misuzu/public-legacy/manage/users/warning.php

49 lines
1.5 KiB
PHP
Raw Normal View History

2023-07-26 22:43:50 +00:00
<?php
namespace Misuzu;
use RuntimeException;
if(!$msz->authInfo->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
Template::throwError(403);
2023-07-26 22:43:50 +00:00
if($_SERVER['REQUEST_METHOD'] === 'GET' && filter_has_var(INPUT_GET, 'delete')) {
if(!CSRF::validateRequest())
Template::throwError(403);
try {
$warnInfo = $msz->usersCtx->warnings->getWarning((string)filter_input(INPUT_GET, 'w'));
} catch(RuntimeException $ex) {
Template::throwError(404);
}
$msz->usersCtx->warnings->deleteWarnings($warnInfo);
$msz->createAuditLog('WARN_DELETE', [$warnInfo->id, $warnInfo->userId]);
Tools::redirect($msz->urls->format('manage-users-warnings', ['user' => $warnInfo->userId]));
2023-07-26 22:43:50 +00:00
return;
}
try {
$userInfo = $msz->usersCtx->users->getUser(filter_input(INPUT_GET, 'u', FILTER_SANITIZE_NUMBER_INT), 'id');
2023-07-26 22:43:50 +00:00
} catch(RuntimeException $ex) {
Template::throwError(404);
2023-07-26 22:43:50 +00:00
}
$modInfo = $msz->authInfo->userInfo;
2023-07-26 22:43:50 +00:00
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$body = trim((string)filter_input(INPUT_POST, 'uw_body'));
Template::set('warn_value_body', $body);
$warnInfo = $msz->usersCtx->warnings->createWarning(
2023-07-26 22:43:50 +00:00
$userInfo, $body, modInfo: $modInfo
);
2024-11-30 04:20:20 +00:00
$msz->createAuditLog('WARN_CREATE', [$warnInfo->id, $userInfo->id]);
Tools::redirect($msz->urls->format('manage-users-warnings', ['user' => $userInfo->id]));
2023-07-26 22:43:50 +00:00
return;
}
Template::render('manage.users.warning', [
'warn_user' => $userInfo,
]);