mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-11-27 17:00:52 +01:00
Reports/report queue
This commit is contained in:
parent
8e1ef6558b
commit
ce18d43bcd
@ -100,6 +100,8 @@
|
|||||||
$config['error']['tor'] = 'Hmm… That looks like a Tor exit node.';
|
$config['error']['tor'] = 'Hmm… That looks like a Tor exit node.';
|
||||||
$config['error']['toomanylinks'] = 'Too many links; flood detected.';
|
$config['error']['toomanylinks'] = 'Too many links; flood detected.';
|
||||||
$config['error']['nodelete'] = 'You didn\'t select anything to delete.';
|
$config['error']['nodelete'] = 'You didn\'t select anything to delete.';
|
||||||
|
$config['error']['noreport'] = 'You didn\'t select anything to report.';
|
||||||
|
$config['error']['toomanyreports'] = 'You can\'t report that many posts at once.';
|
||||||
$config['error']['invalidpassword'] = 'Wrong password…';
|
$config['error']['invalidpassword'] = 'Wrong password…';
|
||||||
$config['error']['invalidimg'] = 'Invalid image.';
|
$config['error']['invalidimg'] = 'Invalid image.';
|
||||||
$config['error']['filesize'] = 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes';
|
$config['error']['filesize'] = 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes';
|
||||||
@ -120,6 +122,9 @@
|
|||||||
$config['error']['invalidpost'] = 'That post doesn\'t exist…';
|
$config['error']['invalidpost'] = 'That post doesn\'t exist…';
|
||||||
$config['error']['404'] = 'Page not found.';
|
$config['error']['404'] = 'Page not found.';
|
||||||
|
|
||||||
|
// How many reports you can create in the same request.
|
||||||
|
$config['report_limit'] = 2;
|
||||||
|
|
||||||
// Reply limit (deletes thread when this is reached)
|
// Reply limit (deletes thread when this is reached)
|
||||||
$config['reply_limit'] = 250;
|
$config['reply_limit'] = 250;
|
||||||
|
|
||||||
@ -264,6 +269,12 @@
|
|||||||
/* Administration */
|
/* Administration */
|
||||||
// Display the contents of instance-config.php
|
// Display the contents of instance-config.php
|
||||||
$config['mod']['show_config'] = ADMIN;
|
$config['mod']['show_config'] = ADMIN;
|
||||||
|
// View the report queue
|
||||||
|
$config['mod']['reports'] = JANITOR;
|
||||||
|
// Dismiss an abuse report
|
||||||
|
$config['mod']['report_dismiss'] = JANITOR;
|
||||||
|
// Dismiss all abuse reports by an IP
|
||||||
|
$config['mod']['report_dismiss_ip'] = JANITOR;
|
||||||
// View list of bans
|
// View list of bans
|
||||||
$config['mod']['view_banlist'] = MOD;
|
$config['mod']['view_banlist'] = MOD;
|
||||||
// View the username of the mod who made a ban
|
// View the username of the mod who made a ban
|
||||||
|
@ -828,8 +828,8 @@
|
|||||||
) == '127.0.0.2';
|
) == '127.0.0.2';
|
||||||
}
|
}
|
||||||
|
|
||||||
function ReverseIPOctets($inputip) {
|
function ReverseIPOctets($ip) {
|
||||||
$ipoc = explode('.', $inputip);
|
$ipoc = explode('.', $ip);
|
||||||
return $ipoc[3] . '.' . $ipoc[2] . '.' . $ipoc[1] . '.' . $ipoc[0];
|
return $ipoc[3] . '.' . $ipoc[2] . '.' . $ipoc[1] . '.' . $ipoc[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
84
mod.php
84
mod.php
@ -80,6 +80,9 @@
|
|||||||
// Boards
|
// Boards
|
||||||
$fieldset['Boards'] .= ulBoards();
|
$fieldset['Boards'] .= ulBoards();
|
||||||
|
|
||||||
|
if($mod['type'] >= $config['mod']['reports']) {
|
||||||
|
$fieldset['Administration'] .= '<li><a href="?/reports">Report queue</a></li>';
|
||||||
|
}
|
||||||
if($mod['type'] >= $config['mod']['view_banlist']) {
|
if($mod['type'] >= $config['mod']['view_banlist']) {
|
||||||
$fieldset['Administration'] .= '<li><a href="?/bans">Ban list</a></li>';
|
$fieldset['Administration'] .= '<li><a href="?/bans">Ban list</a></li>';
|
||||||
}
|
}
|
||||||
@ -102,6 +105,87 @@
|
|||||||
//,'mod'=>true /* All 'mod' does, at this point, is put the "Return to dashboard" link in. */
|
//,'mod'=>true /* All 'mod' does, at this point, is put the "Return to dashboard" link in. */
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
} elseif(preg_match('/^\/reports$/', $query)) {
|
||||||
|
$body = '';
|
||||||
|
|
||||||
|
$query = query("SELECT `reports`.*, `boards`.`uri` FROM `reports` INNER JOIN `boards` ON `board` = `boards`.`id` ORDER BY `time` DESC") or error(db_error());
|
||||||
|
if($query->rowCount() < 1)
|
||||||
|
$body = '(Empty.)';
|
||||||
|
else {
|
||||||
|
while($report = $query->fetch()) {
|
||||||
|
$p_query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `id` = :id", $report['uri']));
|
||||||
|
$p_query->bindValue(':id', $report['post'], PDO::PARAM_INT);
|
||||||
|
$p_query->execute() or error(db_error($query));
|
||||||
|
|
||||||
|
if(!$post = $p_query->fetch()) {
|
||||||
|
// Invalid report (post has since been deleted)
|
||||||
|
$p_query = prepare("DELETE FROM `reports` WHERE `post` = :id");
|
||||||
|
$p_query->bindValue(':id', $report['post'], PDO::PARAM_INT);
|
||||||
|
$p_query->execute() or error(db_error($query));
|
||||||
|
}
|
||||||
|
|
||||||
|
openBoard($report['uri']);
|
||||||
|
|
||||||
|
if(!$post['thread']) {
|
||||||
|
$po = new Thread($post['id'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $post['sticky'], $post['locked'], '?/', $mod, false);
|
||||||
|
} else {
|
||||||
|
$po = new Post($post['id'], $post['thread'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], '?/', $mod);
|
||||||
|
}
|
||||||
|
|
||||||
|
$po->body .=
|
||||||
|
'<div class="report">' .
|
||||||
|
'<hr/>' .
|
||||||
|
'Board: <a href="?/' . $report['uri'] . '/' . $config['file_index'] . '">' . sprintf($config['board_abbreviation'], $report['uri']) . '</a><br/>' .
|
||||||
|
'Reason: ' . $report['reason'] . '<br/>' .
|
||||||
|
'Reported by: <a href="?/IP/' . $report['ip'] . '">' . $report['ip'] . '</a><br/>' .
|
||||||
|
'<hr/>' .
|
||||||
|
($mod['type'] >= $config['mod']['report_dismiss'] ?
|
||||||
|
'<a title="Discard abuse report" href="?/reports/' . $report['id'] . '/dismiss">Dismiss</a> | ' : '') .
|
||||||
|
($mod['type'] >= $config['mod']['report_dismiss_ip'] ?
|
||||||
|
'<a title="Discard all abuse reports by this user" href="?/reports/' . $report['id'] . '/dismiss/all">Dismiss+</a>' : '') .
|
||||||
|
'</div>';
|
||||||
|
$body .= $po->build(true) . '<hr/>';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
echo Element('page.html', Array(
|
||||||
|
'index'=>$config['root'],
|
||||||
|
'title'=>'Report queue',
|
||||||
|
'body'=>$body,
|
||||||
|
'mod'=>true
|
||||||
|
));
|
||||||
|
} elseif(preg_match('/^\/reports\/(\d+)\/dismiss(\/all)?$/', $query, $matches)) {
|
||||||
|
if(isset($matches[2]) && $matches[2] == '/all') {
|
||||||
|
if($mod['type'] < $config['mod']['report_dismiss_ip']) error($config['error']['noaccess']);
|
||||||
|
|
||||||
|
$query = prepare("SELECT `ip` FROM `reports` WHERE `id` = :id");
|
||||||
|
$query->bindValue(':id', $matches[1], PDO::PARAM_INT);
|
||||||
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
|
if($report = $query->fetch()) {
|
||||||
|
$query = prepare("DELETE FROM `reports` WHERE `ip` = :ip");
|
||||||
|
$query->bindValue(':ip', $report['ip'], PDO::PARAM_INT);
|
||||||
|
$query->execute() or error(db_error($query));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if($mod['type'] < $config['mod']['report_dismiss']) error($config['error']['noaccess']);
|
||||||
|
|
||||||
|
$query = prepare("SELECT `post` FROM `reports` WHERE `id` = :id");
|
||||||
|
$query->bindValue(':id', $matches[1], PDO::PARAM_INT);
|
||||||
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
|
if($report = $query->fetch()) {
|
||||||
|
$query = prepare("DELETE FROM `reports` WHERE `post` = :post");
|
||||||
|
$query->bindValue(':post', $report['post'], PDO::PARAM_INT);
|
||||||
|
$query->execute() or error(db_error($query));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Redirect
|
||||||
|
if(isset($_SERVER['HTTP_REFERER']))
|
||||||
|
header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
|
||||||
|
else
|
||||||
|
header('Location: ?/reports', true, $config['redirect_http']);
|
||||||
} elseif(preg_match('/^\/bans$/', $query)) {
|
} elseif(preg_match('/^\/bans$/', $query)) {
|
||||||
if($mod['type'] < $config['mod']['view_banlist']) error($config['error']['noaccess']);
|
if($mod['type'] < $config['mod']['view_banlist']) error($config['error']['noaccess']);
|
||||||
|
|
||||||
|
54
post.php
54
post.php
@ -79,6 +79,60 @@
|
|||||||
|
|
||||||
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
||||||
|
|
||||||
|
} elseif(isset($_POST['report'])) {
|
||||||
|
if( !isset($_POST['board']) ||
|
||||||
|
!isset($_POST['password']) ||
|
||||||
|
!isset($_POST['reason'])
|
||||||
|
)
|
||||||
|
error($config['error']['bot']);
|
||||||
|
|
||||||
|
$report = Array();
|
||||||
|
foreach($_POST as $post => $value) {
|
||||||
|
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
|
||||||
|
$report[] = (int)$m[1];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
sql_open();
|
||||||
|
|
||||||
|
// Check if banned
|
||||||
|
checkBan();
|
||||||
|
|
||||||
|
if($config['block_tor'] && isTor())
|
||||||
|
error($config['error']['tor']);
|
||||||
|
|
||||||
|
// Check if board exists
|
||||||
|
if(!openBoard($_POST['board']))
|
||||||
|
error($config['error']['noboard']);
|
||||||
|
|
||||||
|
if(empty($report))
|
||||||
|
error($config['error']['noreport']);
|
||||||
|
|
||||||
|
if(count($report) > $config['report_limit'])
|
||||||
|
error($config['error']['toomanyreports']);
|
||||||
|
|
||||||
|
foreach($report as &$id) {
|
||||||
|
$query = prepare(sprintf("SELECT 1 FROM `posts_%s` WHERE `id` = :id", $board['uri']));
|
||||||
|
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
||||||
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
|
if($post = $query->fetch()) {
|
||||||
|
$query = prepare("INSERT INTO `reports` VALUES (NULL, :time, :ip, :board, :post, :reason)");
|
||||||
|
$query->bindValue(':time', time(), PDO::PARAM_INT);
|
||||||
|
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
|
||||||
|
$query->bindValue(':board', $board['id'], PDO::PARAM_INT);
|
||||||
|
$query->bindValue(':post', $id, PDO::PARAM_INT);
|
||||||
|
$query->bindValue(':reason', htmlentities($_POST['reason']), PDO::PARAM_STR);
|
||||||
|
$query->execute() or error(db_error($query));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
sql_close();
|
||||||
|
|
||||||
|
$is_mod = isset($_POST['mod']) && $_POST['mod'];
|
||||||
|
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
|
||||||
|
|
||||||
|
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
||||||
} elseif(isset($_POST['post'])) {
|
} elseif(isset($_POST['post'])) {
|
||||||
if( !isset($_POST['name']) ||
|
if( !isset($_POST['name']) ||
|
||||||
!isset($_POST['email']) ||
|
!isset($_POST['email']) ||
|
||||||
|
@ -93,15 +93,19 @@
|
|||||||
</form>
|
</form>
|
||||||
<hr/>
|
<hr/>
|
||||||
<form action="{post_url}" method="post">
|
<form action="{post_url}" method="post">
|
||||||
<input type="hidden" name="delete" value="1" />
|
|
||||||
<input type="hidden" name="board" value="{board[uri]}" />
|
<input type="hidden" name="board" value="{board[uri]}" />
|
||||||
{mod?<input type="hidden" name="mod" value="1" />}
|
{mod?<input type="hidden" name="mod" value="1" />}
|
||||||
{body}
|
{body}
|
||||||
<div class="delete">
|
<div class="delete">
|
||||||
Delete Post [<input title="Delete file only" type="checkbox" name="file" id="delete_file"/>
|
Delete Post [<input title="Delete file only" type="checkbox" name="file" id="delete_file"/>
|
||||||
<label for="delete_file">File</label>] Password
|
<label for="delete_file">File</label>] <label for="password">Password</label>
|
||||||
<input type="password" name="password" size="12" maxlength="18" />
|
<input id="password"type="password" name="password" size="12" maxlength="18" />
|
||||||
<input type="submit" value="Delete" />
|
<input type="submit" name="delete" value="Delete" />
|
||||||
|
</div>
|
||||||
|
<div class="delete" style="clear:both">
|
||||||
|
<label for="reason">Reason</label>
|
||||||
|
<input id="reason" type="text" name="reason" size="20" maxlength="30" />
|
||||||
|
<input type="submit" name="report" value="Report" />
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<div class="pages">{btn[prev]} {pages:
|
<div class="pages">{btn[prev]} {pages:
|
||||||
|
@ -85,15 +85,19 @@
|
|||||||
</form>
|
</form>
|
||||||
<hr/>
|
<hr/>
|
||||||
<form action="{post_url}" method="post">
|
<form action="{post_url}" method="post">
|
||||||
<input type="hidden" name="delete" value="1" />
|
|
||||||
<input type="hidden" name="board" value="{board[uri]}" />
|
<input type="hidden" name="board" value="{board[uri]}" />
|
||||||
{mod?<input type="hidden" name="mod" value="1" />}
|
{mod?<input type="hidden" name="mod" value="1" />}
|
||||||
{body}
|
{body}
|
||||||
<div class="delete">
|
<div class="delete">
|
||||||
Delete Post [<input title="Delete file only" type="checkbox" name="file" id="delete_file"/>
|
Delete Post [<input title="Delete file only" type="checkbox" name="file" id="delete_file"/>
|
||||||
<label for="delete_file">File</label>] Password
|
<label for="delete_file">File</label>] <label for="password">Password</label>
|
||||||
<input type="password" name="password" size="12" maxlength="18" />
|
<input id="password"type="password" name="password" size="12" maxlength="18" />
|
||||||
<input type="submit" value="Delete" />
|
<input type="submit" name="delete" value="Delete" />
|
||||||
|
</div>
|
||||||
|
<div class="delete" style="clear:both">
|
||||||
|
<label for="reason">Reason</label>
|
||||||
|
<input id="reason" type="text" name="reason" size="20" maxlength="30" />
|
||||||
|
<input type="submit" name="report" value="Report" />
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<a href="{return}">[Return.]</a>
|
<a href="{return}">[Return.]</a>
|
||||||
|
Loading…
Reference in New Issue
Block a user