An error has occurred.';
echo 'You need to specifiy an username.
Go back';
}
if (strlen($username) > 20 and $error == false) {
$error = true;
echo '
An error has occurred.
';
echo 'The username you specified is too long.
Go back';
}
if (strlen($reason) == 0 and $error == false) {
$error = true;
echo '
An error has occurred.
';
echo 'You need to specifiy a reason.
Go back';
}
if (strlen($reason) > 256 and $error == false) {
$error = true;
echo '
An error has occurred.
';
echo 'The reason you specified is too long.
Go back';
}
if ($error == false) {
// Create database connection.
include_once $_SERVER['DOCUMENT_ROOT'].'/config.php';
try{
$dbcon = new PDO('mysql:host='.$db_host.';port='.$db_port.';dbname='.$db_name.'', $db_user, $db_passwd);
$dbcon->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_SILENT);
$dbcon->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}catch (PDOExpection $e){
exit;
}
$stmt = $dbcon->prepare("SELECT * FROM users WHERE username=:uid;");
$stmt->bindParam(':uid', $username, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$error = false;
if ($stmt->rowCount() == 0) {
$error = true;
echo '
An error has occurred.
';
echo 'The user you are reporting does not exist.
Go back';
}
if ($error == false) {
if ($result['banned'] == 1) {
$error = true;
echo '
An error has occurred.
';
echo 'The user you are reporting has been banned.
Go back';
}
}
if ($error == false) {
// Check if the same user has reported already.
$stmt = $dbcon->prepare("SELECT * FROM reports WHERE reportIP=:ip AND target=:username;");
$stmt->bindParam(':ip', $IP, PDO::PARAM_STR);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($stmt->rowCount() > 0) {
echo '
An error has occurred.
';
echo 'You have already reported this user.
Go back';
}else{
$query = "INSERT INTO reports (`target`, `reason`, `date`, `reportIP`) VALUES (:username, :reason, NOW(), :ip);";
$stmt = $dbcon->prepare($query);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':reason', $reason, PDO::PARAM_STR);
$stmt->bindParam(':ip', $IP, PDO::PARAM_STR);
$stmt->execute();
echo '
Thank you!
';
echo 'Your report has been saved. Thanks again!';
}
}
}
$dbcon = null;
exit;
}
?>
Report Abuse