function banUser( $option, $uid, $form=1, $act=1 ) {
global $_CB_framework, $_CB_database, $ueConfig, $_POST;
$isModerator=isModerator( $_CB_framework->myId() );
if ( ( $_CB_framework->myId() < 1 ) || ( $uid < 1 ) ) {
cbNotAuth();
exit();
}
if ( $ueConfig['allowUserBanning'] == 0 ) {
echo _UE_FUNCTIONALITY_DISABLED;
exit();
}
if ( $form == 1 ) {
$_CB_database->setQuery( "SELECT bannedreason FROM #__comprofiler WHERE id = " . (int) $uid );
$orgbannedreason = $_CB_database->loadresult();
HTML_comprofiler::banUserForm( $option, $uid, $act, $orgbannedreason);
} else {
$now = $_CB_framework->now();
$dateStr = cbFormatDate( $now );
$cbNotification = new cbNotification();
if ( $act == 1 ) {
// Ban by moderator:
if ( ( ! $isModerator ) || ( $_CB_framework->myId() != cbGetParam( $_POST, 'bannedby', 0 ) ) ) {
cbNotAuth();
return;
}
// simple spoof check security
cbSpoofCheck( 'banUserForm' );
$bannedreason = '<b>' . htmlspecialchars("["._UE_MODERATORBANRESPONSE.", " . $dateStr . "]") . "</b>\n" . htmlspecialchars( stripslashes( cbGetParam( $_POST, 'bannedreason') ) ) ."\n";
$sql="UPDATE #__comprofiler SET banned=1, bannedby=" . (int) $_CB_framework->myId() . ", banneddate='".date('Y-m-d\TH:i:s')."', bannedreason = CONCAT_WS('','" . $_CB_database->getEscaped( $bannedreason ) . "', bannedreason) WHERE id=". (int) $uid;
$_CB_database->SetQuery($sql);
$_CB_database->query();
$cbNotification->sendFromSystem($uid,_UE_BANUSER_SUB,_UE_BANUSER_MSG);
echo _UE_USERBAN_SUCCESSFUL;
} elseif ( $act == 0 ) {
// Unban by moderator:
if (!$isModerator){
cbNotAuth();
return;
}
// $mineName = getNameFormat($_CB_framework->myName(), $_CB_framework->myUsername,$ueConfig['name_format']);
// DEFINE('_UE_UNBANUSER_BY_ON','User profile unbanned by %s on %s');
// $unbannedBy = "<b>" . addslashes( htmlspecialchars("[".sprintf( _UE_UNBANUSER_BY_ON, $mineName, $dateStr ) ) ) . "]</b>\n";
$unbannedBy = "<b>" . htmlspecialchars("[". _UE_UNBANUSER . ", " . $dateStr ) . "]</b>\n";
$sql="UPDATE #__comprofiler SET banned=0, unbannedby=" . (int) $_CB_framework->myId() . ", bannedreason = CONCAT_WS('','" . $_CB_database->getEscaped( $unbannedBy ) . "', bannedreason), unbanneddate='".date('Y-m-d\TH:i:s')."' WHERE id=".(int) $uid; // , bannedreason=null, bannedby=null, banneddate=null
$_CB_database->SetQuery($sql);
$_CB_database->query();
$cbNotification->sendFromSystem($uid,_UE_UNBANUSER_SUB,_UE_UNBANUSER_MSG);
echo _UE_USERUNBAN_SUCCESSFUL;
} elseif ( $act == 2 ) {
// Unban request from user:
if ( $_CB_framework->myId() != $uid ) {
cbNotAuth();
return;
}
$bannedreason = "<b>".htmlspecialchars("["._UE_USERBANRESPONSE.", " . $dateStr . "]")."</b>\n" . htmlspecialchars( stripslashes( cbGetParam( $_POST, 'bannedreason' ) ) ) ."\n";
$sql="UPDATE #__comprofiler SET banned=2, bannedreason = CONCAT_WS('','" . $_CB_database->getEscaped( $bannedreason) . "', bannedreason) WHERE id=" . (int) $uid;
$_CB_database->SetQuery($sql);
$_CB_database->query();
if($ueConfig['moderatorEmail']==1) {
$cbNotification->sendToModerators(_UE_UNBANUSERREQUEST_SUB,_UE_UNBANUSERREQUEST_MSG);
}
echo _UE_USERUNBANREQUEST_SUCCESSFUL;
}
}
}
function banUser($option, $uid, $form = 1, $act = 1)
{
global $_CB_framework, $ueConfig, $_PLUGINS, $_POST;
$isModerator = Application::MyUser()->isModeratorFor(Application::User((int) $uid));
if ($_CB_framework->myId() < 1 || $uid < 1) {
$msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!');
} elseif ($ueConfig['allowUserBanning'] == 0) {
$msg = CBTxt::Th('UE_FUNCTIONALITY_DISABLED', 'This functionality is currently disabled.');
} else {
$msg = null;
}
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeBanUserRequest', array($uid, &$msg, $form, $act));
if ($msg) {
$_CB_framework->enqueueMessage($msg, 'error');
return;
}
$bannedByUser = CBuser::getUserDataInstance($_CB_framework->myId());
$bannedUser = CBuser::getUserDataInstance($uid);
$orgBannedReason = $bannedUser->get('bannedreason');
if ($form == 1) {
$results = $_PLUGINS->trigger('onBeforeBanUserForm', array($uid, &$bannedByUser, &$bannedUser));
if ($_PLUGINS->is_errors()) {
$_CB_framework->enqueueMessage($_PLUGINS->getErrorMSG('<br />'), 'error');
return;
}
if (implode('', $results) != "") {
$return = '<div class="cb_template cb_template_' . selectTemplate('dir') . '">' . '<div>' . implode('</div><div>', $results) . '</div>' . '</div>';
echo $return;
return;
}
HTML_comprofiler::banUserForm($option, $uid, $act, $orgBannedReason, $bannedByUser, $bannedUser);
} else {
$dateStr = cbFormatDate('now');
if ($act == 1) {
// Ban by moderator:
if (!$isModerator || $_CB_framework->myId() != cbGetParam($_POST, 'bannedby', 0)) {
cbNotAuth(true);
return;
}
cbSpoofCheck('banUserForm');
$bannedReason = '<b>' . '[' . CBTxt::Th('UE_MODERATORBANRESPONSE', 'Moderator Response') . ', ' . htmlspecialchars($dateStr) . ']' . '</b>' . "\n" . htmlspecialchars(stripslashes(cbGetParam($_POST, 'bannedreason'))) . "\n" . $orgBannedReason;
if (!$bannedUser->banUser(1, $bannedByUser, $bannedReason)) {
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USERBAN_FAILED', 'User profile ban failed. Error: [error]', array('[error]' => $bannedUser->getError())));
return;
}
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USERBAN_SUCCESSFUL', 'User Profile Ban Successful.'));
} elseif ($act == 0) {
// Unban by moderator:
if (!$isModerator) {
cbNotAuth(true);
return;
}
$bannedReason = '<b>' . '[' . CBTxt::Th('UE_UNBANUSER', 'User Profile Unbanned') . ', ' . htmlspecialchars($dateStr) . ']' . '</b>' . "\n" . $orgBannedReason;
if (!$bannedUser->banUser(0, $bannedByUser, $bannedReason)) {
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBAN_FAILED', 'Users profile unban failed. Error: [error]', array('[error]' => $bannedUser->getError())));
return;
}
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBAN_SUCCESSFUL', 'Users profile unbanned successfully.'));
} elseif ($act == 2) {
// Unban request from user:
if ($_CB_framework->myId() != $uid) {
cbNotAuth(true);
return;
}
$bannedReason = '<b>' . '[' . CBTxt::Th('UE_USERBANRESPONSE', 'User Response') . ', ' . htmlspecialchars($dateStr) . ']' . '</b>' . "\n" . htmlspecialchars(stripslashes(cbGetParam($_POST, 'bannedreason'))) . "\n" . $orgBannedReason;
if (!$bannedUser->banUser(2, $bannedByUser, $bannedReason)) {
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBANREQUEST_FAILED', 'Your unban profile request failed. Error: [error]', array('[error]' => $bannedUser->getError())));
}
$_CB_framework->enqueueMessage(CBTxt::Th('UE_USERUNBANREQUEST_SUCCESSFUL', 'Your unban profile request was successfully submitted.'));
}
}
}
