} else { if ($_REQUEST['action'] == 'block-user') { $return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum/category.php?id=' . $categoryID; //Check forum token if (!buckys_check_form_token('request')) { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Admin, Site Moderator, Category Admin and Category Moderator can't be blocked if (!(buckys_is_admin() || buckys_is_moderator() || buckys_is_forum_admin($category['categoryID']) || buckys_is_forum_moderator($category['categoryID']))) { buckys_redirect($return, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } $blockedUserID = buckys_escape_query_integer($_REQUEST['userID']); if ($blockedUserID == $userID) { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } BuckysForumModerator::blockUser($blockedUserID, $category['categoryID']); buckys_redirect($return, MSG_BLOCK_USER_SUCCESS); } else { if ($_REQUEST['action'] == 'unblock-users') { $return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum/moderator.php?id=' . $categoryID; //Check forum token if (!buckys_check_form_token('request')) { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Admin, Site Moderator, Category Admin and Category Moderator can't apply if (!(buckys_is_admin() || buckys_is_moderator() || buckys_is_forum_admin($category['categoryID']) || buckys_is_forum_moderator($category['categoryID']))) { buckys_redirect($return, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } $blockedUsers = isset($_REQUEST['blocked_user']) ? $_REQUEST['blocked_user'] : null; if (!$blockedUsers) { buckys_redirect($return, MSG_NO_USER_SELECTED, MSG_TYPE_ERROR);