moderate.inc.php

Discuz功能源码（开源）

<?php

/*
[Discuz!] (C)2001-2009 Comsenz Inc.
This is NOT a freeware, use is subject to license terms

$Id: moderate.inc.php 16688 2008-11-14 06:41:07Z cnteacher $
*/

if(!defined('IN_DISCUZ') || !defined('IN_MODCP')) {
	exit('Access Denied');
}

if($op == 'members') {


	if(!$allowmoduser) {
		showmessage('modcp_moduser_invite_nopermission');
	}

	$filter = isset($filter) ? intval($filter) : 0;
	$filtercheck = array( $filter => 'selected');

	if(submitcheck('dosubmit', 1) || submitcheck('modsubmit')) {

		if(empty($mod) || !in_array($mod, array('invalidate', 'validate', 'delete'))) {
			showmessage('modcp_noaction');
		}

		$list = array();
		if($moderate && is_array($moderate)) {
			foreach($moderate as $val) {
				if(is_numeric($val) && $val) {
					$list[] = $val;
				}
			}
		}

		if(submitcheck('dosubmit', 1)) {

			include template('modcp_moderate_float');
			dexit();

		} elseif ($uids = implodeids($list)) {

			$members = $uidarray = array();

			$query = $db->query("SELECT v.*, m.uid, m.username, m.email, m.regdate FROM {$tablepre}validating v, {$tablepre}members m
				WHERE v.uid IN ($uids) AND m.uid=v.uid AND m.groupid='8' AND status='$filter'");
			while($member = $db->fetch_array($query)) {
				$members[$member['uid']] = $member;
				$uidarray[] = $member['uid'];
			}

			if($uids = implodeids($uidarray)) {

				$reason = dhtmlspecialchars(trim($reason));

				if($mod == 'delete') {
					$db->query("DELETE FROM {$tablepre}members WHERE uid IN ($uids)");
					$db->query("DELETE FROM {$tablepre}memberfields WHERE uid IN ($uids)");
					$db->query("DELETE FROM {$tablepre}validating WHERE uid IN ($uids)");
				}

				if($mod == 'validate') {
					$newgroupid = $db->result_first("SELECT groupid FROM {$tablepre}usergroups WHERE creditshigher<=0 AND 0<creditslower LIMIT 1");
					$db->query("UPDATE {$tablepre}members SET adminid='0', groupid='$newgroupid' WHERE uid IN ($uids)");
					$db->query("DELETE FROM {$tablepre}validating WHERE uid IN ($uids)");
				}

				if($mod == 'invalidate') {
					$db->query("UPDATE {$tablepre}validating SET moddate='$timestamp', admin='$discuz_user', status='1', remark='$reason' WHERE uid IN ($uids)");
				}

				if($sendemail) {
					foreach($members as $uid => $member) {
						$member['regdate'] = gmdate($_DCACHE['settings']['dateformat'].' '.$_DCACHE['settings']['timeformat'], $member['regdate'] + $_DCACHE['settings']['timeoffset'] * 3600);
						$member['submitdate'] = gmdate($_DCACHE['settings']['dateformat'].' '.$_DCACHE['settings']['timeformat'], $member['submitdate'] + $_DCACHE['settings']['timeoffset'] * 3600);
						$member['moddate'] = gmdate($_DCACHE['settings']['dateformat'].' '.$_DCACHE['settings']['timeformat'], $timestamp + $_DCACHE['settings']['timeoffset'] * 3600);
						$member['operation'] = 'moderate_member_'.$mod;
						$member['remark'] = $reason ? $reason : 'N/A';
						sendmail("$member[username] <$member[email]>", 'moderate_member_subject', 'moderate_member_message');
					}
				}
			}

			showmessage('modcp_mod_succeed', "{$cpscript}?action=$action&op=$op&filter=$filter");

		} else {
			showmessage('modcp_moduser_invalid');
		}

	} else {

		$count =  array(0, 0, 0);
		$query = $db->query("SELECT status, COUNT(*) AS count FROM {$tablepre}validating GROUP BY status");
		while($num = $db->fetch_array($query)) {
			$count[$num['status']] = $num['count'];
		}

		$page = max(1, intval($page));
		$memberperpage = 20;
		$start_limit = ($page - 1) * $memberperpage;

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}validating WHERE status='0'");
		$multipage = multi($db->result($query, 0), $memberperpage, $page, "{$cpscript}?action=$action&op=$op&fid=$fid&filter=$filter");

		$vuids = '0';
		$memberlist = array();
		$query = $db->query("SELECT m.uid, m.username, m.groupid, m.email, m.regdate, m.regip, v.message, v.submittimes, v.submitdate, v.moddate, v.admin, v.remark
				FROM {$tablepre}validating v, {$tablepre}members m
				WHERE v.status='$filter' AND m.uid=v.uid ORDER BY v.submitdate DESC LIMIT $start_limit, $memberperpage");
		while($member = $db->fetch_array($query)) {
			if($member['groupid'] != 8) {
				$vuids .= ','.$member['uid'];
				continue;
			}
			$member['regdate'] = gmdate("$dateformat $timeformat", $member['regdate'] + $timeoffset * 3600);
			$member['submitdate'] = gmdate("$dateformat $timeformat", $member['submitdate'] + $timeoffset * 3600);
			$member['moddate'] = $member['moddate'] ? gmdate("$dateformat $timeformat", $member['moddate'] + $timeoffset * 3600) : $lang['none'];
			$member['message'] = dhtmlspecialchars($member['message']);
			$member['admin'] = $member['admin'] ? "<a href=\"space.php?username=".rawurlencode($member['admin'])."\" target=\"_blank\">$member[admin]</a>" : $lang['none'];
			$memberlist[] = $member;
		}

		if($vuids) {
			$db->query("DELETE FROM {$tablepre}validating WHERE uid IN ($vuids)", 'UNBUFFERED');
		}

		return true;
	}
}

if(empty($modforums['fids'])) {
	return false;
} elseif ($fid && ($forum['type'] == 'group' || !$forum['ismoderator'])) {
	return false;
} else {
	if($fid) {
		$modfidsadd = "fid='$fid'";
	} elseif($adminid == 1) {
		$modfidsadd = "";
	} else {
		$modfidsadd = "fid in ($modforums[fids])";
	}
}

$updatestat = false;

$op = !in_array($op , array('replies', 'threads')) ? 'threads' : $op;
$mod = !in_array($mod , array('delete', 'ignore', 'validate')) ? 'ignore' : $mod;

$filter = !empty($filter) ? -3 : 0;
$filtercheck = array($filter => 'selected="selected"');

$pstat = $filter == -3 ? -3 : -2;

$tpp = 10;
$page = max(1, intval($page));
$start_limit = ($page - 1) * $tpp;

$postlist = array();

$modpost = array('validate' => 0, 'delete' => 0, 'ignore' => 0);
$moderation = array('validate' => array(), 'delete' => array(), 'ignore' => array());

if(submitcheck('dosubmit', 1) || submitcheck('modsubmit')) {

	$list = array();
	if($moderate && is_array($moderate)) {
		foreach($moderate as $val) {
			if(is_numeric($val) && $val) {
				$moderation[$mod][] = $val;
			}
		}
	}

	if(submitcheck('dosubmit', 1)) {

		$list = $moderation[$mod];
		include template('modcp_moderate_float');
		dexit();

	} else {

		require_once DISCUZ_ROOT.'./include/post.func.php';

		$updatestat = $op == 'replies' ? 1 : 2;
		$modpost = array(
			'ignore' => count($moderation['ignore']),
			'delete' => count($moderation['delete']),
			'validate' => count($moderation['validate'])
		);
	}
}

if($op == 'replies') {

	if(submitcheck('modsubmit')) {

		$pmlist = array();
		if($ignorepids = implodeids($moderation['ignore'])) {
			$db->query("UPDATE {$tablepre}posts SET invisible='-3' WHERE pid IN ($ignorepids) AND invisible='-2' AND first='0' AND ".($modfidsadd ? $modfidsadd : '1'));
		}

		if($deletepids = implodeids($moderation['delete'])) {
			$query = $db->query("SELECT pid, authorid, tid, message FROM {$tablepre}posts WHERE pid IN ($deletepids) AND invisible='$pstat' AND first='0' AND ".($modfidsadd ? $modfidsadd : '1'));
			$pids = '0';
			while($post = $db->fetch_array($query)) {
				$pids .= ','.$post['pid'];
				$pm = 'pm_'.$post['pid'];
				if(isset($$pm) && $$pm <> '' && $post['authorid']) {
					$pmlist[] = array(
						'act' => 'modreplies_delete_',
						'authorid' => $post['authorid'],
						'tid' => $post['tid'],
						'post' =>  dhtmlspecialchars(cutstr($post['message'], 30)),
						'reason' => dhtmlspecialchars($$pm)
					);
				}
			}

			if($pids) {
				$query = $db->query("SELECT attachment, thumb, remote FROM {$tablepre}attachments WHERE pid IN ($pids)");
				while($attach = $db->fetch_array($query)) {
					dunlink($attach['attachment'], $attach['thumb'], $attach['remote']);
				}
				$db->query("DELETE FROM {$tablepre}attachments WHERE pid IN ($pids)", 'UNBUFFERED');
				$db->query("DELETE FROM {$tablepre}posts WHERE pid IN ($pids)", 'UNBUFFERED');
				$db->query("DELETE FROM {$tablepre}trades WHERE pid IN ($pids)", 'UNBUFFERED');
			}
			updatemodworks('DLP', count($moderation['delete']));
		}

		$repliesmod = 0;
		if($validatepids = implodeids($moderation['validate'])) {

			$threads = $lastpost = $attachments = $pidarray = $authoridarray = array();
			$query = $db->query("SELECT t.lastpost, p.pid, p.fid, p.tid, p.authorid, p.author, p.dateline, p.attachment, p.message, p.anonymous, ff.replycredits
				FROM {$tablepre}posts p
				LEFT JOIN {$tablepre}forumfields ff ON ff.fid=p.fid
				LEFT JOIN {$tablepre}threads t ON t.tid=p.tid
				WHERE p.pid IN ($validatepids) AND p.invisible='$pstat' AND p.first='0' AND ".($modfidsadd ? "p.{$modfidsadd}" : '1'));

			while($post = $db->fetch_array($query)) {
				$repliesmod ++;
				$pidarray[] = $post['pid'];
				if($post['replycredits']) {
					updatepostcredits('+', $post['authorid'], unserialize($post['replycredits']));
				} else {
					$authoridarray[] = $post['authorid'];
				}

				$threads[$post['tid']]['posts']++;
				$threads[$post['tid']]['lastpostadd'] = $post['dateline'] > $post['lastpost'] && $post['dateline'] > $lastpost[$post['tid']] ?
				", lastpost='$post[dateline]', lastposter='".($post['anonymous'] && $post['dateline'] != $post['lastpost'] ? '' : addslashes($post[author]))."'" : '';
				$threads[$post['tid']]['attachadd'] = $threads[$post['tid']]['attachadd'] || $post['attachment'] ? ', attachment=\'1\'' : '';

				$pm = 'pm_'.$post['pid'];
				if(isset($$pm) && $$pm <> '' && $post['authorid']) {
					$pmlist[] = array(
					'act' => 'modreplies_validate_',
					'authorid' => $post['authorid'],
					'tid' => $post['tid'],
					'post' =>  dhtmlspecialchars(cutstr($post['message'], 30)),
					'reason' => dhtmlspecialchars($$pm)
					);
				}
			}

			if($authoridarray) {
				updatepostcredits('+', $authoridarray, $creditspolicy['reply']);