fix some issues with oop, fixing small bugs and prepare the next steps...

NOTE TO DEVS: have a look at adm/admin_board.php (new config layout)


git-svn-id: file:///svn/phpbb/trunk@4883 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/report.php

@@ -22,50 +22,79 @@ $auth->acl($user->data);
 $user->setup('mcp');
 
 // var definitions
-$post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : 0;
-$reason_id = (!empty($_REQUEST['reason_id'])) ? intval($_REQUEST['reason_id']) : 0;
-$user_notify = (!empty($_REQUEST['notify']) && $user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE;
-$report_text = (!empty($_REQUEST['report_text'])) ? htmlspecialchars(stripslashes($_REQUEST['report_text'])) : '';
+$post_id	= request_var('p', 0);
+$msg_id		= request_var('pm', 0);
+$reason_id	= request_var('reason_id', 0);
+$user_notify= (!empty($_REQUEST['notify']) && $user->data['user_id'] != ANONYMOUS) ? true : false;
+$report_text= request_var('report_text', '');
+
+if (!$post_id && !$msg_id)
+{
+	trigger_error('NO_MODE');
+}
+
+$redirect_url	= ($post_id) ? "{$phpbb_root_path}viewtopic.$phpEx$SID&p=$post_id#$post_id" : "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&mode=view_messages&action=view_message&p=$msg_id";
 
 // Has the report been cancelled?
 if (isset($_POST['cancel']))
 {
-	redirect("viewtopic.$phpEx$SID&p=$post_id#$post_id");
+	redirect($redirect_url);
 }
 
 // Grab all relevant data
-$sql = 'SELECT f.*, t.*, p.*
-	FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
-	WHERE p.post_id = $post_id
-		AND p.topic_id = t.topic_id
-		AND p.forum_id = f.forum_id";
+if ($post_id)
+{
+	$sql = 'SELECT f.*, t.*, p.*
+		FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
+		WHERE p.post_id = $post_id
+			AND p.topic_id = t.topic_id
+			AND p.forum_id = f.forum_id";
+}
+else
+{
+	// Only the user itself is able to report his Private Messages
+	$sql = 'SELECT p.*, t.*
+		FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . " t
+		WHERE t.msg_id = $msg_id
+			AND t.user_id = " . $user->data['user_id'] . '
+			AND t.msg_id = p.msg_id';
+}
 $result = $db->sql_query($sql);
 
-if (!($forum_data = $db->sql_fetchrow($result)))
+if (!($report_data = $db->sql_fetchrow($result)))
 {
 	trigger_error($user->lang['POST_NOT_EXIST']);
 }
 
-$forum_id = $forum_data['forum_id'];
-$topic_id = $forum_data['topic_id'];
-
-
-// Check required permissions
-$acl_check_ary = array('f_list' => 'POST_NOT_EXIST', 'f_read' => 'USER_CANNOT_READ', 'f_report' => 'USER_CANNOT_REPORT');
-foreach ($acl_check_ary as $acl => $error)
+if ($post_id)
 {
-	if (!$auth->acl_get($acl, $forum_id))
+	$forum_id = $report_data['forum_id'];
+	$topic_id = $report_data['topic_id'];
+
+	// Check required permissions
+	$acl_check_ary = array('f_list' => 'POST_NOT_EXIST', 'f_read' => 'USER_CANNOT_READ', 'f_report' => 'USER_CANNOT_REPORT');
+	foreach ($acl_check_ary as $acl => $error)
 	{
-		trigger_error($error);
+		if (!$auth->acl_get($acl, $forum_id))
+		{
+			trigger_error($error);
+		}
+	}
+	unset($acl_check_ary);
+}
+else
+{
+	if (!$config['auth_report_pm'] || !$auth->acl_get('u_pm_report'))
+	{
+		trigger_error('USER_CANNOT_REPORT');
 	}
 }
-unset($acl_check_ary);
 
 // Check if the post has already been reported by this user
 $sql = 'SELECT *
-	FROM ' . REPORTS_TABLE . "
-	WHERE post_id = $post_id
-		AND user_id = " . $user->data['user_id'];
+	FROM ' . REPORTS_TABLE . '
+	WHERE ' . (($post_id) ? "post_id = $post_id" : "msg_id = $msg_id") . '
+		AND user_id = ' . $user->data['user_id'];
 $result = $db->sql_query($sql);
 
 if ($row = $db->sql_fetchrow($result))
@@ -86,9 +115,7 @@ if ($row = $db->sql_fetchrow($result))
 	}
 	else
 	{
-		$return_topic = '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], "<a href=\"viewtopic.$phpEx$SID&amp;p=$post_id#$post_id\">", '</a>');
-
-		trigger_error($user->lang['ALREADY_REPORTED'] . $return_topic);
+		trigger_error($user->lang['ALREADY_REPORTED'] . '<br /><br />' . sprintf($user->lang[(($post_id) ? 'RETURN_TOPIC' : 'RETURN_MESSAGE')], '<a href="' . $redirect_url . '">', '</a>'));
 	}
 }
 else
@@ -99,24 +126,25 @@ else
 // Has the report been confirmed?
 if (!empty($_POST['reason_id']))
 {
-	$sql = 'SELECT reason_title 
+	$sql = 'SELECT reason_name 
 		FROM ' . REASONS_TABLE . " 
 		WHERE reason_id = $reason_id";
 	$result = $db->sql_query($sql);
 
-	if (!($row = $db->sql_fetchrow($result)) || (!$report_text && $row['reason_title'] == 'other'))
+	if (!($row = $db->sql_fetchrow($result)) || (!$report_text && $row['reason_name'] == 'other'))
 	{
 		trigger_error('EMPTY_REPORT');
 	}
 	$db->sql_freeresult($result);
 
 	$sql_ary = array(
-		'reason_id'	=>	(int) $reason_id,
-		'post_id'		=>	(int) $post_id,
-		'user_id'		=>	(int) $user->data['user_id'],
-		'user_notify'	=>	(int) $user_notify,
-		'report_time'	=>	(int) time(),
-		'report_text'	=>	(string) $report_text
+		'reason_id'		=> (int) $reason_id,
+		'post_id'		=> (int) $post_id,
+		'msg_id'		=> (int) $msg_id,
+		'user_id'		=> (int) $user->data['user_id'],
+		'user_notify'	=> (int) $user_notify,
+		'report_time'	=> (int) time(),
+		'report_text'	=> (string) $report_text
 	);
 
 	if ($report_id)
@@ -133,27 +161,54 @@ if (!empty($_POST['reason_id']))
 		$db->sql_query($sql);
 	}
 
-	if (!$row['post_reported'])
+	if ($post_id)
 	{
-		$sql = 'UPDATE ' . POSTS_TABLE . ' 
-			SET post_reported = 1 
-			WHERE post_id = ' . $post_id;
-		$db->sql_query($sql);
+		if (!$row['post_reported'])
+		{
+			$sql = 'UPDATE ' . POSTS_TABLE . ' 
+				SET post_reported = 1 
+				WHERE post_id = ' . $post_id;
+			$db->sql_query($sql);
+		}
+
+		if (!$row['topic_reported'])
+		{
+			$sql = 'UPDATE ' . TOPICS_TABLE . ' 
+				SET topic_reported = 1 
+				WHERE topic_id = ' . $topic_id;
+			$db->sql_query($sql);
+		}
+	}
+	else
+	{
+		if (!$row['message_reported'])
+		{
+			$sql = 'UPDATE ' . PRIVMSGS_TABLE . " 
+				SET message_reported = 1 
+				WHERE msg_id = $msg_id";
+			$db->sql_query($sql);
+		}
 	}
 
-	if (!$row['topic_reported'])
-	{
-		$sql = 'UPDATE ' . TOPICS_TABLE . ' 
-			SET topic_reported = 1 
-			WHERE topic_id = ' . $topic_id;
-		$db->sql_query($sql);
-	}
+	meta_refresh(3, $redirect_url);
 
-	meta_refresh(3, "viewtopic.$phpEx$SID&amp;p=$post_id#$post_id");
-
-	$message = $user->lang['POST_REPORTED_SUCCESS'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], "<a href=\"viewtopic.$phpEx$SID&amp;p=$post_id#$post_id\">", '</a>');
+	$message = $user->lang[(($post_id) ? 'POST' : 'MESSAGE') . '_REPORTED_SUCCESS'] . '<br /><br />' . sprintf($user->lang[(($post_id) ? 'RETURN_TOPIC' : 'RETURN_MESSAGE')], '<a href="' . $redirect_url . '">', '</a>');
 	trigger_error($message);
 
+	// Which moderators are responsible for private messages? ;)
+	/*
+		$db->sql_query('INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', array(
+			'msg_id'	=> (int) $msg_id,
+			'user_id'	=> (int) $moderator_id,
+			'author_id'	=> (int) $row['author_id'],
+			'folder_id'	=> PRIVMSGS_NO_BOX,
+			'new'		=> 1,
+			'unread'	=> 1,
+			'forwarded'	=> 0,
+			'reported'	=> 1)
+		);
+	*/
+	
 	// TODO: warn moderators or something ;)
 }
 
@@ -166,11 +221,11 @@ $result = $db->sql_query($sql);
 
 while ($row = $db->sql_fetchrow($result))
 {
-	$row['reason_title'] = strtoupper($row['reason_title']);
+	$row['reason_name'] = strtoupper($row['reason_name']);
 
-	$reason_title = (!empty($user->lang['report_reasons']['TITLE'][$row['reason_title']])) ? $user->lang['report_reasons']['TITLE'][$row['reason_title']] : ucwords(str_replace('_', ' ', $row['reason_title']));
+	$reason_title = (!empty($user->lang['report_reasons']['TITLE'][$row['reason_name']])) ? $user->lang['report_reasons']['TITLE'][$row['reason_name']] : ucwords(str_replace('_', ' ', $row['reason_name']));
 
-	$reason_desc = (!empty($user->lang['report_reasons']['DESCRIPTION'][$row['reason_title']])) ? $user->lang['report_reasons']['DESCRIPTION'][$row['reason_title']] : $row['reason_desc'];
+	$reason_desc = (!empty($user->lang['report_reasons']['DESCRIPTION'][$row['reason_name']])) ? $user->lang['report_reasons']['DESCRIPTION'][$row['reason_name']] : $row['reason_desc'];
 
 	$template->assign_block_vars('reason', array(
 		'ID'			=>	$row['reason_id'],
@@ -180,17 +235,20 @@ while ($row = $db->sql_fetchrow($result))
 	));
 }
 
+$u_report = ($post_id) ? "p=$post_id" : "pm=$msg_id";
+
 $template->assign_vars(array(
 	'REPORT_TEXT'		=>	$report_text,
-	'S_REPORT_ACTION'	=>	"report.$phpEx$SID&amp;p=$post_id" . (($report_id) ? "&amp;report_id=$report_id" : ''),
+	'S_REPORT_ACTION'	=>	"report.$phpEx$SID&amp;$u_report" . (($report_id) ? "&amp;report_id=$report_id" : ''),
 
-	'S_NOTIFY'				=>	(!empty($user_notify)) ? TRUE : FALSE,
-	'S_CAN_NOTIFY'		=>	($user->data['user_id'] == ANONYMOUS) ? FALSE : TRUE
-));
-
-
-generate_forum_nav($forum_data);
+	'S_NOTIFY'			=>	(!empty($user_notify)) ? TRUE : FALSE,
+	'S_CAN_NOTIFY'		=>	($user->data['user_id'] == ANONYMOUS) ? FALSE : TRUE)
+);
 
+if ($post_id)
+{
+	generate_forum_nav($report_data);
+}
 
 // Start output of page
 page_header($user->lang['REPORT_TO_ADMIN']);