diff --git a/custom/panel_templates/Default/core/users_punishments_user.tpl b/custom/panel_templates/Default/core/users_punishments_user.tpl index bcefae5845..4ff16d4424 100644 --- a/custom/panel_templates/Default/core/users_punishments_user.tpl +++ b/custom/panel_templates/Default/core/users_punishments_user.tpl @@ -257,8 +257,11 @@
- - {$YES} +
+ + + +
@@ -273,7 +276,7 @@ diff --git a/modules/Core/pages/panel/users_punishments.php b/modules/Core/pages/panel/users_punishments.php index 18e24e26ea..2122f4b2e6 100644 --- a/modules/Core/pages/panel/users_punishments.php +++ b/modules/Core/pages/panel/users_punishments.php @@ -35,54 +35,60 @@ $query = $view_user->data(); if (isset($_GET['do']) && $_GET['do'] == 'revoke' && isset($_GET['id']) && is_numeric($_GET['id'])) { - $infraction = $queries->getWhere('infractions', array('id', '=', $_GET['id'])); - if (!$user->hasPermission('modcp.punishments.revoke') || !count($infraction) || (count($infraction) && $infraction[0]->punished != $query->id)) { - Redirect::to(URL::build('/panel/users/punishments/', 'user=' . $query->id)); - die(); - } - $infraction = $infraction[0]; + if (Token::checK()) { + $infraction = $queries->getWhere('infractions', array('id', '=', $_GET['id'])); + if (!$user->hasPermission('modcp.punishments.revoke') || !count($infraction) || (count($infraction) && $infraction[0]->punished != $query->id)) { + Redirect::to(URL::build('/panel/users/punishments/', 'user=' . $query->id)); + die(); + } + $infraction = $infraction[0]; + + // Revoke infraction + // Unban user/IP + if ($infraction->type == 1) { + // Unban user + try { + $queries->update('users', $query->id, array( + 'isbanned' => 0, + 'active' => 1 + )); + } catch (Exception $e) { + // Error + $errors = array($e->getMessage()); + } + } else if ($infraction->type == 3) { + // Unban IP + try { + $queries->update('users', $query->id, array( + 'isbanned' => 0, + 'active' => 1 + )); + + $queries->delete('ip_bans', array('ip', '=', $query->lastip)); + } catch (Exception $e) { + // Error + $errors = array($e->getMessage()); + } + } - // Revoke infraction - // Unban user/IP - if ($infraction->type == 1) { - // Unban user try { - $queries->update('users', $query->id, array( - 'isbanned' => 0, - 'active' => 1 + $queries->update('infractions', $infraction->id, array( + 'acknowledged' => 1, + 'revoked' => 1, + 'revoked_by' => $user->data()->id, + 'revoked_at' => date('U') )); } catch (Exception $e) { // Error $errors = array($e->getMessage()); } - } else if ($infraction->type == 3) { - // Unban IP - try { - $queries->update('users', $query->id, array( - 'isbanned' => 0, - 'active' => 1 - )); - $queries->delete('ip_bans', array('ip', '=', $query->lastip)); - } catch (Exception $e) { - // Error - $errors = array($e->getMessage()); - } - } + Session::flash('user_punishment_success', $language->get('moderator', 'punishment_revoked')); - try { - $queries->update('infractions', $infraction->id, array( - 'acknowledged' => 1, - 'revoked' => 1, - 'revoked_by' => $user->data()->id, - 'revoked_at' => date('U') - )); - } catch (Exception $e) { - // Error - $errors = array($e->getMessage()); + } else { + $errors = array($language->get('general', 'invalid_token')); } - Session::flash('user_punishment_success', $language->get('moderator', 'punishment_revoked')); Redirect::to(URL::build('/panel/users/punishments/', 'user=' . $query->id)); die(); }