diff --git a/inc/mod/auth.php b/inc/mod/auth.php index 2e90b757..f9b863c8 100644 --- a/inc/mod/auth.php +++ b/inc/mod/auth.php @@ -122,3 +122,16 @@ if (isset($_COOKIE[$config['cookies']['mod']])) { ); } +function create_pm_header() { + global $mod; + $query = prepare("SELECT `id` FROM `pms` WHERE `to` = :id AND `unread` = 1"); + $query->bindValue(':id', $mod['id'], PDO::PARAM_INT); + $query->execute() or error(db_error($query)); + + if ($pm = $query->fetch()) { + return Array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1); + } + + return false; +} + diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 2b5487fd..4903567a 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -252,13 +252,42 @@ function mod_delete($board, $post) { function mod_users() { global $config; - if(!hasPermission($config['mod']['manageusers'])) + + if (!hasPermission($config['mod']['manageusers'])) error($config['error']['noaccess']); $args = array(); $query = query("SELECT *, (SELECT `time` FROM `modlogs` WHERE `mod` = `id` ORDER BY `time` DESC LIMIT 1) AS `last`, (SELECT `text` FROM `modlogs` WHERE `mod` = `id` ORDER BY `time` DESC LIMIT 1) AS `action` FROM `mods` ORDER BY `type` DESC,`id`") or error(db_error()); $args['users'] = $query->fetchAll(PDO::FETCH_ASSOC); - mod_page("Manage users", 'mod/users.html', $args); + mod_page('Manage users', 'mod/users.html', $args); +} + +function mod_new_pm($username) { + global $config, $mod; + + if (!hasPermission($config['mod']['create_pm'])) + error($config['error']['noaccess']); + + $query = prepare("SELECT `id` FROM `mods` WHERE `username` = :username"); + $query->bindValue(':username', $username); + $query->execute() or error(db_error($query)); + if (!$id = $query->fetchColumn(0)) + error($config['error']['404']); + + if (isset($_POST['message'])) { + markup($_POST['message']); + + $query = prepare("INSERT INTO `pms` VALUES (NULL, :me, :id, :message, :time, 1)"); + $query->bindValue(':me', $mod['id']); + $query->bindValue(':id', $id); + $query->bindValue(':message', $_POST['message']); + $query->bindValue(':time', time()); + $query->execute() or error(db_error($query)); + + header('Location: ?/', true, $config['redirect_http']); + } + + mod_page("New PM for {$username}", 'mod/new_pm.html', array('username' => $username, 'id' => $id)); } diff --git a/mod.php b/mod.php index d95f9552..e7134603 100644 --- a/mod.php +++ b/mod.php @@ -28,7 +28,7 @@ $pages = array( '!^/log/(\d+)$!' => 'log', // modlog '!^/users$!' => 'users', // manage users - + '!^/new_PM/([^/]+)$!' => 'new_pm', // create a new pm '!^/ban$!' => 'ban', // new ban '!^/IP/([\w.:]+)$!' => 'ip', // view ip address diff --git a/templates/mod/new_pm.html b/templates/mod/new_pm.html new file mode 100644 index 00000000..d694bc26 --- /dev/null +++ b/templates/mod/new_pm.html @@ -0,0 +1,22 @@ +{#{% if id == mod.id %} + {% set username = 'me' %} +{% endif %}#} + +
diff --git a/templates/mod/users.html b/templates/mod/users.html new file mode 100644 index 00000000..aeacc8b5 --- /dev/null +++ b/templates/mod/users.html @@ -0,0 +1,54 @@ +ID | +Username | +Type | +Boards | +Last action | +… | +
---|---|---|---|---|---|
{{ user.id }} | +{{ user.username }} | ++ {% if user.type == constant('JANITOR') %}Janitor + {% elseif user.type == constant('MOD') %}Mod + {% elseif user.type == constant('ADMIN') %}Admin + {% endif %} + | ++ {# This is really messy, but IMO it beats doing it in PHP. #} + {% set boards = user.boards|split(',') %} + {% set _boards = [] %} + {% for board in boards %} + {% set _boards = _boards|push(board == '*' ? '*' : config.board_abbreviation|sprintf(board)) %} + {% endfor %} + {% set _boards = _boards|sort %} + {{ _boards|join(', ') }} + | ++ {% if mod|hasPermission(config.mod.modlog) %} + {{ user.last|ago }} + {% else %} + – + {% endif %} + | ++ {% if mod|hasPermission(config.mod.promoteusers) and user.type < constant('ADMIN') %} + ▲ + {% endif %} + {% if mod|hasPermission(config.mod.promoteusers) and user.type > constant('JANITOR') %} + ▼ + {% endif %} + {% if mod|hasPermission(config.editusers) or (mod|hasPermission(config.change_password) and mod.id == user.id) %} + [edit] + {% endif %} + {% if mod|hasPermission(config.mod.create_pm) %} + [PM] + {% endif %} + | +