104 lines
3.5 KiB
PHP
104 lines
3.5 KiB
PHP
<?php
|
|
namespace Misuzu;
|
|
|
|
use DateTimeInterface;
|
|
use RuntimeException;
|
|
use Index\DateTime;
|
|
use Misuzu\Users\User;
|
|
|
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_BANS)) {
|
|
echo render_error(403);
|
|
return;
|
|
}
|
|
|
|
$bans = $msz->getBans();
|
|
|
|
if($_SERVER['REQUEST_METHOD'] === 'GET' && filter_has_var(INPUT_GET, 'delete')) {
|
|
if(CSRF::validateRequest()) {
|
|
try {
|
|
$banInfo = $bans->getBan((string)filter_input(INPUT_GET, 'b'));
|
|
} catch(RuntimeException $ex) {
|
|
echo render_error(404);
|
|
return;
|
|
}
|
|
|
|
$bans->deleteBans($banInfo);
|
|
$msz->createAuditLog('BAN_DELETE', [$banInfo->getId(), $banInfo->getUserId()]);
|
|
url_redirect('manage-users-bans', ['user' => $banInfo->getUserId()]);
|
|
} else render_error(403);
|
|
return;
|
|
}
|
|
|
|
try {
|
|
$userInfo = User::byId((int)filter_input(INPUT_GET, 'u', FILTER_SANITIZE_NUMBER_INT));
|
|
} catch(RuntimeException $ex) {
|
|
echo render_error(404);
|
|
return;
|
|
}
|
|
|
|
$modInfo = User::getCurrent();
|
|
|
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
|
$expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT);
|
|
$expiresCustom = (string)filter_input(INPUT_POST, 'ub_expires_custom');
|
|
$publicReason = trim((string)filter_input(INPUT_POST, 'ub_reason_pub'));
|
|
$privateReason = trim((string)filter_input(INPUT_POST, 'ub_reason_priv'));
|
|
$severity = (int)filter_input(INPUT_POST, 'ub_severity', FILTER_SANITIZE_NUMBER_INT);
|
|
|
|
Template::set([
|
|
'ban_value_expires' => $expires,
|
|
'ban_value_expires_custom' => $expiresCustom,
|
|
'ban_value_reason_pub' => $publicReason,
|
|
'ban_value_reason_priv' => $privateReason,
|
|
'ban_value_severity' => $severity,
|
|
]);
|
|
|
|
if($expires < 1) {
|
|
if($expires === -1) {
|
|
$expires = null;
|
|
} elseif($expires === -2) {
|
|
$expires = DateTime::createFromFormat(DateTimeInterface::ATOM, $expiresCustom . ':00Z');
|
|
} else {
|
|
echo 'Invalid duration specified.';
|
|
break;
|
|
}
|
|
} else
|
|
$expires = time() + $expires;
|
|
|
|
$banInfo = $bans->createBan(
|
|
$userInfo, $expires, $publicReason, $privateReason,
|
|
severity: $severity, modInfo: $modInfo
|
|
);
|
|
|
|
$msz->createAuditLog('BAN_CREATE', [$banInfo->getId(), $userInfo->getId()]);
|
|
url_redirect('manage-users-bans', ['user' => $userInfo->getId()]);
|
|
return;
|
|
}
|
|
|
|
// calling array_flip since the input_select macro wants value => display, but this looks cuter
|
|
$durations = array_flip([
|
|
'Pick a duration...' => 0,
|
|
'15 Minutes' => 60 * 15,
|
|
'30 Minutes' => 60 * 30,
|
|
'1 Hour' => 60 * 60,
|
|
'2 Hours' => 60 * 60 * 2,
|
|
'3 Hours' => 60 * 60 * 3,
|
|
'6 Hours' => 60 * 60 * 6,
|
|
'12 Hours' => 60 * 60 * 12,
|
|
'1 Day' => 60 * 60 * 24,
|
|
'2 Days' => 60 * 60 * 24 * 2,
|
|
'1 Week' => 60 * 60 * 24 * 7,
|
|
'2 Weeks' => 60 * 60 * 24 * 7 * 2,
|
|
'1 Month' => 60 * 60 * 24 * 365 / 12,
|
|
'3 Months' => 60 * 60 * 24 * 365 / 12 * 3,
|
|
'6 Months' => 60 * 60 * 24 * 365 / 12 * 6,
|
|
'9 Months' => 60 * 60 * 24 * 365 / 12 * 9,
|
|
'1 Year' => 60 * 60 * 24 * 365,
|
|
'Permanent!' => -1,
|
|
'Custom →' => -2,
|
|
]);
|
|
|
|
Template::render('manage.users.ban', [
|
|
'ban_user' => $userInfo,
|
|
'ban_durations' => $durations,
|
|
]);
|