function mod_ban_appeals() { global $config, $board; if (!hasPermission($config['mod']['view_ban_appeals'])) { error($config['error']['noaccess']); } // Remove stale ban appeals query("DELETE FROM ``ban_appeals`` WHERE NOT EXISTS (SELECT 1 FROM ``bans`` WHERE `ban_id` = ``bans``.`id`)") or error(db_error()); if (isset($_POST['appeal_id']) && (isset($_POST['unban']) || isset($_POST['deny']))) { if (!hasPermission($config['mod']['ban_appeals'])) { error($config['error']['noaccess']); } $query = query("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``\n\t\t\tLEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`\n\t\t\tWHERE ``ban_appeals``.`id` = " . (int) $_POST['appeal_id']) or error(db_error()); if (!($ban = $query->fetch(PDO::FETCH_ASSOC))) { error(_('Ban appeal not found!')); } $ban['mask'] = Bans::range_to_string(array($ban['ipstart'], $ban['ipend'])); if (isset($_POST['unban'])) { modLog('Accepted ban appeal #' . $ban['id'] . ' for ' . $ban['mask']); Bans::delete($ban['ban_id'], true); query("DELETE FROM ``ban_appeals`` WHERE `id` = " . $ban['id']) or error(db_error()); } else { modLog('Denied ban appeal #' . $ban['id'] . ' for ' . $ban['mask']); query("UPDATE ``ban_appeals`` SET `denied` = 1 WHERE `id` = " . $ban['id']) or error(db_error()); } header('Location: ?/ban-appeals', true, $config['redirect_http']); return; } $query = query("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``\n\t\tLEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`\n\t\tLEFT JOIN ``mods`` ON ``bans``.`creator` = ``mods``.`id`\n\t\tWHERE `denied` != 1 ORDER BY `time`") or error(db_error()); $ban_appeals = $query->fetchAll(PDO::FETCH_ASSOC); foreach ($ban_appeals as &$ban) { if ($ban['post']) { $ban['post'] = json_decode($ban['post'], true); } $ban['mask'] = Bans::range_to_string(array($ban['ipstart'], $ban['ipend'])); if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) { if (openBoard($ban['post']['board'])) { $query = query(sprintf("SELECT `num_files`, `files` FROM ``posts_%s`` WHERE `id` = " . (int) $ban['post']['id'], $board['uri'])); if ($_post = $query->fetch(PDO::FETCH_ASSOC)) { $_post['files'] = $_post['files'] ? json_decode($_post['files']) : array(); $ban['post'] = array_merge($ban['post'], $_post); } else { $ban['post']['files'] = array(array()); $ban['post']['files'][0]['file'] = 'deleted'; $ban['post']['files'][0]['thumb'] = false; $ban['post']['num_files'] = 1; } } else { $ban['post']['files'] = array(array()); $ban['post']['files'][0]['file'] = 'deleted'; $ban['post']['files'][0]['thumb'] = false; $ban['post']['num_files'] = 1; } if ($ban['post']['thread']) { $ban['post'] = new Post($ban['post']); } else { $ban['post'] = new Thread($ban['post'], null, false, false); } } } mod_page(_('Ban appeals'), 'mod/ban_appeals.html', array('ban_appeals' => $ban_appeals, 'token' => make_secure_link_token('ban-appeals'))); }
function mod_ban_appeals() { global $config, $board, $mod; if (!hasPermission($config['mod']['view_ban_appeals'])) { error($config['error']['noaccess']); } // Remove stale ban appeals query("DELETE FROM ``ban_appeals`` WHERE NOT EXISTS (SELECT 1 FROM ``bans`` WHERE `ban_id` = ``bans``.`id`)") or error(db_error()); if (isset($_POST['appeal_id']) && (isset($_POST['unban']) || isset($_POST['deny']))) { if (!hasPermission($config['mod']['ban_appeals'])) { error($config['error']['noaccess']); } $query = query("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``\n\t\t\tLEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`\n\t\t\tWHERE ``ban_appeals``.`id` = " . (int) $_POST['appeal_id']) or error(db_error()); if (!($ban = $query->fetch(PDO::FETCH_ASSOC))) { error(_('Ban appeal not found!')); } if (!in_array($ban['board'], $mod['boards']) && $mod['boards'][0] != '*') { error($config['error']['noaccess']); } $ban['mask'] = Bans::range_to_string(array($ban['ipstart'], $ban['ipend'])); if (isset($_POST['unban'])) { modLog('Accepted ban appeal #' . $ban['id'] . ' for ' . $ban['mask']); Bans::delete($ban['ban_id'], true); query("DELETE FROM ``ban_appeals`` WHERE `id` = " . $ban['id']) or error(db_error()); } else { modLog('Denied ban appeal #' . $ban['id'] . ' for ' . $ban['mask']); query("UPDATE ``ban_appeals`` SET `denied` = 1 WHERE `id` = " . $ban['id']) or error(db_error()); } header('Location: ?/ban-appeals', true, $config['redirect_http']); return; } $local = $mod['type'] < GLOBALVOLUNTEER; $query = prepare("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``\n\t\tLEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`\n\t\tLEFT JOIN ``mods`` ON ``bans``.`creator` = ``mods``.`id`\n\t\tWHERE `denied` != 1 " . ($local ? " AND ``bans``.`board` = :board " : "") . " ORDER BY `time`"); if ($local) { $query->bindValue(':board', $mod['boards'][0]); } $query->execute() or error(db_error()); $ban_appeals = $query->fetchAll(PDO::FETCH_ASSOC); foreach ($ban_appeals as &$ban) { if ($ban['post']) { $ban['post'] = json_decode($ban['post'], true); } $ban['mask'] = Bans::range_to_string(array($ban['ipstart'], $ban['ipend'])); if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) { openBoard($ban['post']['board']); if ($ban['post']['thread']) { $po = new Post($ban['post']); $ban['post'] = $po->build(true); } else { $po = new Thread($ban['post'], null, false, false); $ban['post'] = $po->build(true); } } } mod_page(_('Ban appeals'), 'mod/ban_appeals.html', array('ban_appeals' => $ban_appeals, 'token' => make_secure_link_token('ban-appeals'))); }