Browse Source

Reports/report queue

pull/40/head
Savetheinternet 12 years ago
parent
commit
ce18d43bcd
  1. 11
      inc/config.php
  2. 4
      inc/functions.php
  3. 84
      mod.php
  4. 54
      post.php
  5. 12
      templates/index.html
  6. 12
      templates/thread.html

11
inc/config.php

@ -100,6 +100,8 @@
$config['error']['tor'] = 'Hmm… That looks like a Tor exit node.';
$config['error']['toomanylinks'] = 'Too many links; flood detected.';
$config['error']['nodelete'] = 'You didn\'t select anything to delete.';
$config['error']['noreport'] = 'You didn\'t select anything to report.';
$config['error']['toomanyreports'] = 'You can\'t report that many posts at once.';
$config['error']['invalidpassword'] = 'Wrong password…';
$config['error']['invalidimg'] = 'Invalid image.';
$config['error']['filesize'] = 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes';
@ -120,6 +122,9 @@
$config['error']['invalidpost'] = 'That post doesn\'t exist…';
$config['error']['404'] = 'Page not found.';
// How many reports you can create in the same request.
$config['report_limit'] = 2;
// Reply limit (deletes thread when this is reached)
$config['reply_limit'] = 250;
@ -264,6 +269,12 @@
/* Administration */
// Display the contents of instance-config.php
$config['mod']['show_config'] = ADMIN;
// View the report queue
$config['mod']['reports'] = JANITOR;
// Dismiss an abuse report
$config['mod']['report_dismiss'] = JANITOR;
// Dismiss all abuse reports by an IP
$config['mod']['report_dismiss_ip'] = JANITOR;
// View list of bans
$config['mod']['view_banlist'] = MOD;
// View the username of the mod who made a ban

4
inc/functions.php

@ -828,8 +828,8 @@
) == '127.0.0.2';
}
function ReverseIPOctets($inputip) {
$ipoc = explode('.', $inputip);
function ReverseIPOctets($ip) {
$ipoc = explode('.', $ip);
return $ipoc[3] . '.' . $ipoc[2] . '.' . $ipoc[1] . '.' . $ipoc[0];
}

84
mod.php

@ -80,6 +80,9 @@
// Boards
$fieldset['Boards'] .= ulBoards();
if($mod['type'] >= $config['mod']['reports']) {
$fieldset['Administration'] .= '<li><a href="?/reports">Report queue</a></li>';
}
if($mod['type'] >= $config['mod']['view_banlist']) {
$fieldset['Administration'] .= '<li><a href="?/bans">Ban list</a></li>';
}
@ -102,6 +105,87 @@
//,'mod'=>true /* All 'mod' does, at this point, is put the "Return to dashboard" link in. */
)
);
} elseif(preg_match('/^\/reports$/', $query)) {
$body = '';
$query = query("SELECT `reports`.*, `boards`.`uri` FROM `reports` INNER JOIN `boards` ON `board` = `boards`.`id` ORDER BY `time` DESC") or error(db_error());
if($query->rowCount() < 1)
$body = '(Empty.)';
else {
while($report = $query->fetch()) {
$p_query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `id` = :id", $report['uri']));
$p_query->bindValue(':id', $report['post'], PDO::PARAM_INT);
$p_query->execute() or error(db_error($query));
if(!$post = $p_query->fetch()) {
// Invalid report (post has since been deleted)
$p_query = prepare("DELETE FROM `reports` WHERE `post` = :id");
$p_query->bindValue(':id', $report['post'], PDO::PARAM_INT);
$p_query->execute() or error(db_error($query));
}
openBoard($report['uri']);
if(!$post['thread']) {
$po = new Thread($post['id'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $post['sticky'], $post['locked'], '?/', $mod, false);
} else {
$po = new Post($post['id'], $post['thread'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], '?/', $mod);
}
$po->body .=
'<div class="report">' .
'<hr/>' .
'Board: <a href="?/' . $report['uri'] . '/' . $config['file_index'] . '">' . sprintf($config['board_abbreviation'], $report['uri']) . '</a><br/>' .
'Reason: ' . $report['reason'] . '<br/>' .
'Reported by: <a href="?/IP/' . $report['ip'] . '">' . $report['ip'] . '</a><br/>' .
'<hr/>' .
($mod['type'] >= $config['mod']['report_dismiss'] ?
'<a title="Discard abuse report" href="?/reports/' . $report['id'] . '/dismiss">Dismiss</a> | ' : '') .
($mod['type'] >= $config['mod']['report_dismiss_ip'] ?
'<a title="Discard all abuse reports by this user" href="?/reports/' . $report['id'] . '/dismiss/all">Dismiss+</a>' : '') .
'</div>';
$body .= $po->build(true) . '<hr/>';
}
}
echo Element('page.html', Array(
'index'=>$config['root'],
'title'=>'Report queue',
'body'=>$body,
'mod'=>true
));
} elseif(preg_match('/^\/reports\/(\d+)\/dismiss(\/all)?$/', $query, $matches)) {
if(isset($matches[2]) && $matches[2] == '/all') {
if($mod['type'] < $config['mod']['report_dismiss_ip']) error($config['error']['noaccess']);
$query = prepare("SELECT `ip` FROM `reports` WHERE `id` = :id");
$query->bindValue(':id', $matches[1], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($report = $query->fetch()) {
$query = prepare("DELETE FROM `reports` WHERE `ip` = :ip");
$query->bindValue(':ip', $report['ip'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
} else {
if($mod['type'] < $config['mod']['report_dismiss']) error($config['error']['noaccess']);
$query = prepare("SELECT `post` FROM `reports` WHERE `id` = :id");
$query->bindValue(':id', $matches[1], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($report = $query->fetch()) {
$query = prepare("DELETE FROM `reports` WHERE `post` = :post");
$query->bindValue(':post', $report['post'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
}
// Redirect
if(isset($_SERVER['HTTP_REFERER']))
header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
else
header('Location: ?/reports', true, $config['redirect_http']);
} elseif(preg_match('/^\/bans$/', $query)) {
if($mod['type'] < $config['mod']['view_banlist']) error($config['error']['noaccess']);

54
post.php

@ -78,7 +78,61 @@
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['report'])) {
if( !isset($_POST['board']) ||
!isset($_POST['password']) ||
!isset($_POST['reason'])
)
error($config['error']['bot']);
$report = Array();
foreach($_POST as $post => $value) {
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
$report[] = (int)$m[1];
}
}
sql_open();
// Check if banned
checkBan();
if($config['block_tor'] && isTor())
error($config['error']['tor']);
// Check if board exists
if(!openBoard($_POST['board']))
error($config['error']['noboard']);
if(empty($report))
error($config['error']['noreport']);
if(count($report) > $config['report_limit'])
error($config['error']['toomanyreports']);
foreach($report as &$id) {
$query = prepare(sprintf("SELECT 1 FROM `posts_%s` WHERE `id` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($post = $query->fetch()) {
$query = prepare("INSERT INTO `reports` VALUES (NULL, :time, :ip, :board, :post, :reason)");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
$query->bindValue(':board', $board['id'], PDO::PARAM_INT);
$query->bindValue(':post', $id, PDO::PARAM_INT);
$query->bindValue(':reason', htmlentities($_POST['reason']), PDO::PARAM_STR);
$query->execute() or error(db_error($query));
}
}
sql_close();
$is_mod = isset($_POST['mod']) && $_POST['mod'];
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['post'])) {
if( !isset($_POST['name']) ||
!isset($_POST['email']) ||

12
templates/index.html

@ -93,15 +93,19 @@
</form>
<hr/>
<form action="{post_url}" method="post">
<input type="hidden" name="delete" value="1" />
<input type="hidden" name="board" value="{board[uri]}" />
{mod?<input type="hidden" name="mod" value="1" />}
{body}
<div class="delete">
Delete Post [<input title="Delete file only" type="checkbox" name="file" id="delete_file"/>
<label for="delete_file">File</label>] Password
<input type="password" name="password" size="12" maxlength="18" />
<input type="submit" value="Delete" />
<label for="delete_file">File</label>] <label for="password">Password</label>
<input id="password"type="password" name="password" size="12" maxlength="18" />
<input type="submit" name="delete" value="Delete" />
</div>
<div class="delete" style="clear:both">
<label for="reason">Reason</label>
<input id="reason" type="text" name="reason" size="20" maxlength="30" />
<input type="submit" name="report" value="Report" />
</div>
</form>
<div class="pages">{btn[prev]} {pages:

12
templates/thread.html

@ -85,15 +85,19 @@
</form>
<hr/>
<form action="{post_url}" method="post">
<input type="hidden" name="delete" value="1" />
<input type="hidden" name="board" value="{board[uri]}" />
{mod?<input type="hidden" name="mod" value="1" />}
{body}
<div class="delete">
Delete Post [<input title="Delete file only" type="checkbox" name="file" id="delete_file"/>
<label for="delete_file">File</label>] Password
<input type="password" name="password" size="12" maxlength="18" />
<input type="submit" value="Delete" />
<label for="delete_file">File</label>] <label for="password">Password</label>
<input id="password"type="password" name="password" size="12" maxlength="18" />
<input type="submit" name="delete" value="Delete" />
</div>
<div class="delete" style="clear:both">
<label for="reason">Reason</label>
<input id="reason" type="text" name="reason" size="20" maxlength="30" />
<input type="submit" name="report" value="Report" />
</div>
</form>
<a href="{return}">[Return.]</a>

Loading…
Cancel
Save