Basic ban-adding

This commit is contained in:
Savetheinternet 2011-01-02 00:27:30 +11:00
parent 5190e9a456
commit ca7faa835e
2 changed files with 134 additions and 6 deletions

View File

@ -111,24 +111,57 @@
return $body;
}
function form_newBan($ip=null, $reason='', $continue=false) {
return '<fieldset><legend>New ban</legend>' .
'<form action="" method="post">' .
($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') .
'<table>' .
'<tr>' .
'<th><label for="ip">IP</label></th>' .
'<td><input type="text" name="ip" id="ip" size="15" maxlength="15" ' .
(isset($ip) ?
'value="' . htmlentities($ip) . '" ' : ''
) .
'/></td>' .
'</tr>' .
'<tr>' .
'<th><label for="reason">Reason</label></th>' .
'<td><textarea name="reason" id="reason" rows="5" cols="30">' .
htmlentities($reason) .
'</textarea></td>' .
'</tr>' .
'<tr>' .
'<th><label for="length">Length</label></th>' .
'<td><input type="text" name="length" id="length" size="20" maxlength="40" />' .
' <span class="unimportant">(eg. "2d1h30m" or "2 days")</span></td>' .
'</tr>' .
'<tr>' .
'<td></td>' .
'<td><input name="new_ban" type="submit" value="New Ban" /></td>' .
'</tr>' .
'</table>' .
'</form>' .
'</fieldset>';
}
function form_newBoard() {
return '<fieldset><legend>New board</legend>' .
'<form action="?/new" method="post">' .
'<table>' .
'<tr>' .
'<th><label for="board">URI:</label></th>' .
'<th><label for="board">URI</label></th>' .
'<td><input type="text" name="uri" id="board" size="3" maxlength="8" />' .
' <span class="unimportant">(eg. "b"; "mu")</span>' .
' <span class="unimportant">(eg. "b"; "mu")</span></td>' .
'</tr>' .
'<tr>' .
'<th><label for="title">Title:</label></th>' .
'<th><label for="title">Title</label></th>' .
'<td><input type="text" name="title" id="title" size="15" maxlength="20" />' .
' <span class="unimportant">(eg. "Random")</span>' .
' <span class="unimportant">(eg. "Random")</span></td>' .
'</tr>' .
'<tr>' .
'<th><label for="subtitle">Subtitle:</label></th>' .
'<th><label for="subtitle">Subtitle</label></th>' .
'<td><input type="text" name="subtitle" id="subtitle" size="20" maxlength="40" />' .
' <span class="unimportant">(optional)</span>' .
' <span class="unimportant">(optional)</span></td>' .
'</tr>' .
'<tr>' .
'<td></td>' .

95
mod.php
View File

@ -280,7 +280,102 @@
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP);
else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP);
} elseif(preg_match('/^\/' . $regex['board'] . 'ban\/(\d+)$/', $query, $matches)) {
if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS);
// Ban by post
$boardName = $matches[1];
$post = $matches[2];
// Open board
if(!openBoard($boardName))
error(ERROR_NOBOARD);
// Delete post
//deletePost($post);
// Rebuild board
//buildIndex();
$query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) {
error(ERROR_INVALIDPOST);
}
$post = $query->fetch();
if(isset($_POST['new_ban'])) {
if( !isset($_POST['ip']) ||
!isset($_POST['reason']) ||
!isset($_POST['length'])
) error(ERROR_MISSEDAFIELD);
// Check required fields
if(empty($_POST['ip']))
error(sprintf(ERROR_REQUIRED, 'IP address'));
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :expires, :reason)");
// 1yr2hrs30mins
// 1y2h30m
if(preg_match('/^((\d+)\s?ye?a?r?s?)?\s?+((\d+)\s?we?e?k?s?)?\s?+((\d+)\s?da?y?s?)?((\d+)\s?ho?u?r?s?)?\s?+((\d+)\s?m?i?n?u?t?e?s?)?\s?+((\d+)\s?s?e?c?o?n?d?s?)?$/', $_POST['length'], $m)) {
$expire = 0;
if(isset($m[2])) {
// Years
$expire += $m[2]*60*60*24*7*52;
}
if(isset($m[4])) {
// Weeks
$expire += $m[4]*60*60*24*7;
}
if(isset($m[6])) {
// Days
$expire += $m[6]*60*60*24;
}
if(isset($m[8])) {
// Hours
$expire += $m[8]*60*60;
}
if(isset($m[10])) {
// Minutes
$expire += $m[10]*60;
}
if(isset($m[12])) {
// Seconds
$expire += $m[12];
}
$query->bindValue(':expires', time()+$expire, PDO::PARAM_INT);
} else {
// Never expire
$query->bindValue(':expires', null, PDO::PARAM_NULL);
}
$query->bindValue(':ip', $_POST['ip'], PDO::PARAM_STR);
$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
if(isset($_POST['reason'])) {
$query->bindValue(':reason', $_POST['reason'], PDO::PARAM_STR);
} else {
$query->bindValue(':reason', null, PDO::PARAM_NULL);
}
$query->execute() or error(db_error($query));
// Redirect
if(isset($_POST['continue']))
header('Location: ' . $_POST['continue'], true, REDIRECT_HTTP);
else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP);
}
$body = form_newBan($post['ip'], null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false);
echo Element('page.html', Array(
'index'=>ROOT,
'title'=>'New ban',
'body'=>$body,
'mod'=>true
)
);
} else {
error(ERROR_404);
}