From 2843ddc4826f250a8af6203cff437929ab807a41 Mon Sep 17 00:00:00 2001
From: Michael Save <savetheinternet@tinyboard.org>
Date: Fri, 13 Apr 2012 09:47:27 +1000
Subject: [PATCH] view bans / unban

---
 inc/mod/ban.php            | 19 +++++++---
 inc/mod/pages.php          | 18 ++++++++--
 inc/template.php           |  2 +-
 templates/mod/view_ip.html | 73 ++++++++++++++++++++++++++++++++++++++
 4 files changed, 103 insertions(+), 9 deletions(-)

diff --git a/inc/mod/ban.php b/inc/mod/ban.php
index 236b2b14..33b64975 100644
--- a/inc/mod/ban.php
+++ b/inc/mod/ban.php
@@ -10,7 +10,7 @@ if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
 }
 
 function parse_time($str) {
-	if(empty($str))
+	if (empty($str))
 		return false;
 	
 	if (($time = @strtotime($str)) !== false)
@@ -55,16 +55,18 @@ function parse_time($str) {
 function ban($mask, $reason, $length, $board) {
 	global $mod;
 	
-	$query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, UNIX_TIMESTAMP(), :expires, :reason, :board)");
+	$query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, :time, :expires, :reason, :board)");
 	$query->bindValue(':ip', $mask);
 	$query->bindValue(':mod', $mod['id']);
-	if ($reason !== '')
+	$query->bindValue(':time', time());
+	if ($reason !== '') {
+		markup($reason);
 		$query->bindValue(':reason', $reason);
-	else
+	} else
 		$query->bindValue(':reason', null, PDO::PARAM_NULL);
 	
 	if ($length > 0)
-		$query->bindValue(':expires', time() + $length);
+		$query->bindValue(':expires', $length);
 	else
 		$query->bindValue(':expires', null, PDO::PARAM_NULL);
 	
@@ -75,3 +77,10 @@ function ban($mask, $reason, $length, $board) {
 	
 	$query->execute() or error(db_error($query));
 }
+
+function unban($id) {
+	$query = prepare("DELETE FROM `bans` WHERE `id` = :id");
+	$query->bindValue(':id', $id);
+	$query->execute() or error(db_error($query));
+}
+
diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index c00cd672..e7e4f065 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -94,9 +94,17 @@ function mod_view_thread($boardName, $thread) {
 function mod_page_ip($ip) {
 	global $config, $mod;
 	
-	if(filter_var($ip, FILTER_VALIDATE_IP) === false)
+	if (filter_var($ip, FILTER_VALIDATE_IP) === false)
 		error("Invalid IP address.");
 	
+	if (isset($_POST['ban_id'], $_POST['unban'])) {
+		require_once 'inc/mod/ban.php';
+		
+		unban($_POST['ban_id']);
+		header('Location: ?/IP/' . $ip, true, $config['redirect_http']);
+		return;
+	}
+	
 	$args = array();
 	$args['ip'] = $ip;
 	$args['posts'] = array();
@@ -134,6 +142,11 @@ function mod_page_ip($ip) {
 	
 	$args['boards'] = $boards;
 	
+	$query = prepare("SELECT `bans`.*, `username` FROM `bans` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
+	$query->bindValue(':ip', $ip);
+	$query->execute() or error(db_error($query));
+	$args['bans'] = $query->fetchAll(PDO::FETCH_ASSOC);	
+	
 	mod_page("IP: $ip", 'mod/view_ip.html', $args);
 }
 
@@ -147,8 +160,7 @@ function mod_page_ban() {
 	
 	ban($_POST['ip'], $_POST['reason'], parse_time($_POST['length']), $_POST['board'] == '*' ? false : $_POST['board']);
 	
-	
-	if(isset($_POST['redirect']))
+	if (isset($_POST['redirect']))
 		header('Location: ' . $_POST['redirect'], true, $config['redirect_http']);
 	else
 		header('Location: ?/', true, $config['redirect_http']);
diff --git a/inc/template.php b/inc/template.php
index 8d679d25..ab220454 100644
--- a/inc/template.php
+++ b/inc/template.php
@@ -26,7 +26,7 @@ function load_twig() {
 	$loader->setPaths($config['dir']['template']);
 	$twig = new Twig_Environment($loader, array(
 		'autoescape' => false,
-		'cache' => "{$config['dir']['template']}/cache",
+		//'cache' => "{$config['dir']['template']}/cache",
 		'debug' => ($config['debug'] ? true : false),
 	));
 	$twig->addExtension(new Twig_Extensions_Extension_Tinyboard());
diff --git a/templates/mod/view_ip.html b/templates/mod/view_ip.html
index 3b558e4b..a9676dd7 100644
--- a/templates/mod/view_ip.html
+++ b/templates/mod/view_ip.html
@@ -11,6 +11,79 @@
 
 {% set redirect = '?/IP/' ~ ip %}
 
+{% if bans|count > 0 %}
+	<fieldset>
+		<legend>Ban{% if bans|count != 1 %}s{% endif %} on record</legend>
+		
+		{% for ban in bans %}
+			<form action="" method="post" style="text-align:center">
+				<table style="width:400px;margin-bottom:10px;border-bottom:1px solid #ddd;padding:5px">
+					<tr>
+						<th>Status</th>
+						<td>
+							{% if config.mod.view_banexpired and ban.expires != 0 and ban.expires < time() %}
+								Expired
+							{% else %}
+								Active
+							{% endif %}
+						</td>
+					</tr>
+					<tr>
+						<th>IP</th>
+						<td>{{ ban.ip }}</td>
+					</tr>
+					<tr>
+						<th>Reason</th>
+						<td>
+							{% if ban.reason %}
+								{{ ban.reason }}
+							{% else %}
+								<em>no reason</em>
+							{% endif %}
+						</td>
+					</tr>
+					<tr>
+						<th>Board</th>
+						<td>
+							{% if ban.board %}
+								{{ config.board_abbreviation|sprintf(ban.board) }}
+							{% else %}
+								<em>all boards</em>
+							{% endif %}
+						</td>
+					</tr>
+					<tr>
+						<th>Set</th>
+						<td>{{ ban.set|date(config.post_date) }}</td>
+					</tr>
+					<tr>
+						<th>Expires</th>
+						<td>
+							{% if ban.expires %}
+								{{ ban.expires|date(config.post_date) }}
+							{% else %}
+								<em>never</em>
+							{% endif %}
+						</td>
+					</tr>
+					<tr>
+						<th>Staff</th>
+						<td>
+							{% if ban.username %}
+								{{ ban.username }}
+							{% else %}
+								<em>deleted?</em>
+							{% endif %}
+						</td>
+					</tr>
+				</table>
+				<input type="hidden" name="ban_id" value="{{ ban.id }}">
+				<input type="submit" name="unban" value="Remove ban">
+			</form>
+		{% endfor %}
+	</fieldset>
+{% endif %}
+
 <fieldset>
 	<legend>New ban</legend>
 	{% include 'mod/ban_form.html' %}