block.pl
Copying Source is Forbidden
103 lines of code
1
#!/usr/local/bin/perl
2
3
# must have's!
4
use strict;
5
use warnings;
6
use CGI::Carp qw(fatalsToBrowser);
7
use DBI;
8
use URI::Escape;
9
10
use lib "/var/www/html/Pm";
11
12
use Bc_chef qw(cookie_get);
13
use Bc_misc qw(get_param);
14
use Bc_sql qw(user_exists
15
get_constant
16
sql_execute
17
$QUERY_PAGE
18
$QUERY_UID
19
$LOGGEDIN
20
21
$DB
22
);
23
24
use Date qw(get_today);
25
use Html qw(pre_html_header);
26
use Html2 qw(tag br hr embolden italicize);
27
use Redir qw(error_redir notice_redir);
28
use User qw(blockedUser get_user_stat $USER_DATA);
29
30
if (not $LOGGEDIN) {
31
print error_redir("/?$QUERY_PAGE=" . get_constant("MAIL_PAGE"), "Premium Membership Required");
32
exit 1;
33
}
34
35
my $DEBUG = 0;
36
37
if (not user_exists($LOGGEDIN) or Security::banned($LOGGEDIN)) {
38
my $msg = "Access Denied";
39
if ($DEBUG) { $msg .= " (block.pl)"; }
40
print error_redir("/", $msg);
41
42
exit 1;
43
}
44
45
my $bid = get_param($QUERY_UID);
46
47
#
48
# if not $redir then
49
# print 0 for failure, or 1 for success
50
# otherwise
51
# redirect to referring URI
52
#
53
# in retrospect, $redir conditional should be reversed,
54
# as it makes more sense to redir to referrer by default
55
#
56
57
my $redir = get_param("r");
58
59
if (not $DB) {
60
if (not $redir)
61
{ print pre_html_header({type=>"text/plain"}) . "0"; } else
62
{ print error_redir($ENV{HTTP_REFERER}, "Add/remove block failed"); }
63
64
exit 1;
65
}
66
67
# first, do $LOGGEDIN and $bid exist, and are they the same ?
68
if (not user_exists($LOGGEDIN) or not user_exists($bid) or $bid eq $LOGGEDIN) {
69
if (not $redir)
70
{ print pre_html_header({type=>"text/plain"}) . "0"; } else
71
{ print error_redir($ENV{HTTP_REFERER}, "Add/remove block failed"); }
72
73
exit 1;
74
}
75
76
# this script will either add or remove a blocked user. nothing else.
77
# so we must determine if $bid is blocked already or not
78
79
my $sql;
80
my $blocked = blockedUser($bid);
81
82
if ($blocked)
83
{ $sql = "delete from blocks where UID = " . $DB->quote($LOGGEDIN) . " and BID = " . $DB->quote($bid); } else
84
{ $sql = "insert into blocks values(NULL, " . $DB->quote($LOGGEDIN) . ", " . $DB->quote($bid) . ", " . $DB->quote(get_today("", 0)) . ")"; }
85
86
my $updateResults = sql_execute($sql, "block.pl");
87
if ($updateResults) {
88
if ($blocked) {
89
if ($redir eq 1)
90
{ print notice_redir($ENV{HTTP_REFERER}, embolden(get_user_stat($bid, "nickname")) . " removed from blocked list"); } else
91
{ print pre_html_header({type=>"text/plain"}) . "1"; }
92
} else {
93
if ($redir eq 1)
94
{ print notice_redir($ENV{HTTP_REFERER}, embolden(get_user_stat($bid, "nickname")) . " added to blocked list"); } else
95
{ print pre_html_header({type=>"text/plain"}) . "1"; }
96
}
97
} else {
98
if ($redir eq 1)
99
{ print error_redir($ENV{HTTP_REFERER}, "Add/remove block failed!"); } else
100
{ print pre_html_header({type=>"text/plain"}); print "1"; }
101
}
102
103
exit 1;