} else {
if ($_REQUEST['action'] == 'block-user') {
$return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum/category.php?id=' . $categoryID;
//Check forum token
if (!buckys_check_form_token('request')) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Admin, Site Moderator, Category Admin and Category Moderator can't be blocked
if (!(buckys_is_admin() || buckys_is_moderator() || buckys_is_forum_admin($category['categoryID']) || buckys_is_forum_moderator($category['categoryID']))) {
buckys_redirect($return, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$blockedUserID = buckys_escape_query_integer($_REQUEST['userID']);
if ($blockedUserID == $userID) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
BuckysForumModerator::blockUser($blockedUserID, $category['categoryID']);
buckys_redirect($return, MSG_BLOCK_USER_SUCCESS);
} else {
if ($_REQUEST['action'] == 'unblock-users') {
$return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum/moderator.php?id=' . $categoryID;
//Check forum token
if (!buckys_check_form_token('request')) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Admin, Site Moderator, Category Admin and Category Moderator can't apply
if (!(buckys_is_admin() || buckys_is_moderator() || buckys_is_forum_admin($category['categoryID']) || buckys_is_forum_moderator($category['categoryID']))) {
buckys_redirect($return, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$blockedUsers = isset($_REQUEST['blocked_user']) ? $_REQUEST['blocked_user'] : null;
if (!$blockedUsers) {
buckys_redirect($return, MSG_NO_USER_SELECTED, MSG_TYPE_ERROR);
