From 14c35feca6ba71769b0ac7aee22488685eccbbaa Mon Sep 17 00:00:00 2001
From: ghost <localhost>
Date: Mon, 28 Aug 2023 00:29:49 +0300
Subject: [PATCH] auto-approve magnets by users approved

---
 src/public/action.php | 11 +++++++++--
 src/public/edit.php   | 13 ++++++++++---
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/src/public/action.php b/src/public/action.php
index 0484738..30bbd9e 100644
--- a/src/public/action.php
+++ b/src/public/action.php
@@ -234,6 +234,13 @@ switch (isset($_GET['target']) ? urldecode($_GET['target']) : false)
       $response->message = _('Could not init user session');
     }
 
+    // Get user
+    else if (!$user = $db->getUser($userId))
+    {
+      $response->success = false;
+      $response->message = _('Could not init user info');
+    }
+
     // Validate link
     if (empty($_GET['magnet']))
     {
@@ -266,7 +273,7 @@ switch (isset($_GET['target']) ? urldecode($_GET['target']) : false)
         // Init magnet
         if (Yggverse\Parser\Urn::parse($magnet->xt))
         {
-          if ($magnetId = $db->initMagnetId($userId,
+          if ($magnetId = $db->initMagnetId($user->userId,
                                             strip_tags($magnet->xt),
                                             strip_tags($magnet->xl),
                                             strip_tags($magnet->dn),
@@ -274,7 +281,7 @@ switch (isset($_GET['target']) ? urldecode($_GET['target']) : false)
                                             MAGNET_DEFAULT_PUBLIC,
                                             MAGNET_DEFAULT_COMMENTS,
                                             MAGNET_DEFAULT_SENSITIVE,
-                                            MAGNET_DEFAULT_APPROVED,
+                                            $user->approved ? true : MAGNET_DEFAULT_APPROVED,
                                             time()))
           {
             foreach ($magnet as $key => $value)
diff --git a/src/public/edit.php b/src/public/edit.php
index afd5b1f..947e736 100644
--- a/src/public/edit.php
+++ b/src/public/edit.php
@@ -131,6 +131,13 @@ else if (!$userId = $db->initUserId($_SERVER['REMOTE_ADDR'], USER_DEFAULT_APPROV
   $response->message = _('Could not init user session');
 }
 
+// Get user
+else if (!$user = $db->getUser($userId))
+{
+  $response->success = false;
+  $response->message = _('Could not init user info');
+}
+
 // Init magnet
 else if (!$magnet = $db->getMagnet(isset($_GET['magnetId']) ? (int) $_GET['magnetId'] : 0)) {
 
@@ -139,7 +146,7 @@ else if (!$magnet = $db->getMagnet(isset($_GET['magnetId']) ? (int) $_GET['magne
 }
 
 // Validate access
-else if (!($_SERVER['REMOTE_ADDR'] == $db->getUser($magnet->userId)->address || in_array($_SERVER['REMOTE_ADDR'], MODERATOR_IP_LIST))) {
+else if (!($user->address == $db->getUser($magnet->userId)->address || in_array($user->address, MODERATOR_IP_LIST))) {
 
   $response->success = false;
   $response->message = _('You have no permissions to edit this magnet!');
@@ -152,7 +159,7 @@ else {
   if (!empty($_POST)) {
 
     // Approve by moderation request
-    if (isset($_POST['approved']) && in_array($_SERVER['REMOTE_ADDR'], MODERATOR_IP_LIST))
+    if ($user->approved || (isset($_POST['approved']) && in_array($user->address, MODERATOR_IP_LIST)))
     {
       $db->updateMagnetApproved($magnet->magnetId, true, time());
     }
@@ -514,7 +521,7 @@ else {
                       <?php } ?>
                       <label class="margin-y-8" for="sensitive"><?php echo _('Sensitive') ?></label>
                     </div>
-                    <?php if (in_array($_SERVER['REMOTE_ADDR'], MODERATOR_IP_LIST)) { ?>
+                    <?php if (in_array($user->address, MODERATOR_IP_LIST)) { ?>
                       <div class="margin-b-8">
                         <?php if (MAGNET_DEFAULT_APPROVED) { ?>
                           <input type="checkbox" id="approved" name="approved" value="1" checked="checked" />