diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 4903567a..d78ebf0d 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -143,7 +143,12 @@ function mod_page_ip($ip) { } if (isset($_POST['note'])) { - // TODO: permissions + if (hasPermission($config['mod']['create_notes'])) { + $query = prepare("SELECT `bans`.*, `username` FROM `bans` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip"); + $query->bindValue(':ip', $ip); + $query->execute() or error(db_error($query)); + $args['bans'] = $query->fetchAll(PDO::FETCH_ASSOC); + } markup($_POST['note']); $query = prepare('INSERT INTO `ip_notes` VALUES (NULL, :ip, :mod, :time, :body)'); @@ -194,20 +199,30 @@ function mod_page_ip($ip) { $args['boards'] = $boards; - $query = prepare("SELECT `bans`.*, `username` FROM `bans` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip"); - $query->bindValue(':ip', $ip); - $query->execute() or error(db_error($query)); - $args['bans'] = $query->fetchAll(PDO::FETCH_ASSOC); - $query = prepare("SELECT `ip_notes`.*, `username` FROM `ip_notes` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip"); - $query->bindValue(':ip', $ip); - $query->execute() or error(db_error($query)); - $args['notes'] = $query->fetchAll(PDO::FETCH_ASSOC); + if (hasPermission($config['mod']['view_ban'])) { + $query = prepare("SELECT `bans`.*, `username` FROM `bans` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip"); + $query->bindValue(':ip', $ip); + $query->execute() or error(db_error($query)); + $args['bans'] = $query->fetchAll(PDO::FETCH_ASSOC); + } + + if (hasPermission($config['mod']['view_notes'])) { + $query = prepare("SELECT `ip_notes`.*, `username` FROM `ip_notes` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip"); + $query->bindValue(':ip', $ip); + $query->execute() or error(db_error($query)); + $args['notes'] = $query->fetchAll(PDO::FETCH_ASSOC); + } mod_page("IP: $ip", 'mod/view_ip.html', $args); } function mod_ban() { + global $config; + + if (!hasPermission($config['mod']['ban'])) + error($config['error']['noaccess']); + if (!isset($_POST['ip'], $_POST['reason'], $_POST['length'], $_POST['board'])) { mod_page("New ban", 'mod/ban_form.html', array()); return; @@ -263,6 +278,19 @@ function mod_users() { mod_page('Manage users', 'mod/users.html', $args); } +function mod_user_promote($uid, $action) { + global $config; + + if (!hasPermission($config['mod']['promoteusers'])) + error($config['error']['noaccess']); + + $query = prepare("UPDATE `mods` SET `type` = `type` " . ($action == 'promote' ? "+1 WHERE `type` < " . (int)ADMIN : "-1 WHERE `type` > " . (int)JANITOR) . " AND `id` = :id"); + $query->bindValue(':id', $uid); + $query->execute() or error(db_error($query)); + + header('Location: ?/users', true, $config['redirect_http']); +} + function mod_new_pm($username) { global $config, $mod; @@ -272,8 +300,16 @@ function mod_new_pm($username) { $query = prepare("SELECT `id` FROM `mods` WHERE `username` = :username"); $query->bindValue(':username', $username); $query->execute() or error(db_error($query)); - if (!$id = $query->fetchColumn(0)) - error($config['error']['404']); + if (!$id = $query->fetchColumn(0)) { + // Old style ?/PM: by user ID + $query = prepare("SELECT `username` FROM `mods` WHERE `id` = :username"); + $query->bindValue(':username', $username); + $query->execute() or error(db_error($query)); + if ($username = $query->fetchColumn(0)) + header('Location: ?/new_PM/' . $username, true, $config['redirect_http']); + else + error($config['error']['404']); + } if (isset($_POST['message'])) { markup($_POST['message']); @@ -291,3 +327,12 @@ function mod_new_pm($username) { mod_page("New PM for {$username}", 'mod/new_pm.html', array('username' => $username, 'id' => $id)); } +function mod_rebuild() { + global $config; + + if (!hasPermission($config['mod']['rebuild'])) + error($config['error']['noaccess']); + + mod_page("Rebuild", 'mod/rebuild.html', array('boards' => listBoards())); +} + diff --git a/inc/template.php b/inc/template.php index ab220454..8d679d25 100644 --- a/inc/template.php +++ b/inc/template.php @@ -26,7 +26,7 @@ function load_twig() { $loader->setPaths($config['dir']['template']); $twig = new Twig_Environment($loader, array( 'autoescape' => false, - //'cache' => "{$config['dir']['template']}/cache", + 'cache' => "{$config['dir']['template']}/cache", 'debug' => ($config['debug'] ? true : false), )); $twig->addExtension(new Twig_Extensions_Extension_Tinyboard()); diff --git a/mod.php b/mod.php index e7134603..f641d371 100644 --- a/mod.php +++ b/mod.php @@ -28,8 +28,11 @@ $pages = array( '!^/log/(\d+)$!' => 'log', // modlog '!^/users$!' => 'users', // manage users + '!^/users/(\d+)/(promote|demote)$!' => 'user_promote', // prmote/demote user '!^/new_PM/([^/]+)$!' => 'new_pm', // create a new pm + '!^/rebuild$!' => 'rebuild', // rebuild static files + '!^/ban$!' => 'ban', // new ban '!^/IP/([\w.:]+)$!' => 'ip', // view ip address '!^/IP/([\w.:]+)/remove_note/(\d+)$!' => 'ip_remove_note', // remove note from ip address diff --git a/templates/mod/rebuild.html b/templates/mod/rebuild.html new file mode 100644 index 00000000..763eb624 --- /dev/null +++ b/templates/mod/rebuild.html @@ -0,0 +1,71 @@ +
diff --git a/templates/mod/users.html b/templates/mod/users.html index aeacc8b5..63d799d5 100644 --- a/templates/mod/users.html +++ b/templates/mod/users.html @@ -30,7 +30,11 @@