diff -r e3d7322305bf -r 5e1f1e916419 punbb/admin/bans.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/punbb/admin/bans.php Sat Apr 05 23:56:45 2008 -0400 @@ -0,0 +1,487 @@ + $_ ) +{ + $$key =& $GLOBALS[$key]; +} + +($hook = get_hook('aba_start')) ? eval($hook) : null; + +if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0')) + message($lang_common['No permission']); + +// Load the admin.php language file +require PUN_ROOT.'lang/'.$pun_user['language'].'/admin.php'; +$GLOBALS['lang_admin'] = $lang_admin; + + +// Add/edit a ban (stage 1) +if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban'])) +{ + if (isset($_GET['add_ban']) || isset($_POST['add_ban'])) + { + // If the id of the user to ban was provided through GET (a link from profile.php) + if (isset($_GET['add_ban'])) + { + $add_ban = intval($_GET['add_ban']); + if ($add_ban < 2) + message($lang_common['Bad request']); + + $user_id = $add_ban; + + ($hook = get_hook('aba_add_ban_selected')) ? eval($hook) : null; + + $query = array( + 'SELECT' => 'u.group_id, u.username, u.email, u.registration_ip', + 'FROM' => 'users AS u', + 'WHERE' => 'u.id='.$user_id + ); + + ($hook = get_hook('aba_qr_get_user_by_id')) ? eval($hook) : null; + $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); + if (!$pun_db->num_rows($result)) + message($lang_admin['No user id message']); + + list($group_id, $ban_user, $ban_email, $ban_ip) = $pun_db->fetch_row($result); + } + else // Otherwise the username is in POST + { + $ban_user = trim($_POST['new_ban_user']); + + ($hook = get_hook('aba_add_ban_form_submitted')) ? eval($hook) : null; + + if ($ban_user != '') + { + $query = array( + 'SELECT' => 'u.id, u.group_id, u.username, u.email, u.registration_ip', + 'FROM' => 'users AS u', + 'WHERE' => 'u.username=\''.$pun_db->escape($ban_user).'\' AND u.id>1' + ); + + ($hook = get_hook('aba_qr_get_user_by_username')) ? eval($hook) : null; + $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); + if (!$pun_db->num_rows($result)) + message($lang_admin['No user username message']); + + list($user_id, $group_id, $ban_user, $ban_email, $ban_ip) = $pun_db->fetch_row($result); + } + } + + // Make sure we're not banning an admin + if (isset($group_id) && $group_id == PUN_ADMIN) + message($lang_admin['User is admin message']); + + // If we have a $user_id, we can try to find the last known IP of that user + if (isset($user_id)) + { + $query = array( + 'SELECT' => 'p.poster_ip', + 'FROM' => 'posts AS p', + 'WHERE' => 'p.poster_id='.$user_id, + 'ORDER BY' => 'p.posted DESC', + 'LIMIT' => '1' + ); + + ($hook = get_hook('aba_qr_get_last_known_ip')) ? eval($hook) : null; + $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); + + $ban_ip = ($pun_db->num_rows($result)) ? $pun_db->result($result) : $ban_ip; + } + + $mode = 'add'; + } + else // We are editing a ban + { + $ban_id = intval($_GET['edit_ban']); + if ($ban_id < 1) + message($lang_common['Bad request']); + + ($hook = get_hook('aba_edit_ban_selected')) ? eval($hook) : null; + + $query = array( + 'SELECT' => 'b.username, b.ip, b.email, b.message, b.expire', + 'FROM' => 'bans AS b', + 'WHERE' => 'b.id='.$ban_id + ); + + ($hook = get_hook('aba_qr_get_ban_data')) ? eval($hook) : null; + $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); + if ($pun_db->num_rows($result)) + list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $pun_db->fetch_row($result); + else + message($lang_common['Bad request']); + + // We just use GMT for expire dates, as its a date rather than a day I don't think its worth worrying about + $ban_expire = ($ban_expire != '') ? gmdate('Y-m-d', $ban_expire) : ''; + + $mode = 'edit'; + } + + + // Setup the form + $pun_page['fld_count'] = $pun_page['set_count'] = 0; + + // Setup breadcrumbs + $pun_page['crumbs'] = array( + array($pun_config['o_board_title'], pun_link($pun_url['index'])), + array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])), + array($lang_admin['Bans'], pun_link($pun_url['admin_bans'])), + $lang_admin['Ban advanced'] + ); + + ($hook = get_hook('aba_add_edit_ban_pre_header_load')) ? eval($hook) : null; + + define('PUN_PAGE_SECTION', 'users'); + define('PUN_PAGE', 'admin-bans'); + require PUN_ROOT.'header.php'; + +?> +