mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-11-30 18:24:29 +01:00
Enforce maximum length of ban appeal
This commit is contained in:
parent
3ac86a074a
commit
e80549a881
@ -699,6 +699,9 @@
|
|||||||
// How many ban appeals can be made for a single ban?
|
// How many ban appeals can be made for a single ban?
|
||||||
$config['ban_appeals_max'] = 1;
|
$config['ban_appeals_max'] = 1;
|
||||||
|
|
||||||
|
// Maximum character length of appeal.
|
||||||
|
$config['ban_appeal_max_chars'] = 250;
|
||||||
|
|
||||||
// Show moderator name on ban page.
|
// Show moderator name on ban page.
|
||||||
$config['show_modname'] = false;
|
$config['show_modname'] = false;
|
||||||
|
|
||||||
@ -1181,6 +1184,11 @@
|
|||||||
$config['error']['noreport'] = _('You didn\'t select anything to report.');
|
$config['error']['noreport'] = _('You didn\'t select anything to report.');
|
||||||
$config['error']['invalidreport'] = _('The reason was too long.');
|
$config['error']['invalidreport'] = _('The reason was too long.');
|
||||||
$config['error']['toomanyreports'] = _('You can\'t report that many posts at once.');
|
$config['error']['toomanyreports'] = _('You can\'t report that many posts at once.');
|
||||||
|
$config['error']['noban'] = _('That ban doesn\'t exist or is not for you.');
|
||||||
|
$config['error']['tooshortban'] = _('You cannot appeal a ban of this length.');
|
||||||
|
$config['error']['toolongappeal'] = _('The appeal was too long.');
|
||||||
|
$config['error']['toomanyappeals'] = _('You cannot appeal this ban again.');
|
||||||
|
$config['error']['pendingappeal'] = _('There is already a pending appeal for this ban.');
|
||||||
$config['error']['invalidpassword'] = _('Wrong password…');
|
$config['error']['invalidpassword'] = _('Wrong password…');
|
||||||
$config['error']['invalidimg'] = _('Invalid image.');
|
$config['error']['invalidimg'] = _('Invalid image.');
|
||||||
$config['error']['phpfileserror'] = _('Upload failure (file #%index%): Error code %code%. Refer to <a href="http://php.net/manual/en/features.file-upload.errors.php">http://php.net/manual/en/features.file-upload.errors.php</a>; post discarded.');
|
$config['error']['phpfileserror'] = _('Upload failure (file #%index%): Error code %code%. Refer to <a href="http://php.net/manual/en/features.file-upload.errors.php">http://php.net/manual/en/features.file-upload.errors.php</a>; post discarded.');
|
||||||
|
15
post.php
15
post.php
@ -1367,23 +1367,28 @@ if (isset($_POST['delete'])) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($ban)) {
|
if (!isset($ban)) {
|
||||||
error(_("That ban doesn't exist or is not for you."));
|
error($config['error']['noban']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($ban['expires'] && $ban['expires'] - $ban['created'] <= $config['ban_appeals_min_length']) {
|
if ($ban['expires'] && $ban['expires'] - $ban['created'] <= $config['ban_appeals_min_length']) {
|
||||||
error(_("You cannot appeal a ban of this length."));
|
error($config['error']['tooshortban']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$query = query("SELECT `denied` FROM ``ban_appeals`` WHERE `ban_id` = $ban_id") or error(db_error());
|
$query = query("SELECT `denied` FROM ``ban_appeals`` WHERE `ban_id` = $ban_id") or error(db_error());
|
||||||
$ban_appeals = $query->fetchAll(PDO::FETCH_COLUMN);
|
$ban_appeals = $query->fetchAll(PDO::FETCH_COLUMN);
|
||||||
|
|
||||||
if (count($ban_appeals) >= $config['ban_appeals_max']) {
|
if (count($ban_appeals) >= $config['ban_appeals_max']) {
|
||||||
error(_("You cannot appeal this ban again."));
|
error($config['error']['toomanyappeals']);
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($ban_appeals as $is_denied) {
|
foreach ($ban_appeals as $is_denied) {
|
||||||
if (!$is_denied)
|
if (!$is_denied) {
|
||||||
error(_("There is already a pending appeal for this ban."));
|
error($config['error']['pendingappeal']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strlen($_POST['appeal']) > $config['ban_appeal_max_chars']) {
|
||||||
|
error($config['error']['toolongappeal']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$query = prepare("INSERT INTO ``ban_appeals`` VALUES (NULL, :ban_id, :time, :message, 0)");
|
$query = prepare("INSERT INTO ``ban_appeals`` VALUES (NULL, :ban_id, :time, :message, 0)");
|
||||||
|
@ -135,7 +135,7 @@
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
<form class="ban-appeal" action="{{ config.file_post }}" method="post">
|
<form class="ban-appeal" action="{{ config.file_post }}" method="post">
|
||||||
<input type="hidden" name="ban_id" value="{{ ban.id }}">
|
<input type="hidden" name="ban_id" value="{{ ban.id }}">
|
||||||
<textarea name="appeal" rows="4" cols="40"></textarea>
|
<textarea name="appeal" rows="4" cols="40" maxlength="{{ config.ban_appeal_max_chars }}"></textarea>
|
||||||
<input type="submit" value="Submit">
|
<input type="submit" value="Submit">
|
||||||
</form>
|
</form>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
Loading…
Reference in New Issue
Block a user