We use cookies to ensure you get the best experience on our website
Home Verkennen Help
Registreren Inloggen
0ct0pu5
/
forkbb
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: e92cd585b7
Aftakkingen Labels
forkbb
/
app
/
Models
/
Pages
/
Admin
/
Users.php

Users.php 4.6 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * This file is part of the ForkBB <https://github.com/forkbb>.
    4. 

  4.  *
    5. 

  5.  * @copyright (c) Visman <mio.visman@yandex.ru, https://github.com/MioVisman>
    6. 

  6.  * @license   The MIT License (MIT)
    7. 

  7.  */
    8. 

  8. 

  9. declare(strict_types=1);
    10. 

  10. 

  11. namespace ForkBB\Models\Pages\Admin;
    12. 

  12. 

  13. use ForkBB\Core\Container;
    14. 

  14. use ForkBB\Models\Pages\Admin;
    15. 

  15. use ForkBB\Models\User\User;
    16. 

  16. use function \ForkBB\__;
    17. 

  17. 

  18. abstract class Users extends Admin
    19. 

  19. {
    20. 

  20.     const ACTION_BAN = 'ban';
    21. 

  21.     const ACTION_DEL = 'delete';
    22. 

  22.     const ACTION_CHG = 'change_group';
    23. 

  23. 

  24.     public function __construct(Container $container)
    25. 

  25.     {
    26. 

  26.         parent::__construct($container);
    27. 

  27. 

  28.         $this->aIndex = 'users';
    29. 

  29. 

  30.         $this->c->Lang->load('validator');
    31. 

  31.         $this->c->Lang->load('admin_users');
    32. 

  32.     }
    33. 

  33. 

  34.     /**
    35. 

  35.      * Кодирует данные фильтра для url
    36. 

  36.      */
    37. 

  37.     protected function encodeData(/* array|string */ $data): string
    38. 

  38.     {
    39. 

  39.         if (\is_array($data)) {
    40. 

  40.             unset($data['token']);
    41. 

  41.             $data = \base64_encode(\json_encode($data));
    42. 

  42.             $hash = $this->c->Secury->hash($data);
    43. 

  43. 

  44.             return "{$data}:{$hash}";
    45. 

  45.         } else {
    46. 

  46.             return "ip:{$data}";
    47. 

  47.         }
    48. 

  48.     }
    49. 

  49. 

  50.     /**
    51. 

  51.      * Декодирует данные фильтра из url
    52. 

  52.      */
    53. 

  53.     protected function decodeData(string $data) /* : mixed */
    54. 

  54.     {
    55. 

  55.         $data = \explode(':', $data);
    56. 

  56. 

  57.         if (2 !== \count($data)) {
    58. 

  58.             return false;
    59. 

  59.         }
    60. 

  60. 

  61.         if ('ip' === $data[0]) {
    62. 

  62.             $ip = \filter_var($data[1], \FILTER_VALIDATE_IP);
    63. 

  63. 

  64.             return false === $ip ? false : ['ip' => $ip];
    65. 

  65.         }
    66. 

  66. 

  67.         if (
    68. 

  68.             ! \hash_equals($data[1], $this->c->Secury->hash($data[0]))
    69. 

  69.             || ! \is_array($data = \json_decode(\base64_decode($data[0], true), true))
    70. 

  70.         ) {
    71. 

  71.             return false;
    72. 

  72.         }
    73. 

  73. 

  74.         return $data;
    75. 

  75.     }
    76. 

  76. 

  77.     /**
    78. 

  78.      * Проверяет доступность действий над выбранными пользователями
    79. 

  79.      */
    80. 

  80.     protected function checkSelected(array $selected, string $action, bool $profile = false) /* : array|false */
    81. 

  81.     {
    82. 

  82.         $selected = \array_map('\\intval', $selected);
    83. 

  83.         $bad      = \array_filter($selected, function ($value) {
    84. 

  84.             return $value < 1;
    85. 

  85.         });
    86. 

  86. 

  87.         if (! empty($bad)) {
    88. 

  88.             $this->fIswev = ['v', 'Action not available'];
    89. 

  89. 

  90.             return false;
    91. 

  91.         }
    92. 

  92. 

  93.         $userList = $this->c->users->loadByIds($selected);
    94. 

  94.         $result   = [];
    95. 

  95.         foreach ($userList as $user) {
    96. 

  96.             if (! $user instanceof User) {
    97. 

  97.                 continue;
    98. 

  98.             }
    99. 

  99. 

  100.             switch ($action) {
    101. 

  101.                 case self::ACTION_BAN:
    102. 

  102.                     if ($this->c->bans->banFromName($user->username) > 0) {
    103. 

  103.                         $this->fIswev = ['i', ['User is ban', $user->username]];
    104. 

  104. 

  105.                         return false;
    106. 

  106.                     }
    107. 

  107.                     if (! $this->c->userRules->canBanUser($user)) {
    108. 

  108.                         $this->fIswev = ['v', ['You are not allowed to ban the %s', $user->username]];
    109. 

  109.                         if ($user->isAdmMod) {
    110. 

  110.                             $this->fIswev = ['i', 'No ban admins message'];
    111. 

  111.                         }
    112. 

  112. 

  113.                         return false;
    114. 

  114.                     }
    115. 

  115.                     break;
    116. 

  116.                 case self::ACTION_DEL:
    117. 

  117.                     if (! $this->c->userRules->canDeleteUser($user)) {
    118. 

  118.                         $this->fIswev = ['v', ['You are not allowed to delete the %s', $user->username]];
    119. 

  119.                         if ($user->isAdmMod) {
    120. 

  120.                             $this->fIswev = ['i', 'No delete admins message'];
    121. 

  121.                         }
    122. 

  122. 

  123.                         return false;
    124. 

  124.                     }
    125. 

  125.                     break;
    126. 

  126.                 case self::ACTION_CHG:
    127. 

  127.                     if (! $this->c->userRules->canChangeGroup($user, $profile)) {
    128. 

  128.                         $this->fIswev = ['v', ['You are not allowed to change group for %s', $user->username]];
    129. 

  129.                         if ($user->isAdmin) {
    130. 

  130.                             $this->fIswev = ['i', 'No move admins message'];
    131. 

  131.                         }
    132. 

  132. 

  133.                         return false;
    134. 

  134.                     }
    135. 

  135.                     break;
    136. 

  136.                 default:
    137. 

  137.                     $this->fIswev = ['v', 'Action not available'];
    138. 

  138. 

  139.                     return false;
    140. 

  140.             }
    141. 

  141. 

  142.             $result[] = $user->id;
    143. 

  143.             if ($user->id === $this->user->id) {
    144. 

  144.                 $this->fIswev = ['i', 'You are trying to change your own group'];
    145. 

  145.             }
    146. 

  146.         }
    147. 

  147. 

  148.         if (empty($result)) {
    149. 

  149.             $this->fIswev = ['v', 'No users selected'];
    150. 

  150. 

  151.             return false;
    152. 

  152.         }
    153. 

  153. 

  154.         return $result;
    155. 

  155.     }
    156. 

  156. }
    157.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5