} else {
showmyerror('userdoesntexist');
}
}
if (sanitize($_GET["mode"], 3) == "killspam") {
// killspam user
// code to prevent CSRF
// doesn't matter if a token exists. if we're viewing this page, just
// create a new one or replace the existing.
$CSRF->create('admin_users_killspam', true, true);
// code to prevent CSRF
if (sanitize($_GET["user"], 3) == "god") {
echo "You can't killspam this user";
} else {
$user = $db->get_row('SELECT * FROM ' . table_users . ' where user_login="******"user"], 3) . '"');
canIChangeUser($user->user_level);
if ($user) {
// breadcrumbs and page titles
$navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel');
$navwhere['link1'] = getmyurl('admin', '');
$navwhere['text2'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel_1');
$navwhere['link2'] = my_pligg_base . "/admin/admin_users.php";
$navwhere['text3'] = $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_User_Killspam');
$main_smarty->assign('navbar_where', $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
// misc smarty
$main_smarty->assign('pagename', pagename);
$main_smarty->assign('user', sanitize($_GET["user"], 3));
$main_smarty->assign('id', sanitize($_GET["id"], 3));
// pagename
define('pagename', 'admin_users');
function killspam($id)
{
global $db;
require_once mnminclude . 'link.php';
require_once mnminclude . 'votes.php';
require_once mnminclude . 'tags.php';
$user = $db->get_row('SELECT * FROM ' . table_users . " where user_id={$id}");
if (!$user->user_id) {
return;
}
canIChangeUser($user->user_level);
$db->query('UPDATE `' . table_users . "` SET user_enabled=0, `user_pass` = '63205e60098a9758101eeff9df0912ccaaca6fca3e50cdce3', user_level = 'Spammer' WHERE `user_id` = {$id}");
$results = $db->get_results($sql = "SELECT comment_id, comment_link_id FROM `" . table_comments . "` WHERE `comment_user_id` = {$id}");
if ($results) {
foreach ($results as $result) {
$db->query($sql = 'UPDATE `' . table_comments . '` SET `comment_status` = "spam" WHERE `comment_id` = "' . $result->comment_id . '"');
$vars = array('comment_id' => $result->comment_id);
check_actions('comment_spam', $vars);
$link = new Link();
$link->id = $result->comment_link_id;
$link->read();
$link->recalc_comments();
$link->store();
}
}
ban_ip($user->user_ip, $user->user_lastip);
$results = $db->get_results("SELECT * FROM `" . table_groups . "` WHERE group_creator = '{$id}'");
if ($results) {
foreach ($results as $result) {
$db->query('DELETE FROM `' . table_group_member . '` WHERE member_group_id = ' . $result->group_id);
$db->query('DELETE FROM `' . table_group_shared . '` WHERE share_group_id = ' . $result->group_id);
}
}
$db->query("DELETE FROM `" . table_groups . "` WHERE group_creator = '{$id}'");
$results = $db->get_results("SELECT vote_id,vote_link_id FROM `" . table_votes . "` WHERE `vote_user_id` = {$id}");
if ($results) {
foreach ($results as $result) {
$db->query('DELETE FROM `' . table_votes . '` WHERE `vote_id` = "' . $result->vote_id . '"');
$link = new Link();
$link->id = $result->vote_link_id;
$link->read();
$vote = new Vote();
$vote->type = 'links';
$vote->link = $result->vote_link_id;
if (Voting_Method == 1) {
$link->votes = $vote->count();
$link->reports = $link->count_all_votes("<0");
} elseif (Voting_Method == 2) {
$link->votes = $vote->rating();
$link->votecount = $vote->count();
$link->reports = $link->count_all_votes("<0");
} elseif (Voting_Method == 3) {
$link->votes = $vote->count();
$link->karma = $vote->karma();
$link->reports = $link->count_all_votes("<0");
}
$link->store_basic();
$link->check_should_publish();
}
}
$results = $db->get_results($sql = "SELECT link_id, link_url FROM `" . table_links . "` WHERE `link_author` = {$id}");
global $USER_SPAM_RULESET, $FRIENDLY_DOMAINS;
$filename = mnmpath . $USER_SPAM_RULESET;
$lines = file($filename, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$approved = file(mnmpath . $FRIENDLY_DOMAINS, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
if ($results) {
foreach ($results as $result) {
if (preg_match('/:\\/\\/(www\\.)?([^\\/]+)(\\/|$)/', $result->link_url, $m)) {
$domain = strtoupper($m[2]) . "\n";
if (!in_array($domain, $lines) && !in_array($domain, $approved)) {
$lines[] = $domain;
$changed = 1;
}
}
$vars = array('link_id' => $result->link_id);
check_actions('story_spam', $vars);
}
}
if ($changed) {
if (is_writable($filename)) {
if ($handle = fopen($filename, 'w')) {
fwrite($handle, join("\n", $lines));
fclose($handle);
}
}
}
$db->query($sql = 'UPDATE `' . table_links . '` SET `link_status` = "spam" WHERE `link_author` = "' . $id . '"');
$db->query('DELETE FROM `' . table_saved_links . '` WHERE `saved_user_id` = "' . $id . '"');
$db->query('DELETE FROM `' . table_trackbacks . '` WHERE `trackback_user_id` = "' . $id . '"');
$db->query('DELETE FROM `' . table_friends . '` WHERE `friend_id` = "' . $id . '"');
$db->query('DELETE FROM `' . table_messages . "` WHERE `sender`={$id} OR `receiver`={$id}");
}
