From 59767029a969b4cea2eacb38cb27fd784937f72e Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 11 Jul 2004 15:20:35 +0000 Subject: [PATCH] - fixed permissions for mcp (global permission settings are false if user is only able to moderate one to x forums) - determine permission settings for submodules - further approve/disapprove work (approve_details added) git-svn-id: file:///svn/phpbb/trunk@4925 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_posting.php | 85 ++++++++++++++ phpBB/includes/mcp/mcp_queue.php | 110 ++++++++++++++++-- phpBB/includes/ucp/ucp_main.php | 4 +- phpBB/includes/ucp/ucp_pm_viewmessage.php | 2 +- phpBB/install/schemas/schema_data.sql | 6 +- phpBB/language/en/mcp.php | 2 + phpBB/mcp.php | 59 ++++++---- phpBB/posting.php | 92 +-------------- phpBB/search.php | 2 +- .../subSilver/template/mcp_approve.html | 46 ++++++++ .../styles/subSilver/template/mcp_queue.html | 24 ++-- .../template/posting_topic_review.html | 2 +- phpBB/ucp.php | 11 +- phpBB/viewforum.php | 4 +- phpBB/viewtopic.php | 16 ++- 15 files changed, 314 insertions(+), 151 deletions(-) create mode 100644 phpBB/styles/subSilver/template/mcp_approve.html diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 720a91ed86..d793e66586 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -928,4 +928,89 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0) } } +// Topic Review +function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true) +{ + global $user, $auth, $db, $template, $bbcode, $template; + global $config, $phpbb_root_path, $phpEx, $SID; + + // Go ahead and pull all data for this topic + $sql = 'SELECT u.username, u.user_id, u.user_karma, p.post_id, p.post_username, p.post_subject, p.post_text, p.enable_smilies, p.bbcode_uid, p.bbcode_bitfield, p.post_time + FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u + WHERE p.topic_id = $topic_id + AND p.poster_id = u.user_id + " . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . ' + ' . (($mode == 'post_review') ? " AND p.post_id > $cur_post_id" : '') . ' + ORDER BY p.post_time DESC'; + $result = $db->sql_query_limit($sql, $config['posts_per_page']); + + if (!$row = $db->sql_fetchrow($result)) + { + return false; + } + + $bbcode_bitfield = 0; + do + { + $rowset[] = $row; + $bbcode_bitfield |= $row['bbcode_bitfield']; + } + while ($row = $db->sql_fetchrow($result)); + $db->sql_freeresult($result); + + // Instantiate BBCode class + if (!isset($bbcode) && $bbcode_bitfield) + { + include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx); + $bbcode = new bbcode($bbcode_bitfield); + } + + foreach ($rowset as $i => $row) + { + $poster_id = $row['user_id']; + $poster = $row['username']; + + // Handle anon users posting with usernames + if ($poster_id == ANONYMOUS && $row['post_username']) + { + $poster = $row['post_username']; + $poster_rank = $user->lang['GUEST']; + } + + $post_subject = $row['post_subject']; + $message = $row['post_text']; + + if ($row['bbcode_bitfield']) + { + $bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']); + } + + $message = smilie_text($message, !$row['enable_smilies']); + + $post_subject = censor_text($post_subject); + $message = censor_text($message); + + $template->assign_block_vars($mode . '_row', array( + 'POSTER_NAME' => $poster, + 'POST_SUBJECT' => $post_subject, + 'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']), + 'POST_DATE' => $user->format_date($row['post_time']), + 'MESSAGE' => str_replace("\n", '
', $message), + + 'U_POST_ID' => $row['post_id'], + 'U_MINI_POST' => "{$phpbb_root_path}viewtopic.$phpEx$SID&p=" . $row['post_id'] . '#' . $row['post_id'], + 'U_MCP_DETAILS' => ($auth->acl_get('m_', $forum_id)) ? "{$phpbb_root_path}mcp.$phpEx$SID&mode=post_details&p=" . $row['post_id'] : '', + 'U_QUOTE' => ($show_quote_button && $auth->acl_get('f_quote', $forum_id)) ? 'javascript:addquote(' . $row['post_id'] . ", '" . str_replace("'", "\\'", $poster) . "')" : '') + ); + unset($rowset[$i]); + } + + if ($mode == 'topic_review') + { + $template->assign_var('QUOTE_IMG', $user->img('btn_quote', $user->lang['REPLY_WITH_QUOTE'])); + } + + return true; +} + ?> \ No newline at end of file diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 0e579f9f52..0106f8c6e2 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -24,14 +24,91 @@ class mcp_queue extends module switch ($mode) { + case 'approve': + case 'disapprove': + + break; + + case 'approve_details': + + $user->add_lang('posting'); + include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); + + $post_id = request_var('p', 0); + $post_info = get_post_data(array($post_id), 'm_approve'); + + if (!sizeof($post_info)) + { + trigger_error('NO_POST_SELECTED'); + } + + $post_info = $post_info[$post_id]; + + if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false)) + { + $template->assign_vars(array( + 'S_TOPIC_REVIEW' => true, + 'TOPIC_TITLE' => $post_info['topic_title']) + ); + } + + // Set some vars + $poster = ($post_info['user_colour']) ? '' . $post_info['username'] . '' : $post_info['username']; + + // Process message, leave it uncensored + $message = $post_info['post_text']; + if ($post_info['bbcode_bitfield']) + { + include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx); + $bbcode = new bbcode($post_info['bbcode_bitfield']); + $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']); + } + $message = smilie_text($message); + + $template->assign_vars(array( + 'S_APPROVE_ACTION' => "mcp.$phpEx$SID&i=queue&p=$post_id&f=$forum_id", + + 'S_CAN_VIEWIP' => $auth->acl_get('m_ip', $post_info['forum_id']), + 'S_POST_REPORTED' => $post_info['post_reported'], + 'S_POST_UNAPPROVED' => !$post_info['post_approved'], + 'S_POST_LOCKED' => $post_info['post_edit_locked'], +// 'S_USER_NOTES' => ($post_info['user_notes']) ? true : false, + 'S_USER_WARNINGS' => ($post_info['user_warnings']) ? true : false, + + 'U_VIEW_PROFILE' => "memberlist.$phpEx$SID&mode=viewprofile&u=" . $post_info['user_id'], + 'U_MCP_USERNOTES' => "mcp.$phpEx$SID&i=notes&mode=user_notes&u=" . $post_info['user_id'], + 'U_MCP_WARNINGS' => "mcp.$phpEx$SID&i=warnings&mode=view_user&u=" . $post_info['user_id'], + + 'REPORTED_IMG' => $user->img('icon_reported', $user->lang['POST_REPORTED']), + 'UNAPPROVED_IMG' => $user->img('icon_unapproved', $user->lang['POST_UNAPPROVED']), + + 'POSTER_NAME' => $poster, + 'POST_PREVIEW' => $message, + 'POST_SUBJECT' => $post_info['post_subject'], + 'POST_DATE' => $user->format_date($post_info['post_time']), + 'POST_IP' => $post_info['poster_ip'], + 'POST_IPADDR' => @gethostbyaddr($post_info['poster_ip'])) + ); + + $this->display($user->lang['MCP_QUEUE'], 'mcp_approve.html'); + + break; + case 'unapproved_topics': case 'unapproved_posts': - $forum_info = array(); + $forum_list_approve = get_forum_list('m_approve', false, true); + if (!$forum_id) { - if (!$forum_list = implode(', ', get_forum_list('m_approve'))) + $forum_list = array(); + foreach ($forum_list_approve as $row) + { + $forum_list[] = $row['forum_id']; + } + + if (!$forum_list = implode(', ', $forum_list)) { trigger_error('NOT_MODERATOR'); } @@ -42,6 +119,7 @@ class mcp_queue extends module $result = $db->sql_query($sql); $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics', 0, $result); $db->sql_freeresult($result); + } else { @@ -53,6 +131,13 @@ class mcp_queue extends module } $forum_info = $forum_info[$forum_id]; + $forum_list = $forum_id; + } + + $forum_options = ''; + foreach ($forum_list_approve as $row) + { + $forum_options .= ''; } mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id); @@ -133,29 +218,32 @@ class mcp_queue extends module } else { - $poster = '' . $row['username'] . ''; + $poster = $row['username']; } $s_checkbox = ($mode == 'unapproved_posts') ? '' : ''; $template->assign_block_vars('postrow', array( - 'U_VIEWFORUM' => "viewforum.$phpEx$SID&f=" . $row['forum_id'], + 'U_VIEWFORUM' => "viewforum.$phpEx$SID&f=" . $row['forum_id'], // Q: Why accessing the topic by a post_id instead of its topic_id? // A: To prevent the post from being hidden because of low karma or wrong encoding - 'U_VIEWTOPIC' => "viewtopic.$phpEx$SID&f=" . $row['forum_id'] . '&p=' . $row['post_id'] . (($mode == 'unapproved_posts') ? '#' . $row['post_id'] : ''), + 'U_VIEWTOPIC' => "viewtopic.$phpEx$SID&f=" . $row['forum_id'] . '&p=' . $row['post_id'] . (($mode == 'unapproved_posts') ? '#' . $row['post_id'] : ''), + 'U_VIEW_DETAILS'=> "mcp.$phpEx$SID&i=queue&start=$start&mode=approve_details&f={$forum_id}&p={$row['post_id']}", + 'U_VIEWPROFILE' => ($row['poster_id'] != ANONYMOUS) ? "memberlist.$phpEx$SID&mode=viewprofile&u={$row['poster_id']}" : '', - 'FORUM_NAME' => $row['forum_name'], - 'TOPIC_TITLE' => $row['topic_title'], - 'POSTER' => $poster, - 'POST_TIME' => $user->format_date($row['post_time']), - 'S_CHECKBOX' => $s_checkbox) + 'FORUM_NAME' => $row['forum_name'], + 'TOPIC_TITLE' => $row['topic_title'], + 'POSTER' => $poster, + 'POST_TIME' => $user->format_date($row['post_time']), + 'S_CHECKBOX' => $s_checkbox) ); } unset($rowset); // Now display the page $template->assign_vars(array( - 'L_DISPLAY_ITEMS' => ($mode == 'unapproved_posts') ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS']) + 'L_DISPLAY_ITEMS' => ($mode == 'unapproved_posts') ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'], + 'S_FORUM_OPTIONS' => $forum_options) ); $this->display($user->lang['MCP_QUEUE'], 'mcp_queue.html'); diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index 004053b10e..ec846c778f 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -420,7 +420,7 @@ class ucp_main extends module $topic_id = $row['topic_id']; // Goto message generation - $replies = ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies']; + $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; $topic_type = ''; switch ($row['topic_type']) @@ -637,7 +637,7 @@ class ucp_main extends module $forum_id = $row['forum_id']; $topic_id = $row['b_topic_id']; - $replies = ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies']; + $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; $topic_type = ''; switch ($row['topic_type']) diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index f753f6433b..26ea051cae 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -171,7 +171,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'U_MCP_REPORT' => "{$phpbb_root_path}mcp.$phpEx$SID&mode=pm_details&p=" . $message_row['msg_id'], 'U_REPORT' => ($config['auth_report_pm'] && $auth->acl_get('u_pm_report')) ? "{$phpbb_root_path}report.$phpEx$SID&pm=" . $message_row['msg_id'] : '', - 'U_IP' => ($auth->acl_get('m_') && $message_row['message_reported']) ? "{$phpbb_root_path}mcp.$phpEx?sid=" . $user->session_id . "&mode=pm_details&p=" . $message_row['msg_id'] . '#ip' : '', + 'U_IP' => ($auth->acl_get('m_ip') && $message_row['message_reported']) ? "{$phpbb_root_path}mcp.$phpEx?sid=" . $user->session_id . "&mode=pm_details&p=" . $message_row['msg_id'] . '#ip' : '', 'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&mode=compose&action=delete&f=$folder_id&p=" . $message_row['msg_id'] : '', 'U_AUTHOR_PROFILE' => "{$phpbb_root_path}memberlist.$phpEx$SID&mode=viewprofile&u=" . $author_id, 'U_EMAIL' => $user_info['email'], diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 2217ed06b6..9509aa1d05 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -408,14 +408,14 @@ INSERT INTO phpbb_bots (bot_id, bot_active, bot_name, user_id, bot_agent, bot_ip # MSSQL IDENTITY phpbb_modules OFF # # -- Modules -INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'MAIN', 'main', 1, 1, 'front\r\nsubscribed\r\nbookmarks\r\ndrafts', ''); +INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'MAIN', 'main', 1, 1, 'front\r\nsubscribed\r\nbookmarks,cfg_allow_bookmarks\r\ndrafts', ''); INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'PM', 'pm', 2, 1, 'view_messages\r\ncompose\r\nunread\r\ndrafts\r\noptions', 'cfg_allow_privmsg'); INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'PROFILE', 'profile', 3, 1, 'profile_info\r\nreg_details\r\nsignature\r\navatar', ''); INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'PREFS', 'prefs', 4, 1, 'personal\r\nview\r\npost', ''); INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'ZEBRA', 'zebra', 5, 1, 'friends\r\nfoes', ''); INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'ATTACHMENTS', 'attachments', 6, 1, '', 'acl_u_attach && cfg_allow_attachments'); -INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'MAIN', 'main', 1, 1, 'front\r\nforum_view\r\ntopic_view\r\npost_details', ''); -INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'QUEUE', 'queue', 2, 1, 'unapproved_topics\r\nunapproved_posts', 'acl_m_approve'); +INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'MAIN', 'main', 1, 1, 'front\r\nforum_view\r\ntopic_view\r\npost_details', 'acl_m_'); +INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'QUEUE', 'queue', 2, 1, 'unapproved_topics\r\nunapproved_posts\r\nreports', 'acl_m_approve'); # MSSQL IDENTITY phpbb_modules OFF # diff --git a/phpBB/language/en/mcp.php b/phpBB/language/en/mcp.php index 2c20468607..16e35a9cc8 100644 --- a/phpBB/language/en/mcp.php +++ b/phpBB/language/en/mcp.php @@ -238,6 +238,8 @@ $lang += array( 'USER_CANNOT_POST' => 'You cannot post in this forum', 'USER_CANNOT_REPORT' => 'You cannot report posts in this forum', + 'VIEW_DETAILS' => 'View Details', + 'YOU_SELECTED_TOPIC' => 'You selected topic number %d: %s', 'report_reasons' => array( diff --git a/phpBB/mcp.php b/phpBB/mcp.php index b9f4d935b2..c5e975d9ae 100644 --- a/phpBB/mcp.php +++ b/phpBB/mcp.php @@ -36,18 +36,16 @@ class module if ($post_id) { - if (!$topic_id || !$forum_id) - { - $sql = 'SELECT topic_id, forum_id - FROM ' . POSTS_TABLE . " - WHERE post_id = $post_id"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + // We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post + $sql = 'SELECT topic_id, forum_id + FROM ' . POSTS_TABLE . " + WHERE post_id = $post_id"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - $topic_id = (int) $row['topic_id']; - $forum_id = (int) $row['forum_id']; - } + $topic_id = (int) $row['topic_id']; + $forum_id = (int) $row['forum_id']; } if ($topic_id && !$forum_id) @@ -62,6 +60,20 @@ class module $forum_id = (int) $row['forum_id']; } + // If we do not have a forum id and the user is not a super moderator (global options are set to false, even if the user is able to moderator at least one forum + if (!$forum_id && !$auth->acl_get('m_')) + { + $forum_list = get_forum_list('m_'); + + if (!sizeof($forum_list)) + { + trigger_error('MODULE_NOT_EXIST'); + } + + // We do not check all forums, only the first one should be sufficiant. + $forum_id = $forum_list[0]; + } + $sql = 'SELECT module_id, module_title, module_filename, module_subs, module_acl FROM ' . MODULES_TABLE . " WHERE module_type = '{$module_type}' @@ -76,7 +88,7 @@ class module if ($row['module_acl']) { $is_auth = false; - eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1")', '(int) $config["\\1"]'), trim($row['module_acl'])) . ');'); + eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1", ' . $forum_id . ')', '(int) $config["\\1"]'), trim($row['module_acl'])) . ');'); // The user is not authorised to use this module, skip it if (!$is_auth) @@ -106,19 +118,26 @@ class module $submodules_ary = explode("\n", $row['module_subs']); foreach ($submodules_ary as $submodule) { + if (!trim($submodule)) + { + continue; + } + $submodule = explode(',', trim($submodule)); $submodule_title = array_shift($submodule); $is_auth = true; foreach ($submodule as $auth_option) { - if (!$auth->acl_get($auth_option)) + eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1", ' . $forum_id . ')', '(int) $config["\\1"]'), trim($auth_option)) . ');'); + + if (!$is_auth) { - $is_auth = false; + break; } } - if (!$is_auth || empty($submodule_title)) + if (!$is_auth) { continue; } @@ -316,14 +335,14 @@ if ($mode2) } // Only Moderators can go beyond this point -if ($user->data['user_id'] == ANONYMOUS || !$auth->acl_get('m_')) +if ($user->data['user_id'] == ANONYMOUS) { - if ($user->data['user_id'] != ANONYMOUS) + login_box("{$phpbb_root_path}mcp.$phpEx$SID&mode=$mode&i=$module", '', $user->lang['LOGIN_EXPLAIN_MCP']); + + if ($user->data['user_id'] == ANONYMOUS) { redirect("index.$phpEx$SID"); } - - login_box("{$phpbb_root_path}mcp.$phpEx$SID&mode=$mode&i=$module", '', $user->lang['LOGIN_EXPLAIN_MCP']); } $quickmod = (isset($_REQUEST['quickmod'])) ? true : false; @@ -365,7 +384,7 @@ if (!$quickmod) $mcp->create('mcp', "mcp.$phpEx$SID", $post_id, $topic_id, $forum_id, $module, $mode); // Load and execute the relevant module - $mcp->load(); + $mcp->load('mcp', false, $mode); exit; } diff --git a/phpBB/posting.php b/phpBB/posting.php index f894dc9514..a9de09ddbe 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1271,92 +1271,6 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id } -// Topic Review -function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0) -{ - global $user, $auth, $db, $template, $bbcode, $template; - global $config, $phpbb_root_path, $phpEx, $SID; - - // Go ahead and pull all data for this topic - $sql = 'SELECT u.username, u.user_id, u.user_karma, p.post_id, p.post_username, p.post_subject, p.post_text, p.enable_smilies, p.bbcode_uid, p.bbcode_bitfield, p.post_time - FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u - WHERE p.topic_id = $topic_id - AND p.poster_id = u.user_id - " . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . ' - ' . (($mode == 'post_review') ? " AND p.post_id > $cur_post_id" : '') . ' - ORDER BY p.post_time DESC'; - $result = $db->sql_query_limit($sql, $config['posts_per_page']); - - if (!$row = $db->sql_fetchrow($result)) - { - return false; - } - - $bbcode_bitfield = 0; - do - { - $rowset[] = $row; - $bbcode_bitfield |= $row['bbcode_bitfield']; - } - while ($row = $db->sql_fetchrow($result)); - $db->sql_freeresult($result); - - // Instantiate BBCode class - if (!isset($bbcode) && $bbcode_bitfield) - { - include($phpbb_root_path . 'includes/bbcode.'.$phpEx); - $bbcode = new bbcode($bbcode_bitfield); - } - - foreach ($rowset as $i => $row) - { - $poster_id = $row['user_id']; - $poster = $row['username']; - - // Handle anon users posting with usernames - if ($poster_id == ANONYMOUS && $row['post_username']) - { - $poster = $row['post_username']; - $poster_rank = $user->lang['GUEST']; - } - - $post_subject = $row['post_subject']; - $message = $row['post_text']; - - if ($row['bbcode_bitfield']) - { - $bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']); - } - - $message = smilie_text($message, !$row['enable_smilies']); - - $post_subject = censor_text($post_subject); - $message = censor_text($message); - - $template->assign_block_vars($mode . '_row', array( - 'KARMA_IMG' => ($config['enable_karma']) ? $user->img('karma_center', $user->lang['KARMA'][$row['user_karma']], false, (int) $row['user_karma']) : '', - 'POSTER_NAME' => $poster, - 'POST_SUBJECT' => $post_subject, - 'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']), - 'POST_DATE' => $user->format_date($row['post_time']), - 'MESSAGE' => str_replace("\n", '
', $message), - - 'U_POST_ID' => $row['post_id'], - 'U_MINI_POST' => "{$phpbb_root_path}viewtopic.$phpEx$SID&p=" . $row['post_id'] . '#' . $row['post_id'], - 'U_QUOTE' => ($auth->acl_get('f_quote', $forum_id)) ? 'javascript:addquote(' . $row['post_id'] . ", '" . str_replace("'", "\\'", $poster) . "')" : '') - ); - unset($rowset[$i]); - } - - if ($mode == 'topic_review') - { - $template->assign_var('QUOTE_IMG', $user->img('btn_quote', $user->lang['REPLY_WITH_QUOTE'])); - } - - return true; -} - - // Delete Post function delete_post($mode, $post_id, $topic_id, $forum_id, $data) { @@ -1443,7 +1357,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data) $sql = 'SELECT MAX(post_id) as last_post_id FROM ' . POSTS_TABLE . " WHERE topic_id = $topic_id " . - (($auth->acl_get('m_approve')) ? 'AND post_approved = 1' : ''); + (($auth->acl_get('m_approve', $forum_id)) ? 'AND post_approved = 1' : ''); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -1456,7 +1370,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data) $sql = 'SELECT post_id FROM ' . POSTS_TABLE . " WHERE topic_id = $topic_id " . - (($auth->acl_get('m_approve')) ? 'AND post_approved = 1' : '') . ' + (($auth->acl_get('m_approve', $forum_id)) ? 'AND post_approved = 1' : '') . ' AND post_time > ' . $data['post_time'] . ' ORDER BY post_time ASC'; $result = $db->sql_query_limit($sql, 1); @@ -1998,7 +1912,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_ markread($mark_mode, $data['forum_id'], $data['topic_id'], $data['post_time']); // Send Notifications - if ($mode != 'edit' && $mode != 'delete') + if ($mode != 'edit' && $mode != 'delete' && !$auth->acl_get('f_moderate', $data['forum_id'])) { user_notification($mode, stripslashes($subject), stripslashes($data['topic_title']), stripslashes($data['forum_name']), $data['forum_id'], $data['topic_id'], $data['post_id']); } diff --git a/phpBB/search.php b/phpBB/search.php index 61e67c94bd..58952abe21 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -766,7 +766,7 @@ if ($search_keywords || $search_author || $search_id) 'LAST_VIEW_TIME' => $user->format_date($row['topic_last_view_time']), 'LAST_POST_AUTHOR' => $last_post_author, 'GOTO_PAGE' => $goto_page, - 'TOPIC_REPLIES' => ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'], + 'TOPIC_REPLIES' => ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'], 'TOPIC_VIEWS' => $row['topic_views'], 'FORUM_TITLE' => $row['forum_name'], 'TOPIC_TITLE' => censor_text($row['topic_title']), diff --git a/phpBB/styles/subSilver/template/mcp_approve.html b/phpBB/styles/subSilver/template/mcp_approve.html new file mode 100644 index 0000000000..55f878609f --- /dev/null +++ b/phpBB/styles/subSilver/template/mcp_approve.html @@ -0,0 +1,46 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
{L_POST_DETAILS}
{RETURN_QUEUE}
{L_POST_SUBJECT}: {POST_SUBJECT}
{L_POSTER}: {POSTER_NAME}   [ {L_READ_PROFILE} ] [ {L_READ_USERNOTES} ] [ {L_READ_WARNINGS} ]
{L_THIS_POST_IP}: {POST_IP} [ {POST_IPADDR} ]
{L_POSTED}: {POST_DATE}
{L_PREVIEW}
{POST_PREVIEW}
 
+ +
+ + + + \ No newline at end of file diff --git a/phpBB/styles/subSilver/template/mcp_queue.html b/phpBB/styles/subSilver/template/mcp_queue.html index 467fb2a246..a027af34cf 100644 --- a/phpBB/styles/subSilver/template/mcp_queue.html +++ b/phpBB/styles/subSilver/template/mcp_queue.html @@ -5,23 +5,22 @@ {L_DISPLAY_OPTIONS} - {L_DISPLAY_ITEMS}: {S_SELECT_SORT_DAYS} {L_SORT_BY} {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR}  + {L_DISPLAY_ITEMS}: {S_SELECT_SORT_DAYS} {L_SORT_BY} {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR} {L_FORUM}   -  {L_FORUM}  -  {L_TOPIC}  +  {L_TOPIC}   {L_AUTHOR}   {L_POST_TIME}   {L_SELECT}  - - - {postrow.FORUM_NAME} - {postrow.TOPIC_TITLE} - {postrow.POSTER} - {postrow.POST_TIME} - {postrow.S_CHECKBOX} + +

{postrow.TOPIC_TITLE}


+ {L_FORUM}: {postrow.FORUM_NAME} + {postrow.POSTER}{postrow.POSTER}
+ [ {L_VIEW_DETAILS} ] + {postrow.POST_TIME} + {postrow.S_CHECKBOX} @@ -34,9 +33,8 @@ - - - + +
{PAGE_NUMBER}{L_MARK_ALL} :: {L_UNMARK_ALL}
{PAGINATION}
{L_MARK_ALL} :: {L_UNMARK_ALL}
diff --git a/phpBB/styles/subSilver/template/posting_topic_review.html b/phpBB/styles/subSilver/template/posting_topic_review.html index 19bdf0023f..148fc1fde1 100644 --- a/phpBB/styles/subSilver/template/posting_topic_review.html +++ b/phpBB/styles/subSilver/template/posting_topic_review.html @@ -52,7 +52,7 @@ - + diff --git a/phpBB/ucp.php b/phpBB/ucp.php index 596e345fad..f4965b0385 100755 --- a/phpBB/ucp.php +++ b/phpBB/ucp.php @@ -101,15 +101,22 @@ class module $submodules_ary = explode("\n", $row['module_subs']); foreach ($submodules_ary as $submodule) { + if (!trim($submodule)) + { + continue; + } + $submodule = explode(',', trim($submodule)); $submodule_title = array_shift($submodule); $is_auth = true; foreach ($submodule as $auth_option) { - if (!$auth->acl_get($auth_option)) + eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1")', '(int) $config["\\1"]'), trim($auth_option)) . ');'); + + if (!$is_auth) { - $is_auth = false; + break; } } diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 9dc50e7958..03b6dec26d 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -410,7 +410,7 @@ if ($forum_data['forum_type'] == FORUM_POST || ($forum_data['forum_flags'] & 16) } // Replies - $replies = ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies']; + $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; // Topic type/folder $topic_type = ''; @@ -550,7 +550,7 @@ if ($forum_data['forum_type'] == FORUM_POST || ($forum_data['forum_flags'] & 16) 'LAST_VIEW_TIME' => $user->format_date($row['topic_last_view_time']), 'LAST_POST_AUTHOR' => ($row['topic_last_poster_name'] != '') ? $row['topic_last_poster_name'] : $user->lang['GUEST'], 'GOTO_PAGE' => $goto_page, - 'REPLIES' => ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'], + 'REPLIES' => ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'], 'VIEWS' => $row['topic_views'], 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index a8b9f04ad8..baef239f19 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -160,11 +160,11 @@ if ($user->data['user_id'] != ANONYMOUS) break; default: - $extra_fields .= ', tw.notify_status, bm.order_id as bookmarked'; + $extra_fields .= ', tw.notify_status' . (($config['allow_bookmarks']) ? ', bm.order_id as bookmarked' : ''); $join_sql_table .= ' LEFT JOIN ' . TOPICS_WATCH_TABLE . ' tw ON (tw.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tw.topic_id)'; - $join_sql_table .= ' LEFT JOIN ' . BOOKMARKS_TABLE . ' bm ON (bm.user_id = ' . $user->data['user_id'] . ' - AND t.topic_id = bm.topic_id)'; + $join_sql_table .= ($config['allow_bookmarks']) ? ' LEFT JOIN ' . BOOKMARKS_TABLE . ' bm ON (bm.user_id = ' . $user->data['user_id'] . ' + AND t.topic_id = bm.topic_id)' : ''; } } @@ -172,7 +172,7 @@ if ($user->data['user_id'] != ANONYMOUS) // whereupon we join on the forum_id passed as a parameter ... this // is done so navigation, forum name, etc. remain consistent with where // user clicked to view a global topic -$sql = 'SELECT t.topic_id, t.forum_id, t.topic_title, t.topic_attachment, t.topic_status, t.topic_approved, ' . (($auth->acl_get('m_approve')) ? 't.topic_replies_real AS topic_replies' : 't.topic_replies') . ', t.topic_last_post_id, t.topic_last_poster_id, t.topic_last_post_time, t.topic_poster, t.topic_time, t.topic_time_limit, t.topic_type, t.topic_bumped, t.topic_bumper, t.poll_max_options, t.poll_start, t.poll_length, t.poll_title, f.forum_name, f.forum_desc, f.forum_parents, f.parent_id, f.left_id, f.right_id, f.forum_status, f.forum_type, f.forum_id, f.forum_style, f.forum_password, f.forum_rules, f.forum_rules_link, f.forum_rules_flags' . $extra_fields . ' +$sql = 'SELECT t.topic_id, t.forum_id, t.topic_title, t.topic_attachment, t.topic_status, t.topic_approved, t.topic_replies_real, t.topic_replies, t.topic_last_post_id, t.topic_last_poster_id, t.topic_last_post_time, t.topic_poster, t.topic_time, t.topic_time_limit, t.topic_type, t.topic_bumped, t.topic_bumper, t.poll_max_options, t.poll_start, t.poll_length, t.poll_title, f.forum_name, f.forum_desc, f.forum_parents, f.parent_id, f.left_id, f.right_id, f.forum_status, f.forum_type, f.forum_id, f.forum_style, f.forum_password, f.forum_rules, f.forum_rules_link, f.forum_rules_flags' . $extra_fields . ' FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f' . $join_sql_table . " WHERE $join_sql AND (f.forum_id = t.forum_id @@ -194,6 +194,10 @@ if (!($topic_data = $db->sql_fetchrow($result))) // Extract the data extract($topic_data); +// We make this check here because the correct forum_id is determined +$topic_replies = ($auth->acl_get('m_approve', $forum_id) ? $topic_replies_real : $topic_replies; +unset($topic_replies_real); + if ($user->data['user_id'] != ANONYMOUS) { if ($config['load_db_lastread']) @@ -497,7 +501,7 @@ $template->assign_vars(array( 'L_WATCH_TOPIC' => $s_watching_topic['title'], 'U_BOOKMARK_TOPIC' => ($user->data['user_id'] != ANONYMOUS && $config['allow_bookmarks']) ? $viewtopic_url . '&bookmark=1' : '', - 'L_BOOKMARK_TOPIC' => ($user->data['user_id'] != ANONYMOUS && $bookmarked) ? $user->lang['BOOKMARK_TOPIC_REMOVE'] : $user->lang['BOOKMARK_TOPIC'], + 'L_BOOKMARK_TOPIC' => ($user->data['user_id'] != ANONYMOUS && $config['allow_bookmarks'] && $bookmarked) ? $user->lang['BOOKMARK_TOPIC_REMOVE'] : $user->lang['BOOKMARK_TOPIC'], 'U_POST_NEW_TOPIC' => "posting.$phpEx$SID&mode=post&f=$forum_id", 'U_POST_REPLY_TOPIC' => "posting.$phpEx$SID&mode=reply&f=$forum_id&t=$topic_id", @@ -1259,7 +1263,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) 'U_REPORT' => "report.$phpEx$SID&p=" . $row['post_id'], 'U_MCP_REPORT' => ($auth->acl_gets('m_', 'a_', 'f_report', $forum_id)) ? "mcp.$phpEx$SID&mode=post_details&p=" . $row['post_id'] : '', 'U_MCP_APPROVE' => ($auth->acl_get('m_approve', $forum_id)) ? "mcp.$phpEx$SID&i=queue&mode=approve&p=" . $row['post_id'] : '', - 'U_MCP_DETAILS' => ($auth->acl_gets('a_', 'm_', $forum_id)) ? "mcp.$phpEx$SID&mode=post_details&p=" . $row['post_id'] : '', + 'U_MCP_DETAILS' => ($auth->acl_get('m_', $forum_id)) ? "mcp.$phpEx$SID&mode=post_details&p=" . $row['post_id'] : '', 'U_MINI_POST' => "viewtopic.$phpEx$SID&p=" . $row['post_id'] . '#' . $row['post_id'], 'U_POST_ID' => ($unread_post_id == $row['post_id']) ? 'unread' : $row['post_id'], 'POST_ID' => $row['post_id'],
 [ {L_POST_DETAILS} ] {topic_review_row.MINI_POST_IMG} {L_POSTED}: {topic_review_row.POST_DATE}