347 lines
12 KiB
PHP
347 lines
12 KiB
PHP
<?php
|
|
namespace Misuzu;
|
|
|
|
use stdClass;
|
|
use RuntimeException;
|
|
|
|
$urls = $msz->getURLs();
|
|
$forumCtx = $msz->getForumContext();
|
|
$forumCategories = $forumCtx->getCategories();
|
|
$forumTopics = $forumCtx->getTopics();
|
|
$forumTopicRedirects = $forumCtx->getTopicRedirects();
|
|
$forumPosts = $forumCtx->getPosts();
|
|
$usersCtx = $msz->getUsersContext();
|
|
|
|
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
|
$topicId = !empty($_GET['t']) && is_string($_GET['t']) ? (int)$_GET['t'] : 0;
|
|
$categoryId = null;
|
|
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
|
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
|
|
|
|
$authInfo = $msz->getAuthInfo();
|
|
$currentUser = $authInfo->getUserInfo();
|
|
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
|
|
|
if($topicId < 1 && $postId > 0) {
|
|
try {
|
|
$postInfo = $forumPosts->getPost(postId: $postId);
|
|
} catch(RuntimeException $ex) {
|
|
Template::throwError(404);
|
|
}
|
|
|
|
$categoryId = $postInfo->getCategoryId();
|
|
$perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
|
|
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
|
|
|
|
if($postInfo->isDeleted() && !$canDeleteAny)
|
|
Template::throwError(404);
|
|
|
|
$topicId = $postInfo->getTopicId();
|
|
$preceedingPostCount = $forumPosts->countPosts(
|
|
topicInfo: $topicId,
|
|
upToPostInfo: $postInfo,
|
|
deleted: $canDeleteAny ? null : false
|
|
);
|
|
}
|
|
|
|
try {
|
|
$topicIsNuked = $topicIsDeleted = $canDeleteAny = false;
|
|
$topicInfo = $forumTopics->getTopic(topicId: $topicId);
|
|
} catch(RuntimeException $ex) {
|
|
$topicIsNuked = true;
|
|
}
|
|
|
|
if(!$topicIsNuked) {
|
|
$topicIsDeleted = $topicInfo->isDeleted();
|
|
|
|
if($categoryId !== (int)$topicInfo->getCategoryId()) {
|
|
$categoryId = (int)$topicInfo->getCategoryId();
|
|
$perms = $authInfo->getPerms('forum', $topicInfo->getCategoryId());
|
|
}
|
|
|
|
if($usersCtx->hasActiveBan($currentUser))
|
|
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
|
|
|
|
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
|
|
}
|
|
|
|
if($topicIsNuked || $topicIsDeleted) {
|
|
if($forumTopicRedirects->hasTopicRedirect($topicId)) {
|
|
$topicRedirectInfo = $forumTopicRedirects->getTopicRedirect($topicId);
|
|
Template::set('topic_redir_info', $topicRedirectInfo);
|
|
|
|
if($topicIsNuked || !$canDeleteAny) {
|
|
header('Location: ' . $topicRedirectInfo->getLinkTarget());
|
|
return;
|
|
}
|
|
}
|
|
|
|
if(empty($topicRedirectInfo))
|
|
Template::throwError(404);
|
|
}
|
|
|
|
if(!$perms->check(Perm::F_CATEGORY_VIEW))
|
|
Template::throwError(403);
|
|
|
|
// Maximum amount of posts a topic may contain to still be deletable by the author
|
|
// this should be in the config
|
|
$deletePostThreshold = 1;
|
|
|
|
$categoryInfo = $forumCategories->getCategory(topicInfo: $topicInfo);
|
|
$topicIsLocked = $topicInfo->isLocked();
|
|
$topicIsArchived = $categoryInfo->isArchived();
|
|
$topicPostsTotal = $topicInfo->getTotalPostsCount();
|
|
$topicIsFrozen = $topicIsArchived || $topicIsDeleted;
|
|
$canDeleteOwn = !$topicIsFrozen && !$topicIsLocked && $perms->check(Perm::F_POST_DELETE_OWN);
|
|
$canBumpTopic = !$topicIsFrozen && $perms->check(Perm::F_TOPIC_BUMP);
|
|
$canLockTopic = !$topicIsFrozen && $perms->check(Perm::F_TOPIC_LOCK);
|
|
$canNukeOrRestore = $canDeleteAny && $topicIsDeleted;
|
|
$canDelete = !$topicIsDeleted && (
|
|
$canDeleteAny || (
|
|
$topicPostsTotal > 0
|
|
&& $topicPostsTotal <= $deletePostThreshold
|
|
&& $canDeleteOwn
|
|
&& $topicInfo->getUserId() === (string)$currentUserId
|
|
)
|
|
);
|
|
|
|
$validModerationModes = [
|
|
'delete', 'restore', 'nuke',
|
|
'bump', 'lock', 'unlock',
|
|
];
|
|
|
|
if(in_array($moderationMode, $validModerationModes, true)) {
|
|
if(!CSRF::validateRequest())
|
|
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
|
|
|
|
$authInfo = $authInfo;
|
|
if(!$authInfo->isLoggedIn())
|
|
Template::displayInfo('You must be logged in to manage posts.', 401);
|
|
|
|
if($usersCtx->hasActiveBan($currentUser))
|
|
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
|
|
|
switch($moderationMode) {
|
|
case 'delete':
|
|
if($canDeleteAny) {
|
|
if($topicInfo->isDeleted())
|
|
Template::displayInfo('This topic has already been marked as deleted.', 404);
|
|
} else {
|
|
if($topicInfo->isDeleted())
|
|
Template::throwError(404);
|
|
|
|
if(!$canDeleteOwn)
|
|
Template::displayInfo("You aren't allowed to delete topics.", 403);
|
|
|
|
if($topicInfo->getUserId() !== $currentUser->getId())
|
|
Template::displayInfo('You can only delete your own topics.', 403);
|
|
|
|
// topics may only be deleted within a day of creation, this should be a config value
|
|
$deleteTimeFrame = 60 * 60 * 24;
|
|
if($topicInfo->getCreatedTime() < time() - $deleteTimeFrame)
|
|
Template::displayInfo('This topic has existed for too long. Ask a moderator to remove if it absolutely necessary.', 403);
|
|
|
|
// deleted posts are intentionally included
|
|
$topicPostCount = $forumPosts->countPosts(topicInfo: $topicInfo);
|
|
if($topicPostCount > $deletePostThreshold)
|
|
Template::displayInfo('This topic already has replies, you may no longer delete it. Ask a moderator to remove if it absolutely necessary.', 403);
|
|
}
|
|
|
|
if(!isset($_GET['confirm'])) {
|
|
Template::render('forum.confirm', [
|
|
'title' => 'Confirm topic deletion',
|
|
'class' => 'far fa-trash-alt',
|
|
'message' => sprintf('You are about to delete topic #%d. Are you sure about that?', $topicInfo->getId()),
|
|
'params' => [
|
|
't' => $topicInfo->getId(),
|
|
'm' => 'delete',
|
|
],
|
|
]);
|
|
break;
|
|
} elseif(!$submissionConfirmed) {
|
|
Tools::redirect($urls->format(
|
|
'forum-topic',
|
|
['topic' => $topicInfo->getId()]
|
|
));
|
|
break;
|
|
}
|
|
|
|
$forumTopics->deleteTopic($topicInfo->getId());
|
|
$msz->createAuditLog('FORUM_TOPIC_DELETE', [$topicInfo->getId()]);
|
|
|
|
Tools::redirect($urls->format('forum-category', [
|
|
'forum' => $categoryInfo->getId(),
|
|
]));
|
|
break;
|
|
|
|
case 'restore':
|
|
if(!$canNukeOrRestore)
|
|
Template::throwError(403);
|
|
|
|
if(!isset($_GET['confirm'])) {
|
|
Template::render('forum.confirm', [
|
|
'title' => 'Confirm topic restore',
|
|
'class' => 'fas fa-magic',
|
|
'message' => sprintf('You are about to restore topic #%d. Are you sure about that?', $topicInfo->getId()),
|
|
'params' => [
|
|
't' => $topicInfo->getId(),
|
|
'm' => 'restore',
|
|
],
|
|
]);
|
|
break;
|
|
} elseif(!$submissionConfirmed) {
|
|
Tools::redirect($urls->format('forum-topic', [
|
|
'topic' => $topicInfo->getId(),
|
|
]));
|
|
break;
|
|
}
|
|
|
|
$forumTopics->restoreTopic($topicInfo->getId());
|
|
$msz->createAuditLog('FORUM_TOPIC_RESTORE', [$topicInfo->getId()]);
|
|
|
|
Tools::redirect($urls->format('forum-category', [
|
|
'forum' => $categoryInfo->getId(),
|
|
]));
|
|
break;
|
|
|
|
case 'nuke':
|
|
if(!$canNukeOrRestore)
|
|
Template::throwError(403);
|
|
|
|
if(!isset($_GET['confirm'])) {
|
|
Template::render('forum.confirm', [
|
|
'title' => 'Confirm topic nuke',
|
|
'class' => 'fas fa-radiation',
|
|
'message' => sprintf('You are about to PERMANENTLY DELETE topic #%d. Are you sure about that?', $topicInfo->getId()),
|
|
'params' => [
|
|
't' => $topicInfo->getId(),
|
|
'm' => 'nuke',
|
|
],
|
|
]);
|
|
break;
|
|
} elseif(!$submissionConfirmed) {
|
|
Tools::redirect($urls->format('forum-topic', [
|
|
'topic' => $topicInfo->getId(),
|
|
]));
|
|
break;
|
|
}
|
|
|
|
$forumTopics->nukeTopic($topicInfo->getId());
|
|
$msz->createAuditLog('FORUM_TOPIC_NUKE', [$topicInfo->getId()]);
|
|
|
|
Tools::redirect($urls->format('forum-category', [
|
|
'forum' => $categoryInfo->getId(),
|
|
]));
|
|
break;
|
|
|
|
case 'bump':
|
|
if($canBumpTopic) {
|
|
$forumTopics->bumpTopic($topicInfo->getId());
|
|
$msz->createAuditLog('FORUM_TOPIC_BUMP', [$topicInfo->getId()]);
|
|
}
|
|
|
|
Tools::redirect($urls->format('forum-topic', [
|
|
'topic' => $topicInfo->getId(),
|
|
]));
|
|
break;
|
|
|
|
case 'lock':
|
|
if($canLockTopic && !$topicIsLocked) {
|
|
$forumTopics->lockTopic($topicInfo->getId());
|
|
$msz->createAuditLog('FORUM_TOPIC_LOCK', [$topicInfo->getId()]);
|
|
}
|
|
|
|
Tools::redirect($urls->format('forum-topic', [
|
|
'topic' => $topicInfo->getId(),
|
|
]));
|
|
break;
|
|
|
|
case 'unlock':
|
|
if($canLockTopic && $topicIsLocked) {
|
|
$forumTopics->unlockTopic($topicInfo->getId());
|
|
$msz->createAuditLog('FORUM_TOPIC_UNLOCK', [$topicInfo->getId()]);
|
|
}
|
|
|
|
Tools::redirect($urls->format('forum-topic', [
|
|
'topic' => $topicInfo->getId(),
|
|
]));
|
|
break;
|
|
}
|
|
return;
|
|
}
|
|
|
|
$topicPosts = $topicInfo->getPostsCount();
|
|
if($canDeleteAny)
|
|
$topicPosts += $topicInfo->getDeletedPostsCount();
|
|
|
|
$topicPagination = new Pagination($topicPosts, 10, 'page');
|
|
|
|
if(isset($preceedingPostCount))
|
|
$topicPagination->setPage(floor($preceedingPostCount / $topicPagination->getRange()), true);
|
|
|
|
if(!$topicPagination->hasValidOffset())
|
|
Template::throwError(404);
|
|
|
|
$postInfos = $forumPosts->getPosts(
|
|
topicInfo: $topicInfo,
|
|
deleted: $perms->check(Perm::F_POST_DELETE_ANY) ? null : false,
|
|
pagination: $topicPagination,
|
|
);
|
|
|
|
if(empty($postInfos))
|
|
Template::throwError(404);
|
|
|
|
try {
|
|
$originalPostInfo = $forumPosts->getPost(topicInfo: $topicInfo);
|
|
} catch(RuntimeException $ex) {
|
|
Template::throwError(404);
|
|
}
|
|
|
|
$posts = [];
|
|
|
|
foreach($postInfos as $postInfo) {
|
|
$posts[] = $post = new stdClass;
|
|
$post->info = $postInfo;
|
|
|
|
if($postInfo->hasUserId()) {
|
|
$post->user = $usersCtx->getUserInfo($postInfo->getUserId());
|
|
$post->colour = $usersCtx->getUserColour($post->user);
|
|
$post->postsCount = $forumCtx->countTotalUserPosts($post->user);
|
|
}
|
|
|
|
$post->isOriginalPost = $originalPostInfo->getId() == $postInfo->getId();
|
|
$post->isOriginalPoster = $originalPostInfo->hasUserId() && $postInfo->hasUserId()
|
|
&& $originalPostInfo->getUserId() === $postInfo->getUserId();
|
|
}
|
|
|
|
$canReply = !$topicIsArchived && !$topicIsLocked && !$topicIsDeleted && $perms->check(Perm::F_POST_CREATE);
|
|
|
|
if(!$forumTopics->checkUserHasReadTopic($currentUser, $topicInfo))
|
|
$forumTopics->incrementTopicViews($topicInfo);
|
|
|
|
$forumTopics->updateUserReadTopic($currentUser, $topicInfo);
|
|
|
|
$perms = $perms->checkMany([
|
|
'can_create_post' => Perm::F_POST_CREATE,
|
|
'can_edit_post' => Perm::F_POST_EDIT_OWN,
|
|
'can_edit_any_post' => Perm::F_POST_EDIT_ANY,
|
|
'can_delete_post' => Perm::F_POST_DELETE_OWN,
|
|
'can_delete_any_post' => Perm::F_POST_DELETE_ANY,
|
|
]);
|
|
|
|
Template::render('forum.topic', [
|
|
'topic_breadcrumbs' => iterator_to_array($forumCategories->getCategoryAncestry($topicInfo)),
|
|
'global_accent_colour' => $forumCategories->getCategoryColour($topicInfo),
|
|
'topic_info' => $topicInfo,
|
|
'category_info' => $categoryInfo,
|
|
'topic_posts' => $posts,
|
|
'can_reply' => $canReply,
|
|
'topic_pagination' => $topicPagination,
|
|
'topic_can_delete' => $canDelete,
|
|
'topic_can_nuke_or_restore' => $canNukeOrRestore,
|
|
'topic_can_bump' => $canBumpTopic,
|
|
'topic_can_lock' => $canLockTopic,
|
|
'topic_user_id' => $currentUserId,
|
|
'topic_perms' => $perms,
|
|
]);
|