diff --git a/classes/script_start.php b/classes/script_start.php index e7db54c5..3684eddc 100644 --- a/classes/script_start.php +++ b/classes/script_start.php @@ -210,7 +210,10 @@ } // IP changed + + if($LoggedUser['IP'] != $_SERVER['REMOTE_ADDR'] && !check_perms('site_disable_ip_history')) { + if(site_ban_ip($_SERVER['REMOTE_ADDR'])) { error('Your IP has been banned.'); } diff --git a/sections/reports/compose.php b/sections/reports/compose.php new file mode 100644 index 00000000..fa2bdab4 --- /dev/null +++ b/sections/reports/compose.php @@ -0,0 +1,179 @@ +query("SELECT Username FROM users_main WHERE ID='$ToID'"); +list($Username) = $DB->next_record(); +if(!$Username) { + error(404); +} +show_header('Compose', 'inbox,bbcode'); + +switch($Type) { + case "user" : + $DB->query("SELECT Username FROM users_main WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No user with the reported ID found"; + } else { + list($Username) = $DB->next_record(); + $TypeLink = "[user]".$Username."[/user]"; + $Subject = "User Report: ". display_str($Username); + } + break; + case "request" : + case "request_update" : + $DB->query("SELECT Title FROM requests WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No request with the reported ID found"; + } else { + list($Name) = $DB->next_record(); + $TypeLink = "[url=https://".NONSSL_SITE_URL."requests.php?action=view&id=".$ThingID."]".display_str($Name)."[/url]"; + $Subject = "Request Report: ". display_str($Name); + + } + break; + case "collage" : + $DB->query("SELECT Name FROM collages WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No collage with the reported ID found"; + } else { + list($Name) = $DB->next_record(); + $TypeLink = "[url=https://".NONSSL_SITE_URL."collage.php?id=".$ThingID."]".display_str($Name)."[/url]"; + $Subject = "Collage Report: ". display_str($Name); + + } + break; + case "thread" : + $DB->query("SELECT Title FROM forums_topics WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No thread with the reported ID found"; + } else { + list($Title) = $DB->next_record(); + $TypeLink = "[url=https://".NONSSL_SITE_URL."forums.php?action=viewthread&threadid=".$ThingID."]".display_str($Title)."[/url]"; + $Subject = "Thread Report: ". display_str($Title); + + } + break; + case "post" : + if (isset($LoggedUser['PostsPerPage'])) { + $PerPage = $LoggedUser['PostsPerPage']; + } else { + $PerPage = POSTS_PER_PAGE; + } + $DB->query("SELECT p.ID, p.Body, p.TopicID, (SELECT COUNT(ID) FROM forums_posts WHERE forums_posts.TopicID = p.TopicID AND forums_posts.ID<=p.ID) AS PostNum FROM forums_posts AS p WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No post with the reported ID found"; + } else { + list($PostID,$Body,$TopicID,$PostNum) = $DB->next_record(); + $TypeLink = "[url=https://".NONSSL_SITE_URL."forums.php?action=viewthread&threadid=".$TopicID."&post=".$PostNum."#post".$PostID."]POST[/url]"; + $Subject = "Post Report"; + + } + break; + case "requests_comment" : + $DB->query("SELECT rc.RequestID, rc.Body, (SELECT COUNT(ID) FROM requests_comments WHERE ID <= ".$ThingID." AND requests_comments.RequestID = rc.RequestID) AS CommentNum FROM requests_comments AS rc WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No comment with the reported ID found"; + } else { + list($RequestID, $Body, $PostNum) = $DB->next_record(); + $PageNum = ceil($PostNum / TORRENT_COMMENTS_PER_PAGE); + $TypeLink = "[url=https://".NONSSL_SITE_URL."requests.php?action=view&id=".$RequestID."&page=".$PageNum."#post".$ThingID."]COMMENT[/url]"; + $Subject = "Requests Comment Report"; + + } + break; + case "torrents_comment" : + $DB->query("SELECT tc.GroupID, tc.Body, (SELECT COUNT(ID) FROM torrents_comments WHERE ID <= ".$ThingID." AND torrents_comments.GroupID = tc.GroupID) AS CommentNum FROM torrents_comments AS tc WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No comment with the reported ID found"; + } else { + list($GroupID, $Body, $PostNum) = $DB->next_record(); + $PageNum = ceil($PostNum / TORRENT_COMMENTS_PER_PAGE); + $TypeLink = "[url=https://".NONSSL_SITE_URL."torrents.php?id=".$GroupID."&page=".$PageNum."#post".$ThingID."]COMMENT[/url]"; + $Subject = "Torrent Comment Report"; + + } + break; + case "collages_comment" : + $DB->query("SELECT cc.CollageID, cc.Body, (SELECT COUNT(ID) FROM collages_comments WHERE ID <= ".$ThingID." AND collages_comments.CollageID = cc.CollageID) AS CommentNum FROM collages_comments AS cc WHERE ID=".$ThingID); + if($DB->record_count() < 1) { + $Error = "No comment with the reported ID found"; + } else { + list($CollageID, $Body, $PostNum) = $DB->next_record(); + $PerPage = POSTS_PER_PAGE; + $PageNum = ceil($PostNum / $PerPage); + $TypeLink = "[url=https://".NONSSL_SITE_URL."collage.php?action=comments&collageid=".$CollageID."&page=".$PageNum."#post".$ThingID."]COMMENT[/url]"; + $Subject = "Collage Comment Report"; + } + break; + default: + error("Incorrect type"); + break; +} +if(isset($Error)) { + error($Error); +} + +$DB->query("SELECT r.Reason FROM reports AS r WHERE r.ID = $ReportID"); +list($Reason) = $DB->next_record(); + +$Body = "You reported this $TypeLink for the reason:\n[quote]".$Reason."[/quote]"; + +?> +
+
+

+ Send a message to + +

+
+
+
+ +
+

Subject

+
+

Body

+ +
+ +
+ +
+
+
+
+ + diff --git a/sections/reports/index.php b/sections/reports/index.php index 13409082..20280320 100644 --- a/sections/reports/index.php +++ b/sections/reports/index.php @@ -1,7 +1,9 @@ "> Report - was reported by + was reported by [Contact] diff --git a/sections/reports/takecompose.php b/sections/reports/takecompose.php new file mode 100644 index 00000000..35ec6a1e --- /dev/null +++ b/sections/reports/takecompose.php @@ -0,0 +1,54 @@ +query("SELECT UserID FROM pm_conversations_users WHERE UserID='$LoggedUser[ID]' AND ConvID='$ConvID'"); + if($DB->record_count() == 0) { + error(403); + } +} else { + $ConvID=''; + if(!is_number($_POST['toid'])) { + $Err = "This recipient does not exist."; + } else { + $ToID = $_POST['toid']; + } + $Subject = trim($_POST['subject']); + if (empty($Subject)) { + $Err = "You can't send a message without a subject."; + } +} +$Body = trim($_POST['body']); +if($Body === '' || $Body === false) { + $Err = "You can't send a message without a body!"; +} + +if(!empty($Err)) { + error($Err); + //header('Location: inbox.php?action=compose&to='.$_POST['toid']); + $ToID = $_POST['toid']; + $Return = true; + include(SERVER_ROOT.'/sections/inbox/compose.php'); + die(); +} + +$ConvID = send_pm($ToID,$LoggedUser['ID'],db_string($Subject),db_string($Body),$ConvID); + +header('Location: reports.php'); +?>