Please make sure IN_MYBB is defined.");
}
$page->add_breadcrumb_item($lang->banning, "index.php?module=user-banning");
$sub_tabs['ips'] = array(
'title' => $lang->banned_ips,
'link' => "index.php?module=config-banning",
);
$sub_tabs['bans'] = array(
'title' => $lang->banned_accounts,
'link' => "index.php?module=user-banning",
'description' => $lang->banned_accounts_desc
);
$sub_tabs['usernames'] = array(
'title' => $lang->disallowed_usernames,
'link' => "index.php?module=config-banning&type=usernames",
);
$sub_tabs['emails'] = array(
'title' => $lang->disallowed_email_addresses,
'link' => "index.php?module=config-banning&type=emails",
);
// Fetch banned groups
$query = $db->simple_select("usergroups", "gid,title", "isbannedgroup=1", array('order_by' => 'title'));
$banned_groups = array();
while($group = $db->fetch_array($query))
{
$banned_groups[$group['gid']] = $group['title'];
}
// Fetch ban times
$ban_times = fetch_ban_times();
$plugins->run_hooks("admin_user_banning_begin");
if($mybb->input['action'] == "prune")
{
// User clicked no
if($mybb->get_input('no'))
{
admin_redirect("index.php?module=user-banning");
}
$query = $db->simple_select("banned", "*", "uid='{$mybb->input['uid']}'");
$ban = $db->fetch_array($query);
if(!$ban)
{
flash_message($lang->error_invalid_ban, 'error');
admin_redirect("index.php?module=user-banning");
}
$user = get_user($ban['uid']);
if(!$user || (is_super_admin($user['uid']) && ($mybb->user['uid'] != $user['uid'] && !is_super_admin($mybb->user['uid']))))
{
flash_message($lang->cannot_perform_action_super_admin_general, 'error');
admin_redirect("index.php?module=user-banning");
}
$plugins->run_hooks("admin_user_banning_prune");
if($mybb->request_method == "post")
{
require_once MYBB_ROOT."inc/class_moderation.php";
$moderation = new Moderation();
$query = $db->simple_select("threads", "tid", "uid='{$user['uid']}'");
while($thread = $db->fetch_array($query))
{
$moderation->delete_thread($thread['tid']);
}
$query = $db->simple_select("posts", "pid", "uid='{$user['uid']}'");
while($post = $db->fetch_array($query))
{
$moderation->delete_post($post['pid']);
}
$plugins->run_hooks("admin_user_banning_prune_commit");
$cache->update_reportedcontent();
// Log admin action
log_admin_action($user['uid'], $user['username']);
flash_message($lang->success_pruned, 'success');
admin_redirect("index.php?module=user-banning");
}
else
{
$page->output_confirm_action("index.php?module=user-banning&action=prune&uid={$user['uid']}", $lang->confirm_prune);
}
}
if($mybb->input['action'] == "lift")
{
// User clicked no
if($mybb->get_input('no'))
{
admin_redirect("index.php?module=user-banning");
}
$query = $db->simple_select("banned", "*", "uid='{$mybb->input['uid']}'");
$ban = $db->fetch_array($query);
if(!$ban)
{
flash_message($lang->error_invalid_ban, 'error');
admin_redirect("index.php?module=user-banning");
}
$user = get_user($ban['uid']);
if(!$user || (is_super_admin($user['uid']) && ($mybb->user['uid'] != $user['uid'] && !is_super_admin($mybb->user['uid']))))
{
flash_message($lang->cannot_perform_action_super_admin_general, 'error');
admin_redirect("index.php?module=user-banning");
}
$plugins->run_hooks("admin_user_banning_lift");
if($mybb->request_method == "post")
{
$updated_group = array(
'usergroup' => $ban['oldgroup'],
'additionalgroups' => $db->escape_string($ban['oldadditionalgroups']),
'displaygroup' => $ban['olddisplaygroup']
);
$db->delete_query("banned", "uid='{$ban['uid']}'");
$plugins->run_hooks("admin_user_banning_lift_commit");
$db->update_query("users", $updated_group, "uid='{$ban['uid']}'");
$cache->update_moderators();
// Log admin action
log_admin_action($ban['uid'], $user['username']);
flash_message($lang->success_ban_lifted, 'success');
admin_redirect("index.php?module=user-banning");
}
else
{
$page->output_confirm_action("index.php?module=user-banning&action=lift&uid={$ban['uid']}", $lang->confirm_lift_ban);
}
}
if($mybb->input['action'] == "edit")
{
$query = $db->simple_select("banned", "*", "uid='{$mybb->input['uid']}'");
$ban = $db->fetch_array($query);
if(!$ban)
{
flash_message($lang->error_invalid_ban, 'error');
admin_redirect("index.php?module=user-banning");
}
$user = get_user($ban['uid']);
$plugins->run_hooks("admin_user_banning_edit");
if($mybb->request_method == "post")
{
if(empty($ban['uid']))
{
$errors[] = $lang->error_invalid_username;
}
// Is the user we're trying to ban a super admin and we're not?
else if(is_super_admin($ban['uid']) && !is_super_admin($ban['uid']))
{
$errors[] = $lang->error_no_perm_to_ban;
}
if($ban['uid'] == $mybb->user['uid'])
{
$errors[] = $lang->error_ban_self;
}
// No errors? Update
if(!$errors)
{
// Ban the user
if($mybb->input['bantime'] == '---')
{
$lifted = 0;
}
else
{
$lifted = ban_date2timestamp($mybb->input['bantime'], $ban['dateline']);
}
$reason = my_substr($mybb->input['reason'], 0, 255);
if(count($banned_groups) == 1)
{
$group = array_keys($banned_groups);
$mybb->input['usergroup'] = $group[0];
}
$update_array = array(
'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
'dateline' => TIME_NOW,
'bantime' => $db->escape_string($mybb->input['bantime']),
'lifted' => $db->escape_string($lifted),
'reason' => $db->escape_string($reason)
);
$db->update_query('banned', $update_array, "uid='{$ban['uid']}'");
// Move the user to the banned group
$update_array = array(
'usergroup' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
'displaygroup' => 0,
'additionalgroups' => '',
);
$db->update_query('users', $update_array, "uid = {$ban['uid']}");
$plugins->run_hooks("admin_user_banning_edit_commit");
// Log admin action
log_admin_action($ban['uid'], $user['username']);
flash_message($lang->success_ban_updated, 'success');
admin_redirect("index.php?module=user-banning");
}
}
$page->add_breadcrumb_item($lang->edit_ban);
$page->output_header($lang->edit_ban);
$sub_tabs = array();
$sub_tabs['edit'] = array(
'title' => $lang->edit_ban,
'description' => $lang->edit_ban_desc
);
$page->output_nav_tabs($sub_tabs, "edit");
$form = new Form("index.php?module=user-banning&action=edit&uid={$ban['uid']}", "post");
if($errors)
{
$page->output_inline_error($errors);
}
else
{
$mybb->input = array_merge($mybb->input, $ban);
}
if(!empty($ban['gid']))
{
$mybb->input['usergroup'] = $ban['gid'];
}
else if(!empty($user['usergroup']))
{
$mybb->input['usergroup'] = $user['usergroup'];
}
else
{
$mybb->input['usergroup'] = 0;
}
$form_container = new FormContainer($lang->edit_ban);
$form_container->output_row($lang->ban_username, "", htmlspecialchars_uni($user['username']));
$form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason');
if(count($banned_groups) > 1)
{
$form_container->output_row($lang->ban_group, $lang->ban_group_desc, $form->generate_select_box('usergroup', $banned_groups, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup');
}
if($mybb->input['bantime'] == 'perm' || $mybb->input['bantime'] == '' || $mybb->input['lifted'] == 'perm' ||$mybb->input['lifted'] == '')
{
$mybb->input['bantime'] = '---';
$mybb->input['lifted'] = '---';
}
foreach($ban_times as $time => $period)
{
if($time != '---')
{
$friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time));
$period = "{$period} ({$friendly_time})";
}
$length_list[$time] = $period;
}
$form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime');
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->update_ban);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
}
if(!$mybb->input['action'])
{
$where_sql_full = $where_sql = '';
$plugins->run_hooks("admin_user_banning_start");
if($mybb->request_method == "post")
{
$options = array(
'fields' => array('username', 'usergroup', 'additionalgroups', 'displaygroup')
);
$user = get_user_by_username($mybb->input['username'], $options);
// Are we searching a user?
if(is_array($user) && isset($mybb->input['search']))
{
$where_sql = 'uid=\''.(int)$user['uid'].'\'';
$where_sql_full = 'WHERE b.uid=\''.(int)$user['uid'].'\'';
}
else
{
if(!$user)
{
$errors[] = $lang->error_invalid_username;
}
// Is the user we're trying to ban a super admin and we're not?
else if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid']))
{
$errors[] = $lang->error_no_perm_to_ban;
}
else
{
$query = $db->simple_select("banned", "uid", "uid='{$user['uid']}'");
if($db->fetch_field($query, "uid"))
{
$errors[] = $lang->error_already_banned;
}
// Get PRIMARY usergroup information
$usergroups = $cache->read("usergroups");
if(!empty($usergroups[$user['usergroup']]) && $usergroups[$user['usergroup']]['isbannedgroup'] == 1)
{
$errors[] = $lang->error_already_banned;
}
if($user['uid'] == $mybb->user['uid'])
{
$errors[] = $lang->error_ban_self;
}
}
// No errors? Insert
if(!$errors)
{
// Ban the user
if($mybb->input['bantime'] == '---')
{
$lifted = 0;
}
else
{
$lifted = ban_date2timestamp($mybb->input['bantime']);
}
$reason = my_substr($mybb->input['reason'], 0, 255);
if(count($banned_groups) == 1)
{
$group = array_keys($banned_groups);
$mybb->input['usergroup'] = $group[0];
}
$insert_array = array(
'uid' => $user['uid'],
'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
'oldgroup' => $user['usergroup'],
'oldadditionalgroups' => $db->escape_string($user['additionalgroups']),
'olddisplaygroup' => $user['displaygroup'],
'admin' => (int)$mybb->user['uid'],
'dateline' => TIME_NOW,
'bantime' => $db->escape_string($mybb->input['bantime']),
'lifted' => $db->escape_string($lifted),
'reason' => $db->escape_string($reason)
);
$db->insert_query('banned', $insert_array);
// Move the user to the banned group
$update_array = array(
'usergroup' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
'displaygroup' => 0,
'additionalgroups' => '',
);
$db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'");
$db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'");
$plugins->run_hooks("admin_user_banning_start_commit");
$db->update_query('users', $update_array, "uid = '{$user['uid']}'");
// Log admin action
log_admin_action($user['uid'], $user['username'], $lifted);
flash_message($lang->success_banned, 'success');
admin_redirect("index.php?module=user-banning");
}
}
}
$page->output_header($lang->banned_accounts);
$page->output_nav_tabs($sub_tabs, "bans");
$query = $db->simple_select("banned", "COUNT(*) AS ban_count", $where_sql);
$ban_count = $db->fetch_field($query, "ban_count");
$per_page = 20;
$mybb->input['page'] = $mybb->get_input('page', MyBB::INPUT_INT);
if($mybb->input['page'] > 0)
{
$current_page = $mybb->input['page'];
$start = ($current_page-1)*$per_page;
$pages = $ban_count / $per_page;
$pages = ceil($pages);
if($current_page > $pages)
{
$start = 0;
$current_page = 1;
}
}
else
{
$start = 0;
$current_page = 1;
}
$pagination = draw_admin_pagination($current_page, $per_page, $ban_count, "index.php?module=user-banning&page={page}");
$form = new Form("index.php?module=user-banning", "post");
if($errors)
{
$page->output_inline_error($errors);
}
$mybb->input['username'] = $mybb->get_input('username');
$mybb->input['reason'] = $mybb->get_input('reason');
$mybb->input['bantime'] = $mybb->get_input('bantime');
if(isset($mybb->input['uid']) && empty($mybb->input['username']))
{
$user = get_user($mybb->input['uid']);
$mybb->input['username'] = $user['username'];
}
if(empty($mybb->input['usergroup']))
{
if(!empty($mybb->settings['purgespammerbangroup']))
{
$mybb->input['usergroup'] = $mybb->settings['purgespammerbangroup'];
}
else if(count($banned_groups))
{
$group = array_keys($banned_groups);
$mybb->input['usergroup'] = $group[0];
}
else
{
$mybb->input['usergroup'] = 0;
}
}
$form_container = new FormContainer($lang->ban_a_user);
$form_container->output_row($lang->ban_username, $lang->autocomplete_enabled, $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username');
$form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason');
if(count($banned_groups) > 1)
{
$form_container->output_row($lang->ban_group, $lang->ban_group_desc, $form->generate_select_box('usergroup', $banned_groups, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup');
}
foreach($ban_times as $time => $period)
{
if($time != "---")
{
$friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time));
$period = "{$period} ({$friendly_time})";
}
$length_list[$time] = $period;
}
$form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime');
$form_container->end();
// Autocompletion for usernames
echo '
';
$buttons[] = $form->generate_submit_button($lang->ban_user);
$buttons[] = $form->generate_submit_button($lang->search_for_a_user, array('name' => 'search'));
$form->output_submit_wrapper($buttons);
$form->end();
echo '
';
$table = new Table;
$table->construct_header($lang->user);
$table->construct_header($lang->ban_lifts_on, array("class" => "align_center", "width" => 150));
$table->construct_header($lang->time_left, array("class" => "align_center", "width" => 150));
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2, "width" => 200));
$table->construct_header($lang->moderation, array("class" => "align_center", "colspan" => 1, "width" => 200));
// Fetch bans
$query = $db->query("
SELECT b.*, a.username AS adminuser, u.username
FROM ".TABLE_PREFIX."banned b
LEFT JOIN ".TABLE_PREFIX."users u ON (b.uid=u.uid)
LEFT JOIN ".TABLE_PREFIX."users a ON (b.admin=a.uid)
{$where_sql_full}
ORDER BY dateline DESC
LIMIT {$start}, {$per_page}
");
// Get the banned users
while($ban = $db->fetch_array($query))
{
$profile_link = build_profile_link(htmlspecialchars_uni($ban['username']), $ban['uid'], "_blank");
$ban_date = my_date($mybb->settings['dateformat'], $ban['dateline']);
if($ban['lifted'] == 'perm' || $ban['lifted'] == '' || $ban['bantime'] == 'perm' || $ban['bantime'] == '---')
{
$ban_period = $lang->permenantly;
$time_remaining = $lifts_on = $lang->na;
}
else
{
$ban_period = $lang->for." ".$ban_times[$ban['bantime']];
$remaining = $ban['lifted']-TIME_NOW;
$time_remaining = nice_time($remaining, array('short' => 1, 'seconds' => false))."";
if($remaining < 3600)
{
$time_remaining = "{$time_remaining}";
}
else if($remaining < 86400)
{
$time_remaining = "{$time_remaining}";
}
else if($remaining < 604800)
{
$time_remaining = "{$time_remaining}";
}
$lifts_on = my_date($mybb->settings['dateformat'], $ban['lifted']);
}
if(!$ban['adminuser'])
{
if($ban['admin'] == 0)
{
$ban['adminuser'] = $lang->mybb_engine;
}
else
{
$ban['adminuser'] = $ban['admin'];
}
}
$table->construct_cell($lang->sprintf($lang->bannedby_x_on_x, $profile_link, htmlspecialchars_uni($ban['adminuser']), $ban_date, $ban_period));
$table->construct_cell($lifts_on, array("class" => "align_center"));
$table->construct_cell($time_remaining, array("class" => "align_center"));
$table->construct_cell("{$lang->edit}", array("class" => "align_center"));
$table->construct_cell("post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_lift_ban}');\">{$lang->lift}", array("class" => "align_center"));
$table->construct_cell("post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_prune}');\">{$lang->prune_threads_and_posts}", array("class" => "align_center"));
$table->construct_row();
}
if($table->num_rows() == 0)
{
$table->construct_cell($lang->no_banned_users, array("colspan" => "6"));
$table->construct_row();
}
$table->output($lang->banned_accounts);
echo $pagination;
$page->output_footer();
}