vb.org Archive - View Single Post

sajjid · #5 06-27-2005, 12:05 AM

Code:

// check that the user exists
	$user = $DB_site->query_first("
		SELECT
		user.userid, user.username, user.usergroupid, user.displaygroupid, user.customtitle, user.usertitle,
		IF(moderator.moderatorid IS NULL, 0, 1) AS ismoderator
		FROM " . TABLE_PREFIX . "user AS user
		LEFT JOIN " . TABLE_PREFIX . "moderator AS moderator USING(userid)
		WHERE user.username = '" . addslashes($username) . "'
	");
	if (!$user OR $user['userid'] == $bbuserinfo['userid'] OR $user['usergroupid'] == 6)
	{
		print_stop_message('invalid_user_specified');
	}

	// check that user has permission to ban the person they want to ban
	if (!($permissions['adminpermissions'] & CANCONTROLPANEL))
	{
		if ($user['usergroupid'] == 5 OR $user['ismoderator'])
		{
			print_stop_message('no_permission_ban_non_registered_users');
		}
	}

	// check that the number of days is valid
	if ($period != 'PERMANENT' AND !preg_match('#^(D|M|Y)_[1-9][0-9]?$#', $period))
	{
		print_stop_message('invalid_ban_period_specified');
	}

	// if we've got this far all the incoming data is good
	if ($period == 'PERMANENT')
	{
		// make this ban permanent
		$liftdate = 0;
	}
	else
	{
		// get the unixtime for when this ban will be lifted
		$liftdate = convert_date_to_timestamp($period);
	}

	// update the user's title if they've specified a special user title for the banned group
	if ($usergroupcache["$usergroupid"]['usertitle'] != '')
	{
		$bantitlesql = "usertitle = '" . addslashes($usergroupcache["$usergroupid"]['usertitle']) . "', customtitle = 0,";
	}
	else
	{
		$bantitlesql = '';
	}

	// check to see if there is already a ban record for this user in the userban table
	if ($check = $DB_site->query_first("SELECT userid, liftdate FROM " . TABLE_PREFIX . "userban WHERE userid = $user[userid]"))
	{
		if ($liftdate < $check['liftdate'])
		{
			if (!($permissions['adminpermissions'] & CANCONTROLPANEL) AND (!can_moderate(0, 'canunbanusers')))
			{
				print_stop_message('no_permission_un_ban_users');
			}
		}

		// there is already a record - just update this record
		$DB_site->query("
			UPDATE " . TABLE_PREFIX . "userban SET
			adminid = $bbuserinfo[userid],
			bandate = " . TIMENOW . ",
			liftdate = $liftdate,
			reason = '" . addslashes($reason) . "' 
			WHERE userid = $user[userid]
		");
	}
	else
	{
		// insert a record into the userban table
		$DB_site->query("
			INSERT INTO " . TABLE_PREFIX . "userban
			(userid, usergroupid, displaygroupid, customtitle, usertitle, adminid, bandate, liftdate, reason)
			VALUES
			($user[userid], $user[usergroupid], $user[displaygroupid], $user[customtitle], '" . addslashes($user['usertitle']) . "', $bbuserinfo[userid], " . TIMENOW . ", $liftdate,  '" . addslashes($reason) . "')
			
	}

	// update the user record
	$DB_site->query("
        UPDATE " . TABLE_PREFIX . "user SET
        $bantitlesql
        usergroupid = $usergroupid,
        displaygroupid = 0
        WHERE userid = $user[userid]
    ");


	define('CP_REDIRECT', 'banning.php');
	if ($period == 'PERMANENT')
	{
		print_stop_message('user_x_has_been_banned_permanently', $user['username']);
	}
	else
	{
		print_stop_message('user_x_has_been_banned_until_y', $user['username'], vbdate("$vboptions[dateformat] $vboptions[timeformat]", $liftdate));
	}
}

// #############################################################################
// user banning form

if ($_REQUEST['do'] == 'banuser')
{
	globalize($_REQUEST, array('userid' => INT, 'username' => STR, 'period' => STR));

	// fill in the username field if it's specified
	if (!$username AND $userid)
	{
		$user = $DB_site->query_first("SELECT username FROM " . TABLE_PREFIX . "user WHERE userid = $userid");
		$username = $user['username'];
	}

	// set a default banning period if there isn't one specified
	if (empty($period))
	{
		$period = 'D_7'; // 7 days
	}

	// make a list of usergroups into which to move this user
	$selectedid = 0;
	$usergroups = array();
	foreach ($usergroupcache AS $usergroupid => $usergroup)
	{
		if ($usergroup['genericoptions'] & ISBANNEDGROUP)
		{
			$usergroups["$usergroupid"] = $usergroup['title'];
			if ($selectedid == 0)
			{
				$selectedid = $usergroupid;
			}
		}
	}

	$temporary_phrase = $vbphrase['temporary_ban_options'];
	$permanent_phrase = $vbphrase['permanent_ban_options'];

	// make a list of banning period options
	$periodoptions = array(
		$temporary_phrase => array(
			'D_1'  => "1 $vbphrase[day]",
			'D_2'  => "2 $vbphrase[days]",
			'D_3'  => "3 $vbphrase[days]",
			'D_4'  => "4 $vbphrase[days]",
			'D_5'  => "5 $vbphrase[days]",
			'D_6'  => "6 $vbphrase[days]",
			'D_7'  => "7 $vbphrase[days]",
			'D_10' => "10 $vbphrase[days]",
			'D_14' => "2 $vbphrase[weeks]",
			'D_21' => "3 $vbphrase[weeks]",
			'M_1'  => "1 $vbphrase[month]",
			'M_2' => "2 $vbphrase[months]",
			'M_3' => "3 $vbphrase[months]",
			'M_4' => "4 $vbphrase[months]",
			'M_5' => "5 $vbphrase[months]",
			'M_6' => "6 $vbphrase[months]",
			'Y_1' => "1 $vbphrase[year]",
			'Y_2' => "2 $vbphrase[years]",
		),
		$permanent_phrase => array(
			'PERMANENT' => "$vbphrase[permanent] - $vbphrase[never_lift_ban]"
		)
	);

	foreach ($periodoptions["$temporary_phrase"] AS $thisperiod => $text)
	{
		if ($liftdate = convert_date_to_timestamp($thisperiod))
		{
			$periodoptions["$temporary_phrase"]["$thisperiod"] .= ' (' . vbdate($vboptions['dateformat'] . ' ' . $vboptions['timeformat'], $liftdate) . ')';
		}
	}

	print_form_header('banning', 'dobanuser');
	print_table_header($vbphrase['ban_user']);
	print_input_row($vbphrase['username'], 'username', $username, 0);
	print_select_row($vbphrase['move_user_to_usergroup'], 'usergroupid', $usergroups, $selectedid);
	print_select_row($vbphrase['lift_ban_after'], 'period', $periodoptions);
	print_textarea_row('Reason', 'reason', '', 8, 45, 1, 0);
	print_submit_row($vbphrase['ban_user']);
}

i dont have any other hacks installed on the forums and i have downloads fresh copy of vb and edited the banning.php same error still comes up.
thanks

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01097 seconds Memory Usage 1,800KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: