| [ Index ] |
PHP Cross Reference of MyBB 1.8.37 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 $page->add_breadcrumb_item($lang->banning, "index.php?module=user-banning"); 18 19 20 $sub_tabs['ips'] = array( 21 'title' => $lang->banned_ips, 22 'link' => "index.php?module=config-banning", 23 ); 24 25 $sub_tabs['bans'] = array( 26 'title' => $lang->banned_accounts, 27 'link' => "index.php?module=user-banning", 28 'description' => $lang->banned_accounts_desc 29 ); 30 31 $sub_tabs['usernames'] = array( 32 'title' => $lang->disallowed_usernames, 33 'link' => "index.php?module=config-banning&type=usernames", 34 ); 35 36 $sub_tabs['emails'] = array( 37 'title' => $lang->disallowed_email_addresses, 38 'link' => "index.php?module=config-banning&type=emails", 39 ); 40 41 // Fetch banned groups 42 $query = $db->simple_select("usergroups", "gid,title", "isbannedgroup=1", array('order_by' => 'title')); 43 $banned_groups = array(); 44 while($group = $db->fetch_array($query)) 45 { 46 $banned_groups[$group['gid']] = $group['title']; 47 } 48 49 // Fetch ban times 50 $ban_times = fetch_ban_times(); 51 52 $plugins->run_hooks("admin_user_banning_begin"); 53 54 if($mybb->input['action'] == "prune") 55 { 56 // User clicked no 57 if($mybb->get_input('no')) 58 { 59 admin_redirect("index.php?module=user-banning"); 60 } 61 62 $query = $db->simple_select("banned", "*", "uid='{$mybb->input['uid']}'"); 63 $ban = $db->fetch_array($query); 64 65 if(!$ban) 66 { 67 flash_message($lang->error_invalid_ban, 'error'); 68 admin_redirect("index.php?module=user-banning"); 69 } 70 71 $user = get_user($ban['uid']); 72 73 if(!$user || (is_super_admin($user['uid']) && ($mybb->user['uid'] != $user['uid'] && !is_super_admin($mybb->user['uid'])))) 74 { 75 flash_message($lang->cannot_perform_action_super_admin_general, 'error'); 76 admin_redirect("index.php?module=user-banning"); 77 } 78 79 $plugins->run_hooks("admin_user_banning_prune"); 80 81 if($mybb->request_method == "post") 82 { 83 require_once MYBB_ROOT."inc/class_moderation.php"; 84 $moderation = new Moderation(); 85 86 $query = $db->simple_select("threads", "tid", "uid='{$user['uid']}'"); 87 while($thread = $db->fetch_array($query)) 88 { 89 $moderation->delete_thread($thread['tid']); 90 } 91 92 $query = $db->simple_select("posts", "pid", "uid='{$user['uid']}'"); 93 while($post = $db->fetch_array($query)) 94 { 95 $moderation->delete_post($post['pid']); 96 } 97 98 $plugins->run_hooks("admin_user_banning_prune_commit"); 99 100 $cache->update_reportedcontent(); 101 102 // Log admin action 103 log_admin_action($user['uid'], $user['username']); 104 105 flash_message($lang->success_pruned, 'success'); 106 admin_redirect("index.php?module=user-banning"); 107 } 108 else 109 { 110 $page->output_confirm_action("index.php?module=user-banning&action=prune&uid={$user['uid']}", $lang->confirm_prune); 111 } 112 } 113 114 if($mybb->input['action'] == "lift") 115 { 116 // User clicked no 117 if($mybb->get_input('no')) 118 { 119 admin_redirect("index.php?module=user-banning"); 120 } 121 122 $query = $db->simple_select("banned", "*", "uid='{$mybb->input['uid']}'"); 123 $ban = $db->fetch_array($query); 124 125 if(!$ban) 126 { 127 flash_message($lang->error_invalid_ban, 'error'); 128 admin_redirect("index.php?module=user-banning"); 129 } 130 131 $user = get_user($ban['uid']); 132 133 if(!$user || (is_super_admin($user['uid']) && ($mybb->user['uid'] != $user['uid'] && !is_super_admin($mybb->user['uid'])))) 134 { 135 flash_message($lang->cannot_perform_action_super_admin_general, 'error'); 136 admin_redirect("index.php?module=user-banning"); 137 } 138 139 $plugins->run_hooks("admin_user_banning_lift"); 140 141 if($mybb->request_method == "post") 142 { 143 $updated_group = array( 144 'usergroup' => $ban['oldgroup'], 145 'additionalgroups' => $db->escape_string($ban['oldadditionalgroups']), 146 'displaygroup' => $ban['olddisplaygroup'] 147 ); 148 $db->delete_query("banned", "uid='{$ban['uid']}'"); 149 150 $plugins->run_hooks("admin_user_banning_lift_commit"); 151 152 $db->update_query("users", $updated_group, "uid='{$ban['uid']}'"); 153 154 $cache->update_moderators(); 155 156 // Log admin action 157 log_admin_action($ban['uid'], $user['username']); 158 159 flash_message($lang->success_ban_lifted, 'success'); 160 admin_redirect("index.php?module=user-banning"); 161 } 162 else 163 { 164 $page->output_confirm_action("index.php?module=user-banning&action=lift&uid={$ban['uid']}", $lang->confirm_lift_ban); 165 } 166 } 167 168 if($mybb->input['action'] == "edit") 169 { 170 $query = $db->simple_select("banned", "*", "uid='{$mybb->input['uid']}'"); 171 $ban = $db->fetch_array($query); 172 173 if(!$ban) 174 { 175 flash_message($lang->error_invalid_ban, 'error'); 176 admin_redirect("index.php?module=user-banning"); 177 } 178 179 $user = get_user($ban['uid']); 180 181 $plugins->run_hooks("admin_user_banning_edit"); 182 183 if($mybb->request_method == "post") 184 { 185 if(empty($ban['uid'])) 186 { 187 $errors[] = $lang->error_invalid_username; 188 } 189 // Is the user we're trying to ban a super admin and we're not? 190 else if(is_super_admin($ban['uid']) && !is_super_admin($ban['uid'])) 191 { 192 $errors[] = $lang->error_no_perm_to_ban; 193 } 194 195 if($ban['uid'] == $mybb->user['uid']) 196 { 197 $errors[] = $lang->error_ban_self; 198 } 199 200 // No errors? Update 201 if(!$errors) 202 { 203 // Ban the user 204 if($mybb->input['bantime'] == '---') 205 { 206 $lifted = 0; 207 } 208 else 209 { 210 $lifted = ban_date2timestamp($mybb->input['bantime'], $ban['dateline']); 211 } 212 213 $reason = my_substr($mybb->input['reason'], 0, 255); 214 215 if(count($banned_groups) == 1) 216 { 217 $group = array_keys($banned_groups); 218 $mybb->input['usergroup'] = $group[0]; 219 } 220 221 $update_array = array( 222 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 223 'dateline' => TIME_NOW, 224 'bantime' => $db->escape_string($mybb->input['bantime']), 225 'lifted' => $db->escape_string($lifted), 226 'reason' => $db->escape_string($reason) 227 ); 228 229 $db->update_query('banned', $update_array, "uid='{$ban['uid']}'"); 230 231 // Move the user to the banned group 232 $update_array = array( 233 'usergroup' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 234 'displaygroup' => 0, 235 'additionalgroups' => '', 236 ); 237 $db->update_query('users', $update_array, "uid = {$ban['uid']}"); 238 239 $plugins->run_hooks("admin_user_banning_edit_commit"); 240 241 // Log admin action 242 log_admin_action($ban['uid'], $user['username']); 243 244 flash_message($lang->success_ban_updated, 'success'); 245 admin_redirect("index.php?module=user-banning"); 246 } 247 } 248 $page->add_breadcrumb_item($lang->edit_ban); 249 $page->output_header($lang->edit_ban); 250 251 $sub_tabs = array(); 252 $sub_tabs['edit'] = array( 253 'title' => $lang->edit_ban, 254 'description' => $lang->edit_ban_desc 255 ); 256 $page->output_nav_tabs($sub_tabs, "edit"); 257 258 $form = new Form("index.php?module=user-banning&action=edit&uid={$ban['uid']}", "post"); 259 if($errors) 260 { 261 $page->output_inline_error($errors); 262 } 263 else 264 { 265 $mybb->input = array_merge($mybb->input, $ban); 266 } 267 268 if(!empty($ban['gid'])) 269 { 270 $mybb->input['usergroup'] = $ban['gid']; 271 } 272 else if(!empty($user['usergroup'])) 273 { 274 $mybb->input['usergroup'] = $user['usergroup']; 275 } 276 else 277 { 278 $mybb->input['usergroup'] = 0; 279 } 280 281 $form_container = new FormContainer($lang->edit_ban); 282 $form_container->output_row($lang->ban_username, "", htmlspecialchars_uni($user['username'])); 283 $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason'); 284 if(count($banned_groups) > 1) 285 { 286 $form_container->output_row($lang->ban_group, $lang->ban_group_desc, $form->generate_select_box('usergroup', $banned_groups, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 287 } 288 289 if($mybb->input['bantime'] == 'perm' || $mybb->input['bantime'] == '' || $mybb->input['lifted'] == 'perm' ||$mybb->input['lifted'] == '') 290 { 291 $mybb->input['bantime'] = '---'; 292 $mybb->input['lifted'] = '---'; 293 } 294 295 foreach($ban_times as $time => $period) 296 { 297 if($time != '---') 298 { 299 $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time)); 300 $period = "{$period} ({$friendly_time})"; 301 } 302 $length_list[$time] = $period; 303 } 304 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 305 306 $form_container->end(); 307 308 $buttons[] = $form->generate_submit_button($lang->update_ban); 309 $form->output_submit_wrapper($buttons); 310 $form->end(); 311 312 $page->output_footer(); 313 } 314 315 if(!$mybb->input['action']) 316 { 317 $where_sql_full = $where_sql = ''; 318 319 $plugins->run_hooks("admin_user_banning_start"); 320 321 if($mybb->request_method == "post") 322 { 323 $options = array( 324 'fields' => array('username', 'usergroup', 'additionalgroups', 'displaygroup') 325 ); 326 327 $user = get_user_by_username($mybb->input['username'], $options); 328 329 // Are we searching a user? 330 if(is_array($user) && isset($mybb->input['search'])) 331 { 332 $where_sql = 'uid=\''.(int)$user['uid'].'\''; 333 $where_sql_full = 'WHERE b.uid=\''.(int)$user['uid'].'\''; 334 } 335 else 336 { 337 if(!$user) 338 { 339 $errors[] = $lang->error_invalid_username; 340 } 341 // Is the user we're trying to ban a super admin and we're not? 342 else if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 343 { 344 $errors[] = $lang->error_no_perm_to_ban; 345 } 346 else 347 { 348 $query = $db->simple_select("banned", "uid", "uid='{$user['uid']}'"); 349 if($db->fetch_field($query, "uid")) 350 { 351 $errors[] = $lang->error_already_banned; 352 } 353 354 // Get PRIMARY usergroup information 355 $usergroups = $cache->read("usergroups"); 356 if(!empty($usergroups[$user['usergroup']]) && $usergroups[$user['usergroup']]['isbannedgroup'] == 1) 357 { 358 $errors[] = $lang->error_already_banned; 359 } 360 361 if($user['uid'] == $mybb->user['uid']) 362 { 363 $errors[] = $lang->error_ban_self; 364 } 365 } 366 367 // No errors? Insert 368 if(!$errors) 369 { 370 // Ban the user 371 if($mybb->input['bantime'] == '---') 372 { 373 $lifted = 0; 374 } 375 else 376 { 377 $lifted = ban_date2timestamp($mybb->input['bantime']); 378 } 379 380 $reason = my_substr($mybb->input['reason'], 0, 255); 381 382 if(count($banned_groups) == 1) 383 { 384 $group = array_keys($banned_groups); 385 $mybb->input['usergroup'] = $group[0]; 386 } 387 388 $insert_array = array( 389 'uid' => $user['uid'], 390 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 391 'oldgroup' => $user['usergroup'], 392 'oldadditionalgroups' => $db->escape_string($user['additionalgroups']), 393 'olddisplaygroup' => $user['displaygroup'], 394 'admin' => (int)$mybb->user['uid'], 395 'dateline' => TIME_NOW, 396 'bantime' => $db->escape_string($mybb->input['bantime']), 397 'lifted' => $db->escape_string($lifted), 398 'reason' => $db->escape_string($reason) 399 ); 400 $db->insert_query('banned', $insert_array); 401 402 // Move the user to the banned group 403 $update_array = array( 404 'usergroup' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 405 'displaygroup' => 0, 406 'additionalgroups' => '', 407 ); 408 409 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 410 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 411 412 $plugins->run_hooks("admin_user_banning_start_commit"); 413 414 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 415 416 // Log admin action 417 log_admin_action($user['uid'], $user['username'], $lifted); 418 419 flash_message($lang->success_banned, 'success'); 420 admin_redirect("index.php?module=user-banning"); 421 } 422 } 423 } 424 425 $page->output_header($lang->banned_accounts); 426 427 $page->output_nav_tabs($sub_tabs, "bans"); 428 429 $query = $db->simple_select("banned", "COUNT(*) AS ban_count", $where_sql); 430 $ban_count = $db->fetch_field($query, "ban_count"); 431 432 $per_page = 20; 433 434 $mybb->input['page'] = $mybb->get_input('page', MyBB::INPUT_INT); 435 if($mybb->input['page'] > 0) 436 { 437 $current_page = $mybb->input['page']; 438 $start = ($current_page-1)*$per_page; 439 $pages = $ban_count / $per_page; 440 $pages = ceil($pages); 441 if($current_page > $pages) 442 { 443 $start = 0; 444 $current_page = 1; 445 } 446 } 447 else 448 { 449 $start = 0; 450 $current_page = 1; 451 } 452 453 $pagination = draw_admin_pagination($current_page, $per_page, $ban_count, "index.php?module=user-banning&page={page}"); 454 455 $form = new Form("index.php?module=user-banning", "post"); 456 if($errors) 457 { 458 $page->output_inline_error($errors); 459 } 460 461 $mybb->input['username'] = $mybb->get_input('username'); 462 $mybb->input['reason'] = $mybb->get_input('reason'); 463 $mybb->input['bantime'] = $mybb->get_input('bantime'); 464 465 if(isset($mybb->input['uid']) && empty($mybb->input['username'])) 466 { 467 $user = get_user($mybb->input['uid']); 468 $mybb->input['username'] = $user['username']; 469 } 470 471 if(empty($mybb->input['usergroup'])) 472 { 473 if(!empty($mybb->settings['purgespammerbangroup'])) 474 { 475 $mybb->input['usergroup'] = $mybb->settings['purgespammerbangroup']; 476 } 477 else if(count($banned_groups)) 478 { 479 $group = array_keys($banned_groups); 480 $mybb->input['usergroup'] = $group[0]; 481 } 482 else 483 { 484 $mybb->input['usergroup'] = 0; 485 } 486 } 487 488 $form_container = new FormContainer($lang->ban_a_user); 489 $form_container->output_row($lang->ban_username, $lang->autocomplete_enabled, $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 490 $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason'); 491 if(count($banned_groups) > 1) 492 { 493 $form_container->output_row($lang->ban_group, $lang->ban_group_desc, $form->generate_select_box('usergroup', $banned_groups, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 494 } 495 foreach($ban_times as $time => $period) 496 { 497 if($time != "---") 498 { 499 $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time)); 500 $period = "{$period} ({$friendly_time})"; 501 } 502 $length_list[$time] = $period; 503 } 504 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 505 506 $form_container->end(); 507 508 // Autocompletion for usernames 509 echo ' 510 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 511 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 512 <script type="text/javascript"> 513 <!-- 514 $("#username").select2({ 515 placeholder: "'.$lang->search_for_a_user.'", 516 minimumInputLength: 2, 517 multiple: false, 518 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 519 url: "../xmlhttp.php?action=get_users", 520 dataType: \'json\', 521 data: function (term, page) { 522 return { 523 query: term, // search term 524 }; 525 }, 526 results: function (data, page) { // parse the results into the format expected by Select2. 527 // since we are using custom formatting functions we do not need to alter remote JSON data 528 return {results: data}; 529 } 530 }, 531 initSelection: function(element, callback) { 532 var query = $(element).val(); 533 if (query !== "") { 534 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 535 data: { 536 query: query 537 }, 538 dataType: "json" 539 }).done(function(data) { callback(data); }); 540 } 541 }, 542 }); 543 544 $(\'[for=username]\').on(\'click\', function(){ 545 $("#username").select2(\'open\'); 546 return false; 547 }); 548 // --> 549 </script>'; 550 551 $buttons[] = $form->generate_submit_button($lang->ban_user); 552 $buttons[] = $form->generate_submit_button($lang->search_for_a_user, array('name' => 'search')); 553 $form->output_submit_wrapper($buttons); 554 $form->end(); 555 556 echo '<br />'; 557 558 $table = new Table; 559 $table->construct_header($lang->user); 560 $table->construct_header($lang->ban_lifts_on, array("class" => "align_center", "width" => 150)); 561 $table->construct_header($lang->time_left, array("class" => "align_center", "width" => 150)); 562 $table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2, "width" => 200)); 563 $table->construct_header($lang->moderation, array("class" => "align_center", "colspan" => 1, "width" => 200)); 564 565 // Fetch bans 566 $query = $db->query(" 567 SELECT b.*, a.username AS adminuser, u.username 568 FROM ".TABLE_PREFIX."banned b 569 LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid) 570 LEFT JOIN ".TABLE_PREFIX."users a ON (b.admin=a.uid) 571 {$where_sql_full} 572 ORDER BY dateline DESC 573 LIMIT {$start}, {$per_page} 574 "); 575 576 // Get the banned users 577 while($ban = $db->fetch_array($query)) 578 { 579 $profile_link = build_profile_link(htmlspecialchars_uni($ban['username']), $ban['uid'], "_blank"); 580 $ban_date = my_date($mybb->settings['dateformat'], $ban['dateline']); 581 if($ban['lifted'] == 'perm' || $ban['lifted'] == '' || $ban['bantime'] == 'perm' || $ban['bantime'] == '---') 582 { 583 $ban_period = $lang->permenantly; 584 $time_remaining = $lifts_on = $lang->na; 585 } 586 else 587 { 588 $ban_period = $lang->for." ".$ban_times[$ban['bantime']]; 589 590 $remaining = $ban['lifted']-TIME_NOW; 591 $time_remaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; 592 593 if($remaining < 3600) 594 { 595 $time_remaining = "<span style=\"color: red;\">{$time_remaining}</span>"; 596 } 597 else if($remaining < 86400) 598 { 599 $time_remaining = "<span style=\"color: maroon;\">{$time_remaining}</span>"; 600 } 601 else if($remaining < 604800) 602 { 603 $time_remaining = "<span style=\"color: green;\">{$time_remaining}</span>"; 604 } 605 606 $lifts_on = my_date($mybb->settings['dateformat'], $ban['lifted']); 607 } 608 609 if(!$ban['adminuser']) 610 { 611 if($ban['admin'] == 0) 612 { 613 $ban['adminuser'] = $lang->mybb_engine; 614 } 615 else 616 { 617 $ban['adminuser'] = $ban['admin']; 618 } 619 } 620 621 $table->construct_cell($lang->sprintf($lang->bannedby_x_on_x, $profile_link, htmlspecialchars_uni($ban['adminuser']), $ban_date, $ban_period)); 622 $table->construct_cell($lifts_on, array("class" => "align_center")); 623 $table->construct_cell($time_remaining, array("class" => "align_center")); 624 $table->construct_cell("<a href=\"index.php?module=user-banning&action=edit&uid={$ban['uid']}\">{$lang->edit}</a>", array("class" => "align_center")); 625 $table->construct_cell("<a href=\"index.php?module=user-banning&action=lift&uid={$ban['uid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_lift_ban}');\">{$lang->lift}</a>", array("class" => "align_center")); 626 $table->construct_cell("<a href=\"index.php?module=user-banning&action=prune&uid={$ban['uid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_prune}');\">{$lang->prune_threads_and_posts}</a>", array("class" => "align_center")); 627 $table->construct_row(); 628 } 629 630 if($table->num_rows() == 0) 631 { 632 $table->construct_cell($lang->no_banned_users, array("colspan" => "6")); 633 $table->construct_row(); 634 } 635 $table->output($lang->banned_accounts); 636 echo $pagination; 637 638 $page->output_footer(); 639 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |