<?php
// Access level restriction
Authentication::accessLevelController(8, ">");
// Deal with usr_ban form
if (isset($_GET['action'])) {
if ($_GET['action'] == 'ban' && isset($_POST['user'])) {
Authentication::suspendUser($_POST['user']);
$successAlert = 1;
}
// Deal with unban form
if ($_GET['action'] == 'unban' && isset($_POST['unbanID'])) {
Authentication::reinstateUser($_POST['unbanID']);
$successAlert = 1;
}
if ($_GET['action'] == 'deactivate' && isset($_POST['uid'])) {
Authentication::deactivateUser($_POST['uid']);
$successAlert = 1;
}
}
$sqlSuspend = "SELECT * FROM `users` WHERE `suspended` = '0'";
$resultSuspend = openRailwayCore::dbQuery($sqlSuspend);
$sqlReinstate = "SELECT * FROM `users` WHERE `suspended` = '1'";
$resultReinstate = openRailwayCore::dbQuery($sqlReinstate);
$main = new Template();
$main->set_custom_template("includes/", 'default');
$main->assign_var('ROOT', ROOT);
while ($accountSuspend = mysql_fetch_assoc($resultSuspend)) {
$main->assign_block_vars('user_loop', array('UID' => $accountSuspend['user_id'], 'NAME' => $accountSuspend['username'], 'SID' => $accountSuspend['staff_id']));
}
while ($accountReinstate = mysql_fetch_assoc($resultReinstate)) {
/**
* Locks page to non-authenticated browsers
*
*/
public static function blockPageToVisitors()
{
openRailwayCore::dbConnect();
if (isset($_SESSION['session_id'])) {
$result = openRailwayCore::dbQuery("SELECT `session_id` FROM " . SESSIONS_TABLE . " WHERE `session_id` = '" . $_SESSION['session_id'] . "'");
if (mysql_num_rows($result) == 0) {
goto login;
}
}
if (!isset($_SESSION['session_id'])) {
login:
openRailwayCore::pageHeader("Access not authorised");
$template = new Template();
$template->set_custom_template(FROOT . 'theme/' . STYLE, 'default');
if (isset($_GET['l']) && $_GET['l'] == 'fail') {
$template->assign_block_vars('if_login_failed', array());
}
if (isset($_GET['l']) && $_GET['l'] == "logout") {
$template->assign_block_vars('if_logged_out', array());
}
if (isset($_GET['l']) && $_GET['l'] == "flogout") {
$template->assign_block_vars('if_force_logged_out', array());
}
if (isset($_GET['l']) && $_GET['l'] == 'reauth') {
$template->assign_block_vars('if_reauth', array());
} else {
$template->assign_block_vars('if_not_reauth', array());
}
$template->assign_var('ROOT', ROOT);
$template->set_filenames(array('body' => 'login.html'));
$template->display('body');
openRailwayCore::pageFooter();
die;
}
// Check to see if user agent has changed since login, if so log out
if ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT']) {
$interaction = openRailwayCore::createInteractionIdentifier();
openRailwayCore::logEvent(time(), $interaction, $_SESSION['user_id'], 5, 1, "User agent (UID: " . $_SESSION['user_id'] . ") change detected");
Authentication::suspendUser($_SESSION['user_id'], $interaction, 1);
}
}
