From c718eb70b0fefe92da5795ffb6a9d20e1a4d100d Mon Sep 17 00:00:00 2001 From: Zankaria Date: Sun, 29 Dec 2024 00:01:41 +0100 Subject: [PATCH] Revert "pages.php: QUICKFIX handle unban and notes in mod_user_posts_by_ip to workaround security token issue" This reverts commit 4b49019282b33e71dcbfe70e31ff6b1b8d57773f. --- inc/mod/pages.php | 39 --------------------------------------- 1 file changed, 39 deletions(-) diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 2cb2c22f..6a11e483 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -928,45 +928,6 @@ function mod_user_posts_by_ip(Context $ctx, string $ip, string $encoded_cursor = $config = $ctx->get('config'); - if (isset($_POST['ban_id'], $_POST['unban'])) { - if (!hasPermission($config['mod']['unban'])) - error($config['error']['noaccess']); - - Bans::delete($_POST['ban_id'], true, $mod['boards']); - - if (empty($encoded_cursor)) { - \header("Location: ?/user_posts/ip/$ip#bans", true, $config['redirect_http']); - } else { - \header("Location: ?/user_posts/ip/$ip/cursor/$encoded_cursor#bans", true, $config['redirect_http']); - } - return; - } - - if (isset($_POST['note'])) { - if (!hasPermission($config['mod']['create_notes'])) - error($config['error']['noaccess']); - - $_POST['note'] = escape_markup_modifiers($_POST['note']); - markup($_POST['note']); - $query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)'); - $query->bindValue(':ip', $ip); - $query->bindValue(':mod', $mod['id']); - $query->bindValue(':time', time()); - $query->bindValue(':body', $_POST['note']); - $query->execute() or error(db_error($query)); - - Cache::delete("mod_page_ip_view_notes_$ip"); - - modLog("Added a note for {$ip}"); - - if (empty($encoded_cursor)) { - \header("Location: ?/user_posts/ip/$ip#notes", true, $config['redirect_http']); - } else { - \header("Location: ?/user_posts/ip/$ip/cursor/$encoded_cursor#notes", true, $config['redirect_http']); - } - return; - } - $args = [ 'ip' => $ip, 'posts' => []