1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-30 18:24:29 +01:00

Enforce maximum length of ban appeal

This commit is contained in:
discomrade 2021-07-24 10:47:56 -02:00 committed by Zankaria
parent 3ac86a074a
commit e80549a881
3 changed files with 19 additions and 6 deletions

View File

@ -699,6 +699,9 @@
// How many ban appeals can be made for a single ban? // How many ban appeals can be made for a single ban?
$config['ban_appeals_max'] = 1; $config['ban_appeals_max'] = 1;
// Maximum character length of appeal.
$config['ban_appeal_max_chars'] = 250;
// Show moderator name on ban page. // Show moderator name on ban page.
$config['show_modname'] = false; $config['show_modname'] = false;
@ -1181,6 +1184,11 @@
$config['error']['noreport'] = _('You didn\'t select anything to report.'); $config['error']['noreport'] = _('You didn\'t select anything to report.');
$config['error']['invalidreport'] = _('The reason was too long.'); $config['error']['invalidreport'] = _('The reason was too long.');
$config['error']['toomanyreports'] = _('You can\'t report that many posts at once.'); $config['error']['toomanyreports'] = _('You can\'t report that many posts at once.');
$config['error']['noban'] = _('That ban doesn\'t exist or is not for you.');
$config['error']['tooshortban'] = _('You cannot appeal a ban of this length.');
$config['error']['toolongappeal'] = _('The appeal was too long.');
$config['error']['toomanyappeals'] = _('You cannot appeal this ban again.');
$config['error']['pendingappeal'] = _('There is already a pending appeal for this ban.');
$config['error']['invalidpassword'] = _('Wrong password…'); $config['error']['invalidpassword'] = _('Wrong password…');
$config['error']['invalidimg'] = _('Invalid image.'); $config['error']['invalidimg'] = _('Invalid image.');
$config['error']['phpfileserror'] = _('Upload failure (file #%index%): Error code %code%. Refer to <a href="http://php.net/manual/en/features.file-upload.errors.php">http://php.net/manual/en/features.file-upload.errors.php</a>; post discarded.'); $config['error']['phpfileserror'] = _('Upload failure (file #%index%): Error code %code%. Refer to <a href="http://php.net/manual/en/features.file-upload.errors.php">http://php.net/manual/en/features.file-upload.errors.php</a>; post discarded.');

View File

@ -1367,23 +1367,28 @@ if (isset($_POST['delete'])) {
} }
if (!isset($ban)) { if (!isset($ban)) {
error(_("That ban doesn't exist or is not for you.")); error($config['error']['noban']);
} }
if ($ban['expires'] && $ban['expires'] - $ban['created'] <= $config['ban_appeals_min_length']) { if ($ban['expires'] && $ban['expires'] - $ban['created'] <= $config['ban_appeals_min_length']) {
error(_("You cannot appeal a ban of this length.")); error($config['error']['tooshortban']);
} }
$query = query("SELECT `denied` FROM ``ban_appeals`` WHERE `ban_id` = $ban_id") or error(db_error()); $query = query("SELECT `denied` FROM ``ban_appeals`` WHERE `ban_id` = $ban_id") or error(db_error());
$ban_appeals = $query->fetchAll(PDO::FETCH_COLUMN); $ban_appeals = $query->fetchAll(PDO::FETCH_COLUMN);
if (count($ban_appeals) >= $config['ban_appeals_max']) { if (count($ban_appeals) >= $config['ban_appeals_max']) {
error(_("You cannot appeal this ban again.")); error($config['error']['toomanyappeals']);
} }
foreach ($ban_appeals as $is_denied) { foreach ($ban_appeals as $is_denied) {
if (!$is_denied) if (!$is_denied) {
error(_("There is already a pending appeal for this ban.")); error($config['error']['pendingappeal']);
}
}
if (strlen($_POST['appeal']) > $config['ban_appeal_max_chars']) {
error($config['error']['toolongappeal']);
} }
$query = prepare("INSERT INTO ``ban_appeals`` VALUES (NULL, :ban_id, :time, :message, 0)"); $query = prepare("INSERT INTO ``ban_appeals`` VALUES (NULL, :ban_id, :time, :message, 0)");

View File

@ -135,7 +135,7 @@
{% endif %} {% endif %}
<form class="ban-appeal" action="{{ config.file_post }}" method="post"> <form class="ban-appeal" action="{{ config.file_post }}" method="post">
<input type="hidden" name="ban_id" value="{{ ban.id }}"> <input type="hidden" name="ban_id" value="{{ ban.id }}">
<textarea name="appeal" rows="4" cols="40"></textarea> <textarea name="appeal" rows="4" cols="40" maxlength="{{ config.ban_appeal_max_chars }}"></textarea>
<input type="submit" value="Submit"> <input type="submit" value="Submit">
</form> </form>
{% endif %} {% endif %}