diff --git a/inc/mod/ban.php b/inc/mod/ban.php
index 4d73488f..51befe27 100644
--- a/inc/mod/ban.php
+++ b/inc/mod/ban.php
@@ -56,8 +56,6 @@ function parse_time($str) {
function ban($mask, $reason, $length, $board) {
global $mod, $pdo;
- // TODO: permissions
-
$query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, :time, :expires, :reason, :board)");
$query->bindValue(':ip', $mask);
$query->bindValue(':mod', $mod['id']);
@@ -80,12 +78,14 @@ function ban($mask, $reason, $length, $board) {
$query->execute() or error(db_error($query));
- modLog('Created a new ban (#' . $pdo->lastInsertId() . ') for ' . utf8tohtml($mask) . ' with ' . ($reason ? 'reason: ' . utf8tohtml($reason) . '' : 'no reason'));
+ modLog('Created a new ' .
+ ($length > 0 ? preg_replace('/^(\d+) (\w+?)s?$/', '$1-$2', until($length)) : 'permanent') .
+ ' ban (#' . $pdo->lastInsertId() . ') for ' .
+ (filter_var($mask, FILTER_VALIDATE_IP) !== false ? "$mask" : utf8tohtml($mask)) .
+ ' with ' . ($reason ? 'reason: ' . utf8tohtml($reason) . '' : 'no reason'));
}
-function unban($id) {
- // TODO: permissions
-
+function unban($id) {
$query = prepare("DELETE FROM `bans` WHERE `id` = :id");
$query->bindValue(':id', $id);
$query->execute() or error(db_error($query));