lain/text0Nly
1
0
Fork 0
mirror of https://git.sr.ht/~iwakuralain/text0Nly synced 2025-07-27 15:36:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

okay

Browse Source
This commit is contained in:
Lain Iwakura 2025-06-16 03:10:49 +03:00
parent bf0536ac9c
commit 71dd22c304
No known key found for this signature in database
GPG Key ID: C7C18257F2ADC6F8
3 changed files with 54 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
main/admin.php
View File

@ -33,6 +33,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$stmt = $db->prepare('UPDATE users SET is_blocked = 0 WHERE username = ?'); $stmt = $db->prepare('UPDATE users SET is_blocked = 0 WHERE username = ?');
$stmt->execute([$username]); $stmt->execute([$username]);
$success = "User $username has been unbanned"; $success = "User $username has been unbanned";
} elseif ($_POST['action'] === 'preventive_ban') {
if (!preg_match('/^[a-zA-Z0-9_]+$/', $username)) {
$error = "Invalid username format";
} else {
$stmt = $db->prepare('INSERT INTO banned_usernames (username) VALUES (?)');
try {
$stmt->execute([$username]);
$success = "Username $username has been preventively banned";
} catch (PDOException $e) {
$error = "Username already banned";
}
}
} }
} }
} }
@ -100,6 +112,15 @@ $users = $stmt->fetchAll(PDO::FETCH_ASSOC);
<div class="success"><?= htmlspecialchars($success) ?></div> <div class="success"><?= htmlspecialchars($success) ?></div>
<?php endif; ?> <?php endif; ?>
<div class="preventive-ban">
<h2>Preventive Ban</h2>
<form method="post" class="ban-form">
<input type="text" name="username" placeholder="Username to ban" required pattern="[a-zA-Z0-9_]+" maxlength="50">
<input type="hidden" name="action" value="preventive_ban">
<button type="submit" class="ban-btn">Ban Username</button>
</form>
</div>
<table class="admin-table"> <table class="admin-table">
<thead> <thead>
<tr> <tr>

6
main/register.php
View File

@ -30,6 +30,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$error = 'Invalid data'; $error = 'Invalid data';
} else if (strlen($pgp_key) > 4096) { } else if (strlen($pgp_key) > 4096) {
$error = 'PGP key is too long'; $error = 'PGP key is too long';
} else {
$stmt = $db->prepare('SELECT COUNT(*) FROM banned_usernames WHERE username = ?');
$stmt->execute([$username]);
if ($stmt->fetchColumn() > 0) {
$error = 'This username is not allowed';
} else { } else {
$stmt = $db->prepare('SELECT COUNT(*) FROM registrations WHERE created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)'); $stmt = $db->prepare('SELECT COUNT(*) FROM registrations WHERE created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)');
$stmt->execute(); $stmt->execute();
@ -56,6 +61,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} }
} }
} }
}
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>

6
sql/migrate.sql
View File

@ -22,3 +22,9 @@ DELIMITER ;
CALL migrate_if_needed(); CALL migrate_if_needed();
DROP PROCEDURE IF EXISTS migrate_if_needed; DROP PROCEDURE IF EXISTS migrate_if_needed;
CREATE TABLE IF NOT EXISTS banned_usernames (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);