51 lines
1.7 KiB
PHP
51 lines
1.7 KiB
PHP
<?php
|
|
namespace Misuzu;
|
|
|
|
use RuntimeException;
|
|
|
|
if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
|
|
die('Script must be called through the Misuzu route dispatcher.');
|
|
|
|
if(!$msz->authInfo->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
|
|
Template::throwError(403);
|
|
|
|
if($_SERVER['REQUEST_METHOD'] === 'GET' && !empty($_GET['delete'])) {
|
|
if(!$msz->csrfCtx->verifyLegacy())
|
|
Template::throwError(403);
|
|
|
|
try {
|
|
$warnInfo = $msz->usersCtx->warnings->getWarning(!empty($_GET['w']) && is_scalar($_GET['w']) ? (string)$_GET['w'] : '');
|
|
} catch(RuntimeException $ex) {
|
|
Template::throwError(404);
|
|
}
|
|
|
|
$msz->usersCtx->warnings->deleteWarnings($warnInfo);
|
|
$msz->logsCtx->createAuthedLog('WARN_DELETE', [$warnInfo->id, $warnInfo->userId]);
|
|
Tools::redirect($msz->routingCtx->urls->format('manage-users-warnings', ['user' => $warnInfo->userId]));
|
|
return;
|
|
}
|
|
|
|
try {
|
|
$userInfo = $msz->usersCtx->users->getUser(!empty($_GET['u']) && is_scalar($_GET['u']) ? (string)$_GET['u'] : '', 'id');
|
|
} catch(RuntimeException $ex) {
|
|
Template::throwError(404);
|
|
}
|
|
|
|
$modInfo = $msz->authInfo->userInfo;
|
|
|
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && $msz->csrfCtx->verifyLegacy()) {
|
|
$body = trim((string)($_POST['uw_body'] ?? ''));
|
|
Template::set('warn_value_body', $body);
|
|
|
|
$warnInfo = $msz->usersCtx->warnings->createWarning(
|
|
$userInfo, $body, modInfo: $modInfo
|
|
);
|
|
|
|
$msz->logsCtx->createAuthedLog('WARN_CREATE', [$warnInfo->id, $userInfo->id]);
|
|
Tools::redirect($msz->routingCtx->urls->format('manage-users-warnings', ['user' => $userInfo->id]));
|
|
return;
|
|
}
|
|
|
|
Template::render('manage.users.warning', [
|
|
'warn_user' => $userInfo,
|
|
]);
|