PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-11 14:10:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: mod promotion/demotion

Browse source
This commit is contained in:
Floorb 2023-06-01 15:54:48 -04:00
parent 9296ca14a6
commit 19b2deda2a
3 changed files with 50 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
public/admin/users.php
View file

@ -11,6 +11,27 @@ list($per_page, $current_page) = pp_setup_pagination();
$total_users = User::count();
$all_users = User::limit($per_page)->offset($current_page * $per_page)->get();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!verifyCsrfToken()) {
flashError('Invalid CSRF token.');
goto Render;
} elseif (!isset($_POST['user_id'])) {
flashError('No user ID specified.');
goto Render;
}
$user = User::find($_POST['user_id']);
if (!$user) {
flashError('User not found.');
goto Render;
}
}
Render:
$csrf_token = setupCsrfToken();
?>
<!DOCTYPE html>
<html lang="en">
@ -111,9 +132,7 @@ $all_users = User::limit($per_page)->offset($current_page * $per_page)->get();
<tr>
<th>Username</th>
<th>Date Registered</th>
<th>Ban User</th>
<th>Profile</th>
<th>Delete</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
@ -123,6 +142,13 @@ $all_users = User::limit($per_page)->offset($current_page * $per_page)->get();
<a href="<?= urlForMember($user); ?>"><?= pp_html_escape($user->username); ?></a>
</td>
<td><?= pp_html_escape($user->created_at); ?> </td>
<td>
<form method="post">
<input type="hidden" name="csrf_token" value="<?= $csrf_token ?>">
<input type="hidden" name="user_id" value="<?= $user->id ?>">
<button class="button is-small is-danger" type="submit" name="ban">Ban</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>

14
public/user.php
View file

@ -17,7 +17,7 @@ $profile_username = trim($_GET['user']);
$profile_info = User::with('favourites')
->where('username', $profile_username)
->select('id', 'created_at', 'badge')
->select('id', 'created_at', 'badge', 'role')
->first();
if (!$profile_info) {
@ -39,6 +39,18 @@ if ($can_administrate) {
flashSuccess('Password reset to ' . $new_password);
}
} elseif (isset($_POST['change_role'])) {
if (!verifyCsrfToken()) {
flashError('Invalid CSRF token (do you have cookies enabled?)');
} else {
if ($profile_info->role === User::ROLE_MODERATOR) {
$profile_info->role = 0;
} elseif ($profile_info->role === 0) {
$profile_info->role = User::ROLE_MODERATOR;
}
$profile_info->save();
flashSuccess('Role changed.');
}
}
}

10
theme/bulma/user_profile.php
View file

@ -1,7 +1,8 @@
<?php
use PonePaste\Models\Paste;
use PonePaste\Models\Paste;
use PonePaste\Models\User;
$public_paste_badges = [
$public_paste_badges = [
50 => '[ProbablyAutistic] Have more than fifty pastes',
25 => '[Writefag] Have twenty-five or more pastes',
5 => '[NewWritefag] Have five or more pastes',
@ -53,6 +54,11 @@
<form method="post">
<input type="hidden" name="csrf_token" value="<?= $csrf_token ?>">
<button class="button is-small is-success" type="submit" name="reset_password">Reset Password</button>
<?php if ($profile_info->role === User::ROLE_MODERATOR): ?>
<button class="button is-small is-warning" type="submit" name="change_role">Demote Moderator</button>
<?php elseif ($profile_info->role === 0): ?>
<button class="button is-small is-warning" type="submit" name="change_role">Promote to Moderator</button>
<?php endif; ?>
</form>
</div>
<?php endif; ?>