Use JSON in admin AJAX calls

qa-content/qa-admin.js

@@ -120,15 +120,18 @@ function qa_admin_click(target)
 	params.code = target.form.elements.code.value;
 
 	qa_ajax_post('click_admin', params,
-		function(lines) {
-			if (lines[0] == '1')
-				qa_conceal(document.getElementById('p' + p[1]), 'admin');
-			else if (lines[0] == '0') {
-				alert(lines[1]);
-				qa_hide_waiting(target);
-			} else
-				qa_ajax_error();
+		function (response) {
+			if (response.hideEntitySelector !== null) {
+				qa_conceal(document.getElementById('p' + params.entityid), 'admin');
+				$('.qa-nav-sub-counter-' + response.hideEntitySelector).text(response.entityCount);
 			}
+
+			if (response.result !== 'success') {
+				alert(response.error.message);
+			}
+
+			qa_hide_waiting(target);
+		}, 1
 	);
 
 	qa_show_waiting_after(target, false);

qa-content/qa-global.js

@@ -152,11 +152,16 @@ function qa_favorite_click(elem)
 	return false;
 }
 
-function qa_ajax_post(operation, params, callback)
+function qa_ajax_post(operation, params, callback, version)
 {
-	$.extend(params, {qa: 'ajax', qa_operation: operation, qa_root: qa_root, qa_request: qa_request});
+	if (typeof(version) === 'undefined') {
+		version = 0;
+	}
+
+	$.extend(params, {qa: 'ajax', qa_operation: operation, qa_root: qa_root, qa_request: qa_request, version: version});
 
-	$.post(qa_root, params, function(response) {
+	$.post(qa_root, params, function (response) {
+			if (version === 0) {
 				var header = 'QA_AJAX_RESPONSE';
 				var headerpos = response.indexOf(header);
 
@@ -164,10 +169,14 @@ function qa_ajax_post(operation, params, callback)
 					callback(response.substr(headerpos + header.length).replace(/^\s+/, '').split("\n"));
 				else
 					callback([]);
-
-	}, 'text').fail(function(jqXHR) {
+			} else {
+				callback(response);
+			}
+		},
+		version === 0 ? 'text' : 'json'
+	).fail(function (jqXHR) {
 		if (jqXHR.readyState > 0)
-			callback([])
+			qa_ajax_error();
 	});
 }
 

qa-include/ajax/click-admin.php

@@ -26,10 +26,30 @@ require_once QA_INCLUDE_DIR . 'app/cookies.php';
 
 $entityid = qa_post_text('entityid');
 $action = qa_post_text('action');
-
-if (!qa_check_form_security_code('admin/click', qa_post_text('code')))
+$version = (int)qa_post_text('version');
+
+switch ($version) {
+	case 1:
+		if (!qa_check_form_security_code('admin/click', qa_post_text('code'))) {
+			$response = array(
+				'result' => 'error',
+				'error' => array(
+					'message' => qa_lang('misc/form_security_reload'),
+				),
+			);
+		} else {
+			$response = qa_admin_single_click_array($entityid, $action);
+		}
+
+		echo json_encode($response);
+
+		break;
+	default: // prior version
+		if (!qa_check_form_security_code('admin/click', qa_post_text('code')))
 			echo "QA_AJAX_RESPONSE\n0\n" . qa_lang('misc/form_security_reload');
-elseif (qa_admin_single_click($entityid, $action)) // permission check happens in here
+		elseif (qa_admin_single_click($entityid, $action))
 			echo "QA_AJAX_RESPONSE\n1\n";
-else
+		else
 			echo "QA_AJAX_RESPONSE\n0\n" . qa_lang('main/general_error');
+}
+

qa-include/app/admin.php

@@ -374,19 +374,19 @@ function qa_admin_sub_navigation()
 	}
 
 	if (!qa_user_maximum_permit_error('permit_moderate')) {
-		$count = qa_user_permit_error('permit_moderate') ? null : qa_opt('cache_queuedcount'); // if only in some categories don't show cached count
+		$count = qa_user_permit_error('permit_moderate') ? 0 : (int)qa_opt('cache_queuedcount'); // if only in some categories don't show cached count
 
 		$navigation['admin/moderate'] = array(
-			'label' => qa_lang_html('admin/moderate_title') . ($count ? (' (' . $count . ')') : ''),
+			'label' => qa_lang_html_sub('admin/moderate_title', '<span class="qa-nav-sub-counter-moderate">' . qa_html(qa_format_number($count)) . '</span>'),
 			'url' => qa_path_html('admin/moderate'),
 		);
 	}
 
 	if (qa_opt('flagging_of_posts') && !qa_user_maximum_permit_error('permit_hide_show')) {
-		$count = qa_user_permit_error('permit_hide_show') ? null : qa_opt('cache_flaggedcount'); // if only in some categories don't show cached count
+		$count = qa_user_permit_error('permit_hide_show') ? 0 : (int)qa_opt('cache_flaggedcount'); // if only in some categories don't show cached count
 
 		$navigation['admin/flagged'] = array(
-			'label' => qa_lang_html('admin/flagged_title') . ($count ? (' (' . $count . ')') : ''),
+			'label' => qa_lang_html_sub('admin/flagged_title', '<span class="qa-nav-sub-counter-flagged">' . qa_html(qa_format_number($count)) . '</span>'),
 			'url' => qa_path_html('admin/flagged'),
 		);
 	}
@@ -399,10 +399,10 @@ function qa_admin_sub_navigation()
 	}
 
 	if (!QA_FINAL_EXTERNAL_USERS && qa_opt('moderate_users') && $level >= QA_USER_LEVEL_MODERATOR) {
-		$count = qa_opt('cache_uapprovecount');
+		$count = (int)qa_opt('cache_uapprovecount');
 
 		$navigation['admin/approve'] = array(
-			'label' => qa_lang_html('admin/approve_users_title') . ($count ? (' (' . $count . ')') : ''),
+			'label' => qa_lang_html_sub('admin/approve_users_title', '<span class="qa-nav-sub-counter-approve">' . qa_html(qa_format_number($count)) . '</span>'),
 			'url' => qa_path_html('admin/approve'),
 		);
 	}
@@ -582,6 +582,152 @@ function qa_admin_single_click($entityid, $action)
 
 
 /**
+ * Returns true if admin (hidden/flagged/approve/moderate) page $action performed on $entityid is permitted by the
+ * logged in user and was processed successfully
+ * @param $entityid
+ * @param $action
+ * @return array
+ */
+function qa_admin_single_click_array($entityid, $action)
+{
+	$userid = qa_get_logged_in_userid();
+
+	$response = array();
+
+	if (!QA_FINAL_EXTERNAL_USERS && ($action === 'userapprove' || $action === 'userblock')) { // approve/block moderated users
+		require_once QA_INCLUDE_DIR . 'db/selects.php';
+
+		$useraccount = qa_db_select_with_pending(qa_db_user_account_selectspec($entityid, true));
+
+		if (isset($useraccount) && qa_get_logged_in_level() >= QA_USER_LEVEL_MODERATOR) {
+			switch ($action) {
+				case 'userapprove':
+					$response['entityCount'] = (int)qa_opt('cache_uapprovecount');
+					if ($useraccount['level'] >= QA_USER_LEVEL_APPROVED) { // don't demote higher level users
+						$response['result'] = 'error';
+						$response['error']['type'] = 'user-already-approved';
+						$response['error']['message'] = qa_lang_html('main/general_error');
+						$response['hideEntitySelector'] = null;
+					} else {
+						require_once QA_INCLUDE_DIR . 'app/users-edit.php';
+						qa_set_user_level($useraccount['userid'], $useraccount['handle'], QA_USER_LEVEL_APPROVED, $useraccount['level']);
+
+						$response['result'] = 'success';
+						$response['entityCount'] = max($response['entityCount'] - 1, 0);
+						$response['hideEntitySelector'] = 'approve';
+					}
+					break;
+
+				case 'userblock':
+					require_once QA_INCLUDE_DIR . 'app/users-edit.php';
+					qa_set_user_blocked($useraccount['userid'], $useraccount['handle'], true);
+
+					$response['result'] = 'success';
+					$response['entityCount'] = max((int)qa_opt('cache_uapprovecount') - 1, 0);
+					$response['hideEntitySelector'] = 'approve';
+					break;
+
+				default:
+			}
+		}
+	} else { // something to do with a post
+		require_once QA_INCLUDE_DIR . 'app/posts.php';
+
+		$post = qa_post_get_full($entityid);
+
+		if (isset($post)) {
+			$queued = (substr($post['type'], 1) == '_QUEUED');
+
+			switch ($action) {
+				case 'approve':
+				case 'reject':
+					$response['entityCount'] = (int)qa_opt('cache_queuedcount');
+					if (!$queued) {
+						$response['result'] = 'error';
+						$response['error']['type'] = 'post-not-queued';
+						$response['error']['message'] = qa_lang_html('main/general_error');
+						$response['entityCount'] = max($response['entityCount'] - 1, 0);
+						$response['hideEntitySelector'] = 'moderate';
+					} elseif (qa_user_post_permit_error('permit_moderate', $post) !== false) {
+						$response['result'] = 'error';
+						$response['error']['type'] = 'no-permission';
+						$response['error']['message'] = qa_lang_html('users/no_permission');
+						$response['hideEntitySelector'] = null;
+					} else {
+						$postStatus = $action === 'approve'
+							? QA_POST_STATUS_NORMAL
+							: QA_POST_STATUS_HIDDEN; // 'reject'
+						qa_post_set_status($entityid, $postStatus, $userid);
+
+						$response['result'] = 'success';
+						$response['entityCount'] = max($response['entityCount'] - 1, 0);
+						$response['hideEntitySelector'] = 'moderate';
+					}
+					break;
+
+				case 'reshow':
+				case 'delete':
+					if (!$post['hidden']) {
+						$response['result'] = 'error';
+						$response['error']['type'] = 'post-not-hidden';
+						$response['error']['message'] = qa_lang_html('main/general_error');
+						$response['hideEntitySelector'] = 'hidden';
+					} elseif (qa_user_post_permit_error('permit_hide_show', $post) !== false) {
+						$response['result'] = 'error';
+						$response['error']['type'] = 'no-permission';
+						$response['error']['message'] = qa_lang_html('users/no_permission');
+						$response['hideEntitySelector'] = null;
+					} else {
+						if ($action === 'reshow') {
+							qa_post_set_status($entityid, QA_POST_STATUS_NORMAL, $userid);
+						} else { // 'delete'
+							qa_post_delete($entityid);
+						}
+
+						$response['result'] = 'success';
+						$response['hideEntitySelector'] = 'hidden';
+					}
+					break;
+
+				case 'hide':
+				case 'clearflags':
+					$response['entityCount'] = (int)qa_opt('cache_flaggedcount');
+					if ($action === 'hide' && $queued) {
+						$response['result'] = 'error';
+						$response['error']['type'] = 'post-queued';
+						$response['error']['message'] = qa_lang_html('main/general_error');
+						$response['entityCount'] = max($response['entityCount'] - 1, 0);
+						$response['hideEntitySelector'] = 'flagged';
+					} elseif (qa_user_post_permit_error('permit_hide_show', $post) !== false) {
+						$response['result'] = 'error';
+						$response['error']['type'] = 'no-permission';
+						$response['error']['message'] = qa_lang_html('users/no_permission');
+						$response['hideEntitySelector'] = null;
+					} else {
+						if ($action === 'hide') {
+							qa_post_set_status($entityid, QA_POST_STATUS_HIDDEN, $userid);
+						} else { // 'clearflags'
+							require_once QA_INCLUDE_DIR . 'app/votes.php';
+
+							qa_flags_clear_all($post, $userid, qa_get_logged_in_handle(), null);
+						}
+
+						$response['result'] = 'success';
+						$response['entityCount'] = max($response['entityCount'] - 1, 0);
+						$response['hideEntitySelector'] = 'flagged';
+					}
+					break;
+
+				default:
+			}
+		}
+	}
+
+	return $response;
+}
+
+
+/**
  * Checks for a POSTed click on an admin (hidden/flagged/approve/moderate) page, and refresh the page if processed successfully (non Ajax)
  */
 function qa_admin_check_clicks()

qa-include/lang/qa-lang-admin.php

@@ -37,7 +37,7 @@ return array(
 	'after_x' => 'After "^"',
 	'after_x_tab' => 'After "^" tab',
 	'approve_user_popup' => 'Approve user',
-	'approve_users_title' => 'Approve users',
+	'approve_users_title' => 'Approve users (^)',
 	'basic_editor' => 'Basic Editor',
 	'before_main_menu' => 'Before tabs at top',
 	'blobs_directory_error' => 'The directory ^ defined as QA_BLOBS_DIRECTORY is not writable by the web server.',
@@ -121,7 +121,7 @@ return array(
 	'field_single_line' => 'Single line of text',
 	'field_type' => 'Content type:',
 	'first' => 'First',
-	'flagged_title' => 'Flagged',
+	'flagged_title' => 'Flagged (^)',
 	'form_security_expired' => 'Form security code expired - please try again',
 	'from_anon' => 'From anonymous:',
 	'from_users' => 'From users:',
@@ -145,7 +145,7 @@ return array(
 	'maintenance_admin_only' => 'Your site is in ^1maintenance^2 and is currently inaccessible to regular users.',
 	'maximum_x' => ' (max ^)',
 	'memcached_error' => 'Memcached error: ^',
-	'moderate_title' => 'Moderate',
+	'moderate_title' => 'Moderate (^)',
 	'module_x_database_init' => 'The ^1 ^2 module requires some ^3database initialization^4.',
 	'most_flagged_title' => 'Flagged content',
 	'mysql_version' => 'MySQL version:',
@@ -215,6 +215,7 @@ return array(
 	'recalc_stop' => 'Stop recalculating',
 	'recent_approve_title' => 'Recent content waiting for approval',
 	'recent_hidden_title' => 'Recent hidden content',
+	'recent_users_title' => 'Recent users waiting for approval',
 	'recount_posts' => 'Recount posts',
 	'recount_posts_as_recounted' => 'Recounted answers and hotness for ^1 of ^2 posts...',
 	'recount_posts_complete' => 'All posts were successfully recounted.',

qa-include/pages/admin/admin-approve.php

@@ -60,7 +60,7 @@ $pageerror = qa_admin_check_clicks();
 
 $qa_content = qa_content_prepare();
 
-$qa_content['title'] = qa_lang_html('admin/approve_users_title');
+$qa_content['title'] = qa_lang_html('admin/recent_users_title');
 $qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
 
 $qa_content['message_list'] = array(