function banUser( $option, $uid, $form=1, $act=1 ) { global $_CB_framework, $_CB_database, $ueConfig, $_POST; $isModerator=isModerator( $_CB_framework->myId() ); if ( ( $_CB_framework->myId() < 1 ) || ( $uid < 1 ) ) { cbNotAuth(); exit(); } if ( $ueConfig['allowUserBanning'] == 0 ) { echo _UE_FUNCTIONALITY_DISABLED; exit(); } if ( $form == 1 ) { $_CB_database->setQuery( "SELECT bannedreason FROM #__comprofiler WHERE id = " . (int) $uid ); $orgbannedreason = $_CB_database->loadresult(); HTML_comprofiler::banUserForm( $option, $uid, $act, $orgbannedreason); } else { $now = $_CB_framework->now(); $dateStr = cbFormatDate( $now ); $cbNotification = new cbNotification(); if ( $act == 1 ) { // Ban by moderator: if ( ( ! $isModerator ) || ( $_CB_framework->myId() != cbGetParam( $_POST, 'bannedby', 0 ) ) ) { cbNotAuth(); return; } // simple spoof check security cbSpoofCheck( 'banUserForm' ); $bannedreason = '<b>' . htmlspecialchars("["._UE_MODERATORBANRESPONSE.", " . $dateStr . "]") . "</b>\n" . htmlspecialchars( stripslashes( cbGetParam( $_POST, 'bannedreason') ) ) ."\n"; $sql="UPDATE #__comprofiler SET banned=1, bannedby=" . (int) $_CB_framework->myId() . ", banneddate='".date('Y-m-d\TH:i:s')."', bannedreason = CONCAT_WS('','" . $_CB_database->getEscaped( $bannedreason ) . "', bannedreason) WHERE id=". (int) $uid; $_CB_database->SetQuery($sql); $_CB_database->query(); $cbNotification->sendFromSystem($uid,_UE_BANUSER_SUB,_UE_BANUSER_MSG); echo _UE_USERBAN_SUCCESSFUL; } elseif ( $act == 0 ) { // Unban by moderator: if (!$isModerator){ cbNotAuth(); return; } // $mineName = getNameFormat($_CB_framework->myName(), $_CB_framework->myUsername,$ueConfig['name_format']); // DEFINE('_UE_UNBANUSER_BY_ON','User profile unbanned by %s on %s'); // $unbannedBy = "<b>" . addslashes( htmlspecialchars("[".sprintf( _UE_UNBANUSER_BY_ON, $mineName, $dateStr ) ) ) . "]</b>\n"; $unbannedBy = "<b>" . htmlspecialchars("[". _UE_UNBANUSER . ", " . $dateStr ) . "]</b>\n"; $sql="UPDATE #__comprofiler SET banned=0, unbannedby=" . (int) $_CB_framework->myId() . ", bannedreason = CONCAT_WS('','" . $_CB_database->getEscaped( $unbannedBy ) . "', bannedreason), unbanneddate='".date('Y-m-d\TH:i:s')."' WHERE id=".(int) $uid; // , bannedreason=null, bannedby=null, banneddate=null $_CB_database->SetQuery($sql); $_CB_database->query(); $cbNotification->sendFromSystem($uid,_UE_UNBANUSER_SUB,_UE_UNBANUSER_MSG); echo _UE_USERUNBAN_SUCCESSFUL; } elseif ( $act == 2 ) { // Unban request from user: if ( $_CB_framework->myId() != $uid ) { cbNotAuth(); return; } $bannedreason = "<b>".htmlspecialchars("["._UE_USERBANRESPONSE.", " . $dateStr . "]")."</b>\n" . htmlspecialchars( stripslashes( cbGetParam( $_POST, 'bannedreason' ) ) ) ."\n"; $sql="UPDATE #__comprofiler SET banned=2, bannedreason = CONCAT_WS('','" . $_CB_database->getEscaped( $bannedreason) . "', bannedreason) WHERE id=" . (int) $uid; $_CB_database->SetQuery($sql); $_CB_database->query(); if($ueConfig['moderatorEmail']==1) { $cbNotification->sendToModerators(_UE_UNBANUSERREQUEST_SUB,_UE_UNBANUSERREQUEST_MSG); } echo _UE_USERUNBANREQUEST_SUCCESSFUL; } } }
function banUser($option, $uid, $form = 1, $act = 1) { global $_CB_framework, $ueConfig, $_PLUGINS, $_POST; $isModerator = Application::MyUser()->isModeratorFor(Application::User((int) $uid)); if ($_CB_framework->myId() < 1 || $uid < 1) { $msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'); } elseif ($ueConfig['allowUserBanning'] == 0) { $msg = CBTxt::Th('UE_FUNCTIONALITY_DISABLED', 'This functionality is currently disabled.'); } else { $msg = null; } $_PLUGINS->loadPluginGroup('user'); $_PLUGINS->trigger('onBeforeBanUserRequest', array($uid, &$msg, $form, $act)); if ($msg) { $_CB_framework->enqueueMessage($msg, 'error'); return; } $bannedByUser = CBuser::getUserDataInstance($_CB_framework->myId()); $bannedUser = CBuser::getUserDataInstance($uid); $orgBannedReason = $bannedUser->get('bannedreason'); if ($form == 1) { $results = $_PLUGINS->trigger('onBeforeBanUserForm', array($uid, &$bannedByUser, &$bannedUser)); if ($_PLUGINS->is_errors()) { $_CB_framework->enqueueMessage($_PLUGINS->getErrorMSG('<br />'), 'error'); return; } if (implode('', $results) != "") { $return = '<div class="cb_template cb_template_' . selectTemplate('dir') . '">' . '<div>' . implode('</div><div>', $results) . '</div>' . '</div>'; echo $return; return; } HTML_comprofiler::banUserForm($option, $uid, $act, $orgBannedReason, $bannedByUser, $bannedUser); } else { $dateStr = cbFormatDate('now'); if ($act == 1) { // Ban by moderator: if (!$isModerator || $_CB_framework->myId() != cbGetParam($_POST, 'bannedby', 0)) { cbNotAuth(true); return; } cbSpoofCheck('banUserForm'); $bannedReason = '<b>' . '[' . CBTxt::Th('UE_MODERATORBANRESPONSE', 'Moderator Response') . ', ' . htmlspecialchars($dateStr) . ']' . '</b>' . "\n" . htmlspecialchars(stripslashes(cbGetParam($_POST, 'bannedreason'))) . "\n" . $orgBannedReason; if (!$bannedUser->banUser(1, $bannedByUser, $bannedReason)) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_USERBAN_FAILED', 'User profile ban failed. Error: [error]', array('[error]' => $bannedUser->getError()))); return; } $_CB_framework->enqueueMessage(CBTxt::Th('UE_USERBAN_SUCCESSFUL', 'User Profile Ban Successful.')); } elseif ($act == 0) { // Unban by moderator: if (!$isModerator) { cbNotAuth(true); return; } $bannedReason = '<b>' . '[' . CBTxt::Th('UE_UNBANUSER', 'User Profile Unbanned') . ', ' . htmlspecialchars($dateStr) . ']' . '</b>' . "\n" . $orgBannedReason; if (!$bannedUser->banUser(0, $bannedByUser, $bannedReason)) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBAN_FAILED', 'Users profile unban failed. Error: [error]', array('[error]' => $bannedUser->getError()))); return; } $_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBAN_SUCCESSFUL', 'Users profile unbanned successfully.')); } elseif ($act == 2) { // Unban request from user: if ($_CB_framework->myId() != $uid) { cbNotAuth(true); return; } $bannedReason = '<b>' . '[' . CBTxt::Th('UE_USERBANRESPONSE', 'User Response') . ', ' . htmlspecialchars($dateStr) . ']' . '</b>' . "\n" . htmlspecialchars(stripslashes(cbGetParam($_POST, 'bannedreason'))) . "\n" . $orgBannedReason; if (!$bannedUser->banUser(2, $bannedByUser, $bannedReason)) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBANREQUEST_FAILED', 'Your unban profile request failed. Error: [error]', array('[error]' => $bannedUser->getError()))); } $_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBANREQUEST_SUCCESSFUL', 'Your unban profile request was successfully submitted.')); } } }