-
Notifications
You must be signed in to change notification settings - Fork 35
/
report.php
177 lines (156 loc) · 5.72 KB
/
report.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
<?php
define('INSIDE', true);
$_AllowInVacationMode = true;
$_EnginePath = './';
include($_EnginePath.'common.php');
loggedCheck();
$AllowedTypes = array('user_badmsg', 'user_bash', 'user_push', 'user_other', 'sys_badmsg', 'sys_error', 'mail_smtp', 'other', 'user_badmsg_chat');
$TypesFlip = array_flip($AllowedTypes);
$NeedUsername = array('user_badmsg', 'user_bash', 'user_push', 'user_other', 'user_badmsg_chat');
$NeedAddInfo = array('user_bash', 'user_push', 'user_other', 'sys_badmsg', 'sys_error', 'mail_smtp', 'other');
$NeedElement = array('user_badmsg', 'sys_badmsg', 'user_badmsg_chat');
$CanHaveUsername = array('other');
includeLang('report');
$Parse = $_Lang;
$PageTPL = gettemplate('report');
if(isset($_POST['mode']) && $_POST['mode'] == 'send_report')
{
$Sent = false;
if(!isset($_POST['type']) || !in_array($_POST['type'], $AllowedTypes))
{
$ShowMSG = $_Lang['Error_badtype'];
}
else
{
$ReportType = $_POST['type'];
if($ReportType != 1 && $ReportType != 9)
{
$Parse['Input_HideType1'] = ' disabled';
$Parse['select_type_'.$AllowedTypes[0]] = '';
}
$UserID = '0';
$IsUsernameNeeded = in_array($ReportType, $NeedUsername);
if(!empty($_POST['reported_username']) || $IsUsernameNeeded)
{
if($IsUsernameNeeded)
{
$AllowGo = false;
}
if($IsUsernameNeeded && empty($_POST['reported_username']))
{
$ShowMSG = $_Lang['Error_nousername'];
}
else
{
if(!preg_match(REGEXP_USERNAME_ABSOLUTE, $_POST['reported_username']))
{
$ShowMSG = $_Lang['Error_username_signs'];
$AllowGo = false;
}
else
{
$CheckUser = doquery("SELECT `id` FROM {{table}} WHERE `username` = '{$_POST['reported_username']}' LIMIT 1;", 'users', true);
if($CheckUser['id'] <= 0)
{
$ShowMSG = $_Lang['Error_user_noexists'];
$AllowGo = false;
}
else
{
$UserID = $CheckUser['id'];
$AllowGo = true;
}
}
}
}
if($AllowGo !== false)
{
if(in_array($ReportType, $NeedAddInfo) AND empty($_POST['user_info']))
{
$ShowMSG = $_Lang['Error_no_info_given'];
}
else
{
$ElementID = round($_POST['eid']);
if(empty($ElementID))
{
$ElementID = '0';
}
if(in_array($ReportType, $NeedElement) AND $ElementID <= 0)
{
$ShowMSG = $_Lang['Error_no_element_given'];
}
else
{
if($UserID > 0 AND !in_array($ReportType, $NeedUsername) AND !in_array($ReportType, $CanHaveUsername))
{
$UserID = '0';
}
if($ElementID > 0 AND !in_array($ReportType, $NeedElement))
{
$ElementID = '0';
}
$UserInput_userinfo = getDBLink()->escape_string(
strip_tags(stripslashes(trim($_POST['user_info'])))
);
$Query_SendReport = '';
$Query_SendReport .= "INSERT INTO {{table}} SET ";
$Query_SendReport .= "`date` = UNIX_TIMESTAMP(), ";
$Query_SendReport .= "`sender_id` = {$_User['id']}, ";
$Query_SendReport .= "`report_type` = ".($TypesFlip[$ReportType] + 1).", ";
$Query_SendReport .= "`report_element` = {$ElementID}, ";
$Query_SendReport .= "`report_user` = {$UserID}, ";
$Query_SendReport .= "`user_info` = '". $UserInput_userinfo ."';";
doquery($Query_SendReport, 'reports');
$Sent = true;
}
}
}
}
if($Sent === false)
{
$Parse['post_user_info'] = $_POST['user_info'];
$Parse['post_reported_username'] = $_POST['reported_username'];
$Parse['post_eid'] = $_POST['eid'];
$Parse['select_type_'.$ReportType] = 'selected';
$Parse['Report_send_result'] = '<br/><span class="red">'.$ShowMSG.'</span><br/> ';
}
else
{
$Parse['Report_send_result'] = '<br/><span class="lime">'.$_Lang['Report_sent'].'</span><br/> ';
}
}
else
{
if(!empty($_GET['eid']))
{
$Parse['get_eid'] = round($_GET['eid']);
}
if(!empty($_GET['uid']))
{
$UID = intval($_GET['uid']);
$SelectUIDData = doquery("SELECT `username` FROM {{table}} WHERE `id` = {$UID} LIMIT 1;", 'users', true);
if(!empty($SelectUIDData['username']))
{
$Parse['get_uid'] = $SelectUIDData['username'];
}
}
$Type = 0;
if(!empty($_GET['type']))
{
$Type = intval($_GET['type']);
$Parse['select_type_'.$AllowedTypes[($Type - 1)]] = 'selected';
}
if(!empty($_GET['info']))
{
$Parse['post_user_info'] = $_GET['info'];
}
if(($Type != 1 && $Type != 9) || $Parse['get_eid'] <= 0)
{
$Parse['Input_HideType1'] = ' disabled';
$Parse['select_type_'.$AllowedTypes[0]] = '';
}
}
$Page = parsetemplate($PageTPL, $Parse);
display($Page, $_Lang['Title'], false);
?>