104 lines
4.1 KiB
PHP
104 lines
4.1 KiB
PHP
|
<!DOCTYPE html>
|
||
|
<html>
|
||
|
<link href="/style.css" rel="stylesheet">
|
||
|
<head>
|
||
|
<link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
|
||
|
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
|
||
|
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
|
||
|
<link rel="manifest" href="/site.webmanifest">
|
||
|
<link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5">
|
||
|
<meta name="msapplication-TileColor" content="#da532c">
|
||
|
<meta name="theme-color" content="#ffffff">
|
||
|
<div class="header">
|
||
|
<a href="/"><img id="logo" src="/logo.png"></a>
|
||
|
</div>
|
||
|
</head>
|
||
|
<body>
|
||
|
<meta charset="UTF-8">
|
||
|
<ul>
|
||
|
<li><a href="/">Home</a></li>
|
||
|
<li><a href="/chat">Chat</a></li>
|
||
|
<li><a href="/rules">Rules</a></li>
|
||
|
<li><a href="https://limework.craftingstore.net" style="color:lightgreen;">🛒 Store</a></li>
|
||
|
<li><div class="dropdown">
|
||
|
<button class="dropbtn">𝄘</button>
|
||
|
<div class="dropdown-content">
|
||
|
<a href="https://git.limework.net" style="color:lightgreen;">🏗 Gitea</a>
|
||
|
<a href="https://video.govindas.net" style="color:lightgreen;">📺 PeerTube</a>
|
||
|
<a href="https://creative.limework.net" style="color:lightgreen;">🗺 Creative Map</a>
|
||
|
</div>
|
||
|
</div>
|
||
|
</li>
|
||
|
</ul>
|
||
|
<div class='content'>
|
||
|
<?php
|
||
|
|
||
|
$banid=htmlspecialchars($_POST['banid']);
|
||
|
$banreason=htmlspecialchars($_POST['banreason']);
|
||
|
$whyunban=htmlspecialchars($_POST['whyunban']);
|
||
|
|
||
|
$error=false;
|
||
|
|
||
|
if (strlen($banid) > 16) {
|
||
|
echo "<p style='color:red;'>Error: Ban ID cannot be longer than 16 characters</p><br>";
|
||
|
$error=true;
|
||
|
} if (strlen($banid) < 16) {
|
||
|
echo "<p style='color:red;'>Error: Ban ID cannot be shorter than 16 characters</p><br>";
|
||
|
$error=true;
|
||
|
} if (preg_match("#[^][A-Za-z0-9]#", $banid)) {
|
||
|
echo "<p style='color:red;'>Error: Ban ID contains invalid characters</p><br>";
|
||
|
$error=true;
|
||
|
} if (strlen($banreason) > 100) {
|
||
|
echo "<p style='color:red;'>Error: Ban reason cannot be longer than 100 characters</p><br>";
|
||
|
$error=true;
|
||
|
} if (strlen($whyunban) > 2000) {
|
||
|
echo "<p style='color:red;'>Error: Why do you think you should be unbanned cannot be longer than 2000 characters</p><br>";
|
||
|
$error=true;
|
||
|
|
||
|
} if (!$error) {
|
||
|
ini_set('display_errors',1);
|
||
|
error_reporting(E_ALL | E_STRICT);
|
||
|
// webbanappeal has read-only access to bans table, nothing else. It can only be accessed in localhost. Publishing password to git is fine.
|
||
|
$con = mysqli_connect("localhost","webbanappeal","UpUOZhRf5WLAy920wbDqyAKLySHl677juGgL","friends");
|
||
|
if (!$con) {
|
||
|
echo "<p style='color:red;'>Failed to connect to database: " . mysqli_connect_error();
|
||
|
echo "</p>";
|
||
|
$error=true;
|
||
|
} else {
|
||
|
echo "<p>SUCCESS</p>";
|
||
|
}
|
||
|
|
||
|
$sanitized_banid = mysqli_real_escape_string($con, $banid);
|
||
|
if ($result = mysqli_query($con, "SELECT `banid` FROM `bans` WHERE `banid` = '$sanitized_banid'")) {
|
||
|
if (mysqli_num_rows($result) == 0) {
|
||
|
echo "<p style='color:red;'>Error: There is no ban with the specified ban ID. Did you enter it correctly?</p><br>";
|
||
|
$error=true;
|
||
|
} else {
|
||
|
// Free result set
|
||
|
mysqli_free_result($result);
|
||
|
}
|
||
|
}
|
||
|
mysqli_close($con);
|
||
|
}
|
||
|
//must not be else if, as error variable may be set above
|
||
|
if ($error) {
|
||
|
echo "<form action='/appeal'><input type='submit' value='Go back' /></form>";
|
||
|
} else {
|
||
|
echo "<p><i>Opening your ban appeal...</i></p>";
|
||
|
$newcontent = file_get_contents("/var/www/html/template/index.html");
|
||
|
$newcontent=str_replace("Replace this line", "<h1>Ban Appeal</h1><p><b>Ban ID</b><br> $banid</p><p><b>Ban Reason</b><br> $banreason</p><p><b>Why do you think you should be unbanned?</b><br> $whyunban</p><br><h2>Staff Reply</h2><p><i>None yet.</i></p>", $newcontent);
|
||
|
if (!file_exists("/var/www/html/appeal/view/$banid.html")) {
|
||
|
$handle = fopen("/var/www/html/appeal/view/$banid.html","w+");
|
||
|
fwrite($handle,$newcontent);
|
||
|
fclose($handle);
|
||
|
}
|
||
|
echo "<meta http-equiv='Refresh' content='0; url=https://limework.net/appeal/view/$banid' />";
|
||
|
}
|
||
|
?>
|
||
|
</div>
|
||
|
<div class="footer">
|
||
|
<p>© Govindas Limework 2015-present <a href="/privacy-policy"><span style="float:right;color:lightgreen;">Privacy Policy</span></a></p>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|