LotGDocker/lotgd-web/lotgd/lib/user/user_saveban.php

40 lines
1.2 KiB
PHP
Raw Normal View History

2020-08-17 19:16:42 -04:00
<?php
$sql = "INSERT INTO " . db_prefix("bans") . " (banner,";
$type = httppost("type");
if ($type=="ip"){
$sql.="ipfilter";
}else{
$sql.="uniqueid";
}
$sql.=",banexpire,banreason) VALUES ('" . addslashes($session['user']['name']) . "',";
if ($type=="ip"){
$sql.="\"".httppost("ip")."\"";
}else{
$sql.="\"".httppost("id")."\"";
}
$duration = (int)httppost("duration");
if ($duration == 0) $duration="0000-00-00";
else $duration = date("Y-m-d", strtotime("+$duration days"));
$sql.=",\"$duration\",";
$sql.="\"".httppost("reason")."\")";
if ($type=="ip"){
if (substr($_SERVER['REMOTE_ADDR'],0,strlen(httppost("ip"))) ==
httppost("ip")){
$sql = "";
output("You don't really want to ban yourself now do you??");
output("That's your own IP address!");
}
}else{
if ($_COOKIE['lgi']==httppost("id")){
$sql = "";
output("You don't really want to ban yourself now do you??");
output("That's your own ID!");
}
}
if ($sql!=""){
db_query($sql);
output("%s ban rows entered.`n`n", db_affected_rows());
output_notl("%s", db_error(LINK));
debuglog("entered a ban: " . ($type=="ip"? "IP: ".httppost("ip"): "ID: ".httppost("id")) . " Ends after: $duration Reason: \"" . httppost("reason")."\"");
}
?>