function insert_ban($ban_type, $ban_text, $ban_comment = "", $ban_expire = 'UNDEFINED', $ban_id = 0) { global $globals; if (strlen($ban_text) < 2) { echo '<div class="form-error">'; echo '<p>' . _('Texto del ban muy corto') . '</p>'; echo "</div>\n"; return; } /* if (strlen($ban_text) > 8 && preg_match('/^www\..+\.[a-z]+(\/[a-z]+\/*){0,1}$/i', $ban_text) ) { $ban_text = preg_replace('/^www\./', '', $ban_text); } */ $ban = new Ban(); if ($ban_id > 0) { $ban->ban_id = (int) $ban_id; $ban->read(); } $ban->ban_type = $ban_type; $ban->ban_text = $ban_text; if (!empty($ban_comment)) { $ban->ban_comment = $ban_comment; } if (!empty($ban_expire)) { $ban->ban_expire = $ban_expire; } $ban->store(); return $ban; }
// David Martín :: Suki_ :: <david at sukiweb dot net>. // Beldar <beldar.cat at gmail dot com> // It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise. // You can get copies of the licenses here: // http://www.affero.org/oagpl.html // AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING". // The code below was made by Beldar <beldar at gmail dot com> if (!defined('mnmpath')) { include_once '../config.php'; header('Content-Type: text/html; charset=utf-8'); } //include_once(mnminclude.'user.php'); //include_once(mnminclude.'post.php'); stats_increment('ajax'); if (empty($_GET['id']) || $current_user->user_level != 'god' && $current_user->user_level != 'admin') { die; } $id = intval($_GET['id']); require_once mnminclude . 'ban.php'; $ban = new Ban(); $ban->ban_id = $id; if (!$ban->read()) { die; } echo '<strong>' . _($ban->ban_type) . ':</strong> ' . $ban->ban_text . '<br/>'; if ($ban->ban_comment) { echo '<strong>' . _('Comentario') . ':</strong> ' . $ban->ban_comment . '<br/>'; } if ($ban->ban_expire) { echo '<strong>' . _('Expira') . ':</strong> ' . $ban->ban_expire . '<br/>'; }
function admin_bans($ban_type) { global $db, $globals, $offset, $page_size, $ban_text_length, $ban_comment_length, $current_user; require_once mnminclude . 'ban.php'; $key = get_security_key(); if ($current_user->user_level == "god" && check_security_key($_REQUEST["key"])) { if (!empty($_REQUEST["new_ban"])) { insert_ban($ban_type, $_POST["ban_text"], $_POST["ban_comment"], $_POST["ban_expire"]); } elseif (!empty($_REQUEST["edit_ban"])) { insert_ban($ban_type, $_POST["ban_text"], $_POST["ban_comment"], $_POST["ban_expire"], $_POST["ban_id"]); } elseif (!empty($_REQUEST["new_bans"])) { $array = preg_split("/\\s+/", $_POST["ban_text"]); $size = count($array); for ($i = 0; $i < $size; $i++) { insert_ban($ban_type, $array[$i], $_POST["ban_comment"], $_POST["ban_expire"]); } } elseif (!empty($_REQUEST["del_ban"])) { del_ban($_REQUEST["del_ban"]); } } // ex container-wide echo '<div class="genericform" style="margin:0">'; echo '<div style="float:right;">' . "\n"; echo '<form method="get" action="' . $globals['base_url'] . 'admin/bans.php">'; echo '<input type="hidden" name="admin" value="' . $ban_type . '" />'; echo '<input type="hidden" name="key" value="' . $key . '" />'; echo '<input type="text" name="s" '; if ($_REQUEST["s"]) { $_REQUEST["s"] = clean_text($_REQUEST["s"]); echo ' value="' . $_REQUEST["s"] . '" '; } else { echo ' value="' . _('buscar') . '..." '; } echo 'onblur="if(this.value==\'\') this.value=\'' . _('buscar') . '...\';" onfocus="if(this.value==\'' . _('buscar') . '...\') this.value=\'\';" />'; echo ' <input style="padding:2px;" type="image" align="top" value="' . _('buscar') . '" alt="' . _('buscar') . '" src="' . $globals['base_static'] . 'img/common/search-03.png" />'; echo '</form>'; echo '</div>'; if ($current_user->user_level == "god") { echo ' [ <a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&op=new">' . _('Nuevo ban') . '</a> ]'; echo ' [ <a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&op=news">' . _('Múltiples bans') . '</a> ]'; } if (!empty($_REQUEST["op"])) { echo '<form method="post" name="newban" action="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '">'; echo '<input type="hidden" name="key" value="' . $key . '" />'; } echo '<table class="decorated" style="font-size: 10pt">'; echo '<tr><th width="25%"><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&'; if ($_REQUEST["s"]) { echo 's=' . $_REQUEST["s"] . '&'; } echo 'orderby=ban_text">' . $ban_type . '</a></th>'; echo '<th width="30%"><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&'; if ($_REQUEST["s"]) { echo 's=' . $_REQUEST["s"] . '&'; } echo 'orderby=ban_comment">' . _('comentario') . '</a></th>'; echo '<th><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&'; if ($_REQUEST["s"]) { echo 's=' . $_REQUEST["s"] . '&'; } echo 'orderby=ban_date">' . _('fecha creación') . '</a></th>'; echo '<th><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&'; if ($_REQUEST["s"]) { echo 's=' . $_REQUEST["s"] . '&'; } echo 'orderby=ban_expire">' . _('fecha caducidad') . '</a></th>'; echo '<th>' . _('Editar / Borrar') . '</th></tr>'; switch ($_REQUEST["op"]) { case 'new': echo '<tr><td>'; echo '<input type="text" id="ban_text" name="ban_text" size="30" maxlength="' . $ban_text_length . '" value="" />'; echo ' <span id="checkit"><input type="button" id="checkbutton1" value="' . _('verificar') . '" onclick="checkfield(\'ban_' . $ban_type . '\', this.form, this.form.ban_text)"/></span>' . "\n"; echo '<br /><span id="ban_' . $ban_type . 'checkitvalue"></span>' . "\n"; echo '</td><td>'; echo '<input class="form-full" type="text" name="ban_comment" id="ban_comment" />'; echo '</td><td>'; echo '</td><td>'; echo '<select name="ban_expire" id="ban_expire">'; print_expiration_dates(); echo '</select>'; echo '</td><td>'; echo '<input type="hidden" name="new_ban" value="1" />'; echo '<input type="submit" name="submit" value="' . _('Crear ban') . '" />'; echo '</td></tr>'; break; case 'news': echo '<tr><td>'; echo '<textarea id="ban_text" name="ban_text" /></textarea>'; echo '</td><td>'; echo '<input class="form-full" type="text" name="ban_comment" id="ban_comment" />'; echo '</td><td>'; echo '</td><td>'; echo '<select name="ban_expire" id="ban_expire">'; print_expiration_dates(); echo '</select>'; echo '</td><td>'; echo '<input type="hidden" name="new_bans" value="1" />'; echo '<input type="submit" name="submit" value="' . _('Crear bans') . '" />'; echo '</td></tr>'; break; case 'edit': $ban = new Ban(); $ban->ban_id = (int) $_REQUEST["id"]; $ban->read(); echo '<tr><td>'; echo '<input type="text" name="ban_text" id="ban_text" size="30" maxlength="' . $ban_text_length . '" value="' . $ban->ban_text . '" />'; echo '</td><td>'; echo '<input type="text" class="form-full" name="ban_comment" id="ban_comment" value="' . $ban->ban_comment . '" />'; echo '</td><td>'; echo $ban->ban_date; echo '</td><td>'; echo '<select name="ban_expire" id="ban_expire">'; echo '<option value="' . $ban->ban_expire . '">' . $ban->ban_expire . '</option>'; print_expiration_dates(); echo '</select>'; echo '</td><td>'; echo '<input type="hidden" name="ban_id" value="' . $ban->ban_id . '" />'; echo '<input type="submit" name="edit_ban" value="' . _('Editar ban') . '" />'; echo '</td></tr>'; break; } if (empty($_REQUEST["op"])) { //listado de bans if (empty($_REQUEST["orderby"])) { $_REQUEST["orderby"] = "ban_text"; } else { $_REQUEST["orderby"] = preg_replace('/[^a-z_]/i', '', $_REQUEST["orderby"]); if ($_REQUEST["orderby"] == 'ban_date') { $order = "DESC"; } } $where = "WHERE ban_type='" . $ban_type . "'"; if ($_REQUEST["s"]) { $search_text = $db->escape($_REQUEST["s"]); $where .= " AND (ban_text LIKE '%{$search_text}%' OR ban_comment LIKE '%{$search_text}%')"; } $bans = $db->get_col("SELECT ban_id FROM bans " . $where . " ORDER BY " . $_REQUEST["orderby"] . " {$order} LIMIT {$offset},{$page_size}"); $rows = $db->get_var("SELECT count(*) FROM bans " . $where); if ($bans) { $ban = new Ban(); foreach ($bans as $ban_id) { $ban->ban_id = $ban_id; $ban->read(); echo '<tr>'; echo '<td onmouseover="return tooltip.ajax_delayed(event, \'get_ban_info.php\', ' . $ban->ban_id . ');" onmouseout="tooltip.clear(event);" >' . clean_text($ban->ban_text) . '</td>'; echo '<td style="overflow: hidden;white-space: nowrap;" onmouseover="return tooltip.ajax_delayed(event, \'get_ban_info.php\', ' . $ban->ban_id . ');" onmouseout="tooltip.clear(event);">' . clean_text(txt_shorter($ban->ban_comment, 50)) . '</td>'; echo '<td>' . $ban->ban_date . '</td>'; echo '<td>' . $ban->ban_expire . '</td>'; echo '<td>'; if ($current_user->user_level == "god") { echo '<a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&op=edit&id=' . $ban->ban_id . '" title="' . _('Editar') . '"><img src="' . $globals['base_static'] . 'img/common/sneak-edit-notice01.png" alt="' . 'Editar' . '" /></a>'; echo ' / '; echo '<a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&del_ban=' . $ban->ban_id . '&key=' . $key . '" title="' . _('Eliminar') . '"><img src="' . $globals['base_static'] . 'img/common/sneak-reject01.png" alt="' . 'Eliminar' . '" /></a>'; } echo '</td>'; echo '</tr>'; } } } echo '</table>'; if (!empty($_REQUEST["op"])) { echo "</form>\n"; } do_pages($rows, $page_size, false); }