From 9600451f925b0f619ec67e56a79c9afb91c66de9 Mon Sep 17 00:00:00 2001
From: Austin <astrologiesroblox@gmail.com>
Date: Wed, 24 Nov 2021 01:35:40 -0500
Subject: [PATCH] usermoderationmanager moderation abilities

---
 html/MCP/user-management/ban.php     |  51 +++++++
 html/MCP/user-management/banlist.php |  50 +++++++
 html/MCP/user-management/index.php   | 196 +++++++++++++++++++++++++++
 html/MCP/user-management/unban.php   |  28 ++++
 4 files changed, 325 insertions(+)
 create mode 100644 html/MCP/user-management/ban.php
 create mode 100644 html/MCP/user-management/banlist.php
 create mode 100644 html/MCP/user-management/index.php
 create mode 100644 html/MCP/user-management/unban.php

diff --git a/html/MCP/user-management/ban.php b/html/MCP/user-management/ban.php
new file mode 100644
index 0000000..82d0612
--- /dev/null
+++ b/html/MCP/user-management/ban.php
@@ -0,0 +1,51 @@
+<?php
+
+/*
+Alphaland 2021 
+*/
+
+if(!$user->isStaff()) {
+    redirect("/");
+}
+
+//headers
+header('Content-Type: application/json');
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+header("access-control-allow-credentials: true");
+
+$modmanager = new Alphaland\Moderation\UserModerationManager();
+
+$data = json_decode(file_get_contents('php://input'));
+
+$ban = false;
+if ($data) {
+	$username = $data->username;
+	$reason = $data->reason;  
+	$expiration = $data->expiration;
+	$type = $data->type;
+
+	if($username && $reason && $type) {
+		$userid = getID($username);
+		$reason = cleanInput($reason);
+		switch ($type) {
+			case "warn":
+				$ban = $modmanager::BanUser($userid, $reason, $expiration, 0); //0 warning type
+				break;
+			case "temp":
+				$ban = $modmanager::BanUser($userid, $reason, $expiration, 1); //1 temp type
+				break;
+			case "perm":
+				$ban = $modmanager::BanUser($userid, $reason, $expiration, 2); //2 perm type
+				break;
+			case "poison":
+				$ban = $modmanager::PoisonBan($userid, $reason);
+				break;
+			case "limb":
+				$ban = $modmanager::ReferralLimbBan($userid, $reason);
+				break;
+			default:
+				break;		
+		}
+	}
+}
+die(json_encode(array("success" => $ban)));
\ No newline at end of file
diff --git a/html/MCP/user-management/banlist.php b/html/MCP/user-management/banlist.php
new file mode 100644
index 0000000..736dad1
--- /dev/null
+++ b/html/MCP/user-management/banlist.php
@@ -0,0 +1,50 @@
+<?php
+
+/*
+	Alphaland 2021
+*/
+
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+header("access-control-allow-credentials: true");
+header('Content-Type: application/json');
+
+if(!$user->isStaff()) {
+    redirect("/MCP");
+}
+
+$bans = $GLOBALS['pdo']->prepare("SELECT * FROM user_bans WHERE valid = 1");
+$bans->execute();
+if ($bans->rowCount() == 0) {
+	die(json_encode(["alert"=>"No bans found"]));
+}
+
+$jsonData = array();
+
+foreach($bans as $ban) {
+    $type = $ban['banType'];
+    $banexpire = "";
+
+    //bantypes to exp
+    if ($type == 0) {
+       $banexpire = "Warning";
+    } else if ($type == 1) {
+        $banexpire = date("m/d/Y", $ban['banExpiration']);
+    } else if ($type == 2) {
+        $banexpire = "Permanent";
+    } else {
+        $banexpire = "NULL";
+    }
+    
+    $banData = array(
+        "banType" => $type,
+        "banReason" => cleanOutput($ban['banReason']),
+        "bannedUser" => cleanOutput(getUsername($ban['uid'])),
+        "whoBannedUser" => $ban['whoBanned'],
+        "whenBanned" => date("m/d/Y", $ban['whenBanned']),
+        "banExpiration" => $banexpire
+    );
+        
+    array_push($jsonData, $banData);
+}
+
+die(json_encode($jsonData));
\ No newline at end of file
diff --git a/html/MCP/user-management/index.php b/html/MCP/user-management/index.php
new file mode 100644
index 0000000..bfcc784
--- /dev/null
+++ b/html/MCP/user-management/index.php
@@ -0,0 +1,196 @@
+<?php
+
+$body = '';
+if(!($user->isStaff())) {
+    redirect("/"); //u not admin nigga
+}
+
+$body = <<<EOT
+<div class="container text-center">
+    <div id = "error_alert" class="alert alert-danger" role="alert" style="display:none;"></div>
+	<div id = "success_alert" class="alert alert-success" role="alert" style="display:none;"></div>
+    <h5>User Management</h5>
+    <div class="card" style="max-width: 38rem;margin: auto;">
+        <div class="card-body">
+            <div class="row">
+                <div class="col-sm">
+                    <div class="input-group">
+                        <input type="text" name="banuser" class="form-control" id="ban_username" placeholder="Username" autocomplete="off">
+                        <input type="text" name="banreason" class="form-control" id="ban_reason" placeholder="Ban Reason" autocomplete="off">
+                        <div class="input-group-append">
+                            <button type="button" class="btn btn-danger" type="button" onclick="banUser()">Ban</button>
+                        </div>
+                    </div>
+                </div>
+            </div>
+            <br>
+			<h6>PLEASE MAKE SURE YOU READ THE DISCORD CHANNEL "staff-resources"</h6>
+			<hr>
+            <div title="Warn the account, can be immediately reactivated" class="custom-control custom-checkbox custom-control-inline">
+                <input type="checkbox" name="warning_checkbox" class="custom-control-input sev_check" id="warning" autocomplete="off">
+                <label class="custom-control-label" for="warning">Warning</label>
+            </div>
+            <div title="Ban the account for 1 day" class="custom-control custom-checkbox custom-control-inline">
+                <input type="checkbox" name="temp_checkbox" class="custom-control-input sev_check" id="temp" autocomplete="off">
+                <label class="custom-control-label" for="temp">Temporary (1 day)</label>
+            </div>
+            <div title="Permanently bans the account" class="custom-control custom-checkbox custom-control-inline">
+                <input type="checkbox" name="perm_checkbox" class="custom-control-input sev_check" id="perm" autocomplete="off">
+                <label class="custom-control-label" for="perm">Permanent</label>
+            </div>
+            <div title="Permanently ban all accounts associated with the accounts ip address" class="custom-control custom-checkbox custom-control-inline">
+                <input type="checkbox" name="poison_perm_checkbox" class="custom-control-input sev_check" id="poison_perm" autocomplete="off">
+                <label class="custom-control-label" for="poison_perm">Poison Ban (Permanent)</label>
+            </div>
+            <div title="Permanently ban the user and every user they invited" class="custom-control custom-checkbox custom-control-inline">
+                <input type="checkbox" name="limb_perm_checkbox" class="custom-control-input sev_check" id="limb_perm" autocomplete="off">
+                <label class="custom-control-label" for="limb_perm">Limb Ban (Permanent)</label>
+            </div>
+            <hr>
+            <div class="row">
+                <div class="col-sm">
+                    <div class="input-group">
+                        <input type="text" name="unbanuser" class="form-control" id="unban_username" placeholder="Username" autocomplete="off">
+                        <div class="input-group-append">	
+                            <button type="submit" class="btn btn-success" type="button" onclick="unbanUser()">Unban</button>
+                        </div>
+                    </div>
+                </div>
+            </div>
+            <hr>
+            <div class="text-center">
+                <p>
+                    <button class="btn btn-danger w-100" type="button" data-toggle="collapse" data-target="#banlisttemp" aria-expanded="false" aria-controls="banlisttemp" onclick="getBanlist()">Banlist</button>
+                </p>
+                <div class="collapse" id="banlisttemp">
+                    <table class="table atable-dark">
+                        <thead>
+                            <tr>
+                                <th>Date</th>
+                                <th>Username</th>
+                                <th>Reason</th>
+                                <th>Expiration</th>
+                            </tr>
+                        </thead>
+                        <tbody id="user_ban_list">
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+<script>
+
+$('.sev_check').click(function() {
+    $('.sev_check').not(this).prop('checked', false);
+ });
+
+function showError(message)
+{
+	$("#error_alert").text(message);
+	$("#error_alert").show();
+			
+	setTimeout(function() 
+	{
+		$("#error_alert").hide();
+	}, 3000);
+}
+
+function showSuccess(message)
+{
+	$("#success_alert").text(message);
+	$("#success_alert").show();
+			
+	setTimeout(function() 
+	{
+		$("#success_alert").hide();
+	}, 3000);
+}
+
+function unbanUser()
+{
+	var unbanusername = $('#unban_username').val();
+
+	if (!unbanusername) {
+		showError("Missing Username");
+		return;
+	}
+
+	postJSONCDS("https://www.alphaland.cc/MCP/user-management/unban", JSON.stringify({
+		"username":unbanusername
+	}))
+	.done(function(object) {
+		if (!object.success) {
+			showError("Failed to unban user");
+		} else {
+			showSuccess("Unbanned User");
+			getBanlist();
+		}
+	});
+}
+
+function banUser()
+{
+	var expiration = 0;
+	var type = "";
+
+	if ($('#warning').prop('checked')) {
+		type = "warn"
+	} else if ($('#temp').prop('checked')) {
+		expiration = Math.floor(Date.now() / 1000) + 86400;
+		type = "temp"
+	} else if ($('#perm').prop('checked')) {
+		type = "perm"
+	} else if ($('#poison_perm').prop('checked')) {
+		type = "poison"
+	} else if ($('#limb_perm').prop('checked')) {
+		type = "limb"
+	} else {
+		showError("No ban type chosen");
+		return;
+	}
+
+	var banusername = $('#ban_username').val();
+	var banreason = $('#ban_reason').val();
+
+	if (!banusername || !banreason) {
+		showError("Missing parameters");
+		return;
+	}
+
+	postJSONCDS("https://www.alphaland.cc/MCP/user-management/ban", JSON.stringify({
+		"username":banusername,
+		"reason":banreason,
+		"expiration":expiration,
+		"type":type	
+	}))
+	.done(function(object) {
+		if (!object.success) {
+			showError("Failed to moderate user");
+		} else {
+			showSuccess("Moderated User");
+			getBanlist();
+		}
+	});
+}
+
+function getBanlist()
+{
+	html = `<tr>
+		<td>{whenBanned}</td>
+		<td>{bannedUser}</td>
+		<td>{banReason}</td>
+		<td>{banExpiration}</td>
+	</tr>`;
+		 
+	staticPageHelper("https://www.alphaland.cc/MCP/user-management/banlist", "", "#user_ban_list", html, "", 100, "", "");
+}
+
+</script>
+EOT;
+
+pageHandler();
+$ph->pageTitle("User Manage");
+$ph->body = $body;
+$ph->output();
\ No newline at end of file
diff --git a/html/MCP/user-management/unban.php b/html/MCP/user-management/unban.php
new file mode 100644
index 0000000..c22b6f5
--- /dev/null
+++ b/html/MCP/user-management/unban.php
@@ -0,0 +1,28 @@
+<?php
+
+/*
+Alphaland 2021 
+*/
+
+if(!$user->isStaff()) {
+    redirect("/");
+}
+
+//headers
+header('Content-Type: application/json');
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+header("access-control-allow-credentials: true");
+
+$modmanager = new Alphaland\Moderation\UserModerationManager();
+
+$data = json_decode(file_get_contents('php://input'));
+
+$unban = false;
+if ($data) {
+	$username = $data->username;
+
+	if($username) {
+		$unban = $modmanager::UnbanUser(getID($username));
+	}
+}
+die(json_encode(array("success" => $unban)));
\ No newline at end of file