diff options
Diffstat (limited to 'h-source/Application/Controllers/HistoryController.php')
-rw-r--r-- | h-source/Application/Controllers/HistoryController.php | 46 |
1 files changed, 26 insertions, 20 deletions
diff --git a/h-source/Application/Controllers/HistoryController.php b/h-source/Application/Controllers/HistoryController.php index 7702ac9..997878b 100644 --- a/h-source/Application/Controllers/HistoryController.php +++ b/h-source/Application/Controllers/HistoryController.php @@ -106,6 +106,7 @@ class HistoryController extends BaseController parent::__construct($model, $controller, $queryString); $this->model('HistoryModel'); + $this->model('UsersModel'); } @@ -145,6 +146,8 @@ class HistoryController extends BaseController { if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token"); + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked"); + $clean['id_user'] = (int)$this->s['registered']->status['id_user']; $clean['id'] = $this->request->post('id',0,'forceInt'); $type = $this->request->post('type',0,'sanitizeAll'); @@ -216,28 +219,31 @@ class HistoryController extends BaseController { if ($this->ismoderator) { - $clean['id'] = (int)$id; - if (array_key_exists($type,$this->types)) + if (!$this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) { - $clean['type'] = $this->types[$type]['clean_type']; - - switch ($clean['type']) { - case 'user': - $data['object'] = 'user'; - $data['box_class'] = 'details_of_actions_inner_user'; - break; - default: - $data['object'] = 'message'; - $data['box_class'] = 'details_of_actions_inner'; - break; + $clean['id'] = (int)$id; + if (array_key_exists($type,$this->types)) + { + $clean['type'] = $this->types[$type]['clean_type']; + + switch ($clean['type']) { + case 'user': + $data['object'] = 'user'; + $data['box_class'] = 'details_of_actions_inner_user'; + break; + default: + $data['object'] = 'message'; + $data['box_class'] = 'details_of_actions_inner'; + break; + } + + $data['res'] = $this->m['HistoryModel']->select()->where(array('id'=>$clean['id'],'type'=>$clean['type']))->send(); + + $data['md_action'] = array('hide'=>'hidden','show'=>'restored','block'=>'blocked','unblock'=>'un-blocked'); + + $this->append($data); + $this->load('viewall'); } - - $data['res'] = $this->m['HistoryModel']->select()->where(array('id'=>$clean['id'],'type'=>$clean['type']))->send(); - - $data['md_action'] = array('hide'=>'hidden','show'=>'restored','block'=>'blocked','unblock'=>'un-blocked'); - - $this->append($data); - $this->load('viewall'); } } } |