$ipOfBanned = $_GET['ip']; // IP address of banned user // Make sure the process in ES is calling it // otherwise it is a hack attempt from the outside if ($hash == $config->matchHash) { // Make sure special chars for MySQL are escaped $nameOfBanned = addslashes($nameOfBanned); $nameOfBanned = str_ireplace(array("\"", "\r\n", "\n", "\r", ";"), "", $nameOfBanned); // Remove ; to prevent kick command inyection like name; quit or ; _restart $banQueries = new BanQueries(); $userQueries = new UserQueries(); $lengthQueries = new LengthQueries(); $user = $userQueries->getUserInfoBySteamId($banner); // i for ignore if ($timeScale == "i") { $length = $lengthQueries->getBanLength($lengthId); } else { $length = new Length(); $length->setLength($lengthId); $length->setTimeScale($timeScale); } $isUserMember = false; // If we are not allowing admin bans, then make sure the one being banned is not an admin if (!$config->allowAdminBans) { $isUserMember = $userQueries->isMember($steamId); } $username = trim($user->getName()); $pending = 0; // Default pending state is off // HARDCODED: 4 = member if ($user->getAccessLevel() == 4) {