search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Vanilla commit.
[tinybbs.git] / action.php
blob560a126251b69be475a6bdcaafe803c618356323
1 <?php
2
3 // This file is for non-content actions.
4 require('includes/header.php');
5 force_id();
6
7 // Take the action ...
8 switch($_GET['action'])
9 {
10 // Normal actions ...
11 case 'watch_topic':
12
13 if( ! ctype_digit($_GET['id']))
14 {
15 add_error('Invalid ID.', true);
16 }
17
18 $id = $_GET['id'];
19 $page_title = 'Watch topic';
20
21 if(isset($_POST['id']))
22 {
23 $check_watchlist = $link->prepare('SELECT 1 FROM watchlists WHERE uid = ? AND topic_id = ?');
24 $check_watchlist->bind_param('si', $_SESSION['UID'], $id);
25 $check_watchlist->execute();
26 $check_watchlist->store_result();
27 if($check_watchlist->num_rows == 0)
28 {
29 $add_watchlist = $link->prepare('INSERT INTO watchlists (uid, topic_id) VALUES (?, ?)');
30 $add_watchlist->bind_param('si', $_SESSION['UID'], $_POST['id']);
31 $add_watchlist->execute();
32 $add_watchlist->close();
33 }
34 $check_watchlist->close();
35
36 redirect('Topic added to your watchlist.');
37 }
38
39 break;
40
41 //Priveleged actions.
42
43 case 'delete_page':
44
45 if( ! $administrator)
46 {
47 add_error('You are not wise enough.', true);
48 }
49
50 if( ! ctype_digit($_GET['id']))
51 {
52 add_error('Invalid ID.', true);
53 }
54
55 $id = $_GET['id'];
56 $page_title = 'Delete page';
57
58 if(isset($_POST['id']))
59 {
60 $file_uid_ban = $link->prepare('DELETE FROM pages WHERE id = ?');
61 $file_uid_ban->bind_param('i', $id);
62 $file_uid_ban->execute();
63 $file_uid_ban->close();
64
65 redirect('Page deleted.');
66 }
67
68 break;
69
70 case 'ban_uid':
71
72 if( ! $moderator && ! $administrator)
73 {
74 add_error('You are not wise enough.', true);
75 }
76
77 if( ! id_exists($_GET['id']))
78 {
79 add_error('There is no such user.', true);
80 }
81
82 $id = $_GET['id'];
83 $page_title = 'Ban poster ' . $id;
84
85 if(isset($_POST['id']))
86 {
87 $file_uid_ban = $link->prepare('INSERT INTO uid_bans (uid, filed) VALUES (?, ?) ON DUPLICATE KEY UPDATE filed = ?');
88 $file_uid_ban->bind_param('sii', $id, $_SERVER['REQUEST_TIME'], $_SERVER['REQUEST_TIME']);
89 $file_uid_ban->execute();
90 $file_uid_ban->close();
91
92 redirect('User ID banned.');
93 }
94
95 break;
96
97 case 'unban_uid':
98
99 if( ! $moderator && ! $administrator)
100 {
101 add_error('You are not wise enough.', true);
102 }
103
104 if( ! id_exists($_GET['id']))
105 {
106 add_error('There is no such user.', true);
107 }
108
109 $id = $_GET['id'];
110 $page_title = 'Unban poster ' . $id;
111
112 if(isset($_POST['id']))
113 {
114 remove_id_ban($id);
115
116 redirect('User ID unbanned.');
117 }
118
119 break;
120
121 case 'unban_ip':
122
123 if( ! $moderator && ! $administrator)
124 {
125 add_error('You are not wise enough.', true);
126 }
127
128 if( ! filter_var($_GET['id'], FILTER_VALIDATE_IP))
129 {
130 add_error('That is not a valid IP address.', true);
131 }
132
133 $id = $_GET['id'];
134 $page_title = 'Unban IP address ' . $id;
135
136 if(isset($_POST['id']))
137 {
138 remove_ip_ban($id);
139
140 redirect('IP address unbanned.');
141 }
142
143 break;
144
145 case 'delete_topic':
146
147 if( ! $moderator && ! $administrator)
148 {
149 add_error('You are not wise enough.', true);
150 }
151 if( ! ctype_digit($_GET['id']))
152 {
153 add_error('Invalid topic ID.', true);
154 }
155
156 $id = $_GET['id'];
157 $page_title = 'Delete topic';
158
159 if(isset($_POST['id']))
160 {
161 // Move record to user's trash.
162 $archive_topic = $link->prepare('INSERT INTO trash (uid, headline, body, time) SELECT topics.author, topics.headline, topics.body, UNIX_TIMESTAMP() FROM topics WHERE topics.id = ?;');
163 $archive_topic->bind_param('i', $id);
164 $archive_topic->execute();
165 $archive_topic->close();
166
167 // And delete it from the main table.
168 $delete_topic = $link->prepare('DELETE FROM topics WHERE id = ?');
169 $delete_topic->bind_param('i', $id);
170 $delete_topic->execute();
171 $delete_topic->close();
172
173 redirect('Topic archived and deleted.', '');
174 }
175
176 break;
177
178 case 'delete_reply':
179
180 if( ! $moderator && ! $administrator)
181 {
182 add_error('You are not wise enough.', true);
183 }
184 if( ! ctype_digit($_GET['id']))
185 {
186 add_error('Invalid reply ID.', true);
187 }
188
189 $id = $_GET['id'];
190 $page_title = 'Delete reply';
191
192 if(isset($_POST['id']))
193 {
194 $fetch_parent = $link->prepare('SELECT parent_id FROM replies WHERE id = ?');
195 $fetch_parent->bind_param('i', $id);
196 $fetch_parent->execute();
197 $fetch_parent->bind_result($parent_id);
198 $fetch_parent->fetch();
199 $fetch_parent->close();
200
201 if( ! $parent_id)
202 {
203 add_error('No such reply.', true);
204 }
205
206 // Move record to user's trash.
207 $archive_reply = $link->prepare('INSERT INTO trash (uid, body, time) SELECT replies.author, replies.body, UNIX_TIMESTAMP() FROM replies WHERE replies.id = ?;');
208 $archive_reply->bind_param('i', $id);
209 $archive_reply->execute();
210 $archive_reply->close();
211
212 // And delete it from the main table.
213 $delete_reply = $link->prepare('DELETE FROM replies WHERE id = ?');
214 $delete_reply->bind_param('i', $id);
215 $delete_reply->execute();
216 $delete_reply->close();
217
218 // Reduce the parent's reply count.
219 $decrement = $link->prepare('UPDATE topics SET replies = replies - 1 WHERE id = ?');
220 $decrement->bind_param('i', $parent_id);
221 $decrement->execute();
222 $decrement->close();
223
224 redirect('Reply archived and deleted.');
225 }
226
227 break;
228
229 case 'delete_ip_ids':
230
231 if( ! $moderator && ! $administrator)
232 {
233 add_error('You are not wise enough.', true);
234 }
235
236 if( ! filter_var($_GET['id'], FILTER_VALIDATE_IP))
237 {
238 add_error('That is not a valid IP address.', true);
239 }
240
241 $id = $_GET['id'];
242 $page_title = 'Delete IDs assigned to <a href="/IP_address/' . $id . '">' . $id . '</a>';
243
244 if(isset($_POST['id']))
245 {
246 $delete_ids = $link->prepare('DELETE FROM users WHERE ip_address = ?');
247 $delete_ids->bind_param('s', $id);
248 $delete_ids->execute();
249 $delete_ids->close();
250
251 redirect('IDs deleted.');
252 }
253
254 break;
255
256 case 'nuke_id':
257
258 if( ! $moderator && ! $administrator)
259 {
260 add_error('You are not wise enough.', true);
261 }
262
263 if( ! id_exists($_GET['id']))
264 {
265 add_error('There is no such user.', true);
266 }
267
268 $id = $_GET['id'];
269 $page_title = 'Nuke all posts by <a href="/profile/' . $id . '">' . $id . '</a>';
270
271 if(isset($_POST['id']))
272 {
273 // Delete replies.
274 $fetch_parents = $link->prepare('SELECT parent_id FROM replies WHERE author = ?');
275 $fetch_parents->bind_param('s', $id);
276 $fetch_parents->execute();
277 $fetch_parents->bind_result($parent_id);
278
279 $victim_parents = array();
280 while($fetch_parents->fetch())
281 {
282 $victim_parents[] = $parent_id;
283 }
284 $fetch_parents->close();
285
286 $delete_replies = $link->prepare('DELETE FROM replies WHERE author = ?');
287 $delete_replies->bind_param('s', $id);
288 $delete_replies->execute();
289 $delete_replies->close();
290
291 $decrement = $link->prepare('UPDATE topics SET replies = replies - 1 WHERE id = ?');
292 foreach($victim_parents as $parent_id)
293 {
294 $decrement->bind_param('i', $parent_id);
295 $decrement->execute();
296 }
297 $decrement->close();
298
299 // Delete topics.
300 $delete_topics = $link->prepare('DELETE FROM topics WHERE author = ?');
301 $delete_topics->bind_param('s', $id);
302 $delete_topics->execute();
303 $delete_topics->close();
304
305 redirect('All topics and replies by ' . $id . ' have been deleted.');
306 }
307
308 break;
309
310 case 'nuke_ip':
311
312 if( ! $moderator && ! $administrator)
313 {
314 add_error('You are not wise enough.', true);
315 }
316
317 if( ! filter_var($_GET['id'], FILTER_VALIDATE_IP))
318 {
319 add_error('That is not a valid IP address.', true);
320 }
321
322 $id = $_GET['id'];
323 $page_title = 'Nuke all posts by <a href="/IP_address/' . $id . '">' . $id . '</a>';
324
325 if(isset($_POST['id']))
326 {
327 // Delete replies.
328 $fetch_parents = $link->prepare('SELECT parent_id FROM replies WHERE author_ip = ?');
329 $fetch_parents->bind_param('s', $id);
330 $fetch_parents->execute();
331 $fetch_parents->bind_result($parent_id);
332
333 $victim_parents = array();
334 while($fetch_parents->fetch())
335 {
336 $victim_parents[] = $parent_id;
337 }
338 $fetch_parents->close();
339
340 $delete_replies = $link->prepare('DELETE FROM replies WHERE author_ip = ?');
341 $delete_replies->bind_param('s', $id);
342 $delete_replies->execute();
343 $delete_replies->close();
344
345 $decrement = $link->prepare('UPDATE topics SET replies = replies - 1 WHERE id = ?');
346 foreach($victim_parents as $parent_id)
347 {
348 $decrement->bind_param('i', $parent_id);
349 $decrement->execute();
350 }
351 $decrement->close();
352
353 // Delete topics.
354 $delete_topics = $link->prepare('DELETE FROM topics WHERE author_ip = ?');
355 $delete_topics->bind_param('s', $id);
356 $delete_topics->execute();
357 $delete_topics->close();
358
359 redirect('All topics and replies by ' . $id . ' have been deleted.');
360 }
361
362 break;
363
364 default:
365 add_error('No valid action specified.', true);
366 }
367
368 echo '<p>Really?</p> <form action="" method="post"> <div> <input type="hidden" name="id" value="' . $id . '" /> <input type="submit" value="Do it" /> </div>';
369
370 require('includes/footer.php');
371
372 ?>
Tiny Bulletin Board System