2011-03-28 14:21:28 +00:00
< ?
/************************************************************************* \
//--------------Take moderation -----------------------------------------//
\ *************************************************************************/
// Are they being tricky blighters?
if ( ! $_POST [ 'userid' ] || ! is_number ( $_POST [ 'userid' ])) {
error ( 404 );
} elseif ( ! check_perms ( 'users_mod' )) {
error ( 403 );
}
authorize ();
// End checking for moronity
$UserID = $_POST [ 'userid' ];
2012-03-29 08:00:19 +00:00
$DeleteKeys = false ;
2011-03-28 14:21:28 +00:00
// Variables for database input
$Class = ( int ) $_POST [ 'Class' ];
$Username = db_string ( $_POST [ 'Username' ]);
$Title = db_string ( $_POST [ 'Title' ]);
$AdminComment = db_string ( $_POST [ 'AdminComment' ]);
$Donor = ( isset ( $_POST [ 'Donor' ])) ? 1 : 0 ;
$Artist = ( isset ( $_POST [ 'Artist' ])) ? 1 : 0 ;
2012-03-28 08:00:20 +00:00
$SecondaryClasses = isset ( $_POST [ 'secondary_classes' ]) ? $_POST [ 'secondary_classes' ] : array ();
foreach ( $SecondaryClasses as $i => $Val ) {
if ( ! is_number ( $Val )) { unset ( $SecondaryClasses [ $i ]); }
}
2011-03-28 14:21:28 +00:00
$Visible = ( isset ( $_POST [ 'Visible' ])) ? 1 : 0 ;
$Invites = ( int ) $_POST [ 'Invites' ];
$SupportFor = db_string ( $_POST [ 'SupportFor' ]);
2012-09-22 08:00:24 +00:00
$Pass = $_POST [ 'ChangePassword' ];
2011-03-28 14:21:28 +00:00
$Warned = ( isset ( $_POST [ 'Warned' ])) ? 1 : 0 ;
$Logs095 = ( int ) $_POST [ '095logs' ];
if ( isset ( $_POST [ 'Uploaded' ]) && isset ( $_POST [ 'Downloaded' ])) {
2011-04-29 13:49:03 +00:00
$Uploaded = ( $_POST [ 'Uploaded' ] == " " ? 0 : $_POST [ 'Uploaded' ]);
if ( $Arithmetic = strpbrk ( $Uploaded , '+-' )) {
$Uploaded += max ( - $Uploaded , get_bytes ( $Arithmetic ));
2011-03-28 14:21:28 +00:00
}
$Downloaded = ( $_POST [ 'Downloaded' ] == " " ? 0 : $_POST [ 'Downloaded' ]);
2011-04-29 13:49:03 +00:00
if ( $Arithmetic = strpbrk ( $Downloaded , '+-' )) {
$Downloaded += max ( - $Downloaded , get_bytes ( $Arithmetic ));
}
if ( ! is_number ( $Uploaded ) || ! is_number ( $Downloaded )) {
error ( 0 );
2011-03-28 14:21:28 +00:00
}
}
2011-10-08 08:00:14 +00:00
$FLTokens = isset ( $_POST [ 'FLTokens' ]) ? $_POST [ 'FLTokens' ] : 0 ;
if ( ! is_number ( $FLTokens )) {
error ( 0 );
}
2011-03-28 14:21:28 +00:00
$WarnLength = ( int ) $_POST [ 'WarnLength' ];
$ExtendWarning = ( int ) $_POST [ 'ExtendWarning' ];
2012-03-03 08:00:28 +00:00
$ReduceWarning = ( int ) $_POST [ 'ReduceWarning' ];
2011-03-28 14:21:28 +00:00
$WarnReason = $_POST [ 'WarnReason' ];
$UserReason = $_POST [ 'UserReason' ];
$DisableAvatar = ( isset ( $_POST [ 'DisableAvatar' ])) ? 1 : 0 ;
$DisableInvites = ( isset ( $_POST [ 'DisableInvites' ])) ? 1 : 0 ;
$DisablePosting = ( isset ( $_POST [ 'DisablePosting' ])) ? 1 : 0 ;
$DisableForums = ( isset ( $_POST [ 'DisableForums' ])) ? 1 : 0 ;
$DisableTagging = ( isset ( $_POST [ 'DisableTagging' ])) ? 1 : 0 ;
$DisableUpload = ( isset ( $_POST [ 'DisableUpload' ])) ? 1 : 0 ;
$DisableWiki = ( isset ( $_POST [ 'DisableWiki' ])) ? 1 : 0 ;
$DisablePM = ( isset ( $_POST [ 'DisablePM' ])) ? 1 : 0 ;
$DisableIRC = ( isset ( $_POST [ 'DisableIRC' ])) ? 1 : 0 ;
$DisableRequests = ( isset ( $_POST [ 'DisableRequests' ])) ? 1 : 0 ;
$DisableLeech = ( isset ( $_POST [ 'DisableLeech' ])) ? 0 : 1 ;
2011-05-15 12:06:04 +00:00
$RestrictedForums = db_string ( trim ( $_POST [ 'RestrictedForums' ]));
2011-10-11 08:00:15 +00:00
$PermittedForums = db_string ( trim ( $_POST [ 'PermittedForums' ]));
2011-03-28 14:21:28 +00:00
$EnableUser = ( int ) $_POST [ 'UserStatus' ];
$ResetRatioWatch = ( isset ( $_POST [ 'ResetRatioWatch' ])) ? 1 : 0 ;
$ResetPasskey = ( isset ( $_POST [ 'ResetPasskey' ])) ? 1 : 0 ;
$ResetAuthkey = ( isset ( $_POST [ 'ResetAuthkey' ])) ? 1 : 0 ;
$SendHackedMail = ( isset ( $_POST [ 'SendHackedMail' ])) ? 1 : 0 ;
if ( $SendHackedMail && ! empty ( $_POST [ 'HackedEmail' ])) {
$HackedEmail = $_POST [ 'HackedEmail' ];
} else {
$SendHackedMail = false ;
}
$MergeStatsFrom = db_string ( $_POST [ 'MergeStatsFrom' ]);
$Reason = db_string ( $_POST [ 'Reason' ]);
$HeavyUpdates = array ();
$LightUpdates = array ();
// Get user info from the database
$DB -> query ( " SELECT
m . Username ,
m . IP ,
m . Email ,
m . PermissionID ,
p . Level AS Class ,
m . Title ,
m . Enabled ,
m . Uploaded ,
m . Downloaded ,
m . Invites ,
m . can_leech ,
m . Visible ,
i . AdminComment ,
2011-04-13 15:36:33 +00:00
m . torrent_pass ,
2011-03-28 14:21:28 +00:00
i . Donor ,
i . Artist ,
i . Warned ,
i . SupportFor ,
2011-10-22 08:00:15 +00:00
i . RestrictedForums ,
2011-10-11 08:00:15 +00:00
i . PermittedForums ,
2011-03-28 14:21:28 +00:00
DisableAvatar ,
DisableInvites ,
DisablePosting ,
DisableForums ,
DisableTagging ,
DisableUpload ,
DisableWiki ,
DisablePM ,
2011-10-01 08:00:08 +00:00
DisableIRC ,
2011-10-08 08:00:14 +00:00
m . RequiredRatio ,
2011-10-10 08:00:12 +00:00
m . FLTokens ,
2012-01-31 08:00:23 +00:00
i . RatioWatchEnds ,
2012-03-28 08:00:20 +00:00
SHA1 ( i . AdminComment ) AS CommentHash ,
GROUP_CONCAT ( l . PermissionID SEPARATOR ',' ) AS SecondaryClasses
2011-03-28 14:21:28 +00:00
FROM users_main AS m
JOIN users_info AS i ON i . UserID = m . ID
LEFT JOIN permissions AS p ON p . ID = m . PermissionID
2012-03-28 08:00:20 +00:00
LEFT JOIN users_levels AS l ON l . UserID = m . ID
WHERE m . ID = $UserID
GROUP BY m . ID " );
2011-03-28 14:21:28 +00:00
if ( $DB -> record_count () == 0 ) { // If user doesn't exist
header ( " Location: log.php?search=User+ " . $UserID );
}
$Cur = $DB -> next_record ( MYSQLI_ASSOC , false );
2012-01-31 08:00:23 +00:00
if ( $_POST [ 'comment_hash' ] != $Cur [ 'CommentHash' ]) {
error ( " Somebody else has moderated this user since you loaded it. Please go back and refresh the page. " );
}
2011-03-28 14:21:28 +00:00
//NOW that we know the class of the current user, we can see if one staff member is trying to hax0r us.
if ( ! check_perms ( 'users_mod' , $Cur [ 'Class' ])) {
//Son of a fucking bitch
error ( 403 );
die ();
}
// Gotten user info
// If we're deleting the user, we can ignore all the other crap
if ( $_POST [ 'UserStatus' ] == " delete " && check_perms ( 'users_delete_users' )) {
write_log ( " User account " . $UserID . " ( " . $Cur [ 'Username' ] . " ) was deleted by " . $LoggedUser [ 'Username' ]);
$DB -> query ( " DELETE FROM users_main WHERE id= " . $UserID );
$DB -> query ( " DELETE FROM users_info WHERE UserID= " . $UserID );
$Cache -> delete_value ( 'user_info_' . $UserID );
update_tracker ( 'remove_user' , array ( 'passkey' => $Cur [ 'torrent_pass' ]));
header ( " Location: log.php?search=User+ " . $UserID );
die ();
}
// User was not deleted. Perform other stuff.
$UpdateSet = array ();
$EditSummary = array ();
if ( $_POST [ 'ResetRatioWatch' ] && check_perms ( 'users_edit_reset_keys' )) {
$DB -> query ( " UPDATE users_info SET RatioWatchEnds='0000-00-00 00:00:00', RatioWatchDownload='0', RatioWatchTimes='0' WHERE UserID=' $UserID ' " );
$EditSummary [] = 'RatioWatch history reset' ;
}
if ( $_POST [ 'ResetIPHistory' ] && check_perms ( 'users_edit_reset_keys' )) {
$DB -> query ( " DELETE FROM users_history_ips WHERE UserID=' $UserID ' " );
$DB -> query ( " UPDATE users_main SET IP='127.0.0.1' WHERE ID=' $UserID ' " );
$DB -> query ( " UPDATE xbt_snatched SET IP = '' WHERE uid=' $UserID ' " );
2011-04-13 15:36:33 +00:00
$DB -> query ( " UPDATE users_history_passwords SET ChangerIP = '' WHERE UserID = " . $UserID );
2011-03-28 14:21:28 +00:00
$EditSummary [] = 'IP history cleared' ;
}
if ( $_POST [ 'ResetEmailHistory' ] && check_perms ( 'users_edit_reset_keys' )) {
$DB -> query ( " DELETE FROM users_history_emails WHERE UserID=' $UserID ' " );
if ( $_POST [ 'ResetIPHistory' ]) {
$DB -> query ( " INSERT INTO users_history_emails (UserID, Email, Time, IP) VALUES (' $UserID ',' $Username @ " . SITE_URL . " ','0000-00-00 00:00:00','127.0.0.1') " );
} else {
$DB -> query ( " INSERT INTO users_history_emails (UserID, Email, Time, IP) VALUES (' $UserID ',' $Username @ " . SITE_URL . " ','0000-00-00 00:00:00',' " . $Cur [ 'IP' ] . " ') " );
}
$DB -> query ( " UPDATE users_main SET Email=' $Username @ " . SITE_URL . " ' WHERE ID=' $UserID ' " );
$EditSummary [] = 'Email history cleared' ;
}
if ( $_POST [ 'ResetSnatchList' ] && check_perms ( 'users_edit_reset_keys' )) {
$DB -> query ( " DELETE FROM xbt_snatched WHERE uid=' $UserID ' " );
$EditSummary [] = 'Snatch List cleared' ;
}
if ( $_POST [ 'ResetDownloadList' ] && check_perms ( 'users_edit_reset_keys' )) {
$DB -> query ( " DELETE FROM users_downloads WHERE UserID=' $UserID ' " );
$EditSummary [] = 'Download List cleared' ;
}
if (( $_POST [ 'ResetSession' ] || $_POST [ 'LogOut' ]) && check_perms ( 'users_logout' )) {
$Cache -> delete_value ( 'user_info_' . $UserID );
$Cache -> delete_value ( 'user_info_heavy_' . $UserID );
$Cache -> delete_value ( 'user_stats_' . $UserID );
$Cache -> delete_value ( 'enabled_' . $UserID );
if ( $_POST [ 'LogOut' ]) {
$DB -> query ( " SELECT SessionID FROM users_sessions WHERE UserID=' $UserID ' " );
while ( list ( $SessionID ) = $DB -> next_record ()) {
$Cache -> delete_value ( 'session_' . $UserID . '_' . $SessionID );
}
$Cache -> delete_value ( 'users_sessions_' . $UserID );
2011-10-20 08:00:12 +00:00
2012-01-24 08:00:19 +00:00
$DB -> query ( " DELETE FROM users_sessions WHERE UserID=' $UserID ' " );
2011-10-20 08:00:12 +00:00
2011-03-28 14:21:28 +00:00
}
}
if ( $Logs095 !== 0 ) {
$TargetScore = $Logs095 === 100 ? 99 : 100 ;
$Logs = $DB -> query ( " SELECT DISTINCT TorrentID FROM torrents_logs_new JOIN torrents ON ID = TorrentID WHERE Log LIKE 'EAC extraction logfile%' AND UserID = " . $UserID . " AND Score = " . $TargetScore . " AND (Adjusted = '0' OR Adjusted = '') " );
while ( list ( $TorrentID ) = $DB -> next_record ()) {
$Results = array ();
if ( $Logs095 === 100 ) {
$Details = " " ;
} else {
$Results [] = " The original uploader has chosen to allow this log to be deducted one point for using EAC v0.95., -1 point [1] " ;
$Details = db_string ( serialize ( $Results ));
}
$DB -> query ( " UPDATE torrents SET LogScore = " . $Logs095 . " WHERE ID = " . $TorrentID );
$DB -> query ( " UPDATE torrents_logs_new SET Score = " . $Logs095 . " , Details = ' " . $Details . " ' WHERE TorrentID = " . $TorrentID );
$DB -> set_query_id ( $Logs );
}
$EditSummary [] = 'EAC v0.95 logs rescored to ' . $Logs095 ;
}
// Start building SQL query and edit summary
if ( $Classes [ $Class ][ 'Level' ] != $Cur [ 'Class' ] && (
( $Classes [ $Class ][ 'Level' ] < $LoggedUser [ 'Class' ] && check_perms ( 'users_promote_below' , $Cur [ 'Class' ]))
|| ( $Classes [ $Class ][ 'Level' ] <= $LoggedUser [ 'Class' ] && check_perms ( 'users_promote_to' , $Cur [ 'Class' ] - 1 )))) {
$UpdateSet [] = " PermissionID=' $Class ' " ;
$EditSummary [] = " class changed to " . make_class_string ( $Class );
$LightUpdates [ 'PermissionID' ] = $Class ;
2012-03-29 08:00:19 +00:00
$DeleteKeys = true ;
2011-05-13 08:00:07 +00:00
2011-03-28 14:21:28 +00:00
$DB -> query ( " SELECT DISTINCT DisplayStaff FROM permissions WHERE ID = $Class OR ID = " . $ClassLevels [ $Cur [ 'Class' ]][ 'ID' ]);
if ( $DB -> record_count () == 2 ) {
if ( $Classes [ $Class ][ 'Level' ] < $Cur [ 'Class' ]) {
$SupportFor = '' ;
}
$ClearStaffIDCache = true ;
}
}
if ( $Username != $Cur [ 'Username' ] && check_perms ( 'users_edit_usernames' , $Cur [ 'Class' ] - 1 )) {
$DB -> query ( " SELECT ID FROM users_main WHERE Username = ' " . $Username . " ' " );
if ( $DB -> next_record () > 0 ) {
list ( $UsedUsernameID ) = $DB -> next_record ();
error ( " Username already in use by <a href='user.php?id= " . $UsedUsernameID . " '> " . $Username . " </a> " );
header ( " Location: user.php?id= " . $UserID );
die ();
} else {
$UpdateSet [] = " Username=' " . $Username . " ' " ;
$EditSummary [] = " username changed from " . $Cur [ 'Username' ] . " to " . $Username ;
$LightUpdates [ 'Username' ] = $Username ;
}
}
if ( $Title != db_string ( $Cur [ 'Title' ]) && check_perms ( 'users_edit_titles' )) {
2011-12-19 08:00:18 +00:00
// Using the unescaped value for the test to avoid confusion
if ( strlen ( $_POST [ 'Title' ]) > 1024 ) {
error ( " Custom titles can be at most 1024 characters. " );
header ( " Location: user.php?id= " . $UserID );
die ();
} else {
$UpdateSet [] = " Title=' $Title ' " ;
$EditSummary [] = " title changed to $Title " ;
$LightUpdates [ 'Title' ] = $_POST [ 'Title' ];
}
2011-03-28 14:21:28 +00:00
}
if ( $Donor != $Cur [ 'Donor' ] && check_perms ( 'users_give_donor' )) {
$UpdateSet [] = " Donor=' $Donor ' " ;
$EditSummary [] = " donor status changed " ;
$LightUpdates [ 'Donor' ] = $Donor ;
}
2012-03-28 08:00:20 +00:00
// Secondary classes
$OldClasses = $Cur [ 'SecondaryClasses' ] ? explode ( ',' , $Cur [ 'SecondaryClasses' ]) : array ();
$DroppedClasses = array_diff ( $OldClasses , $SecondaryClasses );
$AddedClasses = array_diff ( $SecondaryClasses , $OldClasses );
if ( count ( $DroppedClasses ) > 0 ) {
$ClassChanges = array ();
foreach ( $DroppedClasses as $PermID ) {
$ClassChanges [] = $Classes [ $PermID ][ 'Name' ];
}
$EditSummary [] = " Secondary classes dropped: " . implode ( ', ' , $ClassChanges );
$DB -> query ( " DELETE FROM users_levels WHERE UserID = ' $UserID ' AND PermissionID IN ( " . implode ( ',' , $DroppedClasses ) . " ) " );
if ( count ( $SecondaryClasses ) > 0 ) {
$LightUpdates [ 'ExtraClasses' ] = array_fill_keys ( $SecondaryClasses , 1 );
} else {
$LightUpdates [ 'ExtraClasses' ] = array ();
}
2012-03-29 08:00:19 +00:00
$DeleteKeys = true ;
2012-03-28 08:00:20 +00:00
}
if ( count ( $AddedClasses ) > 0 ) {
$ClassChanges = array ();
foreach ( $AddedClasses as $PermID ) {
$ClassChanges [] = $Classes [ $PermID ][ 'Name' ];
}
$EditSummary [] = " Secondary classes added: " . implode ( ', ' , $ClassChanges );
$Values = array ();
foreach ( $AddedClasses as $PermID ) {
$Values [] = " ( $UserID , $PermID ) " ;
2012-05-18 13:35:17 +00:00
2012-03-28 08:00:20 +00:00
}
$DB -> query ( " INSERT INTO users_levels (UserID, PermissionID) VALUES " . implode ( ', ' , $Values ));
2012-03-29 08:00:19 +00:00
//$LightUpdates['ExtraClasses']= array_fill_keys($SecondaryClasses, 1);
$DeleteKeys = true ;
2012-03-28 08:00:20 +00:00
}
2011-03-28 14:21:28 +00:00
if ( $Visible != $Cur [ 'Visible' ] && check_perms ( 'users_make_invisible' )) {
$UpdateSet [] = " Visible=' $Visible ' " ;
$EditSummary [] = " visibility changed " ;
$LightUpdates [ 'Visible' ] = $Visible ;
}
if ( $Uploaded != $Cur [ 'Uploaded' ] && $Uploaded != $_POST [ 'OldUploaded' ] && ( check_perms ( 'users_edit_ratio' )
|| ( check_perms ( 'users_edit_own_ratio' ) && $UserID == $LoggedUser [ 'ID' ]))) {
$UpdateSet [] = " Uploaded=' " . $Uploaded . " ' " ;
$EditSummary [] = " uploaded changed from " . get_size ( $Cur [ 'Uploaded' ]) . " to " . get_size ( $Uploaded );
$Cache -> delete_value ( 'users_stats_' . $UserID );
}
if ( $Downloaded != $Cur [ 'Downloaded' ] && $Downloaded != $_POST [ 'OldDownloaded' ] && ( check_perms ( 'users_edit_ratio' )
|| ( check_perms ( 'users_edit_own_ratio' ) && $UserID == $LoggedUser [ 'ID' ]))) {
$UpdateSet [] = " Downloaded=' " . $Downloaded . " ' " ;
$EditSummary [] = " downloaded changed from " . get_size ( $Cur [ 'Downloaded' ]) . " to " . get_size ( $Downloaded );
$Cache -> delete_value ( 'users_stats_' . $UserID );
}
2011-10-08 08:00:14 +00:00
if ( $FLTokens != $Cur [ 'FLTokens' ] && ( check_perms ( 'users_edit_ratio' ) || ( check_perms ( 'users_edit_own_ratio' ) && $UserID == $LoggedUser [ 'ID' ]))) {
$UpdateSet [] = " FLTokens= " . $FLTokens ;
$EditSummary [] = " Freeleech Tokens changed from " . $Cur [ 'FLTokens' ] . " to " . $FLTokens ;
$HeavyUpdates [ 'FLTokens' ] = $FLTokens ;
}
2011-03-28 14:21:28 +00:00
if ( $Invites != $Cur [ 'Invites' ] && check_perms ( 'users_edit_invites' )) {
$UpdateSet [] = " invites=' $Invites ' " ;
$EditSummary [] = " number of invites changed to $Invites " ;
$HeavyUpdates [ 'Invites' ] = $Invites ;
}
if ( $Warned == 1 && $Cur [ 'Warned' ] == '0000-00-00 00:00:00' && check_perms ( 'users_warn' )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'You have received a warning' ), db_string ( " You have been [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&id=218]warned for $WarnLength week(s)[/url] by [user] " . $LoggedUser [ 'Username' ] . " [/user]. The reason given was: $WarnReason " ));
2011-03-28 14:21:28 +00:00
$UpdateSet [] = " Warned=' " . sqltime () . " ' + INTERVAL $WarnLength WEEK " ;
$Msg = " warned for $WarnLength week(s) " ;
if ( $WarnReason ) { $Msg .= " for $WarnReason " ; }
$EditSummary [] = db_string ( $Msg );
$LightUpdates [ 'Warned' ] = time_plus ( 3600 * 24 * 7 * $WarnLength );
} elseif ( $Warned == 0 && $Cur [ 'Warned' ] != '0000-00-00 00:00:00' && check_perms ( 'users_warn' )) {
$UpdateSet [] = " Warned='0000-00-00 00:00:00' " ;
$EditSummary [] = " warning removed " ;
$LightUpdates [ 'Warned' ] = '0000-00-00 00:00:00' ;
} elseif ( $Warned == 1 && $ExtendWarning != '---' && check_perms ( 'users_warn' )) {
2011-12-15 08:00:20 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your warning has been extended' ), db_string ( " Your warning has been extended by $ExtendWarning week(s) by [user] " . $LoggedUser [ 'Username' ] . " [/user]. The reason given was: $WarnReason " ));
2011-03-28 14:21:28 +00:00
$UpdateSet [] = " Warned=Warned + INTERVAL $ExtendWarning WEEK " ;
2012-03-03 08:00:28 +00:00
$DB -> query ( " SELECT Warned + INTERVAL $ExtendWarning WEEK FROM users_info WHERE UserID=' $UserID ' " );
list ( $WarnedUntil ) = $DB -> next_record ();
$Msg = " warning extended by $ExtendWarning week(s) to $WarnedUntil " ;
2011-03-28 14:21:28 +00:00
if ( $WarnReason ) { $Msg .= " for $WarnReason " ; }
$EditSummary [] = db_string ( $Msg );
2012-03-03 08:00:28 +00:00
$LightUpdates [ 'Warned' ] = $WarnedUntil ;
} elseif ( $Warned == 1 && $ExtendWarning == '---' && $ReduceWarning != '---' && check_perms ( 'users_warn' )) {
send_pm ( $UserID , 0 , db_string ( 'Your warning has been reduced' ), db_string ( " Your warning has been reduced by $ReduceWarning week(s) by [user] " . $LoggedUser [ 'Username' ] . " [/user]. The reason given was: $WarnReason " ));
$UpdateSet [] = " Warned=Warned - INTERVAL $ReduceWarning WEEK " ;
$DB -> query ( " SELECT Warned - INTERVAL $ReduceWarning WEEK FROM users_info WHERE UserID=' $UserID ' " );
2011-03-28 14:21:28 +00:00
list ( $WarnedUntil ) = $DB -> next_record ();
2012-03-03 08:00:28 +00:00
$Msg = " warning reduced by $ReduceWarning week(s) to $WarnedUntil " ;
if ( $WarnReason ) { $Msg .= " for $WarnReason " ; }
$EditSummary [] = db_string ( $Msg );
2011-03-28 14:21:28 +00:00
$LightUpdates [ 'Warned' ] = $WarnedUntil ;
}
if ( $SupportFor != db_string ( $Cur [ 'SupportFor' ]) && ( check_perms ( 'admin_manage_fls' ) || ( check_perms ( 'users_mod' ) && $UserID == $LoggedUser [ 'ID' ]))) {
$UpdateSet [] = " SupportFor=' $SupportFor ' " ;
$EditSummary [] = " first-line support status changed to $SupportFor " ;
}
if ( $RestrictedForums != db_string ( $Cur [ 'RestrictedForums' ]) && check_perms ( 'users_mod' )) {
$UpdateSet [] = " RestrictedForums=' $RestrictedForums ' " ;
$EditSummary [] = " restricted forum(s): $RestrictedForums " ;
2011-10-11 08:00:15 +00:00
}
if ( $PermittedForums != db_string ( $Cur [ 'PermittedForums' ]) && check_perms ( 'users_mod' )) {
$ForumSet = explode ( ',' , $PermittedForums );
$ForumList = array ();
foreach ( $ForumSet as $ForumID ) {
2012-03-28 08:00:20 +00:00
if ( $Forums [ $ForumID ][ 'MinClassCreate' ] <= $LoggedUser [ 'EffectiveClass' ]) {
2011-10-11 08:00:15 +00:00
$ForumList [] = $ForumID ;
}
}
$PermittedForums = implode ( ',' , $ForumSet );
$UpdateSet [] = " PermittedForums=' $PermittedForums ' " ;
$EditSummary [] = " permitted forum(s): $PermittedForums " ;
}
if ( empty ( $RestrictedForums ) && empty ( $PermittedForums )) {
$HeavyUpdates [ 'CustomForums' ] = null ;
} else {
$HeavyUpdates [ 'CustomForums' ] = array ();
$Forums = explode ( ',' , $RestrictedForums );
foreach ( $Forums as $Forum ) {
$HeavyUpdates [ 'CustomForums' ][ $Forum ] = 0 ;
}
$Forums = explode ( ',' , $PermittedForums );
foreach ( $Forums as $Forum ) {
$HeavyUpdates [ 'CustomForums' ][ $Forum ] = 1 ;
2011-05-15 12:06:04 +00:00
}
2011-03-28 14:21:28 +00:00
}
2011-10-11 08:00:15 +00:00
2011-03-28 14:21:28 +00:00
if ( $DisableAvatar != $Cur [ 'DisableAvatar' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableAvatar=' $DisableAvatar ' " ;
$EditSummary [] = " avatar status changed " ;
$HeavyUpdates [ 'DisableAvatar' ] = $DisableAvatar ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your avatar privileges have been disabled' ), db_string ( " Your avatar privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableLeech != $Cur [ 'can_leech' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " can_leech=' $DisableLeech ' " ;
2012-01-24 08:00:19 +00:00
$EditSummary [] = " leeching status changed ( " . translateLeechStatus ( $Cur [ 'can_leech' ]) . " -> " . translateLeechStatus ( $DisableLeech ) . " ) " ;
2011-03-28 14:21:28 +00:00
$HeavyUpdates [ 'DisableLeech' ] = $DisableLeech ;
2011-07-10 08:00:06 +00:00
$HeavyUpdates [ 'CanLeech' ] = $DisableLeech ;
2011-03-28 14:21:28 +00:00
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your leeching privileges have been disabled' ), db_string ( " Your leeching privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
update_tracker ( 'update_user' , array ( 'passkey' => $Cur [ 'torrent_pass' ], 'can_leech' => $DisableLeech ));
}
if ( $DisableInvites != $Cur [ 'DisableInvites' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableInvites=' $DisableInvites ' " ;
if ( $DisableInvites == 1 ) {
//$UpdateSet[]="Invites='0'";
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your invite privileges have been disabled' ), db_string ( " Your invite privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
$EditSummary [] = " invites status changed " ;
$HeavyUpdates [ 'DisableInvites' ] = $DisableInvites ;
}
if ( $DisablePosting != $Cur [ 'DisablePosting' ] && check_perms ( 'users_disable_posts' )) {
$UpdateSet [] = " DisablePosting=' $DisablePosting ' " ;
$EditSummary [] = " posting status changed " ;
$HeavyUpdates [ 'DisablePosting' ] = $DisablePosting ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your forum posting privileges have been disabled' ), db_string ( " Your forum posting privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableForums != $Cur [ 'DisableForums' ] && check_perms ( 'users_disable_posts' )) {
$UpdateSet [] = " DisableForums=' $DisableForums ' " ;
$EditSummary [] = " forums status changed " ;
$HeavyUpdates [ 'DisableForums' ] = $DisableForums ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your forum privileges have been disabled' ), db_string ( " Your forum privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableTagging != $Cur [ 'DisableTagging' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableTagging=' $DisableTagging ' " ;
$EditSummary [] = " tagging status changed " ;
$HeavyUpdates [ 'DisableTagging' ] = $DisableTagging ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your tagging privileges have been disabled' ), db_string ( " Your tagging privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableUpload != $Cur [ 'DisableUpload' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableUpload=' $DisableUpload ' " ;
$EditSummary [] = " upload status changed " ;
$HeavyUpdates [ 'DisableUpload' ] = $DisableUpload ;
if ( $DisableUpload == 1 ) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your upload privileges have been disabled' ), db_string ( " Your upload privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableWiki != $Cur [ 'DisableWiki' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableWiki=' $DisableWiki ' " ;
$EditSummary [] = " wiki status changed " ;
$HeavyUpdates [ 'DisableWiki' ] = $DisableWiki ;
$HeavyUpdates [ 'site_edit_wiki' ] = 0 ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your site editing privileges have been disabled' ), db_string ( " Your site editing privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisablePM != $Cur [ 'DisablePM' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisablePM=' $DisablePM ' " ;
$EditSummary [] = " PM status changed " ;
$HeavyUpdates [ 'DisablePM' ] = $DisablePM ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your PM privileges have been disabled' ), db_string ( " Your PM privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableIRC != $Cur [ 'DisableIRC' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableIRC=' $DisableIRC ' " ;
$EditSummary [] = " IRC status changed " ;
$HeavyUpdates [ 'DisableIRC' ] = $DisableIRC ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your IRC privileges have been disabled' ), db_string ( " Your IRC privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. This loss of privileges does not affect the ability to join and talk to staff in #what.cd-disabled. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $DisableRequests != $Cur [ 'DisableRequests' ] && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " DisableRequests=' $DisableRequests ' " ;
$EditSummary [] = " request status changed " ;
$HeavyUpdates [ 'DisableRequests' ] = $DisableRequests ;
if ( ! empty ( $UserReason )) {
2012-09-09 08:00:26 +00:00
send_pm ( $UserID , 0 , db_string ( 'Your request privileges have been disabled' ), db_string ( " Your request privileges have been disabled. The reason given was: $UserReason . If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http:// " . NONSSL_SITE_URL . " /wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. This loss of privileges does not affect the ability to join and talk to staff in #what.cd-disabled. " ));
2011-03-28 14:21:28 +00:00
}
}
if ( $EnableUser != $Cur [ 'Enabled' ] && check_perms ( 'users_disable_users' )) {
2011-10-01 08:00:08 +00:00
$EnableStr = 'account ' . translateUserStatus ( $Cur [ 'Enabled' ]) . '->' . translateUserStatus ( $EnableUser );
2011-03-28 14:21:28 +00:00
if ( $EnableUser == '2' ) {
2011-04-13 15:36:33 +00:00
disable_users ( $UserID , '' , 1 );
2011-03-28 14:21:28 +00:00
} elseif ( $EnableUser == '1' ) {
$Cache -> increment ( 'stats_user_count' );
2011-10-20 08:00:12 +00:00
update_tracker ( 'add_user' , array ( 'id' => $UserID , 'passkey' => $Cur [ 'torrent_pass' ]));
2011-10-06 08:00:12 +00:00
if (( $Cur [ 'Downloaded' ] == 0 ) || ( $Cur [ 'Uploaded' ] / $Cur [ 'Downloaded' ] >= $Cur [ 'RequiredRatio' ])) {
2011-10-01 08:00:08 +00:00
$UpdateSet [] = " i.RatioWatchEnds='0000-00-00 00:00:00' " ;
$CanLeech = 1 ;
$UpdateSet [] = " m.can_leech='1' " ;
2011-10-20 08:00:12 +00:00
$UpdateSet [] = " i.RatioWatchDownload='0' " ;
2011-10-01 08:00:08 +00:00
} else {
$EnableStr .= ' (Ratio: ' . number_format ( $Cur [ 'Uploaded' ] / $Cur [ 'Downloaded' ], 2 ) . ', RR: ' . number_format ( $Cur [ 'RequiredRatio' ], 2 ) . ')' ;
2011-10-10 08:00:12 +00:00
if ( $Cur [ 'RatioWatchEnds' ] != '0000-00-00 00:00:00' ) {
$UpdateSet [] = " i.RatioWatchEnds=NOW() " ;
2011-10-23 08:00:13 +00:00
$UpdateSet [] = " i.RatioWatchDownload=m.Downloaded " ;
2011-10-20 08:00:12 +00:00
$CanLeech = 0 ;
2011-10-10 08:00:12 +00:00
}
2011-10-20 08:00:12 +00:00
update_tracker ( 'update_user' , array ( 'passkey' => $Cur [ 'torrent_pass' ], 'can_leech' => '0' ));
2011-10-01 08:00:08 +00:00
}
2011-03-28 14:21:28 +00:00
$UpdateSet [] = " Enabled='1' " ;
$LightUpdates [ 'Enabled' ] = 1 ;
}
2011-10-01 08:00:08 +00:00
$EditSummary [] = $EnableStr ;
2011-03-28 14:21:28 +00:00
$Cache -> replace_value ( 'enabled_' . $UserID , $EnableUser , 0 );
}
if ( $ResetPasskey == 1 && check_perms ( 'users_edit_reset_keys' )) {
$Passkey = db_string ( make_secret ());
$UpdateSet [] = " torrent_pass=' $Passkey ' " ;
$EditSummary [] = " passkey reset " ;
$HeavyUpdates [ 'torrent_pass' ] = $Passkey ;
$Cache -> delete_value ( 'user_' . $Cur [ 'torrent_pass' ]);
//MUST come after the case for updating can_leech.
2012-02-01 08:00:25 +00:00
$DB -> query ( " INSERT INTO users_history_passkeys
( UserID , OldPassKey , NewPassKey , ChangerIP , ChangeTime ) VALUES
( '$UserID' , '".$Cur[' torrent_pass ']."' , '$Passkey' , '0.0.0.0' , '".sqltime()."' ) " );
2011-03-28 14:21:28 +00:00
update_tracker ( 'change_passkey' , array ( 'oldpasskey' => $Cur [ 'torrent_pass' ], 'newpasskey' => $Passkey ));
}
if ( $ResetAuthkey == 1 && check_perms ( 'users_edit_reset_keys' )) {
$Authkey = db_string ( make_secret ());
$UpdateSet [] = " AuthKey=' $Authkey ' " ;
$EditSummary [] = " authkey reset " ;
$HeavyUpdates [ 'AuthKey' ] = $Authkey ;
}
if ( $SendHackedMail && check_perms ( 'users_disable_any' )) {
$EditSummary [] = " hacked email sent to " . $HackedEmail ;
send_email ( $HackedEmail , " Your " . SITE_NAME . " account. " , " Your " . SITE_NAME . " account appears to have been compromised. As a security measure we have disabled your account. To resolve this please visit us on IRC.
This is the information to connect to our server :
IRC Server : " .BOT_SERVER. "
2012-03-23 08:00:24 +00:00
Port : " .BOT_PORT. " ( " .BOT_PORT_SSL. " SSL )
2011-03-28 14:21:28 +00:00
Once you are connected to our server you ' ll need to join our disabled channel .
Type : / join " .BOT_DISABLED_CHAN. "
Please visit us soon so we can help you resolve this matter . " );
}
if ( $MergeStatsFrom && check_perms ( 'users_edit_ratio' )) {
$DB -> query ( " SELECT ID, Uploaded, Downloaded FROM users_main WHERE Username LIKE ' " . $MergeStatsFrom . " ' " );
if ( $DB -> record_count () > 0 ) {
list ( $MergeID , $MergeUploaded , $MergeDownloaded ) = $DB -> next_record ();
$DB -> query ( " UPDATE users_main AS um JOIN users_info AS ui ON um.ID=ui.UserID SET um.Uploaded = 0, um.Downloaded = 0, ui.AdminComment = CONCAT(' " . sqltime () . " - Stats merged into http:// " . NONSSL_SITE_URL . " /user.php?id= " . $UserID . " ( " . $Cur [ 'Username' ] . " ) by " . $LoggedUser [ 'Username' ] . " \n \n ', ui.AdminComment) WHERE ID = " . $MergeID );
$UpdateSet [] = " Uploaded = Uploaded + ' $MergeUploaded ' " ;
$UpdateSet [] = " Downloaded = Downloaded + ' $MergeDownloaded ' " ;
$EditSummary [] = " stats merged from http:// " . NONSSL_SITE_URL . " /user.php?id= " . $MergeID . " ( " . $MergeStatsFrom . " ) " ;
$Cache -> delete_value ( 'users_stats_' . $UserID );
$Cache -> delete_value ( 'users_stats_' . $MergeID );
}
}
if ( $Pass && check_perms ( 'users_edit_password' )) {
2012-09-22 08:00:24 +00:00
$UpdateSet [] = " PassHash=' " . db_string ( make_crypt_hash ( $Pass )) . " ' " ;
2011-03-28 14:21:28 +00:00
$EditSummary [] = 'password reset' ;
$Cache -> delete_value ( 'user_info_' . $UserID );
$Cache -> delete_value ( 'user_info_heavy_' . $UserID );
$Cache -> delete_value ( 'user_stats_' . $UserID );
$Cache -> delete_value ( 'enabled_' . $UserID );
$DB -> query ( " SELECT SessionID FROM users_sessions WHERE UserID=' $UserID ' " );
while ( list ( $SessionID ) = $DB -> next_record ()) {
$Cache -> delete_value ( 'session_' . $UserID . '_' . $SessionID );
}
$Cache -> delete_value ( 'users_sessions_' . $UserID );
2011-10-20 08:00:12 +00:00
$DB -> query ( " DELETE FROM users_sessions WHERE UserID=' $UserID ' " );
2011-03-28 14:21:28 +00:00
}
if ( empty ( $UpdateSet ) && empty ( $EditSummary )) {
if ( ! $Reason ) {
if ( str_replace ( " \r " , '' , $Cur [ 'AdminComment' ]) != str_replace ( " \r " , '' , $AdminComment ) && check_perms ( 'users_disable_any' )) {
$UpdateSet [] = " AdminComment=' $AdminComment ' " ;
} else {
header ( " Location: user.php?id= $UserID " );
die ();
}
} else {
$EditSummary [] = 'notes added' ;
}
}
2012-03-29 08:00:19 +00:00
if ( $DeleteKeys ) {
$Cache -> delete_value ( 'user_info_' . $UserID );
$Cache -> delete_value ( 'user_info_heavy_' . $UserID );
} else {
$Cache -> begin_transaction ( 'user_info_' . $UserID );
$Cache -> update_row ( false , $LightUpdates );
$Cache -> commit_transaction ( 0 );
2011-03-28 14:21:28 +00:00
2012-03-29 08:00:19 +00:00
$Cache -> begin_transaction ( 'user_info_heavy_' . $UserID );
$Cache -> update_row ( false , $HeavyUpdates );
$Cache -> commit_transaction ( 0 );
}
2011-03-28 14:21:28 +00:00
$Summary = '' ;
// Create edit summary
if ( $EditSummary ) {
$Summary = implode ( ', ' , $EditSummary ) . " by " . $LoggedUser [ 'Username' ];
$Summary = sqltime () . ' - ' . ucfirst ( $Summary );
if ( $Reason ){
$Summary .= " \n Reason: " . $Reason ;
}
$Summary .= " \n \n " . $AdminComment ;
} elseif ( empty ( $UpdateSet ) && empty ( $EditSummary ) && $Cur [ 'AdminComment' ] == $_POST [ 'AdminComment' ]) {
$Summary = sqltime () . ' - ' . 'Comment added by ' . $LoggedUser [ 'Username' ] . ': ' . $Reason . " \n \n " ;
}
if ( ! empty ( $Summary )) {
$UpdateSet [] = " AdminComment=' $Summary ' " ;
} else {
$UpdateSet [] = " AdminComment=' $AdminComment ' " ;
}
// Update cache
// Build query
$SET = implode ( ', ' , $UpdateSet );
$sql = " UPDATE users_main AS m JOIN users_info AS i ON m.ID=i.UserID SET $SET WHERE m.ID=' $UserID ' " ;
// Perform update
//die($sql);
$DB -> query ( $sql );
if ( isset ( $ClearStaffIDCache )) {
$Cache -> delete_value ( 'staff_ids' );
}
// redirect to user page
header ( " location: user.php?id= $UserID " );
function translateUserStatus ( $status ) {
switch ( $status ) {
case 0 :
return " Unconfirmed " ;
case 1 :
return " Enabled " ;
case 2 :
return " Disabled " ;
default :
return $status ;
}
}
2012-01-24 08:00:19 +00:00
function translateLeechStatus ( $status ) {
switch ( $status ) {
case 0 :
return " Disabled " ;
case 1 :
return " Enabled " ;
default :
return $status ;
}
}
2011-03-28 14:21:28 +00:00
?>