Gazelle/sections/tools/misc/manipulate_tree.php

119 lines
3.4 KiB
PHP
Raw Normal View History

2011-03-28 14:21:28 +00:00
<?
2013-03-10 08:00:41 +00:00
// Props to Leto of StC.
if (!check_perms('users_view_invites') && !check_perms('users_disable_users') && !check_perms('users_edit_invites') && !check_perms('users_disable_any')) {
error(404);
}
2013-04-24 08:00:23 +00:00
View::show_header('Manipulate Invite Tree');
2011-03-28 14:21:28 +00:00
2013-03-10 08:00:41 +00:00
if ($_POST['id']) {
2011-03-28 14:21:28 +00:00
authorize();
2013-03-10 08:00:41 +00:00
if (!is_number($_POST['id'])) {
error(403);
}
if (!$_POST['comment']) {
error('Please enter a comment to add to the users affected.');
}
else {
$Comment = db_string($_POST['comment']);
$Comment .= "\n" . "Manipulate Tree used by " . $LoggedUser['Username'];
}
2011-03-28 14:21:28 +00:00
$UserID = $_POST['id'];
2013-04-24 08:00:23 +00:00
$DB->query("
SELECT
t1.TreePosition,
t1.TreeID,
t1.TreeLevel,
( SELECT
t2.TreePosition
FROM invite_tree AS t2
WHERE TreeID=t1.TreeID
AND TreeLevel=t1.TreeLevel
AND t2.TreePosition>t1.TreePosition
ORDER BY TreePosition
LIMIT 1
) AS MaxPosition
FROM invite_tree AS t1
WHERE t1.UserID=$UserID");
2013-03-10 08:00:41 +00:00
list ($TreePosition, $TreeID, $TreeLevel, $MaxPosition) = $DB->next_record();
if (!$MaxPosition) {
$MaxPosition = 1000000;
} // $MaxPermission is null if the user is the last one in that tree on that level
if (!$TreeID) {
return;
}
$DB->query("
2013-02-22 08:00:24 +00:00
SELECT
2013-04-24 08:00:23 +00:00
UserID
2011-03-28 14:21:28 +00:00
FROM invite_tree
WHERE TreeID=$TreeID
2013-04-24 08:00:23 +00:00
AND TreePosition>$TreePosition
AND TreePosition<$MaxPosition
AND TreeLevel>$TreeLevel
2013-02-22 08:00:24 +00:00
ORDER BY TreePosition");
2011-03-28 14:21:28 +00:00
$BanList = array();
2013-03-10 08:00:41 +00:00
while (list ($Invitee) = $DB->next_record()) {
$BanList[] = $Invitee;
2011-03-28 14:21:28 +00:00
}
foreach ($BanList as $Key => $InviteeID) {
2013-03-10 08:00:41 +00:00
if ($_POST['perform'] == 'nothing') {
Tools::update_user_notes($InviteeID, $Comment . "\n\n");
2011-03-28 14:21:28 +00:00
$Msg = "Successfully commented on entire invite tree!";
2013-03-10 08:00:41 +00:00
}
elseif ($_POST['perform'] == 'disable') {
Tools::disable_users($InviteeID, $Comment);
2011-03-28 14:21:28 +00:00
$Msg = "Successfully banned entire invite tree!";
2013-03-10 08:00:41 +00:00
}
elseif ($_POST['perform'] == 'inviteprivs') { // DisableInvites =1
Tools::update_user_notes($InviteeID, $Comment . "\n\n");
2011-03-28 14:21:28 +00:00
$DB->query("UPDATE
users_info
SET DisableInvites='1'
2013-03-10 08:00:41 +00:00
WHERE UserID='" . $InviteeID . "'");
2011-03-28 14:21:28 +00:00
$Msg = "Successfully removed invite privileges from entire tree!";
2013-03-10 08:00:41 +00:00
}
else {
2011-03-28 14:21:28 +00:00
error(403);
}
}
}
?>
<div class="thin">
2013-04-24 08:00:23 +00:00
<? if ($Msg) { ?>
2011-03-28 14:21:28 +00:00
<div class="center">
2013-03-10 08:00:41 +00:00
<p style="color: red; text-align: center;"><?=$Msg?></p>
2011-03-28 14:21:28 +00:00
</div>
2013-04-24 08:00:23 +00:00
<? } ?>
2012-09-15 08:00:25 +00:00
<form class="manage_form" name="user" action="" method="post">
2011-03-28 14:21:28 +00:00
<input type="hidden" id="action" name="action" value="manipulate_tree" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
2012-09-01 08:00:24 +00:00
<table class="layout">
2011-03-28 14:21:28 +00:00
<tr>
<td class="label"><strong>UserID</strong></td>
2013-03-10 08:00:41 +00:00
<td><input type="text" size="10" name="id" id="id" /></td>
2011-03-28 14:21:28 +00:00
<td class="label"><strong>Mandatory comment!</strong></td>
2013-03-10 08:00:41 +00:00
<td><input type="text" size="40" name="comment" id="comment" /></td>
2011-03-28 14:21:28 +00:00
</tr>
<tr>
<td class="label"><strong>Action: </strong></td>
2013-04-24 08:00:23 +00:00
<td colspan="2">
<select name="perform">
<option value="nothing"<?
if ($_POST['perform'] === 'nothing') { echo ' selected="selected"'; } ?>>Do nothing</option>
<option value="disable"<?
if ($_POST['perform'] === 'disable') { echo ' selected="selected"'; } ?>>Disable entire tree</option>
<option value="inviteprivs"<?
if ($_POST['perform'] === 'inviteprivs') { echo ' selected="selected"'; } ?>>Disable invites privileges</option>
</select>
</td>
2013-03-10 08:00:41 +00:00
<td align="left"><input type="submit" value="Go" /></td>
2011-03-28 14:21:28 +00:00
</tr>
</table>
</form>
</div>
2013-04-24 08:00:23 +00:00
<? View::show_footer(); ?>