public static function warnUser($userId, $reason, $type) { $userId = Database::makeStringSafe($userId); $reason = Database::makeStringSafe($reason); $type = Database::makeStringSafe($type); $datetype = Database::CurrentMySQLDateTime(); Database::doQuery("INSERT INTO " . Database::addPrefix(WarningDao::table_name) . " SET user_id = '" . $userId . "', reason = '" . $reason . "', type = '" . $type . "'," . " time = '" . $datetype . "'"); return WarningDao::getWarningByID(mysql_insert_id()); }
public function handleForm(Context $context, $action) { if (UserDao::getUserByUsername(SessionUtil::getUsername())->userlevel == RES_USERLEVEL_ADMIN) { if ($action == "deleteWarning") { $warning = WarningDao::getWarningByID($_POST['warnId']); if ($warning != null) { WarningDao::deleteWarning($warning->id); $context->addMessage("Successfully deleted warning."); } else { $context->addError("No such warning."); } } else { $context->addError("Incorrect Action."); } } else { $context->addError("Not Authorized."); } }
public function generateHTML() { $myuser = UserDao::getUserByUsername(SessionUtil::getUsername()); $warning = WarningDao::getWarningByID($_GET['warnid']); $user = UserDao::getUserByID($warning->userId); if ($user->id != $myuser->id && $myuser->userlevel < RES_USERLEVEL_ADMIN) { $this->context->addError("Not Authorized."); return $this->context->getErrorHTML(); } $warnings = WarningDao::getAllWarningsForUser($user->id); $options = ""; foreach ($warnings as $warning) { $options .= $warning->toOptionHTML(); } $warningSelect = $user . " has no warnings."; if ($options != "") { $warningSelect = "<form action=\"./index.php\" method=\"GET\">" . "<input type=\"hidden\" name=\"pageid\" value=\"viewWarning\" />" . "<select>" . $options . "</select>" . "<input type=\"submit\" value=\"View\" />" . "</form>"; } $adminRow = ""; if ($myuser->userlevel >= RES_USERLEVEL_ADMIN) { $adminRow = "<tr><form action=\"./index.php?pageid=adminWarning\" method=\"POST\">" . "<td colspan=2 class=\"centeredcellbold\">" . "<input type=\"hidden\" name=\"action\" value=\"deleteWarning\" />" . "<input type=\"hidden\" name=\"warnId\" value=\"" . $warning->id . "\" />" . "<input type=\"submit\" value=\"Delete\" /></td></form></tr>"; } return "<center><h3>View Warning For " . $user . "</h3></center><table class=\"warning\">\n\t\t\t\n\t\t\t<tr>\n\t\t\t\n\t\t\t\t<td class=\"header\">Type</td>\n\t\t\t\t<td class=\"header\">Time</td>\n\t\t\t\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\n\t\t\t\t<td class=\"centeredcell\">" . $warning->getTypeString() . "</td>\n\t\t\t\t<td class=\"centeredcell\">" . $warning->datetime . "</td>\n\t\t\t\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\n\t\t\t\t<td colspan=2 class=\"header\">Warning Reason</td>\n\t\t\t\n\t\t\t</tr>\n\t\t\t\n\t\t\t<tr>\n\t\t\t\n\t\t\t\t<td colspan=2 class=\"centeredcell\"><textarea cols=\"55\" rows=\"7\" readonly>" . $warning->reason . "</textarea></td>\n\t\t\t\n\t\t\t</tr>\n\t\t\t" . $adminRow . "\n\t\t\n\t\t</table>"; }