1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}
class acp_disallow
{
var $u_action;
function main($id, $mode)
{
global $db, $user, $template, $cache, $phpbb_log, $request;
$user->add_lang('acp/posting');
// Set up general vars
$this->tpl_name = 'acp_disallow';
$this->page_title = 'ACP_DISALLOW_USERNAMES';
$form_key = 'acp_disallow';
add_form_key($form_key);
$disallow = (isset($_POST['disallow'])) ? true : false;
$allow = (isset($_POST['allow'])) ? true : false;
if (($allow || $disallow) && !check_form_key($form_key))
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($disallow)
{
$disallowed_user = str_replace('*', '%', $request->variable('disallowed_user', '', true));
if (!$disallowed_user)
{
trigger_error($user->lang['NO_USERNAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'SELECT disallow_id
FROM ' . DISALLOW_TABLE . "
WHERE disallow_username = '" . $db->sql_escape($disallowed_user) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
trigger_error($user->lang['DISALLOWED_ALREADY'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'INSERT INTO ' . DISALLOW_TABLE . ' ' . $db->sql_build_array('INSERT', array('disallow_username' => $disallowed_user));
$db->sql_query($sql);
$cache->destroy('_disallowed_usernames');
$message = $user->lang['DISALLOW_SUCCESSFUL'];
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_DISALLOW_ADD', false, array(str_replace('%', '*', $disallowed_user)));
trigger_error($message . adm_back_link($this->u_action));
}
else if ($allow)
{
$disallowed_id = $request->variable('disallowed_id', 0);
if (!$disallowed_id)
{
trigger_error($user->lang['NO_USERNAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'DELETE FROM ' . DISALLOW_TABLE . '
WHERE disallow_id = ' . $disallowed_id;
$db->sql_query($sql);
$cache->destroy('_disallowed_usernames');
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_DISALLOW_DELETE');
trigger_error($user->lang['DISALLOWED_DELETED'] . adm_back_link($this->u_action));
}
// Grab the current list of disallowed usernames...
$sql = 'SELECT *
FROM ' . DISALLOW_TABLE;
$result = $db->sql_query($sql);
$disallow_select = '';
while ($row = $db->sql_fetchrow($result))
{
$disallow_select .= '<option value="' . $row['disallow_id'] . '">' . str_replace('%', '*', $row['disallow_username']) . '</option>';
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'U_ACTION' => $this->u_action,
'S_DISALLOWED_NAMES' => $disallow_select)
);
}
}
|
