn_errors[] = $lang->error_no_custom_reason;
 137              }
 138              else
 139              {
 140                  $warning_title = $mybb->input['custom_reason'];
 141              }
 142              if(!is_numeric($mybb->input['custom_points']) || $mybb->input['custom_points'] > $mybb->settings['maxwarningpoints'] || $mybb->input['custom_points'] < 0)
 143              {
 144                  $warn_errors[] = $lang->sprintf($lang->error_invalid_custom_points, $mybb->settings['maxwarningpoints']);
 145              }
 146              else
 147              {
 148                  $points = round((int)$mybb->input['custom_points']);
 149              }
 150              // Build expiry date

 151              if($mybb->input['expires'])
 152              {
 153                  $warning_expires = intval($mybb->input['expires']);
 154                  if($mybb->input['expires_period'] == "hours")
 155                  {
 156                      $warning_expires = $warning_expires*3600;
 157                  }
 158                  else if($mybb->input['expires_period'] == "days")
 159                  {
 160                      $warning_expires = $warning_expires*86400;
 161                  }
 162                  else if($mybb->input['expires_period'] == "weeks")
 163                  {
 164                      $warning_expires = $warning_expires*604800;
 165                  }
 166                  else if($mybb->input['expires_period'] == "months")
 167                  {
 168                      $warning_expires = $warning_expires*2592000;
 169                  }
 170                  // Add on current time and we're there!

 171                  if($mybb->input['expires_period'] != "never" && $warning_expires)
 172                  {
 173                      $warning_expires += TIME_NOW;
 174                  }
 175              }
 176          }
 177      }
 178  
 179      if($warning_expires <= TIME_NOW)
 180      {
 181          $warning_expires = 0;
 182      }
 183  
 184      // Are we notifying the user?

 185      if(!$warn_errors && $mybb->input['send_pm'] == 1 && $group_permissions['canusepms'] != 0 && $mybb->settings['enablepms'] != 0)
 186      {
 187          // Bring up the PM handler

 188          require_once  MYBB_ROOT."inc/datahandlers/pm.php";
 189          $pmhandler = new PMDataHandler();
 190  
 191          $pm = array(
 192              "subject" => $mybb->input['pm_subject'],
 193              "message" => $mybb->input['pm_message'],
 194              "fromid" => $mybb->user['uid'],
 195              "toid" => array($user['uid'])
 196          );
 197  
 198          $pm['options'] = array(
 199              "signature" => $mybb->input['pm_options']['signature'],
 200              "disablesmilies" => $mybb->input['pm_options']['disablesmilies'],
 201              "savecopy" => $mybb->input['pm_options']['savecopy'],
 202              "readreceipt" => $mybb->input['pm_options']['readreceipt']
 203          );
 204  
 205          $pmhandler->set_data($pm);
 206          $pmhandler->admin_override = true;
 207  
 208          // Now let the pm handler do all the hard work.

 209          if(!$pmhandler->validate_pm())
 210          {
 211              $pm_errors = $pmhandler->get_friendly_errors();
 212              if($warn_errors)
 213              {
 214                  $warn_errors = array_merge($warn_errors, $pm_errors);
 215              }
 216              else
 217              {
 218                  $warn_errors = $pm_errors;
 219              }
 220          }
 221          else
 222          {
 223              $pminfo = $pmhandler->insert_pm();
 224          }
 225      }
 226  
 227      // No errors - save warning to database

 228      if(!is_array($warn_errors))
 229      {
 230          // Build warning level & ensure it doesn't go over 100.

 231          $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
 232          $new_warning_level = round(($user['warningpoints']+$points)/$mybb->settings['maxwarningpoints']*100);
 233          if($new_warning_level > 100)
 234          {
 235              $new_warning_level = 100;
 236          }
 237  
 238          $new_warning = array(
 239              "uid" => $user['uid'],
 240              "tid" => intval($warning_type['tid']),
 241              "pid" => intval($post['pid']),
 242              "title" => $db->escape_string($warning_title),
 243              "points" => intval($points),
 244              "dateline" => TIME_NOW,
 245              "issuedby" => $mybb->user['uid'],
 246              "expires" => $warning_expires,
 247              "expired" => 0,
 248              "revokereason" => '',
 249              "notes" => $db->escape_string($mybb->input['notes'])
 250          );
 251          $db->insert_query("warnings", $new_warning);
 252  
 253          // Update user

 254          $updated_user = array(
 255              "warningpoints" => $user['warningpoints']+$points
 256          );
 257  
 258          // Fetch warning level

 259          $query = $db->simple_select("warninglevels", "*", "percentage<=$new_warning_level", array("order_by" => "percentage", "order_dir" => "desc"));
 260          $new_level = $db->fetch_array($query);
 261  
 262          if($new_level['lid'])
 263          {
 264              $expiration = 0;
 265              $action = unserialize($new_level['action']);
 266  
 267              switch($action['type'])
 268              {
 269                  // Ban the user for a specified time

 270                  case 1:
 271                      if($action['length'] > 0)
 272                      {
 273                          $expiration = TIME_NOW+$action['length'];
 274                      }
 275                      // Fetch any previous bans for this user

 276                      $query = $db->simple_select("banned", "*", "uid='{$user['uid']}' AND gid='{$action['usergroup']}' AND lifted>".TIME_NOW);
 277                      $existing_ban = $db->fetch_array($query);
 278  
 279                      // Only perform if no previous ban or new ban expires later than existing ban

 280                      if(($expiration > $existing_ban['lifted'] && $existing_ban['lifted'] != 0) || $expiration == 0 || !$existing_ban['uid'])
 281                      {
 282                          if(!$warning_title)
 283                          {
 284                              $warning_title = $warning_type['title'];
 285                          }
 286                          
 287                          // Never lift the ban?

 288                          if($action['length'] <= 0)
 289                          {
 290                              $bantime = '---';
 291                          }
 292                          else
 293                          {
 294                              $bantimes = fetch_ban_times();
 295                              foreach($bantimes as $date => $string)
 296                              {
 297                                  if($date == '---')
 298                                  {
 299                                      continue;
 300                                  }
 301                                  
 302                                  $time = 0;
 303                                  list($day, $month, $year) = explode('-', $date);
 304                                  if($day > 0)
 305                                  {
 306                                      $time += 60*60*24*$day;
 307                                  }
 308                                  
 309                                  if($month > 0)
 310                                  {
 311                                      $time += 60*60*24*30*$month;
 312                                  }
 313                                  
 314                                  if($year > 0)
 315                                  {
 316                                      $time += 60*60*24*365*$year;
 317                                  }
 318                                  
 319                                  if($time == $action['length'])
 320                                  {
 321                                      $bantime = $date;
 322                                      break;
 323                                  }
 324                              }
 325                          }
 326                          
 327                          $new_ban = array(
 328                              "uid" => intval($user['uid']),
 329                              "gid" => $db->escape_string($action['usergroup']),
 330                              "oldgroup" => $db->escape_string($user['usergroup']),
 331                              "oldadditionalgroups" => $db->escape_string($user['additionalgroups']),
 332                              "olddisplaygroup" => $db->escape_string($user['displaygroup']),
 333                              "admin" => $mybb->user['uid'],
 334                              "dateline" => TIME_NOW,
 335                              "bantime" => $db->escape_string($bantime),
 336                              "lifted" => $expiration,
 337                              "reason" => $db->escape_string($warning_title)
 338                          );
 339                          // Delete old ban for this user, taking details

 340                          if($existing_ban['uid'])
 341                          {
 342                              $db->delete_query("banned", "uid='{$user['uid']}' AND gid='{$action['usergroup']}'");
 343                              // Override new ban details with old group info

 344                              $new_ban['oldgroup'] = $db->escape_string($existing_ban['oldgroup']);
 345                              $new_ban['oldadditionalgroups'] = $db->escape_string($existing_ban['oldadditionalgroups']);
 346                              $new_ban['olddisplaygroup'] = $db->escape_string($existing_ban['olddisplaygroup']);
 347                          }
 348  
 349                          $period = $lang->expiration_never;
 350                          $ban_length = fetch_friendly_expiration($action['length']);
 351  
 352                          if($ban_length['time'])
 353                          {
 354                              $lang_str = "expiration_".$ban_length['period'];
 355                              $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str);
 356                          }
 357  
 358                          $group_name = $groupscache[$action['usergroup']]['title'];
 359                          $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_banned, $group_name, $period);
 360  
 361                          $db->insert_query("banned", $new_ban);
 362                          $updated_user['usergroup'] = $action['usergroup'];
 363                          $updated_user['additionalgroups'] = $updated_user['displaygroup'] = "";
 364                      }
 365                      break;
 366                  // Suspend posting privileges

 367                  case 2:
 368                      if($action['length'] > 0)
 369                      {
 370                          $expiration = TIME_NOW+$action['length'];
 371                      }
 372                      // Only perform if the expiration time is greater than the users current suspension period

 373                      if($expiration == 0 || $expiration > $user['suspensiontime'])
 374                      {
 375                          if(($user['suspensiontime'] != 0 && $user['suspendposting']) || !$user['suspendposting'])
 376                          {
 377                              $period = $lang->expiration_never;
 378                              $ban_length = fetch_friendly_expiration($action['length']);
 379  
 380                              if($ban_length['time'])
 381                              {
 382                                  $lang_str = "expiration_".$ban_length['period'];
 383                                  $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str);
 384                              }
 385  
 386                              $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_suspended, $period);
 387  
 388                              $updated_user['suspensiontime'] = $expiration;
 389                              $updated_user['suspendposting'] = 1;
 390                          }
 391                      }
 392                      break;
 393                  // Moderate new posts

 394                  case 3:
 395                      if($action['length'] > 0)
 396                      {
 397                          $expiration = TIME_NOW+$action['length'];
 398                      }
 399                      // Only perform if the expiration time is greater than the users current suspension period

 400                      if($expiration == 0 || $expiration > $user['moderationtime'])
 401                      {
 402                          if(($user['moderationtime'] != 0 && $user['moderateposts']) || !$user['suspendposting'])
 403                          {
 404                              $period = $lang->expiration_never;
 405                              $ban_length = fetch_friendly_expiration($action['length']);
 406  
 407                              if($ban_length['time'])
 408                              {
 409                                  $lang_str = "expiration_".$ban_length['period'];
 410                                  $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str);
 411                              }
 412  
 413                              $friendly_action = "<br /><br />".$lang->sprintf($lang->redirect_warned_moderate, $period);
 414  
 415                              $updated_user['moderationtime'] = $expiration;
 416                              $updated_user['moderateposts'] = 1;
 417                          }
 418                      }
 419                      break;
 420              }
 421          }
 422  
 423          // Save updated details

 424          $db->update_query("users", $updated_user, "uid='{$user['uid']}'");
 425          $cache->update_moderators();
 426  
 427          $lang->redirect_warned = $lang->sprintf($lang->redirect_warned, $user['username'], $new_warning_level, $friendly_action);
 428  
 429          if($post['pid'])
 430          {
 431              redirect(get_post_link($post['pid']), $lang->redirect_warned);
 432          }
 433          else
 434          {
 435              redirect(get_profile_link($user['uid']), $lang->redirect_warned);
 436          }
 437      }
 438  
 439      if($warn_errors)
 440      {
 441          $warn_errors = inline_error($warn_errors);
 442          $mybb->input['action'] = "warn";
 443      }
 444  }
 445  
 446  // Warn a user

 447  if($mybb->input['action'] == "warn")
 448  {
 449      if($mybb->usergroup['canwarnusers'] != 1)
 450      {
 451          error_no_permission();
 452      }
 453  
 454      // Check we haven't exceeded the maximum number of warnings per day

 455      if($mybb->usergroup['maxwarningsday'] != 0)
 456      {
 457          $timecut = TIME_NOW-60*60*24;
 458          $query = $db->simple_select("warnings", "COUNT(wid) AS given_today", "issuedby='{$mybb->user['uid']}' AND dateline>'$timecut'");
 459          $given_today = $db->fetch_field($query, "given_today");
 460          if($given_today >= $mybb->usergroup['maxwarningsday'])
 461          {
 462              error($lang->sprintf($lang->reached_max_warnings_day, $mybb->usergroup['maxwarningsday']));
 463          }
 464      }
 465  
 466      $user = get_user(intval($mybb->input['uid']));
 467      if(!$user['uid'])
 468      {
 469          error($lang->error_invalid_user);
 470      }
 471  
 472      if($user['uid'] == $mybb->user['uid'])
 473      {
 474          error($lang->cannot_warn_self);
 475      }
 476  
 477      if($user['warningpoints'] >= $mybb->settings['maxwarningpoints'])
 478      {
 479          error($lang->user_reached_max_warning);
 480      }
 481  
 482      $group_permissions = user_permissions($user['uid']);
 483  
 484      if($group_permissions['canreceivewarnings'] != 1)
 485      {
 486          error($lang->error_cant_warn_group);
 487      }
 488  
 489      if(!modcp_can_manage_user($user['uid']))
 490      {
 491          error($lang->error_cant_warn_user);
 492      }
 493  
 494      // Giving a warning for a specific post

 495      if($mybb->input['pid'])
 496      {
 497          $post = get_post(intval($mybb->input['pid']));
 498          $thread = get_thread($post['tid']);
 499          if(!$post['pid'] || !$thread['tid'])
 500          {
 501              error($lang->error_invalid_post);
 502          }
 503          $forum_permissions = forum_permissions($thread['fid']);
 504          if($forum_permissions['canview'] != 1)
 505          {
 506              error_no_permission();
 507          }
 508          $post['subject'] = $parser->parse_badwords($post['subject']);
 509          $post['subject'] = htmlspecialchars_uni($post['subject']);
 510          $post_link = get_post_link($post['pid']);
 511          eval("\$post = \"".$templates->get("warnings_warn_post")."\";");
 512  
 513          // Fetch any existing warnings issued for this post

 514          $query = $db->query("
 515              SELECT w.*, t.title AS type_title, u.username
 516              FROM ".TABLE_PREFIX."warnings w
 517              LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid)
 518              LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby)
 519              WHERE w.pid='{$mybb->input['pid']}'
 520              ORDER BY w.expired ASC, w.dateline DESC
 521          ");
 522          $first = true;
 523          while($warning = $db->fetch_array($query))
 524          {
 525              if($warning['expired'] != $last_expired || $first)
 526              {
 527                  if($warning['expired'] == 0)
 528                  {
 529                      eval("\$warnings .= \"".$templates->get("warnings_active_header")."\";");
 530                  }
 531                  else
 532                  {
 533                      eval("\$warnings .= \"".$templates->get("warnings_expired_header")."\";");
 534                  }
 535              }
 536              $last_expired = $warning['expired'];
 537              $first = false;
 538  
 539              $post_link = "";
 540              $issuedby = build_profile_link($warning['username'], $warning['issuedby']);
 541              $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']);
 542              if($warning['type_title'])
 543              {
 544                  $warning_type = $warning['type_title'];
 545              }
 546              else
 547              {
 548                  $warning_type = $warning['title'];
 549              }
 550              $warning_type = htmlspecialchars_uni($warning_type);
 551              if($warning['points'] > 0)
 552              {
 553                  $warning['points'] = "+{$warning['points']}";
 554              }
 555              $points = $lang->sprintf($lang->warning_points, $warning['points']);
 556              if($warning['expired'] != 1)
 557              {
 558                  if($warning['expires'] == 0)
 559                  {
 560                      $expires = $lang->never;
 561                  }
 562                  else
 563                  {
 564                      $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']);
 565                  }
 566              }
 567              else
 568              {
 569                  if($warning['daterevoked'])
 570                  {
 571                      $expires = $lang->warning_revoked;
 572                  }
 573                  else if($warning['expires'])
 574                  {
 575                      $expires = $lang->already_expired;
 576                  }
 577              }
 578              $alt_bg = alt_trow();
 579              $plugins->run_hooks("warnings_warning");
 580              eval("\$warnings .= \"".$templates->get("warnings_warning")."\";");
 581          }
 582          if($warnings)
 583          {
 584              eval("\$existing_warnings = \"".$templates->get("warnings_warn_existing")."\";");
 585          }
 586      }
 587  
 588      $plugins->run_hooks("warnings_warn_start");
 589  
 590      // Coming here from failed do_warn?

 591      if($warn_errors)
 592      {
 593          $notes = htmlspecialchars_uni($mybb->input['notes']);
 594          $type_checked[$mybb->input['type']] = "checked=\"checked\"";
 595          $pm_subject = htmlspecialchars_uni($mybb->input['pm_subject']);
 596          $message = htmlspecialchars_uni($mybb->input['pm_message']);
 597          if($mybb->input['send_pm'])
 598          {
 599              $send_pm_checked = "checked=\"checked\"";
 600          }
 601          $custom_reason = htmlspecialchars_uni($mybb->input['custom_reason']);
 602          $custom_points = intval($mybb->input['custom_points']);
 603          $expires = intval($mybb->input['expires']);
 604          $expires_period[$mybb->input['expires_period']] = "selected=\"selected\"";
 605      }
 606      else
 607      {
 608          $notes = $custom_reason = $custom_points = $expires = '';
 609          $expires = 1;
 610          $custom_points = 2;
 611          $pm_subject = $lang->warning_pm_subject;
 612          $message = $lang->sprintf($lang->warning_pm_message, $user['username'], $mybb->settings['bbname']);
 613      }
 614  
 615      $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']);
 616      add_breadcrumb($lang->nav_profile, get_profile_link($user['uid']));
 617      add_breadcrumb($lang->nav_add_warning);
 618  
 619      $user_link = build_profile_link($user['username'], $user['uid']);
 620  
 621      $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
 622  
 623      // Fetch warning levels

 624      $levels = array();
 625      $query = $db->simple_select("warninglevels", "*");
 626      while($level = $db->fetch_array($query))
 627      {
 628          $level['action'] = unserialize($level['action']);
 629          switch($level['action']['type'])
 630          {
 631              case 1:
 632                  if($level['action']['length'] > 0)
 633                  {
 634                      $ban_length = fetch_friendly_expiration($level['action']['length']);
 635                      $lang_str = "expiration_".$ban_length['period'];
 636                      $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->$lang_str);
 637                  }
 638                  $group_name = $groupscache[$level['action']['usergroup']]['title'];
 639                  $level['friendly_action'] = $lang->sprintf($lang->result_banned, $group_name, $period);
 640                  break;
 641              case 2:
 642                  if($level['action']['length'] > 0)
 643                  {
 644                      $period = fetch_friendly_expiration($level['action']['length']);
 645                      $lang_str = "expiration_".$period['period'];
 646                      $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str);
 647                  }
 648                  $level['friendly_action'] = $lang->sprintf($lang->result_suspended, $period);
 649                  break;
 650              case 3:
 651                  if($level['action']['length'] > 0)
 652                  {
 653                      $period = fetch_friendly_expiration($level['action']['length']);
 654                      $lang_str = "expiration_".$period['period'];
 655                      $period = $lang->sprintf($lang->result_period, $period['time'], $lang->$lang_str);
 656                  }
 657                  $level['friendly_action'] = $lang->sprintf($lang->result_moderated, $period);
 658                  break;
 659          }
 660          $levels[$level['percentage']] = $level;
 661      }
 662      krsort($levels);
 663  
 664      // Fetch all current warning types

 665      $query = $db->simple_select("warningtypes", "*", "", array("order_by" => "title"));
 666      while($type = $db->fetch_array($query))
 667      {
 668          $checked = $type_checked[$type['tid']];
 669          $type['title'] = htmlspecialchars_uni($type['title']);
 670          $new_warning_level = round(($user['warningpoints']+$type['points'])/$mybb->settings['maxwarningpoints']*100);
 671          if($new_warning_level > 100)
 672          {
 673              $new_warning_level = 100;
 674          }
 675          if($type['points'] > 0)
 676          {
 677              $type['points'] = "+{$type['points']}";
 678          }
 679          $points = $lang->sprintf($lang->warning_points, $type['points']);
 680  
 681          if(is_array($levels))
 682          {
 683              foreach($levels as $level)
 684              {
 685                  if($new_warning_level >= $level['percentage'])
 686                  {
 687                      $new_level = $level;
 688                      break;
 689                  }
 690              }
 691          }
 692          $level_diff = $new_warning_level-$current_level;
 693          if($new_level['friendly_action'])
 694          {
 695              $result = "<div class=\"smalltext\" style=\"clear: left; padding-top: 4px;\">{$lang->result}<br />".$new_level['friendly_action']."</div>";
 696          }
 697          eval("\$types .= \"".$templates->get("warnings_warn_type")."\";");
 698          unset($new_level);
 699          unset($result);
 700      }
 701  
 702      if($mybb->settings['allowcustomwarnings'] != 0)
 703      {
 704          eval("\$custom_warning = \"".$templates->get("warnings_warn_custom")."\";");
 705      }
 706  
 707      if($group_permissions['canusepms']  != 0 && $mybb->user['receivepms'] != 0 && $mybb->settings['enablepms'] != 0)
 708      {
 709          $smilieinserter = $codebuttons = "";
 710  
 711          if($mybb->settings['bbcodeinserter'] != 0 && $mybb->settings['pmsallowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
 712          {
 713              $codebuttons = build_mycode_inserter();
 714              if($mybb->settings['pmsallowsmilies'] != 0)
 715              {
 716                  $smilieinserter = build_clickable_smilies();
 717              }
 718          }
 719          eval("\$pm_notify = \"".$templates->get("warnings_warn_pm")."\";");
 720      }
 721      
 722      $plugins->run_hooks("warnings_warn_end");
 723      
 724      eval("\$warn = \"".$templates->get("warnings_warn")."\";");
 725      output_page($warn);
 726      exit;
 727  }
 728  
 729  // Revoke a warning

 730  if($mybb->input['action'] == "do_revoke" && $mybb->request_method == "post")
 731  {
 732      // Verify incoming POST request

 733      verify_post_check($mybb->input['my_post_key']);
 734  
 735      if($mybb->usergroup['canwarnusers'] != 1)
 736      {
 737          error_no_permission();
 738      }
 739  
 740      $query = $db->simple_select("warnings", "*", "wid='".intval($mybb->input['wid'])."'");
 741      $warning = $db->fetch_array($query);
 742  
 743      if(!$warning['wid'])
 744      {
 745          error($lang->error_invalid_warning);
 746      }
 747      else if($warning['daterevoked'])
 748      {
 749          error($lang->warning_already_revoked);
 750      }
 751  
 752      $user = get_user($warning['uid']);
 753  
 754      $group_permissions = user_permissions($user['uid']);
 755      if($group_permissions['canreceivewarnings'] != 1)
 756      {
 757          error($lang->error_cant_warn_group);
 758      }
 759  
 760      $plugins->run_hooks("warnings_do_revoke_start");
 761  
 762      if(!trim($mybb->input['reason']))
 763      {
 764          $warn_errors[] = $lang->no_revoke_reason;
 765          $warn_errors = inline_error($warn_errors);
 766          $mybb->input['action'] = "view";
 767      }
 768      else
 769      {
 770          // Warning is still active, lower users point count

 771          if($warning['expired'] != 1)
 772          {
 773              $new_warning_points = $user['warningpoints']-$warning['points'];
 774              if($new_warning_points < 0)
 775              {
 776                  $new_warning_points = 0;
 777              }
 778  
 779              $updated_user = array(
 780                  "warningpoints" => $new_warning_points
 781              );
 782              
 783              
 784              // check if we need to revoke any consequences with this warning

 785              $current_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
 786              $new_warning_level = round($new_warning_points/$mybb->settings['maxwarningpoints']*100);
 787              $query = $db->simple_select("warninglevels", "action", "percentage>$new_warning_level AND percentage<=$current_level");
 788              if($db->num_rows($query))
 789              {
 790                  // we have some warning levels we need to revoke

 791                  $max_expiration_times = $check_levels = array();
 792                  find_warnlevels_to_check($query, $max_expiration_times, $check_levels);
 793                  
 794                  // now check warning levels already applied to this user to see if we need to lower any expiration times

 795                  $query = $db->simple_select("warninglevels", "action", "percentage<=$new_warning_level");
 796                  $lower_expiration_times = $lower_levels = array();
 797                  find_warnlevels_to_check($query, $lower_expiration_times, $lower_levels);
 798                  
 799                  // now that we've got all the info, do necessary stuff

 800                  for($i = 1; $i <= 3; ++$i)
 801                  {
 802                      if($check_levels[$i])
 803                      {
 804                          switch($i)
 805                          {
 806                              case 1: // Ban
 807                                  // we'll have to resort to letting the admin/mod remove the ban manually, since there's an issue if stacked bans are in force...

 808                                  continue;
 809                              case 2: // Revoke posting
 810                                  $current_expiry_field = 'suspensiontime';
 811                                  $current_inforce_field = 'suspendposting';
 812                                  break;
 813                              case 3:
 814                                  $current_expiry_field = 'moderationtime';
 815                                  $current_inforce_field = 'moderateposts';
 816                                  break;
 817                          }
 818                          
 819                          // if the thing isn't in force, don't bother with trying to update anything

 820                          if(!$user[$current_inforce_field])
 821                          {
 822                              continue;
 823                          }
 824                          
 825                          if($lower_levels[$i])
 826                          {
 827                              // lessen the expiration time if necessary

 828                              
 829                              if(!$lower_expiration_times[$i])
 830                              {
 831                                  // doesn't expire - enforce this

 832                                  $updated_user[$current_expiry_field] = 0;
 833                                  continue;
 834                              }
 835                              
 836                              if($max_expiration_times[$i])
 837                              {
 838                                  // if the old level did have an expiry time...

 839                                  if($max_expiration_times[$i] <= $lower_expiration_times[$i])
 840                                  {
 841                                      // if the lower expiration time is actually higher than the upper expiration time -> skip

 842                                      continue;
 843                                  }
 844                                  // both new and old max expiry times aren't infinite, so we can take a difference

 845                                  $expire_offset = ($lower_expiration_times[$i] - $max_expiration_times[$i]);
 846                              }
 847                              else
 848                              {
 849                                  // the old level never expired, not much we can do but try to estimate a new expiry time... which will just happen to be starting from today...

 850                                  $expire_offset = TIME_NOW + $lower_expiration_times[$i];
 851                                  // if the user's expiry time is already less than what we're going to set it to, skip

 852                                  if($user[$current_expiry_field] <= $expire_offset)
 853                                  {
 854                                      continue;
 855                                  }
 856                              }
 857                              
 858                              $updated_user[$current_expiry_field] = $user[$current_expiry_field] + $expire_offset;
 859                              // double-check if it's expired already

 860                              if($updated_user[$current_expiry_field] < TIME_NOW)
 861                              {
 862                                  $updated_user[$current_expiry_field] = 0;
 863                                  $updated_user[$current_inforce_field] = 0;
 864                              }
 865                          }
 866                          else
 867                          {
 868                              // there's no lower level for this type - remove the consequence entirely

 869                              $updated_user[$current_expiry_field] = 0;
 870                              $updated_user[$current_inforce_field] = 0;
 871                          }
 872                      }
 873                  }
 874              }
 875              
 876              
 877              // Update user

 878              $db->update_query("users", $updated_user, "uid='{$warning['uid']}'");
 879          }
 880  
 881          // Update warning

 882          $updated_warning = array(
 883              "expired" => 1,
 884              "daterevoked" => TIME_NOW,
 885              "revokedby" => $mybb->user['uid'],
 886              "revokereason" => $db->escape_string($mybb->input['reason'])
 887          );
 888          $db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'");
 889  
 890          redirect("warnings.php?action=view&wid={$warning['wid']}", $lang->redirect_warning_revoked);
 891      }
 892  }
 893  
 894  // Detailed view of a warning

 895  if($mybb->input['action'] == "view")
 896  {
 897      if($mybb->usergroup['canwarnusers'] != 1)
 898      {
 899          error_no_permission();
 900      }
 901  
 902      $query = $db->query("
 903          SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject
 904          FROM ".TABLE_PREFIX."warnings w
 905          LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid)
 906          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby)
 907          LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid)
 908          WHERE w.wid='".intval($mybb->input['wid'])."'
 909      ");
 910      $warning = $db->fetch_array($query);
 911  
 912      if(!$warning['wid'])
 913      {
 914          error($lang->error_invalid_warning);
 915      }
 916  
 917      $user = get_user(intval($warning['uid']));
 918      if(!$user['username'])
 919      {
 920          $user['username'] = $lang->guest;
 921      }
 922  
 923      $group_permissions = user_permissions($user['uid']);
 924      if($group_permissions['canreceivewarnings'] != 1)
 925      {
 926          error($lang->error_cant_warn_group);
 927      }
 928  
 929      $plugins->run_hooks("warnings_view_start");
 930  
 931      $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']);
 932      if($user['uid'])
 933      {
 934          add_breadcrumb($lang->nav_profile, get_profile_link($user['uid']));
 935          add_breadcrumb($lang->nav_warning_log, "warnings.php?uid={$user['uid']}");
 936      }
 937      else
 938      {
 939          add_breadcrumb($lang->nav_profile);
 940          add_breadcrumb($lang->nav_warning_log);
 941      }
 942      add_breadcrumb($lang->nav_view_warning);
 943  
 944      $user_link = build_profile_link($user['username'], $user['uid']);
 945  
 946      $post_link = "";
 947      if($warning['post_subject'])
 948      {
 949          $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']);
 950          $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']);
 951          $post_link = get_post_link($warning['pid'])."#pid{$warning['pid']}";
 952          eval("\$warning_info = \"".$templates->get("warnings_view_post")."\";");
 953      }
 954      else
 955      {
 956          eval("\$warning_info = \"".$templates->get("warnings_view_user")."\";");
 957      }
 958  
 959      $issuedby = build_profile_link($warning['username'], $warning['issuedby']);
 960      $notes = nl2br(htmlspecialchars_uni($warning['notes']));
 961      
 962      $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']);
 963      if($warning['type_title'])
 964      {
 965          $warning_type = $warning['type_title'];
 966      }
 967      else
 968      {
 969          $warning_type = $warning['title'];
 970      }
 971      $warning_type = htmlspecialchars_uni($warning_type);
 972      if($warning['points'] > 0)
 973      {
 974          $warning['points'] = "+{$warning['points']}";
 975      }
 976      
 977      $revoked_date = '';
 978      
 979      $points = $lang->sprintf($lang->warning_points, $warning['points']);
 980      if($warning['expired'] != 1)
 981      {
 982          if($warning['expires'] == 0)
 983          {
 984              $expires = $lang->never;
 985          }
 986          else
 987          {
 988              $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']);
 989          }
 990          $status = $lang->warning_active;
 991      }
 992      else
 993      {
 994          if($warning['daterevoked'])
 995          {
 996              $expires = $status = $lang->warning_revoked;
 997          }
 998          else if($warning['expires'])
 999          {
1000              $revoked_date = '('.my_date($mybb->settings['dateformat'], $warning['expires']).' '.my_date($mybb->settings['timeformat'], $warning['expires']).')';
1001              $expires = $status = $lang->already_expired;
1002          }
1003      }
1004  
1005      if(!$warning['daterevoked'])
1006      {
1007          eval("\$revoke = \"".$templates->get("warnings_view_revoke")."\";");
1008      }
1009      else
1010      {
1011          $date_revoked = my_date($mybb->settings['dateformat'], $warning['daterevoked']).", ".my_date($mybb->settings['timeformat'], $warning['daterevoked']);
1012          $revoked_user = get_user($warning['revokedby']);
1013          if(!$revoked_user['username'])
1014          {
1015              $revoked_user['username'] = $lang->guest;
1016          }
1017          $revoked_by = build_profile_link($revoked_user['username'], $revoked_user['uid']);
1018          $revoke_reason = nl2br(htmlspecialchars_uni($warning['revokereason']));
1019          eval("\$revoke = \"".$templates->get("warnings_view_revoked")."\";");
1020      }
1021      
1022      $plugins->run_hooks("warnings_view_end");
1023  
1024      eval("\$warning = \"".$templates->get("warnings_view")."\";");
1025      output_page($warning);
1026  }
1027  
1028  // Showing list of warnings for a particular user

1029  if(!$mybb->input['action'])
1030  {
1031      if($mybb->usergroup['canwarnusers'] != 1)
1032      {
1033          error_no_permission();
1034      }
1035  
1036      $user = get_user(intval($mybb->input['uid']));
1037      if(!$user['uid'])
1038      {
1039          error($lang->error_invalid_user);
1040      }
1041      $group_permissions = user_permissions($user['uid']);
1042      if($group_permissions['canreceivewarnings'] != 1)
1043      {
1044          error($lang->error_cant_warn_group);
1045      }
1046  
1047      $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']);
1048      add_breadcrumb($lang->nav_profile, get_profile_link($user['uid']));
1049      add_breadcrumb($lang->nav_warning_log);
1050  
1051      if(!$mybb->settings['postsperpage'])
1052      {
1053          $mybb->settings['postperpage'] = 20;
1054      }
1055          
1056      // Figure out if we need to display multiple pages.

1057      $perpage = $mybb->settings['postsperpage'];
1058      $page = intval($mybb->input['page']);
1059  
1060      $query = $db->simple_select("warnings", "COUNT(wid) AS warning_count", "uid='{$user['uid']}'");
1061      $warning_count = $db->fetch_field($query, "warning_count");
1062  
1063      $pages = ceil($warning_count/$perpage);
1064  
1065      if($page > $pages || $page <= 0)
1066      {
1067          $page = 1;
1068      }
1069      if($page)
1070      {
1071          $start = ($page-1) * $perpage;
1072      }
1073      else
1074      {
1075          $start = 0;
1076          $page = 1;
1077      }
1078  
1079      $multipage = multipage($warning_count, $perpage, $page, "warnings.php?uid={$user['uid']}");
1080  
1081      $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
1082      if($warning_level > 100)
1083      {
1084          $warning_level = 100;
1085      }
1086      
1087      if($user['warningpoints'] > $mybb->settings['maxwarningpoints'])
1088      {
1089          $user['warningpoints'] = $mybb->settings['maxwarningpoints'];
1090      }
1091      
1092      if($warning_level > 0)
1093      {
1094          $lang->current_warning_level = $lang->sprintf($lang->current_warning_level, $warning_level, $user['warningpoints'], $mybb->settings['maxwarningpoints']);
1095      }
1096      else
1097      {
1098          $lang->current_warning_level = "";
1099      }
1100  
1101      // Fetch the actual warnings

1102      $query = $db->query("
1103          SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject
1104          FROM ".TABLE_PREFIX."warnings w
1105          LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid)
1106          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby)
1107          LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid)
1108          WHERE w.uid='{$user['uid']}'
1109          ORDER BY w.expired ASC, w.dateline DESC
1110          LIMIT {$start}, {$perpage}
1111      ");
1112      $first = true;
1113      while($warning = $db->fetch_array($query))
1114      {
1115          if($warning['expired'] != $last_expired || $first)
1116          {
1117              if($warning['expired'] == 0)
1118              {
1119                  eval("\$warnings .= \"".$templates->get("warnings_active_header")."\";");
1120              }
1121              else
1122              {
1123                  eval("\$warnings .= \"".$templates->get("warnings_expired_header")."\";");
1124              }
1125          }
1126          $last_expired = $warning['expired'];
1127          $first = false;
1128  
1129          $post_link = "";
1130          if($warning['post_subject'])
1131          {
1132              $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']);
1133              $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']);
1134              $post_link = "<br /><small>{$lang->warning_for_post} <a href=\"".get_post_link($warning['pid'])."#pid{$warning['pid']}\">{$warning['post_subject']}</a></small>";
1135          }
1136          $issuedby = build_profile_link($warning['username'], $warning['issuedby']);
1137          $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']);
1138          if($warning['type_title'])
1139          {
1140              $warning_type = $warning['type_title'];
1141          }
1142          else
1143          {
1144              $warning_type = $warning['title'];
1145          }
1146          $warning_type = htmlspecialchars_uni($warning_type);
1147          if($warning['points'] > 0)
1148          {
1149              $warning['points'] = "+{$warning['points']}";
1150          }
1151          $points = $lang->sprintf($lang->warning_points, $warning['points']);
1152          if($warning['expired'] != 1)
1153          {
1154              if($warning['expires'] == 0)
1155              {
1156                  $expires = $lang->never;
1157              }
1158              else
1159              {
1160                  $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']);
1161              }
1162          }
1163          else
1164          {
1165              if($warning['daterevoked'])
1166              {
1167                  $expires = $lang->warning_revoked;
1168              }
1169              else if($warning['expires'])
1170              {
1171                  $expires = $lang->already_expired;
1172              }
1173          }
1174          $alt_bg = alt_trow();
1175          $plugins->run_hooks("warnings_warning");
1176          eval("\$warnings .= \"".$templates->get("warnings_warning")."\";");
1177      }
1178  
1179      if(!$warnings)
1180      {
1181          eval("\$warnings = \"".$templates->get("warnings_no_warnings")."\";");
1182      }
1183      
1184      $plugins->run_hooks("warnings_end");
1185      
1186      eval("\$warnings = \"".$templates->get("warnings")."\";");
1187      output_page($warnings);
1188  }
1189  
1190  
1191  
1192  function find_warnlevels_to_check(&$query, &$max_expiration_times, &$check_levels)
1193  {
1194      global $db;
1195      // we have some warning levels we need to revoke

1196      $max_expiration_times = array(
1197          1 => -1,    // Ban
1198          2 => -1,    // Revoke posting
1199          3 => -1        // Moderate posting
1200      );
1201      $check_levels = array(
1202          1 => false,    // Ban
1203          2 => false,    // Revoke posting
1204          3 => false    // Moderate posting
1205      );
1206      while($warn_level = $db->fetch_array($query))
1207      {
1208          // revoke actions taken at this warning level

1209          $action = unserialize($warn_level['action']);
1210          if($action['type'] < 1 || $action['type'] > 3)    // prevent any freak-ish cases
1211          {
1212              continue;
1213          }
1214          
1215          $check_levels[$action['type']] = true;
1216          
1217          $max_exp_time = &$max_expiration_times[$action['type']];
1218          if($action['length'] && $max_exp_time != 0)
1219          {
1220              $expiration = $action['length'];
1221              if($expiration > $max_exp_time)
1222              {
1223                  $max_exp_time = $expiration;
1224              }
1225          }
1226          else
1227          {
1228              $max_exp_time = 0;
1229          }
1230      }
1231  }
1232  
1233  ?>

title

Description

title

Description

title

Description

title

title

Body