function replyban_run() { global $db, $mybb, $lang, $templates, $theme, $headerinclude, $header, $footer, $replyban, $moderation; $lang->load("replyban"); if ($mybb->input['action'] != "replyban" && $mybb->input['action'] != "do_replyban" && $mybb->input['action'] != "liftreplyban") { return; } if ($mybb->input['action'] == "replyban") { $tid = $mybb->get_input('tid', MyBB::INPUT_INT); $thread = get_thread($tid); if (!is_moderator($thread['fid'], "canmanagethreads")) { error_no_permission(); } if (!$thread['tid']) { error($lang->error_invalidthread); } $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->reply_bans_for = $lang->sprintf($lang->reply_bans_for, $thread['subject']); check_forum_password($thread['fid']); build_forum_breadcrumb($thread['fid']); add_breadcrumb($thread['subject'], get_thread_link($thread['tid'])); add_breadcrumb($lang->reply_bans); $query = $db->query("\r\n\t\t\tSELECT r.*, u.username\r\n\t\t\tFROM " . TABLE_PREFIX . "replybans r\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (r.uid=u.uid)\r\n\t\t\tWHERE r.tid='{$thread['tid']}'\r\n\t\t\tORDER BY r.dateline DESC\r\n\t\t"); while ($ban = $db->fetch_array($query)) { $ban['reason'] = htmlspecialchars_uni($ban['reason']); $ban['username'] = build_profile_link($ban['username'], $ban['uid']); if ($ban['lifted'] == 0) { $ban['lifted'] = $lang->permanent; } else { $ban['lifted'] = my_date('relative', $ban['lifted'], '', 2); } $alt_bg = alt_trow(); eval("\$ban_bit .= \"" . $templates->get("moderation_replyban_bit") . "\";"); } if (!$ban_bit) { eval("\$ban_bit = \"" . $templates->get("moderation_replyban_no_bans") . "\";"); } // Generate the banned times dropdown $liftlist = ''; $bantimes = fetch_ban_times(); foreach ($bantimes as $time => $title) { $selected = ''; if (isset($banned['bantime']) && $banned['bantime'] == $time) { $selected = " selected=\"selected\""; } $thattime = ''; if ($time != '---') { $dateline = TIME_NOW; if (isset($banned['dateline'])) { $dateline = $banned['dateline']; } $thatime = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time, $dateline)); $thattime = " ({$thatime})"; } eval("\$liftlist .= \"" . $templates->get("moderation_replyban_liftlist") . "\";"); } eval("\$replyban = \"" . $templates->get("moderation_replyban") . "\";"); output_page($replyban); } if ($mybb->input['action'] == "do_replyban" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $tid = $mybb->get_input('tid', MyBB::INPUT_INT); $thread = get_thread($tid); if (!is_moderator($thread['fid'], "canmanagethreads")) { error_no_permission(); } if (!$thread['tid']) { error($lang->error_invalidthread); } $user = get_user_by_username($mybb->input['username'], array('fields' => array('username'))); if (!$user['uid']) { error($lang->error_invaliduser); } $mybb->input['reason'] = $mybb->get_input('reason'); if (!trim($mybb->input['reason'])) { error($lang->error_missing_reason); } $query = $db->simple_select('replybans', 'rid', "uid='{$user['uid']}' AND tid='{$thread['tid']}'"); $existingban = $db->fetch_field($query, 'rid'); if ($existingban > 0) { error($lang->error_alreadybanned); } if ($mybb->get_input('liftban') == '---') { $lifted = 0; } else { $lifted = ban_date2timestamp($mybb->get_input('liftban'), 0); } $reason = my_substr($mybb->input['reason'], 0, 240); $insert_array = array('uid' => $user['uid'], 'tid' => $thread['tid'], 'dateline' => TIME_NOW, 'reason' => $db->escape_string($reason), 'lifted' => $db->escape_string($lifted)); $db->insert_query('replybans', $insert_array); log_moderator_action(array("tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $user['uid'], "username" => $user['username']), $lang->user_reply_banned); moderation_redirect("moderation.php?action=replyban&tid={$thread['tid']}", $lang->redirect_user_banned_replying); } if ($mybb->input['action'] == "liftreplyban") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $rid = $mybb->get_input('rid', MyBB::INPUT_INT); $query = $db->simple_select("replybans", "*", "rid='{$rid}'"); $ban = $db->fetch_array($query); if (!$ban['rid']) { error($lang->error_invalidreplyban); } $thread = get_thread($ban['tid']); $user = get_user($ban['uid']); if (!$thread['tid']) { error($lang->error_invalidthread); } if (!is_moderator($thread['fid'], "canmanagethreads")) { error_no_permission(); } $db->delete_query("replybans", "rid='{$ban['rid']}'"); log_moderator_action(array("tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $user['uid'], "username" => $user['username']), $lang->user_reply_banned_lifted); moderation_redirect("moderation.php?action=replyban&tid={$thread['tid']}", $lang->redirect_reply_ban_lifted); } exit; }
$table = new Table(); $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); $table->construct_cell($lang->mass_ban_info); $table->construct_row(); $table->output($lang->important); // If there's any errors, display inline if ($errors) { $page->output_inline_error($errors); } $form = new Form("index.php?module=user-users", "post"); echo $form->generate_hidden_field('action', 'inline_edit'); echo $form->generate_hidden_field('inline_action', 'multiban'); echo $form->generate_hidden_field('processed', '1'); $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key=' . $mybb->post_code . '">' . $lang->lift_bans . '</a></div>' . $lang->mass_ban); $form_container->output_row($lang->ban_reason, "", $form->generate_text_box('reason', $mybb->input['reason'], array('id' => 'reason')), 'reason'); $ban_times = fetch_ban_times(); foreach ($ban_times as $time => $period) { if ($time != '---') { $friendly_time = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time)); $period = "{$period} ({$friendly_time})"; } $length_list[$time] = $period; } $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); $form_container->end(); $buttons[] = $form->generate_submit_button($lang->ban_users); $form->output_submit_wrapper($buttons); $form->end(); $page->output_footer(); break; case 'multidelete':
/** * Updates an user warning details. * * @return array Updated user details. */ function update_user($method = 'insert') { global $db, $mybb, $lang; if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $warning =& $this->data; $user = get_user($warning['uid']); if ($method == 'insert') { // Build warning level & ensure it doesn't go over 100. $current_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); $this->new_warning_level = round(($user['warningpoints'] + $warning['points']) / $mybb->settings['maxwarningpoints'] * 100); if ($this->new_warning_level > 100) { $this->new_warning_level = 100; } // Update user $this->updated_user = array("warningpoints" => $user['warningpoints'] + $warning['points']); // Fetch warning level $query = $db->simple_select("warninglevels", "*", "percentage<={$this->new_warning_level}", array("order_by" => "percentage", "order_dir" => "desc")); $new_level = $db->fetch_array($query); if ($new_level['lid']) { $expiration = 0; $action = my_unserialize($new_level['action']); if ($action['length'] > 0) { $expiration = TIME_NOW + $action['length']; } switch ($action['type']) { // Ban the user for a specified time case 1: // Fetch any previous bans for this user $query = $db->simple_select("banned", "*", "uid='{$user['uid']}' AND gid='{$action['usergroup']}' AND lifted>" . TIME_NOW); $existing_ban = $db->fetch_array($query); // Only perform if no previous ban or new ban expires later than existing ban if ($expiration > $existing_ban['lifted'] && $existing_ban['lifted'] != 0 || $expiration == 0 || !$existing_ban['uid']) { if (!$warning['title']) { $warning['title'] = $this->warning_type['title']; } // Never lift the ban? if ($action['length'] <= 0) { $bantime = '---'; } else { $bantimes = fetch_ban_times(); foreach ($bantimes as $date => $string) { if ($date == '---') { continue; } $time = 0; list($day, $month, $year) = explode('-', $date); if ($day > 0) { $time += 60 * 60 * 24 * $day; } if ($month > 0) { $time += 60 * 60 * 24 * 30 * $month; } if ($year > 0) { $time += 60 * 60 * 24 * 365 * $year; } if ($time == $action['length']) { $bantime = $date; break; } } } $new_ban = array("uid" => $user['uid'], "gid" => $action['usergroup'], "oldgroup" => $user['usergroup'], "oldadditionalgroups" => $user['additionalgroups'], "olddisplaygroup" => $user['displaygroup'], "admin" => $mybb->user['uid'], "dateline" => TIME_NOW, "bantime" => $db->escape_string($bantime), "lifted" => $expiration, "reason" => $db->escape_string($warning['title'])); // Delete old ban for this user, taking details if ($existing_ban['uid']) { $db->delete_query("banned", "uid='{$user['uid']}' AND gid='{$action['usergroup']}'"); // Override new ban details with old group info $new_ban['oldgroup'] = $existing_ban['oldgroup']; $new_ban['oldadditionalgroups'] = $existing_ban['oldadditionalgroups']; $new_ban['olddisplaygroup'] = $existing_ban['olddisplaygroup']; } $period = $lang->expiration_never; $ban_length = fetch_friendly_expiration($action['length']); if ($ban_length['time']) { $lang_str = "expiration_" . $ban_length['period']; $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->{$lang_str}); } $group_name = $groupscache[$action['usergroup']]['title']; $this->friendly_action = $lang->sprintf($lang->redirect_warned_banned, $group_name, $period); $db->insert_query("banned", $new_ban); $this->updated_user['usergroup'] = $action['usergroup']; $this->updated_user['additionalgroups'] = ''; $this->updated_user['displaygroup'] = 0; } break; // Suspend posting privileges // Suspend posting privileges case 2: // Only perform if the expiration time is greater than the users current suspension period if ($expiration == 0 || $expiration > $user['suspensiontime']) { if ($user['suspensiontime'] != 0 && $user['suspendposting'] || !$user['suspendposting']) { $period = $lang->expiration_never; $ban_length = fetch_friendly_expiration($action['length']); if ($ban_length['time']) { $lang_str = "expiration_" . $ban_length['period']; $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->{$lang_str}); } $this->friendly_action = $lang->sprintf($lang->redirect_warned_suspended, $period); $this->updated_user['suspensiontime'] = $expiration; $this->updated_user['suspendposting'] = 1; } } break; // Moderate new posts // Moderate new posts case 3: // Only perform if the expiration time is greater than the users current suspension period if ($expiration == 0 || $expiration > $user['moderationtime']) { if ($user['moderationtime'] != 0 && $user['moderateposts'] || !$user['suspendposting']) { $period = $lang->expiration_never; $ban_length = fetch_friendly_expiration($action['length']); if ($ban_length['time']) { $lang_str = "expiration_" . $ban_length['period']; $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->{$lang_str}); } $this->friendly_action = $lang->sprintf($lang->redirect_warned_moderate, $period); $this->updated_user['moderationtime'] = $expiration; $this->updated_user['moderateposts'] = 1; } } break; } } } else { // Warning is still active, lower users point count if ($warning['expired'] != 1) { $new_warning_points = $user['warningpoints'] - $warning['points']; if ($new_warning_points < 0) { $new_warning_points = 0; } $this->updated_user = array("warningpoints" => $new_warning_points); // check if we need to revoke any consequences with this warning $current_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); $this->new_warning_level = round($new_warning_points / $mybb->settings['maxwarningpoints'] * 100); $query = $db->simple_select("warninglevels", "action", "percentage>{$this->new_warning_level} AND percentage<={$current_level}"); if ($db->num_rows($query)) { // we have some warning levels we need to revoke $max_expiration_times = $check_levels = array(); find_warnlevels_to_check($query, $max_expiration_times, $check_levels); // now check warning levels already applied to this user to see if we need to lower any expiration times $query = $db->simple_select("warninglevels", "action", "percentage<={$this->new_warning_level}"); $lower_expiration_times = $lower_levels = array(); find_warnlevels_to_check($query, $lower_expiration_times, $lower_levels); // now that we've got all the info, do necessary stuff for ($i = 1; $i <= 3; ++$i) { if ($check_levels[$i]) { switch ($i) { case 1: // Ban // we'll have to resort to letting the admin/mod remove the ban manually, since there's an issue if stacked bans are in force... continue; case 2: // Revoke posting $current_expiry_field = 'suspensiontime'; $current_inforce_field = 'suspendposting'; break; case 3: $current_expiry_field = 'moderationtime'; $current_inforce_field = 'moderateposts'; break; } // if the thing isn't in force, don't bother with trying to update anything if (!$user[$current_inforce_field]) { continue; } if ($lower_levels[$i]) { // lessen the expiration time if necessary if (!$lower_expiration_times[$i]) { // doesn't expire - enforce this $this->updated_user[$current_expiry_field] = 0; continue; } if ($max_expiration_times[$i]) { // if the old level did have an expiry time... if ($max_expiration_times[$i] <= $lower_expiration_times[$i]) { // if the lower expiration time is actually higher than the upper expiration time -> skip continue; } // both new and old max expiry times aren't infinite, so we can take a difference $expire_offset = $lower_expiration_times[$i] - $max_expiration_times[$i]; } else { // the old level never expired, not much we can do but try to estimate a new expiry time... which will just happen to be starting from today... $expire_offset = TIME_NOW + $lower_expiration_times[$i]; // if the user's expiry time is already less than what we're going to set it to, skip if ($user[$current_expiry_field] <= $expire_offset) { continue; } } $this->updated_user[$current_expiry_field] = $user[$current_expiry_field] + $expire_offset; // double-check if it's expired already if ($this->updated_user[$current_expiry_field] < TIME_NOW) { $this->updated_user[$current_expiry_field] = 0; $this->updated_user[$current_inforce_field] = 0; } } else { // there's no lower level for this type - remove the consequence entirely $this->updated_user[$current_expiry_field] = 0; $this->updated_user[$current_inforce_field] = 0; } } } } } } // Save updated details $db->update_query("users", $this->updated_user, "uid='{$user['uid']}'"); $mybb->cache->update_moderators(); return $this->updated_user; }