svrjs-mods-directory/includes/page_discardmod.php

75 lines
3.2 KiB
PHP
Raw Permalink Normal View History

2024-12-27 15:05:54 +01:00
<?php
if (!defined('SVRJS_MOD_DIRECTORY')) die;
$errorMessage = null;
$modDiscarded = false;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['_csrf']) || $_POST['_csrf'] != $_SESSION['csrf']) {
$errorMessage = "Potential CSRF attack detected.";
} else {
$modPendingUploadDirectory = APP_FSROOT . '/img/mods_pending';
$pendingCoverImagePathname = isset($modDataToDiscard['image_ext']) && $modDataToDiscard['image_ext'] ? $modPendingUploadDirectory . '/' . str_replace(['/', '\\'], '', $modDataToDiscard['slug']) . '.' . str_replace(['/', '\\'], '', $modDataToDiscard['image_ext']) : null;
if ($pendingCoverImagePathname && file_exists($pendingCoverImagePathname) && !unlink($pendingCoverImagePathname)) {
$errorMessage = "An unexpected error occurred while discarding the mod.";
} else {
$statement = $connection->prepare("DELETE FROM mods_pending WHERE slug = ?");
if (!$statement) {
$errorMessage = "An unexpected error occurred while discarding the mod.";
} else {
$modSlug = $modDataToDiscard['slug'];
$statement->bind_param('s', $modSlug);
if (!$statement->execute()) {
$errorMessage = "An unexpected error occurred while discarding the mod.";
} else {
$modDiscarded = true;
}
$statement->close();
}
}
}
}
if (!$modDiscarded) {
$pageTitle = "Discard pending mod";
$pageDescription = "Discard a pending SVR.JS mod in SVR.JS Mods directory.";
} else {
$pageTitle = "Mod discarded";
$pageDescription = "The pending mod has been discarded.";
}
include 'header.php';
?>
<main class="content">
<?php if ($modDiscarded) { ?>
<h1>Mod discarded</h1>
<p>The pending mod has been discarded.</p>
<p><a href="<?php echo htmlspecialchars((URL_REWRITTEN ? APP_ROOT : APP_ROOT . APP_FILENAME . '/') . 'pending-mods'); ?>" class="btn">View pending mods</a></p>
<?php } else { ?>
<h1>Discard mod</h1>
<p>This action will discard the pending <strong>&ldquo;<?php echo htmlspecialchars($modDataToDiscard['name']); ?>&rdquo;</strong> mod.</p>
<form action="<?php echo htmlspecialchars((URL_REWRITTEN ? APP_ROOT : APP_ROOT . APP_FILENAME . '/') . 'discard-mod/' . urlencode($modDataToDiscard['slug'])) ?>" method="post" class="form" enctype="multipart/form-data">
<?php if ($errorMessage) echo '<p class="form-error">' . htmlspecialchars($errorMessage) . '</p>'; ?>
<div class="form-block">
<input type="submit" value="Discard mod">
</div>
<input type="hidden" name="_csrf" value="<?php echo htmlspecialchars($_SESSION['csrf']) ?>">
</form>
<?php } ?>
</main>
<?php
include 'footer.php';
if ($modDiscarded) {
$moderatorResult = $connection->query("SELECT email AS address, username AS name FROM users WHERE is_moderator = 1;");
if ($moderatorResult) {
$moderators = [];
while ($moderator = $moderatorResult->fetch_assoc()) {
array_push($moderators, $moderator);
}
sendEmail($moderators, 'A pending mod has been discarded', "A pending mod has been discarded:\n\nMod name: " . str_replace(["\r\n", "\r", "\n"], '', $modDataToDiscard['name']) . "\nSlug: " . $modDataToDiscard['slug'] . "\n\nNo action is required.");
}
}
?>