1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
<?php
include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/partials.php";
include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/accounts.php";
include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php";
include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php";
include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php";
if (!CONFIG['reports']['enable']) {
generate_alert("/404.php", "Reports are disabled", 405);
exit;
}
if (!authorize_user(true) || !$_SESSION["user_role"]["permission_report_review"]) {
generate_alert("/404.php", "Not enough permissions", 403);
exit;
}
$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']);
$reports = $db->query("SELECT r.id, u.username AS sender_name, r.contents FROM reports r
JOIN users u ON u.id = r.sender_id
WHERE r.resolved_by IS NULL
ORDER BY r.sent_at DESC
");
$reports->execute();
$reports = $reports->fetchAll(PDO::FETCH_ASSOC);
$report = $reports[0] ?? null;
if (isset($_GET["id"])) {
$stmt = $db->prepare("SELECT r.id, u.id AS sender_id, u.username AS sender_name, r.contents, r.sent_at, resolved_by, response_message FROM reports r
JOIN users u ON u.id = r.sender_id
WHERE r.id = ?
");
$stmt->execute([$_GET["id"]]);
$report = $stmt->fetch(PDO::FETCH_ASSOC) ?? null;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Report review - <?= CONFIG['instance']['name'] ?></title>
<link rel="stylesheet" href="/static/style.css">
<link rel="shortcut icon" href="/static/favicon.ico" type="image/x-icon">
</head>
<body>
<div class="container">
<div class="wrapper">
<?php html_navigation_bar() ?>
<?php display_alert() ?>
<section class="content row">
<section class="box">
<div class="box navtab">System panel - Report review section</div>
<div class="box content">
<?php foreach ($reports as $r): ?>
<a href="/system/reports/?id=<?= $r['id'] ?>"><b><?= substr($r['contents'], 0, 10) ?>...</b>
<span style="font-size:10px;">by <?= $r['sender_name'] ?></span></a>
<?php endforeach; ?>
<?php if (empty($reports)): ?>
<p>Everything is clear. Good job!</p>
<?php endif; ?>
</div>
</section>
<?php if ($report != null): ?>
<section class="content">
<div class="box">
<div class="box navtab">Report</div>
<div class="box content">
<textarea disabled style="resize:none; height:250px;"><?= $report['contents'] ?></textarea>
</div>
</div>
<div class="box">
<table class="vertical left">
<tr>
<th>Reported by</th>
<td><a
href="/users.php?id=<?= $report['sender_id'] ?>"><?= $report['sender_name'] ?></a>
(<?= format_timestamp(time() - strtotime($report['sent_at'])) ?> ago)</td>
</tr>
<tr>
<th>Status</th>
<td>
<?php if (isset($report['resolved_by'])): ?>
<b style="color:green">Resolved</b>
<?php else: ?>
<b style="color:red">Unresolved</b>
<?php endif; ?>
</td>
</tr>
</table>
</div>
<form action="/system/reports/answer.php" method="post" class="box row small-gap">
<input type="text" name="id" value="<?= $report['id'] ?>" style="display:none;">
<textarea name="response" required placeholder="Write your response here..."
style="resize:none;height:128px;" class="grow"></textarea>
<button type="submit" class="green big">Send</button>
</form>
</section>
<?php endif; ?>
</section>
</div>
</div>
</body>
</html>
|
