2023-07-26 22:43:50 +00:00
|
|
|
<?php
|
|
|
|
namespace Misuzu;
|
|
|
|
|
|
|
|
use RuntimeException;
|
|
|
|
|
2023-08-02 22:12:47 +00:00
|
|
|
if(!$msz->isLoggedIn() || !perms_check_user(MSZ_PERMS_USER, $msz->getActiveUser()->getId(), MSZ_PERM_USER_MANAGE_WARNINGS)) {
|
2023-07-26 22:43:50 +00:00
|
|
|
echo render_error(403);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$warns = $msz->getWarnings();
|
|
|
|
|
|
|
|
if($_SERVER['REQUEST_METHOD'] === 'GET' && filter_has_var(INPUT_GET, 'delete')) {
|
|
|
|
if(CSRF::validateRequest()) {
|
|
|
|
try {
|
|
|
|
$warnInfo = $warns->getWarning((string)filter_input(INPUT_GET, 'w'));
|
|
|
|
} catch(RuntimeException $ex) {
|
|
|
|
echo render_error(404);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$warns->deleteWarnings($warnInfo);
|
|
|
|
$msz->createAuditLog('WARN_DELETE', [$warnInfo->getId(), $warnInfo->getUserId()]);
|
|
|
|
url_redirect('manage-users-warnings', ['user' => $warnInfo->getUserId()]);
|
|
|
|
} else render_error(403);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-08-02 22:12:47 +00:00
|
|
|
$users = $msz->getUsers();
|
|
|
|
|
2023-07-26 22:43:50 +00:00
|
|
|
try {
|
2023-08-02 22:12:47 +00:00
|
|
|
$userInfo = $users->getUser(filter_input(INPUT_GET, 'u', FILTER_SANITIZE_NUMBER_INT), 'id');
|
2023-07-26 22:43:50 +00:00
|
|
|
} catch(RuntimeException $ex) {
|
|
|
|
echo render_error(404);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-08-02 22:12:47 +00:00
|
|
|
$modInfo = $msz->getActiveUser();
|
2023-07-26 22:43:50 +00:00
|
|
|
|
|
|
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
|
|
|
$body = trim((string)filter_input(INPUT_POST, 'uw_body'));
|
|
|
|
Template::set('warn_value_body', $body);
|
|
|
|
|
|
|
|
$warnInfo = $warns->createWarning(
|
|
|
|
$userInfo, $body, modInfo: $modInfo
|
|
|
|
);
|
|
|
|
|
|
|
|
$msz->createAuditLog('WARN_CREATE', [$warnInfo->getId(), $userInfo->getId()]);
|
|
|
|
url_redirect('manage-users-warnings', ['user' => $userInfo->getId()]);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
Template::render('manage.users.warning', [
|
|
|
|
'warn_user' => $userInfo,
|
|
|
|
]);
|