| [Top level directory] [Classes] [Functions] [Constants] [Variables] |
XMB Open Source Forum Software - PHP Cross Reference |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * eXtreme Message Board 4 * XMB 1.9.11 5 * 6 * Developed And Maintained By The XMB Group 7 * Copyright (c) 2001-2010, The XMB Group 8 * http://www.xmbforum.com 9 * 10 * Sponsored By iEntry, Inc. 11 * http://www.ientry.com 12 * 13 * This program is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU General Public License 15 * as published by the Free Software Foundation; either version 2 16 * of the License, or (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program. If not, see <http://www.gnu.org/licenses/>. 25 * 26 **/ 27 28 define('X_SCRIPT', 'topicadmin.php'); 29 30 require 'header.php'; 31 32 if (X_GUEST) { 33 redirect("{$full_url}misc.php?action=login", 0); 34 exit; 35 } 36 37 smcwcache(); 38 39 $tids = array_unique(postedArray('tid', 'int', '', FALSE, FALSE, FALSE, 'r')); 40 $fid = getInt('fid', 'p'); 41 if ($fid == 0) { 42 $fid = getInt('fid'); 43 } 44 $pid = getInt('pid'); 45 $othertid = formInt('othertid'); 46 $action = postedVar('action', '', TRUE, TRUE, FALSE, 'r'); 47 48 loadtemplates( 49 'topicadmin_delete', 50 'topicadmin_openclose', 51 'topicadmin_move', 52 'topicadmin_topuntop', 53 'topicadmin_bump', 54 'topicadmin_split_row', 55 'topicadmin_split', 56 'topicadmin_merge', 57 'topicadmin_empty', 58 'topicadmin_threadprune_row', 59 'topicadmin_threadprune', 60 'topicadmin_copy' 61 ); 62 63 eval('$css = "'.template('css').'";'); 64 65 if (count($tids) == 1) { 66 $query = $db->query("SELECT * FROM ".X_PREFIX."threads WHERE tid={$tids[0]}"); 67 $thread = $db->fetch_array($query); 68 $db->free_result($query); 69 $threadname = rawHTMLsubject(stripslashes($thread['subject'])); 70 $fid = (int)$thread['fid']; 71 } else { 72 $threadname = ''; 73 } 74 75 $forums = getForum($fid); 76 77 if (($forums['type'] != 'forum' && $forums['type'] != 'sub') || $forums['status'] != 'on') { 78 header('HTTP/1.0 404 Not Found'); 79 error($lang['textnoforum']); 80 } 81 82 // Check for authorization to be here in the first place 83 $perms = checkForumPermissions($forums); 84 if (!$perms[X_PERMS_VIEW]) { 85 error($lang['privforummsg']); 86 } else if (!$perms[X_PERMS_PASSWORD]) { 87 handlePasswordDialog($fid); 88 } 89 90 $fup = array(); 91 if ($forums['type'] == 'sub') { 92 $fup = getForum($forums['fup']); 93 // prevent access to subforum when upper forum can't be viewed. 94 $fupPerms = checkForumPermissions($fup); 95 if (!$fupPerms[X_PERMS_VIEW]) { 96 error($lang['privforummsg']); 97 } else if (!$fupPerms[X_PERMS_PASSWORD]) { 98 handlePasswordDialog($fup['fid']); 99 } else if ($fup['fup'] > 0) { 100 $fupup = getForum($fup['fup']); 101 nav('<a href="index.php?gid='.$fup['fup'].'">'.fnameOut($fupup['name']).'</a>'); 102 unset($fupup); 103 } 104 nav('<a href="forumdisplay.php?fid='.$fup['fid'].'">'.fnameOut($fup['name']).'</a>'); 105 } else if ($forums['fup'] > 0) { // 'forum' in a 'group' 106 $fup = getForum($forums['fup']); 107 nav('<a href="index.php?gid='.$fup['fid'].'">'.fnameOut($fup['name']).'</a>'); 108 } 109 nav('<a href="forumdisplay.php?fid='.$fid.'">'.fnameOut($forums['name']).'</a>'); 110 if (count($tids) == 1) { 111 nav('<a href="viewthread.php?tid='.$tids[0].'">'.$threadname.'</a>'); 112 } 113 114 $kill = FALSE; 115 116 switch($action) { 117 case 'delete': 118 nav($lang['textdeletethread']); 119 break; 120 case 'top': 121 nav($lang['texttopthread']); 122 break; 123 case 'close': 124 nav($lang['textclosethread']); 125 break; 126 case 'copy': 127 nav($lang['copythread']); 128 break; 129 case 'f_close': 130 nav($lang['textclosethread']); 131 break; 132 case 'f_open': 133 nav($lang['textopenthread']); 134 break; 135 case 'move': 136 nav($lang['textmovemethod1']); 137 break; 138 case 'getip': 139 $kill |= !X_ADMIN; 140 nav($lang['textgetip']); 141 break; 142 case 'bump': 143 nav($lang['textbumpthread']); 144 break; 145 case 'split': 146 nav($lang['textsplitthread']); 147 break; 148 case 'merge': 149 nav($lang['textmergethread']); 150 break; 151 case 'threadprune': 152 nav($lang['textprunethread']); 153 break; 154 case 'empty': 155 nav($lang['textemptythread']); 156 break; 157 default: 158 $kill = TRUE; 159 break; 160 } 161 162 $kill |= !X_STAFF || !statuscheck($fid); 163 164 if ($kill) { 165 error($lang['notpermitted']); 166 } 167 168 if ($SETTINGS['subject_in_title'] == 'on') { 169 $threadSubject = '- '.$threadname; 170 } 171 172 // Search-link 173 $searchlink = makeSearchLink($forums['fid']); 174 175 eval('echo "'.template('header').'";'); 176 177 //Assert permissions on all TIDs 178 if (count($tids) > 1) { 179 $csv = implode(',', $tids); 180 $tids = array(); 181 $query = $db->query("SELECT tid FROM ".X_PREFIX."threads WHERE tid IN ($csv) AND fid=$fid"); 182 while ($row = $db->fetch_array($query)) { 183 $tids[] = $row['tid']; 184 } 185 $db->free_result($query); 186 unset($csv); 187 } 188 189 switch($action) { 190 case 'delete': 191 if (noSubmit('deletesubmit')) { 192 $tid = implode(',', $tids); 193 eval('echo "'.template('topicadmin_delete').'";'); 194 } else { 195 require ('include/attach.inc.php'); 196 197 foreach($tids AS $tid) { 198 $query = $db->query("SELECT author, COUNT(pid) AS pidcount FROM ".X_PREFIX."posts WHERE tid=$tid GROUP BY author"); 199 while($result = $db->fetch_array($query)) { 200 $db->query("UPDATE ".X_PREFIX."members SET postnum=postnum-{$result['pidcount']} WHERE username='".$db->escape_var($result['author'])."'"); 201 } 202 $db->free_result($query); 203 204 deleteThreadAttachments($tid); // Must delete attachments before posts! 205 $db->query("DELETE FROM ".X_PREFIX."posts WHERE tid=$tid"); 206 $db->query("DELETE FROM ".X_PREFIX."favorites WHERE tid=$tid"); 207 208 $db->query("DELETE FROM d, r, v " 209 . "USING ".X_PREFIX."vote_desc AS d " 210 . "LEFT JOIN ".X_PREFIX."vote_results AS r ON r.vote_id = d.vote_id " 211 . "LEFT JOIN ".X_PREFIX."vote_voters AS v ON v.vote_id = d.vote_id " 212 . "WHERE d.topic_id = $tid"); 213 214 $db->query("DELETE FROM ".X_PREFIX."threads WHERE tid=$tid OR closed='moved|$tid'"); 215 216 if ($forums['type'] == 'sub') { 217 updateforumcount($fup['fid']); 218 } 219 updateforumcount($fid); 220 221 audit($xmbuser, $action, $fid, $tid); 222 } 223 message($lang['deletethreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 224 } 225 break; 226 227 case 'close': 228 $tid = $tids[0]; 229 $query = $db->query("SELECT closed FROM ".X_PREFIX."threads WHERE tid=$tid"); 230 if ($db->num_rows($query) == 0) { 231 error($lang['textnothread'], FALSE); 232 } 233 $closed = $db->result($query, 0); 234 $db->free_result($query); 235 236 if (noSubmit('closesubmit')) { 237 if ($closed == 'yes') { 238 $lang['textclosethread'] = $lang['textopenthread']; 239 } else if ($closed == '') { 240 $lang['textclosethread'] = $lang['textclosethread']; 241 } 242 eval('echo "'.template('topicadmin_openclose').'";'); 243 } else { 244 if ($closed == 'yes') { 245 $db->query("UPDATE ".X_PREFIX."threads SET closed='' WHERE tid=$tid"); 246 } else { 247 $db->query("UPDATE ".X_PREFIX."threads SET closed='yes' WHERE tid=$tid"); 248 } 249 250 $act = ($closed != '') ? 'open' : 'close'; 251 audit($xmbuser, $act, $fid, $tid); 252 253 message($lang['closethreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 254 } 255 break; 256 257 case 'f_close': 258 if (noSubmit('closesubmit')) { 259 $tid = implode(',', $tids); 260 eval('echo "'.template('topicadmin_openclose').'";'); 261 } else { 262 if (count($tids) > 0) { 263 $csv = implode(',', $tids); 264 $db->query("UPDATE ".X_PREFIX."threads SET closed='yes' WHERE tid IN ($csv)"); 265 foreach($tids AS $tid) { 266 audit($xmbuser, 'close', $fid, $tid); 267 } 268 } 269 message($lang['closethreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 270 } 271 break; 272 273 case 'f_open': 274 if (noSubmit('closesubmit')) { 275 $tid = implode(',', $tids); 276 $lang['textclosethread'] = $lang['textopenthread']; 277 eval('echo "'.template('topicadmin_openclose').'";'); 278 } else { 279 if (count($tids) > 0) { 280 $csv = implode(',', $tids); 281 $db->query("UPDATE ".X_PREFIX."threads SET closed='' WHERE tid IN ($csv)"); 282 foreach($tids AS $tid) { 283 audit($xmbuser, 'open', $fid, $tid); 284 } 285 } 286 message($lang['closethreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 287 } 288 break; 289 290 case 'move': 291 if (noSubmit('movesubmit')) { 292 $tid = implode(',', $tids); 293 $forumselect = forumList('moveto', false, false, $fid); 294 eval('echo "'.template('topicadmin_move').'";'); 295 } else { 296 $moveto = formInt('moveto'); 297 $type = postedVar('type'); 298 299 $movetorow = getForum($moveto); 300 if ($movetorow === FALSE) { 301 error($lang['textnoforum'], FALSE); 302 } 303 if ($movetorow['type'] == 'group' Or $moveto == $fid) { 304 error($lang['errormovingthreads'], FALSE); 305 } 306 307 //Perform sanity checks on all redirects 308 if ($type != 'normal' And count($tids) > 0) { 309 $csv = implode(',', $tids); 310 $tids = array(); 311 $query = $db->query("SELECT * FROM ".X_PREFIX."threads WHERE tid IN ($csv)"); 312 while ($info = $db->fetch_array($query)) { 313 if (substr($info['closed'], 0, 5) != 'moved') { 314 //Insert all thread redirectors. 315 $db->query("INSERT INTO ".X_PREFIX."threads (fid, subject, icon, lastpost, views, replies, author, closed, topped) VALUES ({$info['fid']}, '".$db->escape_var($info['subject'])."', '', '".$db->escape_var($info['lastpost'])."', 0, 0, '".$db->escape_var($info['author'])."', 'moved|{$info['tid']}', '{$info['topped']}')"); 316 $ntid = $db->insert_id(); 317 318 $lastpost = explode('|', $info['lastpost']); 319 $lastposttime = intval($lastpost[0]); 320 321 $db->query("INSERT INTO ".X_PREFIX."posts (fid, tid, author, message, subject, dateline, icon, usesig, useip, bbcodeoff, smileyoff) VALUES ({$info['fid']}, '$ntid', '".$db->escape_var($info['author'])."', '{$info['tid']}', '".$db->escape_var($info['subject'])."', $lastposttime, '', '', '', '', '')"); 322 $tids[] = $info['tid']; 323 } 324 } 325 $db->free_result($query); 326 } 327 328 if (count($tids) > 0) { 329 //Perform all moves using as few queries as possible. 330 $csv = implode(',', $tids); 331 $db->query("UPDATE ".X_PREFIX."threads SET fid=$moveto WHERE tid IN ($csv)"); 332 $db->query("UPDATE ".X_PREFIX."posts SET fid=$moveto WHERE tid IN ($csv)"); 333 foreach($tids AS $tid) { 334 audit($xmbuser, $action, $moveto, $tid); 335 } 336 337 //Update all summary columns. 338 if ($forums['type'] == 'sub') { 339 updateforumcount($fup['fid']); 340 } 341 if ($movetorow['type'] == 'sub') { 342 $doupdate = TRUE; 343 if (isset($fup['fid'])) { 344 $doupdate = ($movetorow['fup'] != $fup['fid']); 345 } 346 if ($doupdate) { 347 updateforumcount($movetorow['fup']); 348 } 349 } 350 updateforumcount($fid); 351 updateforumcount($moveto); 352 } 353 354 message($lang['movethreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 355 } 356 break; 357 358 case 'top': 359 if (noSubmit('topsubmit')) { 360 if (count($tids) == 1) { 361 $query = $db->query("SELECT topped FROM ".X_PREFIX."threads WHERE tid={$tids[0]}"); 362 if ($db->num_rows($query) == 0) { 363 $db->free_result($query); 364 error($lang['textnothread'], FALSE); 365 } 366 $topped = $db->result($query, 0); 367 $db->free_result($query); 368 if ($topped == 1) { 369 $lang['texttopthread'] = $lang['textuntopthread']; 370 } 371 } else { 372 $lang['texttopthread'] = $lang['texttopthread'].' / '.$lang['textuntopthread']; 373 } 374 $tid = implode(',', $tids); 375 eval('echo "'.template('topicadmin_topuntop').'";'); 376 } else { 377 foreach($tids AS $tid) { 378 $query = $db->query("SELECT topped FROM ".X_PREFIX."threads WHERE tid=$tid"); 379 if ($db->num_rows($query) == 0) { 380 $db->free_result($query); 381 error($lang['textnothread'], FALSE); 382 } 383 $topped = $db->result($query, 0); 384 $db->free_result($query); 385 386 if ($topped == 1) { 387 $db->query("UPDATE ".X_PREFIX."threads SET topped='0' WHERE tid=$tid"); 388 } else if ($topped == 0) { 389 $db->query("UPDATE ".X_PREFIX."threads SET topped='1' WHERE tid=$tid"); 390 } 391 392 $act = ($topped ? 'untop' : 'top'); 393 audit($xmbuser, $act, $fid, $tid); 394 } 395 396 message($lang['topthreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 397 } 398 break; 399 400 case 'getip': 401 if ($pid) { 402 $query = $db->query("SELECT * FROM ".X_PREFIX."posts WHERE pid='$pid'"); 403 } else { 404 $query = $db->query("SELECT * FROM ".X_PREFIX."threads WHERE tid={$tids[0]}"); 405 } 406 $ipinfo = $db->fetch_array($query); 407 $db->free_result($query); 408 ?> 409 <form method="post" action="cp.php?action=ipban"> 410 <table cellspacing="0" cellpadding="0" border="0" width="60%" align="center"> 411 <tr><td bgcolor="<?php echo $bordercolor?>"> 412 <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%"> 413 <tr> 414 <td class="header" colspan="3"><?php echo $lang['textgetip']?></td> 415 </tr> 416 <tr bgcolor="<?php echo $altbg2?>"> 417 <td class="tablerow"><?php echo $lang['textyesip']?> <strong><?php echo $ipinfo['useip']?></strong> - <?php echo gethostbyaddr($ipinfo['useip'])?> 418 <?php 419 420 $ip = explode('.', $ipinfo['useip']); 421 $query = $db->query("SELECT * FROM ".X_PREFIX."banned WHERE (ip1='$ip[0]' OR ip1='-1') AND (ip2='$ip[1]' OR ip2='-1') AND (ip3='$ip[2]' OR ip3='-1') AND (ip4='$ip[3]' OR ip4='-1')"); 422 $result = $db->fetch_array($query); 423 $db->free_result($query); 424 if ($result) { 425 $buttontext = $lang['textunbanip']; 426 for($i=1; $i<=4; ++$i) { 427 $j = "ip$i"; 428 if ($result[$j] == -1) { 429 $result[$j] = "*"; 430 $foundmask = 1; 431 } 432 } 433 434 if ($foundmask) { 435 $ipmask = "<strong>$result[ip1].$result[ip2].$result[ip3].$result[ip4]</strong>"; 436 eval($lang['evalipmask']); 437 $lang['bannedipmask'] = stripslashes($lang['bannedipmask']); 438 echo $lang['bannedipmask']; 439 } else { 440 $lang['textbannedip'] = stripslashes($lang['textbannedip']); 441 echo $lang['textbannedip']; 442 } 443 echo "<input type=\"hidden\" name=\"delete$result[id]\" value=\"$result[id]\" />"; 444 } else { 445 $buttontext = $lang['textbanip']; 446 for($i=1; $i<=4; ++$i) { 447 $j = $i - 1; 448 echo "<input type=\"hidden\" name=\"newip$i\" value=\"$ip[$j]\" />"; 449 } 450 } 451 ?> 452 </td> 453 </tr> 454 <tr bgcolor="<?php echo $altbg1?>"><td class="ctrtablerow"><input type="submit" name="ipbansubmit" value="<?php echo $buttontext?>" /> 455 <?php 456 457 echo '</td></tr></table></td></tr></table></form>'; 458 break; 459 460 case 'bump': 461 if (noSubmit('bumpsubmit')) { 462 $tid = implode(',', $tids); 463 eval('echo "'.template('topicadmin_bump').'";'); 464 } else { 465 foreach($tids AS $tid) { 466 $query = $db->query("SELECT pid FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline DESC, pid DESC LIMIT 1"); 467 if ($db->num_rows($query) == 1) { 468 $pid = $db->result($query, 0); 469 470 $where = "WHERE fid=$fid"; 471 if ($forums['type'] == 'sub') { 472 $where .= " OR fid={$forums['fup']}"; 473 } 474 475 $db->query("UPDATE ".X_PREFIX."threads SET lastpost='$onlinetime|$xmbuser|$pid' WHERE tid=$tid"); 476 $db->query("UPDATE ".X_PREFIX."forums SET lastpost='$onlinetime|$xmbuser|$pid' $where"); 477 478 audit($xmbuser, $action, $fid, $tid); 479 } 480 $db->free_result($query); 481 } 482 483 message($lang['bumpthreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 484 } 485 break; 486 487 case 'empty': 488 if (noSubmit('emptysubmit')) { 489 $tid = implode(',', $tids); 490 eval('echo "'.template('topicadmin_empty').'";'); 491 } else { 492 require ('include/attach.inc.php'); 493 foreach($tids AS $tid) { 494 $query = $db->query("SELECT pid FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline ASC LIMIT 1"); 495 if ($db->num_rows($query) == 1) { 496 $pid = $db->result($query, 0); 497 $query = $db->query("SELECT author, COUNT(pid) AS pidcount FROM ".X_PREFIX."posts WHERE tid=$tid AND pid!=$pid GROUP BY author"); 498 while($result = $db->fetch_array($query)) { 499 $dbauthor = $db->escape_var($result['author']); 500 $db->query("UPDATE ".X_PREFIX."members SET postnum=postnum-{$result['pidcount']} WHERE username='$dbauthor'"); 501 } 502 503 emptyThreadAttachments($tid, $pid); // Must delete attachments before posts! 504 $db->query("DELETE FROM ".X_PREFIX."posts WHERE tid=$tid AND pid!=$pid"); 505 506 updatethreadcount($tid); //Also updates lastpost 507 audit($xmbuser, $action, $fid, $tid); 508 } 509 $db->free_result($query); 510 } 511 if ($forums['type'] == 'sub') { 512 updateforumcount($fup['fid']); 513 } 514 updateforumcount($fid); 515 516 message($lang['emptythreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 517 } 518 break; 519 520 case 'split': 521 $tid = $tids[0]; 522 if (noSubmit('splitsubmit')) { 523 $query = $db->query("SELECT replies FROM ".X_PREFIX."threads WHERE tid=$tid"); 524 if ($db->num_rows($query) == 0) { 525 error($lang['textnothread'], FALSE); 526 } 527 $replies = $db->result($query, 0); 528 $db->free_result($query); 529 if ($replies == 0) { 530 error($lang['cantsplit'], false); 531 } 532 533 $query = $db->query("SELECT * FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline"); 534 $posts = ''; 535 while($post = $db->fetch_array($query)) { 536 $bbcodeoff = $post['bbcodeoff']; 537 $smileyoff = $post['smileyoff']; 538 $post['message'] = stripslashes($post['message']); 539 $post['message'] = postify($post['message'], $smileyoff, $bbcodeoff, $fid, $bordercolor, 'no', 'no'); 540 eval('$posts .= "'.template('topicadmin_split_row').'";'); 541 } 542 $db->free_result($query); 543 eval('echo "'.template('topicadmin_split').'";'); 544 } else { 545 $subject = addslashes(postedVar('subject', 'javascript', TRUE, TRUE, TRUE)); // Subjects are historically double-quoted 546 if ($subject == '') { 547 error($lang['textnosubject'], false); 548 } 549 550 $threadcreated = false; 551 $firstmove = false; 552 $query = $db->query("SELECT pid, author, dateline, subject FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline ASC"); 553 $movecount = 0; 554 while($post = $db->fetch_array($query)) { 555 $move = getInt('move'.$post['pid'], 'p'); 556 if ($move == $post['pid']) { 557 if (!$threadcreated) { 558 $thatime = $onlinetime; 559 $db->query("INSERT INTO ".X_PREFIX."threads (fid, subject, icon, lastpost, views, replies, author, closed, topped) VALUES ($fid, '$subject', '', '$thatime|$xmbuser', 0, 0, '".$db->escape_var($post['author'])."', '', 0)"); 560 $newtid = $db->insert_id(); 561 $threadcreated = true; 562 } 563 564 $newsub = ''; 565 if (!$firstmove) { 566 $newsub = ", subject='$subject'"; 567 $firstmove = true; 568 } 569 $db->query("UPDATE ".X_PREFIX."posts SET tid=$newtid $newsub WHERE pid=$move"); 570 $lastpost = $post['dateline'].'|'.$db->escape_var($post['author']).'|'.$post['pid']; 571 $movecount++; 572 } else { 573 $oldlastpost = $post['dateline'].'|'.$db->escape_var($post['author']).'|'.$post['pid']; 574 } 575 } 576 $db->query("UPDATE ".X_PREFIX."threads SET replies=$movecount-1, lastpost='$lastpost' WHERE tid='$newtid'"); 577 $db->query("UPDATE ".X_PREFIX."threads SET replies=replies-$movecount, lastpost='$oldlastpost' WHERE tid=$tid"); 578 $db->free_result($query); 579 580 audit($xmbuser, $action, $fid, $tid); 581 582 if ($forums['type'] == 'sub') { 583 updateforumcount($fup['fid']); 584 } 585 updateforumcount($fid); 586 587 message($lang['splitthreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 588 } 589 break; 590 591 case 'merge': 592 $tid = $tids[0]; 593 if (noSubmit('mergesubmit')) { 594 eval('echo "'.template('topicadmin_merge').'";'); 595 } else { 596 if ($othertid == 0) { 597 error($lang['invalidtid'], false); 598 } else if ($tid == $othertid) { 599 error($lang['cannotmergesamethread'], false); 600 } 601 602 $queryadd1 = $db->query("SELECT t.replies, t.fid, f.type, f.fup FROM ".X_PREFIX."threads AS t LEFT JOIN ".X_PREFIX."forums AS f USING(fid) WHERE t.tid='$othertid'"); 603 604 if ($db->num_rows($queryadd1) == 0) { 605 $db->free_result($queryadd1); 606 error($lang['invalidtid'], false); 607 } 608 $otherthread = $db->fetch_array($queryadd1); 609 $db->free_result($queryadd1); 610 $replyadd = intval($otherthread['replies']) + 1; 611 $otherfid = $otherthread['fid']; 612 613 $db->query("UPDATE ".X_PREFIX."posts SET tid=$tid, fid='$fid' WHERE tid='$othertid'"); 614 615 $db->query("UPDATE ".X_PREFIX."threads SET closed='moved|$tid' WHERE closed='moved|$othertid'"); 616 617 $db->query("DELETE FROM ".X_PREFIX."threads WHERE tid='$othertid'"); 618 619 $db->query("DELETE FROM d, r, v " 620 . "USING ".X_PREFIX."vote_desc AS d " 621 . "LEFT JOIN ".X_PREFIX."vote_results AS r ON r.vote_id = d.vote_id " 622 . "LEFT JOIN ".X_PREFIX."vote_voters AS v ON v.vote_id = d.vote_id " 623 . "WHERE d.topic_id = $othertid"); 624 625 $db->query("UPDATE ".X_PREFIX."favorites AS f " 626 . "INNER JOIN ".X_PREFIX."members AS m ON m.username = f.username " 627 . "INNER JOIN ( " 628 . " SELECT username, COUNT(*) AS fcount " 629 . " FROM ".X_PREFIX."favorites AS f2 " 630 . " WHERE tid=$tid " 631 . " GROUP BY username " 632 . ") AS query2 ON m.username = query2.username " 633 . "SET f.tid=$tid " 634 . "WHERE f.tid='$othertid' AND query2.fcount=0"); 635 $db->query("DELETE FROM ".X_PREFIX."favorites WHERE tid='$othertid'"); 636 637 $query = $db->query("SELECT subject, author, icon FROM ".X_PREFIX."posts WHERE tid=$tid OR tid='$othertid' ORDER BY pid ASC LIMIT 1"); 638 $thread = $db->fetch_array($query); 639 $db->free_result($query); 640 $query = $db->query("SELECT author, dateline, pid FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline DESC LIMIT 0, 1"); 641 $lastpost = $db->fetch_array($query); 642 $db->free_result($query); 643 $db->query("UPDATE ".X_PREFIX."threads SET replies=replies+'$replyadd', subject='".$db->escape_var($thread['subject'])."', icon='{$thread['icon']}', author='".$db->escape_var($thread['author'])."', lastpost='{$lastpost['dateline']}|".$db->escape_var($lastpost['author'])."|{$lastpost['pid']}' WHERE tid=$tid"); 644 645 audit($xmbuser, $action, $fid, $tid); 646 647 if ($forums['type'] == 'sub') { 648 updateforumcount($fup['fid']); 649 } 650 if ($otherthread['type'] == 'sub') { 651 $doupdate = TRUE; 652 if (isset($fup['fid'])) { 653 $doupdate = ($otherthread['fup'] != $fup['fid']); 654 } 655 if ($doupdate) { 656 updateforumcount($otherthread['fup']); 657 } 658 } 659 updateforumcount($fid); 660 updateforumcount($otherfid); 661 662 message($lang['mergethreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 663 } 664 break; 665 666 case 'threadprune': 667 $tid = $tids[0]; 668 if (noSubmit('threadprunesubmit')) { 669 $query = $db->query("SELECT replies FROM ".X_PREFIX."threads WHERE tid=$tid"); 670 if ($db->num_rows($query) == 0) { 671 error($lang['textnothread'], FALSE); 672 } 673 $replies = $db->result($query, 0); 674 $db->free_result($query); 675 676 if ($replies == 0) { 677 error($lang['cantthreadprune'], false); 678 } 679 680 if (X_SADMIN || $SETTINGS['allowrankedit'] == 'off') { 681 $disablePost = ''; 682 $posts = ''; 683 $query = $db->query("SELECT * FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline"); 684 while($post = $db->fetch_array($query)) { 685 $bbcodeoff = $post['bbcodeoff']; 686 $smileyoff = $post['smileyoff']; 687 $post['message'] = stripslashes($post['message']); 688 $post['message'] = postify($post['message'], $smileyoff, $bbcodeoff, $fid, $bordercolor, 'no', 'no'); 689 eval('$posts .= "'.template('topicadmin_threadprune_row').'";'); 690 } 691 $db->free_result($query); 692 } else { 693 $ranks = array('Super Administrator'=>5, 'Administrator'=>4, 'Super Moderator'=>3, 'Moderator'=>2, 'Member'=>1, ''=>0); 694 $posts = ''; 695 $query = $db->query("SELECT p.*, m.status FROM ".X_PREFIX."posts p LEFT JOIN ".X_PREFIX."members m ON (m.username=p.author) WHERE tid=$tid ORDER BY dateline"); 696 while($post = $db->fetch_array($query)) { 697 if ($ranks[$post['status']] > $ranks[$self['status']]) { 698 $disablePost = 'disabled="disabled"'; 699 } else { 700 $disablePost = ''; 701 } 702 $bbcodeoff = $post['bbcodeoff']; 703 $smileyoff = $post['smileyoff']; 704 $post['message'] = stripslashes($post['message']); 705 $post['message'] = postify($post['message'], $smileyoff, $bbcodeoff, $fid, $bordercolor, 'no', 'no'); 706 eval('$posts .= "'.template('topicadmin_threadprune_row').'";'); 707 } 708 $db->free_result($query); 709 } 710 eval('echo "'.template('topicadmin_threadprune').'";'); 711 } else { 712 $postcount = $db->result($db->query("SELECT COUNT(pid) FROM ".X_PREFIX."posts WHERE tid=$tid"), 0); 713 $delcount = 0; 714 foreach($_POST as $key=>$val) { 715 if (substr($key, 0, 4) == 'move') { 716 $delcount++; 717 } 718 } 719 if ($delcount >= $postcount) { 720 error($lang['cantthreadprune'], false); 721 } 722 require ('include/attach.inc.php'); 723 if (X_SADMIN || $SETTINGS['allowrankedit'] == 'off') { 724 $query = $db->query("SELECT author, pid, message FROM ".X_PREFIX."posts WHERE tid=$tid"); 725 while($post = $db->fetch_array($query)) { 726 $move = "move".$post['pid']; 727 $move = getInt($move, 'p'); 728 if (!empty($move)) { 729 $dbauthor = $db->escape_var($post['author']); 730 $db->query("UPDATE ".X_PREFIX."members SET postnum=postnum-1 WHERE username='$dbauthor'"); 731 $db->query("DELETE FROM ".X_PREFIX."posts WHERE pid=$move"); 732 deleteAllAttachments($move); 733 $db->query("UPDATE ".X_PREFIX."threads SET replies=replies-1 WHERE tid=$tid"); 734 } 735 } 736 $db->free_result($query); 737 } else { 738 $ranks = array('Super Administrator'=>5, 'Administrator'=>4, 'Super Moderator'=>3, 'Moderator'=>2, 'Member'=>1, ''=>0); 739 $query = $db->query("SELECT m.status, p.author, p.pid FROM ".X_PREFIX."posts p LEFT JOIN ".X_PREFIX."members m ON (m.username=p.author) WHERE p.tid=$tid"); 740 while($post = $db->fetch_array($query)) { 741 if ($ranks[$post['status']] > $ranks[$self['status']]) { 742 continue; 743 } 744 $move = "move".$post['pid']; 745 $move = getInt($move, 'p'); 746 if (!empty($move)) { 747 $dbauthor = $db->escape_var($post['author']); 748 $db->query("UPDATE ".X_PREFIX."members SET postnum=postnum-1 WHERE username='$dbauthor'"); 749 $db->query("DELETE FROM ".X_PREFIX."posts WHERE pid=$move"); 750 deleteAllAttachments($move); 751 $db->query("UPDATE ".X_PREFIX."threads SET replies=replies-1 WHERE tid=$tid"); 752 } 753 } 754 $db->free_result($query); 755 } 756 757 $firstauthor = $db->result($db->query("SELECT author FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline ASC LIMIT 0,1"), 0); 758 $firstauthor = $db->escape_var($firstauthor); 759 760 $query = $db->query("SELECT pid, author, dateline FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY dateline DESC LIMIT 0,1"); 761 $lastpost = $db->fetch_array($query); 762 $db->free_result($query); 763 764 $db->query("UPDATE ".X_PREFIX."threads SET author='$firstauthor', lastpost='$lastpost[dateline]|".$db->escape_var($lastpost['author'])."|$lastpost[pid]' WHERE tid=$tid"); 765 766 if ($forums['type'] == 'sub') { 767 updateforumcount($fup['fid']); 768 } 769 updateforumcount($fid); 770 771 audit($xmbuser, $action, $fid, $tid); 772 773 message($lang['complete_threadprune'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 774 } 775 break; 776 777 case 'copy': 778 if (noSubmit('copysubmit')) { 779 $tid = implode(',', $tids); 780 $forumselect = forumList('newfid', false, false); 781 eval('echo "'.template('topicadmin_copy').'";'); 782 } else { 783 require ('include/attach.inc.php'); 784 if (!formInt('newfid')) { 785 error($lang['privforummsg'], false); 786 } 787 788 $newfid = getRequestInt('newfid'); 789 790 $otherforum = getForum($newfid); 791 if ($otherforum === FALSE) { 792 error($lang['textnoforum'], FALSE); 793 } 794 795 if (!statuscheck($newfid)) { 796 error($lang['notpermitted'], false); 797 } 798 799 foreach($tids AS $tid) { 800 $thread = $db->fetch_array($db->query("SELECT * FROM ".X_PREFIX."threads WHERE tid=$tid")); 801 802 $thread['fid'] = $newfid; 803 unset($thread['tid']); 804 805 $cols = array(); 806 $vals = array(); 807 808 foreach($thread as $key=>$val) { 809 $cols[] = $key; 810 $vals[] = $db->escape_var($val); 811 } 812 $columns = implode(', ', $cols); 813 $values = "'".implode("', '", $vals)."'"; 814 815 $db->query("INSERT INTO ".X_PREFIX."threads ($columns) VALUES ($values)"); 816 817 $newtid = $db->insert_id(); 818 819 $query = $db->query("SELECT * FROM ".X_PREFIX."posts WHERE tid=$tid ORDER BY pid ASC"); 820 while($post = $db->fetch_array($query)) { 821 $oldPid = $post['pid']; 822 $post['fid'] = $newfid; 823 $post['tid'] = $newtid; 824 unset($post['pid']); 825 826 $cols = array(); 827 $vals = array(); 828 829 foreach($post as $key=>$val) { 830 $cols[] = $key; 831 $vals[] = $db->escape_var($val); 832 } 833 $columns = implode(', ', $cols); 834 $values = "'".implode("', '", $vals)."'"; 835 836 $db->query("INSERT INTO ".X_PREFIX."posts ($columns) VALUES ($values)"); 837 $newpid = $db->insert_id(); 838 839 copyAllAttachments($oldPid, $newpid); 840 } 841 842 $query = $db->query("SELECT author, COUNT(pid) AS pidcount FROM ".X_PREFIX."posts WHERE tid=$tid GROUP BY author"); 843 while($result = $db->fetch_array($query)) { 844 $db->query("UPDATE ".X_PREFIX."members SET postnum=postnum+{$result['pidcount']} WHERE username='".$db->escape_var($result['author'])."'"); 845 } 846 $db->free_result($query); 847 848 audit($xmbuser, $action, $fid, $tid); 849 850 if ($otherforum['type'] == 'sub') { 851 updateforumcount($otherforum['fup']); 852 } 853 updateforumcount($newfid); 854 } 855 856 message($lang['copythreadmsg'], false, '', '', $full_url.'forumdisplay.php?fid='.$fid, true, false, true); 857 } 858 break; 859 } 860 861 end_time(); 862 eval('echo "'.template('footer').'";'); 863 864 function statuscheck($fid) { 865 global $self; 866 867 $forum = getForum($fid); 868 if ($forum === FALSE) { 869 return FALSE; 870 } 871 872 return (modcheck($self['username'], $forum['moderator']) == 'Moderator'); 873 } 874 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Jan 26 20:11:23 2010 | Home | Forum | Download | SVN | Bug Tracker | Documentation | Cross-referenced by PHPXref 0.7 |