fixed ban addition page
This commit is contained in:
Savetheinternet
parent
c2727787ab
commit
f47cccab01
@ -111,10 +111,12 @@
|
||||
return $body;
|
||||
}
|
||||
|
||||
function form_newBan($ip=null, $reason='', $continue=false) {
|
||||
function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false) {
|
||||
return '<fieldset><legend>New ban</legend>' .
|
||||
'<form action="" method="post">' .
|
||||
'<form action="?/ban" method="post">' .
|
||||
($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') .
|
||||
($delete ? '<input type="hidden" name="delete" value="' . htmlentities($delete) . '" />' : '') .
|
||||
($board ? '<input type="hidden" name="board" value="' . htmlentities($board) . '" />' : '') .
|
||||
'<table>' .
|
||||
'<tr>' .
|
||||
'<th><label for="ip">IP</label></th>' .
|
||||
|
||||
50
mod.php
50
mod.php
@ -348,26 +348,8 @@
|
||||
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP);
|
||||
else
|
||||
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP);
|
||||
} elseif(preg_match('/^\/' . $regex['board'] . 'ban(&delete)\/(\d+)$/', $query, $matches)) {
|
||||
if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS);
|
||||
// Ban by post
|
||||
|
||||
$boardName = $matches[1];
|
||||
$delete = isset($matches[2]) && $matches[2] == '&delete';
|
||||
$post = $matches[3];
|
||||
// Open board
|
||||
if(!openBoard($boardName))
|
||||
error(ERROR_NOBOARD);
|
||||
|
||||
$query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri']));
|
||||
$query->bindValue(':id', $post, PDO::PARAM_INT);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
if($query->rowCount() < 1) {
|
||||
error(ERROR_INVALIDPOST);
|
||||
}
|
||||
|
||||
$post = $query->fetch();
|
||||
} elseif(preg_match('/^\/ban$/', $query)) {
|
||||
// Ban page
|
||||
|
||||
if(isset($_POST['new_ban'])) {
|
||||
if( !isset($_POST['ip']) ||
|
||||
@ -429,8 +411,10 @@
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
// Delete too
|
||||
if($delete)
|
||||
deletePost($post['id']);
|
||||
if($mod['type'] >= MOD_DELETE && isset($_POST['delete']) && isset($_POST['board'])) {
|
||||
openBoard($_POST['board']);
|
||||
deletePost(round($_POST['delete']));
|
||||
}
|
||||
|
||||
// Redirect
|
||||
if(isset($_POST['continue']))
|
||||
@ -438,8 +422,28 @@
|
||||
else
|
||||
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP);
|
||||
}
|
||||
} elseif(preg_match('/^\/' . $regex['board'] . 'ban(&delete)?\/(\d+)$/', $query, $matches)) {
|
||||
if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS);
|
||||
// Ban by post
|
||||
|
||||
$body = form_newBan($post['ip'], null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false);
|
||||
$boardName = $matches[1];
|
||||
$delete = isset($matches[2]) && $matches[2] == '&delete';
|
||||
$post = $matches[3];
|
||||
// Open board
|
||||
if(!openBoard($boardName))
|
||||
error(ERROR_NOBOARD);
|
||||
|
||||
$query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri']));
|
||||
$query->bindValue(':id', $post, PDO::PARAM_INT);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
if($query->rowCount() < 1) {
|
||||
error(ERROR_INVALIDPOST);
|
||||
}
|
||||
|
||||
$post = $query->fetch();
|
||||
|
||||
$body = form_newBan($post['ip'], null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false, $delete ? $post['id'] : false, $delete ? $boardName : false);
|
||||
|
||||
echo Element('page.html', Array(
|
||||
'index'=>ROOT,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user