root/ip/trunk/card.php
Download diff| 155 | 157 | ||
|---|---|---|---|
84 | $is_auth = array(); | 84 | $is_auth = array(); |
85 | $is_auth = auth(AUTH_ALL, $forum_id, $userdata); | 85 | $is_auth = auth(AUTH_ALL, $forum_id, $userdata); |
86 | 86 | ||
87 | $no_error = true; | ||
88 | $already_banned = false; | ||
89 | |||
87 | if ($mode == 'report_reset') | 90 | if ($mode == 'report_reset') |
88 | { | 91 | { |
89 | if (! $is_auth['auth_mod']) | 92 | if (! $is_auth['auth_mod']) |
93 | { | ||
90 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); | 94 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); |
95 | } | ||
91 | 96 | ||
92 | $sql = 'SELECT p.post_subject, f.forum_name FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f WHERE p.post_id="' . $post_id . '" AND p.forum_id = f.forum_id'; | 97 | $sql = "SELECT p.post_subject, f.forum_name FROM " . POSTS_TABLE . " p, " . FORUMS_TABLE . " f WHERE p.post_id = '" . $post_id . "' AND p.forum_id = f.forum_id"; |
93 | $result = $db->sql_query($sql); | 98 | $result = $db->sql_query($sql); |
94 | $subject = $db->sql_fetchrow($result); | 99 | $subject = $db->sql_fetchrow($result); |
95 | $post_subject = $subject['post_subject']; | 100 | $post_subject = $subject['post_subject']; |
... | ... | ||
99 | $result = $db->sql_query($sql); | 104 | $result = $db->sql_query($sql); |
100 | message_die(GENERAL_MESSAGE, $lang['Post_reset'].'<br /><br />'. | 105 | message_die(GENERAL_MESSAGE, $lang['Post_reset'].'<br /><br />'. |
101 | sprintf($lang['Click_return_viewtopic'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . $forum_id_append . $topic_id_append . POST_POST_URL . '=' . $post_id . '#p' . $post_id). '">', '</a>')); | 106 | sprintf($lang['Click_return_viewtopic'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . $forum_id_append . $topic_id_append . POST_POST_URL . '=' . $post_id . '#p' . $post_id). '">', '</a>')); |
102 | |||
103 | } | 107 | } |
104 | elseif ($mode == 'report') | 108 | elseif ($mode == 'report') |
105 | { | 109 | { |
... | ... | ||
110 | 114 | ||
111 | $sql = 'SELECT f.forum_name, p.topic_id FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f WHERE p.post_id = "' . $post_id . '" AND p.forum_id = f.forum_id'; | 115 | $sql = 'SELECT f.forum_name, p.topic_id FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f WHERE p.post_id = "' . $post_id . '" AND p.forum_id = f.forum_id'; |
112 | $result = $db->sql_query($sql); | 116 | $result = $db->sql_query($sql); |
113 | |||
114 | $post_details = $db->sql_fetchrow($result); | 117 | $post_details = $db->sql_fetchrow($result); |
115 | $forum_name = $post_details['forum_name']; | 118 | $forum_name = $post_details['forum_name']; |
116 | $topic_id = $post_details['topic_id']; | 119 | $topic_id = $post_details['topic_id']; |
120 | |||
117 | $sql = 'SELECT p.post_subject FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t WHERE t.topic_id = "' . $topic_id . '" AND p.post_id = t.topic_first_post_id'; | 121 | $sql = 'SELECT p.post_subject FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t WHERE t.topic_id = "' . $topic_id . '" AND p.post_id = t.topic_first_post_id'; |
118 | $result = $db->sql_query($sql); | 122 | $result = $db->sql_query($sql); |
119 | $post_details = $db->sql_fetchrow($result); | 123 | $post_details = $db->sql_fetchrow($result); |
... | ... | ||
122 | $sql = 'SELECT p.topic_id FROM ' . POSTS_TABLE . ' p WHERE p.post_subject = "(' . $post_id . ')' . $post_subject . '"'; | 126 | $sql = 'SELECT p.topic_id FROM ' . POSTS_TABLE . ' p WHERE p.post_subject = "(' . $post_id . ')' . $post_subject . '"'; |
123 | $result = $db->sql_query($sql); | 127 | $result = $db->sql_query($sql); |
124 | $post_details = $db->sql_fetchrow($result); | 128 | $post_details = $db->sql_fetchrow($result); |
125 | $allready_reported= ($blue_card) ? $post_details['topic_id'] : ''; | 129 | $allready_reported = ($blue_card) ? $post_details['topic_id'] : ''; |
126 | 130 | ||
127 | $blue_card++; | 131 | $blue_card++; |
128 | $sql = 'UPDATE ' . POSTS_TABLE . ' SET post_bluecard = "' . $blue_card . '" WHERE post_id = "' . $post_id . '"'; | 132 | $sql = 'UPDATE ' . POSTS_TABLE . ' SET post_bluecard = "' . $blue_card . '" WHERE post_id = "' . $post_id . '"'; |
... | ... | ||
213 | } | 217 | } |
214 | elseif ($mode == 'unban') | 218 | elseif ($mode == 'unban') |
215 | { | 219 | { |
216 | $no_error_ban = false; | ||
217 | if (! $is_auth['auth_greencard']) | 220 | if (! $is_auth['auth_greencard']) |
218 | { | 221 | { |
219 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); | 222 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); |
... | ... | ||
234 | $message = $lang['Ban_update_green'] . '<br /><br />' . sprintf($lang['Send_PM_user'], '<a href="' . append_sid('privmsg.' . PHP_EXT .
'?mode=post&u=' . $poster_id) . '">', '</a>'); | 237 | $message = $lang['Ban_update_green'] . '<br /><br />' . sprintf($lang['Send_PM_user'], '<a href="' . append_sid('privmsg.' . PHP_EXT .
'?mode=post&u=' . $poster_id) . '">', '</a>'); |
235 | $e_temp = 'ban_reactivated'; | 238 | $e_temp = 'ban_reactivated'; |
236 | //$e_subj = $lang['Ban_reactivate']; | 239 | //$e_subj = $lang['Ban_reactivate']; |
237 | $no_error_ban = true; | ||
238 | } | 240 | } |
239 | elseif ($mode == 'ban') | 241 | elseif ($mode == 'ban') |
240 | { | 242 | { |
241 | $no_error_ban = false; | ||
242 | if (!$is_auth['auth_ban']) | 243 | if (!$is_auth['auth_ban']) |
243 | { | 244 | { |
244 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); | 245 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); |
... | ... | ||
265 | $result = $db->sql_query($sql); | 266 | $result = $db->sql_query($sql); |
266 | $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET session_logged_in="0" WHERE session_user_id="' . $poster_id . '"'; | 267 | $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET session_logged_in="0" WHERE session_user_id="' . $poster_id . '"'; |
267 | $result = $db->sql_query($sql); | 268 | $result = $db->sql_query($sql); |
268 | $no_error_ban = true; | ||
269 | $message = $lang['Ban_update_red']; | 269 | $message = $lang['Ban_update_red']; |
270 | $e_temp = 'ban_block'; | 270 | $e_temp = 'ban_block'; |
271 | //$e_subj = $lang['Card_banned']; | 271 | //$e_subj = $lang['Card_banned']; |
272 | } | 272 | } |
273 | else | 273 | else |
274 | { | 274 | { |
275 | $no_error_ban = true; | ||
276 | $message = $lang['user_already_banned']; | 275 | $message = $lang['user_already_banned']; |
277 | } | 276 | } |
278 | } | 277 | } |
... | ... | ||
282 | { | 281 | { |
283 | message_die(GENERAL_ERROR, "Protect user account mod not installed, this is required for this operation"); | 282 | message_die(GENERAL_ERROR, "Protect user account mod not installed, this is required for this operation"); |
284 | } | 283 | } |
285 | $no_error_ban = false; | ||
286 | if (! $is_auth['auth_ban']) | 284 | if (! $is_auth['auth_ban']) |
287 | { | 285 | { |
288 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); | 286 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); |
289 | } | 287 | } |
290 | // look up the user | 288 | // look up the user |
291 | $sql = 'SELECT user_active, user_level FROM ' . USERS_TABLE . ' WHERE user_id="' . $poster_id . '"'; | 289 | $sql = "SELECT user_active, user_level FROM " . USERS_TABLE . " WHERE user_id = '" . $poster_id . "'"; |
292 | $result = $db->sql_query($sql); | 290 | $result = $db->sql_query($sql); |
293 | $the_user = $db->sql_fetchrow($result); | 291 | $the_user = $db->sql_fetchrow($result); |
294 | if (($the_user['user_level'] == ADMIN) || ($the_user['user_level'] == JUNIOR_ADMIN)) | 292 | if (($the_user['user_level'] == ADMIN) || ($the_user['user_level'] == JUNIOR_ADMIN)) |
... | ... | ||
296 | message_die(GENERAL_ERROR, $lang['Block_no_admin']); | 294 | message_die(GENERAL_ERROR, $lang['Block_no_admin']); |
297 | } | 295 | } |
298 | // update the user table with new status | 296 | // update the user table with new status |
299 | $sql = 'UPDATE ' . USERS_TABLE . ' SET user_block_by="' . $user_ip . '", user_blocktime="' . (time() + $config['RY_block_time'] * 60).'" WHERE user_id="' . $poster_id . '"'; | 297 | $sql = "UPDATE " . USERS_TABLE . " SET user_block_by = '" . $user_ip . "', user_blocktime = '" . (time() + $config['RY_block_time'] * 60) . "' WHERE user_id = '" . $poster_id . "'"; |
300 | $result = $db->sql_query($sql); | 298 | $result = $db->sql_query($sql); |
301 | 299 | ||
302 | $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET session_logged_in="0", session_user_id=".ANONYMOUS." WHERE session_user_id="' . $poster_id . '"'; | 300 | $sql = "UPDATE " . SESSIONS_TABLE . " SET session_logged_in = '0', session_user_id = '" . ANONYMOUS . "' WHERE session_user_id = '" . $poster_id . "'"; |
303 | $result = $db->sql_query($sql); | 301 | $result = $db->sql_query($sql); |
304 | 302 | ||
305 | $no_error_ban = true; | ||
306 | $block_time = make_time_text ($config['RY_block_time']); | 303 | $block_time = make_time_text ($config['RY_block_time']); |
307 | $message = sprintf($lang['Block_update'],$block_time) . '<br /><br />' . sprintf($lang['Send_PM_user'], '<a href="' . append_sid('privmsg.'
. PHP_EXT . '?mode=post&' . POST_USERS_URL . '=' . $poster_id) . '">', '</a>'); | 304 | $message = sprintf($lang['Block_update'],$block_time) . '<br /><br />' . sprintf($lang['Send_PM_user'], '<a href="' . append_sid('privmsg.'
. PHP_EXT . '?mode=post&' . POST_USERS_URL . '=' . $poster_id) . '">', '</a>'); |
308 | $e_temp = 'card_block'; | 305 | $e_temp = 'card_block'; |
... | ... | ||
310 | } | 307 | } |
311 | elseif ($mode == 'warn') | 308 | elseif ($mode == 'warn') |
312 | { | 309 | { |
313 | $no_error_ban = false; | ||
314 | if (!$is_auth['auth_ban']) | 310 | if (!$is_auth['auth_ban']) |
315 | { | 311 | { |
316 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); | 312 | message_die(GENERAL_ERROR, $lang['Not_Authorized']); |
... | ... | ||
341 | // update the user table with new status | 337 | // update the user table with new status |
342 | $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET session_logged_in = "0" WHERE session_user_id = "' . $poster_id . '"'; | 338 | $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET session_logged_in = "0" WHERE session_user_id = "' . $poster_id . '"'; |
343 | $result = $db->sql_query($sql); | 339 | $result = $db->sql_query($sql); |
344 | $no_error_ban = true; | ||
345 | $message = $lang['Ban_update_red']; | 340 | $message = $lang['Ban_update_red']; |
346 | $e_temp = 'ban_block'; | 341 | $e_temp = 'ban_block'; |
347 | // $e_subj = $lang['Ban_blocked']; | 342 | // $e_subj = $lang['Ban_blocked']; |
348 | } | 343 | } |
349 | else | 344 | else |
350 | { | 345 | { |
351 | $no_error_ban = true; | 346 | $already_banned = true; |
352 | $message = $lang['user_already_banned']; | ||
353 | } | 347 | } |
354 | } | 348 | } |
355 | else | 349 | else |
356 | { | 350 | { |
357 | // the user shall not be baned this time, update the counter | 351 | // the user shall not be baned this time, update the counter |
358 | $message = sprintf($lang['Ban_update_yellow'], ($the_user['user_warnings'] + 1), $config['max_user_bancard']) . '<br /><br />' .
sprintf($lang['Send_PM_user'], '<a href="' . append_sid('privmsg.' . PHP_EXT . '?mode=post&u=' . $poster_id) . '">', '</a>'); | 352 | $message = sprintf($lang['Ban_update_yellow'], ($the_user['user_warnings'] + 1), $config['max_user_bancard']) . '<br /><br />' .
sprintf($lang['Send_PM_user'], '<a href="' . append_sid('privmsg.' . PHP_EXT . '?mode=post&u=' . $poster_id) . '">', '</a>'); |
359 | $no_error_ban = true; | ||
360 | $e_temp = 'ban_warning'; | 353 | $e_temp = 'ban_warning'; |
361 | // $e_subj = $lang['Ban_warning']; | 354 | // $e_subj = $lang['Ban_warning']; |
362 | } | 355 | } |
363 | } | 356 | } |
357 | else | ||
358 | { | ||
359 | $no_error = false; | ||
360 | } | ||
364 | 361 | ||
365 | if ($no_error_ban) | 362 | if ($no_error) |
366 | { | 363 | { |
367 | $sql = 'SELECT username, user_warnings, user_email, user_lang FROM ' . USERS_TABLE . ' WHERE user_id="' . $poster_id . '"'; | 364 | $sql = 'SELECT username, user_warnings, user_email, user_lang FROM ' . USERS_TABLE . ' WHERE user_id = "' . $poster_id . '"'; |
368 | $result = $db->sql_query($sql); | 365 | $result = $db->sql_query($sql); |
369 | $warning_data = $db->sql_fetchrow($result); | 366 | $warning_data = $db->sql_fetchrow($result); |
370 | if (!empty($warning_data['user_email'])) | 367 | if (!empty($warning_data['user_email'])) |
... | ... | ||
406 | $message .= '<br /><br />' . $lang['user_no_email']; | 403 | $message .= '<br /><br />' . $lang['user_no_email']; |
407 | } | 404 | } |
408 | } | 405 | } |
406 | elseif ($already_banned) | ||
407 | { | ||
408 | $message = $lang['user_already_banned']; | ||
409 | } | ||
409 | else | 410 | else |
410 | { | 411 | { |
411 | $message = 'Error in card.php file'; | 412 | $message = 'Error in card.php file'; |
... | ... | ||
415 | $db->clear_cache('ban_', USERS_CACHE_FOLDER); | 416 | $db->clear_cache('ban_', USERS_CACHE_FOLDER); |
416 | 417 | ||
417 | $message .= ($post_id != '-1') ? '<br /><br />' . sprintf($lang['Click_return_viewtopic'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . $forum_id_append . $topic_id_append . POST_POST_URL . '=' . $post_id . '#p' . $post_id) . '">', '</a>') : '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_FORUM). '">', '</a>'); | 418 | $message .= ($post_id != '-1') ? '<br /><br />' . sprintf($lang['Click_return_viewtopic'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . $forum_id_append . $topic_id_append . POST_POST_URL . '=' . $post_id . '#p' . $post_id) . '">', '</a>') : '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_FORUM). '">', '</a>'); |
419 | |||
418 | message_die(GENERAL_MESSAGE, $message); | 420 | message_die(GENERAL_MESSAGE, $message); |
419 | 421 | ||
420 | ?> | 422 | ?> |