Merge remote-tracking branch 'remotes/dhruvgoel92/ticket/11566' into develop-olympus

* remotes/dhruvgoel92/ticket/11566: [ticket/11566] Subsilver template error displayed after table headers [ticket/11566] Remove extra pair of brackets from conditional statement [ticket/11566] Check that guest doesn't have reporting permission by default [ticket/11566] Add captcha to report post template in subsilver [ticket/11566] Use the new constant CONFIRM_REPORT for captcha init [ticket/11566] Rename var to $visual_confirmation_response [ticket/11566] Revert forum permission changes [ticket/11566] Use language variable instead of hardcode [ticket/11566] add tests for reporting post [ticket/11566] add captcha reset and hidden fields [ticket/11566] display error instead of trigger_error [ticket/11566] add error in template [ticket/11566] add error functionality [ticket/11566] add interface for captcha
2025-02-24 12:03:21 +01:00 · 2013-07-02 13:07:14 +02:00 · 2013-07-02 13:07:14 +02:00 · d4531c9cea
commit d4531c9cea
parent 1a292750f2 045e04fb6f
5 changed files with 170 additions and 58 deletions
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@ -157,6 +157,7 @@ define('PHYSICAL_LINK', 2);
 define('CONFIRM_REG', 1);
 define('CONFIRM_LOGIN', 2);
 define('CONFIRM_POST', 3);
+define('CONFIRM_REPORT', 4);

 // Categories - Attachments
 define('ATTACHMENT_CATEGORY_NONE', 0);
--- a/phpBB/report.php
+++ b/phpBB/report.php
@ -133,9 +133,25 @@ else
 	}
 }

+if ($config['enable_post_confirm'] && !$user->data['is_registered'])
+{
+	include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
+	$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
+	$captcha->init(CONFIRM_REPORT);
+}
+
+$error	= array();
+$s_hidden_fields = '';
+
 // Submit report?
 if ($submit && $reason_id)
 {
+	$visual_confirmation_response = $captcha->validate();
+	if ($visual_confirmation_response)
+	{
+		$error[] = $visual_confirmation_response;
+	}
+
 	$sql = 'SELECT *
 		FROM ' . REPORTS_REASONS_TABLE . "
 		WHERE reason_id = $reason_id";
@ -145,78 +161,90 @@ if ($submit && $reason_id)

 	if (!$row || (!$report_text && strtolower($row['reason_title']) == 'other'))
 	{
-		trigger_error('EMPTY_REPORT');
+		$error[] = $user->lang('EMPTY_REPORT');
 	}

-	$sql_ary = array(
-		'reason_id'		=> (int) $reason_id,
-		'post_id'		=> $post_id,
-		'pm_id'			=> $pm_id,
-		'user_id'		=> (int) $user->data['user_id'],
-		'user_notify'	=> (int) $user_notify,
-		'report_closed'	=> 0,
-		'report_time'	=> (int) time(),
-		'report_text'	=> (string) $report_text
-	);
-
-	$sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
-	$db->sql_query($sql);
-	$report_id = $db->sql_nextid();
-
-	if ($post_id)
+	if (!sizeof($error))
 	{
-		$sql = 'UPDATE ' . POSTS_TABLE . '
-			SET post_reported = 1
-			WHERE post_id = ' . $post_id;
-		$db->sql_query($sql);
-
-		if (!$report_data['topic_reported'])
+		if (isset($captcha))
 		{
-			$sql = 'UPDATE ' . TOPICS_TABLE . '
-				SET topic_reported = 1
-				WHERE topic_id = ' . $report_data['topic_id'] . '
-					OR topic_moved_id = ' . $report_data['topic_id'];
-			$db->sql_query($sql);
+			$captcha->reset();
 		}

-		$lang_return = $user->lang['RETURN_TOPIC'];
-		$lang_success = $user->lang['POST_REPORTED_SUCCESS'];
-	}
-	else
-	{
-		$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
-			SET message_reported = 1
-			WHERE msg_id = ' . $pm_id;
-		$db->sql_query($sql);
-
 		$sql_ary = array(
-			'msg_id'		=> $pm_id,
-			'user_id'		=> ANONYMOUS,
-			'author_id'		=> (int) $report_data['author_id'],
-			'pm_deleted'	=> 0,
-			'pm_new'		=> 0,
-			'pm_unread'		=> 0,
-			'pm_replied'	=> 0,
-			'pm_marked'		=> 0,
-			'pm_forwarded'	=> 0,
-			'folder_id'		=> PRIVMSGS_INBOX,
+			'reason_id'		=> (int) $reason_id,
+			'post_id'		=> $post_id,
+			'pm_id'			=> $pm_id,
+			'user_id'		=> (int) $user->data['user_id'],
+			'user_notify'	=> (int) $user_notify,
+			'report_closed'	=> 0,
+			'report_time'	=> (int) time(),
+			'report_text'	=> (string) $report_text
 		);

-		$sql = 'INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
+		$sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
 		$db->sql_query($sql);
+		$report_id = $db->sql_nextid();

-		$lang_return = $user->lang['RETURN_PM'];
-		$lang_success = $user->lang['PM_REPORTED_SUCCESS'];
+		if ($post_id)
+		{
+			$sql = 'UPDATE ' . POSTS_TABLE . '
+				SET post_reported = 1
+				WHERE post_id = ' . $post_id;
+			$db->sql_query($sql);
+
+			if (!$report_data['topic_reported'])
+			{
+				$sql = 'UPDATE ' . TOPICS_TABLE . '
+					SET topic_reported = 1
+					WHERE topic_id = ' . $report_data['topic_id'] . '
+						OR topic_moved_id = ' . $report_data['topic_id'];
+				$db->sql_query($sql);
+			}
+
+			$lang_return = $user->lang['RETURN_TOPIC'];
+			$lang_success = $user->lang['POST_REPORTED_SUCCESS'];
+		}
+		else
+		{
+			$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
+				SET message_reported = 1
+				WHERE msg_id = ' . $pm_id;
+			$db->sql_query($sql);
+
+			$sql_ary = array(
+				'msg_id'		=> $pm_id,
+				'user_id'		=> ANONYMOUS,
+				'author_id'		=> (int) $report_data['author_id'],
+				'pm_deleted'	=> 0,
+				'pm_new'		=> 0,
+				'pm_unread'		=> 0,
+				'pm_replied'	=> 0,
+				'pm_marked'		=> 0,
+				'pm_forwarded'	=> 0,
+				'folder_id'		=> PRIVMSGS_INBOX,
+			);
+
+			$sql = 'INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
+			$db->sql_query($sql);
+
+			$lang_return = $user->lang['RETURN_PM'];
+			$lang_success = $user->lang['PM_REPORTED_SUCCESS'];
+		}
+
+		meta_refresh(3, $redirect_url);
+
+		$message = $lang_success . '<br /><br />' . sprintf($lang_return, '<a href="' . $redirect_url . '">', '</a>');
+		if ($return_forum_url)
+		{
+			$message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . $return_forum_url . '">', '</a>');
+		}
+		trigger_error($message);
 	}
-
-	meta_refresh(3, $redirect_url);
-
-	$message = $lang_success . '<br /><br />' . sprintf($lang_return, '<a href="' . $redirect_url . '">', '</a>');
-	if ($return_forum_url)
+	else if (isset($captcha) && $captcha->is_solved() !== false)
 	{
-		$message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . $return_forum_url . '">', '</a>');
+		$s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
 	}
-	trigger_error($message);
 }

 // Generate the reasons
@ -224,10 +252,20 @@ display_reasons($reason_id);

 $page_title = ($pm_id) ? $user->lang['REPORT_MESSAGE'] : $user->lang['REPORT_POST'];

+if (isset($captcha) && $captcha->is_solved() === false)
+{
+	$template->assign_vars(array(
+		'S_CONFIRM_CODE'	=> true,
+		'CAPTCHA_TEMPLATE'	=> $captcha->get_template(),
+	));
+}
+
 $template->assign_vars(array(
+	'ERROR'				=> (sizeof($error)) ? implode('<br />', $error) : '',
 	'S_REPORT_POST'		=> ($pm_id) ? false : true,
 	'REPORT_TEXT'		=> $report_text,
 	'S_REPORT_ACTION'	=> append_sid("{$phpbb_root_path}report.$phpEx", 'f=' . $forum_id . '&amp;p=' . $post_id . '&amp;pm=' . $pm_id),
+	'S_HIDDEN_FIELDS'	=> (sizeof($s_hidden_fields)) ? $s_hidden_fields : null,

 	'S_NOTIFY'			=> $user_notify,
 	'S_CAN_NOTIFY'		=> ($user->data['is_registered']) ? true : false)
--- a/phpBB/styles/prosilver/template/report_body.html
+++ b/phpBB/styles/prosilver/template/report_body.html
@ -10,6 +10,7 @@
 		<p><!-- IF S_REPORT_POST -->{L_REPORT_POST_EXPLAIN}<!-- ELSE -->{L_REPORT_MESSAGE_EXPLAIN}<!-- ENDIF --></p>
 		
 		<fieldset>
+		<!-- IF ERROR --><dl><dd class="error">{ERROR}</dd></dl><!-- ENDIF -->
 		<dl class="fields2">
 			<dt><label for="reason_id">{L_REASON}:</label></dt>
 			<dd><select name="reason_id" id="reason_id" class="full"><!-- BEGIN reason --><option value="{reason.ID}"<!-- IF reason.S_SELECTED --> selected="selected"<!-- ENDIF -->>{reason.DESCRIPTION}</option><!-- END reason --></select></dd>
@ -27,6 +28,9 @@
 			<dt><label for="report_text">{L_MORE_INFO}:</label><br /><span>{L_CAN_LEAVE_BLANK}</span></dt>
 			<dd><textarea name="report_text" id="report_text" rows="10" cols="76" class="inputbox">{REPORT_TEXT}</textarea></dd>
 		</dl>
+		<!-- IF CAPTCHA_TEMPLATE -->
+			<!-- INCLUDE {CAPTCHA_TEMPLATE} -->
+		<!-- ENDIF -->
 		</fieldset>
 	</div>

--- a/phpBB/styles/subsilver2/template/report_body.html
+++ b/phpBB/styles/subsilver2/template/report_body.html
@ -6,6 +6,11 @@
 <tr>
 	<th colspan="2"><!-- IF S_REPORT_POST -->{L_REPORT_POST}<!-- ELSE -->{L_REPORT_MESSAGE}<!-- ENDIF --></th>
 </tr>
+<!-- IF ERROR -->
+	<tr>
+		<td class="row3" colspan="2" align="center"><span class="genmed error">{ERROR}</span></td>
+	</tr>
+<!-- ENDIF -->
 <tr>
 	<td class="row3" colspan="2"><span class="gensmall"><!-- IF S_REPORT_POST -->{L_REPORT_POST_EXPLAIN}<!-- ELSE -->{L_REPORT_MESSAGE_EXPLAIN}<!-- ENDIF --></span></td>
 </tr>
@ -25,6 +30,9 @@
 	<td class="row1" valign="top"><span class="gen"><b>{L_MORE_INFO}:</b></span><br /><span class="gensmall">{L_CAN_LEAVE_BLANK}</span></td>
 	<td class="row2"><textarea class="post" name="report_text" rows="10" cols="50">{REPORT_TEXT}</textarea></td>
 </tr>
+<!-- IF CAPTCHA_TEMPLATE -->
+			<!-- INCLUDE {CAPTCHA_TEMPLATE} -->
+<!-- ENDIF -->	
 <tr>
 	<td class="cat" colspan="2" align="center"><input type="submit" name="submit" class="btnmain" value="{L_SUBMIT}" />&nbsp;<input type="submit" name="cancel" class="btnlite" value="{L_CANCEL}" /></td>
 </tr>
--- a/tests/functional/report_post_captcha.php
+++ b/tests/functional/report_post_captcha.php
@ -0,0 +1,61 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * @group functional
+ */
+class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_case
+{
+	public function test_user_report_post()
+	{
+		$this->login();
+		$crawler = self::request('GET', 'report.php?f=2&p=1');
+		$this->assertNotContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text());
+	}
+
+	public function test_guest_report_post()
+	{
+		$crawler = self::request('GET', 'report.php?f=2&p=1');
+		$this->add_lang('mcp');
+		$this->assertContains($this->lang('USER_CANNOT_REPORT'), $crawler->filter('html')->text());
+
+		$this->set_reporting_guest(1);
+		$crawler = self::request('GET', 'report.php?f=2&p=1');
+		$this->assertContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text());
+		$this->set_reporting_guest(-1);
+	}
+
+	protected function set_reporting_guest($report_post_allowed)
+	{
+		$this->login();
+		$this->admin_login();
+
+		$crawler = self::request('GET', 'adm/index.php?i=permissions&icat=12&mode=setting_group_local&sid=' . $this->sid);
+		$form = $crawler->selectButton('Submit')->form();
+		$values = $form->getValues();
+		$values["group_id[0]"] = 1;
+		$form->setValues($values);
+		$crawler = self::submit($form);
+
+		$form = $crawler->selectButton('Submit')->form();
+		$values = $form->getValues();
+		$values["forum_id"] = 2;
+		$form->setValues($values);
+		$crawler = self::submit($form);
+
+		$this->add_lang('acp/permissions');
+		$form = $crawler->selectButton($this->lang('APPLY_ALL_PERMISSIONS'))->form();
+		$values = $form->getValues();
+		$values["setting[1][2][f_report]"] = $report_post_allowed;
+		$form->setValues($values);
+		$crawler = self::submit($form);
+
+		$crawler = self::request('GET', 'ucp.php?mode=logout&sid=' . $this->sid);
+	}
+}