mirror of
https://github.com/phpbb/phpbb.git
synced 2025-01-19 07:08:09 +01:00
[feature/soft-delete] Use request object instead of direct access
PHPBB3-9567
This commit is contained in:
Joas Schilling
parent
fc110a7332
commit
8512543cf4
@ -110,8 +110,8 @@ class mcp_main
|
||||
|
||||
// f parameter is not reliable for permission usage, however we just use it to decide
|
||||
// which permission we will check later on. So if it is manipulated, we will still catch it later on.
|
||||
$forum_id = request_var('f', 0);
|
||||
$topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
|
||||
$forum_id = $request->variable('f', 0);
|
||||
$topic_ids = (!$quickmod) ? $request->variable('topic_id_list', array(0)) : array($request->variable('t', 0));
|
||||
$soft_delete = (($request->is_set_post('confirm') && !$request->is_set_post('delete_permanent')) || !$auth->acl_get('m_delete', $forum_id)) ? true : false;
|
||||
|
||||
if (!sizeof($topic_ids))
|
||||
@ -119,7 +119,7 @@ class mcp_main
|
||||
trigger_error('NO_TOPIC_SELECTED');
|
||||
}
|
||||
|
||||
mcp_delete_topic($topic_ids, $soft_delete, ($soft_delete) ? request_var('delete_reason', '', true) : '');
|
||||
mcp_delete_topic($topic_ids, $soft_delete, ($soft_delete) ? $request->variable('delete_reason', '', true) : '');
|
||||
break;
|
||||
|
||||
case 'delete_post':
|
||||
@ -127,8 +127,8 @@ class mcp_main
|
||||
|
||||
// f parameter is not reliable for permission usage, however we just use it to decide
|
||||
// which permission we will check later on. So if it is manipulated, we will still catch it later on.
|
||||
$forum_id = request_var('f', 0);
|
||||
$post_ids = (!$quickmod) ? request_var('post_id_list', array(0)) : array(request_var('p', 0));
|
||||
$forum_id = $request->variable('f', 0);
|
||||
$post_ids = (!$quickmod) ? $request->variable('post_id_list', array(0)) : array($request->variable('p', 0));
|
||||
$soft_delete = (($request->is_set_post('confirm') && !$request->is_set_post('delete_permanent')) || !$auth->acl_get('m_delete', $forum_id)) ? true : false;
|
||||
|
||||
if (!sizeof($post_ids))
|
||||
@ -136,13 +136,13 @@ class mcp_main
|
||||
trigger_error('NO_POST_SELECTED');
|
||||
}
|
||||
|
||||
mcp_delete_post($post_ids, $soft_delete, ($soft_delete) ? request_var('delete_reason', '', true) : '');
|
||||
mcp_delete_post($post_ids, $soft_delete, ($soft_delete) ? $request->variable('delete_reason', '', true) : '');
|
||||
break;
|
||||
|
||||
case 'restore_topic':
|
||||
$user->add_lang('posting');
|
||||
|
||||
$topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
|
||||
$topic_ids = (!$quickmod) ? $request->variable('topic_id_list', array(0)) : array($request->variable('t', 0));
|
||||
|
||||
if (!sizeof($topic_ids))
|
||||
{
|
||||
@ -654,15 +654,15 @@ function mcp_move_topic($topic_ids)
|
||||
*/
|
||||
function mcp_restore_topic($topic_ids)
|
||||
{
|
||||
global $auth, $user, $db, $phpEx, $phpbb_root_path;
|
||||
global $auth, $user, $db, $phpEx, $phpbb_root_path, $request;
|
||||
|
||||
if (!check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_approve')))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
|
||||
$forum_id = request_var('f', 0);
|
||||
$redirect = $request->variable('redirect', build_url(array('action', 'quickmod')));
|
||||
$forum_id = $request->variable('f', 0);
|
||||
|
||||
$s_hidden_fields = build_hidden_fields(array(
|
||||
'topic_id_list' => $topic_ids,
|
||||
@ -692,10 +692,10 @@ function mcp_restore_topic($topic_ids)
|
||||
confirm_box(false, (sizeof($topic_ids) == 1) ? 'RESTORE_TOPIC' : 'RESTORE_TOPICS', $s_hidden_fields);
|
||||
}
|
||||
|
||||
$topic_id = request_var('t', 0);
|
||||
if (!isset($_REQUEST['quickmod']))
|
||||
$topic_id = $request->variable('t', 0);
|
||||
if (!$request->is_set('quickmod', phpbb_request_interface::REQUEST))
|
||||
{
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = $request->variable('redirect', "index.$phpEx");
|
||||
$redirect = reapply_sid($redirect);
|
||||
$redirect_message = 'PAGE';
|
||||
}
|
||||
@ -726,15 +726,15 @@ function mcp_restore_topic($topic_ids)
|
||||
*/
|
||||
function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '')
|
||||
{
|
||||
global $auth, $user, $db, $phpEx, $phpbb_root_path;
|
||||
global $auth, $user, $db, $phpEx, $phpbb_root_path, $request;
|
||||
|
||||
if (!check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_delete')))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
|
||||
$forum_id = request_var('f', 0);
|
||||
$redirect = $request->variable('redirect', build_url(array('action', 'quickmod')));
|
||||
$forum_id = $request->variable('f', 0);
|
||||
|
||||
$s_hidden_fields = array(
|
||||
'topic_id_list' => $topic_ids,
|
||||
@ -820,10 +820,10 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
|
||||
confirm_box(false, $l_confirm, build_hidden_fields($s_hidden_fields), 'confirm_delete_body.html');
|
||||
}
|
||||
|
||||
$topic_id = request_var('t', 0);
|
||||
if (!isset($_REQUEST['quickmod']))
|
||||
$topic_id = $request->variable('t', 0);
|
||||
if (!$request->is_set('quickmod', phpbb_request_interface::REQUEST))
|
||||
{
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = $request->variable('redirect', "index.$phpEx");
|
||||
$redirect = reapply_sid($redirect);
|
||||
$redirect_message = 'PAGE';
|
||||
}
|
||||
@ -854,15 +854,15 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
|
||||
*/
|
||||
function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '')
|
||||
{
|
||||
global $auth, $user, $db, $phpEx, $phpbb_root_path;
|
||||
global $auth, $user, $db, $phpEx, $phpbb_root_path, $request;
|
||||
|
||||
if (!check_ids($post_ids, POSTS_TABLE, 'post_id', array('m_softdelete')))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
|
||||
$forum_id = request_var('f', 0);
|
||||
$redirect = $request->variable('redirect', build_url(array('action', 'quickmod')));
|
||||
$forum_id = $request->variable('f', 0);
|
||||
|
||||
$s_hidden_fields = array(
|
||||
'post_id_list' => $post_ids,
|
||||
@ -926,7 +926,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '')
|
||||
add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_SOFTDELETE_POST', $row['post_subject'], $post_username);
|
||||
}
|
||||
|
||||
$topic_id = request_var('t', 0);
|
||||
$topic_id = $request->variable('t', 0);
|
||||
|
||||
// Return links
|
||||
$return_link = array();
|
||||
@ -980,7 +980,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '')
|
||||
$deleted_topics = ($row = $db->sql_fetchrow($result)) ? ($affected_topics - $row['topics_left']) : $affected_topics;
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
$topic_id = request_var('t', 0);
|
||||
$topic_id = $request->variable('t', 0);
|
||||
|
||||
// Return links
|
||||
$return_link = array();
|
||||
@ -1056,7 +1056,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '')
|
||||
confirm_box(false, $l_confirm, build_hidden_fields($s_hidden_fields), 'confirm_delete_body.html');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = $request->variable('redirect', "index.$phpEx");
|
||||
$redirect = reapply_sid($redirect);
|
||||
|
||||
if (!$success_msg)
|
||||
|
||||
@ -32,7 +32,7 @@ class mcp_queue
|
||||
|
||||
public function main($id, $mode)
|
||||
{
|
||||
global $auth, $db, $user, $template, $cache;
|
||||
global $auth, $db, $user, $template, $cache, $request;
|
||||
global $config, $phpbb_root_path, $phpEx, $action;
|
||||
|
||||
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
|
||||
@ -49,8 +49,8 @@ class mcp_queue
|
||||
case 'restore':
|
||||
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
|
||||
|
||||
$post_id_list = request_var('post_id_list', array(0));
|
||||
$topic_id_list = request_var('topic_id_list', array(0));
|
||||
$post_id_list = $request->variable('post_id_list', array(0));
|
||||
$topic_id_list = $request->variable('topic_id_list', array(0));
|
||||
|
||||
if ($action != 'disapprove')
|
||||
{
|
||||
@ -213,7 +213,7 @@ class mcp_queue
|
||||
'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f=$forum_id"),
|
||||
'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
|
||||
'S_POST_REPORTED' => $post_info['post_reported'],
|
||||
'S_POST_UNAPPROVED' => ($post_info['post_visibility'] == ITEM_UNAPPROVED) ,
|
||||
'S_POST_UNAPPROVED' => ($post_info['post_visibility'] == ITEM_UNAPPROVED),
|
||||
'S_POST_LOCKED' => $post_info['post_edit_locked'],
|
||||
'S_USER_NOTES' => true,
|
||||
|
||||
@ -263,7 +263,7 @@ class mcp_queue
|
||||
|
||||
$user->add_lang(array('viewtopic', 'viewforum'));
|
||||
|
||||
$topic_id = request_var('t', 0);
|
||||
$topic_id = $request->variable('t', 0);
|
||||
$forum_info = array();
|
||||
|
||||
if ($topic_id)
|
||||
@ -503,7 +503,7 @@ class mcp_queue
|
||||
trigger_error('NOT_AUTHORISED');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', build_url(array('quickmod')));
|
||||
$redirect = $request->variable('redirect', build_url(array('quickmod')));
|
||||
$success_msg = $post_url = '';
|
||||
$approve_log = array();
|
||||
|
||||
@ -519,7 +519,7 @@ class mcp_queue
|
||||
|
||||
if (confirm_box(true))
|
||||
{
|
||||
$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster'])) ? true : false;
|
||||
$notify_poster = ($action == 'approve' && isset($_REQUEST['notify_poster']));
|
||||
|
||||
$topic_info = array();
|
||||
|
||||
@ -642,7 +642,7 @@ class mcp_queue
|
||||
confirm_box(false, strtoupper($action) . '_POST' . ((sizeof($post_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = $request->variable('redirect', "index.$phpEx");
|
||||
$redirect = reapply_sid($redirect);
|
||||
|
||||
if (!$success_msg)
|
||||
@ -696,7 +696,7 @@ class mcp_queue
|
||||
trigger_error('NOT_AUTHORISED');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', build_url(array('quickmod')));
|
||||
$redirect = $request->variable('redirect', build_url(array('quickmod')));
|
||||
$success_msg = $topic_url = '';
|
||||
$approve_log = array();
|
||||
|
||||
@ -806,7 +806,7 @@ class mcp_queue
|
||||
confirm_box(false, strtoupper($action) . '_TOPIC' . ((sizeof($topic_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = $request->variable('redirect', "index.$phpEx");
|
||||
$redirect = reapply_sid($redirect);
|
||||
|
||||
if (!$success_msg)
|
||||
@ -852,17 +852,16 @@ class mcp_queue
|
||||
static public function disapprove_posts($post_id_list, $id, $mode)
|
||||
{
|
||||
global $db, $template, $user, $config;
|
||||
global $phpEx, $phpbb_root_path;
|
||||
global $request;
|
||||
global $phpEx, $phpbb_root_path, $request;
|
||||
|
||||
if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
|
||||
{
|
||||
trigger_error('NOT_AUTHORISED');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode=$mode");
|
||||
$reason = utf8_normalize_nfc(request_var('reason', '', true));
|
||||
$reason_id = request_var('reason_id', 0);
|
||||
$redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode=$mode");
|
||||
$reason = $request->variable('reason', '', true);
|
||||
$reason_id = $request->variable('reason_id', 0);
|
||||
$success_msg = $additional_msg = '';
|
||||
|
||||
$s_hidden_fields = build_hidden_fields(array(
|
||||
@ -1097,7 +1096,7 @@ class mcp_queue
|
||||
confirm_box(false, 'DISAPPROVE_POST' . ((sizeof($post_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = $request->variable('redirect', "index.$phpEx");
|
||||
$redirect = reapply_sid($redirect);
|
||||
|
||||
if (!$success_msg)
|
||||
|
||||
@ -35,7 +35,7 @@ $submit = (isset($_POST['post'])) ? true : false;
|
||||
$preview = (isset($_POST['preview'])) ? true : false;
|
||||
$save = (isset($_POST['save'])) ? true : false;
|
||||
$load = (isset($_POST['load'])) ? true : false;
|
||||
$confirm = (isset($_POST['confirm'])) ? true : false;
|
||||
$confirm = $request->is_set_post('confirm');
|
||||
$cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
|
||||
|
||||
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load || $preview);
|
||||
@ -328,7 +328,7 @@ if ($mode == 'delete' || $mode == 'soft_delete')
|
||||
trigger_error('NO_POST');
|
||||
}
|
||||
|
||||
$soft_delete_reason = ($mode == 'soft_delete' && $auth->acl_get('m_softdelete', $forum_id)) ? utf8_normalize_nfc(request_var('delete_reason', '', true)) : '';
|
||||
$soft_delete_reason = ($mode == 'soft_delete' && $auth->acl_get('m_softdelete', $forum_id)) ? $request->variable('delete_reason', '', true) : '';
|
||||
handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete'), $soft_delete_reason);
|
||||
return;
|
||||
}
|
||||
@ -1119,7 +1119,7 @@ if ($submit || $preview || $refresh)
|
||||
// Handle delete mode...
|
||||
if ($request->is_set_post('delete') || $request->is_set_post('delete_permanent'))
|
||||
{
|
||||
$soft_delete_reason = (!$request->is_set_post('delete_permanent') && $auth->acl_get('m_softdelete', $forum_id)) ? utf8_normalize_nfc(request_var('delete_reason', '', true)) : '';
|
||||
$soft_delete_reason = (!$request->is_set_post('delete_permanent') && $auth->acl_get('m_softdelete', $forum_id)) ? $request->variable('delete_reason', '', true) : '';
|
||||
handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $soft_delete_reason);
|
||||
return;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user