X-Git-Url: https://jfr.im/git/irc/unrealircd/unrealircd-webpanel.git/blobdiff_plain/0b546dde4f1a5187a376956df4274db77bc1cfbc..452b8eada34a0857aee8b5ea2a1dcb0a550626d3:/server-bans/ban-exceptions.php diff --git a/server-bans/ban-exceptions.php b/server-bans/ban-exceptions.php index 74761a1..6bd265b 100644 --- a/server-bans/ban-exceptions.php +++ b/server-bans/ban-exceptions.php @@ -1,6 +1,7 @@ $value) - { - $tok = split($value, ","); - $iphost = base64_decode($tok[0]); - $success = false; - $success = $rpc->serverbanexception()->delete($iphost); + if (!current_user_can(PERMISSION_BAN_EXCEPTION_DEL)) + Message::Fail("Could not delete ban exception(s): Permission denied"); + else + foreach ($_POST['tklch'] as $key => $value) + { + $tok = split($value, ","); + $iphost = base64_decode($tok[0]); + $success = false; + $success = $rpc->serverbanexception()->delete($iphost); - if ($success) - Message::Success("Ban Exception has been removed for $iphost"); - else - Message::Fail("Unable to remove Ban Exception on $iphost: $rpc->error"); - } + if ($success) + Message::Success("Ban Exception has been removed for $iphost"); + else + Message::Fail("Unable to remove Ban Exception on $iphost: $rpc->error"); + } } elseif (isset($_POST['tkl_add']) && !empty($_POST['tkl_add'])) { - if (!($iphost = $_POST['tkl_add'])) - Message::Fail("No mask was specified"); + if (!current_user_can(PERMISSION_BAN_EXCEPTION_ADD)) + Message::Fail("Could not add ban exception(s): Permission denied"); + else + { + if (!($iphost = $_POST['tkl_add'])) + Message::Fail("No mask was specified"); - $bantypes = isset($_POST['bantype']) ? $_POST['bantype'] : ""; - $bantypes_dup = ""; - if (!empty($bantypes)) - foreach ($bantypes as $bt) - $bantypes_dup .= $bt; - $bantypes = $bantypes_dup; - /* duplicate code for now [= */ - $banlen_w = (isset($_POST['banlen_w'])) ? $_POST['banlen_w'] : NULL; - $banlen_d = (isset($_POST['banlen_d'])) ? $_POST['banlen_d'] : NULL; - $banlen_h = (isset($_POST['banlen_h'])) ? $_POST['banlen_h'] : NULL; - $duration = ""; - if (!$banlen_d && !$banlen_h && !$banlen_w) - $duration .= "0"; - else { - if ($banlen_w) - $duration .= $banlen_w; - if ($banlen_d) - $duration .= $banlen_d; - if ($banlen_h) - $duration .= $banlen_h; - } - $msg_msg = ($duration == "0" || $duration == "0w0d0h") ? "permanently" : "for " . rpc_convert_duration_string($duration); - $reason = (isset($_POST['ban_reason'])) ? $_POST['ban_reason'] : "No reason"; + $bantypes = isset($_POST['bantype']) ? $_POST['bantype'] : ""; + $bantypes_dup = ""; + if (!empty($bantypes)) + foreach ($bantypes as $bt) + $bantypes_dup .= $bt; + $bantypes = $bantypes_dup; + /* duplicate code for now [= */ + $banlen_w = (isset($_POST['banlen_w'])) ? $_POST['banlen_w'] : NULL; + $banlen_d = (isset($_POST['banlen_d'])) ? $_POST['banlen_d'] : NULL; + $banlen_h = (isset($_POST['banlen_h'])) ? $_POST['banlen_h'] : NULL; + $duration = ""; + if (!$banlen_d && !$banlen_h && !$banlen_w) + $duration .= "0"; + else { + if ($banlen_w) + $duration .= $banlen_w; + if ($banlen_d) + $duration .= $banlen_d; + if ($banlen_h) + $duration .= $banlen_h; + } + $msg_msg = ($duration == "0" || $duration == "0w0d0h") ? "permanently" : "for " . rpc_convert_duration_string($duration); + $reason = (isset($_POST['ban_reason'])) ? $_POST['ban_reason'] : "No reason"; - if (isset($_POST['soft'])) - $iphost = "%$iphost"; - if ($rpc->serverbanexception()->add($iphost, $bantypes, $reason, (($user = unreal_get_current_user())) ? $user->username : NULL, $duration)) - Message::Success("Ban Exception set against \"$iphost\": $reason"); - else - Message::Fail("Ban Exception could not be set against \"$iphost\": $rpc->error"); + if (isset($_POST['soft'])) + $iphost = "%$iphost"; + if ($rpc->serverbanexception()->add($iphost, $bantypes, $reason, (($user = unreal_get_current_user())) ? $user->username : NULL, $duration)) + Message::Success("Ban Exception set against \"$iphost\": $reason"); + else + Message::Fail("Ban Exception could not be set against \"$iphost\": $rpc->error"); + } } elseif (isset($_POST['search_types']) && !empty($_POST['search_types'])) @@ -72,7 +81,7 @@ $ban_exceptions = $rpc->serverbanexception()->getAll();