diff options
Diffstat (limited to 'h-source/Application/Controllers')
-rw-r--r-- | h-source/Application/Controllers/HistoryController.php | 44 | ||||
-rw-r--r-- | h-source/Application/Controllers/ModeratorsController.php | 70 |
2 files changed, 95 insertions, 19 deletions
diff --git a/h-source/Application/Controllers/HistoryController.php b/h-source/Application/Controllers/HistoryController.php index 997878b..76b1158 100644 --- a/h-source/Application/Controllers/HistoryController.php +++ b/h-source/Application/Controllers/HistoryController.php @@ -76,6 +76,7 @@ class HistoryController extends BaseController 'id_name' => 'id_mes', 'field_name' => 'deleted', 'actions' => array('hide','show'), + 'group' => 'moderator', ), @@ -86,6 +87,7 @@ class HistoryController extends BaseController 'id_name' => 'id_talk', 'field_name' => 'deleted', 'actions' => array('hide','show'), + 'group' => 'moderator', ), @@ -96,6 +98,7 @@ class HistoryController extends BaseController 'id_name' => 'id_user', 'field_name' => 'blocked', 'actions' => array('block','unblock'), + 'group' => 'moderator', ), @@ -142,22 +145,23 @@ class HistoryController extends BaseController if ($this->s['registered']->status['status'] === 'logged') { - if ($this->ismoderator) + if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token"); + + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked"); + + $clean['id_user'] = (int)$this->s['registered']->status['id_user']; + $clean['id'] = $this->request->post('id',0,'forceInt'); + $type = $this->request->post('type','','sanitizeAll'); + $message = $this->request->post('message',''); + + $modelName = 'error'; + + if (array_key_exists($type,$this->types)) { - if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token"); - - if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked"); - - $clean['id_user'] = (int)$this->s['registered']->status['id_user']; - $clean['id'] = $this->request->post('id',0,'forceInt'); - $type = $this->request->post('type',0,'sanitizeAll'); - $message = $this->request->post('message',''); - - $modelName = 'error'; - - if (array_key_exists($type,$this->types)) + if (in_array($action,$this->types[$type]['actions'])) { - if (in_array($action,$this->types[$type]['actions'])) + $clean['group'] = $this->types[$type]['group']; + if (in_array($clean['group'],$this->s['registered']->status['groups'])) { $modelName = $this->types[$type]['model_name']; $clean['type'] = $this->types[$type]['clean_type']; @@ -182,6 +186,7 @@ class HistoryController extends BaseController { $this->m['HistoryModel']->setFields('id:forceInt,type,message','sanitizeAll'); $this->m['HistoryModel']->values['created_by'] = $clean['id_user']; + $this->m['HistoryModel']->values['gr'] = $clean['group']; $this->m['HistoryModel']->values['action'] = $this->strings[$action]['action']; $this->m['HistoryModel']->updateTable('insert'); @@ -217,12 +222,13 @@ class HistoryController extends BaseController if ($this->s['registered']->status['status'] === 'logged') { - if ($this->ismoderator) + if (!$this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) { - if (!$this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) + $clean['id'] = (int)$id; + if (array_key_exists($type,$this->types)) { - $clean['id'] = (int)$id; - if (array_key_exists($type,$this->types)) + $clean['group'] = $this->types[$type]['group']; + if (in_array($clean['group'],$this->s['registered']->status['groups'])) { $clean['type'] = $this->types[$type]['clean_type']; @@ -237,7 +243,7 @@ class HistoryController extends BaseController break; } - $data['res'] = $this->m['HistoryModel']->select()->where(array('id'=>$clean['id'],'type'=>$clean['type']))->send(); + $data['res'] = $this->m['HistoryModel']->select()->where(array('id'=>$clean['id'],'type'=>$clean['type'],'gr'=>$clean['group']))->send(); $data['md_action'] = array('hide'=>'hidden','show'=>'restored','block'=>'blocked','unblock'=>'un-blocked'); diff --git a/h-source/Application/Controllers/ModeratorsController.php b/h-source/Application/Controllers/ModeratorsController.php new file mode 100644 index 0000000..f7a5737 --- /dev/null +++ b/h-source/Application/Controllers/ModeratorsController.php @@ -0,0 +1,70 @@ +<?php + +// h-source, a web software to build a community of people that want to share their hardware information. +// Copyright (C) 2010 Antonio Gallo (h-source-copyright.txt) +// +// This file is part of h-source +// +// h-source is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// h-source is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with h-source. If not, see <http://www.gnu.org/licenses/>. + +if (!defined('EG')) die('Direct access not allowed!'); + +class ModeratorsController extends BaseController +{ + + public function __construct($model, $controller, $queryString) + { + parent::__construct($model, $controller, $queryString); + + $this->model('HistoryModel'); + + $this->modelName = 'HistoryModel'; + + $data['title'] = 'moderators page - '.Website::$generalName; + $this->append($data); + + $this->setArgKeys(array('page:forceNat'=>1)); + } + + public function actions($lang = 'en') + { + $this->shift(1); + + Params::$nullQueryValue = 'undef'; + + $this->s['registered']->check('moderator'); + + $whereClauseArray = array( + 'gr' => 'moderator', + ); + + $this->helper('Pages','moderators/actions/'.$this->lang,'page'); + + $this->m['HistoryModel']->clear()->select()->where($whereClauseArray)->orderBy('id_history desc'); + + $recordNumber = $this->m['HistoryModel']->rowNumber(); + $page = $this->viewArgs['page']; + + $this->m['HistoryModel']->limit = $this->h['Pages']->getLimit($page,$recordNumber,30); + + $data['table'] = $this->m['HistoryModel']->send(); + + $data['pageList'] = $this->h['Pages']->render($page-4,8); + + $this->append($data); + $this->load('index'); + $this->right(); + } + +}
\ No newline at end of file |