flashii/misuzu
flashii/misuzu
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
misuzu/public-legacy/manage/users/ban.php
flashwave e4c3e4c052
Authn/z rework.
2025-03-31 15:35:24 +00:00

101 lines
3.9 KiB
PHP
Raw Blame History

<?php
namespace Misuzu;
use DateTimeInterface;
use RuntimeException;
use Carbon\CarbonImmutable;
if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
die('Script must be called through the Misuzu route dispatcher.');
if(!$msz->authInfo->getPerms('user')->check(Perm::U_BANS_MANAGE))
Template::throwError(403);
if($_SERVER['REQUEST_METHOD'] === 'GET' && !empty($_GET['delete'])) {
if(!$msz->csrfCtx->verifyLegacy())
Template::throwError(403);
try {
$banInfo = $msz->usersCtx->bans->getBan(!empty($_GET['b']) && is_scalar($_GET['b']) ? (string)$_GET['b'] : '');
} catch(RuntimeException $ex) {
Template::throwError(404);
}
$msz->usersCtx->bans->deleteBans($banInfo);
$msz->logsCtx->createAuthedLog('BAN_DELETE', [$banInfo->id, $banInfo->userId]);
Tools::redirect($msz->urls->format('manage-users-bans', ['user' => $banInfo->userId]));
return;
}
try {
$userInfo = $msz->usersCtx->getUserInfo(!empty($_GET['u']) && is_scalar($_GET['u']) ? (string)$_GET['u'] : '', 'id');
} catch(RuntimeException $ex) {
Template::throwError(404);
}
$modInfo = $msz->authInfo->userInfo;
while($_SERVER['REQUEST_METHOD'] === 'POST' && $msz->csrfCtx->verifyLegacy()) {
$expires = !empty($_POST['ub_expires']) && is_scalar($_POST['ub_expires']) ? (int)$_POST['ub_expires'] : 0;
$expiresCustom = !empty($_POST['ub_expires_custom']) && is_scalar($_POST['ub_expires_custom']) ? trim((string)$_POST['ub_expires_custom']) : '';
$publicReason = !empty($_POST['ub_reason_pub']) && is_scalar($_POST['ub_reason_pub']) ? trim((string)$_POST['ub_reason_pub']) : '';
$privateReason = !empty($_POST['ub_reason_priv']) && is_scalar($_POST['ub_reason_priv']) ? trim((string)$_POST['ub_reason_priv']) : '';
$severity = !empty($_POST['ub_severity']) && is_scalar($_POST['ub_severity']) ? (int)$_POST['ub_severity'] : 0;
Template::set([
'ban_value_expires' => $expires,
'ban_value_expires_custom' => $expiresCustom,
'ban_value_reason_pub' => $publicReason,
'ban_value_reason_priv' => $privateReason,
'ban_value_severity' => $severity,
]);
if($expires < 1) {
if($expires === -1) {
$expires = null;
} elseif($expires === -2) {
$expires = CarbonImmutable::createFromFormat(DateTimeInterface::ATOM, $expiresCustom . ':00Z');
} else {
echo 'Invalid duration specified.';
break;
}
} else
$expires = time() + $expires;
$banInfo = $msz->usersCtx->bans->createBan(
$userInfo, $expires, $publicReason, $privateReason,
severity: $severity, modInfo: $modInfo
);
$msz->logsCtx->createAuthedLog('BAN_CREATE', [$banInfo->id, $userInfo->id]);
Tools::redirect($msz->urls->format('manage-users-bans', ['user' => $userInfo->id]));
return;
}
// calling array_flip since the input_select macro wants value => display, but this looks cuter
$durations = array_flip([
'Pick a duration...' => 0,
'15 Minutes' => 60 * 15,
'30 Minutes' => 60 * 30,
'1 Hour' => 60 * 60,
'2 Hours' => 60 * 60 * 2,
'3 Hours' => 60 * 60 * 3,
'6 Hours' => 60 * 60 * 6,
'12 Hours' => 60 * 60 * 12,
'1 Day' => 60 * 60 * 24,
'2 Days' => 60 * 60 * 24 * 2,
'1 Week' => 60 * 60 * 24 * 7,
'2 Weeks' => 60 * 60 * 24 * 7 * 2,
'1 Month' => 60 * 60 * 24 * 365 / 12,
'3 Months' => 60 * 60 * 24 * 365 / 12 * 3,
'6 Months' => 60 * 60 * 24 * 365 / 12 * 6,
'9 Months' => 60 * 60 * 24 * 365 / 12 * 9,
'1 Year' => 60 * 60 * 24 * 365,
'Permanent!' => -1,
'Custom →' => -2,
]);
Template::render('manage.users.ban', [
'ban_user' => $userInfo,
'ban_durations' => $durations,
]);
Reference in a new issue View git blame Copy permalink