feat: edit pre-existing bans (#528)

* feat: edit pre-existing bans

* change default permission

* theres no need for elseif here. related: d34f083a6b33185927c6b79a38477f4ea4ce49b5

* quote href param

* changes made

inc/bans.php

@@ -113,20 +113,22 @@ class Bans {
 		return array($ipstart, $ipend);
 	}
 	
-	static public function find($ip, $board = false, $get_mod_info = false) {
+	static public function find($ip, $board = false, $get_mod_info = false, $banid = null) {
 		global $config;
-		
+
 		$query = prepare('SELECT ``bans``.*' . ($get_mod_info ? ', `username`' : '') . ' FROM ``bans``
 		' . ($get_mod_info ? 'LEFT JOIN ``mods`` ON ``mods``.`id` = `creator`' : '') . '
 		WHERE
 			(' . ($board !== false ? '(`board` IS NULL OR `board` = :board) AND' : '') . '
-			(`ipstart` = :ip OR (:ip >= `ipstart` AND :ip <= `ipend`)))
+		(`ipstart` = :ip OR (:ip >= `ipstart` AND :ip <= `ipend`)) OR (``bans``.id = :id))
 		ORDER BY `expires` IS NULL, `expires` DESC');
 		
 		if ($board !== false)
 			$query->bindValue(':board', $board, PDO::PARAM_STR);
 		
+		$query->bindValue(':id', $banid);
 		$query->bindValue(':ip', inet_pton($ip));
+
 		$query->execute() or error(db_error($query));
 		
 		$ban_list = array();
@@ -289,6 +291,9 @@ class Bans {
 			$query->bindValue(':board', null, PDO::PARAM_NULL);
 		
 		if ($post) {
+			if (!isset($board['uri']))
+				openBoard($post['board']);
+
 			$post['board'] = $board['uri'];
 			$query->bindValue(':post', json_encode($post));
 		} else

inc/config.php

@@ -1566,6 +1566,8 @@
 	$config['mod']['unban'] = MOD;
 	// Spoiler image
 	$config['mod']['spoilerimage'] = JANITOR;
+	// Edit bans
+	$config['mod']['edit_ban'] = &$config['mod']['ban'];
 	// Delete file (and keep post)
 	$config['mod']['deletefile'] = JANITOR;
 	// Delete all posts by IP

inc/mod/pages.php

@@ -842,6 +842,14 @@ function mod_page_ip($cip) {
 		header('Location: ?/IP/' . $cip . '#bans', true, $config['redirect_http']);
 		return;
 	}
+
+	if (isset($_POST['ban_id'], $_POST['edit_ban'])) {
+		if (!hasPermission($config['mod']['edit_ban']))
+			error($config['error']['noaccess']);
+
+		header('Location: ?/edit_ban/' . $_POST['ban_id'], true, $config['redirect_http']);
+		return;
+	}
 	
 	if (isset($_POST['note'])) {
 		if (!hasPermission($config['mod']['create_notes']))
@@ -946,6 +954,57 @@ function mod_page_ip($cip) {
 	mod_page(sprintf('%s: %s', _('IP'), htmlspecialchars($cip)), $config['file_mod_view_ip'], $args, $args['hostname']);
 }
 
+function mod_edit_ban($ban_id) {
+	global $mod, $config;
+
+	if (!hasPermission($config['mod']['edit_ban']))
+		error($config['error']['noaccess']);
+
+	$args['bans'] = Bans::find(null, false, true, $ban_id);
+	$args['ban_id'] = $ban_id;
+	$args['boards'] = listBoards();
+	$args['current_board'] = isset($args['bans'][0]['board']) ? $args['bans'][0]['board'] : false;
+
+	if (!$args['bans'])
+		error($config['error']['404']);
+
+	if (isset($_POST['new_ban'])) {
+
+		$new_ban['mask'] = $args['bans'][0]['mask'];
+		$new_ban['post'] = isset($args['bans'][0]['post']) ? $args['bans'][0]['post'] : false;
+		$new_ban['board'] = $args['current_board'];
+
+		if (isset($_POST['reason']))
+			$new_ban['reason'] = $_POST['reason'];
+		else
+			$new_ban['reason'] = $args['bans'][0]['reason'];
+
+		if (isset($_POST['ban_length']) && !empty($_POST['ban_length']))
+			$new_ban['length'] = $_POST['ban_length'];
+		else
+			$new_ban['length'] = false;
+
+		if (isset($_POST['board'])) {
+			if ($_POST['board'] == '*')
+				$new_ban['board'] = false;
+			else
+				$new_ban['board'] = $_POST['board'];
+		}
+
+		Bans::new_ban($new_ban['mask'], $new_ban['reason'], $new_ban['length'], $new_ban['board'], false, $new_ban['post']);
+		Bans::delete($ban_id);
+
+		header('Location: ?/', true, $config['redirect_http']);
+
+	}
+
+	$args['token'] = make_secure_link_token('edit_ban/' . $ban_id);
+
+	mod_page(_('Edit ban'), 'mod/edit_ban.html', $args);
+
+}
+
+
 function mod_ban() {
 	global $config;