<?php
//Проверка на авторизацию
User::a()->noLogin();
if(User::a()->isModer===false){
header('Location:/User/'.User::a()->user['id'].'/');
die();
}
if(User::a()->user['id']==$data['id'] || $data['status']>User::a()->user['status']){
header('Location:/User/'.$data['id'].'/');
die();
}
if($data['ban'] == '')$banStatus = array('type'=>0,'time'=>0,'who'=>0,'why'=>0);
else $banStatus = json_decode($data['ban'],true);
if($banStatus['time']>time() || $banStatus['type']==2){
if($banStatus['who']!=User::a()->user['id']){
header('Location:/User/'.$data['id'].'/');
die();
}
DB::a()->d->query("UPDATE `users` SET `ban` = '' WHERE `id` = '".$data['id']."' LIMIT 1");
header('Location:/User/'.$data['id'].'/');
die();
}
if(isset($_POST['submit'])){
$why = $_POST['why'];
if(!empty($_POST['other']))$why = htmlspecialchars(strip_tags(trim($_POST['other'])));
$banStatus = array('type'=>$_POST['type'],'time'=>time()+$_POST['time'],'who'=>User::a()->user['id'],'why'=>$why);
DB::a()->d->query("UPDATE `users` SET `ban` = '".json_encode_cyr($banStatus)."' WHERE `id` = '".$data['id']."' LIMIT 1");
header('Location:/User/'.$data['id'].'/');
die();
}
Template::a()->setTitle('Блокировка пользователя');
Template::a()->set('data',$data);
Template::a()->display('user/ban');
?>