Location: PHPKode > projects > DantoBB > DantoBB_1-0/sources/admin_bans.php
<?php

/*
	Copyright (C) 2009 DantoBB Team
	http://www.dantobb.com
*/

/**
 * ACP bans management
 *
 * Ban usernames, email and IP addresses
 *
 * @author	DantoBB Team
 * @link	http://www.dantobb.com
 * @license	GPL-2
 * @version	$Revision: 1.0 $
 * @copyright	Copyright (C) 2009 DantoBB Team
 * @package	DantoBB
 * @subpackage	ACP
 */

//
// Die when called directly in browser
//
if ( !defined('INCLUDED') )
	exit();

$modes = array('username', 'email', 'ip_addr');
$_GET['show'] = ( !empty($_GET['show']) && in_array($_GET['show'], $modes) ) ? $_GET['show'] : $modes[0];

if ( !empty($_GET['delete']) && valid_int($_GET['delete']) ) {
	
	$db->query("DELETE FROM ".TABLE_PREFIX."bans WHERE id= ".$_GET['delete']);
	$functions->redirect('admin.php', array('act' => 'bans', 'show' => $_GET['show']));
	
} else {
	
	$content = '<p>'.$lang['BansInfo'].'</p>';
	
	$content .= '<ul id="adminfunctionsmenu">';
	foreach ( $modes as $mode ) {
		
		if ( $mode == $_GET['show'] )
			$content .= '<li>'.$lang['Bans-'.$mode].'</li> ';
		else
			$content .= '<li><a href="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $mode)).'">'.$lang['Bans-'.$mode].'</a></li> ';
		
	}
	$content .= '</ul>';
	
	if ( $_GET['show'] == 'username' ) {
		
		if ( !empty($_POST['name']) ) {
			
			$db->query("DELETE FROM ".TABLE_PREFIX."bans WHERE name = '".$_POST['name']."'");
			$db->query("INSERT INTO ".TABLE_PREFIX."bans VALUES(NULL, '".$_POST['name']."', '', '')");
			
			$functions->redirect('admin.php', array('act' => 'bans', 'show' => $_GET['show']));
					
		} else {
			
			$result = $db->query("SELECT id, name FROM ".TABLE_PREFIX."bans WHERE name <> '' ORDER BY name ASC");
			$bans = array();
			while ( $ban = $db->fetch_result($result) )
				$bans[] = $ban;
			
			$content .= '<form action="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $_GET['show'])).'" method="post">';
			$content .= '<table id="adminregulartable">';
			$content .= '<tr><th>'.$lang['BansUsername'].'</th><th class="action">'.$lang['Action'].'</th></tr>';
			
			if ( !count($bans) ) {
				
				$content .= '<tr><td colspan="3">'.$lang['BansNoBansExist'].'</td></tr>';
				
			} else {
				
				foreach ( $bans as $ban )
					$content .= '<tr><td>'.unhtml(stripslashes($ban['name'])).'</td><td class="action"><a href="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $_GET['show'], 'delete' => $ban['id'])).'">'.$lang['Delete'].'</a></td></tr>';
				
			}
			
			$content .= '<tr><td><input type="text" name="name" size="30" maxlength="255" /></td><td class="action"><input type="submit" value="'.$lang['Add'].'" /></td></tr>';
			$content .= '</table></form>';
			
		}
		
	} elseif ( $_GET['show'] == 'email' ) {
		
		if ( !empty($_POST['email']) ) {
			
			$db->query("DELETE FROM ".TABLE_PREFIX."bans WHERE email = '".$_POST['email']."'");
			$db->query("INSERT INTO ".TABLE_PREFIX."bans VALUES(NULL, '', '".$_POST['email']."', '')");
			
			$functions->redirect('admin.php', array('act' => 'bans', 'show' => $_GET['show']));
					
		} else {
			
			$result = $db->query("SELECT id, email FROM ".TABLE_PREFIX."bans WHERE email <> '' ORDER BY email ASC");
			$bans = array();
			while ( $ban = $db->fetch_result($result) )
				$bans[] = $ban;
			
			$content .= '<form action="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $_GET['show'])).'" method="post">';
			$content .= '<table id="adminregulartable">';
			$content .= '<tr><th>'.$lang['BansEmail'].'</th><th class="action">'.$lang['Action'].'</th></tr>';
			
			if ( !count($bans) ) {
				
				$content .= '<tr><td colspan="3">'.$lang['BansNoBansExist'].'</td></tr>';
				
			} else {
				
				foreach ( $bans as $ban )
					$content .= '<tr><td>'.unhtml(stripslashes($ban['email'])).'</td><td class="action"><a href="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $_GET['show'], 'delete' => $ban['id'])).'">'.$lang['Delete'].'</a></td></tr>';
				
			}
			
			$content .= '<tr><td><input type="text" name="email" size="30" maxlength="255" /></td><td class="action"><input type="submit" value="'.$lang['Add'].'" /></td></tr>';
			$content .= '</table></form>';
			
		}
		
	} elseif ( $_GET['show'] == 'ip_addr' ) {
		
		if ( !$functions->get_config('enable_ip_bans') ) {
			
			$content .= '<p>'.$lang['BansIPBansDisabledInfo'].'</p>';
			
		} else {
			
			if ( !empty($_POST['ip_addr']) ) {
				
				$db->query("DELETE FROM ".TABLE_PREFIX."bans WHERE ip_addr = '".$_POST['ip_addr']."'");
				$db->query("INSERT INTO ".TABLE_PREFIX."bans VALUES(NULL, '', '', '".$_POST['ip_addr']."')");
				
				$functions->redirect('admin.php', array('act' => 'bans', 'show' => $_GET['show']));
						
			} else {
				
				$result = $db->query("SELECT id, ip_addr FROM ".TABLE_PREFIX."bans WHERE ip_addr <> '' ORDER BY ip_addr ASC");
				$bans = array();
				while ( $ban = $db->fetch_result($result) )
					$bans[] = $ban;
				
				$content .= '<form action="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $_GET['show'])).'" method="post">';
				$content .= '<table id="adminregulartable">';
				$content .= '<tr><th>'.$lang['BansIp_addr'].'</th><th class="action">'.$lang['Action'].'</th></tr>';
				
				if ( !count($bans) ) {
					
					$content .= '<tr><td colspan="3">'.$lang['BansNoBansExist'].'</td></tr>';
					
				} else {
					
					foreach ( $bans as $ban )
						$content .= '<tr><td>'.unhtml(stripslashes($ban['ip_addr'])).'</td><td class="action"><a href="'.$functions->make_url('admin.php', array('act' => 'bans', 'show' => $_GET['show'], 'delete' => $ban['id'])).'">'.$lang['Delete'].'</a></td></tr>';
					
				}
				
				$content .= '<tr><td><input type="text" name="ip_addr" size="30" maxlength="255" /></td><td class="action"><input type="submit" value="'.$lang['Add'].'" /></td></tr>';
				$content .= '</table></form>';
				
			}
			
		}
		
	}
	
}

$admin_functions->create_body('bans', $content);

?>
Return current item: DantoBB