}
} else {
$user_ban = retrieve(POST, 'user_ban', '', TSTRING_UNCHANGE);
$user_ban = $user_ban > 0 ? time() + $user_ban : 0;
if ($valid_user && !empty($id_get)) {
try {
$info_mbr = PersistenceContext::get_querier()->select_single_row(DB_TABLE_MEMBER, array('user_id', 'display_name', 'warning_percentage', 'email'), 'WHERE user_id=:id', array('id' => $id_get));
} catch (RowNotFoundException $e) {
$error_controller = PHPBoostErrors::unexisting_element();
DispatchManager::redirect($error_controller);
}
MemberSanctionManager::banish($id_get, $user_ban, MemberSanctionManager::SEND_MAIL);
if ($user_ban == 0 && $info_mbr['warning_percentage'] == 100) {
MemberSanctionManager::remove_write_permissions($id_get, 90, MemberSanctionManager::NO_SEND_CONFIRMATION);
}
SessionData::recheck_cached_data_from_user_id($user_id);
AppContext::get_response()->redirect(UserUrlBuilder::moderation_panel('ban'));
}
$moderation_panel_template->put_all(array('C_MODO_PANEL_USER' => true, 'L_ACTION_INFO' => $LANG['ban_management'], 'L_LOGIN' => LangLoader::get_message('display_name', 'user-common'), 'L_INFO_MANAGEMENT' => $LANG['ban_management'], 'U_XMLHTTPREQUEST' => 'ban_user', 'U_ACTION' => UserUrlBuilder::moderation_panel('ban')->rel() . '&token=' . AppContext::get_session()->get_token()));
if (empty($id_get)) {
if ($search_member) {
$login = retrieve(POST, 'login_mbr', '');
$user_id = PersistenceContext::get_querier()->get_column_value(DB_TABLE_MEMBER, 'user_id', 'WHERE display_name LIKE :name', array('name' => '%' . $login . '%'));
if (!empty($user_id) && !empty($login)) {
AppContext::get_response()->redirect(UserUrlBuilder::moderation_panel('ban', $user_id));
} else {
AppContext::get_response()->redirect(UserUrlBuilder::moderation_panel('ban'));
}
}
$moderation_panel_template->put_all(array('C_MODO_PANEL_USER_LIST' => true, 'L_PM' => $LANG['user_contact_pm'], 'L_INFO' => $LANG['user_ban_until'], 'L_ACTION_USER' => $LANG['ban_management'], 'L_PROFILE' => LangLoader::get_message('profile', 'user-common'), 'L_SEARCH_USER' => $LANG['search_member'], 'L_SEARCH' => $LANG['search'], 'L_REQUIRE_LOGIN' => $LANG['require_pseudo']));
$i = 0;
/**
* @desc Deletes a private message, until the recipient has not read it.
* @param int $pm_to
* @param int $pm_idmsg
* @param int $pm_idconvers
* @return int The previous message id.
*/
public static function delete($pm_to, $pm_idmsg, $pm_idconvers)
{
//Suppression du message.
self::$db_querier->delete(DB_TABLE_PM_MSG, 'WHERE id = :id AND idconvers = :idconvers', array('id' => $pm_idmsg, 'idconvers' => $pm_idconvers));
$pm_max_id = self::$db_querier->get_column_value(DB_TABLE_PM_MSG, 'MAX(id)', 'WHERE idconvers = :idconvers', array('idconvers' => $pm_idconvers));
$pm_last_msg = self::$db_querier->select_single_row(DB_TABLE_PM_MSG, array('user_id', 'timestamp'), 'WHERE id=:id', array('id' => $pm_max_id));
if (!empty($pm_max_id)) {
//Mise à jour de la conversation.
$user_view_pm = self::$db_querier->get_column_value(DB_TABLE_PM_TOPIC, 'user_view_pm', 'WHERE id = :id', array('id' => $pm_idconvers));
self::$db_querier->inject("UPDATE " . DB_TABLE_PM_TOPIC . " SET nbr_msg = nbr_msg - 1, user_view_pm = '" . ($user_view_pm - 1) . "', last_user_id = '" . $pm_last_msg['user_id'] . "', last_msg_id = '" . $pm_max_id . "', last_timestamp = '" . $pm_last_msg['timestamp'] . "' WHERE id = '" . $pm_idconvers . "'");
//Mise à jour du compteur de mp du destinataire.
self::$db_querier->inject("UPDATE " . DB_TABLE_MEMBER . " SET unread_pm = unread_pm - 1 WHERE user_id = '" . $pm_to . "'");
}
SessionData::recheck_cached_data_from_user_id($pm_to);
return $pm_max_id;
}
private function save(HTTPRequestCustom $request)
{
$has_error = false;
$user_id = $this->user->get_id();
if ($this->form->get_value('delete_account')) {
UserService::delete_by_id($user_id);
} else {
$approbation = $this->internal_auth_infos['approved'];
if (AppContext::get_current_user()->is_admin()) {
$old_approbation = $approbation;
$approbation = $this->form->get_value('approbation');
$groups = array();
foreach ($this->form->get_value('groups') as $field => $option) {
$groups[] = $option->get_raw_value();
}
GroupsService::edit_member($user_id, $groups);
$this->user->set_groups($groups);
$this->user->set_level($this->form->get_value('rank')->get_raw_value());
}
if ($this->form->has_field('theme')) {
$this->user->set_theme($this->form->get_value('theme')->get_raw_value());
}
$this->user->set_locale($this->form->get_value('lang')->get_raw_value());
$this->user->set_display_name($this->form->get_value('display_name'));
$this->user->set_email($this->form->get_value('email'));
$this->user->set_locale($this->form->get_value('lang')->get_raw_value());
$this->user->set_editor($this->form->get_value('text-editor')->get_raw_value());
$this->user->set_show_email(!$this->form->get_value('user_hide_mail'));
$this->user->set_timezone($this->form->get_value('timezone')->get_raw_value());
try {
UserService::update($this->user, $this->member_extended_fields_service);
} catch (MemberExtendedFieldErrorsMessageException $e) {
$has_error = true;
$this->tpl->put('MSG', MessageHelper::display($e->getMessage(), MessageHelper::NOTICE));
}
$login = $this->form->get_value('email');
if ($this->form->get_value('custom_login', false)) {
$login = $this->form->get_value('login');
}
$password = $this->form->get_value('password');
if ($this->internal_auth_infos === null && !empty($password)) {
$authentication_method = new PHPBoostAuthenticationMethod($login, $password);
AuthenticationService::associate($authentication_method, $user_id);
} elseif (!empty($password)) {
$old_password = $this->form->get_value('old_password');
if (!empty($old_password)) {
$old_password_hashed = KeyGenerator::string_hash($old_password);
if ($old_password_hashed == $this->internal_auth_infos['password']) {
PHPBoostAuthenticationMethod::update_auth_infos($user_id, $login, $approbation, KeyGenerator::string_hash($password));
$has_error = false;
} else {
$has_error = true;
$this->tpl->put('MSG', MessageHelper::display($this->lang['profile.edit.password.error'], MessageHelper::NOTICE));
}
}
} else {
PHPBoostAuthenticationMethod::update_auth_infos($user_id, $login, $approbation);
}
if (AppContext::get_current_user()->is_admin()) {
if ($old_approbation != $approbation && $old_approbation == 0) {
//Recherche de l'alerte correspondante
$matching_alerts = AdministratorAlertService::find_by_criteria($user_id, 'member_account_to_approbate');
//L'alerte a été trouvée
if (count($matching_alerts) == 1) {
$alert = $matching_alerts[0];
$alert->set_status(AdministratorAlert::ADMIN_ALERT_STATUS_PROCESSED);
AdministratorAlertService::save_alert($alert);
$site_name = GeneralConfig::load()->get_site_name();
$subject = StringVars::replace_vars($this->user_lang['registration.subject-mail'], array('site_name' => $site_name));
$content = StringVars::replace_vars($this->user_lang['registration.email.mail-administrator-validation'], array('pseudo' => $this->user->get_display_name(), 'site_name' => $site_name, 'signature' => MailServiceConfig::load()->get_mail_signature()));
AppContext::get_mail_service()->send_from_properties($this->user->get_email(), $subject, $content);
}
}
$user_warning = $this->form->get_value('user_warning')->get_raw_value();
if (!empty($user_warning) && $user_warning != $this->user->get_warning_percentage()) {
MemberSanctionManager::caution($user_id, $user_warning, MemberSanctionManager::SEND_MP, str_replace('%level%', $user_warning, LangLoader::get_message('user_warning_level_changed', 'main')));
} elseif (empty($user_warning)) {
MemberSanctionManager::cancel_caution($user_id);
}
$user_readonly = $this->form->get_value('user_readonly')->get_raw_value();
if (!empty($user_readonly) && $user_readonly != $this->user->get_delay_readonly()) {
MemberSanctionManager::remove_write_permissions($user_id, time() + $user_readonly, MemberSanctionManager::SEND_MP, str_replace('%date%', $this->form->get_value('user_readonly')->get_label(), LangLoader::get_message('user_readonly_changed', 'main')));
} elseif (empty($user_readonly)) {
MemberSanctionManager::restore_write_permissions($user_id);
}
$user_ban = $this->form->get_value('user_ban')->get_raw_value();
if (!empty($user_ban) && $user_ban != $this->user->get_delay_banned()) {
MemberSanctionManager::banish($user_id, time() + $user_ban, MemberSanctionManager::SEND_MAIL);
} elseif ($user_ban != $this->user->get_delay_banned()) {
MemberSanctionManager::cancel_banishment($user_id);
}
}
SessionData::recheck_cached_data_from_user_id($user_id);
}
if (!$has_error) {
AppContext::get_response()->redirect($request->get_url_referrer() ? $request->get_url_referrer() : UserUrlBuilder::edit_profile($user_id), $this->lang['user.message.success.edit']);
}
}
try {
$convers = PersistenceContext::get_querier()->select_single_row(DB_TABLE_PM_TOPIC, array('id', 'title', 'user_id', 'user_id_dest', 'nbr_msg', 'last_msg_id', 'last_user_id', 'user_view_pm'), 'WHERE id = :id AND :user_id IN (user_id, user_id_dest)', array('id' => $pm_id_get, 'user_id' => $current_user->get_id()));
} catch (RowNotFoundException $e) {
$error_controller = PHPBoostErrors::unexisting_element();
DispatchManager::redirect($error_controller);
}
//Vérification des autorisations.
if (empty($convers['id']) || $convers['user_id'] != $current_user->get_id() && $convers['user_id_dest'] != $current_user->get_id()) {
$error_controller = PHPBoostErrors::unexisting_page();
DispatchManager::redirect($error_controller);
}
if ($convers['user_view_pm'] > 0 && $convers['last_user_id'] != $current_user->get_id()) {
PersistenceContext::get_querier()->update(DB_TABLE_MEMBER, array('unread_pm' => 'unread_pm - ' . (int) $convers['user_view_pm']), 'WHERE user_id = :id', array('id' => $current_user->get_id()));
PersistenceContext::get_querier()->update(DB_TABLE_PM_TOPIC, array('user_view_pm' => 0), 'WHERE id = :id', array('id' => $pm_id_get));
PersistenceContext::get_querier()->update(DB_TABLE_PM_MSG, array('view_status' => 1), 'WHERE idconvers = :id AND user_id <> :user_id', array('id' => $convers['id'], 'user_id' => $current_user->get_id()));
SessionData::recheck_cached_data_from_user_id($current_user->get_id());
}
//On crée une pagination si le nombre de MP est trop important.
$page = AppContext::get_request()->get_getint('p', 1);
$pagination = new ModulePagination($page, $convers['nbr_msg'], $_NBR_ELEMENTS_PER_PAGE);
$pagination->set_url(new Url('/user/pm.php?id=' . $pm_id_get . '&p=%d'));
if ($pagination->current_page_is_empty() && $page > 1) {
$error_controller = PHPBoostErrors::unexisting_page();
DispatchManager::redirect($error_controller);
}
$tpl->assign_block_vars('pm', array('C_PAGINATION' => $pagination->has_several_pages(), 'PAGINATION' => $pagination->display(), 'U_PM_BOX' => '<a href="pm.php' . '">' . $LANG['pm_box'] . '</a>', 'U_TITLE_CONVERS' => '<a href="pm' . url('.php?id=' . $pm_id_get, '-0-' . $pm_id_get . '.php') . '">' . $convers['title'] . '</a>'));
$tpl->put_all(array('L_REQUIRE_MESSAGE' => $LANG['require_text'], 'L_REQUIRE_TITLE' => $LANG['require_title'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_PRIVATE_MESSAGE' => $LANG['private_message'], 'L_RESPOND' => $LANG['respond'], 'L_SUBMIT' => $LANG['submit'], 'L_PREVIEW' => $LANG['preview'], 'L_EDIT' => LangLoader::get_message('edit', 'common'), 'L_DELETE' => LangLoader::get_message('delete', 'common'), 'L_RESET' => $LANG['reset']));
//Message non lu par autre membre que user_id view_status => 0.
//Message lu par autre membre que user_id view_status => 1.
$is_guest_in_convers = false;
$page = retrieve(GET, 'p', 0);
/**
* @desc Update user
* @param User $user
* @param string $condition the SQL condition update user
* @param array $parameters
*/
public static function update(User $user, $extended_fields = null)
{
$condition = 'WHERE user_id=:user_id';
$parameters = array('user_id' => $user->get_id());
self::$querier->update(DB_TABLE_MEMBER, array('display_name' => TextHelper::htmlspecialchars($user->get_display_name()), 'level' => $user->get_level(), 'groups' => implode('|', $user->get_groups()), 'email' => $user->get_email(), 'show_email' => (int) $user->get_show_email(), 'locale' => $user->get_locale(), 'timezone' => $user->get_timezone(), 'theme' => $user->get_theme(), 'editor' => $user->get_editor()), $condition, $parameters);
if ($extended_fields !== null) {
if ($extended_fields instanceof MemberExtendedFieldsService) {
$fields_data = $extended_fields->get_data($user->get_id());
} elseif (is_array($extended_fields)) {
$fields_data = $extended_fields;
} else {
$fields_data = array();
}
self::$querier->update(DB_TABLE_MEMBER_EXTENDED_FIELDS, $fields_data, $condition, $parameters);
}
SessionData::recheck_cached_data_from_user_id($user->get_id());
self::regenerate_cache();
}
