header("Location: log.php?search=User+{$UserID}");
}
$Cur = $DB->next_record(MYSQLI_ASSOC, false);
if ($_POST['comment_hash'] != $Cur['CommentHash']) {
error("Somebody else has moderated this user since you loaded it. Please go back and refresh the page.");
}
//NOW that we know the class of the current user, we can see if one staff member is trying to hax0r us.
if (!check_perms('users_mod', $Cur['Class'])) {
//Son of a f*****g bitch
error(403);
die;
}
if (!empty($_POST['donor_points_submit']) && !empty($_POST['donation_value']) && is_numeric($_POST['donation_value'])) {
Donations::regular_donate($UserID, $_POST['donation_value'], "Add Points", $_POST['donation_reason'], $_POST['donation_currency']);
} elseif (!empty($_POST['donor_values_submit'])) {
Donations::update_rank($UserID, $_POST['donor_rank'], $_POST['total_donor_rank'], $_POST['reason']);
}
// If we're deleting the user, we can ignore all the other crap
if ($_POST['UserStatus'] === 'delete' && check_perms('users_delete_users')) {
Misc::write_log("User account {$UserID} (" . $Cur['Username'] . ") was deleted by " . $LoggedUser['Username']);
$DB->query("\n\t\tDELETE FROM users_main\n\t\tWHERE id = {$UserID}");
$DB->query("\n\t\tDELETE FROM users_info\n\t\tWHERE UserID = {$UserID}");
$Cache->delete_value("user_info_{$UserID}");
Tracker::update_tracker('remove_user', array('passkey' => $Cur['torrent_pass']));
header("Location: log.php?search=User+{$UserID}");
die;
}
// User was not deleted. Perform other stuff.
$UpdateSet = array();
$EditSummary = array();
$TrackerUserUpdates = array('passkey' => $Cur['torrent_pass']);
