Beispiel #1
0
/**
 * Filter profile fields by blacklist
 */
function community_spam_profile_blacklist()
{
    $blacklist = elgg_get_plugin_setting('profile_blacklist', 'community_spam_tools');
    $blacklist = explode(",", $blacklist);
    $blacklist = array_map('trim', $blacklist);
    foreach ($_REQUEST as $key => $value) {
        if (is_string($value)) {
            foreach ($blacklist as $word) {
                if (stripos($value, $word) !== false) {
                    ban_user(elgg_get_logged_in_user_guid(), "used '{$word}' on profile");
                    $user->automated_ban = true;
                    return false;
                }
            }
        }
    }
    // if the email address is a phrase, block
    $profile_fields = elgg_get_config('profile_fields');
    foreach ($profile_fields as $name => $type) {
        if ($type == 'email') {
            $value = get_input($name);
            if ($value && substr_count($value, ' ') > 1) {
                ban_user(elgg_get_logged_in_user_guid(), "Used multiple spaces in email field.");
                $user->automated_ban = true;
                return false;
            }
        }
    }
}
 /**
  * Ban this user.
  *
  * @param string $reason Optional reason
  */
 public function ban($reason = "")
 {
     return ban_user($this->guid, $reason);
 }
Beispiel #3
0
     /**
      * Include navigation
      */
     include $config['template_path'] . "navigation.php";
     /**
      * Include admin navigation
      */
     include $config['template_path'] . "admin/navigation.php";
     /**
      * Include admin settings page
      */
     include $config['template_path'] . "admin/settings.php";
 } else {
     if ($action == "users") {
         if (isset($_GET['ban'])) {
             $result = ban_user($_GET['ban']);
         } else {
             if (isset($_GET['unban'])) {
                 $result = unban_user($_GET['unban']);
             } else {
                 if (isset($_POST['edit'])) {
                     // User data
                     if (alpha($_GET['edit'], 'numeric')) {
                         $update_user_data = user_data($_GET['edit']);
                         // If no email we just don't update it.
                         if ($_POST['username'] != "") {
                             // Make sure we aren't just submitting the same email.
                             if ($_POST['username'] != $update_user_data['username']) {
                                 if (alpha($_POST['username'], 'alpha-underscore')) {
                                     update_user($update_user_data['id'], false, 'username', $_POST['username']);
                                 } else {
Beispiel #4
0
     $h->setProperty('id', $user_id);
     $sql_del = $h->del();
     if ($sql_del) {
         return true;
     }
     return false;
 }
 #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### ####
 #### Поехали ->
 //Del
 if (@$_REQUEST['act'] == "del") {
     del_user($_REQUEST['id']);
 }
 //Ban
 if (@$_REQUEST['act'] == "ban") {
     ban_user($_REQUEST['id'], $_REQUEST['time'] * 3600 * 24);
 }
 $db = get_user_list();
 echo '<p class="mes">Пользователи</p>';
 //View
 if (@$_REQUEST['act'] == 'view') {
     echo '<table border="0" cellpadding=1 cellspacing=1 valign=top >';
     foreach (get_profile($_REQUEST['id']) as $key => $value) {
         if ($key !== "password") {
             echo '
             <tr>
                     <td><p>[' . $key . '] </p></td><td><p> ' . $value . '</p></td>
             </tr>';
         }
     }
     echo '</table>';
Beispiel #5
0
/**
 * called on shutdown after a user has violated a limit
 * 
 * @return type
 */
function limit_exceeded()
{
    $params = elgg_get_config('spam_throttle_reasons');
    if (!is_array($params)) {
        return;
        // not sure what happened here
    }
    $created = $params['created'];
    $type = $params['type'];
    $since = date('Y-m-d g:ia', $params['since']);
    $user = elgg_get_logged_in_user_entity();
    if (!$user) {
        return;
    }
    $reporttime = (int) elgg_get_plugin_setting('reporttime', PLUGIN_ID);
    $time = time();
    $created_since = $time - $reporttime * 60 * 60;
    $params = array('types' => array('object'), 'subtypes' => array('reported_content'), 'owner_guids' => array($user->guid), 'created_time_lower' => $created_since);
    $reports = elgg_get_entities($params);
    $sendreport = true;
    foreach ($reports as $previousreport) {
        if ($previousreport->title == elgg_echo('spam_throttle')) {
            // we've already been reported
            $sendreport = false;
        }
    }
    if ($sendreport) {
        $report = new \ElggObject();
        $report->subtype = "reported_content";
        $report->owner_guid = $user->guid;
        $report->title = elgg_echo('spam_throttle');
        $report->address = $user->getURL();
        $report->description = elgg_echo('spam_throttle:reported', array($type, $created, $since));
        $report->access_id = ACCESS_PRIVATE;
        $report->state = 'active';
        $report->save();
    }
    $consequence = elgg_get_plugin_setting($type . '_consequence', PLUGIN_ID);
    switch ($consequence) {
        case "nothing":
            break;
        case "suspend":
            $suspensiontime = elgg_get_plugin_setting('suspensiontime', PLUGIN_ID);
            $user->spam_throttle_suspension = time() + 60 * 60 * $suspensiontime;
            register_error(elgg_echo('spam_throttle:suspended', array($suspensiontime, '0')));
            break;
        case "ban":
            $ia = elgg_set_ignore_access(true);
            ban_user($user->guid, elgg_echo('spam_throttle:banned'));
            elgg_set_ignore_access($ia);
            logout();
            register_error(elgg_echo('spam_throttle:banned'));
            forward();
            break;
        case "delete":
            logout();
            sleep(2);
            // prevent a race condition before deleting them
            $ia = elgg_set_ignore_access(true);
            $user->delete();
            elgg_set_ignore_access($ia);
            register_error(elgg_echo('spam_throttle:deleted'));
            break;
        default:
            break;
    }
}
Beispiel #6
0
    // not confirmed
    register_error(elgg_echo('member_selfdelete:invalid:confirmation'));
    forward(REFERER);
}
if (!empty($reason)) {
    // they gave some feedback - log it
    $prefix = "Username: "******"<br> Reason for leaving: <br>";
    // annotate the site, set the owner_guid to -9999
    create_annotation(elgg_get_logged_in_user_entity()->site_guid, 'selfdeletefeedback', $prefix . $reason, 'text', elgg_get_site_entity()->guid, ACCESS_PRIVATE);
    system_message(elgg_echo('member_selfdelete:feedback:thanks'));
}
$user = elgg_get_logged_in_user_entity();
switch ($method) {
    case "ban":
        // just bans the user
        ban_user($user->guid, elgg_echo('member_selfdelete:self:banned'));
        logout();
        session_regenerate_id(true);
        system_message(elgg_echo('member_selfdelete:action:banned'));
        break;
    case "anonymize":
        // rename display name to inactive
        $user->name = elgg_echo('member_selfdelete:inactive:user');
        // reset avatar to system default
        unset($user->icontime);
        // delete all metadata on the user - all profile fields etc.
        // includes anything set by any other plugins
        // essentially resets to clean user
        $metadata = elgg_get_metadata(array('guid' => $user->guid, 'limit' => false));
        if (is_array($metadata)) {
            foreach ($metadata as $data) {
Beispiel #7
0
<?php

if (isset($_POST["user_to_ban"])) {
    if (!isset($_POST["ban_reason"])) {
        apologize("Must provide a reason for the ban.");
    }
    if (ban_user($_POST["user_to_ban"], $_POST["ban_reason"]) === false) {
        apologize("Something went wrong.");
    }
} elseif (isset($_POST["user_to_unban"])) {
    if (!isset($_POST["unban_reason"])) {
        apologize("Must provide a reason for the ban.");
    }
    if (unban_user($_POST["user_to_unban"], $_POST["unban_reason"]) === false) {
        apologize("Something went wrong.");
    }
}
// assoc array
$bans = get_site_bans();
render_mult(["admin_common.php", "user_bans.php"], ["title" => $title . " - Banned users", "bans" => $bans]);
<?php

session_start();
include '../m/m.conn_pdo.php';
include '../fonction/fonctions.utilisateur.php';
$allowed = array(3, 7);
if (isset($_SESSION['utilisateur']['id_utilisateur']) && in_array($_SESSION['utilisateur']['id_utilisateur'], $allowed)) {
    ban_user($_GET['id_utilisateur'], $bdd);
    // Envoie email. "You have been banned by the staff"
}
header('location: ' . $_SERVER[HTTP_REFERER] . '');
        }
        $sql = "UPDATE ttf_user SET perm='user' WHERE user_id='{$user_id}'";
        if (!($result = mysql_query($sql))) {
            showerror();
        } else {
            $messages[] = $user["username"] . " is now unbanned.";
        }
    } else {
        if ($user["perm"] != 'banned') {
            $messages[] = "<span class=\"error\">This user is not banned.</span>";
        } else {
            $messages[] = "<span class=\"error\">This user is invalid.</span>";
        }
    }
    return $messages;
}
if ($_GET["action"] == "ban") {
    message($ttf_label, $ttf_msg["resultstitl"], ban_user($user_id));
} else {
    if ($_GET["action"] == "unban") {
        message($ttf_label, $ttf_msg["resultstitl"], unban_user($user_id));
    } else {
        message($ttf_label, $ttf_msg["fatal_error"], $ttf_msg["noactnspec"]);
    }
}
///////////////////////////////////////////////////////////////////////////////
//
// this is a mess.. clean it up!
//
///////////////////////////////////////////////////////////////////////////////
require_once "include_footer.php";