| sajjid |
06-26-2005 11:05 PM |
Code:
// check that the user exists
$user = $DB_site->query_first("
SELECT
user.userid, user.username, user.usergroupid, user.displaygroupid, user.customtitle, user.usertitle,
IF(moderator.moderatorid IS NULL, 0, 1) AS ismoderator
FROM " . TABLE_PREFIX . "user AS user
LEFT JOIN " . TABLE_PREFIX . "moderator AS moderator USING(userid)
WHERE user.username = '" . addslashes($username) . "'
");
if (!$user OR $user['userid'] == $bbuserinfo['userid'] OR $user['usergroupid'] == 6)
{
print_stop_message('invalid_user_specified');
}
// check that user has permission to ban the person they want to ban
if (!($permissions['adminpermissions'] & CANCONTROLPANEL))
{
if ($user['usergroupid'] == 5 OR $user['ismoderator'])
{
print_stop_message('no_permission_ban_non_registered_users');
}
}
// check that the number of days is valid
if ($period != 'PERMANENT' AND !preg_match('#^(D|M|Y)_[1-9][0-9]?$#', $period))
{
print_stop_message('invalid_ban_period_specified');
}
// if we've got this far all the incoming data is good
if ($period == 'PERMANENT')
{
// make this ban permanent
$liftdate = 0;
}
else
{
// get the unixtime for when this ban will be lifted
$liftdate = convert_date_to_timestamp($period);
}
// update the user's title if they've specified a special user title for the banned group
if ($usergroupcache["$usergroupid"]['usertitle'] != '')
{
$bantitlesql = "usertitle = '" . addslashes($usergroupcache["$usergroupid"]['usertitle']) . "', customtitle = 0,";
}
else
{
$bantitlesql = '';
}
// check to see if there is already a ban record for this user in the userban table
if ($check = $DB_site->query_first("SELECT userid, liftdate FROM " . TABLE_PREFIX . "userban WHERE userid = $user[userid]"))
{
if ($liftdate < $check['liftdate'])
{
if (!($permissions['adminpermissions'] & CANCONTROLPANEL) AND (!can_moderate(0, 'canunbanusers')))
{
print_stop_message('no_permission_un_ban_users');
}
}
// there is already a record - just update this record
$DB_site->query("
UPDATE " . TABLE_PREFIX . "userban SET
adminid = $bbuserinfo[userid],
bandate = " . TIMENOW . ",
liftdate = $liftdate,
reason = '" . addslashes($reason) . "'
WHERE userid = $user[userid]
");
}
else
{
// insert a record into the userban table
$DB_site->query("
INSERT INTO " . TABLE_PREFIX . "userban
(userid, usergroupid, displaygroupid, customtitle, usertitle, adminid, bandate, liftdate, reason)
VALUES
($user[userid], $user[usergroupid], $user[displaygroupid], $user[customtitle], '" . addslashes($user['usertitle']) . "', $bbuserinfo[userid], " . TIMENOW . ", $liftdate, '" . addslashes($reason) . "')
}
// update the user record
$DB_site->query("
UPDATE " . TABLE_PREFIX . "user SET
$bantitlesql
usergroupid = $usergroupid,
displaygroupid = 0
WHERE userid = $user[userid]
");
define('CP_REDIRECT', 'banning.php');
if ($period == 'PERMANENT')
{
print_stop_message('user_x_has_been_banned_permanently', $user['username']);
}
else
{
print_stop_message('user_x_has_been_banned_until_y', $user['username'], vbdate("$vboptions[dateformat] $vboptions[timeformat]", $liftdate));
}
}
// #############################################################################
// user banning form
if ($_REQUEST['do'] == 'banuser')
{
globalize($_REQUEST, array('userid' => INT, 'username' => STR, 'period' => STR));
// fill in the username field if it's specified
if (!$username AND $userid)
{
$user = $DB_site->query_first("SELECT username FROM " . TABLE_PREFIX . "user WHERE userid = $userid");
$username = $user['username'];
}
// set a default banning period if there isn't one specified
if (empty($period))
{
$period = 'D_7'; // 7 days
}
// make a list of usergroups into which to move this user
$selectedid = 0;
$usergroups = array();
foreach ($usergroupcache AS $usergroupid => $usergroup)
{
if ($usergroup['genericoptions'] & ISBANNEDGROUP)
{
$usergroups["$usergroupid"] = $usergroup['title'];
if ($selectedid == 0)
{
$selectedid = $usergroupid;
}
}
}
$temporary_phrase = $vbphrase['temporary_ban_options'];
$permanent_phrase = $vbphrase['permanent_ban_options'];
// make a list of banning period options
$periodoptions = array(
$temporary_phrase => array(
'D_1' => "1 $vbphrase[day]",
'D_2' => "2 $vbphrase[days]",
'D_3' => "3 $vbphrase[days]",
'D_4' => "4 $vbphrase[days]",
'D_5' => "5 $vbphrase[days]",
'D_6' => "6 $vbphrase[days]",
'D_7' => "7 $vbphrase[days]",
'D_10' => "10 $vbphrase[days]",
'D_14' => "2 $vbphrase[weeks]",
'D_21' => "3 $vbphrase[weeks]",
'M_1' => "1 $vbphrase[month]",
'M_2' => "2 $vbphrase[months]",
'M_3' => "3 $vbphrase[months]",
'M_4' => "4 $vbphrase[months]",
'M_5' => "5 $vbphrase[months]",
'M_6' => "6 $vbphrase[months]",
'Y_1' => "1 $vbphrase[year]",
'Y_2' => "2 $vbphrase[years]",
),
$permanent_phrase => array(
'PERMANENT' => "$vbphrase[permanent] - $vbphrase[never_lift_ban]"
)
);
foreach ($periodoptions["$temporary_phrase"] AS $thisperiod => $text)
{
if ($liftdate = convert_date_to_timestamp($thisperiod))
{
$periodoptions["$temporary_phrase"]["$thisperiod"] .= ' (' . vbdate($vboptions['dateformat'] . ' ' . $vboptions['timeformat'], $liftdate) . ')';
}
}
print_form_header('banning', 'dobanuser');
print_table_header($vbphrase['ban_user']);
print_input_row($vbphrase['username'], 'username', $username, 0);
print_select_row($vbphrase['move_user_to_usergroup'], 'usergroupid', $usergroups, $selectedid);
print_select_row($vbphrase['lift_ban_after'], 'period', $periodoptions);
print_textarea_row('Reason', 'reason', '', 8, 45, 1, 0);
print_submit_row($vbphrase['ban_user']);
}
i dont have any other hacks installed on the forums and i have downloads fresh copy of vb and edited the banning.php same error still comes up.
thanks |
More Information