Пример #1
0
<?php

require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
$userID = buckys_is_logged_in();
//Process Some Actions
if (isset($_GET['action']) && $_GET['action'] == 'ban-user') {
    if (!BuckysModerator::isModerator($userID)) {
        die(MSG_PERMISSION_DENIED);
    }
    if (!isset($_GET['userID']) || !BuckysUser::checkUserID($userID)) {
        buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
    }
    //Ban User
    BuckysBanUser::banUser($_GET['userID']);
    buckys_redirect('/index.php', MSG_BAN_USER);
    exit;
}
//Getting User ID from Parameter
$profileID = buckys_escape_query_integer(isset($_GET['user']) ? $_GET['user'] : null);
//If the parameter is null, goto homepage
if (!$profileID) {
    buckys_redirect('/index.php');
}
//Getting UserData from Id
$userData = BuckysUser::getUserData($profileID);
//Goto Homepage if the userID is not correct
if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true) && !buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
    buckys_redirect('/index.php');
}
$postType = isset($_GET['type']) ? $_GET['type'] : 'all';
Пример #2
0
 /**
  * Ban users
  * 
  * @param Array $ids
  * @param Int $objectType
  * @param Int $moderatorType
  */
 public function banUsers($ids, $objectType, $moderatorType)
 {
     global $db;
     if (!is_array($ids)) {
         $ids = array($ids);
     }
     $query = $db->prepare("SELECT * FROM " . TABLE_REPORTS . " WHERE objectType=%s AND reportID in (" . implode(", ", $ids) . ")", $objectType);
     $rows = $db->getResultsArray($query);
     foreach ($rows as $row) {
         //Getting User ID
         if ($row['objectType'] == 'post') {
             $query = "SELECT poster FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID'];
         } else {
             if ($row['objectType'] == 'comment') {
                 $query = "SELECT commenter FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID'];
             } else {
                 if ($row['objectType'] == 'message') {
                     $query = "SELECT sender FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID'];
                 } else {
                     if ($row['objectType'] == 'topic') {
                         $query = "SELECT creatorID FROM " . TABLE_FORUM_TOPICS . " WHERE topicID=" . $row['objectID'];
                     } else {
                         if ($row['objectType'] == 'reply') {
                             $query = "SELECT creatorID FROM " . TABLE_FORUM_REPLIES . " WHERE replyID=" . $row['objectID'];
                         }
                     }
                 }
             }
         }
         $userID = $db->getVar($query);
         if ($userID) {
             BuckysBanUser::banUser($userID);
         }
     }
 }
 /**
  * Ban users
  *
  * @param Array $ids
  * @return int
  */
 public static function banUsers($ids)
 {
     global $db;
     if (!is_array($ids)) {
         $ids = [$ids];
     }
     $query = "SELECT * FROM " . TABLE_REPORTS . " WHERE reportID IN (" . implode(", ", $ids) . ")";
     $rows = $db->getResultsArray($query);
     $bannedUsers = 0;
     $adminUsers = 0;
     foreach ($rows as $row) {
         //Getting User ID
         if ($row['objectType'] == 'post') {
             $query = "SELECT poster FROM " . TABLE_POSTS . " WHERE postID=" . $row['objectID'];
         } else {
             if ($row['objectType'] == 'comment') {
                 $query = "SELECT commenter FROM " . TABLE_POSTS_COMMENTS . " WHERE commentID=" . $row['objectID'];
             } else {
                 if ($row['objectType'] == 'video_comment') {
                     $query = "SELECT userID FROM " . TABLE_VIDEO_COMMENTS . " WHERE commentID=" . $row['objectID'];
                 } else {
                     if ($row['objectType'] == 'message') {
                         $query = "SELECT sender FROM " . TABLE_MESSAGES . " WHERE messageID=" . $row['objectID'];
                     } else {
                         if ($row['objectType'] == 'topic') {
                             $query = "SELECT creatorID FROM " . TABLE_FORUM_TOPICS . " WHERE topicID=" . $row['objectID'];
                         } else {
                             if ($row['objectType'] == 'reply') {
                                 $query = "SELECT creatorID FROM " . TABLE_FORUM_REPLIES . " WHERE replyID=" . $row['objectID'];
                             }
                         }
                     }
                 }
             }
         }
         $userID = $db->getVar($query);
         if ($userID) {
             if (!buckys_check_user_acl(USER_ACL_MODERATOR, $userID)) {
                 BuckysBanUser::banUser($userID);
                 $bannedUsers++;
             } else {
                 $adminUsers++;
             }
         }
     }
     if ($adminUsers > 0) {
         buckys_add_message(MSG_CAN_NOT_BAN_ADMIN, MSG_TYPE_NOTIFY);
     }
     return $bannedUsers;
 }