From b64ea63443e33fc070298c0130461c834de342bc Mon Sep 17 00:00:00 2001 From: Antonio Gallo Date: Sat, 4 Dec 2010 16:08:32 +0000 Subject: moderators can now consult the list of actions carried out by other moderators --- .../Application/Controllers/HistoryController.php | 44 ++++++++++++---------- 1 file changed, 25 insertions(+), 19 deletions(-) (limited to 'h-source/Application/Controllers/HistoryController.php') diff --git a/h-source/Application/Controllers/HistoryController.php b/h-source/Application/Controllers/HistoryController.php index 997878b..76b1158 100644 --- a/h-source/Application/Controllers/HistoryController.php +++ b/h-source/Application/Controllers/HistoryController.php @@ -76,6 +76,7 @@ class HistoryController extends BaseController 'id_name' => 'id_mes', 'field_name' => 'deleted', 'actions' => array('hide','show'), + 'group' => 'moderator', ), @@ -86,6 +87,7 @@ class HistoryController extends BaseController 'id_name' => 'id_talk', 'field_name' => 'deleted', 'actions' => array('hide','show'), + 'group' => 'moderator', ), @@ -96,6 +98,7 @@ class HistoryController extends BaseController 'id_name' => 'id_user', 'field_name' => 'blocked', 'actions' => array('block','unblock'), + 'group' => 'moderator', ), @@ -142,22 +145,23 @@ class HistoryController extends BaseController if ($this->s['registered']->status['status'] === 'logged') { - if ($this->ismoderator) + if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token"); + + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked"); + + $clean['id_user'] = (int)$this->s['registered']->status['id_user']; + $clean['id'] = $this->request->post('id',0,'forceInt'); + $type = $this->request->post('type','','sanitizeAll'); + $message = $this->request->post('message',''); + + $modelName = 'error'; + + if (array_key_exists($type,$this->types)) { - if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token"); - - if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked"); - - $clean['id_user'] = (int)$this->s['registered']->status['id_user']; - $clean['id'] = $this->request->post('id',0,'forceInt'); - $type = $this->request->post('type',0,'sanitizeAll'); - $message = $this->request->post('message',''); - - $modelName = 'error'; - - if (array_key_exists($type,$this->types)) + if (in_array($action,$this->types[$type]['actions'])) { - if (in_array($action,$this->types[$type]['actions'])) + $clean['group'] = $this->types[$type]['group']; + if (in_array($clean['group'],$this->s['registered']->status['groups'])) { $modelName = $this->types[$type]['model_name']; $clean['type'] = $this->types[$type]['clean_type']; @@ -182,6 +186,7 @@ class HistoryController extends BaseController { $this->m['HistoryModel']->setFields('id:forceInt,type,message','sanitizeAll'); $this->m['HistoryModel']->values['created_by'] = $clean['id_user']; + $this->m['HistoryModel']->values['gr'] = $clean['group']; $this->m['HistoryModel']->values['action'] = $this->strings[$action]['action']; $this->m['HistoryModel']->updateTable('insert'); @@ -217,12 +222,13 @@ class HistoryController extends BaseController if ($this->s['registered']->status['status'] === 'logged') { - if ($this->ismoderator) + if (!$this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) { - if (!$this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) + $clean['id'] = (int)$id; + if (array_key_exists($type,$this->types)) { - $clean['id'] = (int)$id; - if (array_key_exists($type,$this->types)) + $clean['group'] = $this->types[$type]['group']; + if (in_array($clean['group'],$this->s['registered']->status['groups'])) { $clean['type'] = $this->types[$type]['clean_type']; @@ -237,7 +243,7 @@ class HistoryController extends BaseController break; } - $data['res'] = $this->m['HistoryModel']->select()->where(array('id'=>$clean['id'],'type'=>$clean['type']))->send(); + $data['res'] = $this->m['HistoryModel']->select()->where(array('id'=>$clean['id'],'type'=>$clean['type'],'gr'=>$clean['group']))->send(); $data['md_action'] = array('hide'=>'hidden','show'=>'restored','block'=>'blocked','unblock'=>'un-blocked'); -- cgit v1.2.3