authInfo->getPerms('user')->check(Perm::U_BANS_MANAGE)) Template::throwError(403); if($_SERVER['REQUEST_METHOD'] === 'GET' && filter_has_var(INPUT_GET, 'delete')) { if(!CSRF::validateRequest()) Template::throwError(403); try { $banInfo = $msz->usersCtx->bans->getBan((string)filter_input(INPUT_GET, 'b')); } catch(RuntimeException $ex) { Template::throwError(404); } $msz->usersCtx->bans->deleteBans($banInfo); $msz->createAuditLog('BAN_DELETE', [$banInfo->id, $banInfo->userId]); Tools::redirect($msz->urls->format('manage-users-bans', ['user' => $banInfo->userId])); return; } try { $userInfo = $msz->usersCtx->getUserInfo(filter_input(INPUT_GET, 'u', FILTER_SANITIZE_NUMBER_INT), 'id'); } catch(RuntimeException $ex) { Template::throwError(404); } $modInfo = $msz->authInfo->userInfo; while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) { // @phpstan-ignore-line: this while is just weird, i don't blame it $expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT); $expiresCustom = (string)filter_input(INPUT_POST, 'ub_expires_custom'); $publicReason = trim((string)filter_input(INPUT_POST, 'ub_reason_pub')); $privateReason = trim((string)filter_input(INPUT_POST, 'ub_reason_priv')); $severity = (int)filter_input(INPUT_POST, 'ub_severity', FILTER_SANITIZE_NUMBER_INT); Template::set([ 'ban_value_expires' => $expires, 'ban_value_expires_custom' => $expiresCustom, 'ban_value_reason_pub' => $publicReason, 'ban_value_reason_priv' => $privateReason, 'ban_value_severity' => $severity, ]); if($expires < 1) { if($expires === -1) { $expires = null; } elseif($expires === -2) { $expires = CarbonImmutable::createFromFormat(DateTimeInterface::ATOM, $expiresCustom . ':00Z'); } else { echo 'Invalid duration specified.'; break; } } else $expires = time() + $expires; $banInfo = $msz->usersCtx->bans->createBan( $userInfo, $expires, $publicReason, $privateReason, severity: $severity, modInfo: $modInfo ); $msz->createAuditLog('BAN_CREATE', [$banInfo->id, $userInfo->id]); Tools::redirect($msz->urls->format('manage-users-bans', ['user' => $userInfo->id])); return; } // calling array_flip since the input_select macro wants value => display, but this looks cuter $durations = array_flip([ 'Pick a duration...' => 0, '15 Minutes' => 60 * 15, '30 Minutes' => 60 * 30, '1 Hour' => 60 * 60, '2 Hours' => 60 * 60 * 2, '3 Hours' => 60 * 60 * 3, '6 Hours' => 60 * 60 * 6, '12 Hours' => 60 * 60 * 12, '1 Day' => 60 * 60 * 24, '2 Days' => 60 * 60 * 24 * 2, '1 Week' => 60 * 60 * 24 * 7, '2 Weeks' => 60 * 60 * 24 * 7 * 2, '1 Month' => 60 * 60 * 24 * 365 / 12, '3 Months' => 60 * 60 * 24 * 365 / 12 * 3, '6 Months' => 60 * 60 * 24 * 365 / 12 * 6, '9 Months' => 60 * 60 * 24 * 365 / 12 * 9, '1 Year' => 60 * 60 * 24 * 365, 'Permanent!' => -1, 'Custom →' => -2, ]); Template::render('manage.users.ban', [ 'ban_user' => $userInfo, 'ban_durations' => $durations, ]);