/
blockuser.php
99 lines (82 loc) · 4.24 KB
/
blockuser.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
$response = erLhcoreClassChatEventDispatcher::getInstance()->dispatch('chat.blockuser', array());
$chat = erLhcoreClassChat::getSession()->load( 'erLhcoreClassModelChat', $Params['user_parameters']['chat_id']);
$currentUser = erLhcoreClassUser::instance();
// We are just in modal window
if (!ezcInputForm::hasPostData()) {
$tpl = erLhcoreClassTemplate::getInstance('lhchat/blockuser.tpl.php');
$tpl->set('chat', $chat);
print $tpl->fetch();
exit;
}
if (!isset($_SERVER['HTTP_X_CSRFTOKEN']) || !$currentUser->validateCSFRToken($_SERVER['HTTP_X_CSRFTOKEN'])) {
echo json_encode(array('error' => 'true', 'result' => 'Invalid CSRF Token' ));
exit;
}
$Errors = array();
if (!($currentUser->hasAccessTo('lhchat','allowblockusers') || $chat->user_id == $currentUser->getUserID())) {
$Errors[] = erTranslationClassLhTranslation::getInstance()->getTranslation('chat/blockedusers','User blocking failed, perhaps you do not have permission to block users?');
}
$definition = array(
'btype' => new ezcInputFormDefinitionElement(
ezcInputFormDefinitionElement::OPTIONAL, 'int', array( 'min_range' => 0, 'max_range' => 4),FILTER_REQUIRE_ARRAY
),
'btype_email' => new ezcInputFormDefinitionElement(
ezcInputFormDefinitionElement::OPTIONAL, 'boolean'
),
'btype_online_user' => new ezcInputFormDefinitionElement(
ezcInputFormDefinitionElement::OPTIONAL, 'boolean'
),
'expires' => new ezcInputFormDefinitionElement(
ezcInputFormDefinitionElement::OPTIONAL, 'int', array( 'min_range' => 0, 'max_range' => 360)
)
);
$form = new ezcInputForm(INPUT_POST, $definition);
$params = array();
if ((!$form->hasValidData('btype') || empty($form->btype)) && !$form->hasValidData('btype_email') && !$form->hasValidData('btype_online_user')) {
$Errors[] = erTranslationClassLhTranslation::getInstance()->getTranslation('chat/blockedusers', 'Please choose a block type!');
} elseif ($form->hasValidData('btype') && !empty($form->btype)) {
if (in_array(erLhcoreClassModelChatBlockedUser::BLOCK_IP,$form->btype) && in_array(erLhcoreClassModelChatBlockedUser::BLOCK_NICK,$form->btype)) {
$params['btype'] = erLhcoreClassModelChatBlockedUser::BLOCK_ALL_IP_NICK;
} elseif (in_array(erLhcoreClassModelChatBlockedUser::BLOCK_IP,$form->btype) && in_array(erLhcoreClassModelChatBlockedUser::BLOCK_NICK_DEP,$form->btype)) {
$params['btype'] = erLhcoreClassModelChatBlockedUser::BLOCK_ALL_IP_NICK_DEP;
} else {
$btype = $form->btype;
$params['btype'] = array_shift($btype);
}
}
if ($form->hasValidData('btype_email') && $chat->email != '') {
$params['email'] = $chat->email;
} elseif ($form->hasValidData('btype_email') && $chat->email != '') {
$Errors[] = erTranslationClassLhTranslation::getInstance()->getTranslation('chat/blockedusers', 'Chat does not have an e-mail set!');
}
if ($form->hasValidData('btype_online_user') && $chat->online_user_id > 0) {
$params['online_user_id'] = $chat->online_user_id;
} elseif ($form->hasValidData('btype_online_user') && $chat->online_user_id == 0) {
$Errors[] = erTranslationClassLhTranslation::getInstance()->getTranslation('chat/blockedusers', 'Chat does not have online user');
}
if (!$form->hasValidData('expires')) {
$Errors[] = erTranslationClassLhTranslation::getInstance()->getTranslation('chat/blockedusers', 'Please choose expire option!');
} else {
if ($form->expires > 0) {
$params['expires'] = time() + ($form->expires * 24 * 3600);
} else {
$params['expires'] = 0;
}
}
$params['chat'] = $chat;
$params['user'] = $currentUser->getUserData(true);
if (empty($Errors)) {
erLhcoreClassModelChatBlockedUser::blockChat($params);
$tpl = erLhcoreClassTemplate::getInstance('lhkernel/alert_success.tpl.php');
$tpl->set('msg', erTranslationClassLhTranslation::getInstance()->getTranslation('chat/blockedusers', 'Visitor was blocked!'));
header('Content-type: application/json');
echo json_encode(array('error' => false, 'result' => $tpl->fetch()));
} else {
$tpl = erLhcoreClassTemplate::getInstance('lhkernel/validation_error.tpl.php');
$tpl->set('errors', $Errors);
header('Content-type: application/json');
echo json_encode(array('error' => true, 'result' => $tpl->fetch()));
}
exit;
?>