Problem with unban in Housekeeping (Mango)

[Heaplink]

I recently installed the fix, that was supplied somewhere on the forum. It worked, and I could see all the bans. Now I just have the problem, that the Unban-link (which links to ase/banlist?url=banlist&unban=<id>) doesn't work.

I investigated the issue further more, and saw that it didn't even recognize other GET queries other than url. I looked inside class.core.php and it looked like this:

final public function handleCallHK($k)
    {
        global $users, $engine, $_CONFIG;
       
        if($_SESSION["in_hk"] != true)
        {
            if(isset($_SESSION['user']['id']))
            {
                if($k == 'login')
                {
                    $users->loginHK();
                }
                else
                {
                    header("Location:".$_CONFIG['hotel']['url']."/ase/login");
                    exit;
                }
            }
            else
            {
                header("Location:".$_CONFIG['hotel']['url']."/index");
                exit;
            }
        }
        else
        {
            if(!isset($k))
            {
                header("Location:".$_CONFIG['hotel']['url']."/ase/dash");
                exit;
            }
            else
            {
                if($k == 'banlist')
                {
                    if(isset($_GET["unban"]))
                    {
                        $user = $engine->secure($_GET["unban"]);
                        $engine->query("DELETE FROM bans WHERE id = '" . $user . "'");
                        header("Location: ".$_CONFIG['hotel']['url']."/ase/banlist");
                        exit;
                    }
                }
            }
        }
    }

So at the last if check, it checks wether the page is banlist, and also tries to check wether 'unban' is set in GET queries - Then sets $user to a secure value of 'unban' and do the query to delete the exact ban with that id, locate to the page again (without queries) and stops.

Looks fine for me, but dosen't work. Not even using print_r($GET); could see the 'unban' query.

Hope anyone have a fix for this, I try to see if I can fix it too - If I do, I'll of course post it here

 

[Spartak]

i will try to fixe it.

i made my own script to unban (you need juste to put the username and clic on unban).

 

[Heaplink]

Well I think it's easier to just click one button, instead of typing a name to unban. I would much rather just have it this way.

 

[Spartak]

Well I think it's easier to just click one button, instead of typing a name to unban. I would much rather just have it this way.

Right but if you can't fixe it?

 

[Heaplink]

There should be a workaround, just the hard thing to find it

 

[presto5]

i will try to fixe it.

i made my own script to unban (you need juste to put the username and clic on unban).

Does this script remove all there times they have been banned or the most recent?

 

[Spartak]

The script remove the user name from table bans it's simpl

you put the User name then you clic on Unban. it will unban the user account.

 

[presto5]

The script remove the user name from table bans it's simpl

you put the User name then you clic on Unban. it will unban the user account.

What I was asking is what does the script do when you run it. Does it delete the most recent ban or does it delete all of the persons bans?

 

[Spartak]

it delete what the you put in text area

if you want to ban for ex: Presto

then you will need to type "Presto" in the text area then clic unban it will unban only Presto not all.

[Please stop talk here if you, go pm or make a thered]

 

[Gajeel]

You must be registered for see links

provided the fix. He might, can fix your problem

You must be registered for see links

.

 

[presto5]

it delete what the you put in text area

if you want to ban for ex: Presto

then you will need to type "Presto" in the text area then clic unban it will unban only Presto not all.

[Please stop talk here if you, go pm or make a thered]

Offtopic: You don't get me. I know it only deletes the ban for the person who said they are banned but I wanted to make sure when it removes the ban for that player it removes the most recent one and not all the bans the player has ever received.

Ontopic: Is this fix posted anywhere or should we pm him?

 

[Heaplink]

No the problem, which stuck the system working is that it does NOT recognize other GET values than 'url'. So for example an url like this:

You must be registered for see links

Will output this in print_r():

Array
(
    [url] => banlist
)

Instead of

Array
(
    [url] => banlist
    [unban] => 58
)

If this can be fixed so it can read other GET queries, then it would work.

 

[Spartak]

yea i know that the probleme is in the core... the id