diff --git a/phpBB/report.php b/phpBB/report.php
index a37190cec0..32c3b55c13 100644
--- a/phpBB/report.php
+++ b/phpBB/report.php
@@ -34,9 +34,7 @@ $auth->acl($user->data);
$post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : 0;
$reason_id = (!empty($_REQUEST['reason_id'])) ? intval($_REQUEST['reason_id']) : 0;
$notify = (!empty($_REQUEST['notify']) && $user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE;
-$description = (!empty($_REQUEST['description'])) ? stripslashes($_REQUEST['description']) : '';
-$report_id = (!empty($_REQUEST['report_id'])) ? intval($_REQUEST['report_id']) : 0;
-$report_text = '';
+$report_text = (!empty($_REQUEST['report_text'])) ? htmlspecialchars(stripslashes($_REQUEST['report_text'])) : '';
// Has the report been cancelled?
if (isset($_POST['cancel']))
@@ -68,39 +66,24 @@ foreach ($acl_check_ary as $acl => $error)
{
if (!$auth->acl_get($acl, $forum_id))
{
- trigger_error($user->lang[$error]);
+ trigger_error($error);
}
}
unset($acl_check_ary);
-// Check if the user has already reported this post
-if ($user->data['user_id'] != ANONYMOUS)
+// Check if the post has already been reported
+$result = $db->sql_query('SELECT * FROM ' . REPORTS_TABLE . " WHERE post_id = $post_id");
+
+if ($row = $db->sql_fetchrow($result))
{
- $result = $db->sql_query('SELECT * FROM ' . REPORTS_TABLE . " WHERE post_id = $post_id AND user_id = " . $user->data['user_id']);
-
- if ($row = $db->sql_fetchrow($result))
+ if ($user->data['user_id'] == $row['user_id'] && $user->data['user_id'] != ANONYMOUS)
{
- if ($report_id)
- {
- if ($user->data['user_id'] == $row['user_id'])
- {
- $report_text = $row['report_text'];
- }
- else
- {
- $report_id = 0;
- }
- }
- else
- {
- $report_id = intval($row['report_id']);
- $reason_id = intval($row['reason_id']);
-
- $return_topic = '
' . sprintf($user->lang['RETURN_TOPIC'], "", '');
- $return_report = '
' . sprintf($user->lang['EDIT_REPORT'], "", '');
-
- trigger_error($user->lang['ALREADY_REPORTED'] . $return_report . $return_topic);
- }
+ extract($row);
+ }
+ else
+ {
+ $return_topic = '
' . sprintf($user->lang['RETURN_TOPIC'], "", '');
+ trigger_error($user->lang['ALREADY_REPORTED'] . $return_topic);
}
}
else
@@ -116,19 +99,19 @@ if (!empty($_POST['reason_id']))
WHERE reason_id = $reason_id";
$result = $db->sql_query($sql);
- if (!($row = $db->sql_fetchrow($result)) || (!$description && $row['reason_name'] == 'other'))
+ if (!($row = $db->sql_fetchrow($result)) || (!$report_text && $row['reason_name'] == 'other'))
{
trigger_error('EMPTY_REPORT');
}
$db->sql_freeresult($result);
$sql_ary = array(
- 'reason_id' => (int) $reason_id,
+ 'reason_id' => (int) $reason_id,
'post_id' => (int) $post_id,
'user_id' => (int) $user->data['user_id'],
'user_notify' => (int) $notify,
'report_time' => (int) time(),
- 'report_text' => (string) $description
+ 'report_text' => (string) $report_text
);
if ($report_id)
@@ -193,7 +176,7 @@ while ($row = $db->sql_fetchrow($result))
}
$template->assign_vars(array(
- 'REPORT_TEXT' => htmlspecialchars($report_text),
+ 'REPORT_TEXT' => $report_text,
'S_REPORT_ACTION' => "report.$phpEx$SID&p=$post_id" . (($report_id) ? "&report_id=$report_id" : ''),
'S_CAN_NOTIFY' => ($user->data['user_id'] == ANONYMOUS) ? FALSE : TRUE
));
diff --git a/phpBB/templates/subSilver/report_body.html b/phpBB/templates/subSilver/report_body.html
index 21a8e5a42e..b290521eb6 100644
--- a/phpBB/templates/subSilver/report_body.html
+++ b/phpBB/templates/subSilver/report_body.html
@@ -27,7 +27,7 @@
{L_MORE_INFO}:
{L_CAN_LEAVE_BLANK} |
- |
+ |
| |