1 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/config.inc.php"); ?> |
||
2 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/db_helper.php"); ?> |
||
3 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/time_manip.php"); ?> |
||
4 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/user_helper.php"); ?> |
||
5 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/video_helper.php"); ?> |
||
6 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/video_updater.php"); ?> |
||
7 | <?php require_once($_SERVER['DOCUMENT_ROOT'] . "/s/classes/user_update.php"); ?><?php $__video_h = new video_helper($__db); ?> |
||
8 | <?php $__video_u = new video_updater($__db); ?> |
||
9 | <?php $__user_h = new user_helper($__db); ?> |
||
10 | <?php $__user_u = new user_update($__db); ?> |
||
11 | <?php $__db_h = new db_helper(); ?> |
||
12 | <?php $__time_h = new time_helper(); ?> |
||
13 | <?php |
||
14 | if(!isset($_SESSION['siteusername'])) { die(); } |
||
15 | if(!$__user_h->if_admin($_SESSION['siteusername'])) { die(); } |
||
16 | |||
17 | $request = (object) [ |
||
18 | "action" => $_GET['action'], |
||
19 | "users" => $_POST['users'], |
||
20 | "reason" => $_POST['ban_reason'], |
||
21 | "videos" => $_POST['videos'], |
||
22 | "from" => $_SESSION['siteusername'], |
||
23 | |||
24 | "error" => (object) [ |
||
25 | "message" => "", |
||
26 | "status" => "OK" |
||
27 | ] |
||
28 | ]; |
||
29 | |||
30 | $request->users = explode(",", $request->users); |
||
31 | $request->videos = explode(",", $request->videos); |
||
32 | $request->tables = array( |
||
33 | "users" => "username", |
||
34 | "videos" => "author", |
||
35 | "channel_views" => "viewer", |
||
36 | "comments" => "author", |
||
37 | "comment_likes" => "sender", |
||
38 | "comment_reply" => "author", |
||
39 | "favorite_video" => "sender", |
||
40 | "friends" => "sender", |
||
41 | "likes" => "sender", |
||
42 | "playlists" => "author", |
||
43 | "pms" => "owner", |
||
44 | "profile_comments" => "author", |
||
45 | "quicklist_videos" => "author", |
||
46 | "reports" => "sender", |
||
47 | "subscribers" => "sender", |
||
48 | "views" => "viewer", |
||
49 | ); |
||
50 | $request->tables_increment = 0; |
||
51 | |||
52 | if($request->action == "ban_users") { |
||
53 | foreach($request->users as $username) { |
||
54 | $stmt = $__db->prepare("DELETE FROM users WHERE username=:username"); |
||
55 | $stmt->execute(array( |
||
56 | ':username' => $username, |
||
57 | )); |
||
58 | |||
59 | $stmt = $__db->prepare("DELETE FROM videos WHERE author=:username"); |
||
60 | $stmt->execute(array( |
||
61 | ':username' => $username, |
||
62 | )); |
||
63 | |||
64 | $stmt = $__db->prepare("DELETE FROM channel_views WHERE viewer=:username"); |
||
65 | $stmt->execute(array( |
||
66 | ':username' => $username, |
||
67 | )); |
||
68 | |||
69 | $stmt = $__db->prepare("DELETE FROM comments WHERE author=:username"); |
||
70 | $stmt->execute(array( |
||
71 | ':username' => $username, |
||
72 | )); |
||
73 | |||
74 | $stmt = $__db->prepare("DELETE FROM comment_likes WHERE sender=:username"); |
||
75 | $stmt->execute(array( |
||
76 | ':username' => $username, |
||
77 | )); |
||
78 | |||
79 | $stmt = $__db->prepare("DELETE FROM comment_reply WHERE author=:username"); |
||
80 | $stmt->execute(array( |
||
81 | ':username' => $username, |
||
82 | )); |
||
83 | |||
84 | $stmt = $__db->prepare("DELETE FROM favorite_video WHERE sender=:username"); |
||
85 | $stmt->execute(array( |
||
86 | ':username' => $username, |
||
87 | )); |
||
88 | |||
89 | $stmt = $__db->prepare("DELETE FROM friends WHERE sender=:username"); |
||
90 | $stmt->execute(array( |
||
91 | ':username' => $username, |
||
92 | )); |
||
93 | |||
94 | $stmt = $__db->prepare("DELETE FROM likes WHERE sender=:username"); |
||
95 | $stmt->execute(array( |
||
96 | ':username' => $username, |
||
97 | )); |
||
98 | |||
99 | $stmt = $__db->prepare("DELETE FROM playlists WHERE author=:username"); |
||
100 | $stmt->execute(array( |
||
101 | ':username' => $username, |
||
102 | )); |
||
103 | |||
104 | $stmt = $__db->prepare("DELETE FROM pms WHERE owner=:username"); |
||
105 | $stmt->execute(array( |
||
106 | ':username' => $username, |
||
107 | )); |
||
108 | |||
109 | $stmt = $__db->prepare("DELETE FROM profile_comments WHERE author=:username"); |
||
110 | $stmt->execute(array( |
||
111 | ':username' => $username, |
||
112 | )); |
||
113 | |||
114 | $stmt = $__db->prepare("DELETE FROM quicklist_videos WHERE author=:username"); |
||
115 | $stmt->execute(array( |
||
116 | ':username' => $username, |
||
117 | )); |
||
118 | |||
119 | $stmt = $__db->prepare("DELETE FROM reports WHERE sender=:username"); |
||
120 | $stmt->execute(array( |
||
121 | ':username' => $username, |
||
122 | )); |
||
123 | |||
124 | $stmt = $__db->prepare("DELETE FROM subscribers WHERE sender=:username"); |
||
125 | $stmt->execute(array( |
||
126 | ':username' => $username, |
||
127 | )); |
||
128 | |||
129 | $stmt = $__db->prepare("DELETE FROM views WHERE viewer=:username"); |
||
130 | $stmt->execute(array( |
||
131 | ':username' => $username, |
||
132 | )); |
||
133 | |||
134 | header("Location: /admin/bans"); |
||
135 | } |
||
136 | } else if($request->action == "delete_videos") { |
||
137 | foreach($request->videos as $video) { |
||
138 | $stmt = $__db->prepare("DELETE FROM videos WHERE rid=:video"); |
||
139 | $stmt->execute(array( |
||
140 | ':video' => $video, |
||
141 | )); |
||
142 | |||
143 | header("Location: /admin/bans"); |
||
144 | } |
||
145 | } else if($request->action == "actually_just_ban") { |
||
146 | $stmt = $__db->prepare("INSERT INTO bans (username, reason, expire, moderator) VALUES (:username, :reason, now(), :moderator)"); |
||
147 | $stmt->execute(array( |
||
148 | ':username' => $_POST['users'], |
||
149 | ':moderator' => $_SESSION['siteusername'], |
||
150 | ':reason' => $request->reason, |
||
151 | )); |
||
152 | |||
153 | header("Location: /admin/bans"); |
||
154 | } else if($request->action == "actually_just_ban_ip") { |
||
155 | $_user = $__user_h->fetch_user_username($_POST['users']); |
||
156 | |||
157 | $stmt = $__db->prepare("INSERT INTO bans (username, reason, expire, moderator) VALUES (:username, :reason, now(), :moderator)"); |
||
158 | $stmt->execute(array( |
||
159 | ':username' => $_user['ip'], |
||
160 | ':moderator' => $_SESSION['siteusername'], |
||
161 | ':reason' => "", |
||
162 | )); |
||
163 | |||
164 | header("Location: /admin/bans"); |
||
165 | } |
||
166 | |||
167 | //echo json_encode($request, JSON_PRETTY_PRINT); |
||
168 | ?> |
||
0 ignored issues
–
show
|
Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore.
A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever.