function insert_ban($ban_type, $ban_text, $ban_comment = "", $ban_expire = 'UNDEFINED', $ban_id = 0)
{
global $globals;
if (strlen($ban_text) < 2) {
echo '<div class="form-error">';
echo '<p>' . _('Texto del ban muy corto') . '</p>';
echo "</div>\n";
return;
}
/*
if (strlen($ban_text) > 8 && preg_match('/^www\..+\.[a-z]+(\/[a-z]+\/*){0,1}$/i', $ban_text) ) {
$ban_text = preg_replace('/^www\./', '', $ban_text);
}
*/
$ban = new Ban();
if ($ban_id > 0) {
$ban->ban_id = (int) $ban_id;
$ban->read();
}
$ban->ban_type = $ban_type;
$ban->ban_text = $ban_text;
if (!empty($ban_comment)) {
$ban->ban_comment = $ban_comment;
}
if (!empty($ban_expire)) {
$ban->ban_expire = $ban_expire;
}
$ban->store();
return $ban;
}
// David Martín :: Suki_ :: <david at sukiweb dot net>.
// Beldar <beldar.cat at gmail dot com>
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
// The code below was made by Beldar <beldar at gmail dot com>
if (!defined('mnmpath')) {
include_once '../config.php';
header('Content-Type: text/html; charset=utf-8');
}
//include_once(mnminclude.'user.php');
//include_once(mnminclude.'post.php');
stats_increment('ajax');
if (empty($_GET['id']) || $current_user->user_level != 'god' && $current_user->user_level != 'admin') {
die;
}
$id = intval($_GET['id']);
require_once mnminclude . 'ban.php';
$ban = new Ban();
$ban->ban_id = $id;
if (!$ban->read()) {
die;
}
echo '<strong>' . _($ban->ban_type) . ':</strong> ' . $ban->ban_text . '<br/>';
if ($ban->ban_comment) {
echo '<strong>' . _('Comentario') . ':</strong> ' . $ban->ban_comment . '<br/>';
}
if ($ban->ban_expire) {
echo '<strong>' . _('Expira') . ':</strong> ' . $ban->ban_expire . '<br/>';
}
function admin_bans($ban_type)
{
global $db, $globals, $offset, $page_size, $ban_text_length, $ban_comment_length, $current_user;
require_once mnminclude . 'ban.php';
$key = get_security_key();
if ($current_user->user_level == "god" && check_security_key($_REQUEST["key"])) {
if (!empty($_REQUEST["new_ban"])) {
insert_ban($ban_type, $_POST["ban_text"], $_POST["ban_comment"], $_POST["ban_expire"]);
} elseif (!empty($_REQUEST["edit_ban"])) {
insert_ban($ban_type, $_POST["ban_text"], $_POST["ban_comment"], $_POST["ban_expire"], $_POST["ban_id"]);
} elseif (!empty($_REQUEST["new_bans"])) {
$array = preg_split("/\\s+/", $_POST["ban_text"]);
$size = count($array);
for ($i = 0; $i < $size; $i++) {
insert_ban($ban_type, $array[$i], $_POST["ban_comment"], $_POST["ban_expire"]);
}
} elseif (!empty($_REQUEST["del_ban"])) {
del_ban($_REQUEST["del_ban"]);
}
}
// ex container-wide
echo '<div class="genericform" style="margin:0">';
echo '<div style="float:right;">' . "\n";
echo '<form method="get" action="' . $globals['base_url'] . 'admin/bans.php">';
echo '<input type="hidden" name="admin" value="' . $ban_type . '" />';
echo '<input type="hidden" name="key" value="' . $key . '" />';
echo '<input type="text" name="s" ';
if ($_REQUEST["s"]) {
$_REQUEST["s"] = clean_text($_REQUEST["s"]);
echo ' value="' . $_REQUEST["s"] . '" ';
} else {
echo ' value="' . _('buscar') . '..." ';
}
echo 'onblur="if(this.value==\'\') this.value=\'' . _('buscar') . '...\';" onfocus="if(this.value==\'' . _('buscar') . '...\') this.value=\'\';" />';
echo ' <input style="padding:2px;" type="image" align="top" value="' . _('buscar') . '" alt="' . _('buscar') . '" src="' . $globals['base_static'] . 'img/common/search-03.png" />';
echo '</form>';
echo '</div>';
if ($current_user->user_level == "god") {
echo ' [ <a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&op=new">' . _('Nuevo ban') . '</a> ]';
echo ' [ <a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&op=news">' . _('Múltiples bans') . '</a> ]';
}
if (!empty($_REQUEST["op"])) {
echo '<form method="post" name="newban" action="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '">';
echo '<input type="hidden" name="key" value="' . $key . '" />';
}
echo '<table class="decorated" style="font-size: 10pt">';
echo '<tr><th width="25%"><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&';
if ($_REQUEST["s"]) {
echo 's=' . $_REQUEST["s"] . '&';
}
echo 'orderby=ban_text">' . $ban_type . '</a></th>';
echo '<th width="30%"><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&';
if ($_REQUEST["s"]) {
echo 's=' . $_REQUEST["s"] . '&';
}
echo 'orderby=ban_comment">' . _('comentario') . '</a></th>';
echo '<th><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&';
if ($_REQUEST["s"]) {
echo 's=' . $_REQUEST["s"] . '&';
}
echo 'orderby=ban_date">' . _('fecha creación') . '</a></th>';
echo '<th><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&';
if ($_REQUEST["s"]) {
echo 's=' . $_REQUEST["s"] . '&';
}
echo 'orderby=ban_expire">' . _('fecha caducidad') . '</a></th>';
echo '<th>' . _('Editar / Borrar') . '</th></tr>';
switch ($_REQUEST["op"]) {
case 'new':
echo '<tr><td>';
echo '<input type="text" id="ban_text" name="ban_text" size="30" maxlength="' . $ban_text_length . '" value="" />';
echo ' <span id="checkit"><input type="button" id="checkbutton1" value="' . _('verificar') . '" onclick="checkfield(\'ban_' . $ban_type . '\', this.form, this.form.ban_text)"/></span>' . "\n";
echo '<br /><span id="ban_' . $ban_type . 'checkitvalue"></span>' . "\n";
echo '</td><td>';
echo '<input class="form-full" type="text" name="ban_comment" id="ban_comment" />';
echo '</td><td>';
echo '</td><td>';
echo '<select name="ban_expire" id="ban_expire">';
print_expiration_dates();
echo '</select>';
echo '</td><td>';
echo '<input type="hidden" name="new_ban" value="1" />';
echo '<input type="submit" name="submit" value="' . _('Crear ban') . '" />';
echo '</td></tr>';
break;
case 'news':
echo '<tr><td>';
echo '<textarea id="ban_text" name="ban_text" /></textarea>';
echo '</td><td>';
echo '<input class="form-full" type="text" name="ban_comment" id="ban_comment" />';
echo '</td><td>';
echo '</td><td>';
echo '<select name="ban_expire" id="ban_expire">';
print_expiration_dates();
echo '</select>';
echo '</td><td>';
echo '<input type="hidden" name="new_bans" value="1" />';
echo '<input type="submit" name="submit" value="' . _('Crear bans') . '" />';
echo '</td></tr>';
break;
case 'edit':
$ban = new Ban();
$ban->ban_id = (int) $_REQUEST["id"];
$ban->read();
echo '<tr><td>';
echo '<input type="text" name="ban_text" id="ban_text" size="30" maxlength="' . $ban_text_length . '" value="' . $ban->ban_text . '" />';
echo '</td><td>';
echo '<input type="text" class="form-full" name="ban_comment" id="ban_comment" value="' . $ban->ban_comment . '" />';
echo '</td><td>';
echo $ban->ban_date;
echo '</td><td>';
echo '<select name="ban_expire" id="ban_expire">';
echo '<option value="' . $ban->ban_expire . '">' . $ban->ban_expire . '</option>';
print_expiration_dates();
echo '</select>';
echo '</td><td>';
echo '<input type="hidden" name="ban_id" value="' . $ban->ban_id . '" />';
echo '<input type="submit" name="edit_ban" value="' . _('Editar ban') . '" />';
echo '</td></tr>';
break;
}
if (empty($_REQUEST["op"])) {
//listado de bans
if (empty($_REQUEST["orderby"])) {
$_REQUEST["orderby"] = "ban_text";
} else {
$_REQUEST["orderby"] = preg_replace('/[^a-z_]/i', '', $_REQUEST["orderby"]);
if ($_REQUEST["orderby"] == 'ban_date') {
$order = "DESC";
}
}
$where = "WHERE ban_type='" . $ban_type . "'";
if ($_REQUEST["s"]) {
$search_text = $db->escape($_REQUEST["s"]);
$where .= " AND (ban_text LIKE '%{$search_text}%' OR ban_comment LIKE '%{$search_text}%')";
}
$bans = $db->get_col("SELECT ban_id FROM bans " . $where . " ORDER BY " . $_REQUEST["orderby"] . " {$order} LIMIT {$offset},{$page_size}");
$rows = $db->get_var("SELECT count(*) FROM bans " . $where);
if ($bans) {
$ban = new Ban();
foreach ($bans as $ban_id) {
$ban->ban_id = $ban_id;
$ban->read();
echo '<tr>';
echo '<td onmouseover="return tooltip.ajax_delayed(event, \'get_ban_info.php\', ' . $ban->ban_id . ');" onmouseout="tooltip.clear(event);" >' . clean_text($ban->ban_text) . '</td>';
echo '<td style="overflow: hidden;white-space: nowrap;" onmouseover="return tooltip.ajax_delayed(event, \'get_ban_info.php\', ' . $ban->ban_id . ');" onmouseout="tooltip.clear(event);">' . clean_text(txt_shorter($ban->ban_comment, 50)) . '</td>';
echo '<td>' . $ban->ban_date . '</td>';
echo '<td>' . $ban->ban_expire . '</td>';
echo '<td>';
if ($current_user->user_level == "god") {
echo '<a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&op=edit&id=' . $ban->ban_id . '" title="' . _('Editar') . '"><img src="' . $globals['base_static'] . 'img/common/sneak-edit-notice01.png" alt="' . 'Editar' . '" /></a>';
echo ' / ';
echo '<a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&del_ban=' . $ban->ban_id . '&key=' . $key . '" title="' . _('Eliminar') . '"><img src="' . $globals['base_static'] . 'img/common/sneak-reject01.png" alt="' . 'Eliminar' . '" /></a>';
}
echo '</td>';
echo '</tr>';
}
}
}
echo '</table>';
if (!empty($_REQUEST["op"])) {
echo "</form>\n";
}
do_pages($rows, $page_size, false);
}
