leftypol
/
leftypol
4
5
Fork 2
Code Issues 51 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

various bug fixed, introduced ban ID, temporarily broke caching bans with memcached

pull/40/head
Savetheinternet 13 years ago
parent
1fe672fed2
commit
c4c6a98396
6 changed files with 109 additions and 113 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      inc/config.php
  2. 9
      inc/functions.php
  3. 17
      inc/mod.php
  4. 5
      install.php
  5. 7
      install.sql
  6. 166
      mod.php

18
inc/config.php
View File

@ -736,16 +736,14 @@
// Remote servers
// http://tinyboard.org/wiki/index.php?title=Multiple_Servers
//$config['remote'] = Array(
// 'static' => Array(
// 'host' => 'static.example.org',
// 'auth' => Array(
// 'method' => 'plain',
// 'username' => 'username',
// 'password' => 'password!123'
// ),
// 'type' => 'scp'
// )
//$config['remote']['static'] = Array(
// 'host' => 'static.example.org',
// 'auth' => Array(
// 'method' => 'plain',
// 'username' => 'username',
// 'password' => 'password!123'
// ),
// 'type' => 'scp'
//);
// Enable reCaptcha to make spam even harder

9
inc/functions.php
View File

@ -477,13 +477,6 @@
return;
}
if($config['memcached']['enabled']) {
// Cached ban?
if($ban = $memcached->get("ban_${board}_${_SERVER['REMOTE_ADDR']}")) {
displayBan($ban);
}
}
$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':board', $board);
@ -512,8 +505,6 @@
return;
}
if($config['memcached']['enabled'])
$memcached->set("ban_${board}_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
displayBan($ban);
}
}

17
inc/mod.php
View File

@ -273,5 +273,20 @@
'</form>' .
'</fieldset>';
}
function removeBan($id) {
global $config;
$query = prepare("DELETE FROM `bans` WHERE `id` = :id");
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($config['memcached']['enabled']) {
// Remove cached ban
// TODO
$memcached->delete("ban_{$id}");
}
}
?>

5
install.php
View File

@ -1,6 +1,6 @@
<?php
// Installation/upgrade file
define('VERSION', 'v0.9.3-dev-4');
define('VERSION', 'v0.9.3-dev-5');
require 'inc/functions.php';
require 'inc/display.php';
@ -82,6 +82,9 @@
case 'v0.9.3-dev-3':
// Board-specifc bans
query("ALTER TABLE `bans` ADD `board` SMALLINT NULL AFTER `reason`") or error(db_error());
case 'v0.9.3-dev-4':
// add ban ID
query("ALTER TABLE `bans` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY ( `id` ), ADD UNIQUE (`id`)");
case false:
// Update version number
file_write($config['has_installed'], VERSION);

7
install.sql
View File

@ -19,13 +19,16 @@ SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
--
CREATE TABLE IF NOT EXISTS `bans` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`ip` varchar(45) NOT NULL,
`mod` int(11) NOT NULL COMMENT 'which mod made the ban',
`set` int(11) NOT NULL,
`expires` int(11) DEFAULT NULL,
`reason` text,
`board` smallint(6) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
`board` smallint(6) DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
--
-- Dumping data for table `bans`

166
mod.php
View File

@ -89,7 +89,7 @@
// Boards
$fieldset['Boards'] .= ulBoards();
if($mod['type'] >= $config['mod']['noticeboard']) {
if(hasPermission($config['mod']['noticeboard'])) {
$query = prepare("SELECT * FROM `noticeboard` ORDER BY `id` DESC LIMIT :limit");
$query->bindValue(':limit', $config['mod']['noticeboard_dashboard'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@ -141,33 +141,33 @@
$fieldset['Noticeboard'] .= '<li><a href="?/news">News</a></li>';
}
if($mod['type'] >= $config['mod']['reports']) {
if(hasPermission($config['mod']['reports'])) {
$fieldset['Administration'] .= '<li><a href="?/reports">Report queue</a></li>';
}
if($mod['type'] >= $config['mod']['view_banlist']) {
if(hasPermission($config['mod']['view_banlist'])) {
$fieldset['Administration'] .= '<li><a href="?/bans">Ban list</a></li>';
}
if($mod['type'] >= $config['mod']['manageusers']) {
if(hasPermission($config['mod']['manageusers'])) {
$fieldset['Administration'] .= '<li><a href="?/users">Manage users</a></li>';
}
if($mod['type'] >= $config['mod']['modlog']) {
if(hasPermission($config['mod']['modlog'])) {
$fieldset['Administration'] .= '<li><a href="?/log">Moderation log</a></li>';
}
if($mod['type'] >= $config['mod']['rebuild']) {
if(hasPermission($config['mod']['rebuild'])) {
$fieldset['Administration'] .= '<li><a href="?/rebuild">Rebuild static files</a></li>';
}
if($mod['type'] >= $config['mod']['rebuild'] && $config['memcached']['enabled']) {
if(hasPermission($config['mod']['rebuild']) && $config['memcached']['enabled']) {
$fieldset['Administration'] .= '<li><a href="?/flush">Clear cache</a></li>';
}
if($mod['type'] >= $config['mod']['show_config']) {
if(hasPermission($config['mod']['show_config'])) {
$fieldset['Administration'] .= '<li><a href="?/config">Show configuration</a></li>';
}
if($mod['type'] >= $config['mod']['themes']) {
if(hasPermission($config['mod']['themes'])) {
$fieldset['Themes'] .= '<li><a href="?/themes">Manage themes</a></li>';
}
if($mod['type'] >= $config['mod']['search']) {
if(hasPermission($config['mod']['search'])) {
$fieldset['Search'] .= '<li><form style="display:inline" action="?/search" method="post">' .
'<label style="display:inline" for="search">Phrase:</label> ' .
'<input id="search" name="search" type="text" size="35" />' .
@ -530,7 +530,7 @@
}
$body .= '<div class="ban">' .
($mod['type'] >= $config['mod']['noticeboard_delete'] ?
(hasPermission($config['mod']['noticeboard_delete']) ?
'<span style="float:right;padding:2px"><a class="unimportant" href="?/noticeboard/delete/' . $notice['id'] . '">[delete]</a></span>'
: '') .
'<h2 id="' . $notice['id'] . '">' .
@ -568,11 +568,11 @@
} elseif(preg_match('/^\/news$/', $query)) {
$body = '';
if($mod['type'] >= $config['mod']['news']) {
if(hasPermission($config['mod']['news'])) {
if(isset($_POST['subject']) && isset($_POST['body']) && !empty($_POST['body'])) {
$query = prepare("INSERT INTO `news` VALUES (NULL, :name, :time, :subject, :body)");
if(isset($_POST['name']) && $mod['type'] >= $config['mod']['news_custom'])
if(isset($_POST['name']) && hasPermission($config['mod']['news_custom']))
$name = &$_POST['name'];
else
$name = &$mod['username'];
@ -591,7 +591,7 @@
$body .= '<fieldset><legend>New post</legend><form style="display:inline" action="" method="post"><table>' .
'<tr>' .
'<th>Name</th>' .
($mod['type'] >= $config['mod']['news_custom'] ?
(hasPermission($config['mod']['news_custom']) ?
'<td><input type="text" size="55" name="name" id="name" value="' . htmlentities($mod['username']) . '" /></td>'
:
'<td>' . $mod['username'] . '</td>') .
@ -612,7 +612,7 @@
$query->execute() or error(db_error($query));
while($news = $query->fetch()) {
$body .= '<div class="ban">' .
($mod['type'] >= $config['mod']['news_delete'] ?
(hasPermission($config['mod']['news_delete']) ?
'<span style="float:right;padding:2px"><a class="unimportant" href="?/news/delete/' . $news['id'] . '">[delete]</a></span>'
: '') .
'<h2 id="' . $news['id'] . '">' .
@ -672,7 +672,7 @@
} elseif(preg_match('/^\/PM\/(\d+)$/', $query, $match)) {
$id = &$match[1];
if($mod['type'] >= $config['mod']['master_pm']) {
if(hasPermission($config['mod']['master_pm'])) {
$query = prepare("SELECT `pms`.`id`, `time`, `sender`, `unread`, `to`, `message`, `username` FROM `pms` LEFT JOIN `mods` ON `mods`.`id` = `sender` WHERE `pms`.`id` = :id");
} else {
$query = prepare("SELECT `pms`.`id`, `time`, `sender`, `unread`, `to`, `message`, `username` FROM `pms` LEFT JOIN `mods` ON `mods`.`id` = `sender` WHERE `pms`.`id` = :id AND `to` = :mod");
@ -816,7 +816,7 @@
'<table>' .
'<tr><th>To</th><td>' .
($mod['type'] >= $config['mod']['editusers'] ?
(hasPermission($config['mod']['editusers']) ?
'<a href="?/users/' . $to['id'] . '">' . htmlentities($to['username']) . '</a>' :
htmlentities($to['username'])
) .
@ -964,7 +964,7 @@
'</td>' .
'<td style="white-space:nowrap">' .
($mod['type'] >= $config['mod']['promoteusers'] ?
(hasPermission($config['mod']['promoteusers']) ?
($_mod['type'] != ADMIN ?
'<a style="text-decoration:none" href="?/users/' . $_mod['id'] . '/promote" title="Promote"></a>'
:'') .
@ -973,11 +973,11 @@
:'')
: ''
) .
($mod['type'] >= $config['mod']['editusers'] ||
($mod['type'] >= $config['mod']['change_password'] && $_mod['id'] == $mod['id'])?
(hasPermission($config['mod']['editusers']) ||
(hasPermission($config['mod']['change_password']) && $_mod['id'] == $mod['id'])?
'<a class="unimportant" style="margin-left:5px;float:right" href="?/users/' . $_mod['id'] . '">[edit]</a>'
: '' ) .
($mod['type'] >= $config['mod']['create_pm'] ?
(hasPermission($config['mod']['create_pm']) ?
'<a class="unimportant" style="margin-left:5px;float:right" href="?/new_PM/' . $_mod['id'] . '">[PM]</a>'
: '' ) .
'</td></tr>';
@ -985,7 +985,7 @@
$body .= '</table>';
if($mod['type'] >= $config['mod']['createusers']) {
if(hasPermission($config['mod']['createusers'])) {
$body .= '<p style="text-align:center"><a href="?/users/new">Create new user</a></p>';
}
@ -1125,7 +1125,7 @@
error($config['error']['404']);
}
if($mod['type'] < $config['mod']['editusers'] && !($mod['type'] >= $config['mod']['change_password'] && $mod['id'] == $_mod['id'] && $change_password_only = true))
if(!hasPermission($config['mod']['editusers']) && !(hasPermission($config['mod']['change_password']) && $mod['id'] == $_mod['id'] && $change_password_only = true))
error($config['error']['noaccess']);
if((isset($_POST['username']) && isset($_POST['password'])) || (isset($change_password_only) && isset($_POST['password']))) {
@ -1221,7 +1221,7 @@
'</form> ' .
// Delete button
($mod['type'] >= $config['mod']['deleteusers'] ?
(hasPermission($config['mod']['deleteusers']) ?
'<p style="text-align:center"><a href="?/users/' . $_mod['id'] . '/delete">Delete user</a></p>'
:'') .
@ -1236,7 +1236,7 @@
);
}
} elseif(preg_match('/^\/reports$/', $query)) {
if($mod['type'] < $config['mod']['reports']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['reports'])) error($config['error']['noaccess']);
$body = '';
$reports = 0;
@ -1275,9 +1275,9 @@
'Report date: ' . date($config['post_date'], $report['time']) . '<br/>' .
'Reported by: <a href="?/IP/' . $report['ip'] . '">' . $report['ip'] . '</a><br/>' .
'<hr/>' .
($mod['type'] >= $config['mod']['report_dismiss'] ?
(hasPermission($config['mod']['report_dismiss']) ?
'<a title="Discard abuse report" href="?/reports/' . $report['id'] . '/dismiss">Dismiss</a> | ' : '') .
($mod['type'] >= $config['mod']['report_dismiss_ip'] ?
(hasPermission($config['mod']['report_dismiss_ip']) ?
'<a title="Discard all abuse reports by this user" href="?/reports/' . $report['id'] . '/dismiss/all">Dismiss+</a>' : '') .
'</div>';
@ -1312,7 +1312,7 @@
));
} elseif(preg_match('/^\/reports\/(\d+)\/dismiss(\/all)?$/', $query, $matches)) {
if(isset($matches[2]) && $matches[2] == '/all') {
if($mod['type'] < $config['mod']['report_dismiss_ip']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['report_dismiss_ip'])) error($config['error']['noaccess']);
$query = prepare("SELECT `ip` FROM `reports` WHERE `id` = :id");
$query->bindValue(':id', $matches[1], PDO::PARAM_INT);
@ -1326,7 +1326,7 @@
modLog('Dismissed all reports by ' . $report['ip']);
}
} else {
if($mod['type'] < $config['mod']['report_dismiss']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['report_dismiss'])) error($config['error']['noaccess']);
$query = prepare("SELECT `post`, `board` FROM `reports` WHERE `id` = :id");
$query->bindValue(':id', $matches[1], PDO::PARAM_INT);
@ -1344,13 +1344,13 @@
// Redirect
header('Location: ?/reports', true, $config['redirect_http']);
} elseif(preg_match('/^\/board\/(\w+)(\/delete)?$/', $query, $matches)) {
if($mod['type'] < $config['mod']['manageboards']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['manageboards'])) error($config['error']['noaccess']);
if(!openBoard($matches[1]))
error($config['error']['noboard']);
if(isset($matches[2]) && $matches[2] == '/delete') {
if($mod['type'] < $config['mod']['deleteboard']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['deleteboard'])) error($config['error']['noaccess']);
// Delete board
modLog('Deleted board ' . sprintf($config['board_abbreviation'], $board['uri']));
@ -1416,7 +1416,7 @@
'</form> ' .
// Delete button
($mod['type'] >= $config['mod']['deleteboard'] ?
(hasPermission($config['mod']['deleteboard']) ?
'<p style="text-align:center"><a href="?/board/' . $board['uri'] . '/delete">Delete board</a></p>'
:'') .
@ -1430,27 +1430,18 @@
));
}
} elseif(preg_match('/^\/bans$/', $query)) {
if($mod['type'] < $config['mod']['view_banlist']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['view_banlist'])) error($config['error']['noaccess']);
if(isset($_POST['unban'])) {
if($mod['type'] < $config['mod']['unban']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['unban'])) error($config['error']['noaccess']);
foreach($_POST as $post => $value) {
if(preg_match('/^ban_(\w+)_(.+)$/', $post, $m)) {
$m[1] = str_replace('_', '.', $m[2]);
$query = prepare("DELETE FROM `bans` WHERE `ip` = :ip");
$query->bindValue(':ip', $m[2]);
$query->execute() or error(db_error($query));
if($config['memcached']['enabled']) {
// Remove cached ban
// TODO
$memcached->delete("ban_{$m[1]}_${m[2]}");
}
if(preg_match('/^ban_(\d+)$/', $post, $m)) {
removeBan($m[1]);
}
}
}
if($mod['type'] >= $config['mod']['view_banexpired']) {
if(hasPermission($config['mod']['view_banexpired'])) {
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@ -1478,7 +1469,7 @@
'<td style="white-space: nowrap">' .
// Checkbox
'<input type="checkbox" name="ban_' . $ban['board'] . '_' . $ban['ip'] . '" id="ban_' . $ban['ip'] . '" /> ' .
'<input type="checkbox" name="ban_' . $ban['id'] . '" id="ban_' . $ban['id'] . '" /> ' .
// IP address
(preg_match('/^(\d+\.\d+\.\d+\.\d+|' . $config['ipv6_regex'] . ')$/', $ban['ip']) ?
@ -1514,7 +1505,7 @@
// Staff
'<td>' .
($mod['type'] < $config['mod']['view_banstaff'] ?
(!hasPermission($config['mod']['view_banstaff']) ?
($config['mod']['view_banquestionmark'] ?
'?'
:
@ -1533,7 +1524,7 @@
$body .= '</table>' .
($mod['type'] >= $config['mod']['unban'] ?
(hasPermission($config['mod']['unban']) ?
'<p style="text-align:center"><input name="unban" type="submit" value="Unban selected" /></p>'
: '') .
@ -1548,7 +1539,7 @@
)
);
} elseif(preg_match('/^\/flush$/', $query)) {
if($mod['type'] < $config['mod']['rebuild']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['rebuild'])) error($config['error']['noaccess']);
if(!$config['memcached']['enabled']) error('Memcached is not enabled.');
if($memcached->flush()) {
@ -1565,7 +1556,7 @@
'mod'=>true
));
} elseif(preg_match('/^\/rebuild$/', $query)) {
if($mod['type'] < $config['mod']['rebuild']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['rebuild'])) error($config['error']['noaccess']);
set_time_limit($config['mod']['rebuild_timelimit']);
@ -1604,7 +1595,7 @@
'mod'=>true
));
} elseif(preg_match('/^\/config$/', $query)) {
if($mod['type'] < $config['mod']['show_config']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['show_config'])) error($config['error']['noaccess']);
// Show instance-config.php
@ -1652,7 +1643,7 @@
)
);
} elseif(preg_match('/^\/new$/', $query)) {
if($mod['type'] < $config['mod']['newboard']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['newboard'])) error($config['error']['noaccess']);
// New board
$body = '';
@ -1770,7 +1761,7 @@
echo $page;
} elseif(preg_match('/^\/' . $regex['board'] . 'deletefile\/(\d+)$/', $query, $matches)) {
if($mod['type'] < $config['mod']['deletefile']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['deletefile'])) error($config['error']['noaccess']);
// Delete file from post
$boardName = &$matches[1];
@ -1792,7 +1783,7 @@
// Redirect
header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . 'delete\/(\d+)$/', $query, $matches)) {
if($mod['type'] < $config['mod']['delete']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['delete'])) error($config['error']['noaccess']);
// Delete post
$boardName = &$matches[1];
@ -1813,7 +1804,7 @@
// Redirect
header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . '(un)?sticky\/(\d+)$/', $query, $matches)) {
if($mod['type'] < $config['mod']['sticky']) error($config['error']['noaccess']);
if(!hasPermission($config['mod']['sticky'])) error($config['error']['noaccess']);
// Add/remove sticky
$boardName = &$matches[1];
@ -1925,7 +1916,7 @@
if(empty($_POST['ip']))
error(sprintf($config['error']['required'], 'IP address'));
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason, :board)");
$query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, :set, :expires, :reason, :board)");
// 1yr2hrs30mins
// 1y2h30m
@ -2007,7 +1998,7 @@
buildIndex();
}
if($mod['type'] >= $config['mod']['public_ban'] && isset($_POST['post']) && isset($_POST['board']) && isset($_POST['public_message']) && isset($_POST['message'])) {
if(hasPermission($config['mod']['public_ban']) && isset($_POST['post']) && isset($_POST['board']) && isset($_POST['public_message']) && isset($_POST['message'])) {
openBoard($_POST['board']);
$post = round($_POST['post']);
@ -2094,19 +2085,10 @@
$ip = $matches[1];
$host = $config['mod']['dns_lookup'] ? gethostbyaddr($ip) : false;
if($mod['type'] >= $config['mod']['unban'] && isset($_POST['unban'])) {
$query = prepare("DELETE FROM `bans` WHERE `ip` = :ip");
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
if($config['memcached']['enabled']) {
// Remove cached ban(s)
$boards = listBoards();
foreach($boards as &$_board) {
$memcached->delete("ban_{$_board['id']}_${ip}");
}
}
} elseif($mod['type'] >= $config['mod']['create_notes'] && isset($_POST['note'])) {
if(hasPermission($config['mod']['unban']) && isset($_POST['unban']) && isset($_POST['ban_id'])) {
removeBan($_POST['ban_id']);
header('Location: ?/IP/' . $ip, true, $config['redirect_http']);
} elseif(hasPermission($config['mod']['create_notes']) && isset($_POST['note'])) {
$query = prepare("INSERT INTO `ip_notes` VALUES(NULL, :ip, :mod, :time, :body)");
$query->bindValue(':ip', $ip);
$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
@ -2145,19 +2127,19 @@
'</a></legend>' . $temp . '</fieldset>';
}
if($mod['type'] >= $config['mod']['view_notes']) {
if(hasPermission($config['mod']['view_notes'])) {
$query = prepare("SELECT * FROM `ip_notes` WHERE `ip` = :ip ORDER BY `id` DESC");
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
if($query->rowCount() > 0 || $mod['type'] >= $config['mod']['create_notes'] ) {
if($query->rowCount() > 0 || hasPermission($config['mod']['create_notes'])) {
$body .= '<fieldset><legend>' .
$query->rowCount() . ' note' . ($query->rowCount() == 1 ?'' : 's') . ' on record' .
'</legend>';
if($query->rowCount() > 0) {
$body .= '<table class="modlog">' .
'<tr><th>Staff</th><th>Note</th><th>Date</th>' .
($mod['type'] >= $config['mod']['remove_notes'] ? '<th>Actions</th>' : '') .
(hasPermission($config['mod']['remove_notes']) ? '<th>Actions</th>' : '') .
'</td>';
while($note = $query->fetch()) {
@ -2166,7 +2148,7 @@
$_query->bindValue(':id', $note['mod']);
$_query->execute() or error(db_error($_query));
if($_mod = $_query->fetch()) {
if($mod['type'] >= $config['mod']['editusers'])
if(hasPermission($config['mod']['editusers']))
$staff = '<a href="?/users/' . $note['mod'] . '">' . htmlentities($_mod['username']) . '</a>';
else
$staff = $_mod['username'];
@ -2184,7 +2166,7 @@
'</td><td class="minimal">' .
date($config['post_date'], $note['time']) .
'</td>' .
($mod['type'] >= $config['mod']['remove_notes'] ?
(hasPermission($config['mod']['remove_notes']) ?
'<td class="minimal"><a class="unimportant" href="?/IP/' . $ip . '/deletenote/' . $note['id'] . '">[delete]</a></td>'
: '') .
'</tr>';
@ -2192,7 +2174,7 @@
$body .= '</table>';
}
if($mod['type'] >= $config['mod']['create_notes']) {
if(hasPermission($config['mod']['create_notes'])) {
$body .= '<form action="" method="post" style="text-align:center;margin:0">' .
'<table>' .
'<tr>' .
@ -2215,16 +2197,17 @@
}
}
if($mod['type'] >= $config['mod']['view_ban']) {
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
if(hasPermission($config['mod']['view_ban'])) {
$query = prepare("SELECT `bans`.*, `username` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
if($query->rowCount() > 0) {
$body .= '<fieldset><legend>Ban' . ($query->rowCount() == 1 ? '' : 's') . ' on record</legend><form action="" method="post" style="text-align:center">';
$body .= '<fieldset><legend>Ban' . ($query->rowCount() == 1 ? '' : 's') . ' on record</legend>';
while($ban = $query->fetch()) {
$body .= '<table style="width:400px;margin-bottom:10px;border-bottom:1px solid #ddd;padding:5px"><tr><th>Status</th><td>' .
$body .= '<form action="" method="post" style="text-align:center">' .
'<table style="width:400px;margin-bottom:10px;border-bottom:1px solid #ddd;padding:5px"><tr><th>Status</th><td>' .
($config['mod']['view_banexpired'] && $ban['expires'] != 0 && $ban['expires'] < time() ?
'Expired'
: 'Active') .
@ -2258,7 +2241,7 @@
// Staff
'<tr><th>Staff</th><td>' .
($mod['type'] < $config['mod']['view_banstaff'] ?
(!hasPermission($config['mod']['view_banstaff']) ?
($config['mod']['view_banquestionmark'] ?
'?'
:
@ -2270,18 +2253,21 @@
:
$ban['username']
) .
'</td></tr>' .
'</tr></table>';
'</td></tr></table>' .
'<input type="hidden" name="ban_id" value="' . $ban['id'] . '" />' .
'<input type="submit" name="unban" value="Remove ban' . ($query->rowCount() == 1 ? '' : 's') . '" ' .
(!hasPermission($config['mod']['unban']) ? 'disabled' : '') .
'/></form>';
}
$body .= '<input type="submit" name="unban" value="Remove ban' . ($query->rowCount() == 1 ? '' : 's') . '" ' .
($mod['type'] < $config['mod']['unban'] ? 'disabled' : '') .
'/></form></fieldset>';
$body .= '</fieldset>';
}
}
if($mod['type'] >= $config['mod']['ip_banform'])
if(hasPermission($config['mod']['ip_banform']))
$body .= form_newBan($ip, null, '?/IP/' . $ip);
echo Element('page.html', Array(

Write Preview
Loading…
Cancel
Save