Empty commit

2024-12-13 19:06:27 +00:00 · 2012-09-04 08:00:23 +00:00 · 2012-09-04 08:00:23 +00:00 · 9f216002c1
commit 9f216002c1
parent 4735fae507
5 changed files with 247 additions and 3 deletions
--- a/classes/script_start.php
+++ b/classes/script_start.php
@ -210,7 +210,10 @@
 	}
 	
 	// IP changed
+	
+	
 	if($LoggedUser['IP'] != $_SERVER['REMOTE_ADDR'] && !check_perms('site_disable_ip_history')) {
+	
 		if(site_ban_ip($_SERVER['REMOTE_ADDR'])) {
 			error('Your IP has been banned.');
 		}
--- a/sections/reports/compose.php
+++ b/sections/reports/compose.php
@ -0,0 +1,179 @@
+<?
+if(!check_perms('site_moderate_forums')) {
+	error(403);
+}
+
+if(empty($Return)) {
+	$ToID = $_GET['to'];
+	if($ToID == $LoggedUser['ID']) {
+		error("You cannot start a conversation with yourself!");
+		header('Location: inbox.php');
+	}
+}
+
+if(!$ToID || !is_number($ToID)) {
+	error(404);
+}
+
+$ReportID = $_GET['reportid'];
+$Type = $_GET['type'];
+$ThingID= $_GET['thingid'];
+
+if(!$ReportID || !is_number($ReportID) || !$ThingID || !is_number($ThingID) || !$Type) {
+	error(403);
+}
+
+if(!empty($LoggedUser['DisablePM']) && !isset($StaffIDs[$ToID])) {
+	error(403);
+}
+
+$DB->query("SELECT Username FROM users_main WHERE ID='$ToID'");
+list($Username) = $DB->next_record();
+if(!$Username) {
+	error(404);
+}
+show_header('Compose', 'inbox,bbcode');
+
+switch($Type) {
+	case "user" :
+		$DB->query("SELECT Username FROM users_main WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error = "No user with the reported ID found";
+		} else {
+			list($Username) = $DB->next_record();
+			$TypeLink = "[user]".$Username."[/user]";
+			$Subject = "User Report: ". display_str($Username);
+		}
+		break;
+	case "request" :
+	case "request_update" :
+		$DB->query("SELECT Title FROM requests WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error = "No request with the reported ID found";
+		} else {
+			list($Name) = $DB->next_record();
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."requests.php?action=view&amp;id=".$ThingID."]".display_str($Name)."[/url]";
+			$Subject = "Request Report: ". display_str($Name);
+
+		}
+		break;
+	case "collage" :
+		$DB->query("SELECT Name FROM collages WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error = "No collage with the reported ID found";
+		} else {
+			list($Name) = $DB->next_record();
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."collage.php?id=".$ThingID."]".display_str($Name)."[/url]";
+			$Subject = "Collage Report: ". display_str($Name);
+
+		}
+		break;
+	case "thread" :
+		$DB->query("SELECT Title FROM forums_topics WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error = "No thread with the reported ID found";
+		} else {
+			list($Title) = $DB->next_record();
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."forums.php?action=viewthread&amp;threadid=".$ThingID."]".display_str($Title)."[/url]";
+			$Subject = "Thread Report: ". display_str($Title);
+
+		}
+		break;
+	case "post" :
+		if (isset($LoggedUser['PostsPerPage'])) {
+			$PerPage = $LoggedUser['PostsPerPage'];
+		} else {
+			$PerPage = POSTS_PER_PAGE;
+		}
+		$DB->query("SELECT p.ID, p.Body, p.TopicID, (SELECT COUNT(ID) FROM forums_posts WHERE forums_posts.TopicID = p.TopicID AND forums_posts.ID<=p.ID) AS PostNum FROM forums_posts AS p WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error =  "No post with the reported ID found";
+		} else {
+			list($PostID,$Body,$TopicID,$PostNum) = $DB->next_record();
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."forums.php?action=viewthread&amp;threadid=".$TopicID."&post=".$PostNum."#post".$PostID."]POST[/url]";
+			$Subject = "Post Report";
+
+		}
+		break;
+	case "requests_comment" :
+		$DB->query("SELECT rc.RequestID, rc.Body, (SELECT COUNT(ID) FROM requests_comments WHERE ID <= ".$ThingID." AND requests_comments.RequestID = rc.RequestID) AS CommentNum FROM requests_comments AS rc WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error =  "No comment with the reported ID found";
+		} else {
+			list($RequestID, $Body, $PostNum) = $DB->next_record();
+			$PageNum = ceil($PostNum / TORRENT_COMMENTS_PER_PAGE);
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."requests.php?action=view&amp;id=".$RequestID."&page=".$PageNum."#post".$ThingID."]COMMENT[/url]";
+			$Subject = "Requests Comment Report";
+
+		}
+		break;
+	case "torrents_comment" :
+		$DB->query("SELECT tc.GroupID, tc.Body, (SELECT COUNT(ID) FROM torrents_comments WHERE ID <= ".$ThingID." AND torrents_comments.GroupID = tc.GroupID) AS CommentNum FROM torrents_comments AS tc WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error =  "No comment with the reported ID found";
+		} else {
+			list($GroupID, $Body, $PostNum) = $DB->next_record();
+			$PageNum = ceil($PostNum / TORRENT_COMMENTS_PER_PAGE);
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."torrents.php?id=".$GroupID."&page=".$PageNum."#post".$ThingID."]COMMENT[/url]";
+			$Subject = "Torrent Comment Report";
+
+		}
+		break;
+	case "collages_comment" :
+		$DB->query("SELECT cc.CollageID, cc.Body, (SELECT COUNT(ID) FROM collages_comments WHERE ID <= ".$ThingID." AND collages_comments.CollageID = cc.CollageID) AS CommentNum FROM collages_comments AS cc WHERE ID=".$ThingID);
+		if($DB->record_count() < 1) {
+			$Error =  "No comment with the reported ID found";
+		} else {
+			list($CollageID, $Body, $PostNum) = $DB->next_record();
+			$PerPage = POSTS_PER_PAGE;
+			$PageNum = ceil($PostNum / $PerPage);
+			$TypeLink = "[url=https://".NONSSL_SITE_URL."collage.php?action=comments&amp;collageid=".$CollageID."&page=".$PageNum."#post".$ThingID."]COMMENT[/url]";
+			$Subject = "Collage Comment Report";
+		}
+		break;
+	default:
+		error("Incorrect type");
+		break;
+}
+if(isset($Error)) {
+	error($Error);
+}
+
+$DB->query("SELECT r.Reason FROM reports AS r WHERE r.ID = $ReportID");
+list($Reason) = $DB->next_record();
+
+$Body = "You reported this $TypeLink for the reason:\n[quote]".$Reason."[/quote]";
+
+?>
+<div class="thin">
+	<div class="header">
+		<h2>
+			Send a message to <a href="user.php?id=<?=$ToID?>
+"> <?=$Username?>
+			</a>
+		</h2>
+	</div>
+	<form action="reports.php" method="post" id="messageform">
+		<div class="box pad">
+			<input type="hidden" name="action" value="takecompose" /> <input
+				type="hidden" name="toid" value="<?=$ToID?>" /> <input type="hidden"
+				name="auth" value="<?=$LoggedUser['AuthKey']?>" />
+			<div id="quickpost">
+				<h3>Subject</h3>
+				<input type="text" name="subject" size="95"
+					value="<?=(!empty($Subject) ? $Subject : '')?>" /><br />
+				<h3>Body</h3>
+				<textarea id="body" name="body" cols="95" rows="10"><?=(!empty($Body) ? $Body : '')?></textarea>
+			</div>
+			<div id="preview" class="hidden"></div>
+			<div id="buttons" class="center">
+				<input type="button" value="Preview" onclick="Quick_Preview();" /> <input
+					type="submit" value="Send message" />
+			</div>
+		</div>
+	</form>
+</div>
+
+<?
+show_footer();
+?>
--- a/sections/reports/index.php
+++ b/sections/reports/index.php
@ -1,7 +1,9 @@
 <?
 enforce_login();

-if (empty($_REQUEST['action'])) { $_REQUEST['action'] = ''; }
+if (empty($_REQUEST['action'])) {
+	$_REQUEST['action'] = '';
+}

 switch($_REQUEST['action']){
 	case 'report':
@ -16,6 +18,12 @@
 	case 'stats':
 		include(SERVER_ROOT.'/sections/reports/stats.php');
 		break;
+	case 'compose':
+		include(SERVER_ROOT.'/sections/reports/compose.php');
+		break;
+	case 'takecompose':
+		include(SERVER_ROOT.'/sections/reports/takecompose.php');
+		break;
 	default:
 		include(SERVER_ROOT.'/sections/reports/reports.php');
 		break;
--- a/sections/reports/reports.php
+++ b/sections/reports/reports.php
@ -56,7 +56,7 @@
 		r.Reason, 
 		r.Status
 	FROM reports AS r 
-		JOIN users_main AS um ON r.UserID=um.ID 
+	JOIN users_main AS um ON r.UserID=um.ID
 	WHERE ".$Where." 
 	ORDER BY ReportedTime 
 	DESC LIMIT ".$Limit);
@ -101,7 +101,7 @@
 		<table cellpadding="5" id="report_<?=$ReportID?>">
 			<tr>
 				<td><strong><a href="<?=$Reference?>">Report</a></strong></td>
-				<td><strong><?=$Type['title']?></strong> was reported by <a href="user.php?id=<?=$SnitchID?>"><?=$SnitchName?></a> <?=time_diff($ReportedTime)?></td>
+				<td><strong><?=$Type['title']?></strong> was reported by <a href="user.php?id=<?=$SnitchID?>"><?=$SnitchName?></a> <?=time_diff($ReportedTime)?> <a href="reports.php?action=compose&to=<?=$SnitchID?>&reportid=<?=$ReportID?>&type=<?=$Short?>&thingid=<?=$ThingID?>">[Contact]</a></td>
 			</tr>
 			<tr>
 			
--- a/sections/reports/takecompose.php
+++ b/sections/reports/takecompose.php
@ -0,0 +1,54 @@
+<?
+authorize();
+
+
+if(empty($_POST['toid'])) { error(404); }
+
+if(!empty($LoggedUser['DisablePM']) && !isset($StaffIDs[$_POST['toid']])) {
+	error(403);
+}
+
+
+if (isset($_POST['convid']) && is_number($_POST['convid'])) {
+	$ConvID = $_POST['convid'];
+	$Subject='';
+	$ToID = explode(',', $_POST['toid']);
+	foreach($ToID as $TID) {
+		if(!is_number($TID)) {
+			$Err = "A recipient does not exist.";
+		}
+	}
+	$DB->query("SELECT UserID FROM pm_conversations_users WHERE UserID='$LoggedUser[ID]' AND ConvID='$ConvID'");
+	if($DB->record_count() == 0) {
+		error(403);
+	}
+} else {
+	$ConvID='';
+	if(!is_number($_POST['toid'])) {
+		$Err = "This recipient does not exist.";
+	} else {
+		$ToID = $_POST['toid'];
+	}
+	$Subject = trim($_POST['subject']);
+	if (empty($Subject)) {
+		$Err = "You can't send a message without a subject.";
+	}
+}
+$Body = trim($_POST['body']);
+if($Body === '' || $Body === false) {
+	$Err = "You can't send a message without a body!";
+}
+
+if(!empty($Err)) {
+	error($Err);
+	//header('Location: inbox.php?action=compose&to='.$_POST['toid']);
+	$ToID = $_POST['toid'];
+	$Return = true;
+	include(SERVER_ROOT.'/sections/inbox/compose.php');
+	die();
+}
+
+$ConvID = send_pm($ToID,$LoggedUser['ID'],db_string($Subject),db_string($Body),$ConvID);
+
+header('Location: reports.php');
+?>