| [ PHPXref.com ] | [ Generated: Sun Jul 20 20:57:59 2008 ] | [ vtiger Forums 1.1 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 3 /*************************************************************************** 4 * merge.php 5 * --------- 6 * begin : 12/07/2003 7 * copyright : Ptirhiik 8 * email : admin@rpgnet-fr.com 9 * 10 * version : 0.0.6 - 22/10/2003 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23 define('IN_PHPBB', true); 24 $phpbb_root_path = './'; 25 include ($phpbb_root_path . 'extension.inc'); 26 include($phpbb_root_path . 'common.'.$phpEx); 27 include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); 28 include_once($phpbb_root_path . 'includes/functions_topics_list.' . $phpEx); 29 30 // function block 31 function get_topic_id($topic) 32 { 33 global $db; 34 $topic_id = 0; 35 36 // is this a direct value ? 37 $num_topic = intval($topic); 38 if ($topic == "$num_topic") 39 { 40 $topic_id = intval($topic); 41 } 42 43 // is it an url with topic id or post id ? 44 else 45 { 46 $name = explode('?', $topic); 47 $parms = ( isset($name[1]) ) ? $name[1] : $name[0]; 48 parse_str($parms, $parm); 49 $found = false; 50 $topic_id = 0; 51 while ((list($key, $val) = each($parm)) && !$found) 52 { 53 $vals = explode('#', $val); 54 $val = $vals[0]; 55 if (empty($val)) $val = 0; 56 switch($key) 57 { 58 case POST_POST_URL: 59 $sql = "SELECT topic_id FROM " . POSTS_TABLE . " WHERE post_id=$val"; 60 if ( !($result = $db->sql_query($sql)) ) message_die(GENERAL_ERROR, 'Could not get post informations', '', __LINE__, __FILE__, $sql); 61 if ($row = $db->sql_fetchrow($result)) 62 { 63 $val = $row['topic_id']; 64 $found = true; 65 } 66 break; 67 case POST_TOPIC_URL: 68 $found = true; 69 break; 70 } 71 if ($found) 72 { 73 $topic_id = intval($val); 74 } 75 } 76 } 77 78 return $topic_id; 79 } 80 81 // 82 // Start session management 83 // 84 $userdata = session_pagestart($user_ip, PAGE_INDEX); 85 init_userprefs($userdata); 86 // 87 // End session management 88 // 89 90 // check if user is a moderator or an admin 91 if (($userdata['user_level'] != MOD) && ($userdata['user_level'] != ADMIN)) 92 { 93 message_die(GENERAL_MESSAGE, $lang['Not_Authorised']); 94 } 95 96 // from topic 97 $from_topic = isset($HTTP_POST_VARS['from_topic']) ? strtolower(trim(htmlspecialchars($HTTP_POST_VARS['from_topic']))) : ''; 98 if (empty($from_topic) && (isset($HTTP_GET_VARS[POST_TOPIC_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]))) 99 { 100 $from_topic = (isset($HTTP_GET_VARS[POST_TOPIC_URL])) ? intval($HTTP_GET_VARS[POST_TOPIC_URL]) : POST_POST_URL . '=' . intval($HTTP_GET_VARS[POST_POST_URL]); 101 } 102 $from_topic_id = get_topic_id($from_topic); 103 104 // to topic 105 $to_topic = isset($HTTP_POST_VARS['to_topic']) ? strtolower(trim(htmlspecialchars($HTTP_POST_VARS['to_topic']))) : ''; 106 $to_topic_id = get_topic_id($to_topic); 107 108 // topic title 109 $topic_title = ''; 110 if (isset($HTTP_POST_VARS['topic_title'])) $topic_title = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['topic_title']))); 111 112 // start 113 if (isset($HTTP_POST_VARS['start'])) $start = intval($start); 114 115 // buttons 116 $submit = isset($HTTP_POST_VARS['submit']); 117 $confirm = isset($HTTP_POST_VARS['confirm']); 118 $cancel = isset($HTTP_POST_VARS['cancel']); 119 $shadow = isset($HTTP_POST_VARS['shadow']); 120 if ($cancel) $submit = false; 121 $select_from = isset($HTTP_POST_VARS['select_from']); 122 $select_to = isset($HTTP_POST_VARS['select_to']); 123 $page_prec = isset($HTTP_POST_VARS['page_prec']); 124 $page_next = isset($HTTP_POST_VARS['page_next']); 125 126 // check if a selection has been made 127 $topic_selected = 0; 128 if (isset($HTTP_POST_VARS['topic_selected'])) 129 { 130 $topic_selected = intval(substr($HTTP_POST_VARS['topic_selected'],1)); 131 } 132 133 if ($submit && !empty($topic_selected)) 134 { 135 $submit = false; 136 if ($select_from) 137 { 138 $from_topic = $topic_selected; 139 $from_topic_id = $topic_selected; 140 } 141 if ($select_to) 142 { 143 $to_topic = $topic_selected; 144 $to_topic_id = $topic_selected; 145 } 146 $select_from = false; 147 $select_to = false; 148 } 149 150 // session id 151 $sid = ''; 152 if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid'])) 153 { 154 $sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid']; 155 } 156 157 // titles 158 $from_title = ''; 159 if (!empty($from_topic_id)) 160 { 161 $sql = "SELECT topic_title FROM " . TOPICS_TABLE . " WHERE topic_id=$from_topic_id"; 162 if ( !($result = $db->sql_query($sql)) ) message_die(GENERAL_ERROR, 'Could not get from-topic informations', '', __LINE__, __FILE__, $sql); 163 if ($row = $db->sql_fetchrow($result)) 164 { 165 $from_title = $row['topic_title']; 166 } 167 } 168 $to_title = ''; 169 if (!empty($to_topic_id)) 170 { 171 $sql = "SELECT topic_title FROM " . TOPICS_TABLE . " WHERE topic_id=$to_topic_id"; 172 if ( !($result = $db->sql_query($sql)) ) message_die(GENERAL_ERROR, 'Could not get to-topic informations', '', __LINE__, __FILE__, $sql); 173 if ($row = $db->sql_fetchrow($result)) 174 { 175 $to_title = $row['topic_title']; 176 } 177 } 178 179 // forum_id 180 $forum_id = 0; 181 if (isset($HTTP_POST_VARS[POST_FORUM_URL]) || isset($HTTP_GET_VARS[POST_FORUM_URL])) 182 { 183 $forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? intval($HTTP_POST_VARS[POST_FORUM_URL]) : intval($HTTP_GET_VARS[POST_FORUM_URL]); 184 } 185 if (isset($HTTP_POST_VARS['fid']) || isset($HTTP_GET_VARS['fid'])) 186 { 187 $fid = (isset($HTTP_POST_VARS['fid'])) ? $HTTP_POST_VARS['fid'] : $HTTP_GET_VARS['fid']; 188 if (substr($fid, 0, 1) == POST_FORUM_URL) 189 { 190 $forum_id = intval(substr($fid, 1)); 191 } 192 } 193 194 // selection 195 if (($select_from || $select_to) && (!$cancel)) 196 { 197 // get the list of forums 198 if (function_exists(selectbox)) 199 { 200 $list_forums = selectbox('fid', false, POST_FORUM_URL . $forum_id); 201 } 202 else 203 { 204 $list_forums = make_forum_select(POST_FORUM_URL, false, $forum_id); 205 } 206 207 // how many record in the forum 208 $nbpages = 0; 209 $per_page = intval($board_config['topics_per_page']); 210 211 $sql_merge = "SELECT t.*, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_username, p2.post_username AS post_username2, p2.post_time 212 FROM " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2, " . USERS_TABLE . " u2 213 WHERE t.forum_id = $forum_id 214 AND t.topic_poster = u.user_id 215 AND p.post_id = t.topic_first_post_id 216 AND p2.post_id = t.topic_last_post_id 217 AND u2.user_id = p2.poster_id 218 AND topic_status <> " . TOPIC_MOVED; 219 220 if ( !empty($forum_id) ) 221 { 222 $sql = $sql_merge; 223 if ( !$result = $db->sql_query($sql) ) 224 { 225 message_die(GENERAL_ERROR, 'Could not get topics informations', '', __LINE__, __FILE__, $sql); 226 } 227 $nbitems = $db->sql_numrows($result); 228 $nbpages = floor( ($nbitems-1) / $per_page )+1; 229 } 230 231 // change current page 232 if ($page_prec && ($start > 0)) $start--; 233 if ($page_next && ( $start < ($nbpages-1) )) $start++; 234 235 $pagination = ''; 236 if ($nbpages > 1) 237 { 238 if ( $start > 0 ) 239 { 240 $pagination .= '<input type="submit" name="page_prec" value="«" class="liteoption" /> '; 241 } 242 $pagination .= sprintf($lang['Page_of'], ($start+1), $nbpages) . ' '; 243 if ( $start < ($nbpages-1) ) 244 { 245 $pagination .= '<input type="submit" name="page_next" value="»" class="liteoption" />'; 246 } 247 } 248 249 // set the page title and include the page header 250 $page_title = $lang['Merge_topics']; 251 include ($phpbb_root_path . 'includes/page_header.'.$phpEx); 252 253 // template name 254 $template->set_filenames(array( 255 'body' => 'merge_select_body.tpl') 256 ); 257 // header 258 $template->assign_vars(array( 259 'L_GO' => $lang['Go'], 260 'S_LIST_FORUMS' => $list_forums, 261 'PAGINATION' => $pagination, 262 ) 263 ); 264 265 // read the forum 266 $start_topic = $start * $per_page; 267 $topic_rowset = array(); 268 if ( !empty($forum_id) ) 269 { 270 $sql = $sql_merge . " ORDER BY t.topic_type DESC, t.topic_last_post_id DESC LIMIT $start_topic, $per_page"; 271 if ( !($result = $db->sql_query($sql)) ) 272 { 273 message_die(GENERAL_ERROR, 'Could not get topics informations', '', __LINE__, __FILE__, $sql); 274 } 275 while ($row = $db->sql_fetchrow($result)) 276 { 277 $row['topic_id'] = POST_TOPIC_URL . $row['topic_id']; 278 $topic_rowset[] = $row; 279 } 280 } 281 282 // topics list parameters 283 $box = 'MERGE_BOX'; 284 $tpl = ''; 285 $list_title = ($select_from) ? $lang['Merge_topic_from'] : $lang['Merge_topic_to']; 286 $split_type = true; 287 $display_nav_tree = false; 288 $footer = '<input type="submit" name="submit" value="' . $lang['Select'] . '" class="mainoption" />'; 289 $footer .= ' <input type="submit" name="cancel" value="' . $lang['Cancel'] . '" class="liteoption" />'; 290 $inbox = false; 291 $select_field = 'topic_selected'; 292 $select_type = 2; 293 $select_formname = 'post'; 294 topic_list($box, $tpl, $topic_rowset, $list_title, $split_type, $display_nav_tree, $footer, $inbox, $select_field, $select_type, $select_formname ); 295 296 // system 297 $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 298 $s_hidden_fields .= '<input type="hidden" name="topic_title" value="' . addslashes($topic_title) . '" />'; 299 $s_hidden_fields .= '<input type="hidden" name="from_topic" value="' . $from_topic . '" />'; 300 $s_hidden_fields .= '<input type="hidden" name="to_topic" value="' . $to_topic . '" />'; 301 $s_hidden_fields .= '<input type="hidden" name="submit" value="1" />'; 302 if ($shadow) $s_hidden_fields .= '<input type="hidden" name="shadow" value="1" />'; 303 if ($select_from) $s_hidden_fields .= '<input type="hidden" name="select_from" value="1" />'; 304 if ($select_to) $s_hidden_fields .= '<input type="hidden" name="select_to" value="1" />'; 305 $s_hidden_fields .= '<input type="hidden" name="start" value="' . $start . '" />'; 306 $template->assign_vars(array( 307 'S_ACTION' => append_sid("./merge.$phpEx"), 308 'S_HIDDEN_FIELDS' => $s_hidden_fields, 309 ) 310 ); 311 // footer 312 $template->pparse('body'); 313 include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 314 exit; 315 } 316 317 // submission 318 if ($submit) 319 { 320 // check session id 321 if ($sid == '' || $sid != $userdata['session_id']) 322 { 323 message_die(GENERAL_ERROR, 'Invalid_session'); 324 } 325 326 // init 327 $error = false; 328 $error_msg = ''; 329 $message = ''; 330 331 // check if the from topic exists and get the forum_id 332 $found = false; 333 $from_forum_id = 0; 334 $from_poll = false; 335 if (!empty($from_topic_id)) 336 { 337 $sql = "SELECT forum_id, topic_vote FROM " . TOPICS_TABLE . " WHERE topic_id=$from_topic_id"; 338 if ( !($result = $db->sql_query($sql)) ) message_die(GENERAL_ERROR, 'Could not get topic informations', '', __LINE__, __FILE__, $sql); 339 if ($row = $db->sql_fetchrow($result)) 340 { 341 $from_forum_id = $row['forum_id']; 342 $from_poll = $row['topic_vote']; 343 $found = true; 344 } 345 } 346 if (!$found) 347 { 348 $error = true; 349 $error_msg .= (($error_msg != '') ? '<br />' : '') . $lang['Merge_from_not_found']; 350 } 351 352 // check if the from topic exists and get the forum_id 353 $found = false; 354 $to_forum_id = 0; 355 $to_poll = false; 356 if (!empty($to_topic_id)) 357 { 358 $sql = "SELECT forum_id, topic_vote FROM " . TOPICS_TABLE . " WHERE topic_id=$to_topic_id"; 359 if ( !($result = $db->sql_query($sql)) ) message_die(GENERAL_ERROR, 'Could not get topic informations', '', __LINE__, __FILE__, $sql); 360 if ($row = $db->sql_fetchrow($result)) 361 { 362 $to_forum_id = $row['forum_id']; 363 $to_poll = $row['topic_vote']; 364 $found = true; 365 } 366 } 367 if (!$found) 368 { 369 $error = true; 370 $error_msg .= (($error_msg != '') ? '<br />' : '') . $lang['Merge_to_not_found']; 371 } 372 373 // verify the topics are not the same 374 if (!$error) 375 { 376 if ($from_topic_id == $to_topic_id) 377 { 378 $error = true; 379 $error_msg .= (($error_msg != '') ? '<br />' : '') . $lang['Merge_topics_equals']; 380 } 381 } 382 383 // check authorizations 384 if (!empty($from_forum_id)) 385 { 386 $is_auth = auth(AUTH_ALL, $from_forum_id, $userdata); 387 if ( !$is_auth['auth_mod'] ) 388 { 389 $error = true; 390 $error_msg .= (($error_msg != '') ? '<br />' : '') . $lang['Merge_from_not_authorized']; 391 } 392 } 393 if (!empty($to_forum_id)) 394 { 395 $is_auth = auth(AUTH_ALL, $to_forum_id, $userdata); 396 if ( !$is_auth['auth_mod'] ) 397 { 398 $error = true; 399 $error_msg .= (($error_msg != '') ? '<br />' : '') . $lang['Merge_to_not_authorized']; 400 } 401 } 402 403 // 404 // warnings 405 // 406 // add here warnings regarding ie mycalendar 407 408 // does from topic has a poll ? 409 if ($from_poll) 410 { 411 if ($to_poll) 412 { 413 $message .= (($message != '') ? '<br />' : '') . $lang['Merge_poll_from_and_to']; 414 } 415 else 416 { 417 $message .= (($message != '') ? '<br />' : '') . $lang['Merge_poll_from']; 418 } 419 } 420 421 // error found 422 if ($error) 423 { 424 message_die(GENERAL_ERROR, $error_msg); 425 } 426 427 // ask for confirmation or process 428 if ($confirm) 429 { 430 // process poll 431 if ($from_poll) 432 { 433 if ($to_poll) 434 { 435 // delete the vote 436 $vote_id = 0; 437 $sql = "SELECT vote_id FROM " . VOTE_DESC_TABLE . " WHERE topic_id=$from_topic_id"; 438 if ( !$result=$db->sql_query($sql) ) message_die(GENERAL_ERROR, 'Could not read vote description', '', __LINE__, __FILE__, $sql); 439 if ($row=$db->sql_fetchrow($result)) $vote_id = $row['vote_id']; 440 if (!empty($vote_id)) 441 { 442 // delete voters 443 $sql = "DELETE FROM " . VOTE_USERS_TABLE . " WHERE vote_id=$vote_id"; 444 if ( !$db->sql_query($sql) ) message_die(GENERAL_ERROR, 'Could not delete votes', '', __LINE__, __FILE__, $sql); 445 // delete results 446 $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_id=$vote_id"; 447 if ( !$db->sql_query($sql) ) message_die(GENERAL_ERROR, 'Could not delete vote results', '', __LINE__, __FILE__, $sql); 448 // delete description 449 $sql = "DELETE FROM " . VOTE_DESC_TABLE . " WHERE vote_id=$vote_id"; 450 if ( !$db->sql_query($sql) ) message_die(GENERAL_ERROR, 'Could not delete vote description', '', __LINE__, __FILE__, $sql); 451 } 452 } 453 else 454 { 455 // grab the poll to the new topic 456 $sql = "UPDATE " . VOTE_DESC_TABLE . " 457 SET topic_id=$to_topic_id 458 WHERE topic_id=$from_topic_id"; 459 if ( !$db->sql_query($sql) ) message_die(GENERAL_ERROR, 'Could not update vote desc information', '', __LINE__, __FILE__, $sql); 460 } 461 } 462 463 // here you can add the process of ie mycalendar dates 464 465 // check if the destination is already watched 466 $sql = "SELECT * FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id=$to_topic_id"; 467 if ( !$result=$db->sql_query($sql) ) message_die(GENERAL_ERROR, 'Could not read topics watch informations', '', __LINE__, __FILE__, $sql); 468 $user_ids = array(); 469 while ($row = $db->sql_fetchrow($result)) $user_ids[] = $row['user_id']; 470 $sql_user = ''; 471 if (!empty($user_ids)) 472 { 473 $sql_user = " AND user_id NOT IN (" . implode(', ', $user_ids) . ")"; 474 } 475 // grab the topics watch to the new topic 476 $sql = "UPDATE " . TOPICS_WATCH_TABLE . " SET topic_id=$to_topic_id WHERE topic_id=$from_topic_id" . $sql_user; 477 if ( !$db->sql_query($sql) )