X-Git-Url: https://jfr.im/git/irc/unrealircd/unrealircd-webpanel.git/blobdiff_plain/6b218bea405770ad057d2c45eae5024503ec226f..refs/pull/8/head:/users/index.php?ds=sidebyside
diff --git a/users/index.php b/users/index.php
index 8e6501a..a520ae9 100644
--- a/users/index.php
+++ b/users/index.php
@@ -2,19 +2,35 @@
require_once "../common.php";
require_once "../header.php";
-if (!empty($_GET) && isset($_GET['account']) && !isset($_POST['uf_account']))
- $_POST['uf_account'] = $_GET['account'];
+if (!empty($_GET))
+{
+ if (isset($_GET['account']) && !isset($_POST['uf_account']))
+ $_POST['uf_account'] = $_GET['account'];
-if (!empty($_POST)) {
+ if (isset($_GET['operonly']) && !isset($_POST['operonly']))
+ $_POST['operonly'] = $_GET['operonly'];
+
+ if (isset($_GET['servicesonly']) && !isset($_POST['servicesonly']))
+ $_POST['servicesonly'] = $_GET['servicesonly'];
+}
+
+if (!empty($_POST))
+{
do_log($_POST);
- $bantype = $_POST['bantype'];
+ $bantype = (isset($_POST['bantype'])) ? $_POST['bantype'] : NULL;
+
if (isset($_POST['userch'])) {
- foreach ($_POST["userch"] as $user) {
+ foreach ($_POST["userch"] as $user)
+ {
$user = $name = base64_decode($user);
- $bantype = (isset($_POST['bantype'])) ? $_POST['bantype'] : NULL;
- if (!$bantype) /* shouldn't happen? */{
+
+ if (!$bantype) /* shouldn't happen? */
+ {
Message::Fail("An error occured");
- } else {
+ }
+
+ else
+ {
$banlen_w = (isset($_POST['banlen_w'])) ? $_POST['banlen_w'] : NULL;
$banlen_d = (isset($_POST['banlen_d'])) ? $_POST['banlen_d'] : NULL;
$banlen_h = (isset($_POST['banlen_h'])) ? $_POST['banlen_h'] : NULL;
@@ -31,15 +47,22 @@ if (!empty($_POST)) {
$duration .= $banlen_h;
}
$user = $rpc->user()->get($user);
+
if (!$user && $bantype !== "qline") {
Message::Fail("Could not find that user: User not online");
- } else {
+ }
+
+ else
+ {
$msg_msg = ($duration == "0" || $duration == "0w0d0h") ? "permanently" : "for " . rpc_convert_duration_string($duration);
$reason = (isset($_POST['ban_reason'])) ? $_POST['ban_reason'] : "No reason";
+
if ($bantype == "qline")
$rpc->nameban()->add($name, $reason, $duration);
+
else if ($rpc->serverban()->add($user->id, $bantype, $duration, $reason))
Message::Success($user->name . " (*@" . $user->hostname . ") has been $bantype" . "d $msg_msg: $reason");
+
else
Message::Fail("Could not add $bantype against $name: $rpc->error");
}
@@ -58,6 +81,7 @@ Click on a username to view more information.
@@ -127,12 +164,28 @@ Click on a username to view more information.
strpos(strtolower($user->user->account), strtolower($_POST['uf_account'])) == false)
continue;
+ /* Some basic filtering for ACCOUNT */
+ if (isset($_POST['uf_server']) && strlen($_POST['uf_server']) &&
+ strpos(strtolower($user->user->servername), strtolower($_POST['uf_server'])) !== 0 &&
+ strpos(strtolower($user->user->servername), strtolower($_POST['uf_server'])) == false)
+ continue;
+
+ /* Some basic filtering for OPER */
+ if (isset($_POST['operonly']) &&
+ (strpos($user->user->modes, "o") == false || strpos($user->user->modes,"S") !== false))
+ continue;
+
+ /* Some basic filtering for SERVICES */
+ if (isset($_POST['servicesonly']) &&
+ (strpos($user->user->modes,"S") == false))
+ continue;
+
echo "\n";
echo " | ";
$isBot = (strpos($user->user->modes, "B") !== false) ? ' Bot' : "";
echo "id."\">$user->name$isBot | ";
- echo "".$user->hostname." (".$user->ip.") | ";
- $account = (isset($user->user->account)) ? "user->account."\">".$user->user->account."" : 'None';
+ echo "".htmlspecialchars($user->hostname)." (".htmlspecialchars($user->ip ?? "None").") | ";
+ $account = (isset($user->user->account)) ? "user->account."\">".htmlspecialchars($user->user->account)."" : 'None';
echo "".$account." | ";
$modes = (isset($user->user->modes)) ? "+" . $user->user->modes : "";
echo "".$modes." | ";
@@ -141,12 +194,13 @@ Click on a username to view more information.
$oper = (strpos($user->user->modes, "S") !== false) ? 'Services Bot' : "";
echo "".$oper." | ";
- $secure = (isset($user->tls)) ? "Secure" : "Insecure";
+ $secure = (isset($user->tls) || $user->hostname !== "localhost") ? "Secure" : "Insecure";
if (strpos($user->user->modes, "S") !== false)
$secure = "";
echo "".$secure." | ";
- echo "".$user->user->servername." | ";
+ echo "id, 0, 3)."\">".$user->user->servername." | ";
echo "".$user->user->reputation." | ";
+ echo "
";
}
?>