diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index c56570a5..11e89b9a 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -969,6 +969,11 @@ function mod_user($uid) {
}
function mod_user_new() {
+ global $pdo;
+
+ if (!hasPermission($config['mod']['createusers']))
+ error($config['error']['noaccess']);
+
if (isset($_POST['username'], $_POST['password'], $_POST['type'])) {
if ($_POST['username'] == '')
error(sprintf($config['error']['required'], 'username'));
@@ -1001,6 +1006,10 @@ function mod_user_new() {
$query->bindValue(':boards', implode(',', $boards));
$query->execute() or error(db_error($query));
+ $uid = $pdo->lastInsertId();
+
+ modLog('Created a new user: ' . utf8tohtml($_POST['username']) . ' (#' . $userID . ')');
+
header('Location: ?/users', true, $config['redirect_http']);
return;
}
@@ -1040,6 +1049,9 @@ function mod_user_promote($uid, $action) {
function mod_pm($id, $reply = false) {
global $mod, $config;
+ if ($reply && !hasPermission($config['mod']['create_pm']))
+ error($config['error']['noaccess']);
+
$query = prepare("SELECT `mods`.`username`, `mods_to`.`username` AS `to_username`, `pms`.* FROM `pms` LEFT JOIN `mods` ON `mods`.`id` = `sender` LEFT JOIN `mods` AS `mods_to` ON `mods_to`.`id` = `to` WHERE `pms`.`id` = :id");
$query->bindValue(':id', $id);
$query->execute() or error(db_error($query));
diff --git a/templates/mod/pm.html b/templates/mod/pm.html
index c66dc883..c62cae58 100644
--- a/templates/mod/pm.html
+++ b/templates/mod/pm.html
@@ -20,7 +20,8 @@
{% endif %}
| {% trans 'Date' %} |
- {{ time|date(config.post_date) }} |
+ {{ time|date(config.post_date) }} ({{ time|ago }} ago) |
+
| {% trans 'Message' %} |
@@ -32,10 +33,12 @@
-
-
- {% trans 'Reply with quote' %}
-
-
+ {% if mod|hasPermission(config.mod.create_pm) %}
+
+
+ {% trans 'Reply with quote' %}
+
+
+ {% endif %}