$allowedToBan = true;
}
if ($allowedToBan) {
// Make sure special chars for MySQL are escaped
$bannedUser = addslashes($bannedUser);
$bannedUser = str_ireplace(array("\"", "\r\n", "\n", "\r", ";"), "", $bannedUser);
// Remove ; to prevent kick command inyection like name; quit or ; _restart
$banQueries = new BanQueries();
$lengthQueries = new LengthQueries();
$length = $lengthQueries->getBanLength($lengthId);
// Banned user information
$bannedUserO = $banQueries->getBannedUser($banId);
if ($fullPower || $banManager || $bannedUserO->getBanner() == $_SESSION['name'] && !empty($_SESSION['name']) && ($admin || $member) || $bannedUserO->getBannerSteamId() == $_SESSION['steamId'] && !empty($_SESSION['steamId']) && ($admin || $member)) {
// We are banning an IP
if (isset($_POST['banIp'])) {
$banQueries->addIpBan($_POST['ip']);
header("Location: index.php?page=updateBan&banId=" . $banId);
} else {
if (isset($_POST['updateBan'])) {
// We are updating ban information
if ($config->enableSmfIntegration) {
$username = $user_info['username'];
} else {
$username = $_SESSION['name'];
}
if (!$fullPowerLevelEditUser || $fullPower) {
$ModifiedBy = $username;
}
if ($member) {
$pending = 1;
} else {
