admin/admin_disallow.php

   1 <?php
   2 /***************************************************************************
   3  *                            admin_disallow.php
   4  *                            -------------------
   5  *   begin                : Tuesday, Oct 05, 2001
   6  *   copyright            : (C) 2001 The phpBB Group
   7  *   email                : support@phpbb.com
   8  *
   9  *   $Id: admin_disallow.php,v 1.9.2.4 2005/12/18 13:57:50 grahamje Exp $
  10  *
  11  *
  12  ***************************************************************************/
  13
  14 /***************************************************************************
  15  *
  16  *   This program is free software; you can redistribute it and/or modify
  17  *   it under the terms of the GNU General Public License as published by
  18  *   the Free Software Foundation; either version 2 of the License, or
  19  *   (at your option) any later version.
  20  *
  21  ***************************************************************************/
  22
  23 define('IN_PHPBB', 1);
  24
  25 if( !empty($setmodules) )
  26 {
  27         $filename = basename(__FILE__);
  28         $module['Users']['Disallow'] = $filename;
  29
  30         return;
  31 }
  32
  33 //
  34 // Include required files, get $phpEx and check permissions
  35 //
  36 $phpbb_root_path = "./../";
  37 require($phpbb_root_path . 'extension.inc');
  38 require('./pagestart.' . $phpEx);
  39
  40 if( isset($HTTP_POST_VARS['add_name']) )
  41 {
  42         include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
  43
  44         $disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? trim($HTTP_POST_VARS['disallowed_user']) : trim($HTTP_GET_VARS['disallowed_user']);
  45
  46         if ($disallowed_user == '')
  47         {
  48                 message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
  49         }
  50         if( !validate_username($disallowed_user) )
  51         {
  52                 $message = $lang['Disallowed_already'];
  53         }
  54         else
  55         {
  56                 $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username)
  57                         VALUES('" . str_replace("\'", "''", $disallowed_user) . "')";
  58                 $result = $db->sql_query( $sql );
  59                 if ( !$result )
  60                 {
  61                         message_die(GENERAL_ERROR, "Could not add disallowed user.", "",__LINE__, __FILE__, $sql);
  62                 }
  63                 $message = $lang['Disallow_successful'];
  64         }
  65
  66         $message .= "<br /><br />" . sprintf($lang['Click_return_disallowadmin'], "<a href=\"" . append_sid("admin_disallow.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
  67
  68         message_die(GENERAL_MESSAGE, $message);
  69 }
  70 else if( isset($HTTP_POST_VARS['delete_name']) )
  71 {
  72         $disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] );
  73
  74         $sql = "DELETE FROM " . DISALLOW_TABLE . "
  75                 WHERE disallow_id = $disallowed_id";
  76         $result = $db->sql_query($sql);
  77         if( !$result )
  78         {
  79                 message_die(GENERAL_ERROR, "Couldn't removed disallowed user.", "",__LINE__, __FILE__, $sql);
  80         }
  81
  82         $message .= $lang['Disallowed_deleted'] . "<br /><br />" . sprintf($lang['Click_return_disallowadmin'], "<a href=\"" . append_sid("admin_disallow.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
  83
  84         message_die(GENERAL_MESSAGE, $message);
  85
  86 }
  87
  88 //
  89 // Grab the current list of disallowed usernames...
  90 //
  91 $sql = "SELECT *
  92         FROM " . DISALLOW_TABLE;
  93 $result = $db->sql_query($sql);
  94 if( !$result )
  95 {
  96         message_die(GENERAL_ERROR, "Couldn't get disallowed users.", "", __LINE__, __FILE__, $sql );
  97 }
  98
  99 $disallowed = $db->sql_fetchrowset($result);
 100
 101 //
 102 // Ok now generate the info for the template, which will be put out no matter
 103 // what mode we are in.
 104 //
 105 $disallow_select = '<select name="disallowed_id">';
 106
 107 if( trim($disallowed) == "" )
 108 {
 109         $disallow_select .= '<option value="">' . $lang['no_disallowed'] . '</option>';
 110 }
 111 else
 112 {
 113         $user = array();
 114         for( $i = 0; $i < count($disallowed); $i++ )
 115         {
 116                 $disallow_select .= '<option value="' . $disallowed[$i]['disallow_id'] . '">' . $disallowed[$i]['disallow_username'] . '</option>';
 117         }
 118 }
 119
 120 $disallow_select .= '</select>';
 121
 122 $template->set_filenames(array(
 123         "body" => "admin/disallow_body.tpl")
 124 );
 125
 126 $template->assign_vars(array(
 127         "S_DISALLOW_SELECT" => $disallow_select,
 128         "S_FORM_ACTION" => append_sid("admin_disallow.$phpEx"),
 129
 130         "L_INFO" => $output_info,
 131         "L_DISALLOW_TITLE" => $lang['Disallow_control'],
 132         "L_DISALLOW_EXPLAIN" => $lang['Disallow_explain'],
 133         "L_DELETE" => $lang['Delete_disallow'],
 134         "L_DELETE_DISALLOW" => $lang['Delete_disallow_title'],
 135         "L_DELETE_EXPLAIN" => $lang['Delete_disallow_explain'],
 136         "L_ADD" => $lang['Add_disallow'],
 137         "L_ADD_DISALLOW" => $lang['Add_disallow_title'],
 138         "L_ADD_EXPLAIN" => $lang['Add_disallow_explain'],
 139         "L_USERNAME" => $lang['Username'])
 140 );
 141
 142 $template->pparse("body");
 143
 144 include('./page_footer_admin.'.$phpEx);
 145
 146 ?>