echo $pendingAds > 0 ? 'Bold' : ''; ?> ">Advertisements<?php echo $pendingAds > 0 ? ' (' . $pendingAds . ')' : ''; ?> </a> <?php } ?> <?php if (buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) { ?> <h6>Control Panel</h6> <?php $bannedUsers = BuckysBanUser::getBannedUsersCount(); ?> <a href="/banned_users.php" class="accountSubLinks<?php echo $bannedUsers > 0 ? 'Bold' : ''; ?> ">Banned Users<?php echo $bannedUsers > 0 ? ' (' . $bannedUsers . ')' : ''; ?> </a> <br/> <?php } ?> <h6>Settings</h6>
?> ">Send Friend Request</a> <br/> <?php } } } //Show Message ?> <a href="/messages_compose.php?to=<?php echo $profileID; ?> ">Send Message</a> <br/> <?php //For Community Moderator if (BuckysModerator::isModerator($userID) && !BuckysBanUser::isBannedUser($profileID)) { ?> <a href="/profile.php?action=ban-user&userID=<?php echo $profileID; ?> " onclick="return confirm('<?php echo MSG_ARE_YOU_SURE_WANT_TO_BAN_THIS_USER; ?> ')">Ban User</a> <br/> <?php } //For Administrator if (buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) { ?>
echo base64_encode("/profile.php?user="******">Send Friend Request</a> <br/> <?php } } } //Show Message ?> <a href="/messages_compose.php?to=<?php echo $profileID; ?> ">Send Message</a> <br/> <?php //For Community Moderator if (BuckysModerator::isModerator($userID, MODERATOR_FOR_COMMUNITY) && !BuckysBanUser::isBannedUser($profileID)) { ?> <a href="/profile.php?action=ban-user&userID=<?php echo $profileID; ?> " onclick="return confirm('<?php echo MSG_ARE_YOU_SURE_WANT_TO_BAN_THIS_USER; ?> ')">Banned User</a><br /> <?php } //For Administrator if (buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) { ?> <a href="/banned_users.php?action=deletebyid&userID=<?php echo $profileID;
/** * Ban users * * @param Array $ids * @param Int $objectType * @param Int $moderatorType */ public function banUsers($ids, $objectType, $moderatorType) { global $db; if (!is_array($ids)) { $ids = array($ids); } $query = $db->prepare("SELECT * FROM " . TABLE_REPORTS . " WHERE objectType=%s AND reportID in (" . implode(", ", $ids) . ")", $objectType); $rows = $db->getResultsArray($query); foreach ($rows as $row) { //Getting User ID if ($row['objectType'] == 'post') { $query = "SELECT poster FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID']; } else { if ($row['objectType'] == 'comment') { $query = "SELECT commenter FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID']; } else { if ($row['objectType'] == 'message') { $query = "SELECT sender FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID']; } else { if ($row['objectType'] == 'topic') { $query = "SELECT creatorID FROM " . TABLE_FORUM_TOPICS . " WHERE topicID=" . $row['objectID']; } else { if ($row['objectType'] == 'reply') { $query = "SELECT creatorID FROM " . TABLE_FORUM_REPLIES . " WHERE replyID=" . $row['objectID']; } } } } } $userID = $db->getVar($query); if ($userID) { BuckysBanUser::banUser($userID); } } }
if ($_REQUEST['action'] == 'unban') { BuckysBanUser::unbanUsers($_REQUEST['bannedID']); buckys_redirect('/banned_users.php', MSG_UNBAN_USERS); } else { if ($_REQUEST['action'] == 'delete') { BuckysBanUser::deleteUsers($_REQUEST['bannedID']); buckys_redirect('/banned_users.php', MSG_DELETE_USERS); } else { if ($_REQUEST['action'] == 'deletebyid') { if (!isset($_REQUEST['userID']) || !BuckysUser::checkUserID($_REQUEST['userID'], false)) { buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } BuckysUser::deleteUserAccount($_REQUEST['userID']); buckys_redirect('/index.php', MSG_DELETE_USERS); } } } exit; } $page = isset($_GET['page']) ? $_GET['page'] : 1; $totalCount = BuckysBanUser::getBannedUsersCount(); //Init Pagination Class $pagination = new Pagination($totalCount, BuckysBanUser::$COUNT_PER_PAGE, $page); $page = $pagination->getCurrentPage(); $users = BuckysBanUser::getBannedUsers($page, BuckysBanUser::$COUNT_PER_PAGE); buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('moderator.css'); buckys_enqueue_javascript('banned_users.js'); $BUCKYS_GLOBALS['content'] = 'banned_users'; $BUCKYS_GLOBALS['title'] = "Manage Banned Users - BuckysRoom"; require DIR_FS_TEMPLATE . $BUCKYS_GLOBALS['template'] . "/" . $BUCKYS_GLOBALS['layout'] . ".php";
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID $userID = buckys_is_logged_in(); //Process Some Actions if (isset($_GET['action']) && $_GET['action'] == 'ban-user') { if (!BuckysModerator::isModerator($userID)) { die(MSG_PERMISSION_DENIED); } if (!isset($_GET['userID']) || !BuckysUser::checkUserID($userID)) { buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Ban User BuckysBanUser::banUser($_GET['userID']); buckys_redirect('/index.php', MSG_BAN_USER); exit; } //Getting User ID from Parameter $profileID = buckys_escape_query_integer(isset($_GET['user']) ? $_GET['user'] : null); //If the parameter is null, goto homepage if (!$profileID) { buckys_redirect('/index.php'); } //Getting UserData from Id $userData = BuckysUser::getUserData($profileID); //Goto Homepage if the userID is not correct if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true) && !buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) { buckys_redirect('/index.php'); } $postType = isset($_GET['type']) ? $_GET['type'] : 'all';
/** * Ban users * * @param Array $ids * @return int */ public static function banUsers($ids) { global $db; if (!is_array($ids)) { $ids = [$ids]; } $query = "SELECT * FROM " . TABLE_REPORTS . " WHERE reportID IN (" . implode(", ", $ids) . ")"; $rows = $db->getResultsArray($query); $bannedUsers = 0; $adminUsers = 0; foreach ($rows as $row) { //Getting User ID if ($row['objectType'] == 'post') { $query = "SELECT poster FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID']; } else { if ($row['objectType'] == 'comment') { $query = "SELECT commenter FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID']; } else { if ($row['objectType'] == 'video_comment') { $query = "SELECT userID FROM " . TABLE_VIDEO_COMMENTS . " WHERE commentID=" . $row['objectID']; } else { if ($row['objectType'] == 'message') { $query = "SELECT sender FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID']; } else { if ($row['objectType'] == 'topic') { $query = "SELECT creatorID FROM " . TABLE_FORUM_TOPICS . " WHERE topicID=" . $row['objectID']; } else { if ($row['objectType'] == 'reply') { $query = "SELECT creatorID FROM " . TABLE_FORUM_REPLIES . " WHERE replyID=" . $row['objectID']; } } } } } } $userID = $db->getVar($query); if ($userID) { if (!buckys_check_user_acl(USER_ACL_MODERATOR, $userID)) { BuckysBanUser::banUser($userID); $bannedUsers++; } else { $adminUsers++; } } } if ($adminUsers > 0) { buckys_add_message(MSG_CAN_NOT_BAN_ADMIN, MSG_TYPE_NOTIFY); } return $bannedUsers; }