fenglin/manage/unban_user.php

<?php
        if (isset($_SERVER["argv"]))
        {
                chdir(dirname($_SERVER["argv"][0]));
        }

        require_once "../lib/common.inc.php";
        require_once "../lib/lml.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "../lib/db_open.inc.php";

        if (!isset($_SERVER["argc"]))
        {
                require_once "../bbs/session_init.inc.php";

                force_login();
        }

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                "data" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        if (!(isset($_SESSION["BBS_priv"]) && $_SESSION["BBS_priv"]->checklevel(P_ADMIN_M | P_ADMIN_S))
                && !isset($_SERVER["argc"]))
        {
                $result_set["return"]["code"] = -1;
                $result_set["return"]["message"] = "没有权限";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Check system user
        $sql = "SELECT username, nickname FROM user_list
                        INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
                        WHERE user_list.UID = $BBS_sys_uid";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $sys_user = $row["username"];
                $sys_nick = $row["nickname"];
        }
        else
        {
                $result_set["return"]["code"] = -1;
                $result_set["return"]["message"] = "系统账户不存在";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        mysqli_free_result($rs);

        // Check expired ban record
        $sql = "SELECT BID, ban_user_list.UID, ban_user_list.SID, username, title FROM ban_user_list 
                        LEFT JOIN user_list ON ban_user_list.UID = user_list.UID
                        LEFT JOIN section_config ON ban_user_list.SID = section_config.SID
                        WHERE ban_user_list.enable AND unban_dt <= NOW()";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query ban record error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        while ($row = mysqli_fetch_array($rs))
        {
                switch ($row["SID"])
                {
                        case 0:
                                $p_name = "发帖权限";
                                break;
                        case -1:
                                $p_name = "登陆权限";
                                break;
                        case -2:
                                $p_name = "消息权限";
                                break;
                        default:
                                $p_name = "发帖权限";
                                break;
                }

                $sql = "UPDATE ban_user_list SET enable = 0, unban_UID = $BBS_sys_uid,
                                unban_dt = NOW(), unban_ip = '127.0.0.1' WHERE BID = " . $row["BID"];

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update ban record error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Prepare announcement
                $title = ($row["SID"] > 0 ? "" : "[全站]") . "恢复“" . $row["username"] . "”" .
                        ($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name;
                $content = "已恢复用户“" . $row["username"] . "”" .
                        ($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
                        "。\n执行人: " . $sys_user . "\n";

                // Set user privilege
                $priv_name = "";
                switch ($row["SID"])
                {
                        case 0:
                                $priv_name = "p_post";
                                break;
                        case -1:
                                $priv_name = "p_login";
                                break;
                        case -2:
                                $priv_name = "p_msg";
                                break;
                }

                if ($priv_name != "")
                {
                        $sql = "UPDATE user_list SET $priv_name = 1 WHERE UID = " . $row["UID"];

                        $ret = mysqli_query($db_conn, $sql);
                        if ($ret == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update user privilege error: " . mysqli_error($db_conn);
        
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }

                $sql = "UPDATE user_online SET current_action = 'reload' WHERE UID = " . $row["UID"];

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update user online error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Calculate length of content
                $length = str_length(LML($content, false, false, 1024));

                // Post announcement
                $title = mysqli_real_escape_string($db_conn, $title);
                $content = mysqli_real_escape_string($db_conn, $content);

                $sql = "INSERT INTO bbs_content(AID, content) VALUES(0, '$content')";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Add content error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                $cid = mysqli_insert_id($db_conn);

                $sql = "INSERT INTO bbs(SID, TID, UID, username, nickname, title, CID, sub_dt,
                                sub_ip, last_reply_dt, icon, length, excerption)
                                VALUES($BBS_notice_sid, 0, $BBS_sys_uid, '$sys_user', '$sys_nick', '$title',
                                $cid, NOW(), '127.0.0.1', NOW(), 11, $length, 0)";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Add article error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                $aid = mysqli_insert_id($db_conn);

                $sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update content error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Prepare message
                $msg_content = "[hide]SYS_Unban_User[/hide]您" .
                        ($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
                        "已被恢复。[align right]执行人：[user " . $BBS_sys_uid . "]" .
                        $sys_user . "[/user][/align]";

                // Send message
                $msg_content = mysqli_real_escape_string($db_conn, $msg_content);

                $sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
                                VALUES($BBS_sys_uid, " . $row["UID"] . ", '$msg_content', NOW(), '127.0.0.1')";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Insert msg error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                array_push($result_set["return"]["data"], array(
                        "bid" => $row["BID"],
                        "uid" => $row["UID"],
                        "sid" => $row["SID"],
                ));
        }

        mysqli_free_result($rs);

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.2	<?php
2	sysadm	1.3	if (isset($_SERVER["argv"]))
3	sysadm	1.1	{
4	sysadm	1.3	chdir(dirname($_SERVER["argv"][0]));
5	sysadm	1.1	}
6
7			require_once "../lib/common.inc.php";
8			require_once "../lib/lml.inc.php";
9			require_once "../lib/str_process.inc.php";
10			require_once "../lib/db_open.inc.php";
11
12			if (!isset($_SERVER["argc"]))
13			{
14			require_once "../bbs/session_init.inc.php";
15
16			force_login();
17			}
18
19			$result_set = array(
20			"return" => array(
21			"code" => 0,
22			"message" => "",
23			"errorFields" => array(),
24			"data" => array(),
25			)
26			);
27
28			header("Content-Type:application/json; charset=utf-8");
29
30			if (!(isset($_SESSION["BBS_priv"]) && $_SESSION["BBS_priv"]->checklevel(P_ADMIN_M \| P_ADMIN_S))
31			&& !isset($_SERVER["argc"]))
32			{
33			$result_set["return"]["code"] = -1;
34			$result_set["return"]["message"] = "没有权限";
35
36			mysqli_close($db_conn);
37			exit(json_encode($result_set));
38			}
39
40			// Begin transaction
41			$rs = mysqli_query($db_conn, "SET autocommit=0");
42			if ($rs == false)
43			{
44			$result_set["return"]["code"] = -2;
45			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
46
47			mysqli_close($db_conn);
48			exit(json_encode($result_set));
49			}
50
51			$rs = mysqli_query($db_conn, "BEGIN");
52			if ($rs == false)
53			{
54			$result_set["return"]["code"] = -2;
55			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
56
57			mysqli_close($db_conn);
58			exit(json_encode($result_set));
59			}
60
61			// Check system user
62			$sql = "SELECT username, nickname FROM user_list
63			INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
64			WHERE user_list.UID = $BBS_sys_uid";
65
66			$rs = mysqli_query($db_conn, $sql);
67			if ($rs == false)
68			{
69			$result_set["return"]["code"] = -2;
70			$result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);
71
72			mysqli_close($db_conn);
73			exit(json_encode($result_set));
74			}
75
76			if ($row = mysqli_fetch_array($rs))
77			{
78			$sys_user = $row["username"];
79			$sys_nick = $row["nickname"];
80			}
81			else
82			{
83			$result_set["return"]["code"] = -1;
84			$result_set["return"]["message"] = "系统账户不存在";
85
86			mysqli_close($db_conn);
87			exit(json_encode($result_set));
88			}
89			mysqli_free_result($rs);
90
91			// Check expired ban record
92			$sql = "SELECT BID, ban_user_list.UID, ban_user_list.SID, username, title FROM ban_user_list
93			LEFT JOIN user_list ON ban_user_list.UID = user_list.UID
94			LEFT JOIN section_config ON ban_user_list.SID = section_config.SID
95			WHERE ban_user_list.enable AND unban_dt <= NOW()";
96
97			$rs = mysqli_query($db_conn, $sql);
98			if ($rs == false)
99			{
100			$result_set["return"]["code"] = -2;
101			$result_set["return"]["message"] = "Query ban record error: " . mysqli_error($db_conn);
102
103			mysqli_close($db_conn);
104			exit(json_encode($result_set));
105			}
106
107			while ($row = mysqli_fetch_array($rs))
108			{
109			switch ($row["SID"])
110			{
111			case 0:
112			$p_name = "发帖权限";
113			break;
114			case -1:
115			$p_name = "登陆权限";
116			break;
117			case -2:
118			$p_name = "消息权限";
119			break;
120			default:
121			$p_name = "发帖权限";
122			break;
123			}
124
125			$sql = "UPDATE ban_user_list SET enable = 0, unban_UID = $BBS_sys_uid,
126			unban_dt = NOW(), unban_ip = '127.0.0.1' WHERE BID = " . $row["BID"];
127
128			$ret = mysqli_query($db_conn, $sql);
129			if ($ret == false)
130			{
131			$result_set["return"]["code"] = -2;
132			$result_set["return"]["message"] = "Update ban record error: " . mysqli_error($db_conn);
133
134			mysqli_close($db_conn);
135			exit(json_encode($result_set));
136			}
137
138			// Prepare announcement
139			$title = ($row["SID"] > 0 ? "" : "[全站]") . "恢复“" . $row["username"] . "”" .
140			($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name;
141			$content = "已恢复用户“" . $row["username"] . "”" .
142			($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
143			"。\n执行人: " . $sys_user . "\n";
144
145			// Set user privilege
146			$priv_name = "";
147			switch ($row["SID"])
148			{
149			case 0:
150			$priv_name = "p_post";
151			break;
152			case -1:
153			$priv_name = "p_login";
154			break;
155			case -2:
156			$priv_name = "p_msg";
157			break;
158			}
159
160			if ($priv_name != "")
161			{
162			$sql = "UPDATE user_list SET $priv_name = 1 WHERE UID = " . $row["UID"];
163
164			$ret = mysqli_query($db_conn, $sql);
165			if ($ret == false)
166			{
167			$result_set["return"]["code"] = -2;
168			$result_set["return"]["message"] = "Update user privilege error: " . mysqli_error($db_conn);
169
170			mysqli_close($db_conn);
171			exit(json_encode($result_set));
172			}
173			}
174
175			$sql = "UPDATE user_online SET current_action = 'reload' WHERE UID = " . $row["UID"];
176
177			$ret = mysqli_query($db_conn, $sql);
178			if ($ret == false)
179			{
180			$result_set["return"]["code"] = -2;
181			$result_set["return"]["message"] = "Update user online error: " . mysqli_error($db_conn);
182
183			mysqli_close($db_conn);
184			exit(json_encode($result_set));
185			}
186
187			// Calculate length of content
188			$length = str_length(LML($content, false, false, 1024));
189
190			// Post announcement
191			$title = mysqli_real_escape_string($db_conn, $title);
192			$content = mysqli_real_escape_string($db_conn, $content);
193
194			$sql = "INSERT INTO bbs_content(AID, content) VALUES(0, '$content')";
195
196			$ret = mysqli_query($db_conn, $sql);
197			if ($ret == false)
198			{
199			$result_set["return"]["code"] = -2;
200			$result_set["return"]["message"] = "Add content error: " . mysqli_error($db_conn);
201
202			mysqli_close($db_conn);
203			exit(json_encode($result_set));
204			}
205			$cid = mysqli_insert_id($db_conn);
206
207			$sql = "INSERT INTO bbs(SID, TID, UID, username, nickname, title, CID, sub_dt,
208			sub_ip, last_reply_dt, icon, length, excerption)
209			VALUES($BBS_notice_sid, 0, $BBS_sys_uid, '$sys_user', '$sys_nick', '$title',
210			$cid, NOW(), '127.0.0.1', NOW(), 11, $length, 0)";
211
212			$ret = mysqli_query($db_conn, $sql);
213			if ($ret == false)
214			{
215			$result_set["return"]["code"] = -2;
216			$result_set["return"]["message"] = "Add article error: " . mysqli_error($db_conn);
217
218			mysqli_close($db_conn);
219			exit(json_encode($result_set));
220			}
221			$aid = mysqli_insert_id($db_conn);
222
223			$sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";
224
225			$ret = mysqli_query($db_conn, $sql);
226			if ($ret == false)
227			{
228			$result_set["return"]["code"] = -2;
229			$result_set["return"]["message"] = "Update content error: " . mysqli_error($db_conn);
230
231			mysqli_close($db_conn);
232			exit(json_encode($result_set));
233			}
234
235			// Prepare message
236			$msg_content = "[hide]SYS_Unban_User[/hide]您" .
237			($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
238			"已被恢复。[align right]执行人：[user " . $BBS_sys_uid . "]" .
239			$sys_user . "[/user][/align]";
240
241			// Send message
242			$msg_content = mysqli_real_escape_string($db_conn, $msg_content);
243
244			$sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
245			VALUES($BBS_sys_uid, " . $row["UID"] . ", '$msg_content', NOW(), '127.0.0.1')";
246
247			$ret = mysqli_query($db_conn, $sql);
248			if ($ret == false)
249			{
250			$result_set["return"]["code"] = -2;
251			$result_set["return"]["message"] = "Insert msg error: " . mysqli_error($db_conn);
252
253			mysqli_close($db_conn);
254			exit(json_encode($result_set));
255			}
256
257			array_push($result_set["return"]["data"], array(
258			"bid" => $row["BID"],
259			"uid" => $row["UID"],
260			"sid" => $row["SID"],
261			));
262			}
263
264			mysqli_free_result($rs);
265
266			// Commit transaction
267			$rs = mysqli_query($db_conn, "COMMIT");
268			if ($rs == false)
269			{
270			$result_set["return"]["code"] = -2;
271			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
272
273			mysqli_close($db_conn);
274			exit(json_encode($result_set));
275			}
276
277			mysqli_close($db_conn);
278			exit(json_encode($result_set));
279			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1