pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
A new, object-oriented, better vesion of μForum
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
392 KiB
Tree: 79034dd314
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '79034dd314'
${ noResults }
uf2/inc/controllers/AdminController.class.php

606 lines
19 KiB
Raw Normal View History

initial commit with snapshot 20140213
9 years ago
deleted avatars fixed deleting avatars while user deleting
9 years ago
initial commit with snapshot 20140213
9 years ago
 
  1. <?php
  2. 

  3. require ('./inc/controller.class.php');
  4. 

  5. class AdminController extends Controller
  6. {
  7. 

  8. 	public function loadDefault()
  9. 	{
  10. 		$this->main();
  11. 	}
  12. 	
  13. 	private function loadDependencies() // zależności (sesje itp)

  14. 	{
  15. 		$this->loadModel('SessionModel'); //aktywacja sesji

  16. 		$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu

  17. 		$this->loadView('MainView');
  18. 		$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
  19. 		$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
  20. 		
  21. 		if ($_SERVER['REQUEST_SCHEME'] == 'http')
  22. 			$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
  23. 		
  24. 		if (!$this->getModel('SessionModel')->isLogged())
  25. 		{
  26. 			$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login', true);
  27. 			$lockv = true;
  28. 		}
  29. 		
  30. 		if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
  31. 		{
  32. 			$this->getView('MainView')->forum_message('You are not admin', 'index.php');
  33. 			$lockv = true;
  34. 		}
  35. 		
  36. 		if (!isset($lockv))
  37. 			return true;
  38. 		else
  39. 			return false;
  40. 	} 
  41. 		
  42. 	public function main()
  43. 	{
  44. 		if ($this->loadDependencies())
  45. 		{
  46. 			$this->getView('MainView')->admin_main();
  47. 		}
  48. 	}
  49. 	
  50. 	public function eduser()
  51. 	{
  52. 		if ($this->loadDependencies())
  53. 		{
  54. 			$this->loadModel('UsersModel');
  55. 			$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id'], true);
  56. 		
  57. 			if ($user_info == null)
  58. 			{
  59. 				$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&amp;submode=users'); 
  60. 				$lockv = true;
  61. 			}
  62. 			else
  63. 			{
  64. 				$msg = '';
  65. 				if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  66. 				{
  67. 					//secure pools

  68. 					$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  69. 					$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
  70. 					$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
  71. 					$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
  72. 					$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
  73. 					$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
  74. 					$_POST['user_rank'] = trim(strip_tags($this->db->real_escape_string($_POST['user_rank'])));
  75. 		
  76. 					if ($_POST['passwd'] != '')
  77. 					{
  78. 						if (strlen($_POST['passwd']) < 8)
  79. 							$msg .= 'Password is too short (min 8 characters)<br>';	
  80. 						
  81. 						if ($_POST['passwd'] != $_POST['passwd_confirm'])
  82. 							$msg .= 'Password do not match!<br>';
  83. 					}
  84. 					
  85. 					if ($_GET['id'] == $this->getModel('SessionModel')->getID() && $_POST['user_rank'] != RANK_ADMIN)
  86. 					{
  87. 						$msg .= 'You cannot set rank for your profile<br>';
  88. 						$_POST['user_rank'] = RANK_ADMIN;
  89. 					}
  90. 					
  91. 					if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true && $_POST['nick'] != $user_info['nick'])
  92. 						$msg .= 'Nick is in use. Type another one.<br>';
  93. 						
  94. 					if (strlen($_POST['nick']) < 3)
  95. 						$msg .= 'Nick is too short (min 3 characters)<br>';	
  96. 					
  97. 					if ($_POST['user_rank'] > RANK_ADMIN || $_POST['user_rank'] < RANK_USER)
  98. 						$msg .= 'Rank is not valid!<br>';
  99. 					
  100. 					//check if avatar is uploaded

  101. 					if ($_FILES['avatar']['tmp_name'] != null)
  102. 					{
  103. 						global $allowed_avatars;
  104. 						$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
  105. 

  106. 						if ($image_size == null)
  107. 							$msg .= 'Type of uploaded file are not allowed.<br>';
  108. 						else
  109. 							if (!in_array($image_size['mime'], $allowed_avatars))
  110. 								$msg .= 'Type of uploaded avatar is not supported.<br>';
  111. 							else
  112. 								if ($image_size[0] > 120 || $image_size[1] > 150)
  113. 									$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
  114. 					}
  115. 				
  116. 					if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  117. 						$msg .= 'Email is incorrect<br>';
  118. 				
  119. 					if ($msg == '')
  120. 					{
  121. 						if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar

  122. 						{
  123. 							if ($user_info['avatar'] != '')
  124. 								unlink('./'.$user_info['avatar']);
  125. 							
  126. 							$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
  127. 							$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
  128. 							move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); 
  129. 						}
  130. 						else
  131. 							if (isset($_POST['delete_avatar']))
  132. 							{
  133. 								unlink('./'.$user_info['avatar']);
  134. 								$av = '';
  135. 							}
  136. 							else
  137. 								$av = $user_info['avatar']; //if new avatar is not set

  138. 					
  139. 						if ($_POST['passwd'] != '')
  140. 							$this->getModel('UsersModel')->changeUserPassword($_GET['id'], sha1($_POST['passwd']));
  141. 						
  142. 						$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
  143. 						$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);
  144. 						$this->getView('MainView')->forum_message('User profile has changed.', 'index.php?mode=admin&amp;submode=users');
  145. 						$lockv = true;
  146. 

  147. 					}
  148. 				}			
  149. 			
  150. 				$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
  151. 				$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
  152. 				$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
  153. 				$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
  154. 				$_POST['user_rank'] = (isset($_POST['user_rank'])) ? $_POST['user_rank'] : $user_info['rank'];
  155. 	
  156. 				$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  157. 		
  158. 				if (!isset($lockv))
  159. 					$this->getView('MainView')->edprofile_form($msg, true);
  160. 			}
  161. 		}
  162. 	}
  163. 	
  164. 	public function users()
  165. 	{
  166. 		if ($this->loadDependencies())
  167. 		{
  168. 			if (isset($_GET['rank']))
  169. 			{
  170. 				switch ($_GET['rank'])
  171. 				{
  172. 					case 'admin':
  173. 						$_GET['rank'] = RANK_ADMIN;
  174. 						break;
  175. 					case 'mod':
  176. 						$_GET['rank'] = RANK_MOD;
  177. 						break;
  178. 					case 'user':
  179. 						$_GET['rank'] = RANK_USER;
  180. 						break;
  181. 					default:
  182. 						$_GET['rank'] = '';
  183. 						break;
  184. 				}
  185. 			}
  186. 			else
  187. 				$_GET['rank'] = '';	
  188. 				
  189. 			$_POST['sort_type'] = (isset($_POST['sort_type'])) ? $this->db->real_escape_string($_POST['sort_type']) : 'regdate';
  190. 			$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
  191. 			if (!in_array($_POST['sort_type'], $allowed_sorting))
  192. 				$_POST['sort_type'] = '';
  193. 			$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
  194. 		
  195. 			$this->getView('MainView')->admin_userlist();
  196. 		}
  197. 		
  198. 	}
  199. 	
  200. 	public function deluser()
  201. 	{
  202. 		if ($this->loadDependencies())
  203. 		{
  204. 			$this->loadModel('UsersModel');
  205. 			$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  206. 		
  207. 			$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  208. 		
  209. 			$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']);
  210. 			if ($user_info == null)
  211. 			{
  212. 				$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&amp;submode=users'); 
  213. 				$lockv = true;
  214. 			}
  215. 			else
  216. 			{
  217. 				if ($_GET['id'] == $this->getModel('SessionModel')->getID())
  218. 				{
  219. 					$this->getView('MainView')->forum_message('You cannot delete own profile!', 'index.php?mode=admin&amp;submode=users'); 
  220. 					$lockv = true;
  221. 				}
  222. 			}
  223. 			
  224. 

  225. 			if (isset($_POST['confirmed']) && !isset($lockv))
  226. 			{
  227. 				if (!isset($_POST['rejected']))
  228. 				{ 
  229. 					$this->getModel('UsersModel')->deleteUser($_GET['id']);
  230. 					if ($user_info['avatar'] != null) //delete user's avatar

  231. 						unlink('./'.$user_info['avatar']);
  232. 					$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', 'index.php?mode=admin&amp;submode=users'); 
  233. 					$lockv = true;
  234. 				}
  235. 				else
  236. 				{
  237. 					$this->forward('index.php?mode=admin&submode=users');
  238. 				}
  239. 			}
  240. 			
  241. 			if (!isset($lockv))
  242. 				$this->getView('MainView')->confirm_action('Do you want delete user <span style="font-weight: bold">'.$user_info['nick'].'</span>? This operation cannot undone.');
  243. 		}
  244. 	}
  245. 	
  246. 	public function config()
  247. 	{
  248. 		if ($this->loadDependencies())
  249. 		{
  250. 			$msg = '';
  251. 			
  252. 			if (isset($_POST['forum_name'], $_POST['forum_desc']))
  253. 			{
  254. 				$_POST['forum_name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['forum_name'])));
  255. 				$_POST['forum_desc'] = trim(htmlspecialchars($_POST['forum_desc']));
  256. 				
  257. 				if (strlen($_POST['forum_name']) < 3)
  258. 				{
  259. 					$msg .= 'Forum name is too short (min 3 characters)!<br>';
  260. 				}
  261. 				
  262. 				if (strlen($_POST['forum_name']) > 30)
  263. 				{
  264. 					$msg .= 'Forum name is too long (max 30 characters)!<br>';
  265. 				}
  266. 				
  267. 				if (strlen($_POST['forum_desc']) > 50)
  268. 				{
  269. 					$msg .= 'Forum description is too long (max 50 characters)!<br>';
  270. 				}
  271. 				
  272. 				if ($msg == '')
  273. 				{
  274. 					$what = '';
  275. 					if ($_POST['forum_name'] !=  $this->getModel('ConfigModel')->getConf('forum_name'))
  276. 						$this->getModel('ConfigModel')->updateConf('forum_name', $_POST['forum_name']);
  277. 						
  278. 					if ($_POST['forum_desc'] !=  $this->getModel('ConfigModel')->getConf('forum_desc'))
  279. 						$this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']);
  280. 					
  281. 					$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', 'index.php?mode=admin&amp;submode=config'); 
  282. 					$lockv = true;
  283. 				}
  284. 			}
  285. 			
  286. 			$_POST['forum_name'] = (isset($_POST['forum_name'])) ? $_POST['forum_name'] : $this->getModel('ConfigModel')->getConf('forum_name');
  287. 			$_POST['forum_desc'] = (isset($_POST['forum_desc'])) ? $_POST['forum_desc'] : $this->getModel('ConfigModel')->getConf('forum_desc');
  288. 			if (!isset($lockv))
  289. 			{
  290. 				$this->getView('MainView')->admin_config($msg);
  291. 			}
  292. 		}
  293. 	}
  294. 	
  295. 	public function forums()
  296. 	{
  297. 		if ($this->loadDependencies())
  298. 		{
  299. 			$this->getView('MainView')->admin_forums();
  300. 		}
  301. 	}
  302. 	
  303. 	public function addcat()
  304. 	{
  305. 		if ($this->loadDependencies())
  306. 		{
  307. 			$this->modify_cat('add');
  308. 		}
  309. 	}
  310. 	
  311. 	public function edcat()
  312. 	{
  313. 		if ($this->loadDependencies())
  314. 		{
  315. 			$this->modify_cat('edit');
  316. 		}
  317. 	}
  318. 	
  319. 	public function addforum()
  320. 	{
  321. 		if ($this->loadDependencies())
  322. 		{
  323. 			$this->modify_forum('add');
  324. 		}
  325. 	}
  326. 	
  327. 	public function edforum()
  328. 	{
  329. 		if ($this->loadDependencies())
  330. 		{
  331. 			$this->modify_forum('edit');
  332. 		}
  333. 	}
  334. 	
  335. 	public function delforum()
  336. 	{
  337. 		if ($this->loadDependencies())
  338. 		{
  339. 			$this->loadModel('ForumsModel');
  340. 			$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  341. 			$forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']);
  342. 			
  343. 			if ($forum_info == null)
  344. 			{
  345. 				$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&amp;submode=forums'); 
  346. 				$lockv = true;
  347. 			}
  348. 

  349. 			if (isset($_POST['confirmed']) && !isset($lockv))
  350. 			{
  351. 				if (!isset($_POST['rejected']))
  352. 				{
  353. 					$this->getModel('ForumsModel')->deleteForum($_GET['id']);
  354. 					$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
  355. 					$lockv = true;		
  356. 				}
  357. 				else
  358. 					$this->forward('index.php?mode=admin&submode=forums');
  359. 			}
  360. 			
  361. 			if (!isset($lockv))
  362. 				$this->getView('MainView')->confirm_action('Do you REALLY want delete forum <span style="font-weight: bold">'.$forum_info['name'].'</span> with ALL CONTENT? <span style="text-decoration: underline">This operation cannot undone!</span>');
  363. 		}
  364. 		
  365. 	}
  366. 	
  367. 	public function delcat()
  368. 	{
  369. 		if ($this->loadDependencies())
  370. 		{
  371. 			$this->loadModel('ForumsModel');
  372. 			$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  373. 			$cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']);
  374. 			
  375. 			if ($cat_info == null)
  376. 			{
  377. 				$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&amp;submode=forums'); 
  378. 				$lockv = true;
  379. 			}
  380. 

  381. 			if (isset($_POST['confirmed']) && !isset($lockv))
  382. 			{
  383. 				if (!isset($_POST['rejected']))
  384. 				{
  385. 					$this->getModel('ForumsModel')->deleteCat($_GET['id']);
  386. 					$this->getView('MainView')->forum_message('Category deleted. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
  387. 					$lockv = true;		
  388. 				}
  389. 				else
  390. 					$this->forward('index.php?mode=admin&submode=forums');
  391. 			}
  392. 			
  393. 			if (!isset($lockv))
  394. 				$this->getView('MainView')->confirm_action('Do you REALLY want delete category <span style="font-weight: bold">'.$cat_info['name'].'</span> with ALL FORUMS AND CONTENT? <span style="text-decoration: underline">This operation cannot undone!</span>');
  395. 		}
  396. 		
  397. 	}
  398. 	
  399. 	private function modify_cat($m)
  400. 	{
  401. 		$msg = '';
  402. 		
  403. 		$this->loadModel('ForumsModel');
  404. 		
  405. 		if ($m == 'edit')
  406. 		{
  407. 			$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  408. 			$cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']);
  409. 			
  410. 			if ($cat_info == null)
  411. 			{
  412. 				$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&amp;submode=forums'); 
  413. 				$lockv = true;
  414. 			}
  415. 		}
  416. 		
  417. 		
  418. 		if (isset($_POST['name']) && !isset($lockv))
  419. 		{
  420. 			$_POST['name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['name'])));
  421. 			if (strlen($_POST['name']) < 3)
  422. 				$msg .= 'Category name is too short (min 3 characters)!<br>';
  423. 			
  424. 			if ($msg == '')
  425. 			{
  426. 				if ($m == 'add')
  427. 				{
  428. 					$this->getModel('ForumsModel')->addCat($_POST['name']);
  429. 					$this->getView('MainView')->forum_message('Category added. Redirecting...', 'index.php?mode=admin&amp;submode=forums'); 
  430. 					$lockv = true;
  431. 				}	
  432. 				else
  433. 				{
  434. 					$this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']);
  435. 					$this->getView('MainView')->forum_message('Category updated. Redirecting...', 'index.php?mode=admin&amp;submode=forums'); 
  436. 					$lockv = true;
  437. 				}
  438. 			}
  439. 		}
  440. 		
  441. 		if (!isset($lockv))
  442. 		{
  443. 			if ($m == 'add')
  444. 				$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : '';
  445. 			else
  446. 				$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : $cat_info['name'];
  447. 				
  448. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  449. 			$this->getView('MainView')->admin_cat_form($msg, $m);
  450. 		}
  451. 	}
  452. 	
  453. 	private function modify_forum($m)
  454. 	{
  455. 		$msg = '';
  456. 		
  457. 		$this->loadModel('ForumsModel');
  458. 		
  459. 		if ($m == 'edit')
  460. 		{
  461. 			$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  462. 			$forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']);
  463. 			
  464. 			if ($forum_info == null)
  465. 			{
  466. 				$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&amp;submode=forums'); 
  467. 				$lockv = true;
  468. 			}
  469. 		}
  470. 		
  471. 		
  472. 		if (isset($_POST['name']) && !isset($lockv))
  473. 		{
  474. 			$_POST['name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['name'])));
  475. 			$_POST['desc'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['desc'])));
  476. 			$_POST['category_id'] = trim(strip_tags($this->db->real_escape_string($_POST['category_id'])));
  477. 			$_POST['locked'] = trim(strip_tags($this->db->real_escape_string($_POST['locked'])));
  478. 			$_POST['locked'] = ($_POST['locked'] == true) ? true : false;
  479. 			
  480. 			if (strlen($_POST['name']) < 3)
  481. 				$msg .= 'Forum name is too short (min 3 characters)!<br>';
  482. 			
  483. 			$c = $this->getModel('ForumsModel')->getCat($_POST['category_id']);
  484. 			
  485. 			if ($c == null)
  486. 				$msg .= 'Category does not exist!<br>';
  487. 			
  488. 			if ($msg == '')
  489. 			{
  490. 				if ($m == 'add')
  491. 				{
  492. 					$this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
  493. 					$this->getView('MainView')->forum_message('Forum added. Redirecting...', 'index.php?mode=admin&amp;submode=forums'); 
  494. 					$lockv = true;
  495. 				}	
  496. 				else
  497. 				{
  498. 					$this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
  499. 					$this->getView('MainView')->forum_message('Forum updated. Redirecting...', 'index.php?mode=admin&amp;submode=forums'); 
  500. 					$lockv = true;
  501. 				}
  502. 			}
  503. 		}
  504. 		
  505. 		if (!isset($lockv))
  506. 		{
  507. 			if ($m == 'add')
  508. 			{
  509. 				$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : '';
  510. 				$_POST['desc'] = (isset($_POST['desc'])) ? $_POST['desc'] : '';
  511. 				$_POST['category_id'] = (isset($_POST['category_id'])) ? $_POST['category_id'] : '';
  512. 				$_POST['locked'] = (isset($_POST['locked'])) ? $_POST['locked'] : '';
  513. 			}
  514. 			else
  515. 			{
  516. 				$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : $forum_info['name'];
  517. 				$_POST['desc'] = (isset($_POST['desc'])) ? $_POST['desc'] : $forum_info['desc'];
  518. 				$_POST['category_id'] = (isset($_POST['category_id'])) ? $_POST['category_id'] : $forum_info['category_id'];
  519. 				$_POST['locked'] = (isset($_POST['locked'])) ? $_POST['locked'] : $forum_info['locked'];
  520. 			}
  521. 				
  522. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  523. 			$this->getView('MainView')->admin_forum_form($msg, $m);
  524. 		}
  525. 	}
  526. 	
  527. 	public function banlist()
  528. 	{
  529. 		if ($this->loadDependencies())
  530. 			$this->getView('MainView')->admin_banlist();
  531. 	}
  532. 	
  533. 	public function delban()
  534. 	{
  535. 		if ($this->loadDependencies())
  536. 		{
  537. 			$this->loadModel('BansModel');
  538. 			$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  539. 			$ban_info = $this->getModel('BansModel')->getBan($_GET['id']);
  540. 			
  541. 			if ($ban_info == null)
  542. 			{
  543. 				$this->getView('MainView')->forum_message('Ban does not exist!', 'index.php?mode=admin&amp;submode=banlist'); 
  544. 				$lockv = true;
  545. 			}
  546. 

  547. 			if (isset($_POST['confirmed']) && !isset($lockv))
  548. 			{
  549. 				if (!isset($_POST['rejected']))
  550. 				{
  551. 					$this->getModel('BansModel')->deleteBan($_GET['id']);
  552. 					$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', 'index.php?mode=admin&amp;submode=banlist');
  553. 					$lockv = true;		
  554. 				}
  555. 				else
  556. 					$this->forward('index.php?mode=admin&submode=banlist');
  557. 			}
  558. 			
  559. 			if (!isset($lockv))
  560. 				$this->getView('MainView')->confirm_action('Do you want delete ban for user <span style="font-weight: bold">'.$ban_info['nick'].'</span>?');
  561. 		}
  562. 		
  563. 	}
  564. 	
  565. 	public function addban()
  566. 	{
  567. 		if ($this->loadDependencies())
  568. 		{
  569. 			$msg = '';
  570. 		
  571. 			$this->loadModel('BansModel');
  572. 			$this->loadModel('UsersModel');
  573. 		
  574. 			if (isset($_POST['user_id'], $_POST['reason']))
  575. 			{
  576. 				$_POST['user_id'] = trim(strip_tags($this->db->real_escape_string($_POST['user_id'])));
  577. 				$_POST['reason'] = trim(strip_tags($this->db->real_escape_string($_POST['reason'])));
  578. 

  579. 				if ($_POST['user_id'] == $this->getModel('SessionModel')->getID())
  580. 					$msg .= 'You cannot ban your profile!<br>';
  581. 				
  582. 				if ($this->getModel('BansModel')->getUserBan($_POST['user_id']) != null)
  583. 					$msg .= 'This user has already been banned!<br>';
  584. 					
  585. 				if ($this->getModel('UsersModel')->getUserInformation($_POST['user_id']) == null)
  586. 					$msg .= 'User does not exist!<br>';
  587. 			
  588. 				if ($msg == '')
  589. 				{
  590. 					$this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']);
  591. 					$this->getView('MainView')->forum_message('Ban added. Redirecting...', 'index.php?mode=admin&amp;submode=banlist'); 
  592. 					$lockv = true;
  593. 				}
  594. 			}
  595. 		
  596. 			if (!isset($lockv))
  597. 			{
  598. 				$_POST['user_id'] = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
  599. 				$_POST['reason'] = (isset($_POST['reason'])) ? $_POST['reason'] : '';
  600. 					
  601. 				$this->getView('MainView')->admin_ban_form($msg);
  602. 			}
  603. 		}
  604. 	}
  605. }
  606. 

  607. ?>