lain/text0Nly
1
0
Fork 0
mirror of https://git.sr.ht/~iwakuralain/text0Nly synced 2025-07-27 15:36:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
text0Nly/main/admin.php
Lain Iwakura da3dc76280
added unban xd
2025-06-16 03:12:45 +03:00

201 lines
7.4 KiB
PHP
Raw Blame History

<?php
session_start();
header('X-Content-Type-Options: nosniff');
header('X-Frame-Options: DENY');
header('X-XSS-Protection: 1; mode=block');
header('Content-Security-Policy: default-src \'self\'');
if (!isset($_SESSION['is_moderator']) || !$_SESSION['is_moderator']) {
header('Location: index.php');
exit;
}
$config = require 'config.php';
$db = new PDO(
"mysql:host={$config['db']['host']};dbname={$config['db']['name']}",
$config['db']['user'],
$config['db']['pass']
);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['action']) && isset($_POST['username'])) {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
if ($_POST['action'] === 'ban') {
$stmt = $db->prepare('UPDATE users SET is_blocked = 1 WHERE username = ?');
$stmt->execute([$username]);
$success = "User $username has been banned";
} elseif ($_POST['action'] === 'unban') {
$stmt = $db->prepare('UPDATE users SET is_blocked = 0 WHERE username = ?');
$stmt->execute([$username]);
$success = "User $username has been unbanned";
} elseif ($_POST['action'] === 'preventive_ban') {
if (!preg_match('/^[a-zA-Z0-9_]+$/', $username)) {
$error = "Invalid username format";
} else {
$stmt = $db->prepare('INSERT INTO banned_usernames (username) VALUES (?)');
try {
$stmt->execute([$username]);
$success = "Username $username has been preventively banned";
} catch (PDOException $e) {
$error = "Username already banned";
}
}
} elseif ($_POST['action'] === 'preventive_unban') {
$stmt = $db->prepare('DELETE FROM banned_usernames WHERE username = ?');
$stmt->execute([$username]);
$success = "Username $username has been preventively unbanned";
}
}
}
$stmt = $db->query('SELECT username, is_blocked, is_moderator, created_at FROM users ORDER BY created_at DESC');
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Text0Nly - Admin Panel</title>
<link rel="stylesheet" href="styles.css">
<style>
.admin-table {
width: 100%;
border-collapse: collapse;
margin-top: 20px;
}
.admin-table th, .admin-table td {
padding: 8px;
border: 1px solid #ddd;
text-align: left;
}
.admin-table th {
background: #f5f5f5;
}
.ban-btn {
background: #dc3545;
color: white;
border: none;
padding: 4px 8px;
cursor: pointer;
border-radius: 4px;
}
.unban-btn {
background: #28a745;
color: white;
border: none;
padding: 4px 8px;
cursor: pointer;
border-radius: 4px;
}
.status-banned {
color: #dc3545;
}
.status-moderator {
color: #28a745;
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>Admin Panel</h1>
<div class="header-buttons">
<a href="index.php">Back to chat</a>
</div>
</div>
<?php if ($error): ?>
<div class="error"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<?php if ($success): ?>
<div class="success"><?= htmlspecialchars($success) ?></div>
<?php endif; ?>
<div class="preventive-ban">
<h2>Preventive Ban</h2>
<form method="post" class="ban-form">
<input type="text" name="username" placeholder="Username to ban" required pattern="[a-zA-Z0-9_]+" maxlength="50">
<input type="hidden" name="action" value="preventive_ban">
<button type="submit" class="ban-btn">Ban Username</button>
</form>
</div>
<h2>Preventively Banned Usernames</h2>
<table class="admin-table">
<thead>
<tr>
<th>Username</th>
<th>Banned At</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php
$stmt = $db->query('SELECT username, created_at FROM banned_usernames ORDER BY created_at DESC');
$banned_usernames = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($banned_usernames as $banned): ?>
<tr>
<td><?= htmlspecialchars($banned['username']) ?></td>
<td><?= $banned['created_at'] ?></td>
<td>
<form method="post" style="display:inline">
<input type="hidden" name="username" value="<?= htmlspecialchars($banned['username']) ?>">
<input type="hidden" name="action" value="preventive_unban">
<button type="submit" class="unban-btn">Unban</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<h2>Users</h2>
<table class="admin-table">
<thead>
<tr>
<th>Username</th>
<th>Status</th>
<th>Created</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?= htmlspecialchars($user['username']) ?></td>
<td>
<?php if ($user['is_blocked']): ?>
<span class="status-banned">Banned</span>
<?php elseif ($user['is_moderator']): ?>
<span class="status-moderator">Moderator</span>
<?php else: ?>
Active
<?php endif; ?>
</td>
<td><?= $user['created_at'] ?></td>
<td>
<?php if (!$user['is_moderator']): ?>
<form method="post" style="display:inline">
<input type="hidden" name="username" value="<?= htmlspecialchars($user['username']) ?>">
<?php if ($user['is_blocked']): ?>
<input type="hidden" name="action" value="unban">
<button type="submit" class="unban-btn">Unban</button>
<?php else: ?>
<input type="hidden" name="action" value="ban">
<button type="submit" class="ban-btn">Ban</button>
<?php endif; ?>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink