<?php // Access level restriction Authentication::accessLevelController(8, ">"); // Deal with usr_ban form if (isset($_GET['action'])) { if ($_GET['action'] == 'ban' && isset($_POST['user'])) { Authentication::suspendUser($_POST['user']); $successAlert = 1; } // Deal with unban form if ($_GET['action'] == 'unban' && isset($_POST['unbanID'])) { Authentication::reinstateUser($_POST['unbanID']); $successAlert = 1; } if ($_GET['action'] == 'deactivate' && isset($_POST['uid'])) { Authentication::deactivateUser($_POST['uid']); $successAlert = 1; } } $sqlSuspend = "SELECT * FROM `users` WHERE `suspended` = '0'"; $resultSuspend = openRailwayCore::dbQuery($sqlSuspend); $sqlReinstate = "SELECT * FROM `users` WHERE `suspended` = '1'"; $resultReinstate = openRailwayCore::dbQuery($sqlReinstate); $main = new Template(); $main->set_custom_template("includes/", 'default'); $main->assign_var('ROOT', ROOT); while ($accountSuspend = mysql_fetch_assoc($resultSuspend)) { $main->assign_block_vars('user_loop', array('UID' => $accountSuspend['user_id'], 'NAME' => $accountSuspend['username'], 'SID' => $accountSuspend['staff_id'])); } while ($accountReinstate = mysql_fetch_assoc($resultReinstate)) {
/** * Locks page to non-authenticated browsers * */ public static function blockPageToVisitors() { openRailwayCore::dbConnect(); if (isset($_SESSION['session_id'])) { $result = openRailwayCore::dbQuery("SELECT `session_id` FROM " . SESSIONS_TABLE . " WHERE `session_id` = '" . $_SESSION['session_id'] . "'"); if (mysql_num_rows($result) == 0) { goto login; } } if (!isset($_SESSION['session_id'])) { login: openRailwayCore::pageHeader("Access not authorised"); $template = new Template(); $template->set_custom_template(FROOT . 'theme/' . STYLE, 'default'); if (isset($_GET['l']) && $_GET['l'] == 'fail') { $template->assign_block_vars('if_login_failed', array()); } if (isset($_GET['l']) && $_GET['l'] == "logout") { $template->assign_block_vars('if_logged_out', array()); } if (isset($_GET['l']) && $_GET['l'] == "flogout") { $template->assign_block_vars('if_force_logged_out', array()); } if (isset($_GET['l']) && $_GET['l'] == 'reauth') { $template->assign_block_vars('if_reauth', array()); } else { $template->assign_block_vars('if_not_reauth', array()); } $template->assign_var('ROOT', ROOT); $template->set_filenames(array('body' => 'login.html')); $template->display('body'); openRailwayCore::pageFooter(); die; } // Check to see if user agent has changed since login, if so log out if ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT']) { $interaction = openRailwayCore::createInteractionIdentifier(); openRailwayCore::logEvent(time(), $interaction, $_SESSION['user_id'], 5, 1, "User agent (UID: " . $_SESSION['user_id'] . ") change detected"); Authentication::suspendUser($_SESSION['user_id'], $interaction, 1); } }