ora gestisce anche la tabella Blacklist

web/site/mustard/edinstres.php

@@ -25,10 +25,11 @@ if (!array_key_exists('id',$_POST) || !array_key_exists('OurDesc',$_POST) || !ar
 
 if (preg_match('/^[0-9]+$/',$_POST['id'])===1) {
 	$instid=$_POST['id']+0;
-	$res=mysqli_query($link,'SELECT ID FROM Instances WHERE ID='.$instid)
+	$res=mysqli_query($link,'SELECT *, ID AS IID FROM Instances WHERE ID='.$instid)
 		or muoribene(__LINE__.': '.mysqli_error($link),true);
 	if (mysqli_num_rows($res)!=1)
 		muoribene(__LINE__.': There is no instance with ID='.$instid.'.');
+	$inst=mysqli_fetch_assoc($res);
 } else {
 	muoribene(__LINE__.': Malformed input.',true);
 }
@@ -39,7 +40,27 @@ if ($account['Level']=='guest' && !in_array($_POST['id'],$account['Insts']))
 $que='UPDATE Instances SET ';
 
 if ($account['Level']!='guest') {
-	(array_key_exists('Blacklisted',$_POST) && $_POST['Blacklisted']=='on') ? $sets[]='Blacklisted=1' : $sets[]='Blacklisted=0';
+	if (array_key_exists('Blacklisted',$_POST) && $_POST['Blacklisted']=='on') {
+		$inst['Blacklisted']=1;
+		$sets[]='Blacklisted=1';
+		$res=mysqli_query($link,'SELECT * FROM Blacklist WHERE Domain="'.myesc($link,$inst['URI']).'"')
+			or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
+		$now=microtime(true);
+		if (mysqli_num_rows($res)==1) {
+			mysqli_query($link,'UPDATE Blacklist SET ModifiedAt='.$now.' WHERE Domain="'.myesc($link,$inst['URI']).'"')
+				or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
+		} elseif (mysqli_num_rows($res)==0) {
+			mysqli_query($link,'INSERT INTO Blacklist SET Domain="'.myesc($link,$inst['URI']).'", CreatedAt='.$now.', ModifiedAt='.$now.', Severity=1, RejectMedia=0, RejectReports=0, PrivateComment=NULL, PublicComment=NULL')
+				or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
+		} else {
+			muoribene($line.':'.__LINE__.': Ci sta più di una istanza con dominio=«'.$inst['URI'].'» nella tabella Blacklist.',true);
+		}
+	} else {
+		$inst['Blacklisted']=0;
+		$sets[]='Blacklisted=0';
+		mysqli_query($link,'DELETE FROM Blacklist WHERE DOMAIN = "'.myesc($link,$inst['URI']).'"')
+			or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
+	}
 	(array_key_exists('New',$_POST) && $_POST['New']=='on') ? $sets[]='New=1' : $sets[]='New=0';
 	(array_key_exists('Chosen',$_POST) && $_POST['Chosen']=='on') ? $sets[]='Chosen=1' : $sets[]='Chosen=0';
 	(array_key_exists('Visible',$_POST) && $_POST['Visible']=='on') ? $sets[]='Visible=1' : $sets[]='Visible=0';
@@ -102,9 +123,6 @@ multi($link,$instid,$dbg,'ChosenFinModes','InstFinancing','FinID',__LINE__);
 multi($link,$instid,$dbg,'ChosenPolicies','InstPolicies','PolID',__LINE__);
 multi($link,$instid,$dbg,'ChosenTags','InstTags','TagID',__LINE__);
 
-$res=mysqli_query($link,'SELECT *, ID AS IID FROM Instances WHERE ID='.$instid)
-	or muoribene(__LINE__.': '.mysqli_error($link),true);
-$inst=mysqli_fetch_assoc($res);
 require('include/columns.php');
 require('include/dispinst.php');
 $out=dispinst($inst,$cols,$link,$dlang,$account,false,0,0);