276 lines
13 KiB
PHP
276 lines
13 KiB
PHP
<?php
|
|
// Flashii Manage 0.1
|
|
|
|
// Include components
|
|
require_once __DIR__ . '/../../startup.php';
|
|
require_once __DIR__ . '/func.php';
|
|
|
|
// Check if logged in
|
|
if(!$flashii->loggedIn()) {
|
|
print 'Log in before accessing this part of the site.';
|
|
exit;
|
|
}
|
|
|
|
// Check if staff
|
|
if($_SESSION['uid'] != 2 && !$flashii->checkRank($fwSettings['sitemodRanks'])) {
|
|
print 'You are not allowed to view this part of the site.';
|
|
exit;
|
|
}
|
|
|
|
if(!isset($_GET['sid']) && $_GET['sid'] != session_id()) {
|
|
header('Location: ./?page='. base64_encode('index') .'&sid='. session_id());
|
|
exit;
|
|
}
|
|
|
|
if(isset($_GET['navi'])) {
|
|
if(isset($_GET['prof'])) header('Location: ./?page='. base64_encode('profile') .'&sid='. session_id());
|
|
if(isset($_GET['bans'])) header('Location: ./?page='. base64_encode('banning') .'&sid='. session_id());
|
|
if(isset($_GET['repo'])) header('Location: ./?page='. base64_encode('reports') .'&sid='. session_id());
|
|
if(isset($_GET['warn'])) header('Location: ./?page='. base64_encode('warnings') .'&sid='. session_id());
|
|
if(isset($_GET['flii'])) header('Location: /');
|
|
if(isset($_GET['indx'])) header('Location: ./?page='. base64_encode('index') .'&sid='. session_id());
|
|
exit;
|
|
}
|
|
|
|
// Header
|
|
print '<h1 style="margin-bottom: 0;">Flashii <del>Manage</del> Ban Panel</h1><i>It\'s a quick "functional" filler, okay.</i><hr />';
|
|
|
|
// Navigation
|
|
print '<form action="" method="get" style="margin: 0;">';
|
|
|
|
print '<input type="hidden" name="navi" value="poop" />';
|
|
print '<input type="hidden" name="sid" value="'. session_id() .'" />';
|
|
|
|
print '<input type="submit" name="flii" value="Return to Flashii" />';
|
|
print '<input type="submit" name="indx" value="Index" />';
|
|
print '<input type="submit" name="bans" value="Banning" />';
|
|
print '<hr />';
|
|
|
|
print '</form>';
|
|
|
|
print '<div>';
|
|
|
|
if(isset($_GET['page'])) {
|
|
switch(base64_decode($_GET['page'])) {
|
|
case 'index':
|
|
case 'banning':
|
|
if(isset($_GET['active']) && $_GET['active'] == base64_encode('active') && !isset($_GET['unban'])) {
|
|
$users = getUsers();
|
|
|
|
print '<a href="?page='. base64_encode('banning') .'&sid='. session_id() .'">Return</a><br />';
|
|
|
|
print '<form method="get" action="">';
|
|
|
|
print '<input type="hidden" name="page" value="'. base64_encode('banning') .'" />';
|
|
print '<input type="hidden" name="active" value="'. base64_encode('active') .'" />';
|
|
print '<input type="hidden" name="sid" value="'. session_id() .'" />';
|
|
|
|
print '<h3 style="margin: 0;">Select a user to take action</h3>';
|
|
|
|
print '<select name="user">';
|
|
|
|
foreach($users as $user) {
|
|
|
|
print '<option value="';
|
|
print base64_encode($user['id']);
|
|
print '"';
|
|
|
|
if(isset($_GET['user']) && $user['id'] == base64_decode($_GET['user']))
|
|
print ' selected';
|
|
|
|
print '>';
|
|
|
|
print $user['id'] .':'. $user['username'];
|
|
|
|
print '</option>';
|
|
|
|
}
|
|
|
|
print '</select>';
|
|
print '<input type="submit" value="Submit" />';
|
|
|
|
print '</form>';
|
|
|
|
if(isset($_GET['user'])) {
|
|
|
|
foreach($users as $user) {
|
|
|
|
if($user['id'] == base64_decode($_GET['user'])) {
|
|
|
|
if(isset($_GET['ban']) && $_GET['ban'] == base64_encode('fucking go for it')) {
|
|
|
|
if(in_array(3, unserialize($user['groups']))) {
|
|
print 'no';
|
|
break;
|
|
}
|
|
if($user['id'] == 303) {
|
|
print "we're not doing this";
|
|
break;
|
|
}
|
|
if(!isset($_GET['time'])) {
|
|
print 'Time not set.';
|
|
exit;
|
|
}
|
|
if(!isset($_GET['reason'])) {
|
|
print 'Reason not set.';
|
|
exit;
|
|
}
|
|
if(!isset($_GET['type'])) {
|
|
print 'Type not set.';
|
|
exit;
|
|
}
|
|
|
|
banUser(
|
|
$user['id'],
|
|
(empty($user['last_ip']) ? $user['register_ip'] : $user['last_ip']),
|
|
$_GET['type'],
|
|
isset($_GET['perma']),
|
|
($_GET['time'] == 'custom' ? $_GET['custom'] : (is_numeric($_GET['time']) ? $_GET['time'] : 30)),
|
|
$_SESSION['uid'],
|
|
$_SERVER['REMOTE_ADDR'],
|
|
$_GET['reason']
|
|
);
|
|
|
|
print '<h3>'. $user['username'] .' = ban.</h3>';
|
|
break;
|
|
}
|
|
|
|
print '<pre>';
|
|
|
|
print 'Username: '. $user['username'] .'<br />';
|
|
print 'Primary Group: '. $flashii->getRankdata($user['userrole'])['name'] .'<br />';
|
|
print 'Groups: ';
|
|
|
|
foreach(unserialize($user['groups']) as $group) {
|
|
print $flashii->getRankdata($group)['name']. ', ';
|
|
}
|
|
|
|
print '<br />';
|
|
print 'E-mail: '. $user['email'] .'<br />';
|
|
print 'Register IP: '. $user['register_ip'] .'<br />';
|
|
print 'Last IP: '. $user['last_ip'] .'<br />';
|
|
print 'Join date: '. date('r', $user['join_date']) .'<br />';
|
|
print 'Last seen: '. date('r', $user['last_seen']) .'<br />';
|
|
print 'Last namechange: '. date('r', $user['last_namechange']) .'<br />';
|
|
|
|
print '</pre>';
|
|
|
|
print '<form method="get" action="">';
|
|
|
|
print '<input type="hidden" name="page" value="'. base64_encode('banning') .'" />';
|
|
print '<input type="hidden" name="active" value="'. base64_encode('active') .'" />';
|
|
print '<input type="hidden" name="sid" value="'. session_id() .'" />';
|
|
print '<input type="hidden" name="user" value="'. $_GET['user'] .'" />';
|
|
print '<input type="hidden" name="ban" value="'. base64_encode('fucking go for it') .'" />';
|
|
|
|
print 'Ban user for: <select name="time">';
|
|
|
|
print '<option value="30">30 Seconds</option>';
|
|
print '<option value="60">1 Minute</option>';
|
|
print '<option value="300">5 Minutes</option>';
|
|
print '<option value="600">10 Minutes</option>';
|
|
print '<option value="1800">30 Minutes</option>';
|
|
print '<option value="3600">1 Hour</option>';
|
|
print '<option value="21600">6 Hours</option>';
|
|
print '<option value="43200">12 Hours</option>';
|
|
print '<option value="86400">24 Hours/1 Day</option>';
|
|
print '<option value="604800">7 Days/1 Week</option>';
|
|
print '<option value="1814400">1 Month</option>';
|
|
print '<option value="10886400">6 Months</option>';
|
|
print '<option value="21772800">12 Months/1 Year</option>';
|
|
print '<option value="custom">Custom (use box)</option>';
|
|
|
|
print '</select>';
|
|
|
|
print '<input name="custom" type="text" placeholder="Time in seconds" /><br />';
|
|
print 'Reason: <input name="reason" type="text" placeholder="Reason displayed for ban" style="width: 200px;" /><br />';
|
|
print '<input type="checkbox" name="perma" id="KIOPFJEGFKILOPSEJKILOGILOPGOPGFKGJK" /><label for="KIOPFJEGFKILOPSEJKILOGILOPGOPGFKGJK">Perma ban?</label><br />';
|
|
print 'Type...<br />';
|
|
print '<input type="radio" name="type" value="user" id="GGGGGGGGGGGGGGGGGGGGGGGGGGG" /><label for="GGGGGGGGGGGGGGGGGGGGGGGGGGG">Just the user</label><br />';
|
|
print '<input type="radio" name="type" value="ip" id="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" /><label for="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">Just the user\'s last IP (register IP if never logged in)</label><br />';
|
|
print '<input type="radio" name="type" value="uip" id="SSSSSSSSSSSSS" /><label for="SSSSSSSSSSSSS">Fuck both</label><br />';
|
|
|
|
print '<input type="submit" value="Hammer Time" />';
|
|
|
|
print '</form>';
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
} elseif(!isset($_GET['active']) && isset($_GET['unban']) && $_GET['unban'] == base64_encode('unban')) {
|
|
foreach($_GET as $key => $value) {
|
|
if(substr($key, 0, 2) == 'uu') {
|
|
unbanUser(substr($key, 2));
|
|
}
|
|
|
|
unset($key);
|
|
unset($value);
|
|
}
|
|
|
|
print '<a href="?page='. base64_encode('banning') .'&sid='. session_id() .'">Return</a><h2>The selected niggers have been unbanned!</h2>';
|
|
|
|
break;
|
|
}
|
|
|
|
print '<a href="?page='. base64_encode('banning') .'&active='. base64_encode('active') .'&sid='. session_id() .'">Ban a user</a><br />';
|
|
|
|
print '<form method="get" action="">';
|
|
print '<table border="1">';
|
|
|
|
print '<thead><tr>';
|
|
print '<th></th>';
|
|
print '<th>Username</th>';
|
|
print '<th>IP</th>';
|
|
print '<th>Issued on</th>';
|
|
print '<th>Banned till</th>';
|
|
print '<th>Reason</th>';
|
|
print '<th>Type</th>';
|
|
print '<th>Banned by</th>';
|
|
print '</tr></thead>';
|
|
|
|
print '<tbody>';
|
|
foreach(getBans() as $ban) {
|
|
print '<tr>';
|
|
print '<td><input type="checkbox" name="uu'. $ban['id'] .'" /></td>';
|
|
print '<td>'. $flashii->getUserdata($ban['uid'])['username'] .'</td>';
|
|
print '<td>'. $ban['ip'] .'</td>';
|
|
print '<td>'. date('r', $ban['timestamp']) .'</td>';
|
|
print '<td>'. ($ban['perma'] ? 'Permanent' : date('r', $ban['bannedtill'])) .'</td>';
|
|
print '<td>'. $ban['reason'] .'</td>';
|
|
print '<td>'. ($ban['type'] == 2 ? 'Username and IP Address' : ($ban['type'] ? 'IP Address' : 'Username')) .'</td>';
|
|
print '<td>'. $flashii->getUserdata($ban['mid'])['username'] .'</td>';
|
|
print '</tr>';
|
|
}
|
|
print '</tbody></table>';
|
|
|
|
print '<input type="hidden" name="page" value="'. base64_encode('banning') .'" />';
|
|
print '<input type="hidden" name="unban" value="'. base64_encode('unban') .'" />';
|
|
print '<input type="hidden" name="sid" value="'. session_id() .'" />';
|
|
|
|
print '<input type="submit" value="Unban selected users" /></form>';
|
|
|
|
break;
|
|
|
|
case 'warnings':
|
|
print 'ban poop';
|
|
break;
|
|
|
|
case 'reports':
|
|
print 'ban poop';
|
|
break;
|
|
|
|
default:
|
|
header('Location: ./?page='. base64_encode('index') .'&sid='. session_id());
|
|
}
|
|
} else {
|
|
header('Location: ./?page='. base64_encode('index') .'&sid='. session_id());
|
|
}
|
|
|
|
// Footer
|
|
print '</div><hr /><h5 style="margin-top: 0;">Manage Version 2.44k</h5>';
|